Asset.php at 0a360f7 ⋅ terrylinooo/shieldon

<?php
/**
 * This file is part of the Shieldon package.
 *
 * (c) Terry L. <contact@terryl.in>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 * 
 * php version 7.1.0
 * 
 * @category  Web-security
 * @package   Shieldon
 * @author    Terry Lin <contact@terryl.in>
 * @copyright 2019 terrylinooo
 * @license   https://github.com/terrylinooo/shieldon/blob/2.x/LICENSE MIT
 * @link      https://github.com/terrylinooo/shieldon
 * @see       https://shieldon.io
 */

declare(strict_types=1);

namespace Shieldon\Firewall\Panel;

use Psr\Http\Message\ResponseInterface;
use Shieldon\Firewall\HttpFactory;
use function Shieldon\Firewall\get_response;

/**
 * The static asset files such as CSS, JavaScript.
 */
class Asset extends BaseController
{
    /**
     *   Public methods       | Desctiotion
     *  ----------------------|---------------------------------------------
     *   css                  | Output the content contains CSS.
     *   js                   | Output the content contains JavaScript.
     *   favicon              | Output the content contains favicon's binary string.
     *   logo                 | Output the content contains logo's binary string.
     *  ----------------------|---------------------------------------------
     */

    /**
     * The directory in where the static assets of the firewall panel are placed.
     */
    const PANEL_ASSET_DIR = __DIR__ . '/../../../assets';

    /**
     * Constructor.
     */
    public function __construct() 
    {
        parent::__construct();
    }

    /**
     * Output the content contains CSS to the browser.
     *
     * @return ResponseInterface
     */
    public function css(): ResponseInterface
    {
        return $this->getResponseWithContentType(
            'text/css; charset=UTF-8',
            $this->loadCss()
        );
    }

    /**
     * Output the content contains JavaScript to the browser.
     *
     * @return ResponseInterface
     */
    public function js(): ResponseInterface
    {
        return $this->getResponseWithContentType(
            'text/javascript; charset=UTF-8',
            $this->loadJs()
        );
    }

    /**
     * Output the content contains image binary string to the browser.
     *
     * @return ResponseInterface
     */
    public function favicon(): ResponseInterface
    {
        return $this->getResponseWithContentType(
            'image/x-icon',
            $this->loadFavicon()
        );
    }

    /**
     * Output the content contains logo's binary string to the browser.
     *
     * @return ResponseInterface
     */
    public function logo(): ResponseInterface
    {
        return $this->getResponseWithContentType(
            'image/png',
            $this->loadLogo()
        );
    }

    /**
     * Load CSS content.
     *
     * @return string
     */
    protected function loadJs(): string
    {
        ob_start();
        echo file_get_contents(self::PANEL_ASSET_DIR . '/dist/app-packed.js');
        $output = ob_get_contents();
        ob_end_clean();
    
        return $this->filterString($output);
    }

    /**
     * Load CSS content.
     *
     * @return string
     */
    protected function loadCss(): string
    {
        ob_start();
        echo file_get_contents(self::PANEL_ASSET_DIR . '/dist/app-packed.css');
        $output = ob_get_contents();
        ob_end_clean();
    
        return $this->filterString($output);
    }

    /**
     * Load Shieldon's favicon.
     *
     * @return string
     */
    protected function loadFavicon(): string
    {
        ob_start();
        echo file_get_contents(self::PANEL_ASSET_DIR . '/src/images/favicon.ico');
        $output = ob_get_contents();
        ob_end_clean();

        return $output;
    }

    /**
     * Load Shieldon's logo.
     *
     * @return string
     */
    protected function loadLogo(): string
    {
        ob_start();
        echo file_get_contents(self::PANEL_ASSET_DIR . '/src/images/logo.png');
        $output = ob_get_contents();
        ob_end_clean();

