src/Controller/ImageController.php line 54

Open in your IDE?
  1. <?php
  2. namespace App\Controller;
  4. use Symfony\Component\HttpFoundation\Response;
  5. use Symfony\Component\HttpFoundation\Request;
  6. use App\Entity\Payment;
  7. use App\Service\PaymentService;
  8. use App\Form\PaymentType;
  9. use App\Library\Utils\Other\Other;
  10. use App\Service\Image\ImageService;
  11. use Doctrine\ORM\EntityManagerInterface;
  12. use Symfony\Component\HttpFoundation\BinaryFileResponse;
  14. class ImageController extends BaseAbstractController
  15. {
  16.     public function list(Request $requestPaymentService $paymentService): Response
  17.     {
  18.         $payments $paymentService->getBaseService()->getAll();
  19.         // return $this->redirectToRoute("login");
  20.         return $this->render('admin/payment/payments.html.twig', [
  21.             'payments' => $payments,
  22.         ]);
  23.     }
  25.     public function edit(Request $requestPaymentService $paymentServiceEntityManagerInterface $em): Response
  26.     {
  27.         $id $request->get('id');
  28.         /**
  29.          * @var Payment|null $payment
  30.          */
  31.         $payment $id $paymentService->getBaseService()->get($id) : null;
  33.         if (!$payment) {
  34.             $payment = (new Payment());
  35.         }
  37.         $form $this->createForm(PaymentType::class, $payment);
  38.         $form->handleRequest($request);
  40.         if ($form->isSubmitted() && $form->isValid()) {
  41.             $payment->setCreatedBy($this->getUser());
  42.             $em->persist($payment);
  43.             $em->flush();
  44.             return $this->redirectToRoute('moderator_payments');
  45.         }
  47.         // return $this->redirectToRoute("login");
  48.         return $this->render('admin/payment/payment_edit.html.twig', [
  49.             'form' => $form->createView(),
  50.             'payment' => $payment,
  51.         ]);
  52.     }
  54.     public function view(Request $requestImageService $imageServiceEntityManagerInterface $em): Response
  55.     {
  56.         $id $request->get('id');
  57.         /**
  58.          * @var Image|null $image
  59.          */
  60.         $image $id $imageService->getBaseService()->get($id) : null;
  62.          try {
  63.             $projectDir $this->getParameter('kernel.project_dir');
  64.             $filePath $imageService->getRealPath($image);
  66.             // Security: prevent directory traversal
  67.             // if (str_contains($filename, '..') || str_contains($filename, '/')) {
  68.             //     throw $this->createNotFoundException('Invalid filename');
  69.             // }
  71.             // Check if file exists and is readable
  72.             if (!file_exists($filePath) || !is_readable($filePath)) {
  73.                 throw $this->createNotFoundException('Image not found');
  74.             }
  76.             // Check if it's actually an image
  77.             $mimeType mime_content_type($filePath);
  78.             if (!str_starts_with($mimeType'image/')) {
  79.                 throw $this->createNotFoundException('File is not an image');
  80.             }
  82.             $response = new BinaryFileResponse($filePath);
  83.             $response->headers->set('Content-Type'$mimeType);
  84.             $response->setCache([
  85.                 'max_age' => 3600,
  86.                 's_maxage' => 3600,
  87.                 'public' => true,
  88.             ]);
  90.             return $response;
  92.         } catch (\Exception $e) {
  93.             // Log error
  94.             // $this->logger->error('Image serving failed: ' . $e->getMessage());
  96.             // Return a default image or error response
  97.             return new Response('Image not found'404);
  98.         }
  99.     }
  100. }