From a9aa438ea0558eb0044cf1e54a9190ddb41b65e5 Mon Sep 17 00:00:00 2001 From: cassio Date: Tue, 2 Jul 2013 09:44:46 +0400 Subject: restructuring of boca's git --- boca-1.5.2/src/filedownload.php | 114 ---------------------------------------- 1 file changed, 114 deletions(-) delete mode 100644 boca-1.5.2/src/filedownload.php (limited to 'boca-1.5.2/src/filedownload.php') diff --git a/boca-1.5.2/src/filedownload.php b/boca-1.5.2/src/filedownload.php deleted file mode 100644 index 92de694..0000000 --- a/boca-1.5.2/src/filedownload.php +++ /dev/null @@ -1,114 +0,0 @@ -. -//////////////////////////////////////////////////////////////////////////////// -// modified 21/july/2012 by cassio@ime.usp.br -ob_start(); -session_start(); -require_once("globals.php"); - -if(!ValidSession()) { - echo "Download Page"; - InvalidSession("filedownload.php"); - ForceLoad("index.php"); -} - -if(!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || - !isset($_GET["check"]) || $_GET["check"]=="") { - echo "Download Page"; - IntrusionNotify("Bad parameters in filedownload.php"); - ForceLoad("index.php"); -} - -$cf = globalconf(); -$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]); - -if(isset($_GET["msg"])) - $p = myhash($_GET["oid"] . $fname . rawurldecode($_GET["msg"]) . session_id() . $cf["key"]); -else - $p = myhash($_GET["oid"] . $fname . session_id() . $cf["key"]); - -if($p != $_GET["check"]) { - echo "View Page"; - IntrusionNotify("Parameters modified in filedownload.php. "); - ForceLoad("index.php"); -} - -require_once("db.php"); - -if ($_GET["oid"]>=0) { - $c = DBConnect(); - DBExec($c, "begin work"); - - if (($lo = DB_lo_open ($c, $_GET["oid"], "r")) === false) { - echo "Download Page"; - DBExec($c, "rollback work"); - LOGError ("Unable to download file (" . basename($fname) . ")"); - MSGError ("Unable to download file (" . basename($fname) . ")"); - ForceLoad("index.php"); - } - - header ("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); - header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); - header ("Cache-Control: no-cache, must-revalidate"); - header ("Pragma: no-cache"); - header ("Content-transfer-encoding: binary\n"); - header ("Content-type: application/force-download"); -//header ("Content-type: application/octet-stream"); -//if (strstr($_SERVER["HTTP_USER_AGENT"], "MSIE")) -// header("Content-Disposition: filename=" .$_GET["filename"]); // For IE -//else - header ("Content-Disposition: attachment; filename=" . basename($fname)); - ob_end_flush(); - - if (DB_lo_read_tobrowser ($_SESSION["usertable"]["contestnumber"],$lo) === false) { - echo "Download Page"; - DBExec($c, "rollback work"); - LOGError ("Unable to download file (" . basename($fname) . ")"); - MSGError ("Unable to download file (" . basename($fname) . ")"); - ForceLoad("index.php"); - } - DB_lo_close($lo); - - DBExec($c, "commit work"); - DBClose($c); -} else { - header ("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); - header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); - header ("Cache-Control: no-cache, must-revalidate"); - header ("Pragma: no-cache"); -//header ("Content-type: application/octet-stream"); -//if (strstr($_SERVER["HTTP_USER_AGENT"], "MSIE")) -// header("Content-Disposition: filename=" .$_GET["filename"]); // For IE -//else - header ("Content-Disposition: attachment; filename=" . basename($fname)); - - if (($str=file_get_contents($fname))===false) { - header ("Content-type: text/html"); - echo "Download Page"; - MSGError ("Unable to open file (" . basename($fname) . ")"); - LOGError ("Unable to open file (" . basename($fname) . ")"); - ForceLoad('index.php'); - exit; - } else { - header ("Content-transfer-encoding: binary\n"); - header ("Content-type: application/force-download"); - echo decryptData($str, $cf["key"]); - } - ob_end_flush(); -} - -?> -- cgit v1.2.3