Magento: app/code/core/Mage/Sales/controllers/DownloadController.php Source File

00001 <?php
00002 /**
00003  * Magento
00004  *
00005  * NOTICE OF LICENSE
00006  *
00007  * This source file is subject to the Open Software License (OSL 3.0)
00008  * that is bundled with this package in the file LICENSE.txt.
00009  * It is also available through the world-wide-web at this URL:
00010  * http://opensource.org/licenses/osl-3.0.php
00011  * If you did not receive a copy of the license and are unable to
00012  * obtain it through the world-wide-web, please send an email
00013  * to license@magentocommerce.com so we can send you a copy immediately.
00014  *
00015  * DISCLAIMER
00016  *
00017  * Do not edit or add to this file if you wish to upgrade Magento to newer
00018  * versions in the future. If you wish to customize Magento for your
00019  * needs please refer to http://www.magentocommerce.com for more information.
00020  *
00021  * @category   Mage
00022  * @package    Mage_Sales
00023  * @copyright  Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
00024  * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
00025  */
00026 
00027 /**
00028  * Sales controller for download purposes
00029  *
00030  * @category   Mage
00031  * @package    Mage_Sales
00032  * @author     Magento Core Team <core@magentocommerce.com>
00033  */
00034 
00035 class Mage_Sales_DownloadController extends Mage_Core_Controller_Front_Action
00036 {
00037 
00038     /**
00039      * Custom options downloader
00040      */
00041     public function downloadCustomOptionAction ()
00042     {
00043         $quoteItemOptionId = $this->getRequest()->getParam('id');
00044         $secretKey = $this->getRequest()->getParam('key');
00045         $option = Mage::getModel('sales/quote_item_option')->load($quoteItemOptionId);
00046 
00047         if ($option->getId()) {
00048 
00049             try {
00050                 $info = unserialize($option->getValue());
00051 
00052                 if ($secretKey != $info['secret_key']) {
00053                     throw new Exception();
00054                 }
00055 
00056                 $filePath = Mage::getBaseDir() . $info['order_path'];
00057                 if (!is_file($filePath) || !is_readable($filePath)) {
00058                     // try get file from quote
00059                     $filePath = Mage::getBaseDir() . $info['quote_path'];
00060                     if (!is_file($filePath) || !is_readable($filePath)) {
00061                         throw new Exception();
00062                     }
00063                 }
00064 
00065                 $this->getResponse()
00066                     ->setHttpResponseCode(200)
00067                     ->setHeader('Pragma', 'public', true)
00068                     ->setHeader('Cache-Control', 'must-revalidate, post-check=0, pre-check=0', true)
00069                     ->setHeader('Content-type', $info['type'], true)
00070                     ->setHeader('Content-Length', $info['size'])
00071                     ->setHeader('Content-Disposition', 'inline' . '; filename='.$info['title']);
00072 
00073                 $this->getResponse()
00074                     ->clearBody();
00075                 $this->getResponse()
00076                     ->sendHeaders();
00077 
00078                 readfile($filePath);
00079 
00080             } catch (Exception $e) {
00081                 $this->_forward('noRoute');
00082             }
00083 
00084         } else {
00085             $this->_forward('noRoute');
00086         }
00087     }
00088 }