|
0
|
1 |
<?php |
|
|
2 |
die() |
|
|
3 |
//Code kept just for reference |
|
|
4 |
#if ( ! defined( 'ABSPATH' ) ) |
|
|
5 |
# die(); |
|
|
6 |
//echo defined('WP_CONTENT_DIR'); |
|
|
7 |
//if (defined(WP_CONTENT_DIR)) |
|
|
8 |
//{ |
|
|
9 |
// include_once(WP_CONTENT_DIR . "/plugins/wp-filemanager/fm.php"); |
|
|
10 |
//} |
|
|
11 |
/* |
|
|
12 |
echo "Hello"; |
|
|
13 |
if (!@include_once("auth.inc.php")) |
|
|
14 |
include_once("auth.inc.php"); |
|
|
15 |
include("../conf/config.inc.php"); |
|
|
16 |
include("./functions.inc.php"); |
|
|
17 |
include("../lang/$language.inc.php"); |
|
|
18 |
//echo "Download : " . $AllowDownload; |
|
|
19 |
//if (function_exists('get_option')) |
|
|
20 |
//{ |
|
|
21 |
// echo "Exists"; |
|
|
22 |
//} |
|
|
23 |
//else |
|
|
24 |
//{ |
|
|
25 |
// echo "Sorry"; |
|
|
26 |
//} |
|
|
27 |
if (isset($_GET['action']) && $_GET['action'] == "download") |
|
|
28 |
{ |
|
|
29 |
session_cache_limiter("public, post-check=50"); |
|
|
30 |
header("Cache-Control: private"); |
|
|
31 |
} |
|
|
32 |
if (isset($session_save_path)) session_save_path($session_save_path); |
|
|
33 |
|
|
|
34 |
if (isset($_GET['path'])) $wp_fileman_path = validate_path($_GET['path']); |
|
|
35 |
if (!isset($wp_fileman_path)) $wp_fileman_path = FALSE; |
|
|
36 |
if ($wp_fileman_path == "./" || $wp_fileman_path == ".\\" || $wp_fileman_path == "/" || $wp_fileman_path == "\\") $wp_fileman_path = FALSE; |
|
|
37 |
if (isset($_GET['filename'])) $filename = basename(stripslashes($_GET['filename'])); |
|
|
38 |
/*echo "<pre>"; |
|
|
39 |
print_r($_GET); |
|
|
40 |
echo "</pre>";*/ |
|
|
41 |
/*if ($AllowDownload || $AllowView) |
|
|
42 |
{ |
|
|
43 |
//echo "Download Allowed"; |
|
|
44 |
/* if (is_file("../../../" . $home_directory . $wp_fileman_path.$filename)) |
|
|
45 |
{ |
|
|
46 |
echo "File Found"; |
|
|
47 |
} |
|
|
48 |
else |
|
|
49 |
{ |
|
|
50 |
echo "Path : " . $home_directory . " & ".$wp_fileman_path . " & " .$filename; |
|
|
51 |
} |
|
|
52 |
*/ |
|
|
53 |
/*if (isset($_GET['filename']) && isset($_GET['action']) && is_file($home_directory.$wp_fileman_path.$filename) || is_file("../../../".$home_directory.$wp_fileman_path.$filename)) |
|
|
54 |
{ |
|
|
55 |
// echo "file found"; |
|
|
56 |
if (is_file($home_directory.$wp_fileman_path.$filename) && !strstr($home_directory, "./") && !strstr($home_directory, ".\\")) |
|
|
57 |
$fullpath = $home_directory.$wp_fileman_path.$filename; |
|
|
58 |
else if (is_file("../../../".$home_directory.$wp_fileman_path.$filename)) |
|
|
59 |
$fullpath = "../../../".$home_directory.$wp_fileman_path.$filename; |
|
|
60 |
//echo $fullpath; |
|
|
61 |
if (!$AllowDownload && $AllowView && !is_viewable_file($filename)) |
|
|
62 |
{ |
|
|
63 |
print "<font color='#CC0000'>$StrAccessDenied</font>"; |
|
|
64 |
exit(); |
|
|
65 |
} |
|
|
66 |
header("Content-Type: ".get_mimetype($filename)); |
|
|
67 |
header("Content-Length: ".filesize($fullpath)); |
|
|
68 |
if ($_GET['action'] == "download"); |
|
|
69 |
header("Content-Disposition: attachment; filename=$filename"); |
|
|
70 |
readfile($fullpath); |
|
|
71 |
} |
|
|
72 |
else |
|
|
73 |
print "<font color='#CC0000'>$StrDownloadFail</font>"; |
|
|
74 |
}*/ |
|
|
75 |
?> |