/**
* Upload a file
*
* @return void
*/
public function downloadTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
$file = urldecode(Request::getVar('file', '', 'get', 'none', 2));
if (!file_exists(PATH_ROOT . DS . $file)) {
App::abort(404, Lang::txt('COM_GROUPS_ERROR_FILE_NOT_FOUND') . ' ' . PATH_ROOT . DS . $file);
}
$extension = Filesystem::extension($file);
// new content server
$contentServer = new \Hubzero\Content\Server();
$contentServer->filename(PATH_ROOT . DS . $file);
$contentServer->disposition('attachment');
$contentServer->acceptranges(false);
// do we need to manually set mime type
if ($extension == 'css') {
$contentServer->setContentType('text/css');
}
if ($extension == 'php') {
$contentServer->setContentType('text/plain');
}
// Serve up the file
if (!$contentServer->serve()) {
App::abort(500, Lang::txt('COM_GROUPS_SERVER_ERROR'));
}
exit;
}
/**
* Download XSD
*
* @return void
*/
public function xsdTask()
{
$path = $this->getSchema();
if (file_exists($path)) {
$server = new \Hubzero\Content\Server();
$server->filename($path);
$server->disposition('attachment');
$server->acceptranges(true);
$server->saveas(basename($path));
if (!$server->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_PUBLICATIONS_SERVER_ERROR'), 404);
} else {
exit;
}
}
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_PUBLICATIONS_BATCH_ERROR_NO_XSD'), 'error');
}
/**
* Serve publication content
* Determine how to render depending on master type, attachment type and user choice
* Defaults to download
*
* @return void
*/
public function serveTask()
{
// Incoming
$aid = Request::getInt('a', 0);
// Attachment id
$elementId = Request::getInt('el', 1);
// Element id
$render = Request::getVar('render', '');
$vid = Request::getInt('vid', '');
$file = Request::getVar('file', '');
$disp = Request::getVar('disposition');
$disp = in_array($disp, array('inline', 'attachment')) ? $disp : 'attachment';
// Get our model and load publication data
$this->model = new Models\Publication($this->_identifier, $this->_version, $vid);
if (!$this->model->exists() || $this->model->isDeleted()) {
App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_PUBLICATIONS_RESOURCE_NOT_FOUND'), 'error');
return;
}
// Is the visitor authorized to view content?
if (!$this->model->access('view-all')) {
$this->_blockAccess();
return true;
}
// Set curation
$this->model->setCuration();
// Bundle requested?
if ($render == 'archive') {
// Produce archival package
if ($this->model->_curationModel->package()) {
// Log access
if ($this->model->isPublished()) {
$this->model->logAccess('primary');
}
$this->model->_curationModel->serveBundle();
return;
} else {
throw new Exception(Lang::txt('COM_PUBLICATIONS_ERROR_FINDING_ATTACHMENTS'), 404);
return;
}
}
// Bundle requested?
if ($render == 'showcontents') {
// Produce archival package
if ($this->model->_curationModel->package()) {
// Build the HTML of the "about" tab
$view = new \Hubzero\Component\View(['name' => 'view', 'layout' => '_contents']);
$view->model = $this->model;
$view->option = $this->_option;
$view->display();
return;
} else {
throw new Exception(Lang::txt('COM_PUBLICATIONS_ERROR_FINDING_ATTACHMENTS'), 404);
return;
}
}
// Serving data file (dataview)
if ($file) {
// Ensure the file exist
if (!file_exists($this->model->path('data', true) . DS . trim($file))) {
throw new Exception(Lang::txt('COM_PUBLICATIONS_ERROR_FINDING_ATTACHMENTS'), 404);
return;
}
// Initiate a new content server and serve up the file
$server = new \Hubzero\Content\Server();
$server->filename($this->model->path('data', true) . DS . trim($file));
$server->disposition($disp);
$server->acceptranges(true);
$server->saveas(basename($file));
if (!$server->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_PUBLICATIONS_SERVER_ERROR'), 404);
} else {
exit;
}
}
$this->model->attachments();
// Individual attachment is requested? Find element ID
if ($aid) {
$elementId = $this->model->_curationModel->getElementIdByAttachment($aid);
}
// We do need attachments
if (!isset($this->model->_attachments['elements'][$elementId]) || empty($this->model->_attachments['elements'][$elementId])) {
throw new Exception(Lang::txt('COM_PUBLICATIONS_ERROR_FINDING_ATTACHMENTS'), 404);
return;
}
// Get element manifest to deliver content as intended
$curation = $this->model->_curationModel->getElementManifest($elementId);
// We do need manifest!
if (!$curation || !isset($curation->element) || !$curation->element) {
return false;
}
// Get attachment type model
$attModel = new Models\Attachments($this->database);
// Log access
if ($this->model->isPublished()) {
$aType = $curation->element->params->role == 1 ? 'primary' : 'support';
$this->model->logAccess($aType);
}
// Serve content
$content = $attModel->serve($curation->element->params->type, $curation->element, $elementId, $this->model, $curation->block->params, $aid);
// No content served
if ($content === NULL || $content == false) {
throw new Exception(Lang::txt('COM_PUBLICATIONS_ERROR_FINDING_ATTACHMENTS'), 404);
}
// Do we need to redirect to content?
if ($attModel->get('redirect')) {
App::redirect($attModel->get('redirect'));
return;
}
return $content;
}
/**
* Serve the file
*
* @param $pId
* @return void
*/
public function displayTask()
{
// Get the transaction ID
$tId = Request::getInt('task', '');
// Get the SKU ID
$sId = Request::getVar('p0');
// Get the landing page flag
$direct = Request::getVar('p1');
// Check if the transaction is complete and belongs to the user and is active
$transaction = Cart::getTransactionFacts($tId);
$transaction = $transaction->info;
$tStatus = $transaction->tStatus;
$crtId = $transaction->crtId;
// get cart user
$cartUser = Cart::getCartUser($crtId);
$currentUser = $this->juser->id;
// Error if needed
if ($tStatus !== 'completed') {
$messages = array(array('COM_CART_DOWNLOAD_TRANSACTION_NOT_COMPLETED', 'error'));
$this->messageTask($messages);
return;
} elseif ($cartUser != $currentUser) {
$messages = array(array('COM_CART_DOWNLOAD_NOT_AUTHORIZED', 'error'));
$this->messageTask($messages);
return;
}
// Check if the product is valid and downloadable; find the file
$warehouse = new Warehouse();
$sku = $warehouse->getSkuInfo($sId);
$productType = $sku['info']->ptId;
$downloadFile = $sku['meta']['downloadFile'];
// Error if needed
if ($productType != 30 || empty($downloadFile)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_DOWNLOABLE'), 'error'));
$this->messageTask($messages);
return;
}
$db = \App::get('db');
// Check if there is a limit on how many times the product can be downloaded
// Get the number of downloads allowed
$allowedDownloads = $sku;
if (isset($sku['meta']['downloadLimit']) && $sku['meta']['downloadLimit'] && is_numeric($sku['meta']['downloadLimit'])) {
$sql = "SELECT COUNT(`dId`) FROM `#__cart_downloads` WHERE `uId` = {$currentUser} AND `sId` = {$sId}";
$db->setQuery($sql);
$downloadsCount = $db->loadResult();
if ($downloadsCount >= $sku['meta']['downloadLimit']) {
$messages = array(array('Download limit exceeded', 'error'));
$this->messageTask($messages);
return;
}
}
// Path and file name
$storefrontConfig = Component::params('com_storefront');
$dir = $storefrontConfig->get('downloadFolder');
$file = PATH_ROOT . $dir . DS . $downloadFile;
if (!file_exists($file)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_FOUND'), 'error'));
$this->messageTask($messages);
return;
}
if (!$direct) {
$this->landingTask($tId, $sId);
return;
}
// Log the download
$sql = "INSERT INTO `#__cart_downloads` SET\n\t\t\t\t`uId` = " . $currentUser . ",\n\t\t\t\t`sId` = " . $sId . ",\n\t\t\t\t`dIp` = INET_ATON(" . $db->quote(Request::getClientIp()) . "),\n\t\t\t\t`dDownloaded` = NOW()";
$db->setQuery($sql);
$db->query();
// Serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($file);
$xserver->serve_attachment($file);
// Firefox and Chrome fail if served inline
exit;
}
/**
* Download a wiki file
*
* @return void
*/
public function _fileDownload()
{
if (!$this->view->course->access('view')) {
return App::abort(404, Lang::txt('COM_COURSES_NO_COURSE_FOUND'));
}
// Get the scope of the parent page the file is attached to
$filename = Request::getVar('group', '');
if (substr(strtolower($filename), 0, strlen('image:')) == 'image:') {
