|
|
|---|
| [ Index ] |
Source Code Reference for V1.00 |
[Summary view] [Print] [Text view]
1 <?php /* $Id: fileviewer.php 128 2008-04-01 16:54:13Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/fileviewer.php $ */ 2 3 /* 4 All files in this work are now covered by the following copyright notice. 5 Please note that included libraries in the lib directory may have their own license. 6 7 Copyright (c) 2007-2008 The web2Project Development Team <w2p-developers@web2project.net> 8 Copyright (c) 2003-2005 The dotProject Development Team <core-developers@dotproject.net> 9 10 This file is part of web2Project. 11 12 web2Project is free software; you can redistribute it and/or modify 13 it under the terms of the GNU General Public License as published by 14 the Free Software Foundation; either version 2 of the License, or 15 (at your option) any later version. 16 17 web2Project is distributed in the hope that it will be useful, 18 but WITHOUT ANY WARRANTY; without even the implied warranty of 19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 GNU General Public License for more details. 21 22 You should have received a copy of the GNU General Public License 23 along with web2Project; if not, write to the Free Software 24 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 25 26 The full text of the GPL is in the COPYING file. 27 */ 28 29 //file viewer 30 require_once 'base.php'; 31 require_once W2P_BASE_DIR . '/includes/config.php'; 32 require_once W2P_BASE_DIR . '/includes/main_functions.php'; 33 require_once W2P_BASE_DIR . '/classes/ui.class.php'; 34 require_once W2P_BASE_DIR . '/includes/db_adodb.php'; 35 require_once W2P_BASE_DIR . '/includes/session.php'; 36 37 $loginFromPage = 'fileviewer.php'; 38 39 w2PsessionStart(); 40 41 // check if session has previously been initialised 42 // if no ask for logging and do redirect 43 if (!isset($_SESSION['AppUI']) || isset($_GET['logout'])) { 44 $_SESSION['AppUI'] = new CAppUI(); 45 $AppUI = &$_SESSION['AppUI']; 46 $AppUI->setConfig($w2Pconfig); 47 $AppUI->checkStyle(); 48 49 require_once ($AppUI->getSystemClass('w2p')); 50 51 if ($AppUI->doLogin()) 52 $AppUI->loadPrefs(0); 53 // check if the user is trying to log in 54 if (isset($_REQUEST['login'])) { 55 $username = w2PgetParam($_POST, 'username', ''); 56 $password = w2PgetParam($_POST, 'password', ''); 57 $redirect = w2PgetParam($_REQUEST, 'redirect', ''); 58 $ok = $AppUI->login($username, $password); 59 if (!$ok) { 60 //display login failed message 61 $uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $w2Pconfig['host_style']; 62 $AppUI->setMsg('Login Failed', UI_MSG_ERROR); 63 require W2P_BASE_DIR . '/style/' . $uistyle . '/login.php'; 64 session_unset(); 65 exit; 66 } 67 header('Location: fileviewer.php?' . $redirect); 68 exit; 69 } 70 71 $uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $w2Pconfig['host_style']; 72 // check if we are logged in 73 if ($AppUI->doLogin()) { 74 $AppUI->setUserLocale(); 75 @include_once (W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php'); 76 @include_once (W2P_BASE_DIR . '/locales/core.php'); 77 setlocale(LC_TIME, $AppUI->user_locale); 78 79 $redirect = @$_SERVER['QUERY_STRING']; 80 if (strpos($redirect, 'logout') !== false) { 81 $redirect = ''; 82 } 83 if (isset($locale_char_set)) { 84 header('Content-type: text/html;charset=' . $locale_char_set); 85 } 86 require W2P_BASE_DIR . '/style/' . $uistyle . '/login.php'; 87 session_unset(); 88 session_destroy(); 89 exit; 90 } 91 } 92 $AppUI = &$_SESSION['AppUI']; 93 include_once W2P_BASE_DIR . '/locales/core.php'; 94 95 $perms = &$AppUI->acl(); 96 97 $canRead = $perms->checkModule('files', 'view'); 98 if (!$canRead) { 99 $AppUI->redirect('m=public&a=access_denied'); 100 } 101 102 $file_id = isset($_GET['file_id']) ? (int)w2PgetParam($_GET, 'file_id', 0) : 0; 103 104 if ($file_id) { 105 // projects tat are denied access 106 require_once ($AppUI->getModuleClass('projects')); 107 require_once ($AppUI->getModuleClass('files')); 108 $project = &new CProject; 109 $allowedProjects = $project->getAllowedRecords($AppUI->user_id, 'projects.project_id, project_name', '', null, null, 'projects'); 110 $fileclass = &new CFile; 111 $fileclass->load($file_id); 112 $allowedFiles = $fileclass->getAllowedRecords($AppUI->user_id, 'file_id, file_name'); 113 114 if (count($allowedFiles) && !array_key_exists($file_id, $allowedFiles)) { 115 $AppUI->redirect('m=public&a=access_denied'); 116 } 117 118 $q = new DBQuery; 119 $q->addTable('files'); 120 if ($fileclass->file_project) { 121 $project->setAllowedSQL($AppUI->user_id, $q, 'file_project'); 122 } 123 $q->addWhere('file_id = ' . $file_id); 124 125 $file = $q->loadHash(); 126 127 if (!$file) { 128 $AppUI->redirect('m=public&a=access_denied'); 129 } 130 131 $fname = W2P_BASE_DIR . '/files/' . $file['file_project'] . '/' . $file['file_real_filename']; 132 if (!file_exists($fname)) { 133 $AppUI->setMsg('fileIdError', UI_MSG_ERROR); 134 $AppUI->redirect(); 135 } 136 137 ob_end_clean(); 138 header('MIME-Version: 1.0'); 139 header('Pragma: '); 140 header('Cache-Control: public'); 141 header('Content-length: ' . $file['file_size']); 142 header('Content-type: ' . $file['file_type']); 143 header('Content-transfer-encoding: 8bit'); 144 header('Content-disposition: attachment; filename="' . $file['file_name'] . '"'); 145 146 // read and output the file in chunks to bypass limiting settings in php.ini 147 $handle = fopen(W2P_BASE_DIR . '/files/' . $file['file_project'] . '/' . $file['file_real_filename'], 'rb'); 148 if ($handle) { 149 while (!feof($handle)) { 150 print fread($handle, 8192); 151 } 152 fclose($handle); 153 } 154 flush(); 155 } else { 156 $AppUI->setMsg('fileIdError', UI_MSG_ERROR); 157 $AppUI->redirect(); 158 } 159 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Aug 21 03:00:13 2008 | Cross-referenced by PHPXref 0.7 |