Response.php 28.9 KB
Newer Older
Qiang Xue committed
1 2 3
<?php
/**
 * @link http://www.yiiframework.com/
Qiang Xue committed
4
 * @copyright Copyright (c) 2008 Yii Software LLC
Qiang Xue committed
5 6 7 8 9
 * @license http://www.yiiframework.com/license/
 */

namespace yii\web;

Qiang Xue committed
10
use Yii;
11
use yii\base\InvalidConfigException;
Qiang Xue committed
12
use yii\base\InvalidParamException;
Qiang Xue committed
13
use yii\helpers\FileHelper;
Qiang Xue committed
14
use yii\helpers\Html;
Qiang Xue committed
15
use yii\helpers\Json;
16
use yii\helpers\Security;
17
use yii\helpers\StringHelper;
Qiang Xue committed
18 19

/**
20 21 22 23
 * The web Response class represents an HTTP response
 *
 * It holds the [[headers]], [[cookies]] and [[content]] that is to be sent to the client.
 * It also controls the HTTP [[statusCode|status code]].
24
 *
25
 * Response is configured as an application component in [[\yii\web\Application]] by default.
26 27 28 29 30 31 32 33 34 35 36 37 38
 * You can access that instance via `Yii::$app->response`.
 *
 * You can modify its configuration by adding an array to your application config under `components`
 * as it is shown in the following example:
 *
 * ~~~
 * 'response' => [
 *     'format' => yii\web\Response::FORMAT_JSON,
 *     'charset' => 'UTF-8',
 *     // ...
 * ]
 * ~~~
 *
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
 * @property CookieCollection $cookies The cookie collection. This property is read-only.
 * @property HeaderCollection $headers The header collection. This property is read-only.
 * @property boolean $isClientError Whether this response indicates a client error. This property is
 * read-only.
 * @property boolean $isEmpty Whether this response is empty. This property is read-only.
 * @property boolean $isForbidden Whether this response indicates the current request is forbidden. This
 * property is read-only.
 * @property boolean $isInformational Whether this response is informational. This property is read-only.
 * @property boolean $isInvalid Whether this response has a valid [[statusCode]]. This property is read-only.
 * @property boolean $isNotFound Whether this response indicates the currently requested resource is not
 * found. This property is read-only.
 * @property boolean $isOk Whether this response is OK. This property is read-only.
 * @property boolean $isRedirection Whether this response is a redirection. This property is read-only.
 * @property boolean $isServerError Whether this response indicates a server error. This property is
 * read-only.
 * @property boolean $isSuccessful Whether this response is successful. This property is read-only.
55 56
 * @property integer $statusCode The HTTP status code to send with the response.
 *
Qiang Xue committed
57
 * @author Qiang Xue <qiang.xue@gmail.com>
58
 * @author Carsten Brandt <mail@cebe.cc>
Qiang Xue committed
59 60 61 62
 * @since 2.0
 */
class Response extends \yii\base\Response
{
63 64 65 66 67 68 69 70 71 72 73 74
	/**
	 * @event ResponseEvent an event that is triggered at the beginning of [[send()]].
	 */
	const EVENT_BEFORE_SEND = 'beforeSend';
	/**
	 * @event ResponseEvent an event that is triggered at the end of [[send()]].
	 */
	const EVENT_AFTER_SEND = 'afterSend';
	/**
	 * @event ResponseEvent an event that is triggered right after [[prepare()]] is called in [[send()]].
	 * You may respond to this event to filter the response content before it is sent to the client.
	 */
Qiang Xue committed
75
	const EVENT_AFTER_PREPARE = 'afterPrepare';
76

77 78 79 80 81 82 83
	const FORMAT_RAW = 'raw';
	const FORMAT_HTML = 'html';
	const FORMAT_JSON = 'json';
	const FORMAT_JSONP = 'jsonp';
	const FORMAT_XML = 'xml';

