Fixing inline attachments
parent
1ed740b7fa
commit
a4836f1142
@ -0,0 +1,39 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Controllers\Attachments;
|
||||||
|
|
||||||
|
|
||||||
|
use BusinessLogic\Attachments\Attachment;
|
||||||
|
use BusinessLogic\Attachments\AttachmentRetriever;
|
||||||
|
use BusinessLogic\Exceptions\ApiFriendlyException;
|
||||||
|
|
||||||
|
class PublicAttachmentController {
|
||||||
|
static function getRaw($trackingId, $attachmentId) {
|
||||||
|
global $hesk_settings, $applicationContext, $userContext;
|
||||||
|
|
||||||
|
self::verifyAttachmentsAreEnabled($hesk_settings);
|
||||||
|
|
||||||
|
/* @var $attachmentRetriever AttachmentRetriever */
|
||||||
|
$attachmentRetriever = $applicationContext->get[AttachmentRetriever::class];
|
||||||
|
|
||||||
|
$attachment = $attachmentRetriever->getAttachmentContentsForTrackingId($trackingId, $attachmentId, $userContext, $hesk_settings);
|
||||||
|
|
||||||
|
/* @var $metadata Attachment */
|
||||||
|
$metadata = $attachment['meta'];
|
||||||
|
|
||||||
|
// Send the file as an attachment to prevent malicious code from executing
|
||||||
|
header("Pragma: "); # To fix a bug in IE when running https
|
||||||
|
header("Cache-Control: "); # To fix a bug in IE when running https
|
||||||
|
header('Content-Description: File Transfer');
|
||||||
|
header('Content-Type: application/octet-stream');
|
||||||
|
header('Content-Length: ' . $metadata->fileSize);
|
||||||
|
header('Content-Disposition: attachment; filename=' . $metadata->displayName);
|
||||||
|
print $attachment['contents'];
|
||||||
|
}
|
||||||
|
|
||||||
|
private static function verifyAttachmentsAreEnabled($heskSettings) {
|
||||||
|
if (!$heskSettings['attachments']['use']) {
|
||||||
|
throw new ApiFriendlyException('Attachments are disabled on this server', 'Attachments Disabled', 404);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue