public function exec($mode = "basic", $params = array())
{
$res = $this->check($params);
if ($this->check($params)) {
$this->file = \CFile::getByID($this->id)->fetch();
if ($mode == "resize" && ($file = \CFile::ResizeImageGet($this->id, $params, BX_RESIZE_IMAGE_PROPORTIONAL, true)) && $file) {
$this->file["SRC"] = $file["src"];
$this->file["WIDTH"] = $file["width"];
$this->file["HEIGHT"] = $file["height"];
$this->file["FILE_SIZE"] = $file["size"];
}
\CFile::ViewByUser($this->file, array("force_download" => false, 'cache_time' => 0));
}
}
$fileId = intval($_REQUEST["i"]);
$fileAction = $_REQUEST["act"] == "v" ? "view" : "download";
if (strlen($fileName) <= 0 || $fileId <= 0 || strlen($fileAction) <= 0) {
die("Error1");
}
$arImg = CFile::GetFileArray($fileId);
if (!$arImg) {
die("Error2");
}
if (strlen($arImg["FILE_NAME"]) != strlen($fileName) || $arImg["FILE_NAME"] != $fileName) {
die("Error3");
}
if (strlen($arImg["SUBDIR"]) <= 0 || substr($arImg["SUBDIR"], 0, strlen("bizproc_wf/")) != "bizproc_wf/") {
die("Error4");
}
set_time_limit(0);
if ($fileAction == "download") {
CFile::ViewByUser($arImg, array("force_download" => true));
} else {
$contentType = strtolower($arImg["CONTENT_TYPE"]);
if (strpos($contentType, "image/") !== false && strpos($contentType, "html") === false && (CFile::GetImageSize($_SERVER["DOCUMENT_ROOT"] . $arImg["SRC"]) || $arFile["WIDTH"] > 0 && $arImg["HEIGHT"] > 0)) {
$contentType = $contentType;
} elseif (strpos($contentType, "excel") !== false) {
$contentType = "application/vnd.ms-excel";
} elseif (strpos($contentType, "word") !== false) {
$contentType = "application/msword";
} else {
$contentType = "application/octet-stream";
}
CFile::ViewByUser($arImg, array("content_type" => $contentType));
}
<?php
/*
##############################################
# Bitrix: SiteManager #
# Copyright (c) 2002 - 2011 Bitrix #
# http://www.bitrixsoft.com #
# mailto:admin@bitrixsoft.com #
##############################################
*/
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php";
if (CModule::IncludeModule("support") && strlen($hash) > 0 && preg_match('/^[a-z0-9]{32}$/i', $hash)) {
$rsFiles = CTicket::GetFileList($v1 = "s_id", $v2 = "asc", array("HASH" => $hash), 'Y');
if ($rsFiles && ($arFile = $rsFiles->Fetch())) {
set_time_limit(0);
$options = array();
if ($_REQUEST["action"] == "download") {
$options["force_download"] = true;
}
CFile::ViewByUser($arFile, $options);
}
}
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
ShowError(GetMessage("SUP_ERROR_ATTACH_NOT_FOUND"));
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
foreach ($arFiles as $file) {
if ($fileId == $file['fileID']) {
$result["FILE"] = CFile::GetFileArray($fileId);
break;
}
}
}
}
if (!is_array($result["FILE"])) {
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
ShowError("File not found");
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
die;
}
set_time_limit(0);
CFile::ViewByUser($result["FILE"]);
} else {
$bAdminAction = substr($action, 0, 6) == 'admin_' || $action == 'calendar_show' || $action == 'add_comment_entry' || $action == 'add_comment_full_report' || $action == 'user_report_edit';
if (!CTimeMan::CanUse($bAdminAction)) {
echo "{error: 'access denied', type: 'fatal'}";
} else {
CUtil::JSPostUnescape();
$error = false;
$bReturnRes = false;
$bGetFullInfo = $_REQUEST['full'] == 'Y';
$obUser = CTimeManUser::instance();
$obUser->SITE_ID = $_REQUEST['site_id'];
switch ($action) {
case "report_full_setting":
$bReturnRes = true;
if ($_POST["id"]) {
$rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"]));
while ($ar = $rsElement->GetNext()) {
if (isset($ar[$arParams["FIELD_ID"]])) {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"]];
} elseif (isset($ar[$arParams["FIELD_ID"] . "_VALUE"])) {
if (is_array($ar[$arParams["FIELD_ID"] . "_VALUE"])) {
$arResult["FILES"] = array_merge($arResult["FILES"], $ar[$arParams["FIELD_ID"] . "_VALUE"]);
} else {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"] . "_VALUE"];
}
}
$arResult["ELEMENT"] = $ar;
}
} elseif ($SECTION_ID > 0) {
