diff options
Diffstat (limited to 'apps/files/ajax/download.php')
| -rw-r--r-- | apps/files/ajax/download.php | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/apps/files/ajax/download.php b/apps/files/ajax/download.php deleted file mode 100644 index d71d8442733..00000000000 --- a/apps/files/ajax/download.php +++ /dev/null @@ -1,77 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Andreas Fischer <bantu@owncloud.com> - * @author Björn Schießle <bjoern@schiessle.org> - * @author Christoph Wurst <christoph@winzerhof-wurst.at> - * @author Jörn Friedrich Dreyer <jfd@butonic.de> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Piotr Filiciak <piotr@filiciak.pl> - * @author Robin Appelman <robin@icewind.nl> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ -// Check if we are a user -OC_Util::checkLoggedIn(); -\OC::$server->getSession()->close(); - -$files = isset($_GET['files']) ? (string)$_GET['files'] : ''; -$dir = isset($_GET['dir']) ? (string)$_GET['dir'] : ''; - -$files_list = json_decode($files); -// in case we get only a single file -if (!is_array($files_list)) { - $files_list = [$files]; -} - -/** - * @psalm-taint-escape cookie - */ -function cleanCookieInput(string $value): string { - if (strlen($value) > 32) { - return ''; - } - if (preg_match('!^[a-zA-Z0-9]+$!', $_GET['downloadStartSecret']) !== 1) { - return ''; - } - return $value; -} - -/** - * this sets a cookie to be able to recognize the start of the download - * the content must not be longer than 32 characters and must only contain - * alphanumeric characters - */ -if (isset($_GET['downloadStartSecret'])) { - $value = cleanCookieInput($_GET['downloadStartSecret']); - if ($value !== '') { - setcookie('ocDownloadStarted', $value, time() + 20, '/'); - } -} - -$server_params = [ 'head' => \OC::$server->getRequest()->getMethod() === 'HEAD' ]; - -/** - * Http range requests support - */ -if (isset($_SERVER['HTTP_RANGE'])) { - $server_params['range'] = \OC::$server->getRequest()->getHeader('Range'); -} - -OC_Files::get($dir, $files_list, $server_params); |