3 * Class Minify_Controller_MinApp
7 require_once 'Minify/Controller/Base.php';
10 * Controller class for requests to /min/index.php
13 * @author Stephen Clay <steve@mrclay.org>
15 class Minify_Controller_MinApp extends Minify_Controller_Base {
18 * Set up groups of files as sources
20 * @param array $options controller and Minify options
21 * @return array Minify options
24 public function setupSources($options) {
25 // filter controller options
26 $cOptions = array_merge(
29 ,'groupsOnly' => false
33 ,(isset($options['minApp']) ? $options['minApp'] : array())
35 unset($options['minApp']);
37 if (isset($_GET['g'])) {
39 if (! isset($cOptions['groups'][$_GET['g']])) {
40 $this->log("A group configuration for \"{$_GET['g']}\" was not set");
44 $files = $cOptions['groups'][$_GET['g']];
45 // if $files is a single object, casting will break it
46 if (is_object($files)) {
47 $files = array($files);
48 } elseif (! is_array($files)) {
49 $files = (array)$files;
51 foreach ($files as $file) {
52 if ($file instanceof Minify_Source) {
56 if (0 === strpos($file, '//')) {
57 $file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
59 $file = realpath($file);
61 $sources[] = new Minify_Source(array(
65 $this->log("The path \"{$file}\" could not be found (or was not a file)");
69 } elseif (! $cOptions['groupsOnly'] && isset($_GET['f'])) {
71 // The following restrictions are to limit the URLs that minify will
72 // respond to. Ideally there should be only one way to reference a file.
73 if (// verify at least one file, files are single comma separated,
74 // and are all same extension
75 ! preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $_GET['f'])
77 || strpos($_GET['f'], '//') !== false
79 || strpos($_GET['f'], '\\') !== false
81 || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['f'])
83 $this->log("GET param 'f' invalid (see MinApp.php line 63)");
86 $files = explode(',', $_GET['f']);
87 if (count($files) > $cOptions['maxFiles'] || $files != array_unique($files)) {
88 $this->log("Too many or duplicate files specified");
91 if (isset($_GET['b'])) {
93 if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b'])
94 && false === strpos($_GET['b'], '..')
95 && $_GET['b'] !== '.') {
97 $base = "/{$_GET['b']}/";
99 $this->log("GET param 'b' invalid (see MinApp.php line 84)");
105 $allowDirs = array();
106 foreach ((array)$cOptions['allowDirs'] as $allowDir) {
107 $allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
109 foreach ($files as $file) {
110 $path = $_SERVER['DOCUMENT_ROOT'] . $base . $file;
111 $file = realpath($path);
112 if (false === $file) {
113 $this->log("Path \"{$path}\" failed realpath()");
115 } elseif (! parent::_fileIsSafe($file, $allowDirs)) {
116 $this->log("Path \"{$path}\" failed Minify_Controller_Base::_fileIsSafe()");
119 $sources[] = new Minify_Source(array(
126 $this->sources = $sources;
128 $this->log("No sources to serve");