1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
quickway.php
См. документацию.
1<?php
2
3if (!empty($_GET['ts']) && $_GET['ts'] === 'bxviewer')
4{
5 return;
6}
7
8if (!empty($_GET['_gen']))
9{
10 return;
11}
12
13$encryptedData = $_GET['_esd'] ?? null;
14if (empty($encryptedData))
15{
16 return;
17}
18
19if (str_starts_with($_SERVER['SCRIPT_NAME'], '/mobile/ajax.php'))
20{
21 return;
22}
23
24function readConfig(): ?array
25{
28 $settingsPath = $_SERVER['DOCUMENT_ROOT'] . '/bitrix/.settings.php';
29 $settingsExtraPath = $_SERVER['DOCUMENT_ROOT'] . '/bitrix/.settings_extra.php';
30
31 $settings = include($settingsPath);
32 if (empty($settings) || (is_array($settings) === false))
33 {
34 $settings = [];
35 }
36
37 if (file_exists($settingsExtraPath))
38 {
39 $settingsExtra = include($settingsExtraPath);
40 if (is_array($settingsExtra) && !empty($settingsExtra))
41 {
42 foreach ($settingsExtra as $k => $v)
43 {
44 $settings[$k] = $v;
45 }
46 }
47 }
48
51 if (empty($settings['main.token_service']['value']['storage']))
52 {
53 return null;
54 }
55
56 if (!is_array($settings['main.token_service']['value']['storage']))
57 {
58 return null;
59 }
60
61 if (empty($settings['main.token_service']['value']['key']))
62 {
63 return null;
64 }
65
66 return $settings['main.token_service']['value'];
67}
68
69$config = readConfig();
70if (!$config)
71{
72 return null;
73}
74
75function isValidSign(string $key, string $signedUserToken): bool
76{
77 $parts = explode('.', $signedUserToken, 2);
78 if (count($parts) !== 2)
79 {
80 return false;
81 }
82
83 [$message, $signature] = $parts;
84 if (empty($message) || empty($signature))
85 {
86 return false;
87 }
88
89 $key = hash('sha512', $key);
90 $expectedSignature = bin2hex(hash_hmac('sha256', $message, $key, true));
91
92 return hash_equals($expectedSignature, $signature);
93}
94
95function getMemcacheStorage(array $config): ?\Memcache
96{
97 if (!extension_loaded('memcache'))
98 {
99 return null;
100 }
101
102 $connection = new \Memcache();
103 $result = $connection->pconnect($config['host'], $config['port'], 3);
104
105 return $result ? $connection : null;
106}
107
108function getRedisStorage(array $config): ?\Redis
109{
110 if (!extension_loaded('redis'))
111 {
112 return null;
113 }
114
115 $connection = new \Redis();
116
117 $params = [
118 $config['host'],
119 $config['port'],
120 $config['timeout'] ?? 0,
121 null,
122 0,
123 $config['readTimeout'] ?? 0
124 ];
125
126 $result = $connection->pconnect(...$params);
127
128 if ($result)
129 {
130 if (isset($config['compression']) || defined('\Redis::COMPRESSION_LZ4'))
131 {
132 $connection->setOption(\Redis::OPT_COMPRESSION, $config['compression'] ?? \Redis::COMPRESSION_LZ4);
133 $connection->setOption(\Redis::OPT_COMPRESSION_LEVEL, $config['compression_level'] ?? \Redis::COMPRESSION_ZSTD_MAX);
134 }
135
136 if (isset($config['serializer']) || defined('\Redis::SERIALIZER_IGBINARY'))
137 {
138 $connection->setOption(\Redis::OPT_SERIALIZER, $config['serializer'] ?? \Redis::SERIALIZER_IGBINARY);
139 }
140 }
141
142 return $result ? $connection : null;
143}
144
145function getStorage(array $config): \Memcache|\Redis|null
146{
147 if ($config['type'] === 'redis')
148 {
149 return getRedisStorage($config);
150 }
151
152 if ($config['type'] === 'memcache')
153 {
154 return getMemcacheStorage($config);
155 }
156
157 return null;
158}
159
164function hasScope(
165 string $prefix,
