public static function returnByFilename($filename) { return returnMIMEType($filename); }
// assign file details to array, for all files or those that match search if (!$findnow || $findnow && $exists !== false) { $file['name'][] = $filename; $file['modified'][] = filemtime($tinybrowser['docroot'] . $editpath . $filename); $file['size'][] = filesize($tinybrowser['docroot'] . $editpath . $filename); // image specific info or general if ($typenow == 'image' && ($imginfo = getimagesize($tinybrowser['docroot'] . $editpath . $filename))) { $file['width'][] = $imginfo[0]; $file['height'][] = $imginfo[1]; $file['dimensions'][] = $imginfo[0] + $imginfo[1]; $file['type'][] = $imginfo['mime']; } else { $file['width'][] = 'N/A'; $file['height'][] = 'N/A'; $file['dimensions'][] = 'N/A'; $file['type'][] = returnMIMEType($filename); } } } } closedir($dh); // generate alert if files deleted if ($deleteqty > 0) { $notify['type'][] = 'success'; $notify['message'][] = sprintf(TB_MSGDELETE, $deleteqty); } elseif ($renameqty > 0) { $notify['type'][] = 'success'; $notify['message'][] = sprintf(TB_MSGRENAME, $renameqty); } elseif ($resizeqty > 0) { $notify['type'][] = 'success'; $notify['message'][] = sprintf(TB_MSGRESIZE, $resizeqty);
$id_attachment = get_parameter("id_attachment", 0); $data = get_db_row("tattachment", "id_attachment", $id_attachment); if (!isset($data)) { echo "No valid attach id"; exit; } $id_kb = $data["id_kb"]; if (!give_acl($config["id_user"], 0, "KR")) { echo "You dont have access to Knoledgue base files"; exit; } // Beware of users trying to get access to attach of Incidents or Projects from here! if ($id_kb == 0) { echo "You dont have access to that file"; exit; } // Allow download file $fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"]; $last_name = $data["filename"]; if (file_exists($fileLocation)) { header('Content-type: aplication/octet-stream;'); header('Content-type: ' . returnMIMEType($fileLocation) . ';'); header("Content-Length: " . filesize($fileLocation)); header('Content-Disposition: attachment; filename="' . $last_name . '"'); readfile($fileLocation); } else { echo "<h1>Error locating file</h1>"; echo "<i>" . $fileLocation . "</i>"; echo "File is missing in disk storage. Please contact the administrator"; exit; }
else { $fileLocation = $config["homedir"]."/attachment/".$data["id_attachment"]."_".$data["filename"]; $last_name = $data["filename"]; } //General check to avoid hacking using wrong id of files if (! $data) { audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser"); require ($general_error); exit; } session_write_close(); // Allow download file $mime = returnMIMEType($fileLocation); //We use a custom function because php functions are not reliable for document office if (file_exists($fileLocation)){ header("Content-Type: $mime;"); header("Content-Length: " . filesize($fileLocation)); header('Content-Disposition: ' . $content_disposition . '; filename="' . $last_name . '"'); // If it's a large file we don't want the script to timeout, so: set_time_limit(0); // If it's a large file, readfile might not be able to do it in one go, so: $chunksize = 1 * (1024 * 256); // how many bytes per chunk if (filesize($fileLocation) > $chunksize) { $handle = fopen($fileLocation, 'rb'); $buffer = '';
$id_src = trim($param[0]); $id = trim($param[1]); //$id = $_GET['id']; //$id_src = $_GET['idsrc']; // $id_src appartient bien au user ? // ouvre un fichier en mode binaire $name = $id; $offset = last_index_of('/', $name); if ($offset != -1) { $name = substr($id, $offset); } // ' in file name if (get_magic_quotes_gpc()) { $id = stripcslashes($id); } $ct = returnMIMEType($name); $db = db_connect($config, "", "", "", "dropbox"); if ($db) { $token_key = ''; $token_secret = ''; $ret = db_get_value($db, "sources", "params", "id='" . $id_src . "'", $value); $xml = simplexml_load_string($value); $params = json_decode(json_encode($xml), TRUE); foreach ($params as $key => $value) { if ($key == 'token_key') { $token_key = $value; } if ($key == 'token_secret') { $token_secret = $value; } }
$data = $id_attachment; } } else { $fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"]; $last_name = $data["filename"]; } } //General check to avoid hacking using wrong id of files if (!$data) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access Downloads browser"); require $general_error; exit; } session_write_close(); // Allow download file $mime = returnMIMEType($fileLocation); //We use a custom function because php functions are not reliable for document office if (file_exists($fileLocation)) { header("Content-Type: {$mime};"); header("Content-Length: " . filesize($fileLocation)); header('Content-Disposition: ' . $content_disposition . '; filename="' . $last_name . '"'); // If it's a large file we don't want the script to timeout, so: set_time_limit(0); // If it's a large file, readfile might not be able to do it in one go, so: $chunksize = 1 * (1024 * 256); // how many bytes per chunk if (filesize($fileLocation) > $chunksize) { $handle = fopen($fileLocation, 'rb'); $buffer = ''; while (!feof($handle)) { $buffer = fread($handle, $chunksize);
/** * displayFeedPhotoGallery * * @return void */ function displayFeedPhotoGallery() { $fcmsError = FCMS_Error::getInstance(); $fcmsDatabase = Database::getInstance($fcmsError); $url = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF']; $urlroot = $url; $pos = strrpos($url, "/"); if ($pos === false) { $pos = strrpos($url, "\\"); } if (!($pos === false)) { $urlroot = substr($url, 0, $pos); } $lastday = time() - 84 * 60 * 60 * 24; // 12 weeks $sql = "SELECT `caption`, p.`user`, `filename`, p.`date`, `name` \n FROM `fcms_gallery_photos` AS p, `fcms_category` As c\n WHERE p.`category` = c.`id` \n AND UNIX_TIMESTAMP(p.`date`) >= ?\n ORDER BY p.`date`"; $rows = $fcmsDatabase->getRows($sql, $lastday); if ($rows === false) { print "Error getting data."; return; } $output = "<?xml version=\"1.0\"?" . "> \n<rss version=\"2.0\"> \n<channel> \n<title>" . getSiteName() . " - " . T_('Photo Gallery') . "</title> \n<link>" . $url . "</link> \n<description>" . getSiteName() . " - " . T_('Photo Gallery') . " " . T_('RSS Feed') . "</description> \n<language>" . T_pgettext('Language Code for this translation', 'lang') . "</language> \n<managingEditor>" . getContactEmail() . "</managingEditor> \n"; if (count($rows) > 0) { foreach ($rows as $line) { $title = htmlentities($line['caption']); if ($title == "") { $title = htmlentities($line['name']); } $output .= "<item><title><![CDATA[{$title}]]></title> \n<pubDate>" . gmdate('D, d M Y H:i:s', strtotime($line['date'])) . " GMT</pubDate> \n<link>" . htmlentities($urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "</link> \n<description><![CDATA[<img src=\"{$urlroot}/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "\" border=\"0\" />]]></description> \n<enclosure url=\"" . $urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "\" type=\"" . returnMIMEType("./gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "\" length=\"" . filesize("./gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "\" /> \n<guid isPermaLink=\"true\"><![CDATA[" . $urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "]]></guid> \n</item> \n"; } } $output .= "</channel></rss>"; echo $output; }