From bff2ed3837219137abdd320d0e12da89ab7ec6b0 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Mon, 17 Apr 2017 20:45:53 -0700
Subject: allow downloading via viewsrc to support client side e2ee

---
 Zotlabs/Module/Viewsrc.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'Zotlabs/Module/Viewsrc.php')

diff --git a/Zotlabs/Module/Viewsrc.php b/Zotlabs/Module/Viewsrc.php
index cb305efc6..f84eddc69 100644
--- a/Zotlabs/Module/Viewsrc.php
+++ b/Zotlabs/Module/Viewsrc.php
@@ -13,6 +13,7 @@ class Viewsrc extends \Zotlabs\Web\Controller {
 	
 		$item_id = ((argc() > 1) ? intval(argv(1)) : 0);
 		$json    = ((argc() > 2 && argv(2) === 'json') ? true : false);
+		$dload   = ((argc() > 2 && argv(2) === 'download') ? true : false);
 	
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -27,7 +28,7 @@ class Viewsrc extends \Zotlabs\Web\Controller {
 		$item_normal = item_normal();
 	
 		if(local_channel() && $item_id) {
-			$r = q("select id, item_flags, item_obscured, body from item where uid in (%d , %d) and id = %d $item_normal limit 1",
+			$r = q("select id, item_flags, mimetype, item_obscured, body from item where uid in (%d , %d) and id = %d $item_normal limit 1",
 				intval(local_channel()),
 				intval($sys['channel_id']),
 				intval($item_id)
@@ -37,6 +38,14 @@ class Viewsrc extends \Zotlabs\Web\Controller {
 				if(intval($r[0]['item_obscured']))
 					$r[0]['body'] = crypto_unencapsulate(json_decode($r[0]['body'],true),get_config('system','prvkey')); 
 
+				if($dload) {
+					header('Content-type: ' . $r[0]['mimetype']);
+					header('Content-disposition: attachment; filename="' . t('item') . '-' . $item_id . '"' );
+					echo $r[0]['body'];
+					killme();
+				}
+
+
 				$content = escape_tags($r[0]['body']);
 				$o = (($json) ? json_encode($content) : str_replace("\n",'<br />',$content));
 			}
-- 
cgit v1.2.3