public function exec($mode = "basic", $params = array()) { $res = $this->check($params); if ($this->check($params)) { $this->file = \CFile::getByID($this->id)->fetch(); if ($mode == "resize" && ($file = \CFile::ResizeImageGet($this->id, $params, BX_RESIZE_IMAGE_PROPORTIONAL, true)) && $file) { $this->file["SRC"] = $file["src"]; $this->file["WIDTH"] = $file["width"]; $this->file["HEIGHT"] = $file["height"]; $this->file["FILE_SIZE"] = $file["size"]; } \CFile::ViewByUser($this->file, array("force_download" => false, 'cache_time' => 0)); } }
$fileId = intval($_REQUEST["i"]); $fileAction = $_REQUEST["act"] == "v" ? "view" : "download"; if (strlen($fileName) <= 0 || $fileId <= 0 || strlen($fileAction) <= 0) { die("Error1"); } $arImg = CFile::GetFileArray($fileId); if (!$arImg) { die("Error2"); } if (strlen($arImg["FILE_NAME"]) != strlen($fileName) || $arImg["FILE_NAME"] != $fileName) { die("Error3"); } if (strlen($arImg["SUBDIR"]) <= 0 || substr($arImg["SUBDIR"], 0, strlen("bizproc_wf/")) != "bizproc_wf/") { die("Error4"); } set_time_limit(0); if ($fileAction == "download") { CFile::ViewByUser($arImg, array("force_download" => true)); } else { $contentType = strtolower($arImg["CONTENT_TYPE"]); if (strpos($contentType, "image/") !== false && strpos($contentType, "html") === false && (CFile::GetImageSize($_SERVER["DOCUMENT_ROOT"] . $arImg["SRC"]) || $arFile["WIDTH"] > 0 && $arImg["HEIGHT"] > 0)) { $contentType = $contentType; } elseif (strpos($contentType, "excel") !== false) { $contentType = "application/vnd.ms-excel"; } elseif (strpos($contentType, "word") !== false) { $contentType = "application/msword"; } else { $contentType = "application/octet-stream"; } CFile::ViewByUser($arImg, array("content_type" => $contentType)); }
<?php /* ############################################## # Bitrix: SiteManager # # Copyright (c) 2002 - 2011 Bitrix # # http://www.bitrixsoft.com # # mailto:admin@bitrixsoft.com # ############################################## */ require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php"; if (CModule::IncludeModule("support") && strlen($hash) > 0 && preg_match('/^[a-z0-9]{32}$/i', $hash)) { $rsFiles = CTicket::GetFileList($v1 = "s_id", $v2 = "asc", array("HASH" => $hash), 'Y'); if ($rsFiles && ($arFile = $rsFiles->Fetch())) { set_time_limit(0); $options = array(); if ($_REQUEST["action"] == "download") { $options["force_download"] = true; } CFile::ViewByUser($arFile, $options); } } require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; ShowError(GetMessage("SUP_ERROR_ATTACH_NOT_FOUND")); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
foreach ($arFiles as $file) { if ($fileId == $file['fileID']) { $result["FILE"] = CFile::GetFileArray($fileId); break; } } } } if (!is_array($result["FILE"])) { require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; ShowError("File not found"); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php"; die; } set_time_limit(0); CFile::ViewByUser($result["FILE"]); } else { $bAdminAction = substr($action, 0, 6) == 'admin_' || $action == 'calendar_show' || $action == 'add_comment_entry' || $action == 'add_comment_full_report' || $action == 'user_report_edit'; if (!CTimeMan::CanUse($bAdminAction)) { echo "{error: 'access denied', type: 'fatal'}"; } else { CUtil::JSPostUnescape(); $error = false; $bReturnRes = false; $bGetFullInfo = $_REQUEST['full'] == 'Y'; $obUser = CTimeManUser::instance(); $obUser->SITE_ID = $_REQUEST['site_id']; switch ($action) { case "report_full_setting": $bReturnRes = true; if ($_POST["id"]) {
$rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsElement->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]]; } elseif (isset($ar[$arParams["FIELD_ID"] . "_VALUE"])) { if (is_array($ar[$arParams["FIELD_ID"] . "_VALUE"])) { $arResult["FILES"] = array_merge($arResult["FILES"], $ar[$arParams["FIELD_ID"] . "_VALUE"]); } else { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"] . "_VALUE"]; } } $arResult["ELEMENT"] = $ar; } } elseif ($SECTION_ID > 0) { $rsSection = CIBlockSection::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $SECTION_ID, "GLOBAL_ACTIVE" => "Y", "CHECK_PERMISSIONS" => "N"), false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsSection->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]]; } $arResult["SECTION"] = $ar; } } if (!in_array($arParams["FILE_ID"], $arResult["FILES"])) { ShowError(GetMessage("CC_BLF_WRONG_FILE")); } else { $arFile = CFile::GetFileArray($arParams["FILE_ID"]); if (is_array($arFile)) { $force_download = isset($_REQUEST["download"]) && $_REQUEST["download"] === "y"; CFile::ViewByUser($arParams["FILE_ID"], array("content_type" => $arFile["CONTENT_TYPE"], "force_download" => $force_download)); } }
CRMModeOutput($ID); if (strlen($apply) > 0 || $_REQUEST["action"] == "ps_update") LocalRedirect("sale_order_detail.php?ID=".$ID."&save_order_result=ok_ps&lang=".LANGUAGE_ID.GetFilterParams("filter_", false)); CSaleOrder::UnLock($ID); LocalRedirect("sale_order.php?lang=".LANGUAGE_ID.GetFilterParams("filter_", false)); } } elseif (isset($_REQUEST["download"]) && $_REQUEST["download"] == "Y") { if (isset($_REQUEST["file_id"]) && intval($_REQUEST["file_id"]) > 0) { $arFile = CFile::GetFileArray(intval($_REQUEST["file_id"])); set_time_limit(0); CFile::ViewByUser($arFile, array("force_download" => true)); } } } elseif (array_key_exists('dontsave', $_REQUEST) && 'Y' == $_REQUEST['dontsave']) { $intLockUserID = 0; $strLockTime = ''; if (!CSaleOrder::IsLocked($ID, $intLockUserID, $strLockTime)) CSaleOrder::UnLock($ID); if ($crmMode) CRMModeOutput($ID); LocalRedirect("sale_order.php?lang=".LANGUAGE_ID.GetFilterParams("filter_", false)); } /****************/
public function viewFile($hash) { $file = false; $copy = ""; if (strpos($hash, "_") > 0) { $copy = explode("_", $hash); $hash = $copy[0]; $copy = $copy[1]; } $copy = !!$copy ? $copy : "default"; if (FileInputUtility::instance()->checkFile($this->CID, $hash)) { $file = $this->getFromCache($hash); $file = $file["files"][$copy]; } if ($file) { \CFile::ViewByUser($file, array("content_type" => $file["type"])); } }
if (!$row) { die("Error: BP not found"); } $files = (array) $row[$fileName]; $key = array_search($fileId, $files); if ($key !== false) { set_time_limit(0); CFile::ViewByUser($files[$key], $options); } else { die("Error: File not found"); } } die; } $rawName = trim($_REQUEST["f"]); $arImg = CFile::GetFileArray($fileId); if (!$arImg) { die("Error2"); } if (strlen($arImg["FILE_NAME"]) != strlen($rawName) || $arImg["FILE_NAME"] != $rawName) { die("Error3"); } if (strlen($arImg["SUBDIR"]) <= 0) { die("Error4"); } if (substr($arImg["SUBDIR"], 0, strlen("bizproc_wf/")) != "bizproc_wf/" && (strlen($filePathHash) <= 0 || $filePathHash != md5($arImg["SUBDIR"]))) { die("Error5"); } set_time_limit(0); CFile::ViewByUser($arImg, $options);
// *************************/Default params************************************************************* set_time_limit(0); if ($arParams["ACTION"] == "download") { CFile::ViewByUser($arResult["FILE"], array("force_download" => true)); } else { if (CFile::CheckImageFile(CFile::MakeFileArray($arResult["FILE"]["FILE_ID"])) === null && (file_exists($_SERVER["DOCUMENT_ROOT"] . $arResult["FILE"]["SRC"]) && CFile::GetImageSize($_SERVER["DOCUMENT_ROOT"] . $arResult["FILE"]["SRC"]) || $arResult["FILE"]["WIDTH"] > 0 && $arResult["FILE"]["HEIGHT"] > 0)) { if ($arParams['WIDTH'] > 0 && $arParams['HEIGHT'] > 0) { $imageFile = $arResult['FILE']; $arFileTmp = CFile::ResizeImageGet($imageFile, array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), BX_RESIZE_IMAGE_PROPORTIONAL, true); $imageFile["FILE_SIZE"] = $arFileTmp['size']; $imageFile["SRC"] = $arFileTmp['src']; CFile::ViewByUser($imageFile, array("content_type" => $arResult["FILE"]["CONTENT_TYPE"])); } else { CFile::ViewByUser($arResult["FILE"], array("content_type" => $arResult["FILE"]["CONTENT_TYPE"])); } } else { $ct = strtolower($arResult["FILE"]["CONTENT_TYPE"]); if (strpos($ct, "excel") !== false) { CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/vnd.ms-excel")); } elseif (strpos($ct, "word") !