PageRenderTime 38ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/trunk/get.php

http://kfm.googlecode.com/
PHP | 119 lines | 102 code | 0 blank | 17 comment | 24 complexity | 928b556d34695abebf3aaa7239d44ccb MD5 | raw file
Possible License(s): BSD-3-Clause, LGPL-2.1, Apache-2.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * KFM - Kae's File Manager
    4. 

  4.  *
    5. 

  5.  * get.php - retrieves a specified file
    6. 

  6.  * can also resize an image on demand
    7. 

  7.  *
    8. 

  8.  * @category None
    9. 

  9.  * @package  None
    10. 

  10.  * @author   Kae Verens <kae@verens.com>
    11. 

  11.  * @author   Benjamin ter Kuile <bterkuile@gmail.com>
    12. 

  12.  * @license  docs/license.txt for licensing
    13. 

  13.  * @link     http://kfm.verens.com/
    14. 

  14.  */
    15. 

  15. require_once 'initialise.php';
    16. 

  16. if (isset($_SERVER['REDIRECT_QUERY_STRING'])&&$_SERVER['REDIRECT_QUERY_STRING']) {
    17. 

  17.     $arr = explode(',', $_SERVER['REDIRECT_QUERY_STRING']);
    18. 

  18.     foreach ($arr as $r) {
    19. 

  19.         $arr2           = explode('=', $r);
    20. 

  20.         if(count($arr2)>1)$_GET[$arr2[0]] = $arr2[1];
    21. 

  21.     }
    22. 

  22. }
    23. 

  23. // { rebuild $_GET (in case it's been mangled by something)
    24. 

  24. $uri   = $_SERVER['REQUEST_URI'];
    25. 

  25. if (strpos($uri,'?')===false) $uri=str_replace('/get.php/','/get.php?',$uri);
    26. 

  26. $uri2  = explode('?', $uri);
    27. 

  27. $parts = count($uri2)>1 ? explode('&', $uri2[1]) : array();
    28. 

  28. foreach ($parts as $part) {
    29. 

  29.     $arr = explode('=', $part);
    30. 

  30.     if (!(count($arr)>1)) continue;
    31. 

  31.     list($varname, $varval) = $arr;
    32. 

  32.     $_GET[$varname]         = urldecode($varval);
    33. 

  33. }
    34. 

  34. // }
    35. 

  35. if(isset($_GET['uri'])){
    36. 

  36. 	if (strpos($_GET['uri'], '../')!==false) {
    37. 

  37. 		die('no hacking, thank you');
    38. 

  38. 	}
    39. 

  39. 	$bits=explode('/',$_GET['uri']);
    40. 

  40. 	$fname=array_pop($bits);
    41. 

  41. 	$dir=0;
    42. 

  42. 	$dirs                   = explode(DIRECTORY_SEPARATOR, trim(join('/',$bits), ' '.DIRECTORY_SEPARATOR));
    43. 

  43. 	$subdir                 = kfmDirectory::getInstance(1);
    44. 

  44. 	$startup_sequence_array = array();
    45. 

  45. 	foreach ($dirs as $dirname) {
    46. 

  46. 		$subdir = $subdir->getSubdir($dirname);
    47. 

  47. 		if(!$subdir)break;
    48. 

  48. 		$dir= $subdir->id;
    49. 

  49. 	}
    50. 

  50. 	foreach($subdir->getFiles() as $file){
    51. 

  51. 		if($file->name==$fname){
    52. 

  52. 			$_GET['id']=$file->id;
    53. 

  53. 			break;
    54. 

  54. 		}
    55. 

  55. 	}
    56. 

  56. }
    57. 

  57. $id=@$_GET['id'];
    58. 

  58. if (!is_numeric($id)) {
    59. 

  59.     echo kfm_lang('errorInvalidID');
    60. 

  60.     exit;
    61. 

  61. }
    62. 

  62. $extension = 'unknown';
    63. 

  63. if (isset($_GET['type'])&&$_GET['type']=='thumb') {
    64. 

  64.     $path = WORKPATH.'thumbs/'.$id;
    65. 

  65.     $name = $id;
    66. 

  66. } else {
    67. 

  67.     if (isset($_GET['width'])&&isset($_GET['height'])) {
    68. 

  68.         $width  = (int)$_GET['width'];
    69. 

  69.         $height = (int)$_GET['height'];
    70. 

  70.         $image  = kfmImage::getInstance($id);
    71. 

  71.         if (!$image) {
    72. 

  72.             echo kfm_lang('errorFileIDNotFound', $id);
    73. 

  73.             exit;
    74. 

  74.         }
    75. 

  75. 				if($width>$image->width)$width=$image->width;
    76. 

  76. 				if($height>$image->height)$height=$image->height;
    77. 

  77. 				$h=0;$s=0;$l=0;
    78. 

  78. 				if(isset($_GET['hsl'])){
    79. 

  79. 					list($h,$s,$l)=explode(':',$_GET['hsl']);
    80. 

  80. 				}
    81. 

  81.         $image->setThumbnail($width, $height,$h,$s,$l);
    82. 

  82.         $name      = $image->thumb_id;
    83. 

  83.         $path      = $image->thumb_path;
    84. 

  84.         $extension = $image->getExtension();
    85. 

  85.     } else {
    86. 

  86.         $file = kfmFile::getInstance($id);
    87. 

  87.         if (!$file) {
    88. 

  88.             echo kfm_lang('errorFileIDNotFound', $id);
    89. 

  89.             exit;
    90. 

  90.         }
    91. 

  91.         $path      = $file->path;
    92. 

  92.         $name      = $file->name;
    93. 

  93.         $extension = $file->getExtension();
    94. 

  94.     }
    95. 

  95. }
    96. 

  96. // { headers
    97. 

  97. if (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')) $name = preg_replace('/\./', '%2e', $name, substr_count($name, '.')-1);
    98. 

  98. @set_time_limit(0);
    99. 

  99. header('Cache-Control: max-age = 2592000');
    100. 

  100. header('Expires-Active: On');
    101. 

  101. header('Expires: Fri, 1 Jan 2500 01:01:01 GMT');
    102. 

  102. header('Pragma:');
    103. 

  103. $filesize=filesize($path);
    104. 

  104. header('Content-Length: '.(string)(filesize($path)));
    105. 

  105. if (isset($_GET['forcedownload'])) {
    106. 

  106.     header('Content-Type: force/download');
    107. 

  107.     header('Content-Disposition: attachment; filename="'.$name.'"');
    108. 

  108. } else header('Content-Type: '.Mimetype::get($extension));
    109. 

  109. header('Content-Transfer-Encoding: binary');
    110. 

  110. // }
    111. 

  111. if ($file = fopen($path, 'rb')) { // send file
    112. 

  112.     while ((!feof($file))&&(connection_status()==0)) {
    113. 

  113.         print(fread($file, 1024*8));
    114. 

  114.         flush();
    115. 

  115.     }
    116. 

  116.     fclose($file);
    117. 

  117. }
    118. 

  118. if(file_exists('api/log_retrieved_file.php'))require 'api/log_retrieved_file.php';
    119. 

  119. return((connection_status()==0) and !connection_aborted());
    120. 

  120.