public function actionView() { $request = \Yii::$app->request; $enc = new TrEnc(\Yii::$app->params['crypto'][0][0], \Yii::$app->params['crypto'][0][1]); $encrypted = substr($request->get('key'), 0, strrpos($request->get('key'), '.')); $params = $enc->decode($encrypted); $flag = $request->get('falg', ''); if ($flag) { switch ($flag) { case '@': $this->displayParams($params); break; } return; } $model = new Document(); $document = $model->findByParams($params); // check for view permission if ($document == null) { throw new HttpException(404); } $entity = Entity::getInstance($document->type, $document->refId); if ($entity == null) { throw new HttpException(404); } $filePath = \Yii::$app->params['document.basePath'] . Entity::$arrType[$document->type] . '/' . $document->srcPath; if (!is_readable($filePath)) { $filePath = \Yii::$app->params['document.basePath2'] . Entity::$arrType[$document->type] . '/' . $document->srcPath; } if (!file_exists($filePath)) { throw new HttpException(404); } $response = \Yii::$app->getResponse(); $response->headers->set('Content-Type', $document->mime); $response->format = \yii\web\Response::FORMAT_RAW; echo file_get_contents($filePath); }