| Server IP : 66.29.137.217 / Your IP : 18.117.249.37 Web Server : LiteSpeed System : Linux premium294.web-hosting.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64 User : gltevjme ( 1095) PHP Version : 7.0.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/gltevjme/greatlifehub.ng/glfiles.name.ng/app/controllers/ |
Upload File : |
<?php
namespace App\Controllers;
use App\Models\File;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
class AccountDownloadController extends AccountController
{
/**
* Called from JS in the file manager. Will only allow account owner to download the file
*
* @param int $fileId
* @param string $fileHash
* @param string $filename
* @return RedirectResponse|Response
*/
public function directDownload(int $fileId, string $fileHash, string $filename)
{
// get params for later
$Auth = $this->getAuth();
// load the file and make sure user owns it
$file = File::loadOneByClause('id = :file_id AND unique_hash = :unique_hash', [
'file_id' => $fileId,
'unique_hash' => $fileHash,
]);
if (!$file) {
return $this->render404();
}
// check file permissions, allow owners and admin/mods
if ((($file->userId != $Auth->id) && ($Auth->level_id < 10))) {
// account owner only
return $this->render404();
}
// if we've got this far, the user can access the file
return $this->redirect($file->generateDirectDownloadUrl());
}
}