source: branches/version-2_5-dev/data/class/pages/mypage/LC_Page_Mypage_DownLoad.php @ 19805

Revision 19805, 6.1 KB checked in by Seasoft, 10 years ago (diff)

#834(パラメータの定数名に「URL」を含むにもかかわらず、パスのみのものがある) 一部実装

Line 
1<?php
2/*
3 * This file is part of EC CUORE
4 *
5 * Copyright(c) 2009 CUORE CO.,LTD. All Rights Reserved.
6 *
7 * http://ec.cuore.jp/
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
22 */
23// {{{ requires
24require_once(CLASS_REALDIR . "pages/LC_Page.php");
25
26/**
27 * ダウンロード商品ダウンロード のページクラス.
28 *
29 * @package Page
30 * @author CUORE CO.,LTD.
31 * @version $Id: LC_Page_Mypage_DownLoad.php 1 2009-08-04 00:00:00Z $
32 */
33class LC_Page_Mypage_DownLoad extends LC_Page {
34
35    // }}}
36    // {{{ functions
37
38    /**
39     * Page を初期化する.
40     *
41     * @return void
42     */
43    function init() {
44        parent::init();
45        $this->allowClientCache();
46    }
47
48    /**
49     * Page のプロセス.
50     *
51     * @return void
52     */
53    function process() {
54        parent::process();
55        $this->action();
56        $this->sendResponse();
57    }
58
59    /**
60     * Page のAction.
61     *
62     * @return void
63     */
64    function action() {
65        ob_end_clean();
66
67        $customer_id = $_SESSION['customer']['customer_id'];
68        $order_id = $_GET['order_id'];
69        $product_id = $_GET['product_id'];
70        $product_class_id = $_GET['product_class_id'];
71
72        // ID の数値チェック
73        // TODO SC_FormParam でチェックした方が良い?
74        if (!is_numeric($customer_id)
75            || !is_numeric($order_id)
76            || !is_numeric($product_id)
77            || !is_numeric($product_class_id)) {
78            SC_Utils_Ex::sfDispSiteError("");
79        }
80
81        $objCustomer = new SC_Customer();
82        //ログインしていない場合エラー
83        if (!$objCustomer->isLoginSuccess()){
84            SC_Utils_Ex::sfDispSiteError(CUSTOMER_ERROR);
85        }
86    }
87
88    /**
89     * Page のResponse.
90     * @return void
91     */
92    function  sendResponse() {
93        $this->objDisp->noAction();
94        //DBから商品情報の読込
95        $arrForm = $this->lfGetRealFileName($customer_id, $order_id, $product_id, $product_class_id);
96        //ステータスが支払済み以上である事
97        if ($arrForm["status"] < ORDER_DELIV){
98            SC_Utils_Ex::sfDispSiteError(DOWNFILE_NOT_FOUND,"",true);
99        }
100        //ファイル情報が無い場合はNG
101        if ($arrForm["down_realfilename"] == "" ){
102            SC_Utils_Ex::sfDispSiteError(DOWNFILE_NOT_FOUND,"",true);
103        }
104        //ファイルそのものが無い場合もとりあえずNG
105        $realpath = DOWN_SAVE_REALDIR . $arrForm["down_realfilename"];
106        if (!file_exists($realpath)){
107            SC_Utils_Ex::sfDispSiteError(DOWNFILE_NOT_FOUND,"",true);
108        }
109        //ファイル名をエンコードする Safariの対策はUTF-8で様子を見る
110        $encoding = "Shift_JIS";
111        if(isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'],'Safari')) {
112            $encoding = "UTF-8";
113        }
114        $sdown_filename = mb_convert_encoding($arrForm["down_filename"], $encoding, "auto");
115
116        //TODO SC_Display利用に変更
117        //タイプ指定
118        header("Content-Type: Application/octet-stream");
119        //ファイル名指定
120        header("Content-Disposition: attachment; filename=" . $sdown_filename);
121        header("Content-Transfer-Encoding: binary");
122        //キャッシュ無効化
123        header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
124        header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
125        //IE6+SSL環境下は、キャッシュ無しでダウンロードできない
126        header("Cache-Control: private");
127        header("Pragma: private");
128        //ファイルサイズ指定
129        $zv_filesize = filesize($realpath);
130        header("Content-Length: " . $zv_filesize);
131        set_time_limit(0);
132        ob_end_flush();
133        flush();
134        //ファイル読み込み
135        $handle = fopen($realpath, "rb");
136        while (!feof($handle)) {
137            echo(fread($handle, DOWNLOAD_BLOCK*1024));
138            ob_flush();
139            flush();
140        }
141        fclose($handle);
142    }
143
144    /**
145     * 商品情報の読み込みを行う.
146     *
147     * @param integer $customer_id 顧客ID
148     * @param integer $order_id 受注ID
149     * @param integer $product_id 商品ID
150     * @param integer $product_class_id 商品規格ID
151     * @return array 商品情報の配列
152     */
153    function lfGetRealFileName($customer_id, $order_id, $product_id, $product_class_id) {
154        $objQuery = new SC_Query();
155        $col = <<< __EOS__
156            pc.product_id AS product_id,
157            pc.product_class_id AS product_class_id,
158            pc.down_realfilename AS down_realfilename,
159            pc.down_filename AS down_filename,
160            o.order_id AS order_id,
161            o.customer_id AS customer_id,
162            o.payment_date AS payment_date,
163            o.status AS status
164__EOS__;
165
166        $table = <<< __EOS__
167            dtb_products_class pc,
168            dtb_order_detail od,
169            dtb_order o
170__EOS__;
171
172        $dbFactory = SC_DB_DBFactory_Ex::getInstance();
173        $where = "o.customer_id = ? AND o.order_id = ? AND pc.product_id = ? AND pc.product_class_id = ?";
174        $where .= " AND " . $dbFactory->getDownloadableDaysWhereSql();
175        $where .= " = 1";
176        $arrRet = $objQuery->select($col, $table, $where,
177                                    array($customer_id, $order_id, $product_id, $product_class_id));
178        return $arrRet[0];
179    }
180
181    /**
182     * デストラクタ.
183     *
184     * @return void
185     */
186    function destroy() {
187        parent::destroy();
188    }
189}
190?>
Note: See TracBrowser for help on using the repository browser.