forked from joomla/Component-Builder
154 lines
4.0 KiB
PHP
154 lines
4.0 KiB
PHP
|
<?php
|
|||
|
/**
|
|||
|
*
|
|||
|
* @version 2.0.0 - September 03, 2014
|
|||
|
* @package Component Builder
|
|||
|
* @author Llewellyn van de Merwe <http://www.vdm.io>
|
|||
|
* @copyright Copyright (C) 2014. All Rights Reserved
|
|||
|
* @license GNU/GPL Version 2 or later - http://www.gnu.org/licenses/gpl-2.0.html
|
|||
|
*
|
|||
|
**/
|
|||
|
|
|||
|
// No direct access to this file
|
|||
|
defined('_JEXEC') or die('Restricted access');
|
|||
|
?>
|
|||
|
###BOM###
|
|||
|
|
|||
|
// No direct access to this file
|
|||
|
defined('_JEXEC') or die('Restricted access');
|
|||
|
|
|||
|
// import Joomla controllerform library
|
|||
|
jimport('joomla.application.component.controller');
|
|||
|
|
|||
|
/**
|
|||
|
* ###Component### Download Controller
|
|||
|
*/
|
|||
|
class ###Component###ControllerDownload extends JControllerLegacy
|
|||
|
{
|
|||
|
|
|||
|
public function __construct($config)
|
|||
|
{
|
|||
|
parent::__construct($config);
|
|||
|
// load the tasks
|
|||
|
$this->registerTask('file', 'download');
|
|||
|
}
|
|||
|
|
|||
|
public function download()
|
|||
|
{
|
|||
|
$user = JFactory::getUser();
|
|||
|
$jinput = JFactory::getApplication()->input;
|
|||
|
// Check Token!
|
|||
|
$token = JSession::getFormToken();
|
|||
|
$call_token = $jinput->get('token', 0, 'ALNUM');
|
|||
|
$userAllowed = $jinput->get('key', NULL, 'INT');
|
|||
|
if($user->id != 0 && $userAllowed == $user->id && $token == $call_token)
|
|||
|
{
|
|||
|
$task = $this->getTask();
|
|||
|
switch($task)
|
|||
|
{
|
|||
|
case 'file':
|
|||
|
$enUrl = $jinput->get('link', NULL, 'BASE64');
|
|||
|
$filename = $jinput->get('filename', NULL, 'CMD');
|
|||
|
if(base64_encode(base64_decode($enUrl, true)) === $enUrl && $filename)
|
|||
|
{
|
|||
|
// Get local key
|
|||
|
$localkey = md5(JComponentHelper::getParams('com_###component###')->get('basic_key', 'localKey34fdWEkl'));
|
|||
|
$opener = new FOFEncryptAes($localkey, 256);
|
|||
|
$link = rtrim($opener->decryptString(base64_decode($enUrl)));
|
|||
|
$info = $this->getContentInfo($link);
|
|||
|
// set headers
|
|||
|
if (isset($info['type']) && $info['type'])
|
|||
|
{
|
|||
|
header('Content-Type: '.$info['type']);
|
|||
|
}
|
|||
|
elseif (strpos($filename, '.mp3') !== false)
|
|||
|
{
|
|||
|
header('Content-Type: audio/mpeg');
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
header('Content-Type: application/octet-stream');
|
|||
|
}
|
|||
|
header("Content-Transfer-Encoding: Binary");
|
|||
|
header("Content-disposition: attachment; filename=\"" . $filename . "\"");
|
|||
|
header('Expires: 0');
|
|||
|
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
|||
|
header('Pragma: public');
|
|||
|
if (isset($info['filesize']) && $info['filesize'])
|
|||
|
{
|
|||
|
header('Content-Length: ' . $info['filesize']);
|
|||
|
}
|
|||
|
ob_clean();
|
|||
|
flush();
|
|||
|
// this is faster but expose the dropbox url
|
|||
|
// header("Location: $link");
|
|||
|
// this is slower but better much more secure
|
|||
|
readfile($link);
|
|||
|
jexit();
|
|||
|
}
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
return false;
|
|||
|
}
|
|||
|
|
|||
|
protected function getContentInfo($url)
|
|||
|
{
|
|||
|
// we first try the curl option
|
|||
|
if ($this->_isCurl())
|
|||
|
{
|
|||
|
$ch = curl_init($url);
|
|||
|
curl_setopt($ch, CURLOPT_NOBODY, true);
|
|||
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|||
|
curl_setopt($ch, CURLOPT_HEADER, true);
|
|||
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
|||
|
|
|||
|
$data = curl_exec($ch);
|
|||
|
curl_close($ch);
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
// then we try getheaders (this is slower)
|
|||
|
stream_context_set_default( array('http' => array('method' => 'HEAD')));
|
|||
|
$headers = get_headers($url);
|
|||
|
if (###Component###Helper::checkArray($headers))
|
|||
|
{
|
|||
|
$data = implode("\n", $headers);
|
|||
|
}
|
|||
|
}
|
|||
|
// get the Content Length
|
|||
|
if (preg_match('/Content-Length: (\d+)/', $data, $matches))
|
|||
|
{
|
|||
|
// Contains file size in bytes
|
|||
|
$found['filesize'] = (int)$matches[1];
|
|||
|
|
|||
|
}
|
|||
|
// get the Content Type
|
|||
|
if (preg_match_all('/Content-Type: (.+)/', $data, $matches))
|
|||
|
{
|
|||
|
foreach ($matches[1] as $match)
|
|||
|
{
|
|||
|
// not the html
|
|||
|
if (strpos( $match, 'text/html') === false)
|
|||
|
{
|
|||
|
$found['type'] = $match;
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
// return found values
|
|||
|
if (isset($found) && ###Component###Helper::checkArray($found))
|
|||
|
{
|
|||
|
return $found;
|
|||
|
}
|
|||
|
return false;
|
|||
|
}
|
|||
|
|
|||
|
protected function _isCurl()
|
|||
|
{
|
|||
|
return function_exists('curl_version');
|
|||
|
}
|
|||
|
}
|