majid_enter
Member
سلام ميشه بگيد چطور ميتونم توي اذيتور پي اچ پي يك پيج را سيو كنم بايد تحت اچ تي امل باشه من تحت اچ تي امل يعني با پسوند اچ تي امل سيو كردم ولي دستوراتش نشون ذاذه ميشه مثلا اينو ببينيد
<?php
/***************************************************************************
* download_secure.php
* -------------------
* begin : Monday, Apr 1, 2002
* copyright : (C) 2002 Meik Sievertsen
* email : [email protected]
*
* $Id: download_secure.php,v 1.1 2003/01/17 10:11:02 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
//
// Modified Download.php to allow the definition of allowed/denied pages, able/unable to download Attachments
//
if ( defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
define('ALLOWED_DENIED', 0);
define('DENIED_ALLOWED', 1);
//
// From this line on you are able to edit the stuff
//
// Possible Values:
// ALLOWED_DENIED <- First allow the listed sites, and then deny all others
// DENIED_ALLOWED <- First deny the listed sites, and then allow all others
$allow_deny_order = ALLOWED_DENIED;
//
// Allowed Syntax:
// Full Domain Name -> www.opentools.de
// Partial Domain Names -> opentools.de
//
$sites = array(
$board_config['server_name'], // This is your domain
'opentools.de',
'phpbb.com',
'phpbbhacks.com',
'phpbb.de'
);
// This is the message displayed, if someone links to this site...
$lang['Denied_Message'] = 'You are not authorized to view, download or link to this Site.';
// End of editable area
//
// Parse the order and evaluate the array
//
$site = explode('?', $HTTP_SERVER_VARS['HTTP_REFERER']);
$url = trim($site[0]);
//$url = $HTTP_HOST;
if ($url != '')
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? FALSE : TRUE;
for ($i = 0; $i < count($sites); $i++)
{
if (strstr($url, $sites[$i]))
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? TRUE : FALSE;
break;
}
}
}
else
{
$allowed = TRUE;
}
if ($allowed == FALSE)
{
message_die(GENERAL_MESSAGE, $lang['Denied_Message']);
}
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$download_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
}
else
{
$download_id = -1;
}
if( isset($HTTP_POST_VARS['thumb']) || isset($HTTP_GET_VARS['thumb']) )
{
$thumbnail = ( isset($HTTP_POST_VARS['thumb']) ) ? intval($HTTP_POST_VARS['thumb']) : intval($HTTP_GET_VARS['thumb']);
}
else
{
$thumbnail = FALSE;
}
//
// Begin Functions
//
function send_file_to_browser($real_filename, $mimetype, $physical_filename, $upload_dir, $attach_id)
{
global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $db;
if ($upload_dir == '')
{
$filename = $physical_filename;
}
else
{
$filename = $upload_dir . '/' . $physical_filename;
}
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload']))
{
if (@!file_exists(@amod_realpath($filename)))
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br />404 File Not Found: The File " . $filename . " does not exist.");
}
else
{
$gotit = TRUE;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin.
//
if (!empty($_SERVER['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
}
else if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
}
else if (!isset($HTTP_USER_AGENT))
{
$HTTP_USER_AGENT = '';
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[2];
$browser_agent = 'opera';
}
else if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'ie';
}
else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'omniweb';
}
else if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'netscape';
}
else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'mozilla';
}
else if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'konqueror';
}
else
{
$browser_version = 0;
$browser_agent = 'other';
}
//
// Correct the Mime Type, if it's an octetstream
//
if ( ($mimetype == 'application/octet-stream') || ($mimetype == 'application/octetstream') )
{
if ( ($browser_agent == 'ie') || ($browser_agent == 'opera') )
{
$mimetype = 'application/octetstream';
}
else
{
$mimetype = 'application/octet-stream';
}
}
//
// Send out the Headers
//
if ($browser_agent == 'ie')
{
header('Content-Type: ' . $mimetype);
header('Content-Disposition: inline; filename="' . $real_filename . '"');
}
else
{
header('Content-Type: ' . $mimetype . '; name="' . $real_filename . '"');
header('Content-Disposition: attachment; filename=' . $real_filename);
}
//
// Now send the File Contents to the Browser
//
if ($gotit)
{
readfile($filename);
}
else if ((!$gotit) && (intval($attach_config['allow_ftp_upload'])))
{
$conn_id = attach_init_ftp();
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if ( (preg_match("/text/i", $mimetype)) || (preg_match("/html/i", $mimetype)) )
{
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $physical_filename, $mode);
if (!$result)
{
message_die(GENERAL_MESSAGE, 'FTP Download Error');
}
@ftp_quit($conn_id);
readfile($tmp_filename);
@unlink($tmp_filename);
}
else
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br />404 File Not Found: The File " . $filename . " does not exist.");
}
exit();
}
//
// End Functions
//
//
// Start Session Management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if ($download_id == -1)
{
message_die(GENERAL_ERROR, $lang['No_attachment_selected']);
}
if ((intval($attach_config['disable_mod']) == 1) && ($userdata['user_level'] != ADMIN))
{
message_die(GENERAL_MESSAGE, $lang['Attachment_feature_disabled']);