$filename = substr($filename, strlen('image:'));
} else {
if (substr(strtolower($filename), 0, strlen('file:')) == 'file:') {
$filename = substr($filename, strlen('file:'));
}
}
$filename = urldecode($filename);
// Ensure we have a path
if (empty($filename)) {
return App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND') . '[r]' . $filename);
}
$page = $this->view->offering->page(Request::getVar('unit', ''));
if (!$page->exists()) {
$pages = $this->view->offering->pages(array('url' => Request::getVar('unit', ''), 'offering_id' => array(0, $this->view->offering->get('id')), 'section_id' => array(0, $this->view->offering->section()->get('id')), 'limit' => 1, 'start' => 0), true);
$page = isset($pages[0]) ? $pages[0] : null;
}
// Add PATH_CORE
$filepath = $this->_path($page) . DS . ltrim($filename, DS);
// Ensure the file exist
$found = true;
if (!file_exists($filepath)) {
if (!$page) {
Request::setVar('section_id', $this->view->offering->section()->get('id'));
$filepath = $this->_path($page) . DS . ltrim($filename, DS);
if (!file_exists($filepath)) {
$found = false;
}
} else {
$found = false;
}
if (!$found) {
return App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND') . '[j]' . $filepath);
}
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filepath);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
return App::abort(404, Lang::txt('COM_COURSES_SERVER_ERROR') . '[x]' . $filepath);
} else {
exit;
}
}
/**
* Serves up files only after passing access checks
*
* @return void
*/
public function downloadTask()
{
// Incoming
$section = Request::getVar('section', '');
$category = Request::getVar('category', '');
$thread_id = Request::getInt('thread', 0);
$post_id = Request::getInt('post', 0);
$file = Request::getVar('file', '');
// Instantiate an attachment object
if (!$post_id) {
$attach = Attachment::oneByThread($thread_id, $file);
} else {
$attach = Attachment::oneByPost($post_id);
}
if (!$attach->get('filename')) {
App::abort(404, Lang::txt('COM_FORUM_FILE_NOT_FOUND'));
}
// Get the parent ticket the file is attached to
$post = $attach->post();
if (!$post->get('id') || $post->get('state') == $post::STATE_DELETED) {
App::abort(404, ang::txt('COM_FORUM_POST_NOT_FOUND'));
}
// Check logged in status
if (User::isGuest() && !in_array($post->get('access'), User::getAuthorisedViewLevels())) {
$return = base64_encode(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '§ion=' . $section . '&category=' . $category . '&thread=' . $thread_id . '&post=' . $post_id . '&file=' . $file));
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return));
}
// Load ACL
$this->_authorize('thread', $post->get('thread'));
// Ensure the user is authorized to view this file
if (!$this->config->get('access-view-thread')) {
App::abort(403, Lang::txt('COM_FORUM_NOT_AUTH_FILE'));
}
// Get the configured upload path
$filename = $attach->path();
// Ensure the file exist
if (!file_exists($filename)) {
App::abort(404, Lang::txt('COM_FORUM_FILE_NOT_FOUND') . ' ' . substr($filename, strlen(PATH_ROOT)));
}
// Initiate a new content server and serve up the file
$server = new \Hubzero\Content\Server();
$server->filename($filename);
$server->disposition('inline');
$server->acceptranges(false);
// @TODO fix byte range support
if (!$server->serve()) {
// Should only get here on error
App::abort(500, Lang::txt('COM_FORUM_SERVER_ERROR'));
}
exit;
}
/**
* Compile PDF/image preview for any kind of file
*
*
* @return mixed array or false
*/
protected function _compile()
{
// Combine file and folder data
$items = $this->_sortIncoming();
// Get stored remote connections
$remotes = $this->_getRemoteConnections();
// Params for repo call
$params = array('subdir' => $this->subdir, 'remoteConnections' => $remotes);
// Incoming
$commit = Request::getInt('commit', 0);
$download = Request::getInt('download', 0);
// Check that we have compile enabled
if (!$this->params->get('latex')) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_COMPILE_NOTALLOWED'));
return;
}
// Output HTML
$view = new \Hubzero\Plugin\View(array('folder' => 'projects', 'element' => 'files', 'name' => 'compiled'));
// Get selected item
if (!$items) {
$view->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_NO_FILES_TO_COMPILE'));
$view->loadTemplate();
return;
} else {
foreach ($items as $element) {
foreach ($element as $type => $item) {
// Get our metadata
$file = $this->repo->getMetadata($item, 'file', $params);
break;
}
}
}
// We need a file
if (empty($file)) {
$view->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_NO_FILES_TO_COMPILE'));
$view->loadTemplate();
return;
}
// Path for storing temp previews
$imagePath = trim($this->model->config()->get('imagepath', '/site/projects'), DS);
$outputDir = DS . $imagePath . DS . strtolower($this->model->get('alias')) . DS . 'compiled';
// Make sure output dir exists
if (!is_dir(PATH_APP . $outputDir)) {
if (!Filesystem::makeDirectory(PATH_APP . $outputDir)) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_UNABLE_TO_CREATE_UPLOAD_PATH'));
return;
}
}
// Get LaTeX helper
$compiler = new \Components\Projects\Helpers\Compiler();
// Tex compiler path
$texPath = DS . trim($this->params->get('texpath'), DS);
$view->file = $file;
$view->oWidth = '780';
$view->oHeight = '460';
$view->url = Route::url($this->model->link('files'));
$cExt = 'pdf';
// Take out Google native extension if present
$fileName = $file->get('name');
if (in_array($file->get('ext'), \Components\Projects\Helpers\Google::getGoogleNativeExts())) {
$fileName = preg_replace("/." . $file->get('ext') . "\\z/", "", $file->get('name'));
}
// Tex file?
$tex = $compiler->isTexFile($fileName);
// Build temp name
$tempBase = $tex ? 'temp__' . \Components\Projects\Helpers\Html::takeOutExt($fileName) : $fileName;
$tempBase = str_replace(' ', '_', $tempBase);
// Get file contents
if (!empty($this->_remoteService) && $file->get('converted')) {
// Load remote resource
$this->_connect->setUser($this->model->get('owned_by_user'));
$resource = $this->_connect->loadRemoteResource($this->_remoteService, $this->model->get('owned_by_user'), $file->get('remoteId'));
$cExt = $tex ? 'tex' : \Components\Projects\Helpers\Google::getGoogleImportExt($resource['mimeType']);
$cExt = in_array($cExt, array('tex', 'jpeg')) ? $cExt : 'pdf';
$url = \Components\Projects\Helpers\Google::getDownloadUrl($resource, $cExt);
// Get data
$view->data = $this->_connect->sendHttpRequest($this->_remoteService, $this->model->get('owned_by_user'), $url);
} elseif ($file->exists()) {
$view->data = $file->isImage() ? NULL : $file->contents();
} else {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_COMPILE_NO_DATA'));
}
// LaTeX file?
if ($tex && !empty($view->data)) {
// Clean up data from Windows characters - important!
$view->data = preg_replace('/[^(\\x20-\\x7F)\\x0A]*/', '', $view->data);
// Compile and get path to PDF
$contentFile = $compiler->compileTex($file->get('fullPath'), $view->data, $texPath, PATH_APP . $outputDir, 1, $tempBase);
// Read log (to show in case of error)
$logFile = $tempBase . '.log';
if (file_exists(PATH_APP . $outputDir . DS . $logFile)) {
$view->log = Filesystem::read(PATH_APP . $outputDir . DS . $logFile);
}
if (!$contentFile) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_COMPILE_TEX_FAILED'));
}
} elseif ($file->get('converted') && !empty($view->data)) {
$tempBase = \Components\Projects\Helpers\Google::getImportFilename($file->get('name'), $cExt);
// Write content to temp file
$this->_connect->fetchFile($view->data, $tempBase, PATH_APP . $outputDir);
$contentFile = $tempBase;
} elseif (!$this->getError()) {
// Make sure we can handle preview of this type of file
if ($file->get('ext') == 'pdf' || $file->isImage() || !$file->isBinary()) {
Filesystem::copy($file->get('fullPath'), PATH_APP . $outputDir . DS . $tempBase);
$contentFile = $tempBase;
}
}
$url = $this->model->link('files');
$url .= $this->repo->isLocal() ? '' : '&repo=' . $this->repo->get('name');
$url .= $this->subdir ? '&subdir=' . urlencode($this->subdir) : '';
// Parse output
if (!empty($contentFile) && file_exists(PATH_APP . $outputDir . DS . $contentFile)) {
// Get compiled content mimetype
$cType = Filesystem::mimetype(PATH_APP . $outputDir . DS . $contentFile);
// Is image?