== false) { CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/msword")); } else { CFile::ViewByUser($arResult["FILE"], array("content_type" => "application/octet-stream", "force_download" => true)); } } } // ***************************************************************************************** require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; echo ShowError(GetMessage("F_ATTACH_NOT_FOUND")); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php"; // *****************************************************************************************
case "dbf": case "csv": CFile::ViewByUser($arFile, array("content_type" => "application/vnd.ms-excel")); break; case "doc": case "docx": case "dot": case "rtf": CFile::ViewByUser($arFile, array("content_type" => "application/msword")); break; case "xml": case "pdf": CFile::ViewByUser($arFile, array("force_download" => true)); break; case 'rar': CFile::ViewByUser($arFile, array("content_type" => "application/x-rar-compressed")); break; case 'zip': CFile::ViewByUser($arFile, array("content_type" => "application/zip")); break; default: CFile::ViewByUser($arFile, array("specialchars" => true)); break; } } } } } require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; echo ShowError(GetMessage("SUP_ERROR_ATTACH_NOT_FOUND")); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php";
/** * @param $ID * @param int $WF_ID * @param bool $NotCheckWebRights * @param array $params */ function SendHistoryFile($ID, $WF_ID = 0, $NotCheckWebRights = false, $params = array()) { $ID = intval($ID); $WF_ID = intval($WF_ID); if ($ID <= 0) { return; } list($contextType, $contextEntityId) = $this->getContextData(); if (CWebDavSymlinkHelper::isLinkElement($contextType, $contextEntityId, $ID)) { $parentSectionData = CWebDavSymlinkHelper::getLinkDataOfElement($contextType, $contextEntityId, $ID); if ($parentSectionData) { $linkWebdav = new self($parentSectionData[self::UF_LINK_IBLOCK_ID], $this->base_url . $this->_path, array('ROOT_SECTION_ID' => $parentSectionData[self::UF_LINK_SECTION_ID], 'symlinkMode' => true, 'symlinkSectionData' => $parentSectionData, 'symlinkRealRootSectionData' => $this->arRootSection)); if ($this->withoutAuthorization) { $linkWebdav->withoutAuthorization = true; } return $linkWebdav->SendHistoryFile($ID, $WF_ID, $NotCheckWebRights, $params); } } $io = self::GetIo(); list($arFile, $options, $fullpath, $filename) = $this->getHistoryFileData($ID, $WF_ID, $params); if (empty($arFile)) { return; } $options["logica_full_path"] = $fullpath; if (!file_exists($fullpath) && file_exists($io->GetPhysicalName($fullpath))) { $fullpath = $io->GetPhysicalName($fullpath); } $options["path"] = $this->_path; $options["mimetype"] = !empty($arFile["CONTENT_TYPE"]) && $arFile["CONTENT_TYPE"] != "unknown" && $arFile["CONTENT_TYPE"] != "application/octet-stream" ? $arFile["CONTENT_TYPE"] : $this->get_mime_type($filename); $options["size"] = !empty($arFile["FILE_SIZE"]) ? $arFile["FILE_SIZE"] : 0; $options["name"] = $filename; if (!$NotCheckWebRights) { $arElementData = $this->GetObject(array("element_id" => $ID, "check_permissions" => false), false); if (!$this->CheckWebRights("", array("action" => "read", "arElement" => $arElementData), false)) { return; } } if ($options["resized"] == "Y" || $params["cache_image"] == "Y") { CFile::ViewByUser($arFile, array("content_type" => $options["mimetype"], "cache_time" => $options["cache_time"])); } if (file_exists($fullpath)) { if (empty($options['size'])) { $options['size'] = filesize($fullpath); } $options["mtime"] = filemtime($fullpath); $options["stream"] = fopen($fullpath, "r"); } $x = $this->SendFile($options); //, true }
