<?php
/*

// French Form
http://csm.intranet.mbgov.ca/sites/5/file?id=632544&key=LABEL_FILE_FILL_PRINT_FR

// English policy
http://csm.intranet.mbgov.ca/sites/5/file?id=537906&key=LABEL_FILE_POLICY

// English Form, dummy files... multiples
http://csm.intranet.mbgov.ca/sites/5/file?id=624717&key=LABEL_FILE_PRINT_FILL&index=0
http://csm.intranet.mbgov.ca/sites/5/file?id=624717&key=LABEL_FILE_PRINT_FILL&index=1
http://csm.intranet.mbgov.ca/sites/5/file?id=624717&key=LABEL_FILE_FILL_PRINT

*/

if (!isset($_REQUEST["index"])) {
	$_REQUEST["index"] = 0;
} else {
	$_REQUEST["index"] = intval($_REQUEST["index"]);
}

if (!isset($_REQUEST["id"])) {
	// need a key value...
	http_response_code(404);
	echo "Not Found";
	die();
} else {
	$_REQUEST["id"] = intval($_REQUEST["id"]);
}

if (!isset($_REQUEST["key"])) {
	// need a key value...
	http_response_code(404);
	echo "Not Found";
	die();
}

$website_id = 5;
$webpage_id = 'rfpe';
$folder_id = 0;
$format = 'web';

if (substr($_REQUEST["key"], strlen($_REQUEST["key"]) - 3, 3) == "_FR") {
	$webpage_id = 'rfpf';
}

include("miupdate/prepend.php3");
include("miupdate/functions.inc");
include("miupdate/webpage_info.inc");

// now look through the ref_pub database for that OID

$sql = "select rpa.asset_id, rpa.rad_key from ref_pub_asset rpa, asset_library a, ref_pub rp where a.website_id = ? and rp.lang_id = ? and a.item_id = rpa.asset_id and rp.pub_id = rpa.pub_id and rp.rad_oid = ? and rpa.rad_key = ? and rpa.position = ?  and (rp.publish_to is null or rp.publish_to >= ".$db->DBTimestamp(time()).")";;

// $sql = "select * from ref_pub_asset where rad_key = 'LABEL_FILE_PRINT_FILL_FR'";
$rs = $db->Prepare($sql);
$rs = $db->Execute($rs,array($website_id, $WEBSITE_LANGUAGE, $_REQUEST["id"], $_REQUEST["key"], $_REQUEST["index"]));
$asset_info = null;
while($rs && !$rs->EOF) {
	$asset_id = $rs->fields("asset_id");
	$rad_key = $rs->fields("rad_key");
	if (!isset($smarty_vars["publication"]["assets"][$rad_key])) {
		$smarty_vars["publication"]["assets"][$rad_key] = array();
	}
	$asset_info = asset_image_info($asset_id);
	$rs->MoveNext();
}
if (is_array($asset_info)) {
	if ($asset_info["filename"] != "") {
		if (stripos($asset_info["filename"], ".php") === false
			&& stripos($asset_info["filename"], ".html") === false
			&& stripos($asset_info["filename"], ".asp") === false
			&& stripos($asset_info["filename"], ".txt") === false
			) {
				$file = dirname(__FILE__).$asset_info["folder"].$asset_info["filename"];
				$download_filename = $asset_info["filename"];
				if ($asset_info["alt"] != "" && strpos($asset_info["alt"], ".") > 0) {
					$download_filename = html_entity_decode($asset_info["alt"]);
				}
				$download_filename = str_replace('"', "", $download_filename);
				if (file_exists($file)) {
				    header('Content-Description: File Transfer');
				    header('Content-Type: application/octet-stream');
				    header('Content-Disposition: attachment; filename="'.$download_filename.'"');
				    header('Expires: 0');
				    header('Cache-Control: must-revalidate');
				    header('Pragma: public');
				    header('Content-Length: ' . filesize($file));
				    readfile($file);
				    exit;
				}
		}
	}

}

// since the file has not been output already, show Not found.
http_response_code(404);
echo "Form or Policy document was not found";
die();

?>