質問編集履歴
1
セキュリティの関わる問題なので削除させていただきました。
test
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
セキュリティの関わる問題なので削除させていただきました。
|
test
CHANGED
@@ -1,177 +1 @@
|
|
1
|
-
下記コード
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
$querys=$this->Runhists->find('all',array("conditions"=>array("rid"=>"$p_rid")));
|
6
|
-
|
7
|
-
の部分のせいでこのメゾッドが流れるとき、コードが処理されずページにコードが表示されてしまします。
|
8
|
-
|
9
|
-
原因はなぜなんでしょうか?、、
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
$querys=$this->Runhists->find('all',array("conditions"=>array("rid"=>"$p_rid")));
|
14
|
-
|
15
|
-
がないときは正常に処理されます
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
```php
|
20
|
-
|
21
|
-
<?php
|
22
|
-
|
23
|
-
class ResultController extends AppController {
|
24
|
-
|
25
|
-
var $name = 'Result';
|
26
|
-
|
27
|
-
var $components = array('RequestHandler','Auth','Common');
|
28
|
-
|
29
|
-
var $helpers = array('Html', 'Form', 'Javascript');
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
function download() {
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
$p_username=$this->params['pass'][0];
|
38
|
-
|
39
|
-
$p_filename=$this->params['pass'][1];
|
40
|
-
|
41
|
-
$p_filename_full=DIR_RESULT . "/$p_username/$p_filename";
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
$user=$this->Auth->user();
|
46
|
-
|
47
|
-
$username=$user['User']['username'];
|
48
|
-
|
49
|
-
if ( $username == $p_username ){
|
50
|
-
|
51
|
-
$chk_flg=0;
|
52
|
-
|
53
|
-
}else{
|
54
|
-
|
55
|
-
$chk_flg=1;
|
56
|
-
|
57
|
-
}
|
58
|
-
|
59
|
-
if ( !file_exists($p_filename_full) ){
|
60
|
-
|
61
|
-
$chk_flg=2;
|
62
|
-
|
63
|
-
}
|
64
|
-
|
65
|
-
$this->log("File Download USER=[$username] FILE=[$p_filename_full] CHK=[$chk_flg]",LOG_DEBUG);
|
66
|
-
|
67
|
-
if ( $chk_flg != 0 ){
|
68
|
-
|
69
|
-
$this->redirect('/errors');
|
70
|
-
|
71
|
-
}
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
$p_rid=substr($p_filename, 0, 20);
|
76
|
-
|
77
|
-
$this->log($p_rid,LOG_DEBUG);
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
$querys=$this->Runhists->find('all',array("conditions"=>array("rid"=>"$p_rid")));
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
$this->log($querysLOG_DEBUG);
|
86
|
-
|
87
|
-
if($querys=1){
|
88
|
-
|
89
|
-
$ips=CommonComponent::GetAllowIPsByAccessIp();
|
90
|
-
|
91
|
-
if(empty($ips)){
|
92
|
-
|
93
|
-
$this->redirect('/errors');
|
94
|
-
|
95
|
-
}
|
96
|
-
|
97
|
-
}
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
//ダウンロード
|
102
|
-
|
103
|
-
//$this->view = 'Media';
|
104
|
-
|
105
|
-
//$parts = pathinfo($p_filename_full);
|
106
|
-
|
107
|
-
|
1
|
+
セキュリティの関わる問題なので削除させていただきました。
|
108
|
-
|
109
|
-
// 'id' => $parts['basename'],
|
110
|
-
|
111
|
-
// 'name' => $parts['filename'],
|
112
|
-
|
113
|
-
// 'extension' => $parts['extension'],
|
114
|
-
|
115
|
-
// 'download' => true,
|
116
|
-
|
117
|
-
// 'path' => $parts['dirname'].DS
|
118
|
-
|
119
|
-
//);
|
120
|
-
|
121
|
-
//$this->set($params);
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
$audit_info="--FILE DOWNLOAD($p_filename_full)";
|
126
|
-
|
127
|
-
CommonComponent::QueryAuditLogWrite($username,$audit_info);
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
//ダウンロード
|
132
|
-
|
133
|
-
$this->autoRender = false;
|
134
|
-
|
135
|
-
Configure::write('debug', 0);
|
136
|
-
|
137
|
-
$parts = pathinfo($p_filename_full);
|
138
|
-
|
139
|
-
header('Content-Disposition: attachment; filename='.$parts['basename']);
|
140
|
-
|
141
|
-
header('Content-Length: '.filesize($p_filename_full));
|
142
|
-
|
143
|
-
header('Content-Type: application/octet-stream');
|
144
|
-
|
145
|
-
readfile($p_filename_full);
|
146
|
-
|
147
|
-
}
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
function beforeRender() {
|
152
|
-
|
153
|
-
}
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
function beforeFilter() {
|
158
|
-
|
159
|
-
Configure::write('debug', 0);
|
160
|
-
|
161
|
-
$this->RequestHandler->setContent('json');
|
162
|
-
|
163
|
-
$this->RequestHandler->respondAs('application/json; charset=UTF-8');
|
164
|
-
|
165
|
-
$this->layout = "ajax";
|
166
|
-
|
167
|
-
$this->loadModel('AllowIps');
|
168
|
-
|
169
|
-
}
|
170
|
-
|
171
|
-
}
|
172
|
-
|
173
|
-
?>
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
```
|