firstlord18
Erfahrenes Mitglied
meins sieht nun so aus, stellt das ein Problem dar?:
PHP:
/* Get path: */
$file = ( isset($_GET['file']) && basename(urldecode($_GET['file'])) != '' )
? basename(urldecode($_GET['file'])) : null;
$dir = ( isset($_GET['dir']) && urldecode($_GET['dir']) != '' && urldecode($_GET['dir']) != '/' )
? urldecode($_GET['dir']) : null;
/* Remove ending '/' from path: */
$len = strlen($dir);
if($dir{$len-1} == '/')
$dir = substr($dir, 0, ($len-1));
/* delete ../ and .., so that it's not possible to download any file from server: */
if(trim($dir) == "..") {
$dir = str_replace("..", "", $dir);
}
$dir = str_replace("../", "", $dir);
if(!is_null($file) && !is_null($dir))
$fpath = $dir.'/'.$file;
elseif(!is_null($file) && is_null($dir))
$fpath = $file;
else
$fpath = '';
// no file was given
if( is_null($file) ) {
#header('HTTP/1.1 406 Not Acceptable', true);
echo '<p class="error">There is no file to download!</p>';
exit;
}
// file doesn't exist
if( !file_exists($fpath) || !is_file($fpath) ) {
#header('HTTP/1.1 404 Not Found', true);
echo '<p class="error">The file you want to download does not exist!</p>';
exit;
}
// file isn't readable
if( !is_readable($fpath) ) {
#header('HTTP/1.1 500 Internal Server Error', true);
echo '<p class="error">Server error occured!</p>';
exit;
}
// additional header things
$headerFields = array(
'Content-Type' => 'octet-stream',
'Content-Disposition' => 'attachment; filename="'.$fpath.'"',
'Content-Length' => filesize($fpath)
);
foreach( $headerFields as $key => $value ) {
header($key.': '.$value);
}
// give out of file contents
readfile($fpath);
exit;
Zuletzt bearbeitet:
