/**
* send response (save uploaded file, resize if required)
* @access public
*
*/
public function sendResponse()
{
$iErrorNumber = QFINDER_CONNECTOR_ERROR_NONE;
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$oRegistry =& QFinder_Connector_Core_Factory::getInstance("Core_Registry");
$oRegistry->set("FileUpload_fileName", "unknown file");
$uploadedFile = array_shift($_FILES);
if (!isset($uploadedFile['name'])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_INVALID);
}
$sUnsafeFileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(QFinder_Connector_Utils_Misc::mbBasename($uploadedFile['name']));
$sFileName = QFinder_Connector_Utils_FileSystem::secureFileName($sUnsafeFileName);
if ($sFileName != $sUnsafeFileName) {
$iErrorNumber = QFINDER_CONNECTOR_ERROR_UPLOADED_INVALID_NAME_RENAMED;
}
$oRegistry->set("FileUpload_fileName", $sFileName);
$this->checkConnector();
$this->checkRequest();
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_UPLOAD)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
$_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFileName($sFileName) || $_resourceTypeConfig->checkIsHiddenFile($sFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_NAME);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!$resourceTypeInfo->checkExtension($sFileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
}
$oRegistry->set("FileUpload_fileName", $sFileName);
$oRegistry->set("FileUpload_url", $this->_currentFolder->getUrl());
$maxSize = $resourceTypeInfo->getMaxSize();
if (!$_config->checkSizeAfterScaling() && $maxSize && $uploadedFile['size'] > $maxSize) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
}
$htmlExtensions = $_config->getHtmlExtensions();
$sExtension = QFinder_Connector_Utils_FileSystem::getExtension($sFileName);
if ($htmlExtensions && !QFinder_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) && ($detectHtml = QFinder_Connector_Utils_FileSystem::detectHtml($uploadedFile['tmp_name'])) === true) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE);
}
$secureImageUploads = $_config->getSecureImageUploads();
if ($secureImageUploads && ($isImageValid = QFinder_Connector_Utils_FileSystem::isImageValid($uploadedFile['tmp_name'], $sExtension)) === false) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
}
switch ($uploadedFile['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
break;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
break;
case UPLOAD_ERR_NO_TMP_DIR:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR);
break;
case UPLOAD_ERR_CANT_WRITE:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
break;
case UPLOAD_ERR_EXTENSION:
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
break;
}
$sServerDir = $this->_currentFolder->getServerPath();
while (true) {
$sFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($sServerDir, $sFileName);
if (file_exists($sFilePath)) {
$sFileName = QFinder_Connector_Utils_FileSystem::autoRename($sServerDir, $sFileName);
$oRegistry->set("FileUpload_fileName", $sFileName);
$iErrorNumber = QFINDER_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED;
} else {
if (false === move_uploaded_file($uploadedFile['tmp_name'], $sFilePath)) {
$iErrorNumber = QFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
} else {
if (isset($detectHtml) && $detectHtml === -1 && QFinder_Connector_Utils_FileSystem::detectHtml($sFilePath) === true) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE);
} else {
if (isset($isImageValid) && $isImageValid === -1 && QFinder_Connector_Utils_FileSystem::isImageValid($sFilePath, $sExtension) === false) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
}
}
}
if (is_file($sFilePath) && ($perms = $_config->getChmodFiles())) {
$oldumask = umask(0);
chmod($sFilePath, $perms);
umask($oldumask);
}
break;
}
}
if (!$_config->checkSizeAfterScaling()) {
$this->_errorHandler->throwError($iErrorNumber, true, false);
}
//resize image if required
require_once QFINDER_CONNECTOR_LIB_DIR . "/CommandHandler/Thumbnail.php";
$_imagesConfig = $_config->getImagesConfig();
if ($_imagesConfig->getMaxWidth() > 0 && $_imagesConfig->getMaxHeight() > 0 && $_imagesConfig->getQuality() > 0) {
QFinder_Connector_CommandHandler_Thumbnail::createThumb($sFilePath, $sFilePath, $_imagesConfig->getMaxWidth(), $_imagesConfig->getMaxHeight(), $_imagesConfig->getQuality(), true);
}
if ($_config->checkSizeAfterScaling()) {
//check file size after scaling, attempt to delete if too big
clearstatcache();
if ($maxSize && filesize($sFilePath) > $maxSize) {
@unlink($sFilePath);
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
} else {
$this->_errorHandler->throwError($iErrorNumber, true, false);
}
}
QFinder_Connector_Core_Hooks::run('AfterFileUpload', array(&$this->_currentFolder, &$uploadedFile, &$sFilePath));
}
/**
* handle request and build XML
* @access protected
*
*/
protected function buildXml()
{
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
// Map the virtual path to the local server path.
$_sServerDir = $this->_currentFolder->getServerPath();
// Create the "Files" node.
