<?php
include "../API.php";
if (file_exists($API['root'] . "xml/config.xml")) {
writeJARDMessage("Welcome to JArD", "This pages shows you have sucessfully installed JArD onto your personal webserver.");
} else {
writeError(9095, parseString(loadString("new_install_welcome")));
}
<?php
include "./API.php";
protectFile("download.php", "", __LINE__);
if (!isset($_GET['f'])) {
echo writeError(9098, loadString("download_no_get"));
die;
}
if (!file_exists($API['root'] . "uploads/" . $_GET['f'])) {
echo writeError(9097, loadString("download_no_exist"));
die;
}
$f = array("filename" => $_GET['f'], "extention" => strtolower(substr(strrchr($_GET['f'], "."), 1)), "basename" => basename($_GET['f']), "filesize" => filesize($_GET['f']), "mimetype" => mime_content_type($API['root'] . "uploads/" . $_GET['f']), "full" => $API['root'] . "uploads/" . $_GET['f']);
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
header("Content-Type: " . $f['mimetype'] . "");
header("Content-Disposition: attachment; filename=\"" . $f['basename'] . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . $f['filesize']);
readfile($f['full']);
function protectFile($file, $key = "", $line = null)
{
if (strpos($_SERVER['PHP_SELF'], $file)) {
if (!empty($key)) {
if (isset($_GET['accesskey'])) {
if ($_GET['accesskey'] == $key) {
return;
}
}
}
$error = parseString(loadString("direct_access_forbidden") . "[dotted]protectFile(\"{$file}\")[/dotted]");
if ($line) {
$error .= parseString(" on line {$line}");
}
$error .= parseString(" in {$file}.");
if (empty($key)) {
$error .= parseString("<br />" . loadString("file_no_accesskey"));
}
echo writeError(9099, $error);
die;
}
}
