|
Server : Apache/2.2.2 (Fedora) System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686 User : apache ( 48) PHP Version : 5.2.9 Disable Function : NONE Directory : /var/www/html/pathumthani_eoffice/application/CA2/ |
Upload File : |
<?php
require_once "config/config.ini.php";
$download_path = "temp";
$filename = $_GET['filename'];
// Detect missing filename
if(!$filename) die("sorry, you must specify a file name to download.");
// Make sure we can't download files above the current directory location.
if(eregi("\.\.", $filename)) die("sorry, you may not download that file.");
$file = str_replace("..", "", $filename);
// Make sure we can't download .ht control files.
if(eregi("\.ht.+", $filename)) die("sorry, you may not download that file.");
// Combine the download path and the filename to create the full path to the file.
$file = "$download_path/$file";
//echo $file."<br>";
// Test to ensure that the file exists.
if(!file_exists($file)) die("sorry, the file doesn't seem to exist.");
// Extract the type of file which will be sent to the browser as a header
$type = filetype($file);
// Get a date and timestamp
$today = date("F j, Y, g:i a");
$time = time();
// Send file headers
header('Pragma: no-cache');
header('Expires: 0');
header("Content-type: $type");
header("Content-Disposition: attachment;filename=$filename");
// Send the file contents.
readfile($file);
?>