39 lines
1.1 KiB
PHP
39 lines
1.1 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/archive_bootstrap.php';
|
|
|
|
ensure_archive_schema();
|
|
require_auth();
|
|
|
|
$documentId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
|
|
$disposition = (string)($_GET['disposition'] ?? 'inline');
|
|
$disposition = $disposition === 'download' ? 'attachment' : 'inline';
|
|
$document = $documentId > 0 ? get_document($documentId) : null;
|
|
|
|
if (!$document) {
|
|
http_response_code(404);
|
|
echo 'Dokumen tidak ditemukan.';
|
|
exit;
|
|
}
|
|
|
|
if (!can_access_document_file($document)) {
|
|
http_response_code(403);
|
|
echo 'Dokumen belum tersedia untuk diakses.';
|
|
exit;
|
|
}
|
|
|
|
$filePath = __DIR__ . '/' . ltrim((string)$document['attachment_path'], '/');
|
|
if (!is_file($filePath)) {
|
|
http_response_code(404);
|
|
echo 'Lampiran tidak ditemukan di server.';
|
|
exit;
|
|
}
|
|
|
|
header('Content-Type: ' . attachment_mime((string)$document['attachment_ext']));
|
|
header('Content-Length: ' . filesize($filePath));
|
|
header('Content-Disposition: ' . $disposition . '; filename="' . rawurlencode((string)$document['attachment_name']) . '"');
|
|
header('X-Content-Type-Options: nosniff');
|
|
readfile($filePath);
|
|
exit;
|