diff options
-rw-r--r-- | Zotlabs/Module/Attach.php | 32 | ||||
-rw-r--r-- | Zotlabs/Module/Sse_bs.php | 28 | ||||
-rw-r--r-- | view/js/main.js | 10 | ||||
-rw-r--r-- | view/js/mod_cloud.js | 35 |
4 files changed, 85 insertions, 20 deletions
diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index 0bf7689be..cf78ac690 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -14,6 +14,7 @@ class Attach extends Controller { $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); $attach_path = ((x($_REQUEST, 'attach_path')) ? $_REQUEST['attach_path'] : ''); + $download_token = ((x($_REQUEST, 'download_token')) ? $_REQUEST['download_token'] : ''); $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); $channel = channelx_by_n($channel_id); @@ -52,6 +53,9 @@ class Attach extends Controller { ]; Verify::create('zip_token', 0, $token, json_encode($meta)); + Verify::create('download_token', 0, $download_token, $token); + + json_return_and_die([ 'success' => true, @@ -69,12 +73,32 @@ class Attach extends Controller { return; } - if(argv(1) === 'download') { + $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); + $download_token = ((x($_REQUEST, 'download_token')) ? $_REQUEST['download_token'] : ''); - $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); + if(argv(1) === 'check') { + $meta = Verify::get_meta('download_token', 0, $download_token); + + if(! $meta) + killme(); + + json_return_and_die([ + 'success' => true, + 'token' => $meta + ]); + } + + if(argv(1) === 'download') { $meta = Verify::get_meta('zip_token', 0, $token); + + if(! $meta) + killme(); + $meta = json_decode($meta, true); + // make sure we remove the download_token in case we have not checked yet + Verify::get_meta('download_token', 0, $download_token); + header('Content-Type: application/zip'); header('Content-Disposition: attachment; filename="'. $meta['zip_filename'] . '"'); header('Content-Length: ' . filesize($meta['zip_path'])); @@ -82,7 +106,7 @@ class Attach extends Controller { $istream = fopen($meta['zip_path'], 'rb'); $ostream = fopen('php://output', 'wb'); if($istream && $ostream) { - pipe_streams($istream,$ostream); + pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); } @@ -123,7 +147,7 @@ class Attach extends Controller { $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); $ostream = fopen('php://output','wb'); if($istream && $ostream) { - pipe_streams($istream,$ostream); + pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); } diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 287c24829..534c63d46 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -162,7 +162,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) @@ -190,7 +190,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' @@ -231,10 +231,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 0 AND item_private = 2 + AND item_unseen = 1 AND item_private = 2 AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -259,8 +259,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private = 2 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_private = 2 $item_normal $sql_extra AND author_xchan != '%s'", @@ -300,10 +300,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 1 + AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -328,8 +328,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 1 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) $item_normal $sql_extra AND author_xchan != '%s'", @@ -379,7 +379,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 @@ -410,7 +410,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d AND item_unseen = 1 AND created > '%s' $item_normal @@ -516,7 +516,7 @@ class Sse_bs extends Controller { $p_str = ids_to_querystr($p, 'parent'); $p_sql = (($p_str) ? "OR parent IN ( $p_str )" : ''); - $r = q("select mid from item + $r = q("select mid from item where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $sql_extra $item_normal", intval(self::$uid), dbesc($forums[$x]['xchan_hash']), @@ -577,7 +577,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); - $r = q("SELECT * FROM item + $r = q("SELECT * FROM item WHERE verb = '%s' AND obj_type IN ('Document', 'Video', 'Audio', 'Image') AND uid = %d diff --git a/view/js/main.js b/view/js/main.js index 7df705603..3e3fd057c 100644 --- a/view/js/main.js +++ b/view/js/main.js @@ -1997,3 +1997,13 @@ function sse_fallback() { sse_handleNotifications(obj, false, false); }); } + +function makeid(length) { + var result = ''; + var characters = 'abcdef0123456789'; + var charactersLength = characters.length; + for ( var i = 0; i < length; i++ ) { + result += characters.charAt(Math.floor(Math.random() * charactersLength)); + } + return result; +} diff --git a/view/js/mod_cloud.js b/view/js/mod_cloud.js index aa9d308eb..aeaac8c69 100644 --- a/view/js/mod_cloud.js +++ b/view/js/mod_cloud.js @@ -70,8 +70,11 @@ $(document).ready(function () { $('body').css('cursor', 'wait'); $.jGrowl('Please stand by while your download is being prepared...', { sticky: false, theme: 'info', life: 10000 }); + var download_token = makeid(32); + let data = [ {name: 'attach_path', value: window.location.pathname}, + {name: 'download_token', value: download_token}, {name: 'channel_id', value: channelId}, {name: 'attach_ids[]', value: id} ] @@ -79,10 +82,22 @@ $(document).ready(function () { $.post('attach', data, function (data) { if (data.success) { $('body').css('cursor', 'auto'); - window.location.href = '/attach/download?token=' + data.token; + window.location.href = '/attach/download?token=' + data.token + '&download_token=' + download_token; + clearInterval(fallback); } }); + // fallback if server timed out + + var fallback = setInterval(function(){ $.get('/attach/check?download_token=' + download_token, function(data){ + if (data.success) { + $('body').css('cursor', 'auto'); + window.location.href = '/attach/download?token=' + data.token; + clearInterval(fallback); + } + + }); }, 30000); + }); $('.cloud-tool-delete-btn').on('click', function (e) { @@ -298,18 +313,34 @@ $(document).ready(function () { $('body').css('cursor', 'wait'); $.jGrowl('Please stand by while your download is being prepared...', { sticky: false, theme: 'info', life: 10000 }); + var download_token = makeid(32); + post_data.push( {name: 'attach_path', value: window.location.pathname}, + {name: 'download_token', value: download_token}, {name: 'channel_id', value: channelId}, ); $.post('attach', post_data, function (data) { if (data.success) { $('body').css('cursor', 'auto'); - window.location.href = '/attach/download?token=' + data.token; + window.location.href = '/attach/download?token=' + data.token + '&download_token=' + download_token; + clearInterval(fallback); } }); + // fallback if server timed out + + var fallback = setInterval(function(){ $.get('/attach/check?download_token=' + download_token, function(data){ + if (data.success) { + $('body').css('cursor', 'auto'); + window.location.href = '/attach/download?token=' + data.token; + clearInterval(fallback); + } + + }); }, 30000); + + }); $('#cloud-multi-tool-delete-btn').on('click', function (e) { |