HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/360.naniguide.com/services/aws_s3_init.php
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED);
ob_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();
if((($_SERVER['SERVER_ADDR']==$_SESSION['demo_server_ip']) && ($_SERVER['REMOTE_ADDR']!=$_SESSION['demo_developer_ip']) && ($_SESSION['id_user']==$_SESSION['demo_user_id'])) || ($_SESSION['svt_si']!=session_id())) {
    die();
}
require_once(__DIR__."/../backend/functions.php");
require_once(__DIR__."/../db/connection.php");
require(__DIR__."/../backend/vendor/amazon-aws-sdk/aws-autoloader.php");
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
use Aws\Exception\S3Exception;

if(get_user_role($_SESSION['id_user'])!='administrator') {
    ob_end_clean();
    echo json_encode(array("status"=>"error"));
    die();
}

if(isset($_POST['aws_s3_secret'])) {
    $aws_s3_type = $_POST['aws_s3_type'];
    $aws_s3_vt_auto = $_POST['aws_s3_vt_auto'];
    $aws_s3_secret = $_POST['aws_s3_secret'];
    $aws_s3_key = $_POST['aws_s3_key'];
    $aws_s3_accountid = $_POST['aws_s3_accountid'];
    $aws_s3_custom_domain = $_POST['aws_s3_custom_domain'];
    $aws_s3_region = $_POST['aws_s3_region'];
    $aws_s3_bucket = $_POST['aws_s3_bucket'];
    $query = "UPDATE svt_settings SET aws_s3_region=?,aws_s3_bucket=?,aws_s3_vt_auto=?,aws_s3_type=?,aws_s3_accountid=?,aws_s3_custom_domain=?;";
    if($smt = $mysqli->prepare($query)) {
        $smt->bind_param('ssisss',$aws_s3_region,$aws_s3_bucket,$aws_s3_vt_auto,$aws_s3_type,$aws_s3_accountid,$aws_s3_custom_domain);
        $smt->execute();
    }
    if($aws_s3_secret!="keep_aws_s3_secret") {
        $query = "UPDATE svt_settings SET aws_s3_secret=?;";
        if($smt = $mysqli->prepare($query)) {
            $smt->bind_param('s',$aws_s3_secret);
            $smt->execute();
        }
    }
    if($aws_s3_key!="keep_aws_s3_key") {
        $query = "UPDATE svt_settings SET aws_s3_key=?;";
        if($smt = $mysqli->prepare($query)) {
            $smt->bind_param('s',$aws_s3_key);
            $smt->execute();
        }
    }
}

$settings = get_settings();
$aws_s3_type = $settings['aws_s3_type'];
$aws_s3_secret = $settings['aws_s3_secret'];
$aws_s3_key = $settings['aws_s3_key'];
$aws_s3_accountid = $settings['aws_s3_accountid'];
$aws_s3_region = $settings['aws_s3_region'];
$aws_s3_bucket = $settings['aws_s3_bucket'];

switch($aws_s3_type) {
    case 'aws':
        $s3Config = [
            'region' => $aws_s3_region,
            'version' => 'latest',
            'credentials' => [
                'key'    => $aws_s3_key,
                'secret' => $aws_s3_secret
            ]
        ];
        break;
    case 'r2':
        if(empty($aws_s3_accountid)) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>"Missing account id"));
            die();
        }
        $credentials = new Aws\Credentials\Credentials($aws_s3_key, $aws_s3_secret);
        $s3Config = [
            'region' => 'auto',
            'version' => 'latest',
            'endpoint' => "https://".$aws_s3_accountid.".r2.cloudflarestorage.com",
            'credentials' => $credentials
        ];
        break;
    case 'digitalocean':
        $s3Config = [
            'region' => 'us-east-1',
            'version' => 'latest',
            'endpoint' => "https://$aws_s3_region.digitaloceanspaces.com",
            'use_path_style_endpoint' => false,
            'credentials' => [
                'key'    => $aws_s3_key,
                'secret' => $aws_s3_secret
            ]
        ];
        break;
}

