forked from web2project/web2project
-
Notifications
You must be signed in to change notification settings - Fork 0
/
fileviewer.php
99 lines (84 loc) · 2.85 KB
/
fileviewer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
//file viewer
require_once 'base.php';
require_once W2P_BASE_DIR . '/includes/config.php';
require_once W2P_BASE_DIR . '/includes/main_functions.php';
require_once W2P_BASE_DIR . '/includes/db_adodb.php';
$loginFromPage = 'fileviewer.php';
$session = new w2p_System_Session();
$session->start();
$AppUI = is_object($AppUI) ? $AppUI : new w2p_Core_CAppUI();
// check if session has previously been initialised
// if no ask for logging and do redirect
if (!isset($_SESSION['AppUI']) || isset($_GET['logout'])) {
$_SESSION['AppUI'] = new w2p_Core_CAppUI();
$AppUI = &$_SESSION['AppUI'];
$AppUI->setConfig($w2Pconfig);
$AppUI->setStyle();
if ($AppUI->doLogin()) {
$AppUI->loadPrefs(0);
}
// check if the user is trying to log in
if (isset($_POST['login'])) {
$username = w2PgetParam($_POST, 'username', '');
$password = w2PgetParam($_POST, 'password', '');
$redirect = w2PgetParam($_POST, 'redirect', '');
$ok = $AppUI->login($username, $password);
if (!$ok) {
//display login failed message
$uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $w2Pconfig['host_style'];
$AppUI->setMsg('Login Failed', UI_MSG_ERROR);
require W2P_BASE_DIR . '/style/' . $uistyle . '/login.php';
session_unset();
exit;
}
header('Location: fileviewer.php?' . $redirect);
exit;
}
$uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $w2Pconfig['host_style'];
// check if we are logged in
if ($AppUI->doLogin()) {
$AppUI->setUserLocale();
include W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php';
include W2P_BASE_DIR . '/locales/core.php';
setlocale(LC_TIME, $AppUI->user_locale);
$redirect = @$_SERVER['QUERY_STRING'];
if (strpos($redirect, 'logout') !== false) {
$redirect = '';
}
if (isset($locale_char_set)) {
header('Content-type: text/html;charset=' . $locale_char_set);
}
require W2P_BASE_DIR . '/style/' . $uistyle . '/login.php';
session_unset();
session_destroy();
exit;
}
}
$AppUI = &$_SESSION['AppUI'];
include W2P_BASE_DIR . '/locales/core.php';
$file_id = (int) w2PgetParam($_GET, 'file_id', 0);
if (!$file_id) {
$AppUI->setMsg('fileIdError', UI_MSG_ERROR);
$AppUI->redirect();
}
$file = new CFile;
$file->load($file_id);
if (!$file->canView()) {
$AppUI->redirect(ACCESS_DENIED);
}
$exists = $file->getFileSystem()->exists($file->file_project, $file->file_real_filename);
if (!$exists) {
$AppUI->setMsg('fileIdError', UI_MSG_ERROR);
$AppUI->redirect();
}
ob_end_clean();
header('MIME-Version: 1.0');
header('Pragma: ');
header('Cache-Control: public');
header('Content-length: ' . $file->file_size);
header('Content-type: ' . $file->file_type);
header('Content-transfer-encoding: 8bit');
header('Content-disposition: attachment; filename="' . $file->file_name . '"');
$file->getFileSystem()->read($file->file_project, $file->file_real_filename);
flush();