2017-11-10 17:02:59 +00:00
|
|
|
<?php
|
2017-11-17 01:51:03 +00:00
|
|
|
/** @license MIT
|
|
|
|
* Copyright 2017 J. King, Dustin Wilson et al.
|
|
|
|
* See LICENSE and AUTHORS files for details */
|
|
|
|
|
2017-11-10 17:02:59 +00:00
|
|
|
declare(strict_types=1);
|
|
|
|
namespace JKingWeb\Arsse\REST\TinyTinyRSS;
|
|
|
|
|
|
|
|
use JKingWeb\Arsse\Arsse;
|
2020-11-06 15:27:30 +00:00
|
|
|
use JKingWeb\Arsse\Db\ExceptionInput;
|
2018-01-05 04:08:53 +00:00
|
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
2020-01-20 15:40:05 +00:00
|
|
|
use Laminas\Diactoros\Response\EmptyResponse as Response;
|
2017-11-10 17:02:59 +00:00
|
|
|
|
|
|
|
class Icon extends \JKingWeb\Arsse\REST\AbstractHandler {
|
|
|
|
public function __construct() {
|
|
|
|
}
|
|
|
|
|
2018-01-05 04:08:53 +00:00
|
|
|
public function dispatch(ServerRequestInterface $req): ResponseInterface {
|
2018-10-26 18:40:20 +00:00
|
|
|
if ($req->getAttribute("authenticated", false)) {
|
|
|
|
// if HTTP authentication was successfully used, set the expected user ID
|
|
|
|
Arsse::$user->id = $req->getAttribute("authenticatedUser");
|
|
|
|
} elseif ($req->getAttribute("authenticationFailed", false) || Arsse::$conf->userHTTPAuthRequired) {
|
|
|
|
// otherwise if HTTP authentication failed or did not occur when it is required, deny access at the HTTP level
|
|
|
|
return new Response(401);
|
|
|
|
}
|
2019-01-11 15:38:06 +00:00
|
|
|
if ($req->getMethod() !== "GET") {
|
2017-11-10 17:02:59 +00:00
|
|
|
// only GET requests are allowed
|
2018-01-04 04:13:08 +00:00
|
|
|
return new Response(405, ['Allow' => "GET"]);
|
2018-01-05 04:08:53 +00:00
|
|
|
} elseif (!preg_match("<^(\d+)\.ico$>", $req->getRequestTarget(), $match) || !((int) $match[1])) {
|
2017-11-10 17:02:59 +00:00
|
|
|
return new Response(404);
|
|
|
|
}
|
2020-11-06 15:27:30 +00:00
|
|
|
try {
|
2021-01-26 18:44:44 +00:00
|
|
|
$url = Arsse::$db->subscriptionIcon(Arsse::$user->id ?? null, (int) $match[1], false)['url'] ?? null;
|
2020-11-06 15:27:30 +00:00
|
|
|
if (!$url) {
|
|
|
|
return new Response(404);
|
|
|
|
}
|
2017-11-30 03:42:50 +00:00
|
|
|
if (($pos = strpos($url, "\r")) !== false || ($pos = strpos($url, "\n")) !== false) {
|
2017-11-10 17:02:59 +00:00
|
|
|
$url = substr($url, 0, $pos);
|
|
|
|
}
|
2018-01-04 04:13:08 +00:00
|
|
|
return new Response(301, ['Location' => $url]);
|
2020-11-06 15:27:30 +00:00
|
|
|
} catch (ExceptionInput $e) {
|
2017-11-10 17:02:59 +00:00
|
|
|
return new Response(404);
|
|
|
|
}
|
|
|
|
}
|
2017-11-30 03:42:50 +00:00
|
|
|
}
|