if (strpos($cType, 'image/') !== false) {
// Fix up object width & height
list($width, $height, $type, $attr) = getimagesize(PATH_APP . $outputDir . DS . $contentFile);
$xRatio = $view->oWidth / $width;
$yRatio = $view->oHeight / $height;
if ($xRatio * $height < $view->oHeight) {
// Resize the image based on width
$view->oHeight = ceil($xRatio * $height);
} else {
// Resize the image based on height
$view->oWidth = ceil($yRatio * $width);
}
}
// Download compiled file?
if ($download) {
$pdfName = $tex ? str_replace('temp__', '', basename($contentFile)) : basename($contentFile);
// Serve up file
$server = new \Hubzero\Content\Server();
$server->filename(PATH_APP . $outputDir . DS . $contentFile);
$server->disposition('attachment');
$server->acceptranges(false);
$server->saveas($pdfName);
$result = $server->serve_attachment(PATH_APP . $outputDir . DS . $contentFile, $pdfName, false);
if (!$result) {
// Should only get here on error
App::abort(404, Lang::txt('PLG_PROJECTS_FILES_SERVER_ERROR'));
} else {
exit;
}
}
// Add compiled PDF to repository?
if ($commit && $tex) {
$pdfName = str_replace('temp__', '', basename($contentFile));
$where = $this->subdir ? $this->subdir . DS . $pdfName : $pdfName;
if (Filesystem::copy(PATH_APP . $outputDir . DS . $contentFile, $this->_path . DS . $where)) {
// Checkin into repo
$params = array('subdir' => $this->subdir);
$params['file'] = $this->repo->getMetadata($pdfName, 'file', $params);
$this->repo->call('checkin', $params);
if ($this->repo->isLocal()) {
$this->model->saveParam('google_sync_queue', 1);
}
\Notify::message(Lang::txt('PLG_PROJECTS_FILES_SUCCESS_COMPILED'), 'success', 'projects');
// Redirect to file list
App::redirect(Route::url($url));
return;
}
}
// Generate preview image for browsers that cannot embed pdf
if ($cType == 'application/pdf') {
// GS path
$gspath = trim($this->params->get('gspath'), DS);
if ($gspath && file_exists(DS . $gspath . DS . 'gs')) {
$gspath = DS . $gspath . DS;
$pdfName = $tex ? str_replace('temp__', '', basename($contentFile)) : basename($contentFile);
$pdfPath = PATH_APP . $outputDir . DS . $contentFile;
$exportPath = PATH_APP . $outputDir . DS . $tempBase . '%d.jpg';
exec($gspath . "gs -dNOPAUSE -sDEVICE=jpeg -r300 -dFirstPage=1 -dLastPage=1 -sOutputFile={$exportPath} {$pdfPath} 2>&1", $out);
if (is_file(PATH_APP . $outputDir . DS . $tempBase . '1.jpg')) {
$hi = new \Hubzero\Image\Processor(PATH_APP . $outputDir . DS . $tempBase . '1.jpg');
if (count($hi->getErrors()) == 0) {
$hi->resize($view->oWidth, false, false, true);
$hi->save(PATH_APP . $outputDir . DS . $tempBase . '1.jpg');
} else {
return false;
}
}
if (is_file(PATH_APP . $outputDir . DS . $tempBase . '1.jpg')) {
$image = $tempBase . '1.jpg';
}
}
}
} elseif (!$this->getError()) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_COMPILE_PREVIEW_FAILED'));
}
$view->file = $file;
$view->outputDir = $outputDir;
$view->embed = $contentFile;
$view->cType = $cType;
$view->subdir = $this->subdir;
$view->option = $this->_option;
$view->image = !empty($image) ? $image : NULL;
$view->model = $this->model;
$view->repo = $this->repo;
if ($this->getError()) {
$view->setError($this->getError());
}
return $view->loadTemplate();
}
/**
* Download a file
*
* @param string $filename File name
* @return void
*/
public function downloadTask($filename = "")
{
//get the group
$group = Group::getInstance($this->cn);
// make sure we have a group
if (!is_object($group)) {
return;
}
//authorize
$authorized = $this->_authorize();
//get the file name
if (substr(strtolower($filename), 0, 5) == 'image') {
$file = urldecode(substr($filename, 6));
} elseif (substr(strtolower($filename), 0, 4) == 'file') {
$file = urldecode(substr($filename, 5));
} else {
return;
}
// clean up file, strip double "uploads" & trim directory sep
$file = str_replace('uploads', '', $file);
$file = ltrim($file, DS);
// get extension
$extension = pathinfo($file, PATHINFO_EXTENSION);
//if were on the wiki we need to output files a specific way
if ($this->active == 'wiki') {
//get access level for wiki
$access = Group\Helper::getPluginAccess($group, 'wiki');
//check to make sure user has access to wiki section
if ($access == 'members' && !in_array(User::get('id'), $group->get('members')) || $access == 'registered' && User::isGuest()) {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH') . ' ' . $file);
}
//load wiki page from db
require_once PATH_CORE . DS . 'components' . DS . 'com_wiki' . DS . 'tables' . DS . 'page.php';
$page = new \Components\Wiki\Tables\Page($this->database);
$pagename = Request::getVar('pagename');
$scope = Request::getVar('scope', $group->get('cn') . DS . 'wiki');
if ($scope) {
$parts = explode('/', $scope);
if (count($parts) > 2) {
$pagename = array_pop($parts);
if (strtolower($filename) == strtolower($pagename)) {
$pagename = array_pop($parts);
}
$scope = implode('/', $parts);
}
}
$page->load($pagename, $scope);
//check specific wiki page access
if ($page->get('access') == 1 && !in_array(User::get('id'), $group->get('members')) && $authorized != 'admin') {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH') . ' ' . $file);
return;
}
//get the config and build base path
$wiki_config = \Component::params('com_wiki');
$base_path = $wiki_config->get('filepath') . DS . $page->get('id');
} elseif ($this->active == 'blog') {
//get access setting of group blog
$access = Group\Helper::getPluginAccess($group, 'blog');
//make sure user has access to blog
if ($access == 'members' && !in_array(User::get('id'), $group->get('members')) || $access == 'registered' && User::isGuest()) {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH') . ' ' . $file);
}
//make sure we have a group id of the proper length
$groupID = Group\Helper::niceidformat($group->get('gidNumber'));
//buld path to blog folder
$base_path = $this->config->get('uploadpath') . DS . $groupID . DS . 'blog';
if (!file_exists(PATH_APP . DS . $base_path . DS . $file)) {
$base_path = $this->config->get('uploadpath') . DS . $group->get('gidNumber') . DS . 'uploads' . DS . 'blog';
}
} else {
//get access level for overview or other group pages
$access = Group\Helper::getPluginAccess($group, 'overview');
//check to make sure we can access it
if ($access == 'members' && !in_array(User::get('id'), $group->get('members')) || $access == 'registered' && User::isGuest()) {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH') . ' ' . $file);
}
// Build the path
$base_path = $this->config->get('uploadpath');
$base_path .= DS . $group->get('gidNumber') . DS . 'uploads';
}
// trim base path
$base_path = ltrim($base_path, DS);
// only can serve files from within /site/groups/{group_id}/uploads/
$pathCheck = PATH_APP . DS . $base_path;
// Final path of file
$file_path = $base_path . DS . $file;
$alt_file_path = null;
// if super group offer alt path outside uploads
if ($group->isSuperGroup()) {
$alt_file_path = str_replace('/uploads', '', $base_path) . DS . $file;
// if super group can serve files anywhere inside /site/groups/{group_id}
$altPathCheck = PATH_APP . DS . ltrim($alt_file_path);
}
// Ensure the file exist
if (!file_exists(PATH_APP . DS . $file_path)) {
if ($alt_file_path == null || !file_exists(PATH_APP . DS . $alt_file_path)) {
$this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_FILE_NOT_FOUND') . ' ' . $file);
return;
} else {
$file_path = $alt_file_path;
$pathCheck = $altPathCheck;
}
}
// get full path, expanding ../
if ($realPath = realpath(PATH_APP . DS . $file_path)) {
// make sure requested file is within acceptable dir
if (strpos($realPath, $pathCheck) === false) {
$this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_FILE_NOT_FOUND') . ' ' . $file);
return;
}
}
// new content server
$contentServer = new \Hubzero\Content\Server();
$contentServer->filename(PATH_APP . DS . $file_path);
$contentServer->disposition('attachment');
$contentServer->acceptranges(false);
// do we need to manually set mime type
if ($extension == 'css') {
$contentServer->setContentType('text/css');
}
// Serve up the file
if (!$contentServer->serve()) {
App::abort(404, Lang::txt('COM_GROUPS_SERVER_ERROR'));
} else {
exit;
}
return;
}
/**
* Generate detailed responses CSV files and zip and offer up as download
*
* @return void
**/
private function downloadresponses()
{
require_once PATH_CORE . DS . 'components' . DS . 'com_courses' . DS . 'models' . DS . 'formReport.php';
// Only allow for instructors
if (!$this->course->offering()->section()->access('manage')) {
App::abort(403, 'Sorry, you don\'t have permission to do this');
}
if (!($asset_ids = Request::getVar('assets', false))) {
App::abort(422, 'Sorry, we don\'t know what results you\'re trying to retrieve');
}
$protected = 'site' . DS . 'protected';
$tmp = $protected . DS . 'tmp';
// We're going to temporarily house this in PATH_APP/site/protected/tmp
if (!Filesystem::exists($protected)) {
App::abort(500, 'Missing temporary directory');
}
// Make sure tmp folder exists
if (!Filesystem::exists($tmp)) {
Filesystem::makeDirectory($tmp);
} else {
// Folder was already there - do a sanity check and make sure no old responses zips are lying around
$files = Filesystem::files($tmp);
if ($files && count($files) > 0) {
foreach ($files as $file) {
if (strstr($file, 'responses.zip') !== false) {
Filesystem::delete($tmp . DS . $file);
}
}
}
}
// Get the individual asset ids
$asset_ids = explode('-', $asset_ids);
// Set up our zip archive
$zip = new ZipArchive();
$path = PATH_APP . DS . $tmp . DS . time() . '.responses.zip';
$zip->open($path, ZipArchive::CREATE);
// Loop through the assets
foreach ($asset_ids as $asset_id) {
// Is it a number?
