diff --git a/src/_h5ai/client/js/inc/ext/download.js b/src/_h5ai/client/js/inc/ext/download.js index 72bbca8b..5743b0a3 100644 --- a/src/_h5ai/client/js/inc/ext/download.js +++ b/src/_h5ai/client/js/inc/ext/download.js @@ -42,6 +42,7 @@ modulejs.define('ext/download', ['_', '$', 'core/event', 'core/location', 'core/ action: 'download', as: name + '.' + extension, type: type, + baseHref: location.getAbsHref(), hrefs: _.pluck(selectedItems, 'absHref').join('|:|') }; diff --git a/src/_h5ai/server/php/inc/class-api.php b/src/_h5ai/server/php/inc/class-api.php index f89dd267..805593dc 100644 --- a/src/_h5ai/server/php/inc/class-api.php +++ b/src/_h5ai/server/php/inc/class-api.php @@ -98,6 +98,7 @@ class Api { $as = Util::get_request_param("as"); $type = Util::get_request_param("type"); + $base_href = Util::get_request_param("baseHref"); $hrefs = Util::get_request_param("hrefs"); $archive = new Archive($this->app); @@ -108,7 +109,7 @@ class Api { header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=\"$as\""); header("Connection: close"); - $rc = $archive->output($type, $hrefs); + $rc = $archive->output($type, $base_href, $hrefs); Util::json_fail(Util::ERR_FAILED, "packaging failed", $rc !== 0); exit; diff --git a/src/_h5ai/server/php/inc/class-archive.php b/src/_h5ai/server/php/inc/class-archive.php index 5b2ae51d..8ec405b3 100644 --- a/src/_h5ai/server/php/inc/class-archive.php +++ b/src/_h5ai/server/php/inc/class-archive.php @@ -6,7 +6,7 @@ class Archive { private static $TAR_PASSTHRU_CMD = "cd [ROOTDIR] && tar --no-recursion -c -- [DIRS] [FILES]"; private static $ZIP_PASSTHRU_CMD = "cd [ROOTDIR] && zip - -- [FILES]"; - private $app, $dirs, $files; + private $app, $base_path, $dirs, $files; public function __construct($app) { @@ -15,7 +15,12 @@ class Archive { } - public function output($type, $urls) { + public function output($type, $base_url, $urls) { + + $this->base_path = $this->app->to_path($base_url); + if (!$this->app->is_managed_path($this->base_path)) { + return 500; + } $this->dirs = array(); $this->files = array(); @@ -24,9 +29,9 @@ class Archive { if (count($this->dirs) === 0 && count($this->files) === 0) { if ($type === "php-tar") { - $this->add_dir(CURRENT_PATH, "/"); + $this->add_dir($this->base_path, "/"); } else { - $this->add_dir(CURRENT_PATH, "."); + $this->add_dir($this->base_path, "."); } } @@ -48,7 +53,7 @@ class Archive { private function shell_cmd($cmd) { - $cmd = str_replace("[ROOTDIR]", escapeshellarg(CURRENT_PATH), $cmd); + $cmd = str_replace("[ROOTDIR]", escapeshellarg($this->base_path), $cmd); $cmd = str_replace("[DIRS]", count($this->dirs) ? implode(" ", array_map("escapeshellarg", $this->dirs)) : "", $cmd); $cmd = str_replace("[FILES]", count($this->files) ? implode(" ", array_map("escapeshellarg", $this->files)) : "", $cmd); try { @@ -159,7 +164,7 @@ class Archive { if ($this->app->is_managed_url($d) && !$this->app->is_hidden($n)) { $real_file = $this->app->to_path($href); - $archived_file = preg_replace("!^" . preg_quote(Util::normalize_path(CURRENT_PATH, true)) . "!", "", $real_file); + $archived_file = preg_replace("!^" . preg_quote(Util::normalize_path($this->base_path, true)) . "!", "", $real_file); if (is_dir($real_file)) { $this->add_dir($real_file, $archived_file); diff --git a/test/tests/integration/view.js b/test/tests/integration/view.js index 8855f0c7..b48ca93a 100644 --- a/test/tests/integration/view.js +++ b/test/tests/integration/view.js @@ -9,10 +9,8 @@ describe('view', function () { this.storeKey = '_h5ai'; this.xConfig = { setup: { - API: true, APP_HREF: util.uniqPath('-APP/'), - ROOT_HREF: util.uniqPath('-ROOT/'), - CURRENT_HREF: util.uniqPath('-CURRENT/') + ROOT_HREF: util.uniqPath('-ROOT/') } }; });