/**
* Inhalte einer Datei
*
* @get /file/:file_id/content
*
* @see public/sendfile.php
*/
public function getFileContent($file_id)
{
$file = $this->loadFile($file_id);
if (!isset($file)) {
$this->notFound("File not found");
}
if ($file->url) {
$this->streamLinkedFile($file);
} else {
if (!file_exists($real_file = get_upload_file_path($file_id))) {
$this->notFound();
}
TrackAccess($file_id, 'dokument');
$this->lastModified($file->chdate);
$this->sendFile($real_file, array('filename' => $file->getValue('filename')));
}
}
header("Content-Range: bytes {$start}-{$end}/{$filesize}");
header("Content-Length: {$length}");
} elseif ($filesize) {
header("Content-Length: {$filesize}");
}
header("Expires: Mon, 12 Dec 2001 08:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
if ($_SERVER['HTTPS'] == "on") {
header("Pragma: public");
header("Cache-Control: private");
} else {
header("Pragma: no-cache");
header("Cache-Control: no-store, no-cache, must-revalidate");
// HTTP/1.1
}
header("Cache-Control: post-check=0, pre-check=0", false);
header("Content-Type: {$content_type}");
header("Content-Disposition: {$content_disposition}; filename=\"{$file_name}\"");
Metrics::increment('core.file_download');
if ($type != 5) {
@readfile_chunked($path_file, $start, $end);
if (in_array($type, array(0, 6)) && !$start) {
TrackAccess($file_id, 'dokument');
}
} else {
echo $the_data;
}
//remove temporary file after zipping
if (Request::int('zip') || $type == 4) {
@unlink($path_file);
}
function routes(&$router)
{
$router->get('/documents/:range_id/folder(/:folder_id)', function ($range_id, $folder_id = null) use($router) {
$folder_id = $folder_id ?: $range_id;
if (!Document::isActivated($range_id)) {
$router->halt(400, sprintf('Range %s has no documents', $range_id));
}
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
if (!Document::folderBelongsToRange($range_id, $folder_id)) {
$router->halt(404, sprintf('No folder %s for range %s', $folder_id, $range_id));
}
$folders = Document::loadFolders($folder_id);
$documents = Document::loadFiles($folder_id, 'folder');
if ($router->compact()) {
$router->render(compact('folders', 'documents'));
return;
}
$users = array();
foreach ($folders as &$folder) {
if (!isset($users[$folder['user_id']])) {
$users[$folder['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $folder['user_id']));
}
}
foreach ($documents as &$document) {
if (!isset($users[$document['user_id']])) {
$users[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
}
}
$router->render(compact('folders', 'documents', 'users'));
});
$router->get('/documents/:document_id', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$document = Document::loadFiles($document_id);
if ($router->compact()) {
$router->render(compact('document'));
return;
}
$user[$document['user_id']] = reset($router->dispatch('get', '/user(/:user_id)', $document['user_id']));
$router->render(compact('document', 'user'));
});
// See public/sendfile.php
$router->get('/documents/:document_id/download', function ($document_id) use($router) {
$document = new StudipDocument($document_id);
if (!$document->checkAccess($GLOBALS['user']->id)) {
$router->halt(403, sprintf('User may not access file %s', $document_id));
}
$file = $path_file = get_upload_file_path($document_id);
if (!file_exists($file)) {
$router->halt(404, sprintf('File contents for file %s not found', $document_id));
}
header('Expires: Mon, 12 Dec 2001 08:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($_SERVER['HTTPS'] == 'on') {
header('Pragma: public');
header('Cache-Control: private');
} else {
header('Pragma: no-cache');
header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP/1.1
}
header('Cache-Control: post-check=0, pre-check=0', false);
header(sprintf('Content-Type: %s; name="%s"', get_mime_type($document->getValue('filename')), $document->getValue('filename')));
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($file));
@readfile_chunked($path_file);
TrackAccess($document_id, 'dokument');
die;
});
}
/**
* used by createFolderZip() to dive into subfolders
* collects a list of file metadata and returns it when recursion finishes
*
* @param string $folder_id id of a folder
* @param string $tmp_full_path temporary path
* @param bool $perm_check if true, files are checked for folder permissions
* @param bool $in_recursion used internally to indicate recursive call
* @return array assoc array with metadata from zipped files
*/
function createTempFolder($folder_id, $tmp_full_path, $sem_id, $perm_check = TRUE, $in_recursion = false)
{
static $filelist;
if ($in_recursion === false) {
$filelist = array();
$tmp_path = $tmp_full_path;
}
if ($perm_check){
$folder_tree = TreeAbstract::GetInstance('StudipDocumentTree', array('range_id' => $sem_id));
$check_for = $perm_check === true ? $GLOBALS['user']->id : $perm_check;
if (!$folder_tree->isDownloadFolder($folder_id, $check_for)) return false;
}
//copy all documents from this folder to the temporary folder
$linkinfo = FALSE;
$query = "SELECT dokument_id, filename, url, author_name, filesize, name,
description, FROM_UNIXTIME(chdate) AS chdate
FROM dokumente
WHERE range_id = ? AND seminar_id = IFNULL(?, seminar_id)
ORDER BY name, filename";
$statement = DBManager::get()->prepare($query);
$statement->execute(array(
$folder_id,
$perm_check ? (string)$sem_id : null
));
while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
if ($row['url'] != '') { // just a linked file
$linkinfo .= "\r\n" . $row['filename'];
} else if(check_protected_download($row['dokument_id'])) {
$filename = prepareFilename($row['filename'], FALSE, $tmp_full_path);
if (copy(get_upload_file_path($row['dokument_id']), $tmp_full_path . '/' . $filename)) {
TrackAccess($row['dokument_id'], 'dokument');
$filelist[] = $row + array('path' => $tmp_full_path . '/' . $filename);
}
}
}
if ($linkinfo) {
$linkinfo = _("Hinweis: die folgenden Dateien sind nicht im Archiv enthalten, da sie lediglich verlinkt wurden:").$linkinfo;
$fp = fopen ("$tmp_full_path/info.txt","a");
fwrite ($fp, $linkinfo);
fclose ($fp);
}
$query = "SELECT folder_id, name
FROM folder
WHERE range_id = ?
ORDER BY name";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($folder_id));
while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
$foldername = prepareFilename($row['name'], FALSE, $tmp_full_path);
$tmp_sub_full_path = $tmp_full_path . '/' . $foldername;
mkdir($tmp_sub_full_path, 0700);
createTempFolder($row['folder_id'], $tmp_sub_full_path, $sem_id, $perm_check, true);
}
if ($in_recursion === false) {
array_walk($filelist, create_function('&$a', '$a["path"] = substr($a["path"], ' . (int)strlen($tmp_path) . ');'));
return $filelist;
} else {
return true;
}
}
