Ejemplo n.º 1
0
 /**
  * Download a file.
  *
  * @internal
  */
 public function download()
 {
     // get and check sid
     if (empty($this->sid) || strlen($this->sid) > 32) {
         self::sendNotFound();
     }
     $db = DBConnection::getInstance();
     $db->beginTransaction();
     // get file details
     $stmt = $db->prepare("\n            SELECT\n                id,\n                content_oid,\n                mimetype,\n                size,\n                name,\n                to_char(modify,'Dy, DD Mon YYYY HH24:MI:SS TZ') AS modify\n            FROM tbl_file\n            WHERE\n                sid=:sid\n                AND visible IS TRUE\n                AND disabled IS FALSE\n            ");
     $stmt->bindParam('sid', $this->sid, \PDO::PARAM_INT);
     $stmt->execute();
     if ($stmt->rowCount() == 0) {
         self::sendNotFound();
     }
     $file = $stmt->fetch(\PDO::FETCH_ASSOC);
     // set path to unprocessed cache file
     $path_cachefile = sprintf(Application::$CACHE_ROOT . 'files/%s/%s.file', $this->sid[0], $this->sid);
     // load file from database if cache file doesn't exist
     $handle = false;
     if (file_exists($path_cachefile) === false) {
         // open db handle if no cached file available
         $handle = $db->pgsqlLOBOpen($file['content_oid'], 'r');
         if (feof($handle)) {
             self::sendNotFound();
         }
         // try to create cache
         if (!FileUtil::makedir(dirname($path_cachefile))) {
             error_log('cache' . $path_cachefile . ' not writeable');
         } else {
             // create cache file
             $fcache = fopen($path_cachefile, 'w');
             stream_copy_to_stream($handle, $fcache);
             fclose($fcache);
             // close db handle
             fclose($handle);
             $handle = false;
         }
     }
     // check wether path_sendfile is set explicitly
     if (!empty($this->path_sendfile)) {
         // update stat data if exists
         if (is_readable($this->path_sendfile)) {
             $stat = stat($this->path_sendfile);
             $file['modify'] = $stat['mtime'];
             $file['size'] = $stat['size'];
         } elseif (isset($this->processing) && method_exists($this, 'processCachefile')) {
             // check for processing
             $file['cachefile'] = $path_cachefile;
             $this->processCachefile($file);
         } else {
             self::sendNotFound();
         }
     } else {
         $this->path_sendfile = $path_cachefile;
     }
     if (!is_readable($this->path_sendfile) && !is_resource($handle)) {
         self::sendNotFound();
     }
     // check wether stats_disable is set
     if ($this->stats_disable === false) {
         // insert statistics
         $stmt = $db->prepare("\n                    INSERT INTO tbl_statistic_file (user_id, ip, file_id)\n                    VALUES (:user_id, :ip, :file_id)\n                ");
         if (is_null(Session::getUserId())) {
             $stmt->bindValue('user_id', null, \PDO::PARAM_NULL);
         } else {
             $stmt->bindValue('user_id', Session::getUserId(), \PDO::PARAM_INT);
         }
         $stmt->bindValue('ip', Request::getIp(), \PDO::PARAM_STR);
         $stmt->bindValue('file_id', $file['id'], \PDO::PARAM_INT);
         $stmt->execute();
     }
     $db->commit();
     // there is nothing to write, tell the session it is no longer needed (and thus no longer blocking output
     // flushing)
     session_write_close();
     // check if http_range is sent by browser
     if (isset($_SERVER['HTTP_RANGE'])) {
         $unit = explode('=', $_SERVER['HTTP_RANGE'])[0];
         if ($unit == 'bytes') {
             $range_list = explode('=', $_SERVER['HTTP_RANGE'], 2)[1];
             // multiple ranges could be specified at the same time, but for simplicity only serve the first range
             // http://tools.ietf.org/id/draft-ietf-http-range-retrieval-00.txt
             $ranges = explode(',', $range_list);
             foreach ($ranges as $range) {
                 $seek_start = explode('-', $range)[0];
                 $seek_end = explode('-', $range)[1];
                 // set valid and in range for seek end
                 if (empty($seek_end)) {
                     $seek_end = $file['size'] - 1;
                 } else {
                     $seek_end = min(abs($seek_end), $file['size'] - 1);
                 }
                 // set valid and in range for seek start
                 if (empty($seek_start) || $seek_end < abs($seek_start)) {
                     $seek_start = 0;
                 } else {
                     $seek_start = max(abs($seek_start), 0);
                 }
                 if (!is_resource($handle)) {
                     $handle = fopen($path_cachefile, 'rb');
