| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- <?php
- Lib::loadClass('RouteBase');
- Lib::loadClass('FoldersConfig');
- Lib::loadClass('FileStorage');
- class Route_HtaccessGetFile extends RouteBase {
- public function handleAuth() {
- if (!User::logged()) {
- throw new HttpException('Unauthorized', 401);
- }
- }
- public function defaultAction() {
- try {
- $file = V::get('file', '', $_GET);
- if (!$file) throw new Exception('Empty parameter');
- if (preg_grep('/^\./', explode('/', $file))) throw new Exception("Access denied (dot at the beginning of each path's element not allowed) - {$file}");
- $file = FoldersConfig::getRootPoint('mount_point') . DIRECTORY_SEPARATOR . $file;
- if (!file_exists($file)) throw new Exception("File not found - {$file}");
- if (!is_file($file)) throw new Exception("It's not a file - {$file}");
- if (!is_readable($file)) throw new Exception("Cannot read file - {$file}");
- $fileType = FileStorage::getMimeType($file);
- $fileName = basename($file);
- $fileSize = filesize($file);
- header("Content-Type: {$fileType}");
- header("Content-Disposition: filename={$fileName};");
- header("Content-Transfer-Encoding: binary");
- header("Content-Length: {$fileSize}");
- echo file_get_contents($file);
- } catch (Exception $e) {
- error_log($e->getMessage());
- header('Location: ' . Request::getPathUri());
- }
- }
- }
|
