diff options
-rw-r--r-- | config/filemgr/rbfminc/download.php | 76 |
1 files changed, 48 insertions, 28 deletions
diff --git a/config/filemgr/rbfminc/download.php b/config/filemgr/rbfminc/download.php index 172ec896..88ff1788 100644 --- a/config/filemgr/rbfminc/download.php +++ b/config/filemgr/rbfminc/download.php @@ -1,29 +1,54 @@ <?php +/* + download.php + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org> + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ include_once("auth.inc"); -include "functions.php"; -//Set the cache policy +include("functions.php"); + +// Set the cache policy ob_end_clean(); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Cache-Control: post-check=0, pre-check=0", false); -header("Pragma: no-cache"); -//Gets the parameters +header("Pragma: no-cache"); + +// Gets the parameters $_GET['file_name'] = urldecode($_GET['file_name']); $_GET['p'] = urldecode($_GET['p']); -//Check Authentication + +// Check Authentication $candownload = false; -if (function_exists("session_auth")) - {//pfSense 2.X - $candownload = session_auth();} -else - {//pfSense 1.2.3 - $candownload = htpasswd_backed_basic_auth();} -if ($candownload) -{ - if($_GET['file_name'] and $_GET['p']){ +$candownload = session_auth(); +if ($candownload) { + if (($_GET['file_name']) && ($_GET['p'])) { $filepath = $_GET['p'].$_GET['file_name']; - if(file_exists($filepath)){ - $type = wp_check_filetype($_GET['file_name']); + if (file_exists($filepath)) { + $type = wp_check_filetype($_GET['file_name']); header('Content-type: ' . $type[$_GET['file_name']]); header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"'); header('Content-Length: ' . filesize($filepath)); @@ -31,19 +56,14 @@ if ($candownload) flush(); readfile($filepath); exit; + } else { + echo "File not found"; } - else - { - echo("File not found"); - } - } - else - { - echo("File Unknown"); + } else { + echo "File Unknown"; } +} else { + echo "Session Expired"; } -else -{ - echo("Session Expired"); -} + ?> |