public function download($path) { if (is_null($path) || empty($path)) { throw new InvalidArgumentException('You must specify the item to download.', 400); } else { if (!$this->exists($path) || !is_file($this->realRootDirectory . DIRECTORY_SEPARATOR . $path)) { throw new FileNotFoundException('The specified file does not exist.', 404); } } $fileObject = new \SplFileObject($this->realRootDirectory . DIRECTORY_SEPARATOR . $path); HttpResponse::setContentDisposition($fileObject->getBasename()); HttpResponse::setContentType('application/octet-stream'); HttpResponse::setHeader('Content-Length', $fileObject->getSize()); $fileObject->fpassthru(); exit(0); }
protected function setHeaders() { if (function_exists('http_response_code')) { // This method is defined in PHP 5.4. -- cwells http_response_code($this->statusCode); } else { header("X-PHP-Response-Code: {$this->statusCode}", true, $this->statusCode); } if ($this->format === 'json') { HttpResponse::setContentType('application/json'); } else { if ($this->format === 'atom') { HttpResponse::setContentType('application/atom+xml'); } else { // Also set charset for text subtypes. -- cwells HttpResponse::setContentType('text/html; charset=utf-8'); } } if (!is_null($this->canonicalURL)) { HttpResponse::setHeader('Link', "<{$this->canonicalURL}>; rel=\"canonical\""); } // Security related headers. -- cwells HttpResponse::setHeader('Content-Security-Policy', \CWA\MVC\VIEWS\HEADERS\CONTENT_SECURITY_POLICY); HttpResponse::setHeader('X-Content-Type-Options', \CWA\MVC\VIEWS\HEADERS\X_CONTENT_TYPE_OPTIONS); HttpResponse::setHeader('X-Frame-Options', \CWA\MVC\VIEWS\HEADERS\X_FRAME_OPTIONS); HttpResponse::setHeader('X-XSS-Protection', \CWA\MVC\VIEWS\HEADERS\X_XSS_PROTECTION); }