2010-08-02 12:36:55 +02:00
|
|
|
<?php
|
2022-06-06 16:35:02 +02:00
|
|
|
/**
|
|
|
|
|
* Get File script
|
|
|
|
|
*
|
|
|
|
|
* @category File manager
|
|
|
|
|
* @package Pandora FMS
|
|
|
|
|
* @subpackage Community
|
|
|
|
|
* @version 1.0.0
|
|
|
|
|
* @license See below
|
|
|
|
|
*
|
|
|
|
|
* ______ ___ _______ _______ ________
|
|
|
|
|
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
|
|
|
|
|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
|
|
|
|
|
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
|
|
|
|
|
*
|
|
|
|
|
* ============================================================================
|
|
|
|
|
* Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
|
|
|
|
|
* Please see http://pandorafms.org for full contribution list
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation for version 2.
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
* ============================================================================
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
// Get global data.
|
2019-01-30 16:18:44 +01:00
|
|
|
require_once 'config.php';
|
|
|
|
|
require_once 'functions.php';
|
|
|
|
|
require_once 'functions_filemanager.php';
|
2018-11-21 13:08:58 +01:00
|
|
|
|
2010-08-02 12:36:55 +02:00
|
|
|
global $config;
|
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
check_login();
|
2015-07-22 13:30:45 +02:00
|
|
|
|
2012-12-17 14:44:28 +01:00
|
|
|
$auth_method = db_get_value('value', 'tconfig', 'token', 'auth');
|
|
|
|
|
|
2022-06-06 16:35:02 +02:00
|
|
|
if ($auth_method !== 'ad' && $auth_method !== 'ldap') {
|
2019-01-30 16:18:44 +01:00
|
|
|
include_once 'auth/'.$auth_method.'.php';
|
2018-11-19 16:33:27 +01:00
|
|
|
}
|
2010-08-02 12:36:55 +02:00
|
|
|
|
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
$styleError = 'background:url("../images/err.png") no-repeat scroll 0 0 transparent; padding:4px 1px 6px 30px; color:#CC0000;';
|
2010-08-02 12:36:55 +02:00
|
|
|
|
2020-01-07 17:31:14 +01:00
|
|
|
$file_raw = get_parameter('file', null);
|
2012-12-17 14:44:28 +01:00
|
|
|
|
2020-01-07 17:31:14 +01:00
|
|
|
$file = base64_decode(urldecode($file_raw));
|
2012-12-17 14:44:28 +01:00
|
|
|
|
2010-08-02 12:36:55 +02:00
|
|
|
$hash = get_parameter('hash', null);
|
|
|
|
|
|
2021-06-08 14:21:33 +02:00
|
|
|
if ($file === '' || $hash === '' || $hash !== md5($file_raw.$config['server_unique_identifier']) || !isset($_SERVER['HTTP_REFERER'])) {
|
2019-01-30 16:18:44 +01:00
|
|
|
echo "<h3 style='".$styleError."'>".__('Security error. Please contact the administrator.').'</h3>';
|
2020-01-07 17:31:14 +01:00
|
|
|
} else {
|
|
|
|
|
$downloadable_file = '';
|
|
|
|
|
$parse_all_queries = explode('&', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY));
|
|
|
|
|
$parse_sec2_query = explode('=', $parse_all_queries[1]);
|
2020-05-12 18:01:47 +02:00
|
|
|
// Metaconsole have a route distinct than node.
|
2020-05-12 08:43:16 +02:00
|
|
|
$main_file_manager = (is_metaconsole() === true) ? 'advanced/metasetup' : 'godmode/setup/file_manager';
|
2020-05-12 18:01:47 +02:00
|
|
|
$main_collections = (is_metaconsole() === true) ? 'advanced/collections' : 'enterprise/godmode/agentes/collections';
|
2020-01-07 17:31:14 +01:00
|
|
|
if ($parse_sec2_query[0] === 'sec2') {
|
|
|
|
|
switch ($parse_sec2_query[1]) {
|
2020-05-12 08:43:16 +02:00
|
|
|
case $main_file_manager:
|
2020-07-17 10:01:10 +02:00
|
|
|
case 'operation/snmpconsole/snmp_mib_uploader':
|
2020-01-07 17:31:14 +01:00
|
|
|
$downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/'.$file;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'extensions/files_repo':
|
|
|
|
|
$downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/files_repo/'.$file;
|
|
|
|
|
break;
|
|
|
|
|
|
2021-06-28 18:24:10 +02:00
|
|
|
case 'godmode/servers/plugin':
|
|
|
|
|
$downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/plugin/'.$file;
|
|
|
|
|
break;
|
|
|
|
|
|
2020-05-12 18:01:47 +02:00
|
|
|
case $main_collections:
|
2020-03-05 14:52:04 +01:00
|
|
|
$downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/collection/'.$file;
|
|
|
|
|
break;
|
|
|
|
|
|
2020-01-07 17:31:14 +01:00
|
|
|
default:
|
|
|
|
|
$downloadable_file = '';
|
|
|
|
|
// Do nothing
|
|
|
|
|
break;
|
|
|
|
|
}
|
2019-01-30 16:18:44 +01:00
|
|
|
}
|
|
|
|
|
|
2022-06-06 16:35:02 +02:00
|
|
|
if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) {
|
|
|
|
|
?>
|
|
|
|
|
<div id="mainDiv"></div>
|
|
|
|
|
<script type="text/javascript">
|
|
|
|
|
var refererPath = '<?php echo $_SERVER['HTTP_REFERER']; ?>';
|
|
|
|
|
var errorOutput = '<?php echo __('File is missing in disk storage. Please contact the administrator.'); ?>';
|
|
|
|
|
document.addEventListener('DOMContentLoaded', function () {
|
|
|
|
|
document.getElementById('mainDiv').innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;">
|
|
|
|
|
<input type="hidden" name="errorOutput" value="` + errorOutput + `" />
|
|
|
|
|
</form>`;
|
|
|
|
|
|
|
|
|
|
document.forms['failedReturn'].submit();
|
|
|
|
|
}, false);
|
|
|
|
|
</script>
|
|
|
|
|
<?php
|
2019-01-30 16:18:44 +01:00
|
|
|
} else {
|
|
|
|
|
header('Content-type: aplication/octet-stream;');
|
2020-01-07 17:31:14 +01:00
|
|
|
header('Content-type: '.mime_content_type($downloadable_file).';');
|
|
|
|
|
header('Content-Length: '.filesize($downloadable_file));
|
|
|
|
|
header('Content-Disposition: attachment; filename="'.basename($downloadable_file).'"');
|
|
|
|
|
readfile($downloadable_file);
|
2019-01-30 16:18:44 +01:00
|
|
|
}
|
2010-08-02 12:36:55 +02:00
|
|
|
}
|
