Файл: billing/_rootbill/_download.inc.php
Строк: 22
<?
$id=intval($id);
$order=mysql_query("select * from orders where id='$id' and uid='".$_SESSION["userId"]."'") or die("File: ".__FILE__."<BR>Line: ".__LINE__."<BR>MySQL Error: ".mysql_error());
if (mysql_num_rows($order) > 0) {
$order=mysql_fetch_object($order);
if ($order->filename) {
$file = $full_home_path."/_rootfiles/".$order->filename;
header ("Content-Type: application/octet-stream");
header ("Accept-Ranges: bytes");
header ("Content-Length: ".filesize($file));
header ("Content-Disposition: attachment; filename=".$order->filename);
readfile($file);
} else {
error($_lang[OrdersErrorNoFiles]);
}
} else {
error($_lang[ErrorBadId]);
}
mclose();
exit;
?>