166 string $userToken,
167 string $scope,
168 \Redis|\Memcache $storage
169): bool
170{
171 if (empty($scope))
172 {
173 return false;
174 }
175 $key = "{$prefix}userScopes:{$userToken}";
176 if ($storage instanceof \Redis)
177 {
178 $expirationTime = $storage->zScore($key, $scope);
179 if (!$expirationTime)
180 {
181 return false;
182 }
183
184 if ($expirationTime <= time())
185 {
186 return false;
187 }
188
189 return true;
190 }
191 else
192 {
193 $storedScopes = $storage->get($key);
194 if (empty($storedScopes) || !is_string($storedScopes))
195 {
196 return false;
197 }
198 $storedScopes = decodeJson($storedScopes);
199 if ($storedScopes[$scope] < time())
200 {
201 return false;
202 }
203
204 return true;
205 }
206}
207
208function decodeJson(string $data): array
209{
210 return json_decode($data, true, 64) ?: [];
211}
212
213function decryptData(string $data, string $key): ?array
214{
215 $data = base64_decode($data, true);
216 if ($data === false)
217 {
218 return null;
219 }
220
221 $cipherAlgorithm = 'aes-256-ctr';
222 $hashAlgorithm = 'sha256';
223
224 $ivLength = openssl_cipher_iv_length($cipherAlgorithm);
225 $iv = substr($data, 0, $ivLength);
226 $raw = substr($data, $ivLength);
227
228 $keyHash = openssl_digest($iv . $key, $hashAlgorithm, true);
229 $decrypted = openssl_decrypt($raw, $cipherAlgorithm, $keyHash, OPENSSL_RAW_DATA, $iv);
230
231 if ($decrypted === false)
232 {
233 return null;
234 }
235
236 $hashPart = substr($decrypted, 0, strlen($keyHash));
237 $result = substr($decrypted, strlen($keyHash));
238 $checkHash = openssl_digest($result, $hashAlgorithm, true);
239
240 if ($hashPart !== $checkHash)
241 {
242 return null;
243 }
244
245 return decodeJson($result);
246}
247
248$cookiePrefix = $config['cookiePrefix'] ?? 'BITRIX_SM';
249
251$signedUserToken = $_COOKIE["{$cookiePrefix}_DTOKEN"] ?? null;
252if (empty($signedUserToken))
253{
254 return;
255}
256
257$key = $config['key'];
258
259if (isValidSign($key, $signedUserToken) === false)
260{
261 return;
262}
263
264$decryptedData = decryptData($encryptedData, $key);
265if (empty($decryptedData))
266{
267 return;
268}
269
270$storage = getStorage($config['storage']);
271if (!$storage)
272{
273 return;
274}
275
276$userToken = explode('.', $signedUserToken, 2)[0];
277
278if (!hasScope($config['storage']['keyPrefix'], $userToken, $decryptedData['scope'], $storage))
279{
280 return;
281}
282
284$fileInfoKey = "{$config['storage']['keyPrefix']}file:{$decryptedData['fileId']}";
285$storedData = $storage->get($fileInfoKey);
286if (empty($storedData))
287{
288 return;
289}
290
291try
292{
293 $storedData = json_decode($storedData, true, 3, JSON_THROW_ON_ERROR);
294}
295catch (\JsonException $e)
296{
297 return;
298}
299
300$accelRedirectPath = $storedData['path'];
301$contentType = $storedData['contentType'];
302$expirationTime = $storedData['expirationTime'];
303$dir = $storedData['dir'];
304$bFileId = $storedData['id'];
305$fileName = $storedData['filename'];
306$attachmentName = $decryptedData['l'] ?? null;
307
308if (time() > $expirationTime)
309{
310 return;
311}
312
313$requestedWidth = isset($_GET['width']) ? (int)$_GET['width'] : 0;
314$requestedHeight = isset($_GET['height']) ? (int)$_GET['height'] : 0;
315$originalWidth = (int)$storedData['width'] ?: 0;
316$originalHeight = (int)$storedData['height'] ?: 0;
317
318// Resize the image only if a smaller version than the original is needed.
