|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Controllers\Attachments;
|
|
|
|
|
|
|
|
|
|
|
|
use BusinessLogic\Attachments\Attachment;
|
|
|
|
use BusinessLogic\Attachments\AttachmentRetriever;
|
|
|
|
use BusinessLogic\Exceptions\ApiFriendlyException;
|
|
|
|
|
|
|
|
class PublicAttachmentController extends \BaseClass {
|
|
|
|
static function getRaw($trackingId, $attachmentId) {
|
|
|
|
global $hesk_settings, $applicationContext, $userContext;
|
|
|
|
|
|
|
|
self::verifyAttachmentsAreEnabled($hesk_settings);
|
|
|
|
|
|
|
|
/* @var $attachmentRetriever AttachmentRetriever */
|
|
|
|
$attachmentRetriever = $applicationContext->get(AttachmentRetriever::clazz());
|
|
|
|
|
|
|
|
$attachment = $attachmentRetriever->getAttachmentContentsForTrackingId($trackingId, $attachmentId, $userContext, $hesk_settings);
|
|
|
|
|
|
|
|
/* @var $metadata Attachment */
|
|
|
|
$metadata = $attachment['meta'];
|
|
|
|
|
|
|
|
// Send the file as an attachment to prevent malicious code from executing
|
|
|
|
header("Pragma: "); # To fix a bug in IE when running https
|
|
|
|
header("Cache-Control: "); # To fix a bug in IE when running https
|
|
|
|
header('Content-Description: File Transfer');
|
|
|
|
header('Content-Type: application/octet-stream');
|
|
|
|
header('Content-Length: ' . $metadata->fileSize);
|
|
|
|
header('Content-Disposition: attachment; filename=' . $metadata->displayName);
|
|
|
|
print $attachment['contents'];
|
|
|
|
}
|
|
|
|
|
|
|
|
private static function verifyAttachmentsAreEnabled($heskSettings) {
|
|
|
|
if (!$heskSettings['attachments']['use']) {
|
|
|
|
throw new ApiFriendlyException('Attachments are disabled on this server', 'Attachments Disabled', 404);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|