Support range requests, general refactor

index.php

@@ -4,67 +4,97 @@
 define('IMG_ROOT', '/var/images/');
 // Pre-shared key - must match IMAGE_PSK in gazelle config
 define('PSK', 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA');
+// User agent to use when downloading files
+define('USER_AGENT', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36');
 
 ini_set('memory_limit', '256M');
 
-function image_type($Data) {
-  if (!strncmp($Data, pack('H*', '89504E47'), 4)) return 'png';
-  if (!strncmp($Data, pack('H*', 'FFD8'), 2)) return 'jpeg';
-  if (!strncmp($Data, 'GIF', 3)) return 'gif';
-  if (strlen($Data) > 35 && !substr_compare($Data, 'webm', 31, 4)) return 'webm';
-  if (!strncmp($Data, 'BM', 2)) return 'bmp';
-  if (!strncmp($Data, 'II', 2) || !strncmp($Data, 'MM', 2)) return 'tiff';
-  return '';
+function content_type($data) {
+  if (!strncmp($data, pack('H*', '89504E47'), 4)) return 'image/png';
+  if (!strncmp($data, pack('H*', 'FFD8'), 2)) return 'image/jpeg';
+  if (!strncmp($data, 'GIF', 3)) return 'image/gif';
+  if (strlen($data) > 35 && !substr_compare($data, 'webm', 31, 4)) return 'video/webm';
+  if (!strncmp($data, 'BM', 2)) return 'image/bmp';
+  if (!strncmp($data, 'II', 2) || !strncmp($data, 'MM', 2)) return 'image/tiff';
+  return 'application/octet-stream';
 }
 
-$ImgURL = $_GET['i'];
-$Auth = rawurldecode($_GET['h']);
-$ImgURLHash = hash('sha256', $ImgURL);
+function serve($path, $rescode = 200) {
+  $filesize = filesize($path);
+  $handle = fopen($path, "r");
+  $content_type = content_type(fread($handle, 100));
+  fclose($handle);
+  header('Accept-Ranges: bytes');
+  header("Content-Type: $content_type");
+  if (isset($_SERVER['HTTP_RANGE'])) {
+    preg_match('/bytes=(\d+)-(\d+)?/', $_SERVER['HTTP_RANGE'], $matches);
+    if ($matches[1] == "") {
+      $matches[1] = $filesize - intval($matches[2] ?? 0);
+      $matches[2] = $filesize;
+    }
+    $start = intval($matches[1] ?? 0);
+    $end = min(intval($matches[2] ?? $filesize), $filesize);
+    http_response_code(206);
+    header("Content-Range: bytes $start-$end/$filesize");
+    echo file_get_contents($path, false, null, $start, $end-$start);
+  } else {
+    http_response_code($rescode);
+    header("Content-Length: $filesize");
+    readfile($path);
+  }
+}
+
+if (empty($_GET['i'])) die();
+
+$img_url = $_GET['i'];
+$auth = rawurldecode($_GET['h']);
+$img_url_hash = hash('sha256', $img_url);
+$debug = !empty($_GET['debug']);
+
+$img_dir = IMG_ROOT.substr($img_url_hash, 0, 2);
+$img_path = $img_dir.'/'.$img_url_hash;
 
 // Deletion
 if (!empty($_GET['d'])) {
-  $ImgURL = $_GET['d'];
-  $ImgURLHash = hash('sha256', $ImgURL);
-  if (base64_encode(hash_hmac('sha256', $ImgURL, strrev(PSK), true)) != $Auth) {
+  $img_url = $_GET['d'];
+  $img_url_hash = hash('sha256', $img_url);
+  if (base64_encode(hash_hmac('sha256', $img_url, strrev(PSK), true)) != $auth) {
+    http_response_code(401);
     echo 'Auth failure';
     die();
   }
-  if (file_exists(IMG_ROOT.substr($ImgURLHash,0,2).'/'.$ImgURLHash)) {
-    unlink(IMG_ROOT.substr($ImgURLHash,0,2).'/'.$ImgURLHash);
+  if (file_exists($img_path)) {
+    unlink($img_path);
+    http_response_code(200);
     echo 'Success';
   } else {
+    http_response_code(404);
     echo 'File does not exist';
   }
   die();
 }
 
 // Normal use
-if (base64_encode(hash_hmac('sha256', $ImgURL, PSK, true)) != $Auth) {
+if (base64_encode(hash_hmac('sha256', $img_url, PSK, true)) != $auth) {
   // Authentication is incorrect. Something other than the paired Gazelle instance is attempting to use the host.
-  header('Content-type: image/png');
-  echo file_get_contents('imgs/unauthorized.png');
+  serve('imgs/unauthorized.png', 401);
   die();
 }
-if (file_exists(IMG_ROOT.substr($ImgURLHash,0,2).'/'.$ImgURLHash)) {
-  // The file is cached. Serve it.
-  $Img = file_get_contents(IMG_ROOT.substr($ImgURLHash,0,2).'/'.$ImgURLHash);
-  $FileType = image_type($Img);
-  header('Content-type: '.(($FileType=='webm')?'video':'image').'/'.$FileType);
-  echo $Img;
+if (file_exists($img_path)) {
+  serve($img_path);
 } else {
   // The file is not cached. Fetch it, cache it, and serve it.
-  $Img = @file_get_contents($ImgURL, 0, stream_context_create(['http' => ['user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.2987.133 Safari/537.36'], 'ssl' => ['verify_peer' => false]]), 0, 134217728);
-  $FileType = image_type($Img);
-  if (!empty($FileType)) {
-    if (!file_exists(IMG_ROOT.substr($ImgURLHash,0,2))) {
-      mkdir(IMG_ROOT.substr($ImgURLHash,0,2));
-    }
-    file_put_contents(IMG_ROOT.substr($ImgURLHash,0,2).'/'.$ImgURLHash, $Img);
-    header('Content-type: '.(($FileType=='webm')?'video':'image').'/'.$FileType);
-    echo $Img;
+  $img_data = @file_get_contents($img_url, 0, stream_context_create([
+    'http' => ['user_agent' => USER_AGENT],
+    'ssl' => ['verify_peer' => false]
+  ]), 0, 134217728);
+  $content_type = content_type($img_data);
+  if ($content_type != 'application/octet-stream') {
+    if (!file_exists($img_dir)) mkdir($img_dir);
+    file_put_contents($img_path, $img_data);
+    serve($img_path);
   } else {
-    header('Content-type: image/png');
-    echo file_get_contents('imgs/invalid.png');
+    serve('imgs/invalid.png', 415);
   }
 }
 ?>