	/**
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
	 * @var string the response format. This determines how to convert [[data]] into [[content]]
	 * when the latter is not set. By default, the following formats are supported:
	 *
	 * - [[FORMAT_RAW]]: the data will be treated as the response content without any conversion.
	 *   No extra HTTP header will be added.
	 * - [[FORMAT_HTML]]: the data will be treated as the response content without any conversion.
	 *   The "Content-Type" header will set as "text/html" if it is not set previously.
	 * - [[FORMAT_JSON]]: the data will be converted into JSON format, and the "Content-Type"
	 *   header will be set as "application/json".
	 * - [[FORMAT_JSONP]]: the data will be converted into JSONP format, and the "Content-Type"
	 *   header will be set as "text/javascript". Note that in this case `$data` must be an array
	 *   with "data" and "callback" elements. The former refers to the actual data to be sent,
	 *   while the latter refers to the name of the JavaScript callback.
	 * - [[FORMAT_XML]]: the data will be converted into XML format. Please refer to [[XmlResponseFormatter]]
	 *   for more details.
	 *
	 * You may customize the formatting process or support additional formats by configuring [[formatters]].
	 * @see formatters
102 103
	 */
	public $format = self::FORMAT_HTML;
Qiang Xue committed
104 105 106 107
	/**
	 * @var array the formatters for converting data into the response content of the specified [[format]].
	 * The array keys are the format names, and the array values are the corresponding configurations
	 * for creating the formatter objects.
108
	 * @see format
Qiang Xue committed
109 110
	 */
	public $formatters;
111 112 113 114 115 116 117 118 119 120 121 122
	/**
	 * @var mixed the original response data. When this is not null, it will be converted into [[content]]
	 * according to [[format]] when the response is being sent out.
	 * @see content
	 */
	public $data;
	/**
	 * @var string the response content. When [[data]] is not null, it will be converted into [[content]]
	 * according to [[format]] when the response is being sent out.
	 * @see data
	 */
	public $content;
123 124 125 126 127 128
	/**
	 * @var resource|array the stream to be sent. This can be a stream handle or an array of stream handle,
	 * the begin position and the end position. Note that when this property is set, the [[data]] and [[content]]
	 * properties will be ignored by [[send()]].
	 */
	public $stream;
129 130 131 132 133
	/**
	 * @var string the charset of the text response. If not set, it will use
	 * the value of [[Application::charset]].
	 */
	public $charset;
Qiang Xue committed
134
	/**
135
	 * @var string the HTTP status description that comes together with the status code.
Carsten Brandt committed
136
	 * @see httpStatuses
Qiang Xue committed
137
	 */
138
	public $statusText = 'OK';
Qiang Xue committed
139
	/**
140 141
	 * @var string the version of the HTTP protocol to use. If not set, it will be determined via `$_SERVER['SERVER_PROTOCOL']`,
	 * or '1.1' if that is not available.
Qiang Xue committed
142
	 */
143
	public $version;
144 145 146 147
	/**
	 * @var boolean whether the response has been sent. If this is true, calling [[send()]] will do nothing.
	 */
	public $isSent = false;
Qiang Xue committed
148 149 150
	/**
	 * @var array list of HTTP status codes and the corresponding texts
	 */
Alexander Makarov committed
151
	public static $httpStatuses = [
Qiang Xue committed
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194
		100 => 'Continue',
		101 => 'Switching Protocols',
		102 => 'Processing',
		118 => 'Connection timed out',
		200 => 'OK',
		201 => 'Created',
		202 => 'Accepted',
		203 => 'Non-Authoritative',
		204 => 'No Content',
		205 => 'Reset Content',
		206 => 'Partial Content',
		207 => 'Multi-Status',
		208 => 'Already Reported',
		210 => 'Content Different',
		226 => 'IM Used',
		300 => 'Multiple Choices',
		301 => 'Moved Permanently',
		302 => 'Found',
		303 => 'See Other',
		304 => 'Not Modified',
		305 => 'Use Proxy',
		306 => 'Reserved',
		307 => 'Temporary Redirect',
		308 => 'Permanent Redirect',
		310 => 'Too many Redirect',
		400 => 'Bad Request',
		401 => 'Unauthorized',
		402 => 'Payment Required',
		403 => 'Forbidden',
		404 => 'Not Found',
		405 => 'Method Not Allowed',
		406 => 'Not Acceptable',
		407 => 'Proxy Authentication Required',
		408 => 'Request Time-out',
		409 => 'Conflict',
		410 => 'Gone',
		411 => 'Length Required',
		412 => 'Precondition Failed',
		413 => 'Request Entity Too Large',
		414 => 'Request-URI Too Long',
		415 => 'Unsupported Media Type',
		416 => 'Requested range unsatisfiable',
		417 => 'Expectation failed',
195
		418 => 'I\'m a teapot',
Qiang Xue committed
196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216
		422 => 'Unprocessable entity',
		423 => 'Locked',
		424 => 'Method failure',
		425 => 'Unordered Collection',
		426 => 'Upgrade Required',
		428 => 'Precondition Required',
		429 => 'Too Many Requests',
		431 => 'Request Header Fields Too Large',
		449 => 'Retry With',
		450 => 'Blocked by Windows Parental Controls',
		500 => 'Internal Server Error',
		501 => 'Not Implemented',
		502 => 'Bad Gateway ou Proxy Error',
		503 => 'Service Unavailable',
		504 => 'Gateway Time-out',
		505 => 'HTTP Version not supported',
		507 => 'Insufficient storage',
		508 => 'Loop Detected',
		509 => 'Bandwidth Limit Exceeded',
		510 => 'Not Extended',
		511 => 'Network Authentication Required',
Alexander Makarov committed
217
	];
Qiang Xue committed
218

