$attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename']; } else { // Update download count $sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . ' SET download_count = download_count + 1 WHERE attach_id = ' . $attachment['attach_id']; $_CLASS['core_db']->sql_query($sql); } // Determine the 'presenting'-method if ($download_mode == PHYSICAL_LINK) { if (!@is_dir($config['upload_path'])) { trigger_error($_CLASS['core_user']->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']); } redirect($config['upload_path'] . '/' . $attachment['physical_filename']); } else { send_file_to_browser($attachment, $config['upload_path'], $extensions[$attachment['extension']]['display_cat']); exit; } // --------- // FUNCTIONS // function send_file_to_browser($attachment, $upload_dir, $category) { global $_CLASS, $config; $filename = $upload_dir . '/' . $attachment['physical_filename']; if (!@file_exists($filename)) { trigger_error($_CLASS['core_user']->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['FILE_NOT_FOUND_404'], $filename)); } // Determine the Browser the User is using, because of some nasty incompatibilities. // borrowed from phpMyAdmin. :) $user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
} } blog_plugins::plugin_do('download_before_send'); if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && strpos($attachment['mimetype'], 'image') === 0 && strpos(strtolower($user->browser), 'msie') !== false) { wrap_img_in_html(append_sid('./blog.' . $phpEx, 'page=download&id=' . $attachment['attach_id']), $attachment['real_filename']); } else { // Determine the 'presenting'-method if ($download_mode == PHYSICAL_LINK) { // This presenting method should no longer be used if (!@is_dir($phpbb_root_path . $config['upload_path'])) { trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']); } redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']); exit; } else { send_file_to_browser($attachment, $config['upload_path'] . '/blog_mod', $display_cat); exit; } } blog_plugins::plugin_do('download_end'); /** * Wraps an url into a simple html page. Used to display attachments in IE. * this is a workaround for now; might be moved to template system later * direct any complaints to 1 Microsoft Way, Redmond */ function wrap_img_in_html($src, $title) { echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">'; echo '<html>'; echo '<head>'; echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />';
} if (intval($attach_config['allow_ftp_upload'])) { if (trim($attach_config['download_path']) == '') { message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting'); } $url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename']; $redirect_path = $url; } else { $url = $upload_dir . '/' . $attachment['physical_filename']; // $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url)); $redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url; } // Redirect via an HTML form for PITA webservers if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) { header('Refresh: 0; URL=' . $redirect_path); echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>'; exit; } // Behave as per HTTP/1.1 spec for others header('Location: ' . $redirect_path); exit; } else { if (intval($attach_config['allow_ftp_upload'])) { // We do not need a download path, we are not downloading physically send_file_to_browser($attachment, ''); exit; } else { send_file_to_browser($attachment, $upload_dir); exit; } }
SET download_count = download_count + 1 WHERE attachment_id = ' . $attachment['attachment_id']; phpbb::$db->sql_query($sql); // Update download count for the contrib object as well if ($attachment['object_type'] == TITANIA_CONTRIB) { $sql = 'UPDATE ' . TITANIA_CONTRIBS_TABLE . ' SET contrib_downloads = contrib_downloads + 1 WHERE contrib_id = ' . $attachment['object_id']; phpbb::$db->sql_query($sql); } } if (!$thumbnail && $mode === 'view' && strpos($attachment['mimetype'], 'image') === 0 && (strpos(strtolower(phpbb::$user->browser), 'msie') !== false && strpos(strtolower(phpbb::$user->browser), 'msie 8.0') === false)) { wrap_img_in_html(titania_url::build_url('download', array('id' => $attachment['attachment_id'])), $attachment['real_filename']); file_gc(); } else { send_file_to_browser($attachment, titania::$config->upload_path); file_gc(); } /** * Wraps an url into a simple html page. Used to display attachments in IE. * this is a workaround for now; might be moved to template system later * direct any complaints to 1 Microsoft Way, Redmond */ function wrap_img_in_html($src, $title) { echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">'; echo '<html>'; echo '<head>'; echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />'; echo '<title>' . $title . '</title>'; echo '</head>';