319if (
320 $requestedWidth > 0 && $requestedHeight > 0
321 && ($requestedWidth < $originalWidth || $requestedHeight < $originalHeight)
322)
323{
324 $exact = $_GET['exact'] === 'Y' ? 2 : 1;
325
326 if (empty($storedData['handlerId']))
327 {
328 $resizeDir = "{$requestedWidth}_{$requestedHeight}_{$exact}";
329 $accelRedirectPath = "/upload/resize_cache/x/{$dir}/{$resizeDir}/{$fileName}";
330 }
331 else
332 {
333 $encodedDir = rawurlencode($dir);
334 $delimiterPosition = strpos($accelRedirectPath, $encodedDir);
335 if ($delimiterPosition === false)
336 {
337 return;
338 }
339
340 $partBeforeDir = substr($accelRedirectPath, 0, $delimiterPosition);
341 $dirAndRest = substr($accelRedirectPath, $delimiterPosition);
342 $defaultResizeFilter = [
343 ['width' => $requestedWidth, 'height' => $requestedHeight],
344 $exact,
345 [],
346 false,
347 [0 => ['name' => 'sharpen', 'precision' => 15]],
348 true
349 ];
350 $resizeDir = md5(serialize($defaultResizeFilter));
351
352 $accelRedirectPath = $partBeforeDir . rawurlencode("resize_cache/{$bFileId}/{$resizeDir}/") . $dirAndRest;
353 $accelRedirectPath = '/upload/resize_cache/c' . $accelRedirectPath;
354 }
355}
356
357header('X-Accel-Buffering: no');
358header('X-Accel-Redirect: ' . $accelRedirectPath);
359header('Content-Type: ' . $contentType);
360if ($attachmentName)
361{
362 $urlEncodedName = rawurlencode($attachmentName);
363 header("X-CD-Info: attachment; filename*=utf-8''{$urlEncodedName}");
364}
365header('X-Gen-Src: ' . $_SERVER['REQUEST_URI'] . '&_gen=1');
366
367die;
$connection
$connection
Определения actionsdefinitions.php:38
$data
$data['IS_AVAILABLE']
Определения .description.php:13
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$result
$result
Определения get_property_values.php:14
$_SERVER
$_SERVER["DOCUMENT_ROOT"]
Определения cron_frame.php:9
$message
$message
Определения payment.php:8
$settings
$settings
Определения product_settings.php:43
$cookiePrefix
$cookiePrefix
Определения quickway.php:248
getStorage
getStorage(array $config)
Определения quickway.php:145
$dir
$dir
Определения quickway.php:303
hasScope
hasScope(string $prefix, string $userToken, string $scope, \Redis|\Memcache $storage)
Определения quickway.php:164
decryptData
decryptData(string $data, string $key)
Определения quickway.php:213
isValidSign
if(! $config) isValidSign(string $key, string $signedUserToken)
Определения quickway.php:75
$config
$config
Определения quickway.php:69
$signedUserToken
$signedUserToken
Определения quickway.php:251
$decryptedData
if(isValidSign($key, $signedUserToken)===false) $decryptedData
Определения quickway.php:264
getRedisStorage
getRedisStorage(array $config)
Определения quickway.php:108
$requestedWidth
if(time() > $expirationTime) $requestedWidth
Определения quickway.php:313
$fileName
$fileName
Определения quickway.php:305
$storedData
$storedData
Определения quickway.php:285
$key
if(empty($signedUserToken)) $key
Определения quickway.php:257
decodeJson
decodeJson(string $data)
Определения quickway.php:208
$attachmentName
$attachmentName
Определения quickway.php:306
$userToken
if(! $storage) $userToken
Определения quickway.php:276
die
die
Определения quickway.php:367
$expirationTime
$expirationTime
Определения quickway.php:302
$fileInfoKey
if(!hasScope($config['storage']['keyPrefix'], $userToken, $decryptedData['scope'], $storage)) $fileInfoKey
Определения quickway.php:284
$contentType
$contentType
Определения quickway.php:301
$requestedHeight
$requestedHeight
Определения quickway.php:314
$accelRedirectPath
catch(\JsonException $e) $accelRedirectPath
Определения quickway.php:300
$encryptedData
if(!empty( $_GET[ 'ts']) &&$_GET[ 'ts']==='bxviewer') if(!empty($_GET['_gen'])) $encryptedData
Определения quickway.php:13
$storage
if(empty($decryptedData)) $storage
Определения quickway.php:270
$originalHeight
$originalHeight
Определения quickway.php:316
readConfig
if(empty($encryptedData)) if(str_starts_with( $_SERVER[ 'SCRIPT_NAME'], '/mobile/ajax.php')) readConfig()
Определения quickway.php:24
$originalWidth
$originalWidth
Определения quickway.php:315
getMemcacheStorage
getMemcacheStorage(array $config)
Определения quickway.php:95
$bFileId
$bFileId
Определения quickway.php:304
count
</p ></td >< td valign=top style='border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0cm 2.0pt 0cm 2.0pt;height:9.0pt'>< p class=Normal align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;line-height:normal'>< a name=ТекстовоеПоле54 ></a ><?=($taxRate > count( $arTaxList) > 0) ? $taxRate."%"
Определения waybill.php:936
$params
if($inWords) echo htmlspecialcharsbx(Number2Word_Rus(roundEx($totalVatSum $params['CURRENCY']
Определения template.php:799
$k
$k
Определения template_pdf.php:567