219 220 221
	/**
	 * @var integer the HTTP status code to send with the response.
	 */
222
	private $_statusCode = 200;
Qiang Xue committed
223 224 225
	/**
	 * @var HeaderCollection
	 */
Qiang Xue committed
226 227
	private $_headers;

Qiang Xue committed
228 229 230
	/**
	 * Initializes this component.
	 */
Qiang Xue committed
231 232
	public function init()
	{
233 234 235 236 237 238
		if ($this->version === null) {
			if (isset($_SERVER['SERVER_PROTOCOL']) && $_SERVER['SERVER_PROTOCOL'] === '1.0') {
				$this->version = '1.0';
			} else {
				$this->version = '1.1';
			}
Qiang Xue committed
239
		}
240 241 242
		if ($this->charset === null) {
			$this->charset = Yii::$app->charset;
		}
Qiang Xue committed
243 244
	}

245 246 247
	/**
	 * @return integer the HTTP status code to send with the response.
	 */
Qiang Xue committed
248 249 250 251 252
	public function getStatusCode()
	{
		return $this->_statusCode;
	}

Qiang Xue committed
253 254 255 256 257 258 259
	/**
	 * Sets the response status code.
	 * This method will set the corresponding status text if `$text` is null.
	 * @param integer $value the status code
	 * @param string $text the status text. If not set, it will be set automatically based on the status code.
	 * @throws InvalidParamException if the status code is invalid.
	 */
Qiang Xue committed
260
	public function setStatusCode($value, $text = null)
Qiang Xue committed
261
	{
262 263 264
		if ($value === null) {
			$value = 200;
		}
Qiang Xue committed
265
		$this->_statusCode = (int)$value;
266
		if ($this->getIsInvalid()) {
Qiang Xue committed
267 268
			throw new InvalidParamException("The HTTP status code is invalid: $value");
		}
Qiang Xue committed
269
		if ($text === null) {
270
			$this->statusText = isset(static::$httpStatuses[$this->_statusCode]) ? static::$httpStatuses[$this->_statusCode] : '';
Qiang Xue committed
271 272 273
		} else {
			$this->statusText = $text;
		}
Qiang Xue committed
274 275
	}

Qiang Xue committed
276 277 278 279 280 281 282 283 284 285 286 287 288
	/**
	 * Returns the header collection.
	 * The header collection contains the currently registered HTTP headers.
	 * @return HeaderCollection the header collection
	 */
	public function getHeaders()
	{
		if ($this->_headers === null) {
			$this->_headers = new HeaderCollection;
		}
		return $this->_headers;
	}

Qiang Xue committed
289 290 291 292 293
	/**
	 * Sends the response to the client.
	 */
	public function send()
	{
294 295 296
		if ($this->isSent) {
			return;
		}
Qiang Xue committed
297
		$this->trigger(self::EVENT_BEFORE_SEND);
298
		$this->prepare();
Qiang Xue committed
299
		$this->trigger(self::EVENT_AFTER_PREPARE);
Qiang Xue committed
300 301
		$this->sendHeaders();
		$this->sendContent();
Qiang Xue committed
302
		$this->trigger(self::EVENT_AFTER_SEND);
303
		$this->isSent = true;
Qiang Xue committed
304 305
	}

Qiang Xue committed
306 307 308
	/**
	 * Clears the headers, cookies, content, status code of the response.
	 */
309
	public function clear()
Qiang Xue committed
310 311
	{
		$this->_headers = null;
Qiang Xue committed
312
		$this->_cookies = null;
313 314
		$this->_statusCode = 200;
		$this->statusText = 'OK';
315
		$this->data = null;
316
		$this->stream = null;
317
		$this->content = null;
318
		$this->isSent = false;
Qiang Xue committed
319 320
	}

Qiang Xue committed
321 322 323 324 325
	/**
	 * Sends the response headers to the client
	 */
	protected function sendHeaders()
	{
Qiang Xue committed
326 327 328
		if (headers_sent()) {
			return;
		}
Qiang Xue committed
329
		$statusCode = $this->getStatusCode();
330
		header("HTTP/{$this->version} $statusCode {$this->statusText}");
Qiang Xue committed
331 332 333
		if ($this->_headers) {
			$headers = $this->getHeaders();
			foreach ($headers as $name => $values) {
Qiang Xue committed
334
				$name = str_replace(' ', '-', ucwords(str_replace('-', ' ', $name)));
Qiang Xue committed
335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357
				foreach ($values as $value) {
					header("$name: $value", false);
				}
			}
		}
		$this->sendCookies();
	}

