/**
* download
*
* file download
*
* @param array $_map
* request data
*/
function download($_map)
{
$id = '';
$query = '';
if (isset($_map['oid'])) {
$id = intval($_map['oid']);
$query = 'SELECT * FROM #wp__easycontactforms_files WHERE id=\'' . $id . '\' AND Webdir=FALSE';
} else {
EasyContactFormsFiles::fileNotFound($_map);
}
$token = isset($_map['token']) ? $_map['token'] : '';
$md5 = md5(EasyContactFormsSecurityManager::getServerPwd() . $id);
if (isset($_map['token']) && $md5 != $token) {
EasyContactFormsFiles::fileNotFound($_map);
}
if (!isset($_map['token']) && (!isset($_map['easycontactusr']) || $_map['easycontactusr']->id == 0)) {
EasyContactFormsIHTML::getNotLoggedInHTML();
exit;
}
$response = EasyContactFormsDB::getObjects($query);
if (EasyContactFormsDB::err() || count($response) == 0) {
EasyContactFormsFiles::fileNotFound($_map);
}
$ds = DIRECTORY_SEPARATOR;
$downloaddir = EASYCONTACTFORMS__fileUploadDir;
$Count = intval($response[0]->Count);
$Size = $response[0]->Size;
$Type = $response[0]->Type;
$Name = $response[0]->Name;
$filepath = $downloaddir . $ds . $response[0]->Storagename;
if (!is_file($filepath)) {
EasyContactFormsFiles::fileNotFound($_map);
}
header("Content-length: {$Size}");
header("Content-type: {$Type}");
header("Content-Disposition: attachment; filename={$Name}");
readfile($filepath);
$valuemap = array();
$valuemap['Count'] = ++$Count;
EasyContactFormsDB::update($valuemap, 'Files', $response[0]->id);
exit;
}
/**
* getACLViewName
*
* Returns a view name based on a user role, object type and request
* method
*
* @param string $role
* a role name
* @param string $type
* an object type
* @param string $method
* a method name
*
* @return string
* a view name
*/
function getACLViewName($role, $type, $method)
{
$query = "SELECT\n\t\t\t\tname\n\t\t\tFROM\n\t\t\t\t#wp__easycontactforms_acl\n\t\t\tWHERE\n\t\t\t\tobjtype='{$type}'\n\t\t\t\tAND role='{$role}'\n\t\t\t\tAND method='{$method}'";
$result = EasyContactFormsDB::getValue($query);
if (EasyContactFormsDB::err()) {
return '';
}
return $result;
}
/**
* getList
*
* performs an actual query to a database
*
* @param string $listquery
* a query to execute
* @param array $params
* an optional list of query parameters
*
* @return array
* an array containing object records
*/
function getList($listquery, $params = NULL)
{
$listquery = EasyContactFormsDB::getQueryText($listquery, $params);
if (!isset($this->rsholder[$listquery])) {
$rslist = EasyContactFormsDB::getObjects($listquery);
if (EasyContactFormsDB::err()) {
return NULL;
}
$this->rsholder[$listquery] = $rslist;
} else {
$rslist = $this->rsholder[$listquery];
}
return $rslist;
}