        return $output;
    }

    /**
     * Get server response with content.
     *
     * @param string $contentType The content type.
     * @param string $body        The data sring.
     *
     * @return ResponseInterface
     */
    private function getResponseWithContentType(string $contentType, string $body): ResponseInterface
    {
        $response = get_response();
        $response = $response->withHeader('Content-Type', $contentType);
        $stream = HttpFactory::createStream();
        $stream->write($body);
        $stream->rewind();
        $response = $response->withBody($stream);

        return $this->withCacheHeader($response);
    }

    /**
     * Return the header with cache parameters.
     *
     * @param ResponseInterface $response The PSR-7 server response.
     *
     * @return ResponseInterface
     */
    private function withCacheHeader(ResponseInterface $response): ResponseInterface
    {
        $seconds = 86400; // 24 hours
        $response = $response->withHeader('Expires', gmdate('D, d M Y H:i:s', time() + $seconds) . ' GMT');
        $response = $response->withHeader('Pragma', 'cache');
        $response = $response->withHeader('Cache-Control', 'max-age=' . $seconds);

        return $response;
    }

    /**
     * Remove the PHP syntax, prevent the possible security issues.
     *
     * @param string $string
     *
     * @return string
     */
    private function filterString(string $string): string
    {
        return str_replace(['<?php', '<?', '?>'], '', $string);
    }
}

Read our documentation on viewing source code .

Navigation	Overlay
`t` Navigate files	`h` Toggle hits
`y` Change url to tip of branch	`m` Toggle misses
`b / v` Jump to prev/next hit line	`p` Toggle partial
`z / x` Jump to prev/next missed or partial line	`1..9` Toggle flags
`shift + o` Open current page in GitHub	`a` Toggle all on
`/ or ?` Show keyboard shortcuts dialog	`c` Toggle context lines or commits

