} include 'include/utils.php'; include 'include/mime_type_lib.php'; if (strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== FALSE || strpos($_POST['path'], './') === 0) { die('wrong path'); } if (strpos($_POST['name'], '/') !== FALSE) { die('wrong path'); } $path = $current_path . $_POST['path']; $name = $_POST['name']; $info = pathinfo($name); if (!in_array(fix_strtolower($info['extension']), $ext)) { die('wrong extension'); } $pdo = new PDO("mysql:dbname={$dbname};host={$host}", $user, $password); $fm = new fileMgr($pdo); $img_size = (string) filesize($path . $name); // Get the image size as string $mime_type = get_file_mime_type($path . $name); // Get the correct MIME type depending on the file. header('Pragma: private'); header('Cache-control: private, must-revalidate'); header("Content-Type: " . $mime_type); // Set the correct MIME type header("Content-Length: " . $img_size); header('Content-Disposition: attachment; filename="' . $name . '"'); readfile($path . $name); $mysqlPath = $fm->getFidByPath($path . $name); $fm->download($mysqlPath['fid'], $_SESSION['uuid']); exit;
?> &file=<?php echo $current_path . $rfm_subfolder . $subdir . $file; ?> " href="docs.google.com;" ><i class=" icon-eye-open"></i></a> <?php } else { ?> <a style="display:none;" class="preview disabled"><i class="icon-eye-open icon-white"></i></a> <?php } ?> <?php $fid = $fm->getFidByPath($current_path . $rfm_subfolder . $subdir . $file); $starFlag = $fm->isFileStard($fid['fid'], $_SESSION['uuid']); ?> <a href="javascript:void('')" id="<?php echo $fid['fid']; ?> " onclick="starFile(this,'<?php if ($starFlag) { echo '取消标星'; } else { echo '标星'; } ?> ')" class="tip-left star-button star-file" title="<?php if ($starFlag) { echo '取消标星';
if (file_exists($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'])) { duplicate_file($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'], $fixed_image_creation_name_to_prepend[$k] . $name . $fixed_image_creation_to_append[$k]); } } } } else { die(lang_Empty_name); } } break; case 'star_file': $path_thumb = $_POST['path_thumb']; $pdo = new PDO("mysql:dbname={$dbname};host={$host}", $user, $password); $user = new userMgr($pdo); $fm = new fileMgr($pdo); $fid = $fm->getFidByPath($path); if (!$fm->isFileStard($fid['fid'], $_SESSION['uuid'])) { if ($a = $fm->star($_SESSION['uuid'], $fid['fid'])) { echo '标星成功'; } else { echo '标星失败'; } } else { $st = $fm->getStarsByUid($_SESSION['uuid']); $realkey = 0; foreach ($st as $key => $value) { if ($value->getFid() == $fid['fid']) { $realkey = $key; break; } }