updated to laravel 11

public/.htaccess

@@ -3,31 +3,8 @@
         Options -MultiViews -Indexes
     </IfModule>
 
-    <IfModule mod_headers.c>
-        <FilesMatch "^(uploads|img)/.+">
-            <If "%{QUERY_STRING} =~ /(^|&)download=1($|&)/">
-                Header set Content-Disposition "attachment"
-            </If>
-        </FilesMatch>
-    </IfModule>
-
     RewriteEngine On
 
-    # Block access to .git directory
-	RewriteRule .*\.git/.* - [L,R=404]
-
-    # Force HTTPS
-    RewriteCond %{HTTPS} !=on
-    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
-
-    # Support shortlinks
-    RewriteCond %{HTTP_HOST} ^(www\.)?stemmech\.com\.au$ [NC]
-    RewriteRule ^(.*)$ shortlink.php?code=$1 [L,QSA]
-
-    # Add www subdomain if missing
-    RewriteCond %{HTTP_HOST} ^stemmechanics.com.au$ [NC]
-    RewriteRule (.*) https://www.stemmechanics.com.au/$1 [R=301,L]
-
     # Handle Authorization Header
     RewriteCond %{HTTP:Authorization} .
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -37,31 +14,8 @@
     RewriteCond %{REQUEST_URI} (.+)/$
     RewriteRule ^ %1 [L,R=301]
 
-    # Pass to media handler if the media request has query
-    #RewriteCond %{REQUEST_FILENAME} -f
-    #RewriteCond %{QUERY_STRING} .
-    #RewriteRule ^uploads/(.+)\.(jpe?g|png)$ media.php?url=uploads/$1.$2 [NC,QSA,L]
-
-    # AddEncoding allows you to have certain browsers uncompress information on the fly.
-    AddEncoding gzip .gz
-
-    #Serve gzip compressed CSS files if they exist and the client accepts gzip.
-    RewriteCond %{HTTP:Accept-encoding} gzip
-    RewriteCond %{REQUEST_FILENAME}\.gz -s
-    RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
-
-    # Serve gzip compressed JS files if they exist and the client accepts gzip.
-    RewriteCond %{HTTP:Accept-encoding} gzip
-    RewriteCond %{REQUEST_FILENAME}\.gz -s
-    RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
-
-    # Serve correct content types, and prevent mod_deflate double gzip.
-    RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
-    RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
-
     # Send Requests To Front Controller...
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteRule ^ index.php [L]
-
 </IfModule>

public/assets/fileicons/.htaccess

@@ -1,3 +0,0 @@
-RewriteEngine on
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule \.png$ unknown.png [L]

public/assets/hamburger.svg

@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg width="24" height="24" version="1.1" viewBox="0 0 6.3499998 6.3499998" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
-<metadata>
-<rdf:RDF>
-<cc:Work rdf:about="">
-<dc:format>image/svg+xml</dc:format>
-<dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/>
-<dc:title/>
-</cc:Work>
-</rdf:RDF>
-</metadata>
-<g transform="translate(0,-290.65)">
-<path transform="matrix(.26458 0 0 .26458 0 290.65)" d="m4 3c-1.108 0-2 0.89201-2 2s0.89201 2 2 2h16c1.108 0 2-0.89201 2-2s-0.89202-2-2-2h-16zm0 6.7773c-1.108 0-2 0.94178-2 2.1113s0.89201 2.1113 2 2.1113h16c1.108 0 2-0.94178 2-2.1113s-0.89201-2.1113-2-2.1113h-16zm0 7c-1.108 0-2 0.94178-2 2.1113s0.89203 2.1113 2 2.1113h16c1.108 0 2-0.94178 2-2.1113s-0.89203-2.1113-2-2.1113h-16z" fill="color"/>
-</g>
-</svg>

public/index.php

@@ -1,55 +1,17 @@
 <?php
 
-use Illuminate\Contracts\Http\Kernel;
 use Illuminate\Http\Request;
 
 define('LARAVEL_START', microtime(true));
 
-/*
-|--------------------------------------------------------------------------
-| Check If The Application Is Under Maintenance
-|--------------------------------------------------------------------------
-|
-| If the application is in maintenance / demo mode via the "down" command
-| we will load this file so that any pre-rendered content can be shown
-| instead of starting the framework, which could cause an exception.
-|
-*/
-
+// Determine if the application is in maintenance mode...
 if (file_exists($maintenance = __DIR__.'/../storage/framework/maintenance.php')) {
     require $maintenance;
 }
 
-/*
-|--------------------------------------------------------------------------
-| Register The Auto Loader
-|--------------------------------------------------------------------------
-|
-| Composer provides a convenient, automatically generated class loader for
-| this application. We just need to utilize it! We'll simply require it
-| into the script here so we don't need to manually load our classes.
-|
-*/
-
+// Register the Composer autoloader...
 require __DIR__.'/../vendor/autoload.php';
 