if (empty($arResult["MESSAGE"])) { $arError = array("code" => "EMPTY MESSAGE", "title" => GetMessage("F_EMPTY_MID")); } elseif ($arParams["PERMISSION"]) { if ($arParams["PERMISSION"] < "E") { $arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT")); } } elseif (ForumCurrUserPermissions($arResult["MESSAGE"]["FORUM_ID"]) < "E") { $arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT")); } } if (!empty($arError)) { require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; ShowError(!empty($arError["title"]) ? $arError["title"] : $arError["code"]); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php"; die; } // *************************/Default params************************************************************* set_time_limit(0); $options = array(); if ($arParams["ACTION"] == "download") { $options["force_download"] = true; } if (CFile::IsImage($arResult["FILE"]["ORIGINAL_NAME"], $arResult["FILE"]["CONTENT_TYPE"])) { if ($arParams['WIDTH'] > 0 && $arParams['HEIGHT'] > 0) { $arFileTmp = CFile::ResizeImageGet($arResult['FILE'], array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), BX_RESIZE_IMAGE_PROPORTIONAL, true); $arResult['FILE']["FILE_SIZE"] = $arFileTmp['size']; $arResult['FILE']["SRC"] = $arFileTmp['src']; } } CFile::ViewByUser($arResult["FILE"], $options);
} } else { $rsLog = CSocNetLog::GetList(array(), array("UF_SONET_LOG_FILE" => $arParams["FILE_ID"]), false, false, array("ID"), array("CHECK_RIGHTS" => "Y")); if ($rsLog && ($arLog = $rsLog->Fetch())) { $arResult["FILE_INFO"] = array("LOG_ID" => $arLog["ID"]); } } } } if (empty($arResult["FILE"])) { $arError = array("code" => "EMPTY FILE", "title" => GetMessage("F_EMPTY_FID")); } elseif (empty($arResult["FILE_INFO"])) { $arError = array("code" => "NOT RIGHT", "title" => GetMessage("F_NOT_RIGHT")); } if (!empty($arError)) { require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_after.php"; ShowError(!empty($arError["title"]) ? $arError["title"] : $arError["code"]); require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog.php"; die; } // *************************/Default params************************************************************* set_time_limit(0); if (CFile::IsImage($arResult["FILE"]["FILE_NAME"], $arResult["FILE"]["CONTENT_TYPE"])) { if ($arResult["FILE"]["WIDTH"] > $arParams["WIDTH"] || $arResult["FILE"]["HEIGHT"] > $arParams["HEIGHT"]) { $arFileTmp = CFile::ResizeImageGet($arResult["FILE"], array("width" => $arParams["WIDTH"], "height" => $arParams["HEIGHT"]), $_REQUEST["type"] == "square" ? BX_RESIZE_IMAGE_EXACT : BX_RESIZE_IMAGE_PROPORTIONAL, true); $arResult["FILE"]["FILE_SIZE"] = $arFileTmp["size"]; $arResult["FILE"]["SRC"] = $arFileTmp["src"]; } } CFile::ViewByUser($arResult["FILE"], array("cache_time" => 86400));
private static function InnerWriteFileToResponse($fileID, &$errors, $options = array()) { $fileInfo = CFile::GetFileArray($fileID); if (!is_array($fileInfo)) { $errors[] = 'File not found'; return false; } $options = is_array($options) ? $options : array(); // Ñrutch for CFile::ViewByUser. Waiting for main 14.5.2 $options['force_download'] = true; set_time_limit(0); CFile::ViewByUser($fileInfo, $options); return true; }
if ($ELEMENT_ID > 0) { $rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsElement->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]]; } elseif (isset($ar[$arParams["FIELD_ID"] . "_VALUE"])) { if (is_array($ar[$arParams["FIELD_ID"] . "_VALUE"])) { $arResult["FILES"] = array_merge($arResult["FILES"], $ar[$arParams["FIELD_ID"] . "_VALUE"]); } else { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"] . "_VALUE"]; } } $arResult["ELEMENT"] = $ar; } } elseif ($SECTION_ID > 0) { $rsSection = CIBlockSection::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $SECTION_ID, "GLOBAL_ACTIVE" => "Y", "CHECK_PERMISSIONS" => "N"), false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsSection->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]]; } $arResult["SECTION"] = $ar; } } if (!in_array($arParams["FILE_ID"], $arResult["FILES"])) { ShowError(GetMessage("CC_BLF_WRONG_FILE")); } else { $arFile = CFile::GetFileArray($arParams["FILE_ID"]); if (is_array($arFile)) { CFile::ViewByUser($arParams["FILE_ID"], array("content_type" => $arFile["CONTENT_TYPE"], "force_download" => isset($_REQUEST["download"]) && $_REQUEST["download"] === "y")); } }