<?php session_start(); include 'name_validation.php'; include 'user_validation.php'; $filename = $_GET['filename']; $username = $_SESSION['username']; if (!name_validation($filename, $username)) { $_SESSION['message_return'] = "Username or filename invalid"; header("Location: ./message_return.php"); exit; } if (!user_validation($username)) { $_SESSION['message_return'] = "User not exeist"; header("Location: ./message_return.php"); exit; } $full_path = sprintf("../module2/%s/%s", $username, htmlentities($filename)); if (file_exists($full_path)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($full_path) . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($full_path)); readfile($full_path); exit; } // get from http://php.net/manual/en/function.readfile.php
<?php session_start(); include 'name_validation.php'; $filename = $_SESSION['filename']; $sharename = $_POST['sharename']; $username = $_SESSION['username']; name_validation($filename, $username); name_validation($filename, $sharename); $_SESSION['share_error'] = "success"; include 'user_validation.php'; if (!user_validation($sharename) & $username == $sharename) { $_SESSION['share_error'] == "Share user name invalid."; header("Location: ./share_failure.php"); } $source_path = sprintf("../module2/%s/%s", $username, htmlentities($filename)); $dest_path = sprintf("../module2/%s/%s", $sharename, htmlentities($filename)); if (copy($source_path, $dest_path)) { $_SESSION['message_return'] = "Share success"; header("Location: ./message_return.php"); exit; } else { $_SESSION['message_return'] = "Share failure"; header("Location: ./message_return.php"); exit; }