/** * Download a file. * * @internal */ public function download() { // get and check sid if (empty($this->sid) || strlen($this->sid) > 32) { self::sendNotFound(); } $db = DBConnection::getInstance(); $db->beginTransaction(); // get file details $stmt = $db->prepare("\n SELECT\n id,\n content_oid,\n mimetype,\n size,\n name,\n to_char(modify,'Dy, DD Mon YYYY HH24:MI:SS TZ') AS modify\n FROM tbl_file\n WHERE\n sid=:sid\n AND visible IS TRUE\n AND disabled IS FALSE\n "); $stmt->bindParam('sid', $this->sid, \PDO::PARAM_INT); $stmt->execute(); if ($stmt->rowCount() == 0) { self::sendNotFound(); } $file = $stmt->fetch(\PDO::FETCH_ASSOC); // set path to unprocessed cache file $path_cachefile = sprintf(Application::$CACHE_ROOT . 'files/%s/%s.file', $this->sid[0], $this->sid); // load file from database if cache file doesn't exist $handle = false; if (file_exists($path_cachefile) === false) { // open db handle if no cached file available $handle = $db->pgsqlLOBOpen($file['content_oid'], 'r'); if (feof($handle)) { self::sendNotFound(); } // try to create cache if (!FileUtil::makedir(dirname($path_cachefile))) { error_log('cache' . $path_cachefile . ' not writeable'); } else { // create cache file $fcache = fopen($path_cachefile, 'w'); stream_copy_to_stream($handle, $fcache); fclose($fcache); // close db handle fclose($handle); $handle = false; } } // check wether path_sendfile is set explicitly if (!empty($this->path_sendfile)) { // update stat data if exists if (is_readable($this->path_sendfile)) { $stat = stat($this->path_sendfile); $file['modify'] = $stat['mtime']; $file['size'] = $stat['size']; } elseif (isset($this->processing) && method_exists($this, 'processCachefile')) { // check for processing $file['cachefile'] = $path_cachefile; $this->processCachefile($file); } else { self::sendNotFound(); } } else { $this->path_sendfile = $path_cachefile; } if (!is_readable($this->path_sendfile) && !is_resource($handle)) { self::sendNotFound(); } // check wether stats_disable is set if ($this->stats_disable === false) { // insert statistics $stmt = $db->prepare("\n INSERT INTO tbl_statistic_file (user_id, ip, file_id)\n VALUES (:user_id, :ip, :file_id)\n "); if (is_null(Session::getUserId())) { $stmt->bindValue('user_id', null, \PDO::PARAM_NULL); } else { $stmt->bindValue('user_id', Session::getUserId(), \PDO::PARAM_INT); } $stmt->bindValue('ip', Request::getIp(), \PDO::PARAM_STR); $stmt->bindValue('file_id', $file['id'], \PDO::PARAM_INT); $stmt->execute(); } $db->commit(); // there is nothing to write, tell the session it is no longer needed (and thus no longer blocking output // flushing) session_write_close(); // check if http_range is sent by browser if (isset($_SERVER['HTTP_RANGE'])) { $unit = explode('=', $_SERVER['HTTP_RANGE'])[0]; if ($unit == 'bytes') { $range_list = explode('=', $_SERVER['HTTP_RANGE'], 2)[1]; // multiple ranges could be specified at the same time, but for simplicity only serve the first range // http://tools.ietf.org/id/draft-ietf-http-range-retrieval-00.txt $ranges = explode(',', $range_list); foreach ($ranges as $range) { $seek_start = explode('-', $range)[0]; $seek_end = explode('-', $range)[1]; // set valid and in range for seek end if (empty($seek_end)) { $seek_end = $file['size'] - 1; } else { $seek_end = min(abs($seek_end), $file['size'] - 1); } // set valid and in range for seek start if (empty($seek_start) || $seek_end < abs($seek_start)) { $seek_start = 0; } else { $seek_start = max(abs($seek_start), 0); } if (!is_resource($handle)) { $handle = fopen($path_cachefile, 'rb'); } // seek to start of missing part if (($seek_start > 0 || $seek_end < $file['size'] - 1) && fseek($handle, $seek_start) !