function check_mime_type($mime, $this_is_image, $file_path)
{
//This code for images only
//it's must be improved for all files in future !
if ($this_is_image == false) {
return true;
}
$return = false;
$s_items = @explode(':', 'image:png:jpg:gif:bmp:jpeg');
foreach ($s_items as $r) {
if (strpos($mime, $r) !== false) {
$return = true;
break;
}
}
//onther check
//$w = @getimagesize($file_path);
//$return = ($w && (strpos($w['mime'], 'image') !== false)) ? true : false;
//another check
if ($return == true) {
if (@kleeja_filesize($file_path) > 4 * (1000 * 1024)) {
return true;
}
//check for bad things inside files ...
//<.? i cant add it here cuz alot of files contain it
$maybe_bad_codes_are = array('<script', 'zend', 'base64_decode');
if (!($data = @file_get_contents($file_path))) {
return true;
}
foreach ($maybe_bad_codes_are as $i) {
if (strpos(strtolower($data), $i) !== false) {
$return = false;
break;
}
}
}
($hook = kleeja_run_hook('kleeja_check_mime_func')) ? eval($hook) : null;
//run hook
return $return;
}
#end login
//ummm let's say it's illegal action
if ($_SERVER['REQUEST_METHOD'] == 'POST' && defined('STOP_CSRF')) {
$t_reff = explode('/', $_SERVER['HTTP_REFERER']);
$t_host = explode('/', $_SERVER['HTTP_HOST']);
if ($t_reff[2] != $t_host[0]) {
$usrcp->logout_cp();
if (isset($_GET['_ajax_'])) {
//echo_ajax(999, '');
}
redirect($config['siteurl']);
$SQL->close();
exit;
}
}
$gt = kleeja_filesize(PATH . 'includes/st' . 'yl' . 'e.php');
if (!empty($gt) && $gt != 10235) {
exit(kleeja_base64_decode('V2hlcmUgVGhlIENvcHlyaWdodHMgOikgLi4u'));
}
!defined('LAST_VISIT') ? define('LAST_VISIT', time() - 3600 * 12) : '';
//last visit
$last_visit = defined('LAST_VISIT') && preg_match('/[0-9]{10}/', LAST_VISIT) ? kleeja_date(LAST_VISIT) : false;
//path of admin extensions
$path_adm = PATH . 'includes/adm';
//exception extentions
$ext_expt = array();
$ext_expt[] = 'start';
$ext_expt[] = 'php_info';
$ext_expt[] = 'b_lgoutcp';
$ext_expt[] = 'i_exts';
//confirm msgs
if (defined('MAKE_DOPHP_301_HEADER')) {
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $path_file);
exit;
}
//start download ,,
if (!is_readable($path_file)) {
($hook = kleeja_run_hook('down_file_not_exists')) ? eval($hook) : null;
//run hook
if ($is_image) {
$path_file = 'images/not_exists.jpg';
} else {
big_error($lang['FILE_NO_FOUNDED'], $lang['NOT_FOUND']);
}
}
if (!($size = @kleeja_filesize($path_file))) {
$size = $d_size;
}
$name = empty($rn) ? $n : $rn;
if (is_browser('mozilla')) {
$h_name = "filename*=UTF-8''" . rawurlencode(htmlspecialchars_decode($name));
} else {
if (is_browser('opera, safari, konqueror')) {
$h_name = 'filename="' . str_replace('"', '', htmlspecialchars_decode($name)) . '"';
} else {
$h_name = 'filename="' . rawurlencode(htmlspecialchars_decode($name)) . '"';
}
}
//Figure out the MIME type (if not specified)
$ext = array_pop(explode('.', $path_file));
$mime_type = get_mime_for_header($ext);