-/*
-|--------------------------------------------------------------------------
-| Run The Application
-|--------------------------------------------------------------------------
-|
-| Once we have the application, we can handle the incoming request using
-| the application's HTTP kernel. Then, we will send the response back
-| to this client's browser, allowing them to enjoy our application.
-|
-*/
-
-$app = require_once __DIR__.'/../bootstrap/app.php';
-
-$kernel = $app->make(Kernel::class);
-
-$response = $kernel->handle(
-    $request = Request::capture()
-)->send();
-
-$kernel->terminate($request, $response);
+// Bootstrap Laravel and handle the request...
+(require_once __DIR__.'/../bootstrap/app.php')
+    ->handleRequest(Request::capture());

public/media.php

@@ -1,83 +0,0 @@
-<?php
-// file deepcode ignore PT: Input is sanitized using realpath which is ignored by Snyk
-// file deepcode ignore Ssrf: Input is sanitized using realpath which is ignored by Snyk
-
-$filepath = "";
-if (isset($_GET['url'])) {
-    $filepath = realpath($_GET['url']);
-}
-
-if ($filepath !== false && strlen($filepath) > 0 && strpos($_GET['url'], 'uploads/') === 0 && is_file($filepath)) {
-    if(isset($_GET['size'])) {
-        $availableSizes = ['thumb', 'small', 'medium', 'large', 'xlarge']; // we ignore full as its the original file
-        $requestedSize = strtolower($_GET['size']);
-        $requestedSizeIndex = array_search($requestedSize, $availableSizes);
-        
-        // Loop through the array from the requested size index
-        if($requestedSizeIndex !== false) {
-            for ($i = $requestedSizeIndex; $i < count($availableSizes); $i++) {
-                $sizePath = pathinfo($filepath, PATHINFO_DIRNAME) . '/' . pathinfo($filepath, PATHINFO_FILENAME) . "-$availableSizes[$i]." . pathinfo($filepath, PATHINFO_EXTENSION);
-                if (file_exists($sizePath)) {
-                    $filepath = $sizePath;
-                    break;
-                }
-            }
-        }
-
-        // Output the original image to the browser
-        header('Content-Type:  '. mime_content_type($filepath));
-        header('Content-Disposition: inline; filename=' . pathinfo($filepath, PATHINFO_FILENAME) . '.' . pathinfo($filepath, PATHINFO_EXTENSION));
-        readfile($filepath);
-    } else {
-        $newWidth = (isset($_GET['w']) ? intval($_GET['w']) : -1);
-        $newHeight = (isset($_GET['h']) ? intval($_GET['h']) : -1);
-
-        if($newWidth != -1 || $newHeight != -1) {
-            $image = imagecreatefromstring(file_get_contents($filepath));
-
-            $width = imagesx($image);
-            $height = imagesy($image);
-
-            $aspectRatio = $width / $height;
-
-            if($newWidth == -1) {
-                $newWidth = intval($newHeight * $aspectRatio);
-            }
-
-            if($newHeight == -1) {
-                $newHeight = intval($newWidth / $aspectRatio);
-            }
-
-            $newImage = imagecreatetruecolor($newWidth, $newHeight);
-            imagecopyresampled($newImage, $image, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height);
-
-            // Output the resized image to the browser
-            $mime_type = mime_content_type($_GET['url']);
-            header('Content-Type: ' . $mime_type);
-            switch($mime_type) {
-                case "image/jpeg":
-                    imagejpeg($newImage);
-                    break;
-                case "image/gif":
-                    imagegif($newImage);
-                    break;
-                case "image/png":
-                    imagepng($newImage);
-                    break;
-            }
-            imagedestroy($newImage);
-
-            // Clean up the image resources
-            imagedestroy($image);
-        } else {
-            // Output the original image to the browser
-            header('Content-Type:  '. mime_content_type($filepath));
-            header('Content-Disposition: inline; filename=' . pathinfo($filepath, PATHINFO_FILENAME) . '.' . pathinfo($filepath, PATHINFO_EXTENSION));
-            readfile($filepath);
-        }
-    }
-} else {
-    // Return a 404 error
-    header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
-    exit;
-}

public/shortlink.php

@@ -1,51 +0,0 @@
-<?php
-
-require_once __DIR__ . '/../vendor/autoload.php';
-
-$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . '/..');
-$dotenv->load();
-
-$dbHost = $_ENV['DB_HOST'];
-$dbPort = $_ENV['DB_PORT'];
-$dbName = $_ENV['DB_DATABASE'];
-$dbUser = $_ENV['DB_USERNAME'];
-$dbPass = $_ENV['DB_PASSWORD'];
-
-// create connection
-$conn = new mysqli($dbHost, $dbUser, $dbPass, $dbName, $dbPort);
-
-// check connection
-if ($conn->connect_error) {
-    die("Connection failed: " . $conn->connect_error);
-}
-
-// get code from URL
-$code = $_SERVER['REQUEST_URI'];
-$code = trim($code, '/');
-if (($pos = strpos($code, '?')) !== false) {
-    $code = substr($code, 0, $pos);
-}
-
-// lookup code in database
-$sql = "SELECT url, used FROM shortlinks WHERE code = ?";
-$stmt = $conn->prepare($sql);
-$stmt->bind_param("s", $code);
-$stmt->execute();
-$result = $stmt->get_result();
-
-// if code is found, redirect to URL and update 'used' column
-if ($result->num_rows > 0) {
-    $row = $result->fetch_assoc();
-    $url = $row["url"];
-    $used = $row["used"] + 1;
-    $updateSql = "UPDATE shortlinks SET used = $used WHERE code = ?";
-    $stmt = $conn->prepare($updateSql);
-    $stmt->bind_param("s", $code);
-    $stmt->execute();
-    header("Location: " . $url);
-    exit();
-} else {
-    // if code is not found, redirect to default URL
-    header("Location: https://www.stemmechanics.com.au/");
-    exit();
-}