function getDownLoadLink($file){
$file = preg_replace('/\.+\//', '', trim($file));
$file = htmlspecialchars($file);
$filefull = PATH.$file;
global $_LANG;
if (file_exists($filefull)){
$downloaded = cmsCore::fileDownloadCount($file);
$filesize = round(filesize($filefull)/1024, 2);
$link = '<span class="filelink">';
$link .= '<a href="/load/url=-'.base64_encode($file).'" alt="'.$_LANG['FILE_DOWNLOAD'].'">'.basename($file).'</a> ';
$link .= '<span>| '.$filesize.' '.$_LANG['SIZE_KB'].'</span> ';
$link .= '<span>| '.$_LANG['FILE_DOWNLOADED'].': '.cmsCore::spellCount($downloaded, $_LANG['TIME1'], $_LANG['TIME2'], $_LANG['TIME1']).'</span>';
$link .= '</span>';
} else {
$link = $_LANG['FILE'].' "'.$file.'" '.$_LANG['NOT_FOUND'];
}
return $link;
}
public function increaseDownloadCount($fileurl)
{
$downloads = cmsCore::fileDownloadCount($fileurl);
if ($downloads == 0) {
$sql = "INSERT INTO cms_downloads (fileurl, hits) VALUES ('{$fileurl}', '1')";
} else {
$sql = "UPDATE cms_downloads SET hits = hits + 1 WHERE fileurl = '{$fileurl}'";
}
$this->inDB->query($sql);
return true;
}
function files()
{
$inDB = cmsDatabase::getInstance();
global $_LANG;
$do = cmsCore::getInstance()->do;
//============================================================================//
// Скачивание
if ($do == 'view') {
$fileurl = cmsCore::request('fileurl', 'str', '');
if (!$fileurl) {
cmsCore::error404();
}
$fileurl = mb_strpos($fileurl, '-') === 0 ? htmlspecialchars_decode(base64_decode(ltrim($fileurl, '-'))) : $fileurl;
if (mb_strstr($fileurl, '..')) {
cmsCore::error404();
}
if (mb_strstr($fileurl, 'http:/')) {
if (!mb_strstr($fileurl, 'http://')) {
$fileurl = str_replace('http:/', 'http://', $fileurl);
}
}
$downloads = cmsCore::fileDownloadCount($fileurl);
if ($downloads == 0) {
$sql = "INSERT INTO cms_downloads (fileurl, hits) VALUES ('{$fileurl}', '1')";
$inDB->query($sql);
} else {
$sql = "UPDATE cms_downloads SET hits = hits + 1 WHERE fileurl = '{$fileurl}'";
$inDB->query($sql);
}
if (mb_strstr($fileurl, 'http:/')) {
cmsCore::redirect($fileurl);
}
if (file_exists(PATH . $fileurl)) {
header('Content-Disposition: attachment; filename=' . basename($fileurl) . "\n");
header('Content-Type: application/x-force-download; name="' . $fileurl . '"' . "\n");
header('Location:' . $fileurl);
cmsCore::halt();
} else {
cmsCore::halt($_LANG['FILE_NOT_FOUND']);
}
}
//============================================================================//
if ($do == 'redirect') {
$url = str_replace(array('--q--', ' '), array('?', '+'), cmsCore::request('url', 'str', ''));
if (!$url) {
cmsCore::error404();
}
$url = mb_strpos($url, '-') === 0 ? htmlspecialchars_decode(base64_decode(ltrim($url, '-'))) : $url;
if (mb_strstr($url, '..')) {
cmsCore::error404();
}
if (mb_strstr($url, 'http:/')) {
if (!mb_strstr($url, 'http://')) {
$url = str_replace('http:/', 'http://', $url);
}
}
if (mb_strstr($url, 'https:/')) {
if (!mb_strstr($url, 'https://')) {
$url = str_replace('https:/', 'https://', $url);
}
}
// кириллические домены
$url_host = parse_url($url, PHP_URL_HOST);
if (preg_match('/^[а-яё]+/iu', $url_host)) {
cmsCore::loadClass('idna_convert');
$IDN = new idna_convert();
$host = $IDN->encode($url_host);
$url = str_ireplace($url_host, $host, $url);
}
cmsCore::redirect($url);
}
//============================================================================//
}
private function getFileValue($form_field)
{
$link = '';
if (array_key_exists($form_field['id'], $this->values)) {
$field_value = $this->values[$form_field['id']];
global $_LANG;
if (is_file(PATH . $field_value['url'])) {
$downloaded = cmsCore::fileDownloadCount($field_value['url']);
$filesize = round(filesize(PATH . $field_value['url']) / 1024, 2);
$link = '<span class="filelink">';
$link .= '<a href="/load/url=-' . base64_encode($field_value['url']) . '" alt="' . $_LANG['FILE_DOWNLOAD'] . '">' . $field_value['name'] . '</a> ';
$link .= '<span>| ' . $filesize . ' ' . $_LANG['SIZE_KB'] . '</span> ';
$link .= '<span>| ' . $_LANG['FILE_DOWNLOADED'] . ': ' . cmsCore::spellCount($downloaded, $_LANG['TIME1'], $_LANG['TIME2'], $_LANG['TIME1']) . '</span>';
$link .= '</span>';
}
}
return $link;
}
