pandorafms/pandora_console/include/get_file.php

<?php
/**
 * Get File script
 *
 * @category   File manager
 * @package    Pandora FMS
 * @subpackage Community
 * @version    1.0.0
 * @license    See below
 *
 *    ______                 ___                    _______ _______ ________
 *   |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
 *  |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
 * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
 *
 * ============================================================================
 * Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
 * Please see http://pandorafms.org for full contribution list
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation for version 2.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * ============================================================================
 */

// Begin.
require_once 'config.php';
require_once 'functions.php';
require_once 'functions_ui.php';
require_once 'functions_filemanager.php';

global $config;

check_login();

$auth_method = db_get_value('value', 'tconfig', 'token', 'auth');

if ($auth_method !== 'ad' && $auth_method !== 'ldap') {
    include_once 'auth/'.$auth_method.'.php';
}

$hash = get_parameter('hash');
$file_raw = get_parameter('file');

$file = base64_decode(urldecode($file_raw));
// Avoid possible inifite loop with referer.
if (isset($_SERVER['HTTP_ORIGIN']) === false || (isset($_SERVER['HTTP_ORIGIN']) === true && $_SERVER['HTTP_REFERER'] === $_SERVER['HTTP_ORIGIN'].$_SERVER['REQUEST_URI'])) {
    $refererPath = ui_get_full_url('index.php');
} else {
    $refererPath = $_SERVER['HTTP_REFERER'];
}

if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$config['server_unique_identifier']) || isset($_SERVER['HTTP_REFERER']) === false) {
    $errorMessage = __('Security error. Please contact the administrator.');
} else {
    $downloadable_file = '';
    $parse_all_queries = explode('&', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY));
    $parse_sec2_query = explode('=', $parse_all_queries[1]);
    // Metaconsole have a route distinct than node.
    $main_file_manager = (is_metaconsole() === true) ? 'advanced/metasetup' : 'godmode/setup/file_manager';
    $main_collections = (is_metaconsole() === true) ? 'advanced/collections' : 'enterprise/godmode/agentes/collections';
    if ($parse_sec2_query[0] === 'sec2') {
        switch ($parse_sec2_query[1]) {
            case $main_file_manager:
            case 'operation/snmpconsole/snmp_mib_uploader':
                $downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/'.$file;
            break;

            case 'extensions/files_repo':
                $downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/files_repo/'.$file;
            break;

            case 'godmode/servers/plugin':
                $downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/plugin/'.$file;
            break;

            case $main_collections:
                $downloadable_file = $_SERVER['DOCUMENT_ROOT'].'/pandora_console/attachment/collection/'.$file;
            break;

            default:
                // Wrong action.
                $downloadable_file = '';
            break;
        }
    }

    if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) {
        $errorMessage = __('File is missing in disk storage. Please contact the administrator.');
    } else {
        // Everything went well.
        header('Content-type: aplication/octet-stream;');
        header('Content-type: '.mime_content_type($downloadable_file).';');
        header('Content-Length: '.filesize($downloadable_file));
        header('Content-Disposition: attachment; filename="'.basename($downloadable_file).'"');
        readfile($downloadable_file);
        return;
    }
}

?>

<script type="text/javascript">
    document.addEventListener('DOMContentLoaded', function () {
        var refererPath = '<?php echo $refererPath; ?>';
        var errorFileOutput = '<?php echo $errorMessage; ?>';
        if(refererPath != ''){
        document.body.innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;">
                    <input type="hidden" name="errorFileOutput" value="` + errorFileOutput + `" />
                    </form>`;

        document.forms['failedReturn'].submit();
        }
    }, false);
</script>