if (!is_numeric($asset_id)) {
continue;
}
// Get the rest of the asset row
$asset = new \Components\Courses\Tables\Asset($this->db);
$asset->load($asset_id);
// Make sure asset is a part of this course
if ($asset->get('course_id') != $this->course->get('id')) {
continue;
}
if ($details = \Components\Courses\Models\FormReport::getLetterResponsesForAssetId($this->db, $asset_id, true, $this->course->offering()->section()->get('id'))) {
$output = implode(',', $details['headers']) . "\n";
if (isset($details['responses']) && count($details['responses']) > 0) {
foreach ($details['responses'] as $response) {
$output .= implode(',', $response) . "\n";
}
}
$zip->addFromString($asset_id . '.responses.csv', $output);
} else {
continue;
}
}
// Close the zip archive handler
$zip->close();
if (is_file($path)) {
// Set up the server
$xserver = new \Hubzero\Content\Server();
$xserver->filename($path);
$xserver->saveas('responses.zip');
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// Serve the file
$xserver->serve();
// Now delete the file
Filesystem::delete($path);
}
// All done!
exit;
}
/**
* Download a file
*
* @return void
*/
public function downloadTask()
{
// Incoming
$pid = Request::getInt('id', 0);
$vid = Request::getInt('v', 0);
$source = NULL;
// Need pub and version ID
if (!$pid || $pid == 0 || !$vid) {
return;
}
// Get the file name
$uri = Request::getVar('REQUEST_URI', '', 'server');
if (strstr($uri, 'Image:')) {
$file = str_replace('Image:', '', strstr($uri, 'Image:'));
} elseif (strstr($uri, 'File:')) {
$file = str_replace('File:', '', strstr($uri, 'File:'));
}
//decode file name
$file = urldecode($file);
if (strtolower($file) == 'thumb') {
// Get publication thumbnail
$source = Helpers\Html::getThumb($pid, $vid, $this->config);
} else {
// Build publication path
$path = Helpers\Html::buildPubPath($pid, $vid, $this->config->get('webpath'));
if (strtolower($file) == 'master') {
// Get master image
$source = $path . DS . 'master.png';
// Default image
if (!is_file(PATH_APP . DS . $source)) {
// Grab first bigger image in gallery
if (is_dir(PATH_APP . DS . $path . DS . 'gallery')) {
$file_list = scandir(PATH_APP . DS . $path . DS . 'gallery');
foreach ($file_list as $file) {
list($width, $height, $type, $attr) = getimagesize(PATH_APP . DS . $path . DS . 'gallery' . DS . $file);
if ($width > 200) {
$source = $path . DS . 'gallery' . DS . $file;
break;
}
}
}
if (!is_file(PATH_APP . DS . $source)) {
$source = PATH_CORE . DS . trim($this->config->get('masterimage', 'components/com_publications/site/assets/img/master.png'), DS);
}
}
} else {
// Load from gallery
$source = PATH_APP . DS . $path . DS . 'gallery' . DS . $file;
// Default image
if (!is_file($source)) {
$source = PATH_CORE . DS . trim($this->config->get('gallery_thumb', 'components/com_publications/site/assets/img/gallery_thumb.gif'), DS);
}
}
}
if (is_file($source)) {
$server = new \Hubzero\Content\Server();
$server->filename($source);
$server->serve_inline($source);
exit;
}
return;
}
case 'image':
// Build the upload path
$img_location = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/courses'), DS);
$img_location .= DS . 'badges' . DS . $this->badge->get('id') . DS;
if (is_dir($img_location)) {
$file = Filesystem::files($img_location, 'badge');
if (isset($file[0])) {
$img_location .= $file[0];
} else {
return App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND'));
}
} else {
return App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND'));
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($img_location);
$xserver->disposition('inline');
$xserver->acceptranges(false);
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('COM_COURSES_SERVER_ERROR'));
} else {
exit;
}
return;
break;
case 'criteria':
$title = Lang::txt('COM_COURSES_BADGE_CRITERIA');
$body = "<div class=\"criteria-text\">\n";
$body .= $this->badge->get('criteria_text') . "\n";
/**
* Download a file
*
* @return void
*/
public function downloadTask()
{
//get vars
$id = Request::getInt('id', 0);
//check to make sure we have an id
if (!$id || $id == 0) {
return;
}
//Load member profile
$member = \Hubzero\User\Profile::getInstance($id);
// check to make sure we have member profile
if (!$member) {
return;
}
//get the file name
// make sure to leave out any query params (ex. ?v={timestamp})
$uri = Request::getVar('SCRIPT_URL', '', 'server');
if (strstr($uri, 'Image:')) {
$file = str_replace('Image:', '', strstr($uri, 'Image:'));
} elseif (strstr($uri, 'File:')) {
$file = str_replace('File:', '', strstr($uri, 'File:'));
}
//decode file name
$file = urldecode($file);
// build base path
$base_path = $this->filespace() . DS . \Hubzero\User\Profile\Helper::niceidformat($member->get('uidNumber'));
//if we are on the blog
if (Request::getVar('active', 'profile') == 'blog') {
// @FIXME Check still needs to occur for non-public entries
//authorize checks
/*if ($this->_authorize() != 'admin')
{
if (User::get('id') != $member->get('uidNumber'))
{
App::abort(403, Lang::txt('You are not authorized to download the file: ') . ' ' . $file);
return;
}
}*/
//get the params from the members blog plugin
$blog_params = Plugin::params('members', 'blog');
//build the base path to file based of upload path param
$base_path = str_replace('{{uid}}', \Hubzero\User\Profile\Helper::niceidformat($member->get('uidNumber')), $blog_params->get('uploadpath'));
}
//build file path
$file_path = $base_path . DS . $file;
// Ensure the file exist
if (!file_exists(PATH_APP . DS . $file_path)) {
App::abort(404, Lang::txt('The requested file could not be found: ') . ' ' . $file);
return;
}
// Serve up the image
$xserver = new \Hubzero\Content\Server();
$xserver->filename(PATH_APP . DS . $file_path);
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// @TODO fix byte range support
//serve up file
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('An error occured while trying to output the file'));
} else {
exit;
}
return;
}
/**
* Download source code for a tool
*
* @return void
*/
public function sourcecodeTask()
{
// Get tool instance
$tool = Request::getVar('tool', 0);
// Ensure we have a tool
if (!$tool) {
App::abort(404, Lang::txt('COM_RESOURCES_RESOURCE_NOT_FOUND'));
return;
}
// Load the tool version
$tv = new \Components\Tools\Tables\Version($this->database);
$tv->loadFromInstance($tool);
// Concat tarball name for this version
$tarname = $tv->toolname . '-r' . $tv->revision . '.tar.gz';
// Get contribtool params
$tparams = Component::params('com_tools');
$tarball_path = $tparams->get('sourcecodePath');
if (empty($tarball_path)) {
$tarball_path = "site/protected/source";
}
if ($tarball_path[0] != DS) {
$tarball_path = rtrim(PATH_APP . DS . $tarball_path, DS);
}
$tarpath = $tarball_path . DS . $tv->toolname . DS;
$opencode = $tv->codeaccess == '@OPEN' ? 1 : 0;
// Is a tarball available?
