<?php
/**
 * @file mod/proxy.php
 * @brief Based upon "Privacy Image Cache" by Tobias Hößl <https://github.com/CatoTH/>
 */

use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\System;
use Friendica\Database\DBM;
use Friendica\Model\Photo;
use Friendica\Object\Image;
use Friendica\Util\Network;

define('PROXY_DEFAULT_TIME', 86400); // 1 Day

define('PROXY_SIZE_MICRO', 'micro');
define('PROXY_SIZE_THUMB', 'thumb');
define('PROXY_SIZE_SMALL', 'small');
define('PROXY_SIZE_MEDIUM', 'medium');
define('PROXY_SIZE_LARGE', 'large');

require_once 'include/security.php';

function proxy_init(App $a) {
	// Pictures are stored in one of the following ways:
	// 1. If a folder "proxy" exists and is writeable, then use this for caching
	// 2. If a cache path is defined, use this
	// 3. If everything else failed, cache into the database
	//
	// Question: Do we really need these three methods?

	if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
		header('HTTP/1.1 304 Not Modified');
		header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
		header('Etag: ' . $_SERVER['HTTP_IF_NONE_MATCH']);
		header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
		header('Cache-Control: max-age=31536000');

		if (function_exists('header_remove')) {
			header_remove('Last-Modified');
			header_remove('Expires');
			header_remove('Cache-Control');
		}
		exit;
	}

	if (function_exists('header_remove')) {
		header_remove('Pragma');
		header_remove('pragma');
	}

	$thumb = false;
	$size = 1024;
	$sizetype = '';
	$basepath = $a->get_basepath();

	// If the cache path isn't there, try to create it
	if (!is_dir($basepath . '/proxy') && is_writable($basepath)) {
		mkdir($basepath . '/proxy');
	}

	// Checking if caching into a folder in the webroot is activated and working
	$direct_cache = (is_dir($basepath . '/proxy') && is_writable($basepath . '/proxy'));

	// Look for filename in the arguments
	if ((isset($a->argv[1]) || isset($a->argv[2]) || isset($a->argv[3])) && !isset($_REQUEST['url'])) {
		if (isset($a->argv[3])) {
			$url = $a->argv[3];
		} elseif (isset($a->argv[2])) {
			$url = $a->argv[2];
		} else {
			$url = $a->argv[1];
		}

		if (isset($a->argv[3]) && ($a->argv[3] == 'thumb')) {
			$size = 200;
		}

		// thumb, small, medium and large.
		if (substr($url, -6) == ':micro') {
			$size = 48;
			$sizetype = ':micro';
			$url = substr($url, 0, -6);
		} elseif (substr($url, -6) == ':thumb') {
			$size = 80;
			$sizetype = ':thumb';
			$url = substr($url, 0, -6);
		} elseif (substr($url, -6) == ':small') {
			$size = 175;
			$url = substr($url, 0, -6);
			$sizetype = ':small';
		} elseif (substr($url, -7) == ':medium') {
			$size = 600;
			$url = substr($url, 0, -7);
			$sizetype = ':medium';
		} elseif (substr($url, -6) == ':large') {
			$size = 1024;
			$url = substr($url, 0, -6);
			$sizetype = ':large';
		}

		$pos = strrpos($url, '=.');
		if ($pos) {
			$url = substr($url, 0, $pos + 1);
		}

		$url = str_replace(['.jpg', '.jpeg', '.gif', '.png'], ['','','',''], $url);

		$url = base64_decode(strtr($url, '-_', '+/'), true);

		if ($url) {
			$_REQUEST['url'] = $url;
		}
	} else {
		$direct_cache = false;
	}

	if (!$direct_cache) {
		$urlhash = 'pic:' . sha1($_REQUEST['url']);

		$cachefile = get_cachefile(hash('md5', $_REQUEST['url']));
		if ($cachefile != '' && file_exists($cachefile)) {
			$img_str = file_get_contents($cachefile);
			$mime = image_type_to_mime_type(exif_imagetype($cachefile));

			header('Content-type: ' . $mime);
			header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
			header('Etag: "' . md5($img_str) . '"');
			header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
			header('Cache-Control: max-age=31536000');

