function download_item($dir, $item) { // Security Fix: $item = basename($item); if (!permissions_grant($dir, $item, "read")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (!get_is_file($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["fileexist"]); } if (!get_show_item($dir, $item)) { show_error($item . ": " . $GLOBALS["error_msg"]["accessfile"]); } $abs_item = get_abs_item($dir, $item); _download($abs_item, $item); }
function _download_items($dir, $items) { // check if user selected any items to download _debug("count items: '{$items['0']}'"); if (count($items) == 0) { show_error($GLOBALS["error_msg"]["miscselitems"]); } // check if user has permissions to download // this file if (!_is_download_allowed($dir, $items)) { show_error($GLOBALS["error_msg"]["accessitem"]); } // if we have exactly one file and this is a real // file we directly download it if (count($items) == 1 && get_is_file($dir, $items[0])) { $abs_item = get_abs_item($dir, $items[0]); _download($abs_item, $items[0]); } // otherwise we do the zip download zip_download(get_abs_dir($dir), $items); }