2010-08-02 12:36:55 +02:00
|
|
|
<?php
|
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
|
|
// ==================================================
|
|
|
|
// Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
|
|
|
|
// Please see http://pandorafms.org for full contribution list
|
|
|
|
|
|
|
|
// This program is free software; you can redistribute it and/or
|
|
|
|
// modify it under the terms of the GNU Lesser General Public License
|
|
|
|
// as published by the Free Software Foundation; version 2
|
|
|
|
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
|
2015-07-22 13:30:45 +02:00
|
|
|
if (! isset($_SESSION['id_usuario'])) {
|
|
|
|
session_start();
|
|
|
|
}
|
|
|
|
|
2010-08-02 12:36:55 +02:00
|
|
|
require_once('functions.php');
|
|
|
|
require_once('functions_filemanager.php');
|
|
|
|
require_once ("config.php");
|
|
|
|
global $config;
|
|
|
|
|
2015-07-22 13:30:45 +02:00
|
|
|
check_login ();
|
|
|
|
|
2012-12-17 14:44:28 +01:00
|
|
|
$auth_method = db_get_value('value', 'tconfig', 'token', 'auth');
|
|
|
|
|
2016-08-16 15:35:02 +02:00
|
|
|
if($auth_method != 'ad')
|
|
|
|
require_once("auth/" . $auth_method . ".php");
|
2012-12-17 14:44:28 +01:00
|
|
|
|
2010-08-02 12:36:55 +02:00
|
|
|
|
|
|
|
|
|
|
|
$styleError = "background:url(\"../images/err.png\") no-repeat scroll 0 0 transparent; padding:4px 1px 6px 30px; color:#CC0000;";
|
|
|
|
|
|
|
|
$file = get_parameter('file', null);
|
2012-12-17 14:44:28 +01:00
|
|
|
|
2011-04-18 17:00:43 +02:00
|
|
|
$file = base64_decode($file);
|
2012-12-17 14:44:28 +01:00
|
|
|
|
2010-08-02 12:36:55 +02:00
|
|
|
$hash = get_parameter('hash', null);
|
|
|
|
|
|
|
|
$testHash = md5($file . $config['dbpass']);
|
|
|
|
|
|
|
|
if ($hash != $testHash) {
|
2012-12-17 14:44:28 +01:00
|
|
|
echo "<h3 style='" . $styleError . "'>" .
|
|
|
|
__('Security error. Please contact the administrator.') .
|
|
|
|
"</h3>";
|
2010-08-02 12:36:55 +02:00
|
|
|
}
|
|
|
|
else if (!empty($file) && !empty($hash)) {
|
2014-09-08 14:17:46 +02:00
|
|
|
//echo $file;
|
|
|
|
if (!file_exists($file))
|
|
|
|
$file = $_SERVER['DOCUMENT_ROOT'] . $file;
|
2012-12-17 14:44:28 +01:00
|
|
|
|
|
|
|
if (!file_exists($file)) {
|
|
|
|
echo "<h3 style='" . $styleError . "'>" .
|
|
|
|
__("File is missing in disk storage. Please contact the administrator.") .
|
|
|
|
"</h3>";
|
2010-08-02 12:36:55 +02:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
header('Content-type: aplication/octet-stream;');
|
|
|
|
header('Content-type: ' . mime_content_type($file) . ';');
|
|
|
|
header("Content-Length: " . filesize($file));
|
2014-04-25 13:07:30 +02:00
|
|
|
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
|
2010-08-02 12:36:55 +02:00
|
|
|
readfile($file);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|