if (!file_exists($tarpath . $tarname)) {
// File not found
App::abort(404, Lang::txt('COM_RESOURCES_FILE_NOT_FOUND'));
return;
}
if (!$opencode) {
// This tool is not open source
App::abort(403, Lang::txt('COM_RESOURCES_ALERTNOTAUTH'));
return;
}
// Serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($tarpath . $tarname);
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// @TODO fix byte range support
$xserver->saveas($tarname);
if (!$xserver->serve_attachment($tarpath . $tarname, $tarname, false)) {
// @TODO fix byte range support
throw new Exception(Lang::txt('COM_RESOURCES_SERVER_ERROR'), 500);
} else {
exit;
}
return;
}
/**
* Serve the file
*
* @param $pId
* @return void
*/
public function displayTask()
{
// Get the transaction ID
$tId = Request::getInt('task', '');
// Get the SKU ID
$sId = Request::getVar('p0');
// Get the landing page flag
$direct = Request::getVar('p1');
// Check if the transaction is complete and belongs to the user and is active and the SKU requested is valid
$transaction = Cart::getTransactionFacts($tId);
$transactionExistingItems = $transaction->items;
$transaction = $transaction->info;
$transactionItems = unserialize($transaction->tiItems);
$tStatus = $transaction->tStatus;
$crtId = $transaction->crtId;
// get cart user
$cartUser = Cart::getCartUser($crtId);
$currentUser = $this->juser->id;
// Error if needed
if ($tStatus !== 'completed') {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_TRANSACTION_NOT_COMPLETED'), 'error'));
$this->messageTask($messages);
return;
} elseif ($cartUser != $currentUser) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error'));
$this->messageTask($messages);
return;
} elseif (!array_key_exists($sId, $transactionItems)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error'));
$this->messageTask($messages);
return;
}
// Check if the product is valid and downloadable; find the file
$warehouse = new Warehouse();
$sku = $warehouse->getSkuInfo($sId);
$productType = $warehouse->getProductTypeInfo($sku['info']->ptId);
$downloadFile = $sku['meta']['downloadFile'];
// Error if needed
if ($productType['ptName'] != 'Software Download' || empty($downloadFile)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_DOWNLOADABLE'), 'error'));
$this->messageTask($messages);
return;
}
$db = \App::get('db');
// Check if there is a limit on how many times the product can be downloaded
// Get the number of downloads allowed
if (isset($sku['meta']['downloadLimit']) && $sku['meta']['downloadLimit'] && is_numeric($sku['meta']['downloadLimit'])) {
$sql = "SELECT COUNT(`dId`) FROM `#__cart_downloads` WHERE `uId` = {$currentUser} AND `sId` = {$sId} AND `dStatus` > 0";
$db->setQuery($sql);
$downloadsCount = $db->loadResult();
if ($downloadsCount >= $sku['meta']['downloadLimit']) {
$messages = array(array('Download limit exceeded', 'error'));
$this->messageTask($messages);
return;
}
}
// Path and file name
$storefrontConfig = Component::params('com_storefront');
$dir = $storefrontConfig->get('downloadFolder', '/site/protected/storefront/software');
$file = PATH_APP . $dir . DS . $downloadFile;
if (!file_exists($file)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_FOUND'), 'error'));
$this->messageTask($messages);
return;
}
if (!$direct) {
$this->landingTask($tId, $sId);
return;
}
// Log the download
$sql = "INSERT INTO `#__cart_downloads` SET\n\t\t\t\t`uId` = " . $currentUser . ",\n\t\t\t\t`sId` = " . $sId . ",\n\t\t\t\t`dIp` = INET_ATON(" . $db->quote(Request::ip()) . "),\n\t\t\t\t`dDownloaded` = NOW()";
$db->setQuery($sql);
$db->query();
$dId = $db->insertid();
// Save the meta data
$userGroups = User::getAuthorisedGroups();
$meta = array();
$ignoreGroups = array('public', 'registered');
foreach ($userGroups as $groupId) {
$group = Accessgroup::one($groupId);
if (!in_array(strtolower($group->get('title')), $ignoreGroups)) {
$meta[$groupId] = $group->get('title');
}
}
if ($mta = User::getState('metadata')) {
$meta = array_merge($meta, $mta);
}
$sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t`scope` = 'download',\n\t\t\t\t`mtKey` = 'userInfo',\n\t\t\t\t`mtValue` = '" . serialize($meta) . "'";
$db->setQuery($sql);
$db->query();
// Figure out if the EULA was accepted
$itemTransactionInfoMeta = $transactionExistingItems[$sId]['transactionInfo']->tiMeta;
$eulaAccepted = $itemTransactionInfoMeta && property_exists($itemTransactionInfoMeta, 'eulaAccepted') && $itemTransactionInfoMeta->eulaAccepted ? true : false;
if ($eulaAccepted) {
$sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t\t`scope` = 'download',\n\t\t\t\t\t`mtKey` = 'eulaAccepted',\n\t\t\t\t\t`mtValue` = '" . $eulaAccepted . "'";
$db->setQuery($sql);
$db->query();
}
// Serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($file);
$xserver->serve_attachment($file);
// Firefox and Chrome fail if served inline
exit;
}
/**
* Download a picture
*
* @return void
*/
public function pictureTask()
{
// Get vars
$id = Request::getInt('id', 0);
// Check to make sure we have an id
if (!$id || $id == 0) {
return;
}
// Load member
$member = Member::oneOrFail($id);
$file = DS . trim($this->config->get('webpath', '/site/members'), DS);
$file .= DS . Profile\Helper::niceidformat($member->get('uidNumber'));
$file .= DS . Request::getVar('image', $member->get('picture'));
// Ensure the file exist
if (!file_exists(PATH_APP . DS . $file)) {
App::abort(404, Lang::txt('COM_MEMBERS_FILE_NOT_FOUND') . ' ' . $file);
}
// Serve up the image
$xserver = new \Hubzero\Content\Server();
$xserver->filename(PATH_APP . DS . $file);
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// @TODO fix byte range support
// Serve up file
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('COM_MEMBERS_MEDIA_ERROR_SERVING_FILE'));
}
exit;
}
/**
* Download a wiki file
*
* @param object $course \Components\Courses\Models\Course
* @return void
*/
public function download($course)
{
// Get some needed libraries
if (!$course->access('view')) {
App::abort(404, Lang::txt('COM_COURSES_NO_COURSE_FOUND'));
return;
}
// Get the scope of the parent page the file is attached to
$filename = Request::getVar('file', '');
if (substr(strtolower($filename), 0, strlen('image:')) == 'image:') {
$filename = substr($filename, strlen('image:'));
} else {
if (substr(strtolower($filename), 0, strlen('file:')) == 'file:') {
$filename = substr($filename, strlen('file:'));
}
}
$filename = urldecode($filename);
// Get the configured upload path
$config = Component::params('com_courses');
$base_path = $this->path($course->get('id'));
// Does the path start with a slash?
$filename = DS . ltrim($filename, DS);
// Does the beginning of the $attachment->path match the config path?
if (substr($filename, 0, strlen($base_path)) == $base_path) {
// Yes - this means the full path got saved at some point
} else {
// No - append it
$filename = $base_path . $filename;
}
// Add PATH_CORE
$filename = PATH_APP . $filename;
// Ensure the file exist
if (!file_exists($filename)) {
App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND') . ' ' . $filename);
return;
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filename);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('COM_COURSES_SERVER_ERROR'));
} else {
exit;
}
return;
}
// Ensure we have a path
if (empty($path)) {
App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND'));
return;
}
// Add PATH_APP
$filename = PATH_APP . $path;
// Ensure the file exist
if (!file_exists($filename)) {
App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND') . ' ' . $filename);
return;
}
// Force certain extensions to the 'attachment' disposition
$ext = strtolower(Filesystem::extension($filename));
if (!in_array($ext, array('jpg', 'jpeg', 'jpe', 'gif', 'png', 'pdf', 'htm', 'html', 'txt', 'json', 'xml'))) {
$d = 'attachment';
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filename);
//$xserver->saveas($this->model->get('title') . '.' . $ext);
$xserver->disposition($d);
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
App::abort(500, Lang::txt('COM_COURSES_SERVER_ERROR'));
} else {
// Just exit (i.e. no template)
exit;
}
/**
* Serve
*
* @return boolean
*/
public function serve($element, $elementId, $pub, $blockParams, $itemId = 0)
{
// Incoming
$forceDownload = Request::getInt('download', 0);
// Force downlaod action?
