aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Module/Getfile.php27
1 files changed, 14 insertions, 13 deletions
diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php
index 09d761887..986a819ea 100644
--- a/Zotlabs/Module/Getfile.php
+++ b/Zotlabs/Module/Getfile.php
@@ -27,6 +27,8 @@ require_once('include/attach.php');
class Getfile extends \Zotlabs\Web\Controller {
function post() {
+
+ logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO);
$hash = $_POST['hash'];
$time = $_POST['time'];
@@ -38,9 +40,11 @@ class Getfile extends \Zotlabs\Web\Controller {
killme();
$channel = channelx_by_hash($hash);
-
- if((! $channel) || (! $time) || (! $sig))
+
+ if((! $channel) || (! $time) || (! $sig)) {
+ logger('error: missing info');
killme();
+ }
$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
if($slop < 1)
@@ -58,16 +62,15 @@ class Getfile extends \Zotlabs\Web\Controller {
logger('verify failed.');
killme();
}
-
-
+
$r = attach_by_hash($resource,$revision);
if(! $r['success']) {
+ logger('attach_by_hash failed: ' . $r['message']);
notice( $r['message'] . EOL);
return;
}
-
-
+
$unsafe_types = array('text/html','text/css','application/javascript');
if(in_array($r['data']['filetype'],$unsafe_types)) {
@@ -76,10 +79,10 @@ class Getfile extends \Zotlabs\Web\Controller {
else {
header('Content-type: ' . $r['data']['filetype']);
}
-
+
header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"');
if(intval($r['data']['os_storage'])) {
- $fname = dbunescbin($r['data']['data']);
+ $fname = dbunescbin($r['data']['content']);
if(strpos($fname,'store') !== false)
$istream = fopen($fname,'rb');
else
@@ -91,11 +94,9 @@ class Getfile extends \Zotlabs\Web\Controller {
fclose($ostream);
}
}
- else
- echo dbunescbin($r['data']['data']);
+ else {
+ echo dbunescbin($r['data']['content']);
+ }
killme();
-
-
-
}
}