public function indexAction() { SxCms_Acl::requireAcl('filemanager', 'filemanager.index'); $base = APPLICATION_PATH . '/../public_html/files/'; $base = realpath($base); $path = base64_decode($this->_getParam('path')); if ($this->getRequest()->isPost()) { if (null !== $this->_getParam('folder')) { SxCms_Acl::requireAcl('filemanager', 'filemanager.add.folder'); if (strlen($this->_getParam('folder'))) { $dirname = $path . '/' . $this->_getParam('folder'); mkdir($base . $dirname); $this->_redirect('/admin/filemanager/index/path/' . base64_encode($path)); } } else { SxCms_Acl::requireAcl('filemanager', 'filemanager.add.file'); $adapter = new Zend_File_Transfer_Adapter_Http(); $adapter->setDestination(realpath($base) . $path); if ($adapter->receive()) { $filename = realpath($adapter->getFileName('filename')); $file = new SxCms_File($filename); $path = $file->getPathnameFromBase(); $nfile = $path . '/' . $file->getBasename(); $this->_redirect('/admin/filemanager/edit/file/' . base64_encode($nfile) . '/path/' . base64_encode($path)); } else { $msg = Sanmax_MessageStack::getInstance('SxCms_Filemanager'); $msg->addMessage('file', $adapter->getMessages()); } } } $this->view->messages = Sanmax_MessageStack::getInstance('SxCms_Filemanager'); try { $it = new SxCms_Filesystem(realpath($base . $path)); } catch (Exception $e) { $it = new SxCms_Filesystem($base); $path = ''; $e; } $topdir = explode('/', $path); if (count($topdir) > 1) { array_pop($topdir); $topdir = implode('/', $topdir); } else { $topdir = ''; } $this->view->files = $it; $this->view->path = $path; $this->view->showpath = explode('/', $path); $this->view->topdir = $topdir; if ($this->_getParam('full')) { $this->_helper->layout->setLayout('nolayout'); $this->view->full = true; } }
public function downloadAction() { $this->_helper->viewRenderer->setNoRender(true); $this->_helper->layout->disableLayout(); $filename = APPLICATION_ROOT . '/public_html/files/' . $this->_getParam('filename'); $filename = realpath($filename); try { $file = new SxCms_File($filename); $data = $file->getCleanFile(); $identity = Zend_Auth::getInstance()->getIdentity(); if (!$file->isAllowed($identity)) { $this->_helper->redirector->setExit(true)->gotoSimple('unauthorized', 'index'); return; } if ($file->isApb()) { $as = new SimpleSAML_Auth_Simple('klavsts'); $attributes = $as->getAttributes(); if (!$attributes) { $this->_forward('unauthorized', 'index', null, array('url' => $this->view->url())); return; } $attributes = $attributes['urn:klav:docmanager']; $filecheck = new SxCms_Filesystem($file->getPath()); $filecheck->setApb($attributes); if (!$filecheck->isAllowed()) { $this->_helper->redirector->setExit(true)->gotoSimple('unauthorized', 'index'); return; } } // workaround for when PECL class finfo is not installed $mimeType = 'application/octet-stream'; if (@class_exists('finfo')) { $finfo = new finfo(FILEINFO_MIME); $mimeType = $finfo->file($filename); } // mimetype "unknown", let's figure it out by filename extension if ($mimeType == 'application/octet-stream') { $ext = strtolower(end(explode('.', $filename))); $types = simplexml_load_file(APPLICATION_PATH . '/var/mime-types.xml'); $result = $types->xpath('//mime-types/mime-type/ext[. ="' . $ext . '"]/..'); $result = $result[0]->attributes(); $result = (string) $result['name']; $mimeType = $result; } $size = mb_strlen($data); $this->getResponse()->setHeader('Content-Type', $mimeType)->setHeader('Content-Length', $size); echo $data; } catch (Exception $e) { throw new Zend_Controller_Action_Exception('File not found', 404); } }