home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Windows News 2010 Summer - Disc 1
/
WN_Ete2010_CD1.iso
/
Onglet5
/
Weezo
/
Weezo setup.exe
/
{code_appDir}
/
www
/
ext
/
download.php
< prev
next >
Wrap
PHP Script
|
2010-05-19
|
4KB
|
111 lines
<?php
/**
* Download a file
*
* URL format:
* RewriteRule ^(dl|downloads)\/dlToken([0-9]+)(\/resId[a-zA-Z0-9]+){0,1}\/(.+) /ext/download.php?dlToken=$2&file=$4&resId=$3 [L]
* resId: resource id in current session, optional, skipped for direct downloads
* dlToken: id of current download, used for download resume. See efTokensWrite / efTokensRead functions.
* When JS generated, concatenation of ascii values of path+filename chars
* file: rawurlencoded filename, including path
*
*
* PHP version 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license/3_0.txt. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to license@php.net so we can mail you a copy immediately.
*
* @category NA
* @package NA
* @author Nicolas Bruley / Peer 2 World <contact@weezo.net>
* @copyright 2005-2009 Nicolas Bruley / Peer 2 World
* @license http://www.php.net/license/3_0.txt PHP License 3.0
* @version CVS: $Id:$
* @link http://www.weezo.net
* @since File available since Release 1.0.0
*/
/**
* @desc display error page
*
* @param integer $errorCode : HTTP error code
*/
function displayError($errorCode){
require(INCLUDE_DIR.'initFunctions.php');
require(INCLUDE_DIR.'outputFunctions.php');
switch ($errorCode){
case 403;
$message='403 Forbidden';
break;
case 404:
default:
$message='404 Not Found';
break;
}
header('HTTP/1.1 '.$message);
cfLog($message .' - '.$_SERVER["REQUEST_URI"],LOG_DBG);
wSession_write_close();
outDisplayErrorPage($message .' - '.$_SERVER["REQUEST_URI"]);
exit();
}
require(INCLUDE_DIR.'explorerFunctions.php');
wSession_start();
$headers=getallheaders();
// Check IE download resume request
if(isset($headers['If-Modified-Since']) && preg_replace('/;.*$/', '', $headers['If-Modified-Since'])){
header("HTTP/1.1 304 Not Modified");
if(!isset($_SESSION['userLogged'])) wSession_write_close();
exit;
}
// Centralized authentication token existence check by central server
if(isset($_GET['checkExistence'])){
// Get download token
if(!isset($_GET['dlToken'])) die();
$dlToken=$_GET['dlToken']; if(substr($dlToken,0,7)=='dlToken') $dlToken=substr($dlToken,7);
// Load stored tokens and Check token existence
$tokenList=efTokensRead();
if(isset($tokenList[$dlToken])) die('ok'); else die('');
}
// If no session, only rely on download token
if(!isset($_SESSION['userLogged']) || strpos($_SERVER['REQUEST_URI'],'resId')===false) {
if(!isset($_SESSION['userLogged'])) wSession_destroy();
efResumeDownload($_GET['dlToken']);
exit;
}
// Get file name
$completeFilename=str_replace('*weezoPlus*','+',str_replace('*weezoSharp*','#',str_replace('&','&',str_replace('*weezoAmp*','&',str_replace('*weezoPercent*','%',$_GET['file'])))));
$completeFilename=stripcslashes($completeFilename);
// Verify resource existence
if(substr($_GET['resId'],0,6)=='/resId') $_GET['resId']=substr($_GET['resId'],6);
if(!isset($_SESSION['res'][$_GET['resId']])) displayError(404);
// Switch to download's resource
$_SESSION['activeResourceId']=$_GET['resId'];
// verify IP address
if (!isset($_SESSION['userId']) || ($_SESSION['accountIP'] != $_SERVER['REMOTE_ADDR'] && cfGGetVar('disableClientSessionIPControl')!=true && !isset($_SERVER['HTTPS']))) displayError(403);
// verify that resource has a "path" property
if(!cfRGetVar('path')) displayError(403);
// Inject data into POST
$_POST['data1']=cfDirName(stripslashes($completeFilename));
$_POST['data2']=basename($completeFilename);
$_POST['data3']='download';
$_POST['data5']=$_GET['dlToken'];
$_GET ['data5']='dlToken'.$_GET['dlToken'];
// Proceed to POST processing
efProcessPOST();
?>
