forked from poppyred/1.6.x
/
download.attach.php
executable file
·64 lines (53 loc) · 1.92 KB
/
download.attach.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
include_once('ressources/class.sockets.inc');
include_once('ressources/logs.inc');
include_once('ressources/class.crypt.php');
include_once('ressources/class.user.inc');
if(isset($_GET["path"])){
$sock=new sockets();
if(strpos($_GET["path"],'..')>0){die('HACK: ..');}
$path="{$_GET["org"]}/{$_GET["path"]}";
$file=basename($path);
$sock=new sockets();
$content_type=base64_decode($sock->getFrameWork("cmd.php?mime-type=".base64_encode($path)));
header('Content-type: '.$content_type);
header('Content-Transfer-Encoding: binary');
header("Content-Disposition: attachment; filename=\"$file\"");
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date dans le passé
$fsize = filesize($path);
header("Content-Length: ".$fsize);
ob_clean();
flush();
readfile($path);
//$sock->download_attach($path,$_GET["file"]);
}
if(isset($_GET["xapian-file"])){
if(($_SESSION["uid"]==null) OR ($_SESSION["uid"]==-100)){
$ldap=new clladp();
$pass=$ldap->ldap_password;
}else{
$ct=new user($_SESSION["uid"]);
$pass=$ct->password;
}
$cr=new SimpleCrypt($pass);
$crypted=base64_decode($_GET["xapian-file"]);
$path=$cr->decrypt(base64_decode($_GET["xapian-file"]));
writelogs("Receive crypted file: $path ",__FUNCTION__,__FILE__,__LINE__);
if(!is_file($path)){die();}
if(strpos($path,'..')>0){die('HACK: ..');}
$file=basename($path);
$sock=new sockets();
$content_type=base64_decode($sock->getFrameWork("cmd.php?mime-type=".base64_encode($path)));
header('Content-type: '.$content_type);
header('Content-Transfer-Encoding: binary');
header("Content-Disposition: attachment; filename=\"$file\"");
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date dans le passé
$fsize = filesize($path);
header("Content-Length: ".$fsize);
ob_clean();
flush();
readfile($path);
}
?>