1		<?php
2		/**
3		* This file is part of the Shieldon package.
4		*
5		* (c) Terry L. <contact@terryl.in>
6		*
7		* For the full copyright and license information, please view the LICENSE
8		* file that was distributed with this source code.
9		*
10		* php version 7.1.0
11		*
12		* @category Web-security
13		* @package Shieldon
14		* @author Terry Lin <contact@terryl.in>
15		* @copyright 2019 terrylinooo
16		* @license https://github.com/terrylinooo/shieldon/blob/2.x/LICENSE MIT
17		* @link https://github.com/terrylinooo/shieldon
18		* @see https://shieldon.io
19		*/
20
21		declare(strict_types=1);
22
23		namespace Shieldon\Firewall\Panel;
24
25		use Psr\Http\Message\ResponseInterface;
26		use Shieldon\Firewall\HttpFactory;
27		use function Shieldon\Firewall\get_response;
28
29		/**
30		* The static asset files such as CSS, JavaScript.
31		*/
32		class Asset extends BaseController
33		{
34		/**
35		* Public methods \| Desctiotion
36		* ----------------------\|---------------------------------------------
37		* css \| Output the content contains CSS.
38		* js \| Output the content contains JavaScript.
39		* favicon \| Output the content contains favicon's binary string.
40		* logo \| Output the content contains logo's binary string.
41		* ----------------------\|---------------------------------------------
42		*/
43
44		/**
45		* The directory in where the static assets of the firewall panel are placed.
46		*/
47		const PANEL_ASSET_DIR = __DIR__ . '/../../../assets';
48
49		/**
50		* Constructor.
51		*/
52	3	public function __construct()
53		{
54	3	parent::__construct();
55		}
56
57		/**
58		* Output the content contains CSS to the browser.
59		*
60		* @return ResponseInterface
61		*/
62	3	public function css(): ResponseInterface
63		{
64	3	return $this->getResponseWithContentType(
65	3	'text/css; charset=UTF-8',
66	3	$this->loadCss()
67		);
68		}
69
70		/**
71		* Output the content contains JavaScript to the browser.
72		*
73		* @return ResponseInterface
74		*/
75	3	public function js(): ResponseInterface
76		{
77	3	return $this->getResponseWithContentType(
78	3	'text/javascript; charset=UTF-8',
79	3	$this->loadJs()
80		);
81		}
82
83		/**
84		* Output the content contains image binary string to the browser.
85		*
86		* @return ResponseInterface
87		*/
88	3	public function favicon(): ResponseInterface
89		{
90	3	return $this->getResponseWithContentType(
91	3	'image/x-icon',
92	3	$this->loadFavicon()
93		);
94		}
95
96		/**
97		* Output the content contains logo's binary string to the browser.
98		*
99		* @return ResponseInterface
100		*/
101	3	public function logo(): ResponseInterface
102		{
103	3	return $this->getResponseWithContentType(
104	3	'image/png',
105	3	$this->loadLogo()
106		);
107		}
108
109		/**
110		* Load CSS content.
111		*
112		* @return string
113		*/
114	3	protected function loadJs(): string
115		{
116	3	ob_start();
117	3	echo file_get_contents(self::PANEL_ASSET_DIR . '/dist/app-packed.js');
118	3	$output = ob_get_contents();
119	3	ob_end_clean();
120
121	3	return $this->filterString($output);
122		}
123
124		/**
125		* Load CSS content.
126		*
127		* @return string
128		*/
129	3	protected function loadCss(): string
130		{
131	3	ob_start();
132	3	echo file_get_contents(self::PANEL_ASSET_DIR . '/dist/app-packed.css');
133	3	$output = ob_get_contents();
134	3	ob_end_clean();
135
136	3	return $this->filterString($output);
137		}
138
139		/**
140		* Load Shieldon's favicon.
141		*
142		* @return string
143		*/
144	3	protected function loadFavicon(): string
145		{
146	3	ob_start();
147	3	echo file_get_contents(self::PANEL_ASSET_DIR . '/src/images/favicon.ico');
148	3	$output = ob_get_contents();
149	3	ob_end_clean();
150
151	3	return $output;
152		}
153
154		/**
155		* Load Shieldon's logo.
156		*
157		* @return string
158		*/
159	3	protected function loadLogo(): string
160		{
161	3	ob_start();
162	3	echo file_get_contents(self::PANEL_ASSET_DIR . '/src/images/logo.png');
163	3	$output = ob_get_contents();
164	3	ob_end_clean();
165
166	3	return $output;
167		}
168
169		/**
170		* Get server response with content.
171		*
172		* @param string $contentType The content type.
173		* @param string $body The data sring.
174		*
175		* @return ResponseInterface
176		*/
177	3	private function getResponseWithContentType(string $contentType, string $body): ResponseInterface
178		{
179	3	$response = get_response();
180	3	$response = $response->withHeader('Content-Type', $contentType);
181	3	$stream = HttpFactory::createStream();
182	3	$stream->write($body);
183	3	$stream->rewind();
184	3	$response = $response->withBody($stream);
185
186	3	return $this->withCacheHeader($response);
187		}
188
189		/**
190		* Return the header with cache parameters.
191		*
192		* @param ResponseInterface $response The PSR-7 server response.
193		*
194		* @return ResponseInterface
195		*/
196	3	private function withCacheHeader(ResponseInterface $response): ResponseInterface
197		{
198	3	$seconds = 86400; // 24 hours
199	3	$response = $response->withHeader('Expires', gmdate('D, d M Y H:i:s', time() + $seconds) . ' GMT');
200	3	$response = $response->withHeader('Pragma', 'cache');
201	3	$response = $response->withHeader('Cache-Control', 'max-age=' . $seconds);
202
203	3	return $response;
204		}
205
206		/**
207		* Remove the PHP syntax, prevent the possible security issues.
208		*
209		* @param string $string
210		*
211		* @return string
212		*/
213	3	private function filterString(string $string): string
214		{
215	3	return str_replace(['<?php', '<?', '?>'], '', $string);
216		}
217		}