function main($action) { global $db, $config, $template, $theme, $user, $lang; global $gen_simple_header, $starttime, $debug; global $cms_config_vars, $cms_page; global $pafiledb_config, $pafiledb_user, $pafiledb_functions; $cat_id = request_var('cat_id', 0); $file_id = request_var('file_id', 0); $action = request_var('action', ''); if (!empty($file_id)) { $file_id = $file_id; } elseif ($file_id == 0 && $action != '') { $file_id_array = array(); $file_id_array = explode('=', $action); $file_id = $file_id_array[1]; } else { message_die(GENERAL_MESSAGE, $lang['File_not_exist']); } $mirror_id = request_var('mirror_id', 0); $sql = 'SELECT * FROM ' . PA_FILES_TABLE . " AS f\n\t\t\tWHERE f.file_id = {$file_id}"; $result = $db->sql_query($sql); //========================================================================= // Id doesn't match with any file in the database another nice error message //========================================================================= if (!($file_data = $db->sql_fetchrow($result))) { message_die(GENERAL_MESSAGE, $lang['File_not_exist']); } $db->sql_freeresult($result); //========================================================================= // Check if the user is authorized to download the file //========================================================================= if (!$this->auth[$file_data['file_catid']]['auth_download']) { if (!$user->data['session_logged_in']) { redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=download&file_id=' . $file_id, true)); } $message = sprintf($lang['Sorry_auth_download'], $this->auth[$file_data['file_catid']]['auth_download_type']); message_die(GENERAL_MESSAGE, $message); } //========================================================================= // Check for hot links // Borrowed from Smartor Album mod, thanks Smartor //========================================================================= $url_referer = !empty($_SERVER['HTTP_REFERER']) ? (string) $_SERVER['HTTP_REFERER'] : ''; if ($pafiledb_config['hotlink_prevent'] && !empty($url_referer)) { $check_referer = explode('?', $url_referer); $check_referer = trim($check_referer[0]); $good_referers = array(); if ($pafiledb_config['hotlink_allowed'] != '') { $good_referers = explode(',', $pafiledb_config['hotlink_allowed']); } $good_referers[] = $config['server_name']; $errored = true; for ($i = 0; $i < sizeof($good_referers); $i++) { $good_referers[$i] = trim($good_referers[$i]); if (!empty($good_referers[$i]) && strstr($check_referer, $good_referers[$i]) !== false) { $errored = false; break; } } if ($errored) { message_die(GENERAL_MESSAGE, $lang['Directly_linked']); } } $sql = 'SELECT * FROM ' . PA_MIRRORS_TABLE . " AS f\n\t\t\tWHERE f.file_id = {$file_id}\n\t\t\tORDER BY mirror_id"; $result = $db->sql_query($sql); $mirrors_data = array(); while ($row = $db->sql_fetchrow($result)) { $mirrors_data[$row['mirror_id']] = $row; } $db->sql_freeresult($result); if (!empty($mirrors_data) && !