esp-signed-updater-mqtt/arduino-download.php

59 lines
1.7 KiB
PHP
Raw Normal View History

2020-05-06 21:24:25 +02:00
<?php
header('Content-type: text/plain; charset=utf8', true);
function check_header($k, $v = false) {
if (!isset($_SERVER[$k]))
return false;
if ($v && $_SERVER[$k] !== $v)
return false;
return true;
}
# validate the headers
if (!check_header('HTTP_USER_AGENT', 'ESP8266-http-Update') ||
!check_header('HTTP_X_ESP8266_STA_MAC') ||
!check_header('HTTP_X_ESP8266_AP_MAC') ||
!check_header('HTTP_X_ESP8266_FREE_SPACE') ||
!check_header('HTTP_X_ESP8266_SKETCH_SIZE') ||
!check_header('HTTP_X_ESP8266_SKETCH_MD5') ||
!check_header('HTTP_X_ESP8266_CHIP_SIZE') ||
!check_header('HTTP_X_ESP8266_SDK_VERSION')
) {
header($_SERVER["SERVER_PROTOCOL"].' 403 Forbidden', true, 403);
exit();
}
# sanitize inputs
$room = preg_replace('/[^A-Za-z0-9_\-\.]/', '', $_GET['room']);
$device = preg_replace('/[^A-Za-z0-9_\-\.]/', '', $_GET['device']);
$version = preg_replace('/[^A-Za-z0-9_\-\.]/', '', $_SERVER['HTTP_X_ESP8266_VERSION']);
$filenames = glob("./arduino-images/$room/$device/*.bin");
$path = false;
if (is_array($filenames)) {
$num = count($filenames);
if ($num >= 1) {
$newest = $filenames[$num - 1];
if (preg_match('/\/(\d+).bin$/', $newest, $matches)) {
$server_version = $matches[1];
if ((int) $server_version > (int) $version) {
$path = $newest;
}
}
}
}
if ($path) {
header($_SERVER["SERVER_PROTOCOL"].' 200 OK', true, 200);
header('Content-Type: application/octet-stream', true);
header('Content-Disposition: attachment; filename='.basename($path));
header('Content-Length: '.filesize($path), true);
header('x-MD5: '.md5_file($path), true);
readfile($path);
} else {
header($_SERVER["SERVER_PROTOCOL"].' 304 Not Modified', true, 304);
}
?>