}
$sql = 'SELECT *
FROM ' . ATTACHMENTS_DESC_TABLE . '
WHERE attach_id = ' . intval($download_id);
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
if ($db->sql_numrows($result) == 0)
{
message_die(GENERAL_MESSAGE, $lang['Error_no_attachment']);
}
$attachment = $db->sql_fetchrow($result);
//
// get forum_id for attachment authorization or private message authorization
//
$authorised = FALSE;
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . $attachment['attach_id'];
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
$auth_pages = $db->sql_fetchrowset($result);
$num_auth_pages = $db->sql_numrows($result);
for ($i = 0; $i < $num_auth_pages && $authorised == FALSE; $i++)
{
if (intval($auth_pages[$i]['post_id']) != 0)
{
$sql = 'SELECT forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $auth_pages[$i]['post_id'];
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_id = $row['forum_id'];
$is_auth = array();
$is_auth = auth(AUTH_ALL, $forum_id, $userdata);
if ( $is_auth['auth_download'] && $is_auth['auth_read'] )
{
$authorised = TRUE;
}
}
else
{
if ( (intval($attach_config['allow_pm_attach'])) && ( ($userdata['user_id'] == $auth_pages[$i]['user_id_2']) || ($userdata['user_id'] == $auth_pages[$i]['user_id_1']) ) || ($userdata['user_level'] == ADMIN) )
{
$authorised = TRUE;
}
}
}
if (!$authorised)
{
message_die(GENERAL_MESSAGE, $lang['Sorry_auth_view_attach']);
}
//
// Get Information on currently allowed Extensions
//
$sql = "SELECT e.extension, g.download_mode
FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e
WHERE (g.allow_group = 1) AND (g.group_id = e.group_id)";
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query Allowed Extensions.', '', __LINE__, __FILE__, $sql);
}
$rows = $db->sql_fetchrowset($result);
$num_rows = $db->sql_numrows($result);
for ($i = 0; $i < $num_rows; $i++)
{
$extension = strtolower(trim($rows[$i]['extension']));
$allowed_extensions[] = $extension;
$download_mode[$extension] = $rows[$i]['download_mode'];
}
//
// disallowed ?
//
if ( (!in_array($attachment['extension'], $allowed_extensions)) && ($userdata['user_level'] != ADMIN) )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Extension_disabled_after_posting'], $attachment['extension']));
}
$download_mode = intval($download_mode[$attachment['extension']]);
if ($thumbnail)
{
$attachment['physical_filename'] = THUMB_DIR . '/t_' . $attachment['physical_filename'];
}
//
// Update download count
//
if (!$thumbnail)
{
$sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '
SET download_count = download_count + 1
WHERE attach_id = ' . $attachment['attach_id'];
if ( !(attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Couldn\'t update attachment download count', '', __LINE__, __FILE__, $sql);
}
}
//
// Determine the 'presenting'-method
//
if ($download_mode == PHYSICAL_LINK)
{
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['server_name']));
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
$script_name = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($board_config['script_path']));
if ($script_name[strlen($script_name)] != '/')
{
$script_name .= '/';
}
if (intval($attach_config['allow_ftp_upload']))
{
$url = $attach_config['download_path'] . '/' . $attachment['physical_filename'];
$redirect_path = $url;
}
else
{
$url = $upload_dir . '/' . $attachment['physical_filename'];
// $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url));
$redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url;
}
// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
{
header('Refresh: 0; URL=' . $redirect_path);
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>';
exit;
}
// Behave as per HTTP/1.1 spec for others
header('Location: ' . $redirect_path);
exit;
}
else
{
if (intval($attach_config['allow_ftp_upload']))
{
send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attach_config['download_path'] . '/' . $attachment['physical_filename'] , '', $attachment['attach_id']);
exit();
}
else
{
send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attachment['physical_filename'], $upload_dir, $attachment['attach_id']);
exit();
}
اين شكلي ميشه تو پيج فقط نوشتس
<?php
/***************************************************************************
* download_secure.php
* -------------------
* begin : Monday, Apr 1, 2002
* copyright : (C) 2002 Meik Sievertsen
* email : [email protected]
*
* $Id: download_secure.php,v 1.1 2003/01/17 10:11:02 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
//
// Modified Download.php to allow the definition of allowed/denied pages, able/unable to download Attachments
//
if ( defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
define('ALLOWED_DENIED', 0);
define('DENIED_ALLOWED', 1);
//
// From this line on you are able to edit the stuff
//
// Possible Values:
// ALLOWED_DENIED <- First allow the listed sites, and then deny all others
// DENIED_ALLOWED <- First deny the listed sites, and then allow all others
$allow_deny_order = ALLOWED_DENIED;
//
// Allowed Syntax:
// Full Domain Name -> www.opentools.de
// Partial Domain Names -> opentools.de
//
$sites = array(
$board_config['server_name'], // This is your domain
'opentools.de',
'phpbb.com',
'phpbbhacks.com',
'phpbb.de'
);
// This is the message displayed, if someone links to this site...
