<?php
session_start();
include 'name_validation.php';
include 'user_validation.php';
$filename = $_GET['filename'];
$username = $_SESSION['username'];
if (!name_validation($filename, $username)) {
$_SESSION['message_return'] = "Username or filename invalid";
header("Location: ./message_return.php");
exit;
}
if (!user_validation($username)) {
$_SESSION['message_return'] = "User not exeist";
header("Location: ./message_return.php");
exit;
}
$full_path = sprintf("../module2/%s/%s", $username, htmlentities($filename));
if (file_exists($full_path)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($full_path) . '"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($full_path));
readfile($full_path);
exit;
}
// get from http://php.net/manual/en/function.readfile.php
<?php
session_start();
include 'name_validation.php';
$filename = $_SESSION['filename'];
$sharename = $_POST['sharename'];
$username = $_SESSION['username'];
name_validation($filename, $username);
name_validation($filename, $sharename);
$_SESSION['share_error'] = "success";
include 'user_validation.php';
if (!user_validation($sharename) & $username == $sharename) {
$_SESSION['share_error'] == "Share user name invalid.";
header("Location: ./share_failure.php");
}
$source_path = sprintf("../module2/%s/%s", $username, htmlentities($filename));
$dest_path = sprintf("../module2/%s/%s", $sharename, htmlentities($filename));
if (copy($source_path, $dest_path)) {
$_SESSION['message_return'] = "Share success";
header("Location: ./message_return.php");
exit;
} else {
$_SESSION['message_return'] = "Share failure";
header("Location: ./message_return.php");
exit;
}
