Execute($query);
$user = $rs->fields;
if ($user['gebruikersnaam']!=$_SERVER['PHP_AUTH_USER'] && $user['wachtwoord']!=md5($_SERVER['PHP_AUTH_PW'])){
header('WWW-Authenticate: Basic realm="Btech Filedump"');
header("HTTP/1.0 401 Unauthorized");
echo "Wrong username or password";
exit;
}
}
if (!empty($_GET['file'])){
$code = rawurldecode($_GET['file']);
$rs = $conn->Execute("SELECT * FROM filedump_files WHERE code = '".addslashes($code)."'");
$file = $rs->fields;
$rs = $conn->Execute("SELECT * FROM filedump_permissions WHERE user_id = ".intval($user['id'])." AND file_id = ".intval($file['id']));
$permissions = $rs->fields;
if (md5($file['id']*$key)==$code && $permissions['user_id']==$user['id'] && $permissions['file_id']==$file['id']){
$conn->Execute("INSERT INTO filedump_log (file_id,user_id,datum,ip) VALUES (".$_GET['file'].",".$user['id'].",NOW(),'".$_SERVER['REMOTE_ADDR']."')");
switch( $file_extension )
{
case "pdf": $ctype="application/pdf"; break;
case "exe": $ctype="application/octet-stream"; break;
case "zip": $ctype="application/zip"; break;
case "doc": $ctype="application/msword"; break;
case "xls": $ctype="application/vnd.ms-excel"; break;
case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
case "gif": $ctype="image/gif"; break;
case "png": $ctype="image/png"; break;
case "jpeg":
case "jpg": $ctype="image/jpg"; break;
default: $ctype="application/force-download";
}
if(ini_get('zlib.output_compression')){
ini_set('zlib.output_compression', 'Off');
}
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false);
header("Content-Type: ".$ctype);
header("Content-Disposition: attachment; filename=\"".basename($file['bestandsnaam'])."\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".@filesize($filedir.strtolower($file['bestandsnaam']{0}).'/'.$file['bestandsnaam']));
set_time_limit(0);
@readfile($filedir.strtolower($file['bestandsnaam']{0}).'/'.$file['bestandsnaam']);
exit();
}
exit;
}
?>
Filedump
Execute($query);
?>
EOF){
$ext = pathinfo($rs->fields['bestandsnaam']);
$size = (filesize($filedir.strtolower($rs->fields['bestandsnaam']{0}).'/'.$rs->fields['bestandsnaam'])/1024);
$ext['extension'] = empty($ext['extension']) ? "unknown" : strtolower($ext['extension']);
?>
 |
|
0 KB |
MoveNext();
}
?>