diff options
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Module/Getfile.php | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index 09d761887..986a819ea 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -27,6 +27,8 @@ require_once('include/attach.php'); class Getfile extends \Zotlabs\Web\Controller { function post() { + + logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO); $hash = $_POST['hash']; $time = $_POST['time']; @@ -38,9 +40,11 @@ class Getfile extends \Zotlabs\Web\Controller { killme(); $channel = channelx_by_hash($hash); - - if((! $channel) || (! $time) || (! $sig)) + + if((! $channel) || (! $time) || (! $sig)) { + logger('error: missing info'); killme(); + } $slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop')); if($slop < 1) @@ -58,16 +62,15 @@ class Getfile extends \Zotlabs\Web\Controller { logger('verify failed.'); killme(); } - - + $r = attach_by_hash($resource,$revision); if(! $r['success']) { + logger('attach_by_hash failed: ' . $r['message']); notice( $r['message'] . EOL); return; } - - + $unsafe_types = array('text/html','text/css','application/javascript'); if(in_array($r['data']['filetype'],$unsafe_types)) { @@ -76,10 +79,10 @@ class Getfile extends \Zotlabs\Web\Controller { else { header('Content-type: ' . $r['data']['filetype']); } - + header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"'); if(intval($r['data']['os_storage'])) { - $fname = dbunescbin($r['data']['data']); + $fname = dbunescbin($r['data']['content']); if(strpos($fname,'store') !== false) $istream = fopen($fname,'rb'); else @@ -91,11 +94,9 @@ class Getfile extends \Zotlabs\Web\Controller { fclose($ostream); } } - else - echo dbunescbin($r['data']['data']); + else { + echo dbunescbin($r['data']['content']); + } killme(); - - - } } |