$mirror_id) { $this->generate_category_nav($file_data['file_catid']); $template->assign_vars(array('L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_MIRRORS' => $lang['Mirrors'], 'L_MIRROR_LOCATION' => $lang['Mirror_location'], 'L_DOWNLOAD' => $lang['Download_file'], 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'FILE_NAME' => $file_data['file_name'], 'DOWNLOAD' => $pafiledb_config['settings_dbname'])); $template->assign_block_vars('mirror_row', array('U_DOWNLOAD' => append_sid('dload.' . PHP_EXT . '?action=download&file_id=' . $file_id . '&mirror_id=-1'), 'MIRROR_LOCATION' => $config['sitename'])); foreach ($mirrors_data as $mir_id => $mirror_data) { $template->assign_block_vars('mirror_row', array('U_DOWNLOAD' => append_sid('dload.' . PHP_EXT . '?action=download&file_id=' . $file_id . '&mirror_id=' . $mir_id), 'MIRROR_LOCATION' => $mirror_data['mirror_location'])); } page_header('', true); $this->display($lang['Download'], 'pa_mirrors_body.tpl'); page_footer(true, '', true); } elseif (!empty($mirrors_data) && $mirror_id == -1 || empty($mirrors_data)) { $real_filename = $file_data['real_name']; //$real_filename = '"' . $file_data['real_name'] . '"'; $physical_filename = $file_data['unique_name']; $upload_dir = !empty($file_data['upload_dir']) ? $file_data['upload_dir'] : $pafiledb_config['upload_dir']; $file_url = $file_data['file_dlurl']; } elseif ($mirror_id > 0 && !empty($mirrors_data[$mirror_id])) { $real_filename = $mirrors_data[$mirror_id]['real_name']; //$real_filename = '"' . $mirrors_data[$mirror_id]['real_name'] . '"'; $physical_filename = $mirrors_data[$mirror_id]['unique_name']; $upload_dir = !empty($mirrors_data[$mirror_id]['upload_dir']) ? $mirrors_data[$mirror_id]['upload_dir'] : $pafiledb_config['upload_dir']; $file_url = $mirrors_data[$mirror_id]['file_dlurl']; } else { message_die(GENERAL_MESSAGE, 'Mirror doesn\'t exist'); } //========================================================================= // Update download counter and the last downloaded date //========================================================================= $current_time = time(); $file_dls = intval($file_data['file_dls']) + 1; $sql = 'UPDATE ' . PA_FILES_TABLE . "\n\t\t\tSET file_dls = {$file_dls}, file_last = {$current_time}\n\t\t\tWHERE file_id = {$file_id}"; $db->sql_query($sql); //========================================================================= // Update downloader Info for the given file //========================================================================= $pafiledb_user->update_downloader_info($file_id); if (!empty($file_url)) { $file_url = !strstr($file_url, '://') && strpos($file_url, DOWNLOADS_PATH) === false ? 'http://' . $file_url : (strpos($file_url, DOWNLOADS_PATH) && !strstr($file_url, '://') ? IP_ROOT_PATH . $file_url : $file_url); pa_redirect($file_url); } else { //========================================================================= // now send the file to the user so he can enjoy it :D //========================================================================= /* if($pafiledb_functions->get_extension($physical_filename) == 'pdf') { $file_url = IP_ROOT_PATH . $upload_dir . $physical_filename; pa_redirect($file_url); } elseif(!send_file_to_browser($real_filename, 'application/force-download', $physical_filename, IP_ROOT_PATH . $upload_dir)) { $file_url = IP_ROOT_PATH . $upload_dir . $physical_filename; pa_redirect($file_url); } */ if ($pafiledb_functions->get_extension($physical_filename) == 'pdf') { $mimetype = 'application/pdf'; } else { $mimetype = 'application/force-download'; } if (!send_file_to_browser($real_filename, $mimetype, $physical_filename, IP_ROOT_PATH . $upload_dir)) { message_die(GENERAL_ERROR, $lang['Error_no_download'] . '<br /><br /><b>404 File Not Found:</b> The File <i>' . $real_filename . '</i> does not exist.'); } } }
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1)); } require TITANIA_ROOT . 'common.' . PHP_EXT; phpbb::$user->add_lang('viewtopic'); // Thank you sun. if (isset($_SERVER['CONTENT_TYPE'])) { if ($_SERVER['CONTENT_TYPE'] === 'application/x-java-archive') { exit; } } else { if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Java') !== false) { exit; } } $revision_id = request_var('id', 0); send_file_to_browser($revision_id, titania::$config->modx_storage_path); file_gc(); /** * Send file to browser */ function send_file_to_browser($attachment, $upload_dir) { $filename = $upload_dir . $attachment; if (!@file_exists($filename)) { trigger_error(phpbb::$user->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf(phpbb::$user->lang['FILE_NOT_FOUND_404'], $filename)); } if (@ob_get_length()) { @ob_end_clean(); } // Now send the File Contents to the Browser $size = @filesize($filename);