	/**
	 * Sends the cookies to the client.
	 */
	protected function sendCookies()
	{
		if ($this->_cookies === null) {
			return;
		}
		$request = Yii::$app->getRequest();
		if ($request->enableCookieValidation) {
			$validationKey = $request->getCookieValidationKey();
		}
		foreach ($this->getCookies() as $cookie) {
			$value = $cookie->value;
			if ($cookie->expire != 1  && isset($validationKey)) {
358
				$value = Security::hashData(serialize($value), $validationKey);
Qiang Xue committed
359
			}
Qiang Xue committed
360
			setcookie($cookie->name, $value, $cookie->expire, $cookie->path, $cookie->domain, $cookie->secure, $cookie->httpOnly);
Qiang Xue committed
361
		}
Qiang Xue committed
362
		$this->getCookies()->removeAll();
Qiang Xue committed
363 364 365 366 367 368 369
	}

	/**
	 * Sends the response content to the client
	 */
	protected function sendContent()
	{
370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395
		if ($this->stream === null) {
			echo $this->content;
			return;
		}

		set_time_limit(0); // Reset time limit for big files
		$chunkSize = 8 * 1024 * 1024; // 8MB per chunk

		if (is_array($this->stream)) {
			list ($handle, $begin, $end) = $this->stream;
			fseek($handle, $begin);
			while (!feof($handle) && ($pos = ftell($handle)) <= $end) {
				if ($pos + $chunkSize > $end) {
					$chunkSize = $end - $pos + 1;
				}
				echo fread($handle, $chunkSize);
				flush(); // Free up memory. Otherwise large files will trigger PHP's memory limit.
			}
			fclose($handle);
		} else {
			while (!feof($this->stream)) {
				echo fread($this->stream, $chunkSize);
				flush();
			}
			fclose($this->stream);
		}
Qiang Xue committed
396 397
	}

Qiang Xue committed
398
	/**
399
	 * Sends a file to the browser.
400 401 402 403
	 *
	 * Note that this method only prepares the response for file sending. The file is not sent
	 * until [[send()]] is called explicitly or implicitly. The latter is done after you return from a controller action.
	 *
404 405
	 * @param string $filePath the path of the file to be sent.
	 * @param string $attachmentName the file name shown to the user. If null, it will be determined from `$filePath`.
Qiang Xue committed
406
	 * @param string $mimeType the MIME type of the content. If null, it will be guessed based on `$filePath`
407
	 * @return static the response object itself
Qiang Xue committed
408
	 */
Qiang Xue committed
409
	public function sendFile($filePath, $attachmentName = null, $mimeType = null)
Qiang Xue committed
410
	{
411
		if ($mimeType === null && ($mimeType = FileHelper::getMimeTypeByExtension($filePath)) === null) {
412
			$mimeType = 'application/octet-stream';
Qiang Xue committed
413
		}
414 415
		if ($attachmentName === null) {
			$attachmentName = basename($filePath);
416
		}
417
		$handle = fopen($filePath, 'rb');
Qiang Xue committed
418
		$this->sendStreamAsFile($handle, $attachmentName, $mimeType);
419 420

		return $this;
421
	}
422

423 424
	/**
	 * Sends the specified content as a file to the browser.
425 426 427 428
	 *
	 * Note that this method only prepares the response for file sending. The file is not sent
	 * until [[send()]] is called explicitly or implicitly. The latter is done after you return from a controller action.
	 *
429 430
	 * @param string $content the content to be sent. The existing [[content]] will be discarded.
	 * @param string $attachmentName the file name shown to the user.
Qiang Xue committed
431
	 * @param string $mimeType the MIME type of the content.
432
	 * @return static the response object itself
433
	 * @throws HttpException if the requested range is not satisfiable
434
	 */
435
	public function sendContentAsFile($content, $attachmentName, $mimeType = 'application/octet-stream')
436
	{
437
		$headers = $this->getHeaders();
438
		$contentLength = StringHelper::byteLength($content);
439 440 441
		$range = $this->getHttpRange($contentLength);
		if ($range === false) {
			$headers->set('Content-Range', "bytes */$contentLength");
442
			throw new HttpException(416, 'Requested range not satisfiable');
443 444
		}

445 446 447 448 449 450
		$headers->setDefault('Pragma', 'public')
			->setDefault('Accept-Ranges', 'bytes')
			->setDefault('Expires', '0')
			->setDefault('Content-Type', $mimeType)
			->setDefault('Cache-Control', 'must-revalidate, post-check=0, pre-check=0')
			->setDefault('Content-Transfer-Encoding', 'binary')
451
			->setDefault('Content-Length', StringHelper::byteLength($content))
452
			->setDefault('Content-Disposition', "attachment; filename=\"$attachmentName\"");
453

454 455 456 457
		list($begin, $end) = $range;
		if ($begin !=0 || $end != $contentLength - 1) {
			$this->setStatusCode(206);
			$headers->set('Content-Range', "bytes $begin-$end/$contentLength");
458
			$this->content = StringHelper::byteSubstr($content, $begin, $end - $begin + 1);
459 460
		} else {
			$this->setStatusCode(200);
461
			$this->content = $content;
462 463
		}

