getRequest()->hasParameter('file') && $this->getRequest()->hasParameter('hash')) { if ($this->getRequest()->hasParameter('id')) { /** * @var Order */ $order = OrderPeer::retrieveByIdAndHashCode($this->getRequest()->getParameter('id'), $this->getRequest()->getParameter('hash')); } else { $c = new Criteria(); $c->add(OrderPeer::HASH_CODE, $this->getRequest()->getParameter('hash')); $order = OrderPeer::doSelectOne($c); } if (null !== $order && $order->getOptIsPayed()) { $productIds = array(); foreach ($order->getOrderProducts() as $orderProduct) $productIds[] = $orderProduct->getProductID(); $c = new Criteria(); $c->add(OnlineFilesPeer::ID, $this->getRequest()->getParameter('file')); $c->add(OnlineFilesPeer::PRODUCT_ID, $productIds, Criteria::IN); $fileObj = OnlineFilesPeer::doSelectOne($c); if(is_object($fileObj)) { $file = sfConfig::get('sf_data_dir').'/online-files/'.$fileObj->getProductId().'/'.$fileObj->getFilename(); $handle = fopen($file, 'rb'); if ($handle) { $this->setLayout(false); $response = $this->getContext()->getResponse(); $response->setContentType("application/octet-stream"); $response->setHttpHeader('Content-Disposition', 'attachment; filename="'.$fileObj->getFilename().'"'); $response->sendHttpHeaders(); while (!feof($handle)) { echo fread($handle, 8192); ob_flush(); flush(); } fclose($handle); return sfView::NONE; } } } } return $this->forward404(); } }