add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks - Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists - Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services - Add Microsoft OIDC SSO, API token management, and user lifecycle features - Add swagger-ui vendor integration and OpenAPI spec - Add production Docker setup and bin/ scripts - Update composer dependencies, config, templates, and frontend assets throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -2,23 +2,24 @@
|
||||
|
||||
namespace MintyPHP\Service\User;
|
||||
|
||||
use MintyPHP\Service\Image\ImageUploadTrait;
|
||||
|
||||
class UserAvatarService
|
||||
{
|
||||
use ImageUploadTrait;
|
||||
|
||||
private const MAX_SIZE = 5242880; // 5 MB
|
||||
private const SIZES = [64, 128, 256];
|
||||
private const DEFAULT_SIZE = 128;
|
||||
|
||||
public static function isValidUuid(string $uuid): bool
|
||||
{
|
||||
return (bool) preg_match('/^[a-f0-9-]{36}$/i', $uuid);
|
||||
return self::imageIsValidUuid($uuid);
|
||||
}
|
||||
|
||||
public static function storageBase(): string
|
||||
{
|
||||
if (defined('APP_STORAGE_PATH') && APP_STORAGE_PATH) {
|
||||
return rtrim(APP_STORAGE_PATH, '/');
|
||||
}
|
||||
return rtrim(dirname(__DIR__, 3) . '/storage', '/');
|
||||
return self::imageStorageBase();
|
||||
}
|
||||
|
||||
public static function userDir(string $uuid): string
|
||||
@@ -46,7 +47,7 @@ class UserAvatarService
|
||||
if ($defaultVariant) {
|
||||
return $defaultVariant;
|
||||
}
|
||||
$original = self::findOriginalPath($dir);
|
||||
$original = self::imageFindOriginalPath($dir);
|
||||
return $original ?: null;
|
||||
}
|
||||
|
||||
@@ -95,12 +96,12 @@ class UserAvatarService
|
||||
|
||||
$tmpPath = $file['tmp_name'];
|
||||
$mime = self::detectMime($tmpPath);
|
||||
$isSvg = self::isSvgUpload($mime, $tmpPath);
|
||||
$ext = self::extensionForMime($mime, $isSvg);
|
||||
$isSvg = self::imageIsSvgUpload($mime, $tmpPath);
|
||||
$ext = self::imageExtensionForMime($mime, $isSvg);
|
||||
if (!$ext) {
|
||||
return ['ok' => false, 'error' => t('Invalid image file')];
|
||||
}
|
||||
if ($isSvg && !self::isSafeSvg($tmpPath)) {
|
||||
if ($isSvg && !self::imageIsSafeSvg($tmpPath)) {
|
||||
return ['ok' => false, 'error' => t('Invalid image file')];
|
||||
}
|
||||
|
||||
@@ -117,81 +118,83 @@ class UserAvatarService
|
||||
@chmod($originalPath, 0644);
|
||||
|
||||
$variantExt = function_exists('imagewebp') ? 'webp' : 'jpg';
|
||||
if (!$isSvg && self::canResize()) {
|
||||
if (!$isSvg && self::imageCanResize()) {
|
||||
foreach (self::SIZES as $size) {
|
||||
$target = $dir . '/avatar-' . $size . '.' . $variantExt;
|
||||
self::resizeAndFit($originalPath, $target, $size, $size, $variantExt);
|
||||
self::imageResizeAndFit($originalPath, $target, $size, $size, $variantExt);
|
||||
}
|
||||
}
|
||||
|
||||
return ['ok' => true, 'path' => $originalPath, 'mime' => $mime];
|
||||
}
|
||||
|
||||
public static function detectMime(string $path): string
|
||||
public static function saveBinary(string $uuid, string $contents, string $mime = ''): array
|
||||
{
|
||||
if (function_exists('finfo_open')) {
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
if ($finfo) {
|
||||
$mime = finfo_file($finfo, $path);
|
||||
if (is_string($mime) && $mime !== '') {
|
||||
if (self::isSvgUpload($mime, $path)) {
|
||||
return 'image/svg+xml';
|
||||
}
|
||||
