/**
* Serves up files only after passing access checks
*
* @return void
*/
public function downloadTask()
{
// Check logged in status
if (User::isGuest()) {
$return = base64_encode(Request::getVar('REQUEST_URI', Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task, false, true), 'server'));
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return, false));
return;
}
// Get the ID of the file requested
$id = Request::getInt('id', 0);
// Instantiate an attachment object
$attach = new Tables\Attachment($this->database);
$attach->load($id);
if (!$attach->filename) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND'), 404);
}
$file = $attach->filename;
// Get the parent ticket the file is attached to
$row = new Tables\Ticket($this->database);
$row->load($attach->ticket);
if (!$row->report) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_TICKET_NOT_FOUND'), 404);
}
// Load ACL
if ($row->login == User::get('username') || $row->owner == User::get('id')) {
if (!$this->acl->check('read', 'tickets')) {
$this->acl->setAccess('read', 'tickets', 1);
}
}
if ($this->acl->authorize($row->group)) {
$this->acl->setAccess('read', 'tickets', 1);
}
// Ensure the user is authorized to view this file
if (!$this->acl->check('read', 'tickets')) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_NOT_AUTH'), 403);
}
// Ensure we have a path
if (empty($file)) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND'), 404);
}
// Get the configured upload path
$basePath = DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $attach->ticket;
// Does the path start with a slash?
$file = DS . ltrim($file, DS);
// Does the beginning of the $attachment->path match the config path?
if (substr($file, 0, strlen($basePath)) == $basePath) {
// Yes - this means the full path got saved at some point
} else {
// No - append it
$file = $basePath . $file;
}
// Add root path
$filename = PATH_APP . $file;
// Ensure the file exist
if (!file_exists($filename)) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND') . ' ' . $filename, 404);
}
// Initiate a new content server and serve up the file
$xserver = new Server();
$xserver->filename($filename);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_SERVING_FILE'), 500);
} else {
exit;
}
return;
}
/**
* Serves up files only after passing access checks
*
* @return void
*/
public function downloadTask()
{
// Get the ID of the file requested
$id = Request::getInt('id', 0);
// Instantiate an attachment object
$attach = new Tables\Attachment($this->database);
$attach->load($id);
if (!$attach->filename) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND'), 404);
return;
}
$file = $attach->filename;
// Ensure we have a path
if (empty($file)) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND'), 404);
}
// Get the configured upload path
$basePath = DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $attach->ticket;
$file = DS . ltrim($file, DS);
// Does the beginning of the $attachment->path match the config path?
if (substr($file, 0, strlen($basePath)) == $basePath) {
// Yes - this means the full path got saved at some point
} else {
// No - append it
$file = $basePath . $file;
}
// Add root path
$filename = PATH_APP . $file;
// Ensure the file exist
if (!file_exists($filename)) {
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_FILE_NOT_FOUND') . ' ' . $filename, 404);
}
// Initiate a new content server and serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($filename);
$xserver->disposition('inline');
$xserver->acceptranges(false);
// @TODO fix byte range support
if (!$xserver->serve()) {
// Should only get here on error
throw new Exception(Lang::txt('COM_SUPPORT_SERVER_ERROR'), 404);
} else {
exit;
}
return;
}
/**
* Process an attachment macro and output a link to the file
*
* @param array $matches Macro info
* @return string HTML
*/
protected function _getAttachment($matches)
{
$tokens = explode('#', $matches[0]);
$id = intval(end($tokens));
$attach = new Tables\Attachment($this->_db);
$attach->load($id);
if ($attach->id && !$attach->comment_id) {
$attach->comment_id = $this->get('id');
$attach->created = $this->get('created');
$attach->created_by = $this->creator('id');
$attach->store();
}
if (!$this->_cache['attachments.list'] instanceof ItemList) {
$this->_cache['attachments.list'] = new ItemList(array());
}
$this->_cache['attachments.list']->add(new Attachment($attach));
return '';
}
