function copy_attach($ATTACHMENT_ID, $ATTACHMENT_NAME, $MODULE_SRC = "", $MODULE_DESC = "")
{
global $ATTACH_PATH;
global $ATTACH_PATH2;
if (stristr($ATTACHMENT_ID, "/") || stristr($ATTACHMENT_ID, "\\") || stristr($ATTACHMENT_NAME, "/") || stristr($ATTACHMENT_NAME, "\\")) {
message("错误", "参数含有非法字符。");
exit;
}
if ($MODULE_SRC == "") {
$MODULE_SRC = attach_sub_dir();
}
if ($MODULE_DESC == "") {
$MODULE_DESC = attach_sub_dir();
}
$YM_NEW = date("ym", time());
$PATH_NEW = $ATTACH_PATH2 . $MODULE_DESC;
if (!file_exists($PATH_NEW)) {
mkdir($PATH_NEW, 448);
}
$PATH_NEW = $PATH_NEW . "/" . $YM_NEW;
if (!file_exists($PATH_NEW)) {
mkdir($PATH_NEW, 448);
}
$ATTACHMENT_ID_ARRAY = explode(",", $ATTACHMENT_ID);
$ATTACHMENT_NAME_ARRAY = explode("*", $ATTACHMENT_NAME);
$I = 0;
for (; $I < count($ATTACHMENT_ID_ARRAY); ++$I) {
if (!($ATTACHMENT_ID_ARRAY[$I] == "")) {
if (strstr($ATTACHMENT_ID_ARRAY[$I], "_")) {
$YM = substr($ATTACHMENT_ID_ARRAY[$I], 0, strpos($ATTACHMENT_ID_ARRAY[$I], "_"));
$PATH = $ATTACH_PATH2 . $MODULE_SRC . "/" . $YM;
$ATTACHMENT_ID = substr($ATTACHMENT_ID_ARRAY[$I], strpos($ATTACHMENT_ID_ARRAY[$I], "_") + 1);
if (strstr($ATTACHMENT_ID, ".")) {
$ATTACHMENT_ID = substr($ATTACHMENT_ID, 0, strpos($ATTACHMENT_ID, "."));
}
$FILENAME = $PATH . "/" . $ATTACHMENT_ID . "." . $ATTACHMENT_NAME_ARRAY[$I];
if (!file_exists($FILENAME)) {
$ATTACHMENT_ID = attach_id_decode($ATTACHMENT_ID, $ATTACHMENT_NAME_ARRAY[$I]);
$FILENAME = $PATH . "/" . $ATTACHMENT_ID . "." . $ATTACHMENT_NAME_ARRAY[$I];
}
$SIGN_KEY = attach_id_encode($ATTACHMENT_ID, $ATTACHMENT_NAME_ARRAY[$I]);
} else {
$ATTACHMENT_ID = $ATTACHMENT_ID_ARRAY[$I];
$PATH = $ATTACH_PATH . $ATTACHMENT_ID;
$FILENAME = $PATH . "/" . $ATTACHMENT_NAME_ARRAY[$I];
if (!file_exists($FILENAME)) {
$ATTACHMENT_ID = attach_id_decode($ATTACHMENT_ID_ARRAY[$I], $ATTACHMENT_NAME_ARRAY[$I]);
$PATH = $ATTACH_PATH . $ATTACHMENT_ID;
$FILENAME = $PATH . "/" . $ATTACHMENT_NAME_ARRAY[$I];
}
$SIGN_KEY = $ATTACHMENT_ID * 3 + 2;
}
if (strstr($ATTACHMENT_ID_ARRAY[$I], ".")) {
$SIGN_KEY = substr($ATTACHMENT_ID_ARRAY[$I], strpos($ATTACHMENT_ID_ARRAY[$I], ".") + 1);
}
$ATTACHMENT_ID_NEW = mt_rand();
$FILENAME_NEW = $PATH_NEW . "/" . $ATTACHMENT_ID_NEW . "." . $ATTACHMENT_NAME_ARRAY[$I];
if (file_exists($FILENAME_NEW)) {
$ATTACHMENT_ID_NEW = mt_rand();
$FILENAME_NEW = $PATH_NEW . "/" . $ATTACHMENT_ID_NEW . "." . $ATTACHMENT_NAME_ARRAY[$I];
}
if (is_office($ATTACHMENT_NAME_ARRAY[$I])) {
$ATTACHMENT_ID_STR .= $YM_NEW . "_" . $ATTACHMENT_ID_NEW . "." . $SIGN_KEY . ",";
} else {
$ATTACHMENT_ID_STR .= $YM_NEW . "_" . $ATTACHMENT_ID_NEW . ",";
}
if (file_exists($FILENAME)) {
@copy($FILENAME, $FILENAME_NEW);
}
}
}
return substr($ATTACHMENT_ID_STR, 0, -1);
}
include_once "../../config.inc.php";
include_once "utility_file.php";
//?MODULE=TDLIB&YM=1103&ATTACHMENT_ID=113270745&ATTACHMENT_NAME=0000.jpg
$MODULE = $_GET['MODULE'];
$YM = $_GET['YM'];
$ATTACHMENT_ID = $_GET['ATTACHMENT_ID'];
$ATTACHMENT_NAME = $_GET['ATTACHMENT_NAME'];
$FB_STR1 = urldecode($ATTACHMENT_NAME);
if (strstr($FB_STR1, "/") || strstr($FB_STR1, "\\")) {
exit;
}
if ($ATTACH_PATH2 == '') {
$ATTACH_PATH2 = ROOT_DIR . substr($_SERVER['SCRIPT_NAME'], 1, strpos($_SERVER['SCRIPT_NAME'], $MODULE) - 1);
}
$ATTACHMENT_ID_OLD = $ATTACHMENT_ID;
$ATTACHMENT_ID = attach_id_decode($ATTACHMENT_ID, $ATTACHMENT_NAME);
$MYOA_ATTACHMENT_NAME = $ATTACHMENT_NAME;
if ($MODULE != "" && $YM != "") {
$URL = $ATTACH_PATH2 . $MODULE . "/attachment/" . $YM . "/" . $ATTACHMENT_ID . "." . $ATTACHMENT_NAME;
} else {
$URL = $ATTACH_PATH . $ATTACHMENT_ID . "/" . $ATTACHMENT_NAME;
}
if (!file_exists($URL)) {
if ($MODULE == "" && $YM == "") {
$ATTACHMENT_ID = ($ATTACHMENT_ID_OLD - 2) / 3;
$URL = $ATTACH_PATH . $ATTACHMENT_ID . "/" . $ATTACHMENT_NAME;
if (!file_exists($URL)) {
require_once 'function_system.php';
page_css("抱歉,您所访问的文件不存在,可能已经被删除或转移,请联系OA管理员。");
echo "文件名:" . $MYOA_ATTACHMENT_NAME . "<br>抱歉,您所访问的文件不存在,可能已经被删除或转移,请联系OA管理员。<br>";
button_back();