return $mime;
|
||||
}
|
||||
if (!self::isValidUuid($uuid)) {
|
||||
return ['ok' => false, 'error' => t('User not found')];
|
||||
}
|
||||
|
||||
$size = strlen($contents);
|
||||
if ($size <= 0) {
|
||||
return ['ok' => false, 'error' => t('Invalid image file')];
|
||||
}
|
||||
if ($size > self::MAX_SIZE) {
|
||||
return ['ok' => false, 'error' => t('File is too large')];
|
||||
}
|
||||
|
||||
$tmpPath = tempnam(sys_get_temp_dir(), 'user-avatar-');
|
||||
if ($tmpPath === false) {
|
||||
return ['ok' => false, 'error' => t('Upload failed')];
|
||||
}
|
||||
if (@file_put_contents($tmpPath, $contents) === false) {
|
||||
@unlink($tmpPath);
|
||||
return ['ok' => false, 'error' => t('Upload failed')];
|
||||
}
|
||||
|
||||
$detectedMime = self::detectMime($tmpPath);
|
||||
if ($detectedMime === 'application/octet-stream') {
|
||||
$headerMime = strtolower(trim(explode(';', $mime, 2)[0]));
|
||||
if (in_array($headerMime, ['image/jpeg', 'image/png', 'image/webp'], true)) {
|
||||
$detectedMime = $headerMime;
|
||||
}
|
||||
}
|
||||
if (self::isSvgUpload('application/octet-stream', $path)) {
|
||||
return 'image/svg+xml';
|
||||
$ext = self::imageExtensionForMime($detectedMime, false);
|
||||
if (!$ext) {
|
||||
@unlink($tmpPath);
|
||||
return ['ok' => false, 'error' => t('Invalid image file')];
|
||||
}
|
||||
return 'application/octet-stream';
|
||||
|
||||
$dir = self::userDir($uuid);
|
||||
if (!is_dir($dir) && !mkdir($dir, 0755, true) && !is_dir($dir)) {
|
||||
@unlink($tmpPath);
|
||||
return ['ok' => false, 'error' => t('Upload failed')];
|
||||
}
|
||||
|
||||
self::delete($uuid);
|
||||
$originalPath = $dir . '/original.' . $ext;
|
||||
if (!@rename($tmpPath, $originalPath)) {
|
||||
if (!@copy($tmpPath, $originalPath)) {
|
||||
@unlink($tmpPath);
|
||||
return ['ok' => false, 'error' => t('Upload failed')];
|
||||
}
|
||||
@unlink($tmpPath);
|
||||
}
|
||||
@chmod($originalPath, 0644);
|
||||
|
||||
$variantExt = function_exists('imagewebp') ? 'webp' : 'jpg';
|
||||
if (self::imageCanResize()) {
|
||||
foreach (self::SIZES as $sizeVariant) {
|
||||
$target = $dir . '/avatar-' . $sizeVariant . '.' . $variantExt;
|
||||
self::imageResizeAndFit($originalPath, $target, $sizeVariant, $sizeVariant, $variantExt);
|
||||
}
|
||||
}
|
||||
|
||||
return ['ok' => true, 'path' => $originalPath, 'mime' => $detectedMime];
|
||||
}
|
||||
|
||||
private static function extensionForMime(string $mime, bool $isSvg = false): ?string
|
||||
public static function detectMime(string $path): string
|
||||
{
|
||||
if ($isSvg) {
|
||||
return 'svg';
|
||||
}
|
||||
$map = [
|
||||
'image/jpeg' => 'jpg',
|
||||
'image/png' => 'png',
|
||||
'image/webp' => 'webp',
|
||||
];
|
||||
return $map[$mime] ?? null;
|
||||
}
|
||||
|
||||
private static function isSvgUpload(string $mime, string $path): bool
|
||||
{
|
||||
if ($mime === 'image/svg+xml') {
|
||||
return true;
|
||||
}
|
||||
$head = @file_get_contents($path, false, null, 0, 1024);
|
||||
if (!is_string($head) || $head === '') {
|
||||
return false;
|
||||
}
|
||||
return stripos($head, '<svg') !== false;
|
||||
}
|
||||
|
||||
private static function isSafeSvg(string $path): bool
|
||||
{
|
||||
$contents = @file_get_contents($path);
|
||||
if (!is_string($contents) || $contents === '') {
|
||||
return false;
|
||||
}
|
||||
$lower = strtolower($contents);
|
||||