464
		$this->format = self::FORMAT_RAW;
465 466

		return $this;
Qiang Xue committed
467 468
	}

469 470
	/**
	 * Sends the specified stream as a file to the browser.
471 472 473 474
	 *
	 * Note that this method only prepares the response for file sending. The file is not sent
	 * until [[send()]] is called explicitly or implicitly. The latter is done after you return from a controller action.
	 *
475 476
	 * @param resource $handle the handle of the stream to be sent.
	 * @param string $attachmentName the file name shown to the user.
Qiang Xue committed
477
	 * @param string $mimeType the MIME type of the stream content.
478
	 * @return static the response object itself
479 480
	 * @throws HttpException if the requested range cannot be satisfied.
	 */
481
	public function sendStreamAsFile($handle, $attachmentName, $mimeType = 'application/octet-stream')
Qiang Xue committed
482
	{
483
		$headers = $this->getHeaders();
Qiang Xue committed
484 485 486
		fseek($handle, 0, SEEK_END);
		$fileSize = ftell($handle);

487 488 489
		$range = $this->getHttpRange($fileSize);
		if ($range === false) {
			$headers->set('Content-Range', "bytes */$fileSize");
490
			throw new HttpException(416, 'Requested range not satisfiable');
491
		}
Qiang Xue committed
492

493 494
		list($begin, $end) = $range;
		if ($begin !=0 || $end != $fileSize - 1) {
Qiang Xue committed
495
			$this->setStatusCode(206);
496
			$headers->set('Content-Range', "bytes $begin-$end/$fileSize");
Qiang Xue committed
497 498 499 500
		} else {
			$this->setStatusCode(200);
		}

501
		$length = $end - $begin + 1;
Qiang Xue committed
502

503 504 505 506 507 508 509 510
		$headers->setDefault('Pragma', 'public')
			->setDefault('Accept-Ranges', 'bytes')
			->setDefault('Expires', '0')
			->setDefault('Content-Type', $mimeType)
			->setDefault('Cache-Control', 'must-revalidate, post-check=0, pre-check=0')
			->setDefault('Content-Transfer-Encoding', 'binary')
			->setDefault('Content-Length', $length)
			->setDefault('Content-Disposition', "attachment; filename=\"$attachmentName\"");
511
		$this->format = self::FORMAT_RAW;
512
		$this->stream = [$handle, $begin, $end];
Qiang Xue committed
513

514
		return $this;
Qiang Xue committed
515 516
	}

517 518 519 520 521 522 523 524
	/**
	 * Determines the HTTP range given in the request.
	 * @param integer $fileSize the size of the file that will be used to validate the requested HTTP range.
	 * @return array|boolean the range (begin, end), or false if the range request is invalid.
	 */
	protected function getHttpRange($fileSize)
	{
		if (!isset($_SERVER['HTTP_RANGE']) || $_SERVER['HTTP_RANGE'] === '-') {
Alexander Makarov committed
525
			return [0, $fileSize - 1];
526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545
		}
		if (!preg_match('/^bytes=(\d*)-(\d*)$/', $_SERVER['HTTP_RANGE'], $matches)) {
			return false;
		}
		if ($matches[1] === '') {
			$start = $fileSize - $matches[2];
			$end = $fileSize - 1;
		} elseif ($matches[2] !== '') {
			$start = $matches[1];
			$end = $matches[2];
			if ($end >= $fileSize) {
				$end = $fileSize - 1;
			}
		} else {
			$start = $matches[1];
			$end = $fileSize - 1;
		}
		if ($start < 0 || $start > $end) {
			return false;
		} else {
Alexander Makarov committed
546
			return [$start, $end];
547 548 549
		}
	}

