Skip to content
Snippets Groups Projects
Normal view Permalink
Download.php 2.54 KiB
Newer Older
  • Learn to ignore specific revisions
    • jaapjansma's avatar
    Added csv export
    jaapjansma committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 
    <?php
/**
 * @author Jaap Jansma <jaap.jansma@civicoop.org>
 * @license AGPL-3.0
 */

class CRM_DataprocessorOutputExport_Page_Download extends CRM_Core_Page {

  /**
   * Run page.
   */
  public function run() {
    $factory = dataprocessor_get_factory();

    $download = CRM_Utils_Request::retrieve('download', 'Integer', $this, FALSE, 1);
    $disposition = $download == 0 ? 'inline' : 'download';

    $directory = CRM_Utils_Request::retrieve('directory', 'String', $this, FALSE);
    if (!empty($directory)) {
      $directory = $directory.'/';
    }
    $fileName = CRM_Utils_Request::retrieve('filename', 'String', $this, FALSE);
    if (empty($fileName)) {
      CRM_Core_Error::statusBounce("Cannot access file");
    }
    jaapjansma's avatar
    Issue with export  
    jaapjansma committed
    27 
        if (!self::isValidFileName($fileName)) {
    jaapjansma's avatar
    Added csv export
    jaapjansma committed
    28 29 30 
          CRM_Core_Error::statusBounce("Malformed filename");
    }
    jaapjansma's avatar
    update  
    jaapjansma committed
    31 32 
        list($prefix, $dataProcessorId, $outputId, $userId, $download_name) = explode("_", $fileName, 5);
    $download_name = $prefix.'_'.$download_name;
    jaapjansma's avatar
    Added csv export
    jaapjansma committed
    33 34 35 36 37 38 39 40 41 42 43 
    
    $data_processors = CRM_Dataprocessor_BAO_DataProcessor::getValues(array('id' => $dataProcessorId));
    $outputs = CRM_Dataprocessor_BAO_Output::getValues(array('id' => $outputId));
    $outputClass = $factory->getOutputByName($outputs[$outputId]['type']);
    if (!$outputClass instanceof \Civi\DataProcessor\Output\ExportOutputInterface) {
      CRM_Core_Error::statusBounce("Malformed filename");
    } elseif ($userId != CRM_Core_Session::getLoggedInContactID()) {
      CRM_Core_Error::statusBounce("Malformed filename");
    }

    $path = CRM_Core_Config::singleton()->templateCompileDir . $directory. $fileName;
    jaapjansma's avatar
    added mimetype  
    jaapjansma committed
    44 
        $mimeType = $outputClass->mimeType();
    jaapjansma's avatar
    Added csv export
    jaapjansma committed
    45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 
    
    if (!$path) {
      CRM_Core_Error::statusBounce('Could not retrieve the file');
    }

    $buffer = file_get_contents($path);
    if (!$buffer) {
      CRM_Core_Error::statusBounce('The file is either empty or you do not have permission to retrieve the file');
    }

    CRM_Utils_System::download(
      $download_name,
      $mimeType,
      $buffer,
      NULL,
      TRUE,
      $disposition
    );
  }
    jaapjansma's avatar
    Issue with export  
    jaapjansma committed
    65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 
      /**
   * Is the filename a safe and valid filename passed in from URL
   *
   * @param string $fileName
   * @return bool
   */
  protected static function isValidFileName($fileName = NULL) {
    if ($fileName) {
      $check = $fileName !== basename($fileName) ? FALSE : TRUE;
      if ($check) {
        if (substr($fileName, 0, 1) == '/' || substr($fileName, 0, 1) == '.' || substr($fileName, 0, 1) == DIRECTORY_SEPARATOR) {
          $check = FALSE;
        }
      }
      return $check;
    }
    return FALSE;
  }
    jaapjansma's avatar
    Added csv export
    jaapjansma committed
    84 
    }