enmi-conf.org: wp/wp-content/plugins/wp-filemanager/incl/download.inc.php@d970ebf37754 (annotated)

0 d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	2	/*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	3	Logic has shifted to a different place all together this file can be deleted at later stage
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	4	if ( ! defined( 'ABSPATH' ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	5	die();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	6	if (!@include_once(WP_CONTENT_DIR . "/plugins/wp-filemanager/incl/auth.inc.php"))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	7	include_once(WP_CONTENT_DIR . "/plugins/wp-filemanager/incl/auth.inc.php");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	8	if ($AllowDownload)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	9	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	10	if (isset($_GET['action']) && $_GET['action'] == "download")
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	11	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	12	session_cache_limiter("public, post-check=50");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	13	// header("Cache-Control: private");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	14	// echo "Download";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	15	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	16	//echo "Download";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	17	if (isset($session_save_path))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	18	session_save_path($session_save_path);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	19	if (isset($_GET['path']))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	20	$wp_fileman_path = wp_fileman_validate_path($_GET['path']);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	21	if (!isset($wp_fileman_path))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	22	$wp_fileman_path = FALSE;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	23	if ($wp_fileman_path == "./" \|\| $wp_fileman_path == ".\\" \|\| $wp_fileman_path == "/" \|\| $wp_fileman_path == "\\")
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	24	$wp_fileman_path = FALSE;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	25	if (isset($_GET['filename']))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	26	$filename = basename(stripslashes($_GET['filename']));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	27	//echo "Download";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	28	if (isset($_GET['filename']) && isset($_GET['action']) && is_file($home_directory.$wp_fileman_path.$filename) \|\| is_file("../../../".$home_directory.$wp_fileman_path.$filename))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	29	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	30	//echo "file found";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	31	if (is_file($home_directory.$wp_fileman_path.$filename) && !strstr($home_directory, "./") && !strstr($home_directory, ".\\"))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	32	$fullpath = $home_directory.$wp_fileman_path.$filename;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	33	else if (is_file("../../../".$home_directory.$wp_fileman_path.$filename))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	34	$fullpath = "../../../".$home_directory.$wp_fileman_path.$filename;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	35	echo $fullpath;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	36	if (!$AllowDownload && $AllowView && !wp_fileman_is_viewable_file($filename))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	37	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	38	print "<font color='#CC0000'>$StrAccessDenied</font>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	39	exit();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	40	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	41
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	42	// header("Content-Type: ".get_mimetype($filename));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	43	// header("Content-Length: ".filesize($fullpath));
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	44	// if ($_GET['action'] == "download");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	45	// header("Content-Disposition: attachment; filename=$filename");
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	46
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	47	// readfile($fullpath);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	48	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	49	print "<table class='index' width=500 cellpadding=0 cellspacing=0>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	50	print "<tr>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	51	print "<td class='iheadline' height=21>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	52	print "<font class='iheadline'> $StrDownload \"".htmlentities($filename)."\"</font>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	53	print "</td>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	54	print "<td class='iheadline' align='right' height=21>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	55	print "<font class='iheadline'><a href='$base_url&path=".htmlentities(rawurlencode($wp_fileman_path))."'><img src='" . WP_CONTENT_URL . "/plugins/wp-filemanager/icon/back.gif' border=0 alt='$StrBack'></a></font>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	56	print "</td>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	57	print "</tr>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	58	print "<tr>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	59	print "<td valign='top' colspan=2>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	60	print "<center><br />";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	61	print "$StrDownloadClickLink<br /><br />";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	62	print "<a href='" . WP_CONTENT_URL . "/plugins/wp-filemanager/incl/libfile.php?".SID."&path=".htmlentities(rawurlencode($wp_fileman_path))."&filename=".htmlentities(rawurlencode($filename))."&action=download'>$StrDownloadClickHere <i>\"".htmlentities($filename)."\"</i></a>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	63	print "<br /><br /></center>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	64	print "</td>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	65	print "</tr>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	66	print "</table>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	67	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	68	else
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	69	print "<font color='#CC0000'>$StrAccessDenied</font>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	70	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	71	?>

author	ymh <ymh.work@gmail.com>
	Wed, 06 Nov 2013 03:21:17 +0000
changeset 0	d970ebf37754
permissions	-rw-r--r--