Qiang Xue committed
550 551 552 553 554 555 556 557 558 559 560 561 562 563
	/**
	 * Sends existing file to a browser as a download using x-sendfile.
	 *
	 * X-Sendfile is a feature allowing a web application to redirect the request for a file to the webserver
	 * that in turn processes the request, this way eliminating the need to perform tasks like reading the file
	 * and sending it to the user. When dealing with a lot of files (or very big files) this can lead to a great
	 * increase in performance as the web application is allowed to terminate earlier while the webserver is
	 * handling the request.
	 *
	 * The request is sent to the server through a special non-standard HTTP-header.
	 * When the web server encounters the presence of such header it will discard all output and send the file
	 * specified by that header using web server internals including all optimizations like caching-headers.
	 *
	 * As this header directive is non-standard different directives exists for different web servers applications:
564 565
	 *
	 * - Apache: [X-Sendfile](http://tn123.org/mod_xsendfile)
Qiang Xue committed
566 567 568 569 570
	 * - Lighttpd v1.4: [X-LIGHTTPD-send-file](http://redmine.lighttpd.net/projects/lighttpd/wiki/X-LIGHTTPD-send-file)
	 * - Lighttpd v1.5: [X-Sendfile](http://redmine.lighttpd.net/projects/lighttpd/wiki/X-LIGHTTPD-send-file)
	 * - Nginx: [X-Accel-Redirect](http://wiki.nginx.org/XSendfile)
	 * - Cherokee: [X-Sendfile and X-Accel-Redirect](http://www.cherokee-project.com/doc/other_goodies.html#x-sendfile)
	 *
Qiang Xue committed
571 572 573
	 * So for this method to work the X-SENDFILE option/module should be enabled by the web server and
	 * a proper xHeader should be sent.
	 *
Qiang Xue committed
574
	 * **Note**
575 576
	 *
	 * This option allows to download files that are not under web folders, and even files that are otherwise protected
Qiang Xue committed
577
	 * (deny from all) like `.htaccess`.
Qiang Xue committed
578
	 *
Qiang Xue committed
579
	 * **Side effects**
580
	 *
Qiang Xue committed
581 582 583
	 * If this option is disabled by the web server, when this method is called a download configuration dialog
	 * will open but the downloaded file will have 0 bytes.
	 *
Qiang Xue committed
584
	 * **Known issues**
585
	 *
Qiang Xue committed
586
	 * There is a Bug with Internet Explorer 6, 7 and 8 when X-SENDFILE is used over an SSL connection, it will show
587
	 * an error message like this: "Internet Explorer was not able to open this Internet site. The requested site
Qiang Xue committed
588 589 590
	 * is either unavailable or cannot be found.". You can work around this problem by removing the `Pragma`-header.
	 *
	 * **Example**
591
	 *
Qiang Xue committed
592
	 * ~~~
593
	 * Yii::$app->response->xSendFile('/home/user/Pictures/picture1.jpg');
594
	 * ~~~
Qiang Xue committed
595
	 *
Qiang Xue committed
596
	 * @param string $filePath file name with full path
597 598 599
	 * @param string $mimeType the MIME type of the file. If null, it will be determined based on `$filePath`.
	 * @param string $attachmentName file name shown to the user. If null, it will be determined from `$filePath`.
	 * @param string $xHeader the name of the x-sendfile header.
600
	 * @return static the response object itself
Qiang Xue committed
601
	 */
Qiang Xue committed
602
	public function xSendFile($filePath, $attachmentName = null, $mimeType = null, $xHeader = 'X-Sendfile')
Qiang Xue committed
603
	{
604 605
		if ($mimeType === null && ($mimeType = FileHelper::getMimeTypeByExtension($filePath)) === null) {
			$mimeType = 'application/octet-stream';
Qiang Xue committed
606
		}
607 608
		if ($attachmentName === null) {
			$attachmentName = basename($filePath);
Qiang Xue committed
609
		}
Qiang Xue committed
610

611
		$this->getHeaders()
612 613 614
			->setDefault($xHeader, $filePath)
			->setDefault('Content-Type', $mimeType)
			->setDefault('Content-Disposition', "attachment; filename=\"$attachmentName\"");
Qiang Xue committed
615

