/** * @request_handler * @return array */ public function enter($params) { $fields = array_fill_keys(array('email', 'passwd'), ''); $post = array_intersect_key(array_merge($fields, $_POST), $fields); $message = ''; $db = DB::getInstance(); $q_user = $db->query(SqlBuilder::newQuery()->from('user')->select('*')->where('email', $db->quote($post['email']))->limit(1)->getSql()); if ($q_user->rowCount() == 0) { $message = _('Entered email not registered'); } else { $user = $q_user->fetch(PDO::FETCH_ASSOC); if ($user['passwd'] != $post['passwd']) { $message = _('Incorrect password'); } else { empty($user['name']) and $user['name'] = $user['email']; User::setAuth($user); } } return array('data' => array('message' => $message, 'form' => $post), 'redirect' => empty($message) ? 'profile' : 'login'); }
/** * @request_handler * @return array */ public function download($params) { empty($params['name']) and Template::show404Page(); $db = DB::getInstance(); $file = $db->query(SqlBuilder::newQuery()->from('file')->select('*')->where('file_name', $db->quote($params['name']))->limit(1)->getSql())->fetch() or Template::show404Page(); $dir = rtrim(Config::getConfig('repository'), '\\/') . DIRECTORY_SEPARATOR; ob_end_clean(); header("Content-Type: {$file['type']}"); header("Accept-Ranges: bytes"); header("Content-Length: {$file['size']}"); header("Content-Disposition: attachment; filename={$file['original_name']}"); header("Content-Transfer-Encoding: binary"); readfile($dir . $file['file_name']); }