-
Notifications
You must be signed in to change notification settings - Fork 45
/
Copy pathgetdemo.php
46 lines (35 loc) · 1.28 KB
/
getdemo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php
require_once('init.php');
if (\App::options()->demoEnabled == false)
{
http_response_code(400);
header('X-DenyReason: Disabled feature');
echo('This action cannot be completed: Demos disabled');
return;
}
$id = filterInput(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
if(is_null($id))
die('No id parameter.');
$DB = \DatabaseManager::GetConnection();
$DB->Prepare('SELECT `filename`, `origname`, `demtype` FROM `{{prefix}}demos` WHERE `demid` = :id;');
$DB->BindData('id', $id);
$Result = $DB->Finish();
$Demo = $Result->Single();
$Result->EndData();
if (!$Demo)
die('Demo not found.');
$path = SB_DEMOS . '/' . $Demo['filename'];
$type = $Demo['demtype'];
if(strcasecmp($type, 'U') != 0 && strcasecmp($type, 'B') != 0 && strcasecmp($type, 'S') != 0)
die('Bad type');
if ($type != 'U' && (!in_array($Demo['filename'], scandir(SB_DEMOS)) || !file_exists($path)))
die('File not found.');
if ($type != 'U'){
$demo['filename'] = basename($Demo['filename']);
Header('Content-type: application/force-download');
Header('Content-Transfer-Encoding: Binary');
Header('Content-disposition: attachment; filename="' . $Demo['origname'] . '"');
Header('Content-Length: ' . filesize($path));
readfile($path);
} else
Header('Location: '.$Demo['origname'], true, 301);