616
		return $this;
Qiang Xue committed
617
	}
Qiang Xue committed
618 619 620

	/**
	 * Redirects the browser to the specified URL.
Qiang Xue committed
621
	 *
Qiang Xue committed
622 623 624 625 626 627 628 629 630 631 632 633 634 635
	 * This method adds a "Location" header to the current response. Note that it does not send out
	 * the header until [[send()]] is called. In a controller action you may use this method as follows:
	 *
	 * ~~~
	 * return Yii::$app->getResponse()->redirect($url);
	 * ~~~
	 *
	 * In other places, if you want to send out the "Location" header immediately, you should use
	 * the following code:
	 *
	 * ~~~
	 * Yii::$app->getResponse()->redirect($url)->send();
	 * return;
	 * ~~~
Qiang Xue committed
636
	 *
Qiang Xue committed
637 638
	 * In AJAX mode, this normally will not work as expected unless there are some
	 * client-side JavaScript code handling the redirection. To help achieve this goal,
Qiang Xue committed
639 640 641 642 643
	 * this method will send out a "X-Redirect" header instead of "Location".
	 *
	 * If you use the "yii" JavaScript module, it will handle the AJAX redirection as
	 * described above. Otherwise, you should write the following JavaScript code to
	 * handle the redirection:
Qiang Xue committed
644 645
	 *
	 * ~~~
Qiang Xue committed
646 647 648 649
	 * $document.ajaxComplete(function (event, xhr, settings) {
	 *     var url = xhr.getResponseHeader('X-Redirect');
	 *     if (url) {
	 *         window.location = url;
Qiang Xue committed
650 651 652 653
	 *     }
	 * });
	 * ~~~
	 *
Qiang Xue committed
654 655 656 657
	 * @param string|array $url the URL to be redirected to. This can be in one of the following formats:
	 *
	 * - a string representing a URL (e.g. "http://example.com")
	 * - a string representing a URL alias (e.g. "@example.com")
Alexander Makarov committed
658
	 * - an array in the format of `[$route, ...name-value pairs...]` (e.g. `['site/index', 'ref' => 1]`).
Qiang Xue committed
659 660 661 662 663 664
	 *   Note that the route is with respect to the whole application, instead of relative to a controller or module.
	 *   [[Html::url()]] will be used to convert the array into a URL.
	 *
	 * Any relative URL will be converted into an absolute one by prepending it with the host info
	 * of the current request.
	 *
665
	 * @param integer $statusCode the HTTP status code. Defaults to 302.
Carsten Brandt committed
666
	 * See <http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html>
667
	 * for details about HTTP status code
668
	 * @return static the response object itself
Qiang Xue committed
669
	 */
670
	public function redirect($url, $statusCode = 302)
Qiang Xue committed
671
	{
Qiang Xue committed
672 673 674 675 676
		if (is_array($url) && isset($url[0])) {
			// ensure the route is absolute
			$url[0] = '/' . ltrim($url[0], '/');
		}
		$url = Html::url($url);
Qiang Xue committed
677 678 679
		if (strpos($url, '/') === 0 && strpos($url, '//') !== 0) {
			$url = Yii::$app->getRequest()->getHostInfo() . $url;
		}
Qiang Xue committed
680

681
		if (Yii::$app->getRequest()->getIsPjax()) {
Qiang Xue committed
682
			$this->getHeaders()->set('X-Pjax-Url', $url);
683
		} elseif (Yii::$app->getRequest()->getIsAjax()) {
Qiang Xue committed
684 685 686
			$this->getHeaders()->set('X-Redirect', $url);
		} else {
			$this->getHeaders()->set('Location', $url);
Qiang Xue committed
687
		}
Qiang Xue committed
688
		$this->setStatusCode($statusCode);
Qiang Xue committed
689

690
		return $this;
Qiang Xue committed
691
	}
692

693 694 695 696
	/**
	 * Refreshes the current page.
	 * The effect of this method call is the same as the user pressing the refresh button of his browser
	 * (without re-posting data).
697 698 699 700 701 702 703
	 *
	 * In a controller action you may use this method like this:
	 *
	 * ~~~
	 * return Yii::$app->getResponse()->refresh();
	 * ~~~
	 *
704 705
	 * @param string $anchor the anchor that should be appended to the redirection URL.
	 * Defaults to empty. Make sure the anchor starts with '#' if you want to specify it.
706
	 * @return Response the response object itself
707
	 */
708
	public function refresh($anchor = '')
709
	{
710
		return $this->redirect(Yii::$app->getRequest()->getUrl() . $anchor);
711 712
	}

Qiang Xue committed
713 714
	private $_cookies;

715 716 717 718 719 720
	/**
	 * Returns the cookie collection.
	 * Through the returned cookie collection, you add or remove cookies as follows,
	 *
	 * ~~~
	 * // add a cookie
Alexander Makarov committed
721
	 * $response->cookies->add(new Cookie([
722 723
	 *     'name' => $name,
	 *     'value' => $value,
Alexander Makarov committed
724
	 * ]);
725 726 727 728 729 730 731 732 733 734 735
	 *
	 * // remove a cookie
	 * $response->cookies->remove('name');
	 * // alternatively
	 * unset($response->cookies['name']);
	 * ~~~
	 *
	 * @return CookieCollection the cookie collection.
	 */
	public function getCookies()
	{
Qiang Xue committed
736 737 738 739
		if ($this->_cookies === null) {
			$this->_cookies = new CookieCollection;
		}
		return $this->_cookies;
740
	}
Qiang Xue committed
741 742 743 744

	/**
	 * @return boolean whether this response has a valid [[statusCode]].
	 */
745
	public function getIsInvalid()
Qiang Xue committed
746 747 748 749 750 751 752
	{
		return $this->getStatusCode() < 100 || $this->getStatusCode() >= 600;
	}

	/**
	 * @return boolean whether this response is informational
	 */
753
	public function getIsInformational()
Qiang Xue committed
754 755 756 757 758
	{
		return $this->getStatusCode() >= 100 && $this->getStatusCode() < 200;
	}

	/**
759
	 * @return boolean whether this response is successful
Qiang Xue committed
760
	 */
761
	public function getIsSuccessful()
Qiang Xue committed
762 763 764 765 766 767 768
	{
		return $this->getStatusCode() >= 200 && $this->getStatusCode() < 300;
	}