$rsSection = CIBlockSection::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $SECTION_ID, "GLOBAL_ACTIVE" => "Y", "CHECK_PERMISSIONS" => "N"), false, array("ID", $arParams["FIELD_ID"]));
while ($ar = $rsSection->GetNext()) {
if (isset($ar[$arParams["FIELD_ID"]])) {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"]];
}
$arResult["SECTION"] = $ar;
}
}
if (!in_array($arParams["FILE_ID"], $arResult["FILES"])) {
ShowError(GetMessage("CC_BLF_WRONG_FILE"));
} else {
$arFile = CFile::GetFileArray($arParams["FILE_ID"]);
if (is_array($arFile)) {
$force_download = isset($_REQUEST["download"]) && $_REQUEST["download"] === "y";
CFile::ViewByUser($arParams["FILE_ID"], array("content_type" => $arFile["CONTENT_TYPE"], "force_download" => $force_download));
}
}
CRMModeOutput($ID);
if (strlen($apply) > 0 || $_REQUEST["action"] == "ps_update")
LocalRedirect("sale_order_detail.php?ID=".$ID."&save_order_result=ok_ps&lang=".LANGUAGE_ID.GetFilterParams("filter_", false));
CSaleOrder::UnLock($ID);
LocalRedirect("sale_order.php?lang=".LANGUAGE_ID.GetFilterParams("filter_", false));
}
}
elseif (isset($_REQUEST["download"]) && $_REQUEST["download"] == "Y")
{
if (isset($_REQUEST["file_id"]) && intval($_REQUEST["file_id"]) > 0)
{
$arFile = CFile::GetFileArray(intval($_REQUEST["file_id"]));
set_time_limit(0);
CFile::ViewByUser($arFile, array("force_download" => true));
}
}
}
elseif (array_key_exists('dontsave', $_REQUEST) && 'Y' == $_REQUEST['dontsave'])
{
$intLockUserID = 0;
$strLockTime = '';
if (!CSaleOrder::IsLocked($ID, $intLockUserID, $strLockTime))
CSaleOrder::UnLock($ID);
if ($crmMode)
CRMModeOutput($ID);
LocalRedirect("sale_order.php?lang=".LANGUAGE_ID.GetFilterParams("filter_", false));
}
/****************/
public function viewFile($hash)
{
$file = false;
$copy = "";
if (strpos($hash, "_") > 0) {
$copy = explode("_", $hash);
$hash = $copy[0];
$copy = $copy[1];
}
$copy = !!$copy ? $copy : "default";
if (FileInputUtility::instance()->checkFile($this->CID, $hash)) {
$file = $this->getFromCache($hash);
$file = $file["files"][$copy];
}
if ($file) {
\CFile::ViewByUser($file, array("content_type" => $file["type"]));
}
}
if (!$row) {
die("Error: BP not found");
}
$files = (array) $row[$fileName];
$key = array_search($fileId, $files);
if ($key !== false) {
set_time_limit(0);
CFile::ViewByUser($files[$key], $options);
} else {
die("Error: File not found");
}
}
die;
}
$rawName = trim($_REQUEST["f"]);
$arImg = CFile::GetFileArray($fileId);
if (!$arImg) {
die("Error2");
}
if (strlen($arImg["FILE_NAME"]) != strlen($rawName) || $arImg["FILE_NAME"] != $rawName) {
die("Error3");
}
if (strlen($arImg["SUBDIR"]) <= 0) {
die("Error4");
}
if (substr($arImg["SUBDIR"], 0, strlen("bizproc_wf/")) != "bizproc_wf/" && (strlen($filePathHash) <= 0 || $filePathHash != md5($arImg["SUBDIR"]))) {
die("Error5");
}
set_time_limit(0);
CFile::ViewByUser($arImg, $options);
// *************************/Default params*************************************************************
set_time_limit(0);
if ($arParams["ACTION"] == "download") {
CFile::ViewByUser($arResult["FILE"], array("force_download" => true));
} else {
if (CFile::CheckImageFile(CFile::MakeFileArray($arResult["FILE"]["FILE_ID"])) === null && (file_exists($_SERVER["DOCUMENT_ROOT"] . $arResult["FILE"]["SRC"]) && CFile::GetImageSize($_SERVER["DOCUMENT_ROOT"] . $arResult["FILE"]["SRC"]) || $arResult["FILE"]["WIDTH"] > 0 && $arResult["FILE"]["HEIGHT"] > 0)) {
if ($arParams['WIDTH'] > 0 && $arParams['HEIGHT'] > 0) {
$imageFile = $arResult['FILE'];
$arFileTmp = CFile::ResizeImageGet($imageFile, array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), BX_RESIZE_IMAGE_PROPORTIONAL, true);
$imageFile["FILE_SIZE"] = $arFileTmp['size'];
$imageFile["SRC"] = $arFileTmp['src'];
CFile::ViewByUser($imageFile, array("content_type" => $arResult["FILE"]["CONTENT_TYPE"]));
} else {
CFile::ViewByUser($arResult["FILE"], array("content_type" => $arResult["FILE"]["CONTENT_TYPE"]));
}
} else {
$ct = strtolower($arResult["FILE"]["CONTENT_TYPE"]);
if (strpos($ct, "excel") !== false) {
CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/vnd.ms-excel"));
} elseif (strpos($ct, "word") !== false) {
CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/msword"));
} else {
CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/octet-stream", "force_download" => true));
}
}
}
// *****************************************************************************************
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
echo ShowError(GetMessage("F_ATTACH_NOT_FOUND"));
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
// *****************************************************************************************
case "dbf":
case "csv":
CFile::ViewByUser($arFile, array("content_type" => "application/vnd.ms-excel"));
break;
case "doc":
case "docx":
case "dot":
case "rtf":
CFile::ViewByUser($arFile, array("content_type" => "application/msword"));
break;
case "xml":
case "pdf":
CFile::ViewByUser($arFile, array("force_download" => true));
break;
case 'rar':
CFile::ViewByUser($arFile, array("content_type" => "application/x-rar-compressed"));
break;
case 'zip':
CFile::ViewByUser($arFile, array("content_type" => "application/zip"));
break;
default:
CFile::ViewByUser($arFile, array("specialchars" => true));
break;
}
}
}
}
}
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
echo ShowError(GetMessage("SUP_ERROR_ATTACH_NOT_FOUND"));
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
/**
* @param $ID
* @param int $WF_ID
* @param bool $NotCheckWebRights
* @param array $params
*/
function SendHistoryFile($ID, $WF_ID = 0, $NotCheckWebRights = false, $params = array())
{
$ID = intval($ID);
$WF_ID = intval($WF_ID);
if ($ID <= 0) {
return;
}
list($contextType, $contextEntityId) = $this->getContextData();
if (CWebDavSymlinkHelper::isLinkElement($contextType, $contextEntityId, $ID)) {
$parentSectionData = CWebDavSymlinkHelper::getLinkDataOfElement($contextType, $contextEntityId, $ID);
if ($parentSectionData) {
$linkWebdav = new self($parentSectionData[self::UF_LINK_IBLOCK_ID], $this->base_url . $this->_path, array('ROOT_SECTION_ID' => $parentSectionData[self::UF_LINK_SECTION_ID], 'symlinkMode' => true, 'symlinkSectionData' => $parentSectionData, 'symlinkRealRootSectionData' => $this->arRootSection));
if ($this->withoutAuthorization) {
$linkWebdav->withoutAuthorization = true;
}
return $linkWebdav->SendHistoryFile($ID, $WF_ID, $NotCheckWebRights, $params);
}
}
$io = self::GetIo();
list($arFile, $options, $fullpath, $filename) = $this->getHistoryFileData($ID, $WF_ID, $params);
if (empty($arFile)) {
return;
}
$options["logica_full_path"] = $fullpath;
if (!file_exists($fullpath) && file_exists($io->GetPhysicalName($fullpath))) {
$fullpath = $io->GetPhysicalName($fullpath);
}
$options["path"] = $this->_path;
$options["mimetype"] = !empty($arFile["CONTENT_TYPE"]) && $arFile["CONTENT_TYPE"] != "unknown" && $arFile["CONTENT_TYPE"] != "application/octet-stream" ? $arFile["CONTENT_TYPE"] : $this->get_mime_type($filename);
$options["size"] = !empty($arFile["FILE_SIZE"]) ? $arFile["FILE_SIZE"] : 0;
$options["name"] = $filename;
if (!$NotCheckWebRights) {
$arElementData = $this->GetObject(array("element_id" => $ID, "check_permissions" => false), false);
if (!$this->CheckWebRights("", array("action" => "read", "arElement" => $arElementData), false)) {
return;
}
}
if ($options["resized"] == "Y" || $params["cache_image"] == "Y") {
CFile::ViewByUser($arFile, array("content_type" => $options["mimetype"], "cache_time" => $options["cache_time"]));
}
if (file_exists($fullpath)) {
if (empty($options['size'])) {
$options['size'] = filesize($fullpath);
}
$options["mtime"] = filemtime($fullpath);
$options["stream"] = fopen($fullpath, "r");
}
$x = $this->SendFile($options);
//, true
}
if (empty($arResult["MESSAGE"])) {
$arError = array("code" => "EMPTY MESSAGE", "title" => GetMessage("F_EMPTY_MID"));
} elseif ($arParams["PERMISSION"]) {
if ($arParams["PERMISSION"] < "E") {
$arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT"));
}
} elseif (ForumCurrUserPermissions($arResult["MESSAGE"]["FORUM_ID"]) < "E") {
$arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT"));
}
}
if (!empty($arError)) {
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
ShowError(!empty($arError["title"]) ? $arError["title"] : $arError["code"]);
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
die;
}
// *************************/Default params*************************************************************
set_time_limit(0);
$options = array();
if ($arParams["ACTION"] == "download") {
$options["force_download"] = true;
}
if (CFile::IsImage($arResult["FILE"]["ORIGINAL_NAME"], $arResult["FILE"]["CONTENT_TYPE"])) {
if ($arParams['WIDTH'] > 0 && $arParams['HEIGHT'] > 0) {
$arFileTmp = CFile::ResizeImageGet($arResult['FILE'], array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), BX_RESIZE_IMAGE_PROPORTIONAL, true);
$arResult['FILE']["FILE_SIZE"] = $arFileTmp['size'];
$arResult['FILE']["SRC"] = $arFileTmp['src'];
}
}
CFile::ViewByUser($arResult["FILE"], $options);
}
} else {
$rsLog = CSocNetLog::GetList(array(), array("UF_SONET_LOG_FILE" => $arParams["FILE_ID"]), false, false, array("ID"), array("CHECK_RIGHTS" => "Y"));
if ($rsLog && ($arLog = $rsLog->Fetch())) {
$arResult["FILE_INFO"] = array("LOG_ID" => $arLog["ID"]);
}
}
}
}
if (empty($arResult["FILE"])) {
$arError = array("code" => "EMPTY FILE", "title" => GetMessage("F_EMPTY_FID"));
} elseif (empty($arResult["FILE_INFO"])) {
$arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT"));
}
if (!empty($arError)) {
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php";
ShowError(!empty($arError["title"]) ? $arError["title"] : $arError["code"]);
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
die;
}
// *************************/Default params*************************************************************
set_time_limit(0);
if (CFile::IsImage($arResult["FILE"]["FILE_NAME"], $arResult["FILE"]["CONTENT_TYPE"])) {
if ($arResult["FILE"]["WIDTH"] > $arParams["WIDTH"] || $arResult["FILE"]["HEIGHT"] > $arParams["HEIGHT"]) {
$arFileTmp = CFile::ResizeImageGet($arResult["FILE"], array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), $_REQUEST["type"] == "square" ? BX_RESIZE_IMAGE_EXACT : BX_RESIZE_IMAGE_PROPORTIONAL, true);
$arResult["FILE"]["FILE_SIZE"] = $arFileTmp["size"];
$arResult["FILE"]["SRC"] = $arFileTmp["src"];
}
}
CFile::ViewByUser($arResult["FILE"], array("cache_time" => 86400));
private static function InnerWriteFileToResponse($fileID, &$errors, $options = array())
{
$fileInfo = CFile::GetFileArray($fileID);
if (!is_array($fileInfo)) {
$errors[] = 'File not found';
return false;
}
$options = is_array($options) ? $options : array();
// Ñrutch for CFile::ViewByUser. Waiting for main 14.5.2
$options['force_download'] = true;
set_time_limit(0);
CFile::ViewByUser($fileInfo, $options);
return true;
}
if ($ELEMENT_ID > 0) {
$rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"]));
while ($ar = $rsElement->GetNext()) {
if (isset($ar[$arParams["FIELD_ID"]])) {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"]];
} elseif (isset($ar[$arParams["FIELD_ID"] . "_VALUE"])) {
if (is_array($ar[$arParams["FIELD_ID"] . "_VALUE"])) {
$arResult["FILES"] = array_merge($arResult["FILES"], $ar[$arParams["FIELD_ID"] . "_VALUE"]);
} else {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"] . "_VALUE"];
}
}
$arResult["ELEMENT"] = $ar;
}
} elseif ($SECTION_ID > 0) {
$rsSection = CIBlockSection::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $SECTION_ID, "GLOBAL_ACTIVE" => "Y", "CHECK_PERMISSIONS" => "N"), false, array("ID", $arParams["FIELD_ID"]));
while ($ar = $rsSection->GetNext()) {
if (isset($ar[$arParams["FIELD_ID"]])) {
$arResult["FILES"][] = $ar[$arParams["FIELD_ID"]];
}
$arResult["SECTION"] = $ar;
}
}
if (!in_array($arParams["FILE_ID"], $arResult["FILES"])) {
ShowError(GetMessage("CC_BLF_WRONG_FILE"));
} else {
$arFile = CFile::GetFileArray($arParams["FILE_ID"]);
if (is_array($arFile)) {
CFile::ViewByUser($arParams["FILE_ID"], array("content_type" => $arFile["CONTENT_TYPE"], "force_download" => isset($_REQUEST["download"]) && $_REQUEST["download"] === "y"));
}
}