			// reduce quality - if it isn't a GIF
			if ($mime != 'image/gif') {
				$Image = new Image($img_str, $mime);
				if ($Image->isValid()) {
					$img_str = $Image->asString();
				}
			}

			echo $img_str;
			killme();
		}
	} else {
		$cachefile = '';
	}

	$valid = true;
	$photo = null;
	if (!$direct_cache && ($cachefile == '')) {
		$photo = dba::selectFirst('photo', ['data', 'desc'], ['resource-id' => $urlhash]);
		if (DBM::is_result($photo)) {
			$img_str = $photo['data'];
			$mime = $photo['desc'];
			if ($mime == '') {
				$mime = 'image/jpeg';
			}
		}
	}

	if (!DBM::is_result($photo)) {
		// It shouldn't happen but it does - spaces in URL
		$_REQUEST['url'] = str_replace(' ', '+', $_REQUEST['url']);
		$redirects = 0;
		$img_str = Network::fetchUrl($_REQUEST['url'], true, $redirects, 10);

		$tempfile = tempnam(get_temppath(), 'cache');
		file_put_contents($tempfile, $img_str);
		$mime = image_type_to_mime_type(exif_imagetype($tempfile));
		unlink($tempfile);

		// If there is an error then return a blank image
		if ((substr($a->get_curl_code(), 0, 1) == '4') || (!$img_str)) {
			$img_str = file_get_contents('images/blank.png');
			$mime = 'image/png';
			$cachefile = ''; // Clear the cachefile so that the dummy isn't stored
			$valid = false;
			$Image = new Image($img_str, 'image/png');
			if ($Image->isValid()) {
				$Image->scaleDown(10);
				$img_str = $Image->asString();
			}
		} elseif ($mime != 'image/jpeg' && !$direct_cache && $cachefile == '') {
			$image = @imagecreatefromstring($img_str);

			if ($image === FALSE) {
				die();
			}

			$fields = ['uid' => 0, 'contact-id' => 0, 'guid' => get_guid(), 'resource-id' => $urlhash, 'created' => datetime_convert(), 'edited' => datetime_convert(),
				'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image),
				'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0,
				'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime];
			dba::insert('photo', $fields);
		} else {
			$Image = new Image($img_str, $mime);
			if ($Image->isValid() && !$direct_cache && ($cachefile == '')) {
				Photo::store($Image, 0, 0, $urlhash, $_REQUEST['url'], '', 100);
			}
		}
	}

	$img_str_orig = $img_str;

	// reduce quality - if it isn't a GIF
	if ($mime != 'image/gif') {
		$Image = new Image($img_str, $mime);
		if ($Image->isValid()) {
			$Image->scaleDown($size);
			$img_str = $Image->asString();
		}
	}

	// If there is a real existing directory then put the cache file there
	// advantage: real file access is really fast
	// Otherwise write in cachefile
	if ($valid && $direct_cache) {
		file_put_contents($basepath . '/proxy/' . proxy_url($_REQUEST['url'], true), $img_str_orig);
		if ($sizetype != '') {
			file_put_contents($basepath . '/proxy/' . proxy_url($_REQUEST['url'], true) . $sizetype, $img_str);
		}
	} elseif ($cachefile != '') {
		file_put_contents($cachefile, $img_str_orig);
	}

	header('Content-type: ' . $mime);

	// Only output the cache headers when the file is valid
	if ($valid) {
		header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
		header('Etag: "' . md5($img_str) . '"');
		header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
		header('Cache-Control: max-age=31536000');
	}

	echo $img_str;

	killme();
}

/**
 * @brief Transform a remote URL into a local one
 *
 * This function only performs the URL replacement on http URL and if the
 * provided URL isn't local, "the isn't deactivated" (sic) and if the config
 * system.proxy_disabled is set to false.
 *
 * @param string $url       The URL to proxyfy
 * @param bool   $writemode Returns a local path the remote URL should be saved to
 * @param string $size      One of the PROXY_SIZE_* constants
 *
 * @return string The proxyfied URL or relative path
 */
function proxy_url($url, $writemode = false, $size = '') {
	$a = get_app();

