if (!$doc->getFromDB($_GET['docid'])) {
Html::displayErrorAndDie(__('Unknown file'), true);
}
if (!file_exists(GLPI_DOC_DIR . "/" . $doc->fields['filepath'])) {
Html::displayErrorAndDie(__('File not found'), true);
// Not found
}
if ($doc->fields['sha1sum'] && $doc->fields['sha1sum'] != sha1_file(GLPI_DOC_DIR . "/" . $doc->fields['filepath'])) {
Html::displayErrorAndDie(__('File is altered (bad checksum)'), true);
// Doc alterated
} else {
$doc->send();
}
} else {
if (isset($_GET["file"]) && isset($_GET["type"])) {
PluginPositionsPosition::sendFile(GLPI_PLUGIN_DOC_DIR . "/positions/" . $_GET["type"] . "/" . $_GET["file"], $_GET["file"], $_GET["type"]);
} else {
if (isset($_GET["file"])) {
// for other file
$splitter = explode("/", $_GET["file"]);
if (count($splitter) == 2) {
$send = false;
if ($splitter[0] == "_dumps" && Session::haveRight("backup", "w")) {
$send = true;
}
if ($send && file_exists(GLPI_DOC_DIR . "/" . $_GET["file"])) {
Toolbox::sendFile(GLPI_DOC_DIR . "/" . $_GET["file"], $splitter[1]);
} else {
Html::displayErrorAndDie(__('Unauthorized access to this file'), true);
}
} else {
