header('HTTP/1.0 200 OK'); header('Content-Length: ' . $link['file_size']); if (!Pingouin_is_viewable($link['mime_type']) || !$cfg['preview'] || $do_download) { header('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); } else { header('Content-Disposition: filename="' . $link['file_name'] . '"'); } header('Content-Type: ' . $link['mime_type']); header('Content-MD5: ' . hex_to_base64($link['md5'])); /* Read encrypted file. */ if ($link['crypted']) { /* Init module */ $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ $md5_key = md5($crypt_key); $iv = Pingouin_crypt_create_iv($md5_key, mcrypt_enc_get_iv_size($m)); /* Init module. */ mcrypt_generic_init($m, $md5_key, $iv); /* Decrypt file. */ $r = fopen(VAR_FILES . $p . $link['md5'], 'r'); while (!feof($r)) { $dec = mdecrypt_generic($m, fread($r, 1024)); print $dec; ob_flush(); } fclose($r); /* Cleanup. */ mcrypt_generic_deinit($m); mcrypt_module_close($m); } else { $r = fopen(VAR_FILES . $p . $link['md5'], 'r');
/** * Decrypt file. * @param $fp_src file path to the file to decrypt. * @param $fp_dst file path to the file to write decrypted file (could be the same). * @param $k string composed of the key and the iv separated by a point ('.') * @return key used to decrypt. a string of length 0 is returned if failed. */ function Pingouin_decrypt_file($fp_src, $fp_dst, $k) { $fs = filesize($fp_src); if ($fs === false || $fs == 0 || extension_loaded('mcrypt') == false) { return false; } /* Init module */ $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ $crypt_key = $k; $md5_key = md5($crypt_key); $iv = Pingouin_crypt_create_iv($md5_key, mcrypt_enc_get_iv_size($m)); /* Decrypt file. */ $r = fopen($fp_src, 'r'); $w = fopen($fp_dst, 'c'); while (!feof($r)) { $dec = mdecrypt_generic($m, fread($r, 1024)); if (fwrite($w, $dec) === false) { return false; } } fclose($r); fclose($w); /* Cleanup. */ mcrypt_generic_deinit($m); mcrypt_module_close($m); return true; }