#6120: Media view does not throw error if file does not exist
------------------------+---------------------------------------------------
Reporter: MrRio | Owner:
Type: Bug | Status: reopened
Priority: Medium | Milestone: 1.2.x.x
Component: General | Version: 1.2 Final
Severity: Normal | Resolution:
Keywords: | Php_version: n/a
Cake_version: |
------------------------+---------------------------------------------------
Changes (by aidan):
* status: closed => reopened
* resolution: invalid =>
Comment:
I don't think the reasoning behind your decision is correct, PhpNut.
Perhaps I'm doing it wrong though.
[[BR]][[BR]]
Let's say we want to send a PDF to the user. Usually the file will exist,
but every now and then it won't.
[[BR]][[BR]]
With the current implementation of MediaView:
{{{
// We need some magic because parseExtensions strips our PDF
if (isset($this->params['url']['ext']) &&
$this->params['url']['ext'] === 'pdf') {
$file .= '.pdf';
}
// Use a media view
$this->view = 'Media';
$params = array(
'id' => $file,
'name' => $file,
'download' => false,
'extension' => substr($file, strrpos($file, '.')+1, 3), // a
little ugly
'path' => $path,
);
$this->set($params);
}}}
If the file exists, then we are fine. MediaView sends the PDF. However, if
the file doesn't exist, the following things will happen:
[[BR]][[BR]]
1. The content-type headers are set to Content-Type: application/pdf;
charset=UTF8[[BR]]
2. The status header is set to 200 OK[[BR]]
2. MediaView's render process return's false and the user is prompted to
download a file which contains no data.
[[BR]][[BR]]
This is unideal for several reasons.[[BR]]
[[BR]]
1. The user is confused - they've just downloaded a corrupt file?[[BR]]
2. Nothing was logged to the apache 404 log, the cake error, or the debug
log[[BR]]
[[BR]]
[[BR]]
The situation can be remedied with the following modification before the
end of the view:
{{{
// File exists
$path = sprintf('%s../pdf/%05d/%s/', APP, $id, $type);
if (!file_exists($path . DS . $file)) {
header('Content-Type: text/html');
$this->cakeError('error404');
exit;
}
}}}
As the workaround is fairly minimal, it's not a critical fix. However the
current behavior is a) not consistent with the rest of cake and b) very,
very confusing to the user and search engines.
[[BR]][[BR]]
It's not consistent with the rest of cake because:[[BR]]
* example.com/cake/webroot/foo.jpg -> mod_rewrite maps the request to the
apachehandler, allowing apache to handle sending a 404 and displaying a
404 page[[BR]]
* example.com/cake/foo.jpg -> cake handles the request. In debug mode, a
missing controller error is displayed to the user. In production mode, a
error404 error is shown to the user.
[[BR]][[BR]]
To bring MediaView inline with the rest of cake, the following should
happen: a) the docs changed to have an explicit if (!$this->render ...) {
error404 ... } or b) the mediaview should throw a error404 itself.
[[BR]][[BR]]
Happy to discuss :)
--
Ticket URL: <https://trac.cakephp.org/ticket/6120#comment:2>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