$oFilesNode = new Qfinder_Connector_Utils_XmlNode("Files");
$this->_connectorNode->addChild($oFilesNode);
if (!is_dir($_sServerDir)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND);
}
$files = array();
$thumbFiles = array();
if ($dh = @opendir($_sServerDir)) {
while (($file = readdir($dh)) !== false) {
if ($file != "." && $file != ".." && !is_dir($_sServerDir . $file)) {
$files[] = $file;
}
}
closedir($dh);
} else {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
$resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (sizeof($files) > 0) {
$_thumbnailsConfig = $_config->getThumbnailsConfig();
$_thumbServerPath = '';
$_showThumbs = !empty($_GET['showThumbs']) && $_GET['showThumbs'] == 1;
if ($_thumbnailsConfig->getIsEnabled() && ($_thumbnailsConfig->getDirectAccess() || $_showThumbs)) {
$_thumbServerPath = $this->_currentFolder->getThumbsServerPath();
}
natcasesort($files);
$i = 0;
foreach ($files as $file) {
$filemtime = @filemtime($_sServerDir . $file);
//otherwise file doesn't exist or we can't get it's filename properly
if ($filemtime !== false) {
$filename = QFinder_Connector_Utils_Misc::mbBasename($file);
if (!$resourceTypeInfo->checkExtension($filename, false)) {
continue;
}
if ($resourceTypeInfo->checkIsHiddenFile($filename)) {
continue;
}
$oFileNode[$i] = new Qfinder_Connector_Utils_XmlNode("File");
$oFilesNode->addChild($oFileNode[$i]);
$oFileNode[$i]->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding(QFinder_Connector_Utils_Misc::mbBasename($file)));
$oFileNode[$i]->addAttribute("date", @date("YmdHi", $filemtime));
if (!empty($_thumbServerPath) && preg_match(QFINDER_REGEX_IMAGES_EXT, $filename)) {
if (file_exists($_thumbServerPath . $filename)) {
$oFileNode[$i]->addAttribute("thumb", $filename);
} elseif ($_showThumbs) {
$oFileNode[$i]->addAttribute("thumb", "?" . $filename);
}
}
$size = filesize($_sServerDir . $file);
if ($size && $size < 1024) {
$size = 1;
} else {
$size = (int) round($size / 1024);
}
$oFileNode[$i]->addAttribute("size", $size);
$i++;
}
}
}
}
/**
* handle request and send response
* @access public
*
*/
public function sendResponse()
{
// Get rid of BOM markers
if (ob_get_level()) {
while (@ob_end_clean() && ob_get_level()) {
}
}
header("Content-Encoding: none");
$this->checkConnector();
$this->checkRequest();
$_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
$_thumbnails = $_config->getThumbnailsConfig();
if (!$_thumbnails->getIsEnabled()) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_THUMBNAILS_DISABLED);
}
if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_VIEW)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
}
if (!isset($_GET["FileName"])) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$fileName = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($_GET["FileName"]);
$_resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
if (!QFinder_Connector_Utils_FileSystem::checkFileName($fileName)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
}
$sourceFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getServerPath(), $fileName);
if ($_resourceTypeInfo->checkIsHiddenFile($fileName) || !file_exists($sourceFilePath)) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND);
}
$thumbFilePath = QFinder_Connector_Utils_FileSystem::combinePaths($this->_currentFolder->getThumbsServerPath(), $fileName);
// If the thumbnail file doesn't exists, create it now.
if (!file_exists($thumbFilePath)) {
if (!$this->createThumb($sourceFilePath, $thumbFilePath, $_thumbnails->getMaxWidth(), $_thumbnails->getMaxHeight(), $_thumbnails->getQuality(), true, $_thumbnails->getBmpSupported())) {
$this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
}
}
$size = filesize($thumbFilePath);
$sourceImageAttr = getimagesize($thumbFilePath);
$mime = $sourceImageAttr["mime"];
$rtime = isset($_SERVER["HTTP_IF_MODIFIED_SINCE"]) ? @strtotime($_SERVER["HTTP_IF_MODIFIED_SINCE"]) : 0;
$mtime = filemtime($thumbFilePath);
$etag = dechex($mtime) . "-" . dechex($size);
$is304 = false;
if (isset($_SERVER["HTTP_IF_NONE_MATCH"]) && $_SERVER["HTTP_IF_NONE_MATCH"] === $etag) {
$is304 = true;
} else {
if ($rtime == $mtime) {
$is304 = true;
}
}
if ($is304) {
header("HTTP/1.0 304 Not Modified");
exit;
}
//header("Cache-Control: cache, must-revalidate");
//header("Pragma: public");
//header("Expires: 0");
header('Cache-control: public');
header('Etag: ' . $etag);
header("Content-type: " . $mime . "; name=\"" . QFinder_Connector_Utils_Misc::mbBasename($thumbFilePath) . "\"");
header("Last-Modified: " . gmdate('D, d M Y H:i:s', $mtime) . " GMT");
//header("Content-type: application/octet-stream; name=\"{$file}\"");
//header("Content-Disposition: attachment; filename=\"{$file}\"");
header("Content-Length: " . $size);
readfile($thumbFilePath);
exit;
}