$lang['Denied_Message'] = 'You are not authorized to view, download or link to this Site.';
// End of editable area
//
// Parse the order and evaluate the array
//
$site = explode('?', $HTTP_SERVER_VARS['HTTP_REFERER']);
$url = trim($site[0]);
//$url = $HTTP_HOST;
if ($url != '')
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? FALSE : TRUE;
for ($i = 0; $i < count($sites); $i++)
{
if (strstr($url, $sites[$i]))
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? TRUE : FALSE;
break;
}
}
}
else
{
$allowed = TRUE;
}
if ($allowed == FALSE)
{
message_die(GENERAL_MESSAGE, $lang['Denied_Message']);
}
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$download_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
}
else
{
$download_id = -1;
}
if( isset($HTTP_POST_VARS['thumb']) || isset($HTTP_GET_VARS['thumb']) )
{
$thumbnail = ( isset($HTTP_POST_VARS['thumb']) ) ? intval($HTTP_POST_VARS['thumb']) : intval($HTTP_GET_VARS['thumb']);
}
else
{
$thumbnail = FALSE;
}
//
// Begin Functions
//
function send_file_to_browser($real_filename, $mimetype, $physical_filename, $upload_dir, $attach_id)
{
global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $db;
if ($upload_dir == '')
{
$filename = $physical_filename;
}
else
{
$filename = $upload_dir . '/' . $physical_filename;
}
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload']))
{
if (@!file_exists(@amod_realpath($filename)))
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br />404 File Not Found: The File " . $filename . " does not exist.");
}
else
{
$gotit = TRUE;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin.
//
if (!empty($_SERVER['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
}
else if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
}
else if (!isset($HTTP_USER_AGENT))
{
$HTTP_USER_AGENT = '';
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[2];
$browser_agent = 'opera';
}
else if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'ie';
}
else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'omniweb';
}
else if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'netscape';
}
else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'mozilla';
}
else if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'konqueror';
}
else
{
$browser_version = 0;
$browser_agent = 'other';
}
//
// Correct the Mime Type, if it's an octetstream
//
if ( ($mimetype == 'application/octet-stream') || ($mimetype == 'application/octetstream') )
{
if ( ($browser_agent == 'ie') || ($browser_agent == 'opera') )
{
$mimetype = 'application/octetstream';
}
else
{
$mimetype = 'application/octet-stream';
}
}
//
// Send out the Headers
//
if ($browser_agent == 'ie')
{
header('Content-Type: ' . $mimetype);
header('Content-Disposition: inline; filename="' . $real_filename . '"');
}
else
{
header('Content-Type: ' . $mimetype . '; name="' . $real_filename . '"');
header('Content-Disposition: attachment; filename=' . $real_filename);
}
//
// Now send the File Contents to the Browser
//
if ($gotit)
{
readfile($filename);
}
else if ((!$gotit) && (intval($attach_config['allow_ftp_upload'])))
{
$conn_id = attach_init_ftp();
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if ( (preg_match("/text/i", $mimetype)) || (preg_match("/html/i", $mimetype)) )
{
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $physical_filename, $mode);
if (!$result)
{
message_die(GENERAL_MESSAGE, 'FTP Download Error');
}
@ftp_quit($conn_id);
readfile($tmp_filename);
@unlink($tmp_filename);
}
else
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br />404 File Not Found: The File " . $filename . " does not exist.");
}
exit();
}
//
// End Functions
//
//
// Start Session Management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if ($download_id == -1)
{
message_die(GENERAL_ERROR, $lang['No_attachment_selected']);
}
if ((intval($attach_config['disable_mod']) == 1) && ($userdata['user_level'] != ADMIN))
{
message_die(GENERAL_MESSAGE, $lang['Attachment_feature_disabled']);
}
$sql = 'SELECT *
FROM ' . ATTACHMENTS_DESC_TABLE . '
WHERE attach_id = ' . intval($download_id);
