diff -r 000000000000 -r d970ebf37754 wp/wp-content/plugins/wp-filemanager/incl/libfile.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/wp/wp-content/plugins/wp-filemanager/incl/libfile.php Wed Nov 06 03:21:17 2013 +0000 @@ -0,0 +1,75 @@ +"; +print_r($_GET); +echo "";*/ +/*if ($AllowDownload || $AllowView) +{ +//echo "Download Allowed"; +/* if (is_file("../../../" . $home_directory . $wp_fileman_path.$filename)) + { + echo "File Found"; + } + else + { + echo "Path : " . $home_directory . " & ".$wp_fileman_path . " & " .$filename; + } + */ + /*if (isset($_GET['filename']) && isset($_GET['action']) && is_file($home_directory.$wp_fileman_path.$filename) || is_file("../../../".$home_directory.$wp_fileman_path.$filename)) + { +// echo "file found"; + if (is_file($home_directory.$wp_fileman_path.$filename) && !strstr($home_directory, "./") && !strstr($home_directory, ".\\")) + $fullpath = $home_directory.$wp_fileman_path.$filename; + else if (is_file("../../../".$home_directory.$wp_fileman_path.$filename)) + $fullpath = "../../../".$home_directory.$wp_fileman_path.$filename; +//echo $fullpath; + if (!$AllowDownload && $AllowView && !is_viewable_file($filename)) + { + print "$StrAccessDenied"; + exit(); + } + header("Content-Type: ".get_mimetype($filename)); + header("Content-Length: ".filesize($fullpath)); + if ($_GET['action'] == "download"); + header("Content-Disposition: attachment; filename=$filename"); + readfile($fullpath); + } + else + print "$StrDownloadFail"; +}*/ +?> \ No newline at end of file