Portions created by the Initial Developer are Copyright (C) 2016-2024 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; //add multi-lingual support $language = new text; $text = $language->get(); //get attachment uuid $contact_attachment_uuid = $_GET['id'] ?? ''; $action = $_GET['action'] ?? ''; $session_id = $_GET['sid'] ?? ''; //get media if (!empty($contact_attachment_uuid) && is_uuid($contact_attachment_uuid)) { $sql = "select attachment_filename, attachment_content from v_contact_attachments "; $sql .= "where contact_attachment_uuid = :contact_attachment_uuid "; $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; $parameters['contact_attachment_uuid'] = $contact_attachment_uuid; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $attachment = $database->select($sql, $parameters ?? null, 'row'); unset($sql, $parameters); $attachment_type = strtolower(pathinfo($attachment['attachment_filename'] ?? '', PATHINFO_EXTENSION)); //determine mime type $content_type = 'application/octet-stream'; //set default $allowed_attachment_types = json_decode($settings->get('contact', 'allowed_attachment_types') ?? '', true); if (!empty($allowed_attachment_types)) { if ($allowed_attachment_types[$attachment_type] != '') { $content_type = $allowed_attachment_types[$attachment_type]; } } switch ($action) { case 'download': header("Content-type: ".$content_type."; charset=utf-8"); header("Content-Disposition: attachment; filename=\"".$attachment['attachment_filename']."\""); header("Content-Length: ".strlen(base64_decode($attachment['attachment_content']))); if (!empty($session_id)) { header("Cache-Control: max-age=86400"); // 24h header("Expires: ". gmdate('D, d M Y H:i:s \G\M\T', time() + 86400)); // 24h } echo base64_decode($attachment['attachment_content']); break; case 'display': echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
\n"; echo " \n"; echo "
\n"; break; } } ?>