DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-12-25 21:54:14 -08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Better error checking for private file display method

Browse source
This commit is contained in:
snipe 2018-04-24 03:12:30 -07:00
parent 103c75e78c
commit 8127484081
1 changed files with 15 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
app/Http/Controllers/AssetsController.php
View file

@ -1012,7 +1012,11 @@ class AssetsController extends Controller
if (isset($asset->id)) {
$this->authorize('view', $asset);
$log = Actionlog::find($fileId);
if (!$log = Actionlog::find($fileId)) {
return response('No matching record for that asset/file', 500)
->header('Content-Type', 'text/plain');
}
$file = $log->get_src('assets');
@ -1022,17 +1026,22 @@ class AssetsController extends Controller
$filetype = Helper::checkUploadIsImage($file);
if (!file_exists($file)) {
return response('File '.$file.' not found on server', 404)
->header('Content-Type', 'text/plain');
}
if ($filetype) {
$contents = file_get_contents($file);
if ($contents = file_get_contents($file)) {
return Response::make($contents)->header('Content-Type', $filetype);
}
return JsonResponse::create(["error" => "Failed validation: "], 500);
}
return Response::download($file);
}
// Prepare the error message
$error = trans('admin/hardware/message.does_not_exist', compact('id'));
// Redirect to the hardware management page
return redirect()->route('hardware.index')->with('error', $error);
return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist', compact('id')));
}
/**