From 2a43d526f93570b4aebc325aae96a484943b0c39 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Sat, 30 Mar 2019 20:19:48 +0000 Subject: [PATCH] Work in progress on attachment download. --- WEB-INF/lib/ttFileHelper.class.php | 77 ++++++++++++++++++++- WEB-INF/templates/footer.tpl | 2 +- WEB-INF/templates/project_files.tpl | 2 +- file_download.php | 102 ++++++++++++++++++++++++++++ 4 files changed, 180 insertions(+), 3 deletions(-) create mode 100644 file_download.php diff --git a/WEB-INF/lib/ttFileHelper.class.php b/WEB-INF/lib/ttFileHelper.class.php index ce24cd79..f3c36e56 100644 --- a/WEB-INF/lib/ttFileHelper.class.php +++ b/WEB-INF/lib/ttFileHelper.class.php @@ -35,6 +35,7 @@ class ttFileHelper { var $getfile_uri = null; // URI to get file from file storage. var $site_id = null; // Site id for file storage. var $site_key = null; // Site key for file storage. + var $file_data = null; // Downloaded file data. // Constructor. function __construct(&$errors) { @@ -136,7 +137,7 @@ class ttFileHelper { 'user_key' => urlencode($fields['user_key']), // May be null. 'file_name' => urlencode($fields['file_name']), 'description' => urlencode($fields['description']), - 'content' => urlencode(file_get_contents($_FILES['newfile']['tmp_name'])) + 'content' => urlencode(base64_encode(file_get_contents($_FILES['newfile']['tmp_name']))) ); // url-ify the data for the POST. @@ -352,4 +353,78 @@ class ttFileHelper { $affected = $mdb2->exec($sql); return !is_a($affected, 'PEAR_Error'); } + + + // getFile - downloads file from remote storage to memory. + function getFile($fields) { + global $i18n; + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $curl_fields = array('site_id' => urlencode($this->site_id), + 'site_key' => urlencode($this->site_key), + 'org_id' => urlencode($org_id), + 'org_key' => urlencode($this->getOrgKey()), + 'group_id' => urlencode($group_id), + 'group_key' => urlencode($this->getGroupKey()), + 'user_id' => urlencode($fields['user_id']), // May be null. + 'user_key' => urlencode($fields['user_key']), // May be null. + 'file_id' => urlencode($fields['remote_id']), + 'file_key' => urlencode($fields['file_key']), + 'file_name' => urlencode($fields['file_name'])); + + // url-ify the data for the POST. + foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } + $fields_string = rtrim($fields_string, '&'); + + // Open connection. + $ch = curl_init(); + + // Set the url, number of POST vars, POST data. + curl_setopt($ch, CURLOPT_URL, $this->getfile_uri); + curl_setopt($ch, CURLOPT_POST, count($fields)); + curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + // Execute a post request. + $result = curl_exec($ch); + + $error = curl_error(); + $result_array2 = json_decode($result, true); + + // Close connection. + curl_close($ch); + + if (!$result) { + $this->errors->add($i18n->get('error.file_storage')); + return false; + } + + $result_array = json_decode($result, true); + $status = (int) $result_array['status']; + $error = $result_array['error']; + + if ($error) { + // Add an error from file storage facility if we have it. + $this->errors->add($error); + return false; + } + if ($status != 1) { + // There is no explicit error message, but still something not right. + $this->errors->add($i18n->get('error.file_storage')); + return false; + } + + $this->file_data = $result_array['content']; + return true; + } + + + // getFileData - returns file data from memory. + function getFileData() { + return base64_decode($this->file_data); + } } diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index b63e0692..b36f3d07 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
- - + {if $can_manage} diff --git a/file_download.php b/file_download.php new file mode 100644 index 00000000..83ff703a --- /dev/null +++ b/file_download.php @@ -0,0 +1,102 @@ +getParameter('id'); +$file = ttFileHelper::get($cl_file_id); +if (!$file) { + header('Location: access_denied.php'); + exit(); +} +// Entity-specific checks. +if ($file['entity_type'] == 'project') { + if (!ttAccessAllowed('manage_projects') || !ttProjectHelper::get($file['entity_id'])) { + header('Location: access_denied.php'); + exit(); + } +} +if ($file['entity_type'] != 'project') { + // Currently, files are only associated with projects. + // Improve access checks when the feature evolves. + header('Location: access_denied.php'); + exit(); +} +// End of access checks. + +$fileHelper = new ttFileHelper($err); + +$filename = $file['file_name']; +$mime_type = 'image/jpeg'; // Hardcoded type for now. TODO: fix this. + +if ($fileHelper->getFile($file)) { + header('Pragma: public'); // This is needed for IE8 to download files over https. + header('Content-Type: '.$mime_type); + header('Expires: '.gmdate('D, d M Y H:i:s').' GMT'); + header('Content-Disposition: attachment; filename="'.$filename.'"'); + header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); + header('Cache-Control: private', false); + + echo $fileHelper->getFileData(); + exit; +} else + $err->add($i18n->get('error.sys')); + +$form = new Form('fileForm'); +$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_file_id)); +$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'file_name','style'=>'width: 250px;','value'=>$cl_name)); +$form->getElement('file_name')->setEnabled(false); +$form->addInput(array('type'=>'textarea','name'=>'description','style'=>'width: 250px; height: 40px;','value'=>$cl_description)); +$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save'))); + +if ($request->isPost()) { + // Validate user input. + if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description')); + + if ($err->no()) { + if ($request->getParameter('btn_save')) { + // Update file information. + $updated = ttFileHelper::update(array('id' => $cl_file_id,'description' => $cl_description)); + if ($updated && $file['entity_type'] == 'project') { + header('Location: project_files.php?id='.$file['entity_id']); + exit(); + } else + $err->add($i18n->get('error.db')); + } + } +} // isPost + +$smarty->assign('forms', array($form->getName()=>$form->toArray())); +$smarty->assign('onload', 'onLoad="document.fileForm.description.focus()"'); +$smarty->assign('title', $i18n->get('title.edit_file')); +$smarty->assign('content_page_name', 'file_edit.tpl'); +$smarty->display('index.tpl'); -- 2.20.1
 Anuko Time Tracker 1.18.61.4896 | Copyright © Anuko | +  Anuko Time Tracker 1.18.61.4897 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/WEB-INF/templates/project_files.tpl b/WEB-INF/templates/project_files.tpl index d745f557..52e14f9a 100644 --- a/WEB-INF/templates/project_files.tpl +++ b/WEB-INF/templates/project_files.tpl @@ -16,7 +16,7 @@
{$file.name|escape} {$file.description|escape}{$i18n.label.download}{$i18n.label.download}{$i18n.label.edit} {$i18n.label.delete}