_encryptionKey); if(!($tokenstr = $token->jwtDecode($_GET['hash']))) exit; $tokendata = json_decode($tokenstr, true); if (!isset($tokendata['d']) || !is_numeric($tokendata['d'])) { exit; } $document = $dms->getDocument($tokendata['d']); if (!is_object($document)) { exit; } if (!isset($tokendata['u']) || !is_numeric($tokendata['u'])) { exit; } $user = $dms->getUser($tokendata['u']); if (!is_object($user)) { exit; } if ($document->getAccessMode($user) < M_READ) { exit; } if (!isset($tokendata['v']) || !is_numeric($tokendata['v'])) { exit; } $controller = Controller::factory('Preview', array('dms'=>$dms, 'user'=>$user)); $controller->setParam('width', !empty($tokendata["w"]) ? $tokendata["w"] : null); $controller->setParam('document', $document); $controller->setParam('version', $tokendata['v']); $controller->setParam('type', 'version'); if(!$controller->run()) { header('Content-Type: image/svg+xml'); readfile('../views/'.$theme.'/images/empty.svg'); exit; }