26 lines
694 B
PHP
26 lines
694 B
PHP
<?php
|
|
|
|
if (isset($_GET['filename']))
|
|
{
|
|
require("../include/appConfig.php");
|
|
|
|
// Strip only file name form user string so he do not download system configs or whatnot
|
|
$file = $appConfig['imagesLocation'].basename($_GET['filename']);
|
|
|
|
if(!file_exists($file)) die('404 - File not found.');
|
|
else
|
|
{
|
|
// Set appropriate headers
|
|
header("Cache-Control: private");
|
|
header("Content-Description: File Transfer");
|
|
header("Content-Disposition: attachment; filename=".basename($_GET['filename']));
|
|
header("Content-Type: ".mime_content_type($file));
|
|
header("Content-Transfer-Encoding: binary");
|
|
|
|
// Read the file from disk
|
|
readfile($file);
|
|
}
|
|
}
|
|
else echo "404 - File name not found.";
|
|
|
|
?>
|