// Get configs
$configs = $this->getConfigs($element->params, $elementId, $pub, $blockParams);
$attachments = $pub->_attachments;
$attachments = isset($attachments['elements'][$elementId]) ? $attachments['elements'][$elementId] : NULL;
// Sort out attachments for this element
$attachments = $this->_parent->getElementAttachments($elementId, $attachments, $this->_name);
if (!$forceDownload && $configs->handler) {
// serve through handler
// TBD
} else {
// Default action - download
// Build download path
$download = NULL;
// Default serve - download
if ($itemId) {
foreach ($attachments as $attach) {
if ($attach->id == $itemId) {
$download = $this->getFilePath($attach->path, $attach->id, $configs, $attach->params);
break;
}
}
} elseif (count($attachments) > 1) {
$overwrite = $pub->state == 1 ? false : true;
$download = $this->bundle($attachments, $configs, $overwrite);
} elseif (count($attachments) == 1) {
$download = $this->getFilePath($attachments[0]->path, $attachments[0]->id, $configs, $attachments[0]->params);
}
// Perform download
if ($download && is_file($download)) {
// Initiate a new content server and serve up the file
$server = new \Hubzero\Content\Server();
$server->filename($download);
$server->disposition('attachment');
$server->acceptranges(true);
$server->saveas(basename($download));
if (!$server->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('PLG_PROJECTS_PUBLICATIONS_ERROR_SERVE'), 404);
} else {
exit;
}
} else {
$this->setError(Lang::txt('PLG_PROJECTS_PUBLICATIONS_ERROR_DOWNLOAD'));
return false;
}
}
return false;
}
/**
* Asset delivery function.
*
* @return exit
*/
public function assetsTask()
{
$file = Request::getVar('file');
$file = self::normalize_path('/' . trim($file, '/'), true);
if (empty($file)) {
echo 'file:' . $file;
die;
return $this->notFoundTask();
}
$zone = new \Components\Tools\Models\Middleware\Zone(Request::getInt('id', 0));
if (!$zone->exists()) {
echo 'zone: ' . $zone->get('id');
die;
return $this->notFoundTask();
}
$file = $zone->logo('path') . '/' . ltrim($file, '/');
if (!is_file($file) || !is_readable($file)) {
return $this->notFoundTask();
}
$xserver = new \Hubzero\Content\Server();
$xserver->filename($file);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
App::abort(404, Lang::txt('COM_TOOLS_SERVER_ERROR'));
}
exit;
}
/**
* Download a file
*
* @param object $member
* @return void
*/
protected function _download($member)
{
$database = App::get('db');
// Ensure we have a database object
if (!$database) {
App::abort(500, Lang::txt('DATABASE_NOT_FOUND'));
return;
}
// Incoming
$uid = $member->get('id');
// Load the resume
$resume = new \Components\Jobs\Tables\Resume($database);
$file = '';
$path = $this->build_path($uid);
if ($resume->loadResume($uid)) {
$file = PATH_APP . $path . DS . $resume->filename;
}
if (!is_file($file)) {
App::abort(404, Lang::txt('FILE_NOT_FOUND'));
return;
}
// Use user name as file name
$default_title = $member->get('givenName') ? $member->get('givenName') . ' ' . $member->get('surname') . ' ' . ucfirst(Lang::txt('Resume')) : $member->get('name') . ' ' . ucfirst(Lang::txt('Resume'));
$default_title .= substr($resume->filename, strripos($resume->filename, '.'));
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($file);
// record view
$stats = new \Components\Jobs\Tables\JobStats($database);
if (User::get('id') != $uid) {
$stats->saveView($uid, 'seeker');
}
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// @TODO fix byte range support
$xserver->saveas(stripslashes($resume->title));
$result = $xserver->serve_attachment($file, stripslashes($default_title), false);
// @TODO fix byte range support
if (!$result) {
App::abort(500, Lang::txt('SERVER_ERROR'));
}
exit;
}
/**
* Serves up files only after passing access checks
*
* @return void
*/
public function download()
{
// Incoming
$section = Request::getVar('section', '');
$category = Request::getVar('category', '');
$thread = Request::getInt('thread', 0);
$post = Request::getInt('post', 0);
$file = Request::getVar('file', '');
// Check logged in status
if (User::isGuest()) {
$return = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=forum&scope=' . $section . '/' . $category . '/' . $thread . '/' . $post . '/' . $file);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
return;
}
// Ensure we have a database object
if (!$this->database) {
App::abort(500, Lang::txt('PLG_GROUPS_FORUM_DATABASE_NOT_FOUND'));
return;
}
// Instantiate an attachment object
$attach = new \Components\Forum\Tables\Attachment($this->database);
if (!$post) {
$attach->loadByThread($thread, $file);
} else {
$attach->loadByPost($post);
}
if (!$attach->filename) {
App::abort(404, Lang::txt('PLG_GROUPS_FORUM_FILE_NOT_FOUND'));
return;
}
$file = $attach->filename;
// Get the parent ticket the file is attached to
$this->model = new \Components\Forum\Tables\Post($this->database);
$this->model->load($attach->post_id);
if (!$this->model->id) {
App::abort(404, Lang::txt('PLG_GROUPS_FORUM_POST_NOT_FOUND'));
return;
}
// Load ACL
$this->_authorize('thread', $this->model->id);
// Ensure the user is authorized to view this file
if (!$this->params->get('access-view-thread')) {
App::abort(403, Lang::txt('PLG_GROUPS_FORUM_NOT_AUTH_FILE'));
return;
}
// Ensure we have a path
if (empty($file)) {
App::abort(404, Lang::txt('PLG_GROUPS_FORUM_FILE_NOT_FOUND'));
return;
}
// Get the configured upload path
$basePath = DS . trim($this->params->get('filepath', '/site/forum'), DS) . DS . $attach->parent . DS . $attach->post_id;
// Does the path start with a slash?
if (substr($file, 0, 1) != DS) {
$file = DS . $file;
// Does the beginning of the $attachment->filename match the config path?
