Файл: public_html/modules/downloads/get_file.php
Строк: 32
<?php
/**********************************
* @package: PerfCMS *
* @year: 2012 *
* @author: Artas *
* @link: http://perfcms.net *
* ------------------------------- *
* @package: PerfCMS Ultra *
* @year: 2013 *
* @author: wanya26ua & Tesla *
* @link: http://perfclub.ru *
**********************************/
$file_id = abs(intval($_GET['id']));
$att_id = abs(intval($_GET['attachment_id']));
if(isset($_GET['id']) && $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". $file_id ."'")->rowCount() !=0)
{
$afile = $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". $file_id ."'")->fetch();
$root_dir = $db->query("SELECT server_path FROM `downloads` WHERE `id` = '". abs(intval($afile['ref_id'])) ."'")->fetchColumn();
$db->query("UPDATE `downloads_files` SET `dl_times` = '". ($afile['dl_times']+1) ."' WHERE `id` = '". $file_id ."'");
header('location: /files/downloads/'.$root_dir.'/'.$afile['server_dir'].'/'.$afile['server_name']);
exit;
}
elseif(isset($_GET['attachment_id']) && $db->query("SELECT * FROM `downloads_archive` WHERE `id` = '". $att_id ."'")->rowCount() !=0)
{
$afile = $db->query("SELECT * FROM `downloads_archive` WHERE `id` = '". $att_id ."'")->fetch();
$ffile = $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". $afile['file_id'] ."'")->fetch();
$root_dir = $db->query("SELECT server_path FROM `downloads` WHERE `id` = '". abs(intval($ffile['ref_id'])) ."'")->fetchColumn();
$db->query("UPDATE `downloads_files` SET `dl_times` = '". ($ffile['dl_times']+1) ."' WHERE `id` = '". $ffile['id'] ."'");
header('location: /files/downloads/'.$root_dir.'/'.$ffile['server_dir'].'/'.$afile['server_name']);
exit;
}
else
{
header('location: /downloads/');
exit;
}
?>