diff options
| author | Mario <mario@mariovavti.com> | 2020-12-22 13:23:20 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2020-12-22 13:23:20 +0000 |
| commit | 3a38292bab234e531e0bda6055325d0e1eed37de (patch) | |
| tree | 7d5865e4188d7f9d23c9d1e39f3f19c409b91cbc /Zotlabs | |
| parent | 60cbb65d84cdc2854bdcf1613cf67180878c44dd (diff) | |
| download | volse-hubzilla-3a38292bab234e531e0bda6055325d0e1eed37de.tar.gz volse-hubzilla-3a38292bab234e531e0bda6055325d0e1eed37de.tar.bz2 volse-hubzilla-3a38292bab234e531e0bda6055325d0e1eed37de.zip | |
files_ng: improve download handlÃing
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Module/Attach.php | 50 |
1 files changed, 35 insertions, 15 deletions
diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index e012b1449..0bf7689be 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use ZipArchive; use Zotlabs\Web\Controller; +use Zotlabs\Lib\Verify; require_once('include/security.php'); require_once('include/attach.php'); @@ -32,34 +33,31 @@ class Attach extends Controller { if (! is_dir($zip_dir)) mkdir($zip_dir, STORAGE_DEFAULT_PERMISSIONS, true); - $rnd = random_string(10); + $token = random_string(32); - $zip_file = 'download_' . $rnd . '.zip'; + $zip_file = 'download_' . $token . '.zip'; $zip_path = $zip_dir . '/' . $zip_file; $zip = new ZipArchive(); if ($zip->open($zip_path, ZipArchive::CREATE) === true) { - $filename = self::zip_archive_handler($zip, $attach_ids, $attach_path); + $zip_filename = self::zip_archive_handler($zip, $attach_ids, $attach_path); $zip->close(); - header('Content-Type: application/zip'); - header('Content-Disposition: attachment; filename="' . $filename . '"'); - header('Content-Length: ' . filesize($zip_path)); + $meta = [ + 'zip_filename' => $zip_filename, + 'zip_path' => $zip_path + ]; - $istream = fopen($zip_path, 'rb'); - $ostream = fopen('php://output', 'wb'); + Verify::create('zip_token', 0, $token, json_encode($meta)); - if ($istream && $ostream) { - pipe_streams($istream,$ostream); - fclose($istream); - fclose($ostream); - } + json_return_and_die([ + 'success' => true, + 'token' => $token + ]); - unlink($zip_path); - killme(); } } } @@ -71,6 +69,28 @@ class Attach extends Controller { return; } + if(argv(1) === 'download') { + + $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); + $meta = Verify::get_meta('zip_token', 0, $token); + $meta = json_decode($meta, true); + + header('Content-Type: application/zip'); + header('Content-Disposition: attachment; filename="'. $meta['zip_filename'] . '"'); + header('Content-Length: ' . filesize($meta['zip_path'])); + + $istream = fopen($meta['zip_path'], 'rb'); + $ostream = fopen('php://output', 'wb'); + if($istream && $ostream) { + pipe_streams($istream,$ostream); + fclose($istream); + fclose($ostream); + } + + unlink($meta['zip_path']); + killme(); + } + $r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0)); if(! $r['success']) { |