aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authormdima <michele@nt2.it>2012-03-17 08:24:35 +0100
committermdima <michele@nt2.it>2012-03-17 08:24:35 +0100
commitb65f147e3065c389164911cc83746105fd053f4e (patch)
tree1d28db5027a2b2bd7af618e05a5656bdb1a2bb0f /config
parent870ac0b6796f382ed52faa6c9eb026fc58720320 (diff)
downloadpfsense-packages-b65f147e3065c389164911cc83746105fd053f4e.tar.gz
pfsense-packages-b65f147e3065c389164911cc83746105fd053f4e.tar.bz2
pfsense-packages-b65f147e3065c389164911cc83746105fd053f4e.zip
File Manager: Solves an authentication issue in the download function.
See http://forum.pfsense.org/index.php/topic,47248.0.html for details.
Diffstat (limited to 'config')
-rw-r--r--config/filemgr/rbfminc/download.tmp44
1 files changed, 29 insertions, 15 deletions
diff --git a/config/filemgr/rbfminc/download.tmp b/config/filemgr/rbfminc/download.tmp
index 232e90d0..ddc08148 100644
--- a/config/filemgr/rbfminc/download.tmp
+++ b/config/filemgr/rbfminc/download.tmp
@@ -1,22 +1,36 @@
<?php
include "config.php";
include "session.php";
-
-if($user_login == 'ok'){
-
- include "functions.php";
-
- $_GET['file_name'] = urldecode($_GET['file_name']);
- $_GET['p'] = urldecode($_GET['p']);
+require_once('config.inc');
+require("guiconfig.inc");
+include("head.inc");
+include "functions.php";
- if($_GET['file_name'] and $_GET['p']){
- if(file_exists($_GET['p'].$_GET['file_name'])){
- $file = file_get_contents($_GET['p'].$_GET['file_name']);
- $type = wp_check_filetype($_GET['file_name']);
- header('Content-type: {$type[type]}');
- header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"');
- echo $file;
- }
+$_GET['file_name'] = urldecode($_GET['file_name']);
+$_GET['p'] = urldecode($_GET['p']);
+
+if($_GET['file_name'] and $_GET['p']){
+ $filepath = $_GET['p'].$_GET['file_name'];
+ if(file_exists($filepath)){
+ $type = wp_check_filetype($_GET['file_name']);
+ header('Expires: 0');
+ header('Cache-Control: must-revalidate');
+ header('Pragma: public');
+ header('Content-type: {$type[type]}');
+ header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"');
+ header('Content-Length: ' . filesize($filepath));
+ ob_clean();
+ flush();
+ readfile($filepath);
+ exit;
+ }
+ else
+ {
+ echo("file not found");
}
}
+else
+{
+ echo("file unknown");
+}
?> \ No newline at end of file