1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Sales
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Sales controller for download purposes
 29:  *
 30:  * @category   Mage
 31:  * @package    Mage_Sales
 32:  * @author     Magento Core Team <core@magentocommerce.com>
 33:  */
 34: 
 35: class Mage_Sales_DownloadController extends Mage_Core_Controller_Front_Action
 36: {
 37: 
 38:     /**
 39:      * Custom options downloader
 40:      *
 41:      * @param mixed $info
 42:      */
 43:     protected function _downloadFileAction($info)
 44:     {
 45:         $secretKey = $this->getRequest()->getParam('key');
 46:         try {
 47:             if ($secretKey != $info['secret_key']) {
 48:                 throw new Exception();
 49:             }
 50: 
 51:             $filePath = Mage::getBaseDir() . $info['order_path'];
 52:             if ((!is_file($filePath) || !is_readable($filePath)) && !$this->_processDatabaseFile($filePath)) {
 53:                 //try get file from quote
 54:                 $filePath = Mage::getBaseDir() . $info['quote_path'];
 55:                 if ((!is_file($filePath) || !is_readable($filePath)) && !$this->_processDatabaseFile($filePath)) {
 56:                     throw new Exception();
 57:                 }
 58:             }
 59:             $this->_prepareDownloadResponse($info['title'], array(
 60:                'value' => $filePath,
 61:                'type'  => 'filename'
 62:             ));
 63:         } catch (Exception $e) {
 64:             $this->_forward('noRoute');
 65:         }
 66:     }
 67: 
 68:     /**
 69:      * Check file in database storage if needed and place it on file system
 70:      *
 71:      * @param string $filePath
 72:      * @return bool
 73:      */
 74:     protected function _processDatabaseFile($filePath)
 75:     {
 76:         if (!Mage::helper('core/file_storage_database')->checkDbUsage()) {
 77:             return false;
 78:         }
 79: 
 80:         $relativePath = Mage::helper('core/file_storage_database')->getMediaRelativePath($filePath);
 81:         $file = Mage::getModel('core/file_storage_database')->loadByFilename($relativePath);
 82: 
 83:         if (!$file->getId()) {
 84:             return false;
 85:         }
 86: 
 87:         $directory = dirname($filePath);
 88:         @mkdir($directory, 0777, true);
 89: 
 90:         $io = new Varien_Io_File();
 91:         $io->cd($directory);
 92: 
 93:         $io->streamOpen($filePath);
 94:         $io->streamLock(true);
 95:         $io->streamWrite($file->getContent());
 96:         $io->streamUnlock();
 97:         $io->streamClose();
 98: 
 99:         return true;
100:     }
101: 
102:     /**
103:      * Profile custom options download action
104:      */
105:     public function downloadProfileCustomOptionAction()
106:     {
107:         $recurringProfile = Mage::getModel('sales/recurring_profile')->load($this->getRequest()->getParam('id'));
108: 
109:         if (!$recurringProfile->getId()) {
110:             $this->_forward('noRoute');
111:         }
112: 
113:         $orderItemInfo = $recurringProfile->getData('order_item_info');
114:         try {
115:             $request = unserialize($orderItemInfo['info_buyRequest']);
116: 
117:             if ($request['product'] != $orderItemInfo['product_id']) {
118:                 $this->_forward('noRoute');
119:                 return;
120:             }
121: 
122:             $optionId = $this->getRequest()->getParam('option_id');
123:             if (!isset($request['options'][$optionId])) {
124:                 $this->_forward('noRoute');
125:                 return;
126:             }
127:             // Check if the product exists
128:             $product = Mage::getModel('catalog/product')->load($request['product']);
129:             if (!$product || !$product->getId()) {
130:                 $this->_forward('noRoute');
131:                 return;
132:             }
133:             // Try to load the option
134:             $option = $product->getOptionById($optionId);
135:             if (!$option || !$option->getId() || $option->getType() != 'file') {
136:                 $this->_forward('noRoute');
137:                 return;
138:             }
139:             $this->_downloadFileAction($request['options'][$this->getRequest()->getParam('option_id')]);
140:         } catch (Exception $e) {
141:             $this->_forward('noRoute');
142:         }
143:     }
144: 
145:     /**
146:      * Custom options download action
147:      */
148:     public function downloadCustomOptionAction()
149:     {
150:         $quoteItemOptionId = $this->getRequest()->getParam('id');
151:         /** @var $option Mage_Sales_Model_Quote_Item_Option */
152:         $option = Mage::getModel('sales/quote_item_option')->load($quoteItemOptionId);
153: 
154:         if (!$option->getId()) {
155:             $this->_forward('noRoute');
156:             return;
157:         }
158: 
159:         $optionId = null;
160:         if (strpos($option->getCode(), Mage_Catalog_Model_Product_Type_Abstract::OPTION_PREFIX) === 0) {
161:             $optionId = str_replace(Mage_Catalog_Model_Product_Type_Abstract::OPTION_PREFIX, '', $option->getCode());
162:             if ((int)$optionId != $optionId) {
163:                 $optionId = null;
164:             }
165:         }
166:         $productOption = null;
167:         if ($optionId) {
168:             /** @var $productOption Mage_Catalog_Model_Product_Option */
169:             $productOption = Mage::getModel('catalog/product_option')->load($optionId);
170:         }
171:         if (!$productOption || !$productOption->getId()
172:             || $productOption->getProductId() != $option->getProductId() || $productOption->getType() != 'file'
173:         ) {
174:             $this->_forward('noRoute');
175:             return;
176:         }
177: 
178:         try {
179:             $info = unserialize($option->getValue());
180:             $this->_downloadFileAction($info);
181:         } catch (Exception $e) {
182:             $this->_forward('noRoute');
183:         }
184:         exit(0);
185:     }
186: }
187: