plugins/SpecialUpdownload.php
changeset 235 b3cfaf0a505c
parent 195 3daa715e0f69
child 256 f8356d9c3481
equal deleted inserted replaced
234:a1d0846c4504 235:b3cfaf0a505c
   216 {
   216 {
   217   global $db, $session, $paths, $template, $plugins; // Common objects
   217   global $db, $session, $paths, $template, $plugins; // Common objects
   218   global $do_gzip;
   218   global $do_gzip;
   219   $filename = rawurldecode($paths->getParam(0));
   219   $filename = rawurldecode($paths->getParam(0));
   220   $timeid = $paths->getParam(1);
   220   $timeid = $paths->getParam(1);
   221   if($timeid && preg_match('#^([0-9]+)$#', (string)$timeid)) $tid = ' AND time_id='.$timeid;
   221   if ( $timeid && preg_match('#^([0-9]+)$#', (string)$timeid) )
   222   else $tid = '';
   222   {
       
   223     $tid = ' AND time_id='.$timeid;
       
   224   }
       
   225   else
       
   226   {
       
   227     $tid = '';
       
   228   }
   223   $filename = $db->escape($filename);
   229   $filename = $db->escape($filename);
   224   $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
   230   $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
   225   if(!$q) $db->_die('The file data could not be selected.');
   231   if ( !$q )
   226   if($db->numrows() < 1) { header('HTTP/1.1 404 Not Found'); die_friendly('File not found', '<p>The file "'.$filename.'" cannot be found.</p>'); }
   232   {
       
   233     $db->_die('The file data could not be selected.');
       
   234   }
       
   235   if ( $db->numrows() < 1 )
       
   236   {
       
   237     header('HTTP/1.1 404 Not Found');
       
   238     die_friendly('File not found', '<p>The file "'.$filename.'" cannot be found.</p>');
       
   239   }
   227   $row = $db->fetchrow();
   240   $row = $db->fetchrow();
   228   $db->free_result();
   241   $db->free_result();
   229   
   242   
   230   // Check permissions
   243   // Check permissions
   231   $perms = $session->fetch_page_acl($row['page_id'], 'File');
   244   $perms = $session->fetch_page_acl($row['page_id'], 'File');