Файл: shared_zone/down.php
Строк: 172
<?
include('../sys/func.php');
include('../sys/pdo_class.php');
function check($msg) {
if (is_array($msg)) {
foreach($msg as $key => $val) {
$msg[$key] = check($val);
}
} else {
$msg = htmlspecialchars($msg);
$search = array('|', ''', '$', '\', '^', '%', '`', " ", "x00", "x1A", chr(226) . chr(128) . chr(174));
$replace = array('|', ''', '$', '\', '^', '%', '`', '', '', '', '');
$msg = str_replace($search, $replace, $msg);
$msg = stripslashes(trim($msg));
}
return $msg;
}
$id = check($_GET['id']);
$pass = check($_GET['pass']);
$pa = check($_POST['pa']);
$q = DB::run() -> queryFetch("SELECT * FROM `files` WHERE `id`=? LIMIT 1",array($id));
$files_ban = $q['name'];
if($pass == $q['pass']){
$c = $q['count'];
$t = $c + 1;
$atg = round($q['time'] / 86400);
if($atg > 30){$time = time() + (86400 * 90);} else {$time = time() + (86400 * 30);}
DB::run() -> query("UPDATE `files` SET `last`=?,`count`=`count` + ?, `time`=? WHERE `id` = ?",array(times(),1,$time,$id));
$it = '../obmen/files/'.$q['name'].'';
$headers = array('jar'=>'application/java-archive',
'wmlc'=>'application/vnd.wap.wmlc',
'wmlsc'=>'application/vnd.wap.wmlscriptc',
'slc'=>'application/vnd.wap.slc',
'sic'=>'application/vnd.wap.sic',
'thm'=>'application/vnd.eri.thm',
'nth'=>'application/vnd.nok-s40theme',
'rng'=>'application/vnd.Nokie.ringing-tone',
'nqd'=>'application/vnd.nokia.gamedata',
'ngd'=>'application/x-nokiagamedata',
'seq'=>'application/vnd.alcatel.SEQ',
'utz'=>'application/vnd.uiq.thm',
'mpn'=>'application/vnd.mophun.application',
'mpc'=>'application/vnd.mophun.certificate',
'tpl'=>'application/vnd.sonyericsson.mms-template',
'sdt'=>'application/vnd.siemens-mp.theme',
'scs'=>'application/vnd.siemens-mp.skin',
'ldb'=>'application/vnd.siemens-mp.t9db',
'cab'=>'application/vnd.ms-cab-compressed',
'sis'=>'application/vnd.symbian.install',
'sisx'=>'application/octet-stream',
'app'=>'application/vnd.symbian.install',
'z'=>'application/x-compress',
'7z'=>'application/x-7z-compressed',
'rar'=>'application/x-rar-compressed',
'zip'=>'application/x-zip',
'gz'=>'application/x-gzip',
'tgz'=>'application/x-gzip',
'tar'=>'application/x-tar',
'bz'=>'application/x-bzip',
'bz2'=>'application/x-bzip',
'hid'=>'application/x-tar',
'chm'=>'application/chm',
'pmd'=>'application/x-pmd',
'smil'=>'application/smil',
'smi'=>'application/smil',
'mmf'=>'application/vnd.smaf',
'smaf'=>'application/vnd',
'mms'=>'application/vnd.wap.mms-message',
'dm'=>'application/vnd.oma.drm.message',
'dvi'=>'application/x-dvi',
'doc'=>'application/msword',
'pdf'=>'application/pdf',
'ps'=>'application/postscript',
'eps'=>'application/postscript',
'tex'=>'application/x-tex',
'com'=>'application/octet-stream',
'exe'=>'application/octet-stream',
'bat'=>'application/octet-stream',
'au'=>'audio/basic',
'snd'=>'audio/basic',
'imy'=>'audio/imelody',
'srt'=>'audio/mid',
'midi'=>'audio/mid',
'mid'=>'audio/mid',
'col'=>'audio/mid',
'mp3'=>'audio/mpeg',
'aac'=>'audio/aac',
'amr'=>'audio/amr',
'awb'=>'audio/amr-wb',
'rmf'=>'audio/rmf',
'qcp'=>'audio/vnd.qcelp',
'aiff'=>'audio/aiff',
'wav'=>'audio/x-wav',
'wma'=>'audio/x-ms-wma',
'wbmp'=>'image/vnd.wap.wbmp',
'bmx'=>'image/bmp',
'png'=>'image/png',
'jpg'=>'image/jpeg',
'jpe'=>'image/jpeg',
'jpeg'=>'image/jpeg',
'gif'=>'image/gif',
'bmp'=>'image/bmp',
'mbm'=>'image/x-epoc-mbm',
'n3a'=>'image/vnd.nok-3dscreensaver',
'mbm'=>'image/x-epoc-mbm',
'n3a'=>'image/vnd.nok-3dscreensaver',
'nok'=>'image/vnd.nok-oplogo-colornokia-op-logo',
'art'=>'image/x-jg',
'tiff'=>'image/tiff',
'3gp'=>'video/3gpp',
'mp4'=>'video/mp4',
'mpeg'=>'video/mpeg',
'mpg'=>'video/mpeg',
'mpe'=>'video/mpeg',
'mov'=>'video/quicktime',
'qt'=>'video/quicktime',
'avi'=>'video/x-msvideo',
'wmv'=>'video/x-ms-wmv',
'asf'=>'video/x-ms-asf',
'ivf'=>'video/x-ivf',
'wrl'=>'x-world/x-vrml',
'apk'=>'application/vnd.symbian.install',
'ipa'=>'application/vnd.iphone.package-archive');
header('HTTP/1.1 200 Ok');
header('Accept-Ranges: bytes');
header('Content-Length: ' . filesize($it));
header('Connection: close');
if(!empty($headers[$q['type']])){
header('Content-type: '.$headers[$q['type']]);} else {
header('Content-type: application/octet-stream');}
header('Content-Disposition: attachment; filename="'.$q['name'].'";');
echo file_get_contents($it);
exit;
} else {
include_once('../core/core.php');
# Шапка
include(MAINDIR.'style/head.php');
echo'
<div class="title">Файл защищен паролем</div>
<div class="menu">
<form action="/'.$q['id'].'/" method="get">
Введите пароль:<br />
<input type="hidden" name="id" value="'.$q['id'].'" />
<input name="pa" size="20" maxlength="16" value=""><br />
<input type="submit" value="Продолжить">
</form>';
echo'</div><div class="menu"><img src="/images/home.png" alt="" /> <a href="/">На главную</a></div>';
include(MAINDIR.'style/foot.php');
}//pass
?>