Файл: public_html/modules/magaz/download.php
Строк: 23
<?php
if(isset($_GET['id']) && $db->query("SELECT * FROM `magaz_tovar` WHERE `id` = '". abs(intval($_GET['id'])) ."'")->rowCount() == 1) {
$file = $db->query("SELECT * FROM `magaz_tovar` WHERE `id` = '". abs(intval($_GET['id'])) ."'")->fetch();
if($db->query("SELECT * FROM `magaz_s` WHERE `uid` = '". $file['id'] ."' AND `user` = '".$user['id']."'")->rowCount() != 0 || $user['id'] == $file['user']) {
$files= ROOT .'/files/magaz/'. $file['path'] .'/'.$file['file'];
$path_info = pathinfo($files);
header ("Content-Type: application/zip");
header ("Accept-Ranges: bytes");
header ("Content-Length: ".filesize($files));
header ("Content-Disposition: attachment; filename=cssliga_ru_".$file['name'] .'.'. $path_info['extension']);
readfile($files);
}
else { go('/magaz/'); }} else { go('/magaz/'); }
?>