Subversion Repositories Applications.papyrus

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
831 florian 1
<?php
2
 
3
////////////////////////////////////////////////////////////////////////////////
4
//                                                                            //
5
//   Copyright (C) 2006  Phorum Development Team                              //
6
//   http://www.phorum.org                                                    //
7
//                                                                            //
8
//   This program is free software. You can redistribute it and/or modify     //
9
//   it under the terms of either the current Phorum License (viewable at     //
10
//   phorum.org) or the Phorum License that was distributed with this file    //
11
//                                                                            //
12
//   This program is distributed in the hope that it will be useful,          //
13
//   but WITHOUT ANY WARRANTY, without even the implied warranty of           //
14
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                     //
15
//                                                                            //
16
//   You should have received a copy of the Phorum License                    //
17
//   along with this program.                                                 //
18
////////////////////////////////////////////////////////////////////////////////
19
define('phorum_page','file');
20
 
21
ob_start();
22
 
23
ini_set ( "zlib.output_compression", "0");
24
ini_set ( "output_handler", "");
25
 
26
include_once("./common.php");
27
 
28
// set all our URL's
29
phorum_build_common_urls();
30
 
31
// checking read-permissions
32
if(!phorum_check_read_common()) {
33
  return;
34
}
35
 
36
if(empty($PHORUM["args"]["file"])){
37
    phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL));
38
    exit();
39
}
40
 
41
$filearg=(int)$PHORUM["args"]["file"];
42
$file=phorum_db_file_get($filearg);
43
 
44
 
45
if(empty($file)){
46
    phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL));
47
    exit();
48
}
49
 
50
$send_file=true;
51
 
52
// check if this phorum allows off site links and if not, check the referrer
53
if(isset($_SERVER["HTTP_REFERER"]) && !$PHORUM["file_offsite"] && preg_match('!^https?://!', $_SERVER["HTTP_REFERER"])){
54
 
55
    $base = strtolower(phorum_get_url(PHORUM_BASE_URL));
56
    $len = strlen($base);
57
    if (strtolower(substr($_SERVER["HTTP_REFERER"], 0, $len)) != $base) {
58
 
59
        ob_end_flush();
60
 
61
        $PHORUM["DATA"]["MESSAGE"]=$PHORUM["DATA"]["LANG"]["FileForbidden"];
62
        include phorum_get_template("header");
63
        include phorum_get_template("message");
64
        include phorum_get_template("footer");
65
 
66
        $send_file=false;
67
    }
68
}
69
 
70
if($send_file){
71
 
72
    // Mime Types for Attachments
73
    $mime_types["default"]="text/plain";
74
    $mime_types["pdf"]="application/pdf";
75
    $mime_types["doc"]="application/msword";
76
    $mime_types["xls"]="application/vnd.ms-excel";
77
    $mime_types["gif"]="image/gif";
78
    $mime_types["png"]="image/png";
79
    $mime_types["jpg"]="image/jpeg";
80
    $mime_types["jpeg"]="image/jpeg";
81
    $mime_types["jpe"]="image/jpeg";
82
    $mime_types["tiff"]="image/tiff";
83
    $mime_types["tif"]="image/tiff";
84
    $mime_types["xml"]="text/xml";
85
    $mime_types["mpeg"]="video/mpeg";
86
    $mime_types["mpg"]="video/mpeg";
87
    $mime_types["mpe"]="video/mpeg";
88
    $mime_types["qt"]="video/quicktime";
89
    $mime_types["mov"]="video/quicktime";
90
    $mime_types["avi"]="video/x-msvideo";
91
    $mime_types["gz"]="application/x-gzip";
92
    $mime_types["tgz"]="application/x-gzip";
93
    $mime_types["zip"]="application/zip";
94
    $mime_types["tar"]="application/x-tar";
95
    $mime_types["exe"]="application/octet-stream";
96
    $mime_types["rar"]="application/octet-stream";
97
    $mime_types["wma"]="application/octet-stream";
98
    $mime_types["wmv"]="application/octet-stream";
99
    $mime_types["mp3"]="audio/mpeg";
100
 
101
    $type=strtolower(substr($file["filename"], strrpos($file["filename"], ".")+1));
102
 
103
    if(isset($mime_types[$type])){
104
        $mime=$mime_types[$type];
105
    }
106
    else{
107
        $mime=$mime_types["default"];
108
    }
109
 
110
    list($mime, $file) = phorum_hook("file", array($mime, $file));
111
 
112
    ob_end_clean();
113
 
114
    header("Content-Type: $mime");
115
    header("Content-Disposition: filename=\"{$file['filename']}\"");
116
 
117
    echo base64_decode($file["file_data"]);
118
 
119
    exit();
120
}
121
 
122
?>