if (substr($file, 0, strlen($basePath)) == $basePath) {
// Yes - this means the full path got saved at some point
} else {
// No - append it
$file = $basePath . $file;
}
}
// Add PATH_CORE
$filename = PATH_APP . $file;
// Ensure the file exist
if (!file_exists($filename)) {
App::abort(404, Lang::txt('PLG_GROUPS_FORUM_FILE_NOT_FOUND'));
return;
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filename);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('PLG_GROUPS_FORUM_SERVER_ERROR'));
} else {
exit;
}
return;
}
/**
* Serves up the file to the web
*
* @param string $as What to serve the file as
* @return bool
**/
public function serve($as = null)
{
// Initiate a new content server
$server = new \Hubzero\Content\Server();
$server->disposition('attachment');
$server->acceptranges(false);
if (!$this->isLocal()) {
// Create a temp file and write to it
$temp = tmpfile();
fwrite($temp, $this->read());
$server->filename(stream_get_meta_data($temp)['uri']);
} else {
$server->filename($this->getAbsolutePath());
}
$server->saveas($as ?: $this->getName());
// Serve up the file
$result = $server->serve();
// Clean up after serving
if (isset($temp) && is_resource($temp)) {
fclose($temp);
}
return $result;
}
/**
* Show images within projects
*
* @return void
*/
public function mediaTask()
{
// Incoming
$media = trim(Request::getVar('media', 'thumb'));
$source = NULL;
$redirect = false;
$dir = 'preview';
if (!$this->model->exists()) {
return false;
}
$uri = Request::getVar('SCRIPT_URL', '', 'server');
if (strstr($uri, 'Compiled:')) {
$media = str_replace('Compiled:', '', strstr($uri, 'Compiled:'));
$dir = 'compiled';
}
if (strstr($uri, 'Tool:')) {
$media = str_replace('Tool:', '', strstr($uri, 'Tool:'));
$media = $media ? $media : 'default';
$dir = 'tools';
}
// Show project thumbnail
if ($media == 'thumb') {
$source = $this->getThumbSrc();
} elseif ($media) {
if ($media == 'master') {
// Public picture
$source = $this->getProjectImageSrc();
} elseif ($dir == 'tools') {
$path = trim($this->config->get('imagepath', '/site/projects'), DS);
$source = PATH_APP . DS . $path . DS . $this->model->get('alias') . DS . $dir . DS . $media . '.png';
if (!is_file($source)) {
// Get default tool image
$source = PATH_CORE . DS . trim($this->config->get('toolpic', 'plugins/projects/tools/images/default.gif'), DS);
}
} else {
// Authorization required
if (!$this->model->access('member')) {
return;
}
$path = trim($this->config->get('imagepath', '/site/projects'), DS);
$source = PATH_APP . DS . $path . DS . $this->model->get('alias') . DS . $dir . DS . $media;
$redirect = true;
}
}
if (is_file($source)) {
$server = new \Hubzero\Content\Server();
$server->filename($source);
$server->serve_inline($source);
exit;
} elseif ($redirect) {
App::redirect(Route::url('index.php?option=' . $this->_option));
}
return;
}
/**
* Serves up files only after passing access checks
*
* @return void
*/
public function download()
{
// Incoming
$thread = Request::getInt('group', 0);
$post = Request::getInt('asset', 0);
$file = Request::getVar('file', '');
// Check logged in status
if (User::isGuest()) {
$return = Route::url($this->offering->link() . '&active=' . $this->_name . '&unit=download&b=' . $thread . '&file=' . $file);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
return;
}
// Ensure we have a database object
if (!$this->database) {
App::abort(500, Lang::txt('PLG_COURSES_DISCUSSIONS_DATABASE_NOT_FOUND'));
return;
}
// Instantiate an attachment object
if (!$post_id) {
$attach = Attachment::oneByThread($thread_id, $file);
} else {
$attach = Attachment::oneByPost($post_id);
}
if (!$attach->get('filename')) {
App::abort(404, Lang::txt('PLG_COURSES_FORUM_FILE_NOT_FOUND'));
}
// Get the parent ticket the file is attached to
$post = $attach->post();
if (!$post->get('id') || $post->get('state') == $post::STATE_DELETED) {
App::abort(404, Lang::txt('PLG_COURSES_FORUM_POST_NOT_FOUND'));
}
// Load ACL
$this->_authorize('thread', $post->get('thread'));
// Ensure the user is authorized to view this file
if (!$this->course->access('view')) {
App::abort(403, Lang::txt('PLG_COURSES_DISCUSSIONS_NOT_AUTH_FILE'));
}
// Get the configured upload path
$filename = $attach->path();
// Ensure the file exist
if (!file_exists($filename)) {
App::abort(404, Lang::txt('PLG_COURSES_FILE_NOT_FOUND') . ' ' . substr($filename, strlen(PATH_ROOT)));
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filename);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
App::abort(404, Lang::txt('PLG_COURSES_DISCUSSIONS_SERVER_ERROR'));
}
exit;
}
/**
* Download a file
*
* @param string $filename File name
* @return void
*/
public function downloadTask($filename)
{
//get the course
$course = Course::getInstance($this->gid);
//authorize
$authorized = $this->_authorize();
//get the file name
if (substr(strtolower($filename), 0, 5) == 'image') {
$file = urldecode(substr($filename, 6));
} elseif (substr(strtolower($filename), 0, 4) == 'file') {
$file = urldecode(substr($filename, 5));
}
//if were on the wiki we need to output files a specific way
if ($this->active == 'wiki') {
//check to make sure user has access to wiki section
if (!in_array(User::get('id'), $course->get('members')) || User::isGuest()) {
return App::abort(403, Lang::txt('COM_COURSES_NOT_AUTH') . ' ' . $file);
}
//load wiki page from db
require_once PATH_CORE . DS . 'components' . DS . 'com_wiki' . DS . 'tables' . DS . 'page.php';
$page = new \Components\Wiki\Tables\Page($this->database);
$page->load(Request::getVar('pagename'), $course->get('cn') . DS . 'wiki');
//check specific wiki page access
if ($page->get('access') == 1 && !in_array(User::get('id'), $course->get('members')) && $authorized != 'admin') {
return App::abort(403, Lang::txt('COM_COURSES_NOT_AUTH') . ' ' . $file);
}
//get the config and build base path
$wiki_config = Component::params('com_wiki');
$base_path = $wiki_config->get('filepath') . DS . $page->get('id');
} else {
//check to make sure we can access it
if (!in_array(User::get('id'), $course->get('members')) || User::isGuest()) {
return App::abort(403, Lang::txt('COM_COURSES_NOT_AUTH') . ' ' . $file);
}
// Build the path
$base_path = $this->config->get('uploadpath');
$base_path .= DS . $course->get('gidNumber');
}
// Final path of file
$file_path = $base_path . DS . $file;
// Ensure the file exist
if (!file_exists(PATH_APP . DS . $file_path)) {
return App::abort(404, Lang::txt('COM_COURSES_FILE_NOT_FOUND') . ' ' . $file);
}
// Serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename(PATH_APP . DS . $file_path);
$xserver->disposition('attachment');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
return App::abort(404, Lang::txt('COM_COURSES_SERVER_ERROR'));
} else {
exit;
}
return;
}
/**
* Batch resume download
*
* @return void
*/
public function batchTask()
{
// Login required
if (User::isGuest()) {
\Notify::warning(Lang::txt('COM_JOBS_PLEASE_LOGIN_ACCESS_EMPLOYER'));
$this->login();
return;
}
// Check authorization
if (!$this->_admin && !$this->_emp) {
App::redirect(Route::url('index.php?option=com_jobs&task=subscribe'));
}
// Incoming
$pile = Request::getVar('pile', 'all');
// Zip the requested resumes
$archive = $this->_archiveResumes($pile);
if ($archive) {
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($archive['path']);
$xserver->disposition('attachment');
$xserver->acceptranges(false);
$xserver->saveas(Lang::txt('JOBS_RESUME_BATCH=Resume Batch'));
$result = $xserver->serve_attachment($archive['path'], $archive['name'], false);
// Delete downloaded zip
\Filesystem::delete($archive['path']);
if (!$result) {
throw new Exception(Lang::txt('COM_JOBS_ERROR_ARCHIVE_FAILED'), 500);
} else {
exit;
}
} else {
App::redirect(Route::url('index.php?option=com_jobs&task=dashboard'), Lang::txt('COM_JOBS_ERROR_ARCHIVE_FAILED'), 'error');
}
}
/**
* Compiles PDF/image preview for any kind of file
*
* @return string
*/
public function compile()
{
// Combine file and folder data
$items = $this->getCollection();
// Incoming
$download = Request::getInt('download', 0);
// Check that we have compile enabled
// @FIXME: why are latex and compiled preview tied together?
// presumedly we are also 'compiling' pdfs?
if (!$this->params->get('latex')) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_COMPILE_NOTALLOWED'));
return;
}
// Output HTML
$view = new \Hubzero\Plugin\View(['folder' => 'projects', 'element' => 'files', 'name' => 'connected', 'layout' => 'compiled']);
// Make sure we have an item
if (count($items) == 0) {
$view->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_NO_FILES_TO_COMPILE'));
$view->loadTemplate();
return;
}
// We can only handle one file at a time
$file = $items->first();
// Build path for storing temp previews
$imagePath = trim($this->model->config()->get('imagepath', '/site/projects'), DS);
$outputDir = DS . $imagePath . DS . strtolower($this->model->get('alias')) . DS . 'compiled';
// Make sure output dir exists
if (!is_dir(PATH_APP . $outputDir)) {
if (!Filesystem::makeDirectory(PATH_APP . $outputDir)) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_UNABLE_TO_CREATE_UPLOAD_PATH'));
return;
}
}
// Get LaTeX helper
$compiler = new \Components\Projects\Helpers\Compiler();
// Tex compiler path
$texPath = DS . trim($this->params->get('texpath'), DS);
// Set view args and defaults
$view->file = $file;
$view->oWidth = '780';
$view->oHeight = '460';
$view->url = $this->model->link('files');
$cExt = 'pdf';
// Tex file?
$tex = $compiler->isTexFile($file->getName());
// Build temp name
$tempBase = $tex ? 'temp__' . \Components\Projects\Helpers\Html::takeOutExt($file->getName()) : $file->getName();
$tempBase = str_replace(' ', '_', $tempBase);
$view->data = $file->isImage() ? NULL : $file->read();
// LaTeX file?
if ($tex && !empty($view->data)) {
// Clean up data from Windows characters - important!
