function index()
{
$mfile = new Model_File();
if (isset($_GET["md5"])) {
if (!strpos($_GET["md5"], "/")) {
$data = $mfile->attachFromMD5($_GET["md5"]);
$flag = false;
if ($this->registry["ui"]["id"] == $data[0]["uid"]) {
$flag = true;
}
if (!$flag) {
$right = json_decode($data[0]["right"], true);
foreach ($right as $key => $val) {
if ($key == "frall") {
if ($val > 0) {
$flag = true;
}
}
if ($key == "fg" . $this->registry["ui"]["gid"]) {
if ($val > 0) {
$flag = true;
}
}
if ($key == "user" . $this->registry["ui"]["id"]) {
if ($val > 0) {
$flag = true;
}
}
}
}
if ($flag) {
$fn = $_GET["md5"];
$file = $this->registry["rootPublic"] . $this->registry["path"]["upload"] . $fn;
if (file_exists($file)) {
$data[0]["filename"] = str_replace(" ", "_", $data[0]["filename"]);
header("Content-Type: application/octet-stream");
header("Accept-Ranges: bytes");
header("Content-Length: " . filesize($file));
header("Content-Disposition: attachment; filename=" . $data[0]["filename"]);
readfile($file);
}
}
}
}
if (isset($_GET["filename"])) {
$filename = $_GET["filename"];
if (!strpos($filename, "/")) {
$curdir = $_GET["did"];
$data = $mfile->attachFromName($filename, $curdir);
$flag = false;
if ($this->registry["ui"]["id"] == $data[0]["uid"]) {
$flag = true;
}
if (!$flag) {
$right = json_decode($data[0]["right"], true);
foreach ($right as $key => $val) {
if ($key == "frall") {
if ($val > 0) {
$flag = true;
}
}
if ($key == "fg" . $this->registry["ui"]["gid"]) {
if ($val > 0) {
$flag = true;
}
}
if ($key == "user" . $this->registry["ui"]["id"]) {
if ($val > 0) {
$flag = true;
}
}
}
}
if ($flag) {
$fn = $data[0]["md5"];
$file = $this->registry["rootPublic"] . $this->registry["path"]["upload"] . $fn;
if (file_exists($file)) {
$filename = str_replace(" ", "_", $filename);
header("Content-Type: application/octet-stream");
header("Accept-Ranges: bytes");
header("Content-Length: " . filesize($file));
header("Content-Disposition: attachment; filename=" . $filename);
readfile($file);
}
}
}
}
exit;
}