	/**
	 * @return boolean whether this response is a redirection
	 */
769
	public function getIsRedirection()
Qiang Xue committed
770 771 772 773 774 775 776
	{
		return $this->getStatusCode() >= 300 && $this->getStatusCode() < 400;
	}

	/**
	 * @return boolean whether this response indicates a client error
	 */
777
	public function getIsClientError()
Qiang Xue committed
778 779 780 781 782 783 784
	{
		return $this->getStatusCode() >= 400 && $this->getStatusCode() < 500;
	}

	/**
	 * @return boolean whether this response indicates a server error
	 */
785
	public function getIsServerError()
Qiang Xue committed
786 787 788 789 790 791 792
	{
		return $this->getStatusCode() >= 500 && $this->getStatusCode() < 600;
	}

	/**
	 * @return boolean whether this response is OK
	 */
793
	public function getIsOk()
Qiang Xue committed
794
	{
795
		return $this->getStatusCode() == 200;
Qiang Xue committed
796 797 798 799 800
	}

	/**
	 * @return boolean whether this response indicates the current request is forbidden
	 */
801
	public function getIsForbidden()
Qiang Xue committed
802
	{
803
		return $this->getStatusCode() == 403;
Qiang Xue committed
804 805 806 807 808
	}

	/**
	 * @return boolean whether this response indicates the currently requested resource is not found
	 */
809
	public function getIsNotFound()
Qiang Xue committed
810
	{
811
		return $this->getStatusCode() == 404;
Qiang Xue committed
812 813 814 815 816
	}

	/**
	 * @return boolean whether this response is empty
	 */
817
	public function getIsEmpty()
Qiang Xue committed
818
	{
Alexander Makarov committed
819
		return in_array($this->getStatusCode(), [201, 204, 304]);
Qiang Xue committed
820
	}
821

Qiang Xue committed
822
	/**
823 824
	 * Prepares for sending the response.
	 * The default implementation will convert [[data]] into [[content]] and set headers accordingly.
825
	 * @throws InvalidConfigException if the formatter for the specified format is invalid or [[format]] is not supported
Qiang Xue committed
826
	 */
827
	protected function prepare()
828
	{
829
		if ($this->stream !== null || $this->data === null) {
830 831 832 833 834
			return;
		}

		if (isset($this->formatters[$this->format])) {
			$formatter = $this->formatters[$this->format];
Qiang Xue committed
835 836 837
			if (!is_object($formatter)) {
				$formatter = Yii::createObject($formatter);
			}
838
			if ($formatter instanceof ResponseFormatterInterface) {
839
				$formatter->format($this);
Qiang Xue committed
840
			} else {
841
				throw new InvalidConfigException("The '{$this->format}' response formatter is invalid. It must implement the ResponseFormatterInterface.");
Qiang Xue committed
842
			}
Qiang Xue committed
843 844 845 846 847 848 849 850 851 852
		} else {
			switch ($this->format) {
				case self::FORMAT_HTML:
					$this->getHeaders()->setDefault('Content-Type', 'text/html; charset=' . $this->charset);
					$this->content = $this->data;
					break;
				case self::FORMAT_RAW:
					$this->content = $this->data;
					break;
				case self::FORMAT_JSON:
853
					$this->getHeaders()->set('Content-Type', 'application/json; charset=UTF-8');
Qiang Xue committed
854 855 856 857 858 859 860 861 862 863 864 865
					$this->content = Json::encode($this->data);
					break;
				case self::FORMAT_JSONP:
					$this->getHeaders()->set('Content-Type', 'text/javascript; charset=' . $this->charset);
					if (is_array($this->data) && isset($this->data['data'], $this->data['callback'])) {
						$this->content = sprintf('%s(%s);', $this->data['callback'], Json::encode($this->data['data']));
					} else {
						$this->content = '';
						Yii::warning("The 'jsonp' response requires that the data be an array consisting of both 'data' and 'callback' elements.", __METHOD__);
					}
					break;
				case self::FORMAT_XML:
Borro committed
866
					Yii::createObject(XmlResponseFormatter::className())->format($this);
Qiang Xue committed
867 868 869 870
					break;
				default:
					throw new InvalidConfigException("Unsupported response format: {$this->format}");
			}
Qiang Xue committed
871 872
		}

Qiang Xue committed
873
		if (is_array($this->content)) {
874
			throw new InvalidParamException("Response content must not be an array.");
Qiang Xue committed
875
		} elseif (is_object($this->content)) {
876 877 878
			if (method_exists($this->content, '__toString')) {
				$this->content = $this->content->__toString();
			} else {
879
				throw new InvalidParamException("Response content must be a string or an object implementing __toString().");
880
			}
881 882
		}
	}
Qiang Xue committed
883
}