                 }
                 // seek to start of missing part
                 if (($seek_start > 0 || $seek_end < $file['size'] - 1) && fseek($handle, $seek_start) !== -1) {
                     $length = $seek_end - $seek_start + 1;
                     header('HTTP/1.1 206 Partial Content');
                     header('Accept-Ranges: bytes');
                     header('Content-Range: bytes ' . $seek_start . '-' . $seek_end . '/' . $file['size']);
                     header('Content-Type: ' . $file['mimetype']);
                     header('Content-Disposition: attachment; filename="' . $file['name'] . '"');
                     header('Content-Length: ' . $length);
                     // start buffered download of 8 KB chunks while the connection is alive
                     $transfered = 0;
                     while (!feof($handle) && connection_status() == CONNECTION_NORMAL && $transfered < $length) {
                         // reset time limit for big files
                         set_time_limit(0);
                         // @codingStandardsIgnoreStart
                         echo fread($handle, 8192);
                         // @codingStandardsIgnoreEnd
                         $transfered += 8192;
                         flush();
                         ob_flush();
                     }
                     // while
                     fclose($handle);
                     exit;
                 }
                 // if fseek
             }
             // foreach ranges
         }
         // if unit bytes
     }
     // if http_range
     // prepare headers
     header('Last-Modified: ' . $file['modify']);
     header('Accept-Ranges: bytes');
     header('Content-Type: ' . $file['mimetype']);
     header('Content-Length: ' . $file['size']);
     header('Content-Transfer-Encoding: binary');
     session_cache_limiter(false);
     if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= strtotime($file['modify'])) {
         header('HTTP/1.0 304 Not Modified');
         exit;
     }
     if (is_resource($handle)) {
         // write to output buffer in small chunks to bypass memory limit of large files (which fpassthru would
         // exceed)
         while (!feof($handle) && connection_status() == CONNECTION_NORMAL) {
             // reset time limit for big files
             set_time_limit(0);
             // @codingStandardsIgnoreStart
             echo fread($handle, 8192);
             // @codingStandardsIgnoreEnd
             flush();
             ob_flush();
         }
         // while
         fclose($handle);
     } elseif (Config::get('use_sendfile') && in_array('mod_xsendfile', apache_get_modules())) {
         header('X-Sendfile: ' . $this->path_sendfile);
     } else {
         readfile($this->path_sendfile);
         exit;
     }
 }
Ejemplo n.º 2
0
 /**
  * Create a new Application instance.
  *
  * @api
  *
  * @param string $namespace (optional) namespace with trailing backslash
  * @param string $file_root (optional) location to the file root of the application, if null it will be guessed
  */
 public function __construct($namespace = '\\', $file_root = null)
 {
     // we want our own error handler
     set_error_handler(__CLASS__ . '::errorHandler');
     self::$NAMESPACE = $namespace;
     if ($file_root === null) {
         // guess for default composer installation
         self::$FILE_ROOT = dirname(dirname(dirname(dirname(__DIR__))));
     } else {
         self::$FILE_ROOT = $file_root;
     }
     self::$FILE_ROOT = rtrim(self::$FILE_ROOT, '/') . '/';
     self::$WEB_ROOT = self::$FILE_ROOT . 'public/';
     self::$CACHE_ROOT = self::$FILE_ROOT . 'tmp/';
     self::$INSTANCE = $this;
     //var_dump(\FeM\sPof\model\DBConnection::getInstance());
     if (!\FeM\sPof\model\DBConnection::isOnline()) {
         die(_('No Datebase connection.'));
     }
 }
Ejemplo n.º 3
0
 /**
  * Returns a new prepared Statement. Assign values to it and fetch the results in the end.
  *
  * @api
  *
  * @param string $statement sql query with params
  *
  * @return \FeM\sPof\model\DBStatement
  */
 protected static final function createStatement($statement)
 {
     return DBConnection::getInstance()->prepare($statement);
 }
Ejemplo n.º 4
0
 /**
  * Send result (was action executed as desired and the resulting message) as JSON and stop further execution.
  *
  * @internal
  *
  * @param bool $success action was executed
  * @param string $message
  */
 private function sendJson($success, $message)
 {
     // close transaction, if present
     if ($this->atomic) {
         DBConnection::getInstance()->commit();
     }
     Logger::getInstance()->stackData();
     // @codingStandardsIgnoreStart
     echo json_encode(['success' => $success, 'message' => $message]);
     // @codingStandardsIgnoreEnd
     exit;
 }