if (strpos($lower, '<script') !== false) {
|
||||
return false;
|
||||
}
|
||||
if (strpos($lower, 'onload=') !== false) {
|
||||
return false;
|
||||
}
|
||||
if (strpos($lower, 'javascript:') !== false) {
|
||||
return false;
|
||||
}
|
||||
if (strpos($lower, '<foreignobject') !== false) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
return self::imageDetectMime($path);
|
||||
}
|
||||
|
||||
private static function normalizeSize(int $size): int
|
||||
@@ -213,95 +216,4 @@ class UserAvatarService
|
||||
});
|
||||
return $matches[0] ?? null;
|
||||
}
|
||||
|
||||
private static function findOriginalPath(string $dir): ?string
|
||||
{
|
||||
$matches = glob($dir . '/original.*');
|
||||
if (!$matches) {
|
||||
return null;
|
||||
}
|
||||
usort($matches, static function ($a, $b) {
|
||||
return filemtime($b) <=> filemtime($a);
|
||||
});
|
||||
return $matches[0] ?? null;
|
||||
}
|
||||
|
||||
private static function canResize(): bool
|
||||
{
|
||||
return function_exists('imagecreatetruecolor') && function_exists('imagecopyresampled');
|
||||
}
|
||||
|
||||
private static function createImageResource(string $path, string $mime)
|
||||
{
|
||||
if ($mime === 'image/jpeg' && function_exists('imagecreatefromjpeg')) {
|
||||
return imagecreatefromjpeg($path);
|
||||
}
|
||||
if ($mime === 'image/png' && function_exists('imagecreatefrompng')) {
|
||||
return imagecreatefrompng($path);
|
||||
}
|
||||
if ($mime === 'image/webp' && function_exists('imagecreatefromwebp')) {
|
||||
return imagecreatefromwebp($path);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private static function resizeAndFit(string $sourcePath, string $targetPath, int $width, int $height, string $ext): bool
|
||||
{
|
||||
$mime = self::detectMime($sourcePath);
|
||||
$src = self::createImageResource($sourcePath, $mime);
|
||||
if (!$src) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$srcWidth = imagesx($src);
|
||||
$srcHeight = imagesy($src);
|
||||
if ($srcWidth === 0 || $srcHeight === 0) {
|
||||
imagedestroy($src);
|
||||
return false;
|
||||
}
|
||||
|
||||
$scale = min($width / $srcWidth, $height / $srcHeight);
|
||||
$dstWidth = (int) round($srcWidth * $scale);
|
||||
$dstHeight = (int) round($srcHeight * $scale);
|
||||
if ($dstWidth < 1) $dstWidth = 1;
|
||||
if ($dstHeight < 1) $dstHeight = 1;
|
||||
|
||||
$dst = imagecreatetruecolor($dstWidth, $dstHeight);
|
||||
if ($ext === 'png' || $ext === 'webp') {
|
||||
imagealphablending($dst, false);
|
||||
imagesavealpha($dst, true);
|
||||
$transparent = imagecolorallocatealpha($dst, 0, 0, 0, 127);
|
||||
imagefilledrectangle($dst, 0, 0, $dstWidth, $dstHeight, $transparent);
|
||||
}
|
||||
|
||||
imagecopyresampled(
|
||||
$dst,
|
||||
$src,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
$dstWidth,
|
||||
$dstHeight,
|
||||
$srcWidth,
|
||||
$srcHeight
|
||||
);
|
||||
|
||||
$saved = false;
|
||||
if ($ext === 'webp' && function_exists('imagewebp')) {
|
||||
$saved = imagewebp($dst, $targetPath, 82);
|
||||
} elseif ($ext === 'png' && function_exists('imagepng')) {
|
||||
$saved = imagepng($dst, $targetPath, 6);
|
||||
} else {
|
||||
$saved = imagejpeg($dst, $targetPath, 85);
|
||||
}
|
||||
|
||||
imagedestroy($src);
|
||||
imagedestroy($dst);
|
||||
|
||||
if ($saved) {
|
||||
@chmod($targetPath, 0644);
|
||||
}
|
||||
return $saved;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user