$view->data = preg_replace('/[^(\\x20-\\x7F)\\x0A]*/', '', $view->data);
// Store file locally
$tmpfile = PATH_APP . $outputDir . DS . $tempBase;
file_put_contents($tmpfile, $view->data);
// Compile and get path to PDF
$contentFile = $compiler->compileTex($tmpfile, $view->data, $texPath, PATH_APP . $outputDir, 1, $tempBase);
// Read log (to show in case of error)
$logFile = $tempBase . '.log';
if (file_exists(PATH_APP . $outputDir . DS . $logFile)) {
$view->log = Filesystem::read(PATH_APP . $outputDir . DS . $logFile);
}
if (!$contentFile) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_COMPILE_TEX_FAILED'));
}
$cType = Filesystem::mimetype(PATH_APP . $outputDir . DS . $contentFile);
} else {
// Make sure we can handle preview of this type of file
if ($file->hasExtension('pdf') || $file->isImage() || !$file->isBinary()) {
$origin = $this->connection->provider->alias . '://' . $file->getPath();
$dest = 'compiled://' . $tempBase;
// Do the copy
Manager::adapter('local', ['path' => PATH_APP . $outputDir . DS], 'compiled');
Manager::copy($origin, $dest);
$contentFile = $tempBase;
}
}
// Parse output
if (!empty($contentFile) && file_exists(PATH_APP . $outputDir . DS . $contentFile)) {
// Get compiled content mimetype
$cType = Filesystem::mimetype(PATH_APP . $outputDir . DS . $contentFile);
// Is image?
if (strpos($cType, 'image/') !== false) {
// Fix up object width & height
list($width, $height, $type, $attr) = getimagesize(PATH_APP . $outputDir . DS . $contentFile);
$xRatio = $view->oWidth / $width;
$yRatio = $view->oHeight / $height;
if ($xRatio * $height < $view->oHeight) {
// Resize the image based on width
$view->oHeight = ceil($xRatio * $height);
} else {
// Resize the image based on height
$view->oWidth = ceil($yRatio * $width);
}
}
// Download compiled file?
if ($download) {
$pdfName = $tex ? str_replace('temp__', '', basename($contentFile)) : basename($contentFile);
// Serve up file
$server = new \Hubzero\Content\Server();
$server->filename(PATH_APP . $outputDir . DS . $contentFile);
$server->disposition('attachment');
$server->acceptranges(false);
$server->saveas($pdfName);
$result = $server->serve();
if (!$result) {
// Should only get here on error
throw new Exception(Lang::txt('PLG_PROJECTS_FILES_SERVER_ERROR'), 404);
} else {
exit;
}
}
// Generate preview image for browsers that cannot embed pdf
if ($cType == 'application/pdf') {
// GS path
$gspath = trim($this->params->get('gspath'), DS);
if ($gspath && file_exists(DS . $gspath . DS . 'gs')) {
$gspath = DS . $gspath . DS;
$pdfName = $tex ? str_replace('temp__', '', basename($contentFile)) : basename($contentFile);
$pdfPath = PATH_APP . $outputDir . DS . $contentFile;
$exportPath = PATH_APP . $outputDir . DS . $tempBase . '%d.jpg';
exec($gspath . "gs -dNOPAUSE -sDEVICE=jpeg -r300 -dFirstPage=1 -dLastPage=1 -sOutputFile={$exportPath} {$pdfPath} 2>&1", $out);
if (is_file(PATH_APP . $outputDir . DS . $tempBase . '1.jpg')) {
$hi = new \Hubzero\Image\Processor(PATH_APP . $outputDir . DS . $tempBase . '1.jpg');
if (count($hi->getErrors()) == 0) {
$hi->resize($view->oWidth, false, false, true);
$hi->save(PATH_APP . $outputDir . DS . $tempBase . '1.jpg');
} else {
return false;
}
}
if (is_file(PATH_APP . $outputDir . DS . $tempBase . '1.jpg')) {
$image = $tempBase . '1.jpg';
}
}
}
} elseif (!$this->getError()) {
$this->setError(Lang::txt('PLG_PROJECTS_FILES_ERROR_COMPILE_PREVIEW_FAILED'));
}
$view->file = $file;
$view->outputDir = $outputDir;
$view->embed = $contentFile;
$view->cType = $cType;
$view->subdir = $this->subdir;
$view->option = $this->_option;
$view->image = !empty($image) ? $image : NULL;
$view->model = $this->model;
$view->repo = $this->repo;
$view->connection = $this->connection;
if ($this->getError()) {
$view->setError($this->getError());
}
return $view->loadTemplate();
}
/**
* Serve publication-related file (via public link)
*
* @param int $projectid
* @return void
*/
public function serve($type = '', $projectid = 0, $query = '')
{
$this->_area = $this->onProjectAreas();
if ($type != $this->_area['name']) {
return false;
}
$data = json_decode($query);
if (!isset($data->pid) || !$projectid) {
return false;
}
$disp = isset($data->disp) ? $data->disp : 'inline';
$type = isset($data->type) ? $data->type : 'file';
$folder = isset($data->folder) ? $data->folder : 'wikicontent';
$fpath = isset($data->path) ? $data->path : 'inline';
$limited = isset($data->limited) ? $data->limited : 0;
if ($type != 'file') {
return false;
}
$database = App::get('db');
// Instantiate a project
$model = new \Components\Projects\Models\Project($projectid);
if (!$model->exists() || $limited == 1 && !$model->access('member')) {
// Throw error
throw new Exception(Lang::txt('COM_PROJECTS_ERROR_ACTION_NOT_AUTHORIZED'), 403);
return;
}
// Get referenced path
$pubconfig = Component::params('com_publications');
$base_path = $pubconfig->get('webpath');
$pubPath = \Components\Publications\Helpers\Html::buildPubPath($data->pid, $data->vid, $base_path, $folder, $root = 0);
$serve = PATH_APP . $pubPath . DS . $fpath;
// Ensure the file exist
if (!file_exists($serve)) {
// Throw error
throw new Exception(Lang::txt('COM_PROJECTS_FILE_NOT_FOUND'), 404);
return;
}
// Initiate a new content server and serve up the file
$server = new \Hubzero\Content\Server();
$server->filename($serve);
$server->disposition($disp);
$server->acceptranges(false);
// @TODO fix byte range support
$server->saveas(basename($fpath));
if (!$server->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_PUBLICATIONS_SERVER_ERROR'), 404);
} else {
exit;
}
return;
}
/**
* Unlock sync and view sync log for project
*
* @return void
*/
public function fixsyncTask()
{
$id = Request::getVar('id', 0);
$service = 'google';
// Initiate extended database class
$obj = new Tables\Project($this->database);
if (!$id or !$obj->loadProject($id)) {
App::redirect(Route::url('index.php?option=' . $this->_option, false), Lang::txt('COM_PROJECTS_NOTICE_ID_NOT_FOUND'), 'error');
return;
}
// Unlock sync
$obj->saveParam($id, $service . '_sync_lock', '');
// Get log file
$repodir = Helpers\Html::getProjectRepoPath($obj->alias, 'logs');
$sfile = $repodir . DS . 'sync.' . Date::format('Y-m') . '.log';
if (file_exists($sfile)) {
// Serve up file
$server = new \Hubzero\Content\Server();
$server->filename($sfile);
$server->disposition('attachment');
$server->acceptranges(false);
$server->saveas('sync.' . Date::format('Y-m') . '.txt');
$result = $server->serve_attachment($sfile, 'sync.' . Date::format('Y-m') . '.txt', false);
exit;
}
// Redirect
App::redirect(Route::url('index.php?option=' . $this->_option . '&task=edit&id=' . $id, false), Lang::txt('Sync log unavailable'));
}
/**
* Serve publication package
*
* @return boolean
*/
public function serveBundle()
{
if (empty($this->_pub)) {
throw new Exception(Lang::txt('COM_PUBLICATIONS_FILE_NOT_FOUND'), 404);
return;
}
$bundle = $this->_pub->path('base', true) . DS . $this->getBundleName();
$serveas = $this->_pub->version->get('title') . ' v.' . $this->_pub->version->get('version_label') . '.zip';
if (!is_file($bundle)) {
throw new Exception(Lang::txt('COM_PUBLICATIONS_FILE_NOT_FOUND'), 404);
return;
}
// Initiate a new content server and serve up the file
$server = new \Hubzero\Content\Server();
$server->filename($bundle);
$server->disposition('download');
$server->acceptranges(true);
$server->saveas($serveas);
if (!$server->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_PUBLICATIONS_SERVER_ERROR'), 404);
} else {
exit;
}
return;
}
