New file |
0,0 → 1,122 |
<?php |
|
//////////////////////////////////////////////////////////////////////////////// |
// // |
// Copyright (C) 2006 Phorum Development Team // |
// http://www.phorum.org // |
// // |
// This program is free software. You can redistribute it and/or modify // |
// it under the terms of either the current Phorum License (viewable at // |
// phorum.org) or the Phorum License that was distributed with this file // |
// // |
// This program is distributed in the hope that it will be useful, // |
// but WITHOUT ANY WARRANTY, without even the implied warranty of // |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // |
// // |
// You should have received a copy of the Phorum License // |
// along with this program. // |
//////////////////////////////////////////////////////////////////////////////// |
define('phorum_page','file'); |
|
ob_start(); |
|
ini_set ( "zlib.output_compression", "0"); |
ini_set ( "output_handler", ""); |
|
include_once("./common.php"); |
|
// set all our URL's |
phorum_build_common_urls(); |
|
// checking read-permissions |
if(!phorum_check_read_common()) { |
return; |
} |
|
if(empty($PHORUM["args"]["file"])){ |
phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); |
exit(); |
} |
|
$filearg=(int)$PHORUM["args"]["file"]; |
$file=phorum_db_file_get($filearg); |
|
|
if(empty($file)){ |
phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); |
exit(); |
} |
|
$send_file=true; |
|
// check if this phorum allows off site links and if not, check the referrer |
if(isset($_SERVER["HTTP_REFERER"]) && !$PHORUM["file_offsite"] && preg_match('!^https?://!', $_SERVER["HTTP_REFERER"])){ |
|
$base = strtolower(phorum_get_url(PHORUM_BASE_URL)); |
$len = strlen($base); |
if (strtolower(substr($_SERVER["HTTP_REFERER"], 0, $len)) != $base) { |
|
ob_end_flush(); |
|
$PHORUM["DATA"]["MESSAGE"]=$PHORUM["DATA"]["LANG"]["FileForbidden"]; |
include phorum_get_template("header"); |
include phorum_get_template("message"); |
include phorum_get_template("footer"); |
|
$send_file=false; |
} |
} |
|
if($send_file){ |
|
// Mime Types for Attachments |
$mime_types["default"]="text/plain"; |
$mime_types["pdf"]="application/pdf"; |
$mime_types["doc"]="application/msword"; |
$mime_types["xls"]="application/vnd.ms-excel"; |
$mime_types["gif"]="image/gif"; |
$mime_types["png"]="image/png"; |
$mime_types["jpg"]="image/jpeg"; |
$mime_types["jpeg"]="image/jpeg"; |
$mime_types["jpe"]="image/jpeg"; |
$mime_types["tiff"]="image/tiff"; |
$mime_types["tif"]="image/tiff"; |
$mime_types["xml"]="text/xml"; |
$mime_types["mpeg"]="video/mpeg"; |
$mime_types["mpg"]="video/mpeg"; |
$mime_types["mpe"]="video/mpeg"; |
$mime_types["qt"]="video/quicktime"; |
$mime_types["mov"]="video/quicktime"; |
$mime_types["avi"]="video/x-msvideo"; |
$mime_types["gz"]="application/x-gzip"; |
$mime_types["tgz"]="application/x-gzip"; |
$mime_types["zip"]="application/zip"; |
$mime_types["tar"]="application/x-tar"; |
$mime_types["exe"]="application/octet-stream"; |
$mime_types["rar"]="application/octet-stream"; |
$mime_types["wma"]="application/octet-stream"; |
$mime_types["wmv"]="application/octet-stream"; |
$mime_types["mp3"]="audio/mpeg"; |
|
$type=strtolower(substr($file["filename"], strrpos($file["filename"], ".")+1)); |
|
if(isset($mime_types[$type])){ |
$mime=$mime_types[$type]; |
} |
else{ |
$mime=$mime_types["default"]; |
} |
|
list($mime, $file) = phorum_hook("file", array($mime, $file)); |
|
ob_end_clean(); |
|
header("Content-Type: $mime"); |
header("Content-Disposition: filename=\"{$file['filename']}\""); |
|
echo base64_decode($file["file_data"]); |
|
exit(); |
} |
|
?> |