$s3Client = new S3Client($s3Config);

if(!$s3Client->doesBucketExist($aws_s3_bucket)) {
    try {
        $result = $s3Client->createBucket([
            'Bucket' => $aws_s3_bucket,
        ]);
    } catch (AwsException $e) {
        $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
        ob_end_clean();
        echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
        die();
    }
} else {
    if(!doesFolderExists($aws_s3_bucket,$s3Client,'viewer/panoramas/')) {
        $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
        ob_end_clean();
        echo json_encode(array("status"=>"error","msg"=>_("Bucket already exists, choose a new name")));
        die();
    }
}

switch($aws_s3_type) {
    case 'aws':
        try {
            $s3_acl = $s3Client->getBucketAcl([
                'Bucket' => $aws_s3_bucket
            ]);
        } catch (AwsException $e) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
            die();
        }
        try {
            $result = $s3Client->deletePublicAccessBlock([
                'Bucket' => $aws_s3_bucket,
            ]);
        } catch (AwsException $e) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
            die();
        }
        switch($aws_s3_region) {
            case 'us-gov-east-1':
            case 'us-gov-west-1':
                $bucketPolicy = '{
                        "Version": "2012-10-17",
                        "Statement": [
                            {
                                "Sid": "AllowPublicRead",
                                "Effect": "Allow",
                                "Principal": "*",
                                "Action": [
                                    "s3:GetObject"
                                ],
                                "Resource": [
                                    "arn:aws-us-gov:s3:::' . $aws_s3_bucket . '/*"
                                ]
                            }
                        ]
                    }';
                break;
            case 'cn-north-1':
            case 'cn-northwest-1':
                $bucketPolicy = '{
                        "Version": "2012-10-17",
                        "Statement": [
                            {
                                "Sid": "AllowPublicRead",
                                "Effect": "Allow",
                                "Principal": "*",
                                "Action": [
                                    "s3:GetObject"
                                ],
                                "Resource": [
                                    "arn:aws-cn:s3:::' . $aws_s3_bucket . '/*"
                                ]
                            }
                        ]
                    }';
                break;
            default:
                $bucketPolicy = '{
                    "Version": "2012-10-17",
                    "Statement": [
                        {
                            "Sid": "AllowPublicRead",
                            "Effect": "Allow",
                            "Principal": "*",
                            "Action": [
                                "s3:GetObject"
                            ],
                            "Resource": [
                                "arn:aws:s3:::' . $aws_s3_bucket . '/*"
                            ]
                        }
                    ]
                }';
                break;
        }
        try {
            $s3Client->putBucketPolicy([
                'Bucket' => $aws_s3_bucket,
                'Policy' => $bucketPolicy,
            ]);
        } catch (AwsException $e) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
            die();
        }
        try {
            $result = $s3Client->putBucketCors([
                'Bucket' => $aws_s3_bucket,
                'CORSConfiguration' => [
                    'CORSRules' => [
                        [
                            'AllowedHeaders' => ['*'],
                            'AllowedMethods' => ['GET','HEAD'],
                            'AllowedOrigins' => ['*'],
                            'ExposeHeaders' => ['Access-Control-Allow-Origin']
                        ],
                    ],
                ]
            ]);
        } catch (AwsException $e) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
            die();
        }
        break;
    case 'r2':
    case 'digitalocean':
        try {
            $result = $s3Client->putBucketCors([
                'Bucket' => $aws_s3_bucket,
                'CORSConfiguration' => [
                    'CORSRules' => [
                        [
                            'AllowedHeaders' => ['*'],
                            'AllowedMethods' => ['GET','HEAD'],
                            'AllowedOrigins' => ['*'],
                            'ExposeHeaders' => ['Access-Control-Allow-Origin']
                        ],
                    ],
                ]
            ]);
        } catch (AwsException $e) {
            $mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=0;");
            ob_end_clean();
            echo json_encode(array("status"=>"error","msg"=>$e->getMessage()));
            die();
        }
        break;
}

check_directory_s3($s3Client,$aws_s3_bucket,"viewer/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/content/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/content/thumb/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/gallery/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/gallery/thumb/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/icons/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/media/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/media/thumb/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/maps/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/videos/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/lowres/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/mobile/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/multires/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/original/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/preview/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/thumb/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/panoramas/thumb_custom/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/objects360/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/pointclouds/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/products/");
check_directory_s3($s3Client,$aws_s3_bucket,"viewer/products/thumb/");
check_directory_s3($s3Client,$aws_s3_bucket,"video360/");
check_directory_s3($s3Client,$aws_s3_bucket,"video/");
check_directory_s3($s3Client,$aws_s3_bucket,"video/assets/");

$mysqli->query("UPDATE svt_settings SET `aws_s3_enabled`=1;");
ob_end_clean();
echo json_encode(array("status"=>"ok"));

function doesFolderExists($s3_bucket_name,$s3Client,$folder) {
    $result = $s3Client->listObjects([
        'Bucket' => $s3_bucket_name,
        'Prefix' => $folder,
    ]);
    if (isset($result['Contents'])) {
        return true;
    } else {
        return false;
    }
}