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
if ($db->sql_numrows($result) == 0)
{
message_die(GENERAL_MESSAGE, $lang['Error_no_attachment']);
}
$attachment = $db->sql_fetchrow($result);
//
// get forum_id for attachment authorization or private message authorization
//
$authorised = FALSE;
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . $attachment['attach_id'];
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
$auth_pages = $db->sql_fetchrowset($result);
$num_auth_pages = $db->sql_numrows($result);
for ($i = 0; $i < $num_auth_pages && $authorised == FALSE; $i++)
{
if (intval($auth_pages[$i]['post_id']) != 0)
{
$sql = 'SELECT forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $auth_pages[$i]['post_id'];
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_id = $row['forum_id'];
$is_auth = array();
$is_auth = auth(AUTH_ALL, $forum_id, $userdata);
if ( $is_auth['auth_download'] && $is_auth['auth_read'] )
{
$authorised = TRUE;
}
}
else
{
if ( (intval($attach_config['allow_pm_attach'])) && ( ($userdata['user_id'] == $auth_pages[$i]['user_id_2']) || ($userdata['user_id'] == $auth_pages[$i]['user_id_1']) ) || ($userdata['user_level'] == ADMIN) )
{
$authorised = TRUE;
}
}
}
if (!$authorised)
{
message_die(GENERAL_MESSAGE, $lang['Sorry_auth_view_attach']);
}
//
// Get Information on currently allowed Extensions
//
$sql = "SELECT e.extension, g.download_mode
FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e
WHERE (g.allow_group = 1) AND (g.group_id = e.group_id)";
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query Allowed Extensions.', '', __LINE__, __FILE__, $sql);
}
$rows = $db->sql_fetchrowset($result);
$num_rows = $db->sql_numrows($result);
for ($i = 0; $i < $num_rows; $i++)
{
$extension = strtolower(trim($rows[$i]['extension']));
$allowed_extensions[] = $extension;
$download_mode[$extension] = $rows[$i]['download_mode'];
}
//
// disallowed ?
//
if ( (!in_array($attachment['extension'], $allowed_extensions)) && ($userdata['user_level'] != ADMIN) )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Extension_disabled_after_posting'], $attachment['extension']));
}
$download_mode = intval($download_mode[$attachment['extension']]);
if ($thumbnail)
{
$attachment['physical_filename'] = THUMB_DIR . '/t_' . $attachment['physical_filename'];
}
//
// Update download count
//
if (!$thumbnail)
{
$sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '
SET download_count = download_count + 1
WHERE attach_id = ' . $attachment['attach_id'];
if ( !(attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Couldn\'t update attachment download count', '', __LINE__, __FILE__, $sql);
}
}
//
// Determine the 'presenting'-method
//
if ($download_mode == PHYSICAL_LINK)
{
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['server_name']));
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
$script_name = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($board_config['script_path']));
if ($script_name[strlen($script_name)] != '/')
{
$script_name .= '/';
}
if (intval($attach_config['allow_ftp_upload']))
{
$url = $attach_config['download_path'] . '/' . $attachment['physical_filename'];
$redirect_path = $url;
}
else
{
$url = $upload_dir . '/' . $attachment['physical_filename'];
// $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url));
$redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url;
}
// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
{
header('Refresh: 0; URL=' . $redirect_path);
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>';
exit;
}
// Behave as per HTTP/1.1 spec for others
header('Location: ' . $redirect_path);
exit;
}
else
{
if (intval($attach_config['allow_ftp_upload']))
{
send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attach_config['download_path'] . '/' . $attachment['physical_filename'] , '', $attachment['attach_id']);
exit();
}
else
{
send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attachment['physical_filename'], $upload_dir, $attachment['attach_id']);
exit();
}
اين شكلي ميشه تو پيج فقط نوشتس
