Exemplo n.º 1
0
 /**
  * Sends attached file to output
  *
  * @param array $input parameters
  * @param array $return metadata parameters
  * @param resource $DB database connection to use
  * @return string 'OK' or some error text
  */
 public static function commentsGetAttached($input, &$return_metadata, $DB)
 {
     // check ID first
     if (($object_id = $input['row_id']) == '') {
         $return_metadata = array('status' => 'ERROR');
         terminate('', 'Bad row ID', 400);
     }
     // check if comment exists
     if ($DB->querySingle("select count(*) from comments where id = '{$object_id}'") == '0') {
         $return_metadata = array('status' => 'ERROR');
         terminate('', 'No comment with this ID', 404);
     }
     // check if file was attached and exists now
     $attached_name = trim($DB->querySingle("select attached_name from comments where id = '{$object_id}'"));
     if ($attached_name == '') {
         terminate('', 'No file attached to this comment', 404);
     }
     $attached_full_name = self::COMMENTS_ATTACHED_DIR . $object_id;
     if (!file_exists($attached_full_name)) {
         terminate('', 'File missing', 500);
     }
     // send file type, according to file internal contents
     $output_name = str_replace('+', '%20', urlencode($attached_name));
     file_to_output($attached_full_name, array('Content-Disposition: attachment; filename="' . $output_name . '"', 'Content-Transfer-Encoding: binary', 'Expires: 0', 'Cache-Control: must-revalidate'));
     exit;
 }
Exemplo n.º 2
0
<?php

chdir('..');
include 'userfiles/_data_common/conf.php';
include_once 'lib/cms.php';
include_once 'lib/common.php';
$_ = '';
$check_regexp = '~^[a-zA-Z0-9_\\-][a-zA-Z0-9_\\-.]*$~';
// whether we should get something from module's help or from main
$path = isset($_GET['path']) && preg_match($check_regexp, $_GET['path']) ? MODULES_DIR . $_GET['path'] . '/help/' : '';
// proxy mode - just redirect file content to the output (useful for images)
$proxy = isset($_GET['proxy']) && preg_match($check_regexp, $_GET['proxy']) ? $_GET['proxy'] : false;
if ($proxy) {
    file_to_output(($path > '' ? $path : 'doc/') . $proxy);
    exit;
}
// check for filename to include
$get = isset($_GET['get']) && preg_match($check_regexp, $_GET['get']) ? $_GET['get'] : '';
// if both path and get are empty, display generated content and FAQ, otherwise get content
if ($path . $get == '') {
    $_ = file_get_contents('doc/useful.html') . '<h3>Справка по модулям</h3>' . create_module_help_links();
} else {
    $full_filename = ($path > '' ? $path : 'doc/') . ($get > '' ? $get : 'help.html');
    $_ = '<div class="btn-group top-right">' . '<a href="./help.php" class="btn btn-info btn-sm" data-button-action="help-to-content">Содержание</a>' . '</div>' . (file_exists($full_filename) ? file_get_contents($full_filename) : '<h3>sorry, no file :-(</h3>');
}
?>
<!doctype html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Справка</title>