case 'mail_files': $_SESSION['attach_array'] = array(); $_SESSION['num_attach'] = 0; require $email_module['class_path'] . "email.class.inc"; $email = new email(); if (isset($_POST['files'])) { while ($file = smartstrip(array_shift($_POST['files']))) { if ($fs->has_read_permission2($GO_SECURITY->user_id, $file)) { $tmp_file = $GO_CONFIG->tmpdir . md5(uniqid(time())); if ($fs->chroot_copy_r2($file, $tmp_file)) { $filename = basename($file); $extension = get_extension($filename); if (!($type = $filetypes->get_type($extension))) { $type = $filetypes->add_type($extension); } $email->register_attachment($tmp_file, $filename, $fs->chroot_filesize($file), $type['mime']); } } else { $popup_feedback .= access_denied_box(basename($file)); } } echo '<script type="text/javascript" language="javascript">'; echo 'popup("' . $email_module['url'] . 'send.php?email_file=true","' . $GO_CONFIG->composer_width . '","' . $GO_CONFIG->composer_height . '");'; echo '</script>'; } require 'listview.inc'; break; case 'delete': if (isset($_POST['files'])) { for ($i = 0; $i < count($_POST['files']); $i++) { $file = smartstrip($_POST['files'][$i]);
$GO_SECURITY->authenticate(); $GO_MODULES->authenticate('filesystem'); require $GO_CONFIG->class_path . 'filetypes.class.inc'; require_once $GO_CONFIG->class_path . 'filesystem.class.inc'; require_once 'group_folders.inc'; $fs = new filesystem(); $filetypes = new filetypes(); $path = smartstrip($_REQUEST['path']); $group_folders = get_group_folders($GO_SECURITY->user_id, 0); if (is_group_folder($group_folders, $path) || $fs->has_read_permission($GO_SECURITY->user_id, $path) || $fs->has_write_permission($GO_SECURITY->user_id, $path)) { $filename = basename($path); $extension = get_extension($filename); $type = $filetypes->get_type($extension); $browser = detect_browser(); header('Content-Type: ' . $type['mime']); header('Content-Length: ' . $fs->chroot_filesize($path)); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); if ($browser['name'] == 'MSIE') { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $filename . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Content-Type: ' . $type['mime']); header('Pragma: no-cache'); header('Content-Disposition: attachment; filename="' . $filename . '"'); } header('Content-Transfer-Encoding: binary'); $fd = $fs->chroot_fopen($path, 'rb'); while (!feof($fd)) { print fread($fd, 32768);