	if (substr($url, 0, strlen('http')) !== 'http') {
		return $url;
	}

	// Only continue if it isn't a local image and the isn't deactivated
	if (proxy_is_local_image($url)) {
		$url = str_replace(normalise_link(System::baseUrl()) . '/', System::baseUrl() . '/', $url);
		return $url;
	}

	if (Config::get('system', 'proxy_disabled')) {
		return $url;
	}

	// Image URL may have encoded ampersands for display which aren't desirable for proxy
	$url = html_entity_decode($url, ENT_NOQUOTES, 'utf-8');

	// Creating a sub directory to reduce the amount of files in the cache directory
	$basepath = $a->get_basepath() . '/proxy';

	$shortpath = hash('md5', $url);
	$longpath = substr($shortpath, 0, 2);

	if (is_dir($basepath) && $writemode && !is_dir($basepath . '/' . $longpath)) {
		mkdir($basepath . '/' . $longpath);
		chmod($basepath . '/' . $longpath, 0777);
	}

	$longpath .= '/' . strtr(base64_encode($url), '+/', '-_');

	// Extract the URL extension
	$extension = pathinfo(parse_url($url, PHP_URL_PATH), PATHINFO_EXTENSION);

	$extensions = ['jpg', 'jpeg', 'gif', 'png'];
	if (in_array($extension, $extensions)) {
		$shortpath .= '.' . $extension;
		$longpath .= '.' . $extension;
	}

	$proxypath = System::baseUrl() . '/proxy/' . $longpath;

	if ($size != '') {
		$size = ':' . $size;
	}

	// Too long files aren't supported by Apache
	// Writemode in combination with long files shouldn't be possible
	if ((strlen($proxypath) > 250) && $writemode) {
		return $shortpath;
	} elseif (strlen($proxypath) > 250) {
		return System::baseUrl() . '/proxy/' . $shortpath . '?url=' . urlencode($url);
	} elseif ($writemode) {
		return $longpath;
	} else {
		return $proxypath . $size;
	}
}

/**
 * @param $url string
 * @return boolean
 */
function proxy_is_local_image($url) {
	if ($url[0] == '/') {
		return true;
	}

	if (strtolower(substr($url, 0, 5)) == 'data:') {
		return true;
	}

	// links normalised - bug #431
	$baseurl = normalise_link(System::baseUrl());
	$url = normalise_link($url);
	return (substr($url, 0, strlen($baseurl)) == $baseurl);
}

/**
 * @brief Return the array of query string parameters from a URL
 *
 * @param string $url
 * @return array Associative array of query string parameters
 */
function proxy_parse_query($url) {
	$query = parse_url($url, PHP_URL_QUERY);
	$query = html_entity_decode($query);
	$query_list = explode('&', $query);
	$arr = [];

	foreach ($query_list as $key_value) {
		$key_value_list = explode('=', $key_value);
		$arr[$key_value_list[0]] = $key_value_list[1];
	}

	unset($url, $query_list, $url);
	return $arr;
}

function proxy_img_cb($matches) {
	// if the picture seems to be from another picture cache then take the original source
	$queryvar = proxy_parse_query($matches[2]);
	if (($queryvar['url'] != '') && (substr($queryvar['url'], 0, 4) == 'http')) {
		$matches[2] = urldecode($queryvar['url']);
	}

	// following line changed per bug #431
	if (proxy_is_local_image($matches[2])) {
		return $matches[1] . $matches[2] . $matches[3];
	}

	return $matches[1] . proxy_url(htmlspecialchars_decode($matches[2])) . $matches[3];
}

function proxy_parse_html($html) {
	$html = str_replace(normalise_link(System::baseUrl()) . '/', System::baseUrl() . '/', $html);

	return preg_replace_callback('/(<img [^>]*src *= *["\'])([^"\']+)(["\'][^>]*>)/siU', 'proxy_img_cb', $html);
}