== -1) { $length = $seek_end - $seek_start + 1; header('HTTP/1.1 206 Partial Content'); header('Accept-Ranges: bytes'); header('Content-Range: bytes ' . $seek_start . '-' . $seek_end . '/' . $file['size']); header('Content-Type: ' . $file['mimetype']); header('Content-Disposition: attachment; filename="' . $file['name'] . '"'); header('Content-Length: ' . $length); // start buffered download of 8 KB chunks while the connection is alive $transfered = 0; while (!feof($handle) && connection_status() == CONNECTION_NORMAL && $transfered < $length) { // reset time limit for big files set_time_limit(0); // @codingStandardsIgnoreStart echo fread($handle, 8192); // @codingStandardsIgnoreEnd $transfered += 8192; flush(); ob_flush(); } // while fclose($handle); exit; } // if fseek } // foreach ranges } // if unit bytes } // if http_range // prepare headers header('Last-Modified: ' . $file['modify']); header('Accept-Ranges: bytes'); header('Content-Type: ' . $file['mimetype']); header('Content-Length: ' . $file['size']); header('Content-Transfer-Encoding: binary'); session_cache_limiter(false); if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= strtotime($file['modify'])) { header('HTTP/1.0 304 Not Modified'); exit; } if (is_resource($handle)) { // write to output buffer in small chunks to bypass memory limit of large files (which fpassthru would // exceed) while (!feof($handle) && connection_status() == CONNECTION_NORMAL) { // reset time limit for big files set_time_limit(0); // @codingStandardsIgnoreStart echo fread($handle, 8192); // @codingStandardsIgnoreEnd flush(); ob_flush(); } // while fclose($handle); } elseif (Config::get('use_sendfile') && in_array('mod_xsendfile', apache_get_modules())) { header('X-Sendfile: ' . $this->path_sendfile); } else { readfile($this->path_sendfile); exit; } }
/** * Create a new Application instance. * * @api * * @param string $namespace (optional) namespace with trailing backslash * @param string $file_root (optional) location to the file root of the application, if null it will be guessed */ public function __construct($namespace = '\\', $file_root = null) { // we want our own error handler set_error_handler(__CLASS__ . '::errorHandler'); self::$NAMESPACE = $namespace; if ($file_root === null) { // guess for default composer installation self::$FILE_ROOT = dirname(dirname(dirname(dirname(__DIR__)))); } else { self::$FILE_ROOT = $file_root; } self::$FILE_ROOT = rtrim(self::$FILE_ROOT, '/') . '/'; self::$WEB_ROOT = self::$FILE_ROOT . 'public/'; self::$CACHE_ROOT = self::$FILE_ROOT . 'tmp/'; self::$INSTANCE = $this; //var_dump(\FeM\sPof\model\DBConnection::getInstance()); if (!\FeM\sPof\model\DBConnection::isOnline()) { die(_('No Datebase connection.')); } }
/** * Returns a new prepared Statement. Assign values to it and fetch the results in the end. * * @api * * @param string $statement sql query with params * * @return \FeM\sPof\model\DBStatement */ protected static final function createStatement($statement) { return DBConnection::getInstance()->prepare($statement); }
/** * Send result (was action executed as desired and the resulting message) as JSON and stop further execution. * * @internal * * @param bool $success action was executed * @param string $message */ private function sendJson($success, $message) { // close transaction, if present if ($this->atomic) { DBConnection::getInstance()->commit(); } Logger::getInstance()->stackData(); // @codingStandardsIgnoreStart echo json_encode(['success' => $success, 'message' => $message]); // @codingStandardsIgnoreEnd exit; }