needlogin=true; $me = new User(); $me->loadMe(); $this->me = $me; $this->layout()->set("me",$me); /*if(!$me->isAdmin()) { $this->redirect("Dashboard"); }*/ } protected function downloadAction() { $id = $this->request->id; if(!is_numeric($id) || $id < 1) { return true; } $file = new File($id); if(!$file) { throw new Exception("File not found", 404); } $filename = $file->store_filename; $path = MFUPLOAD_FILE_SAVE_PATH; $path .= ($file->subfolder) ? "/".$file->subfolder : ""; $path .= "/$filename"; if(!file_exists($path)) { throw new Exception("File not found", 4041); } if(preg_match('/\.([^.]+)/',$filename,$m)) { $ext .= $m[1]; } else { throw new Exception("File not found", 4042); } $outname = ($file->filename) ? $file->filename : $file->orig_filename; if(!$this->sendfile($path, $outname)) { throw new Exception("File not found", 4043); } exit; } private function sendfile($file,$name) { $this->log->debug("sendfile: $file $name"); if (!$fh = fopen($file, 'r')) { return false; } set_time_limit(36000); header('Content-Type: application/octet-stream'); header('Content-disposition: attachment; filename="' . $name . '"'); $size = exec('stat -c %s '.escapeshellarg($file)); if(strlen($size)) { if($size < (pow(2,31))-1) { header('Content-Length: ' . $size); } } while (!feof($fh)) { $data = fread($fh, 8192); echo $data; } return true; } protected function getByIdAction() { $file = new File($this->request->id); if (!$file->id) { http_response_code(404); self::returnJson(["error" => "File not found"]); return; } self::returnJson([ "id" => $file->id, "filename" => $file->orig_filename ]); } protected function showAction() { $id = $this->request->id; $size = $this->request->size; if (!is_numeric($id) || $id < 1) { http_response_code(400); self::returnJson(["error" => "Invalid File ID"]); return; } $file = new File($id); if (!$file->id) { http_response_code(404); self::returnJson(["error" => "File record not found"]); return; } $originalPath = MFUPLOAD_FILE_SAVE_PATH . ($file->subfolder ? "/{$file->subfolder}" : "") . "/{$file->store_filename}"; if (!is_readable($originalPath)) { http_response_code(404); self::returnJson(["error" => "Physical file not found"]); return; } $imageInfo = @getimagesize($originalPath); if ($imageInfo === false) { $this->downloadAction(); return; } $sizeDimensions = ['tiny' => '100x100', 'small' => '250x250', 'medium' => '800x800', 'large' => '1200x1200']; if (empty($size) || !isset($sizeDimensions[$size])) { header('Content-Type: ' . $imageInfo['mime']); header('Content-Disposition: inline; filename="' . ($file->orig_filename ?: $file->store_filename) . '"'); readfile($originalPath); exit; } $cacheDir = TEMP_DIR . "/thumbnails"; @mkdir($cacheDir, 0775, true); $cachedPath = "{$cacheDir}/{$id}_{$size}." . pathinfo($originalPath, PATHINFO_EXTENSION); if (!file_exists($cachedPath)) { $command = "convert " . escapeshellarg($originalPath) . " -resize " . escapeshellarg($sizeDimensions[$size]) . " " . escapeshellarg($cachedPath); exec($command, $output, $return_var); if ($return_var !== 0) { http_response_code(500); self::returnJson(["error" => "Failed to create thumbnail."]); return; } } header('Content-Type: ' . $imageInfo['mime']); header('Content-Disposition: inline; filename="' . basename($cachedPath) . '"'); readfile($cachedPath); exit; } }