| Server IP : 109.234.164.53 / Your IP : 216.73.216.110 Web Server : Apache System : Linux cervelle.o2switch.net 4.18.0-553.32.1.lve.el8.x86_64 #1 SMP Thu Dec 19 13:14:03 UTC 2024 x86_64 User : computer3 ( 1098) PHP Version : 7.1.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/computer3/litsolide.com/cp-admin/includes/filemanager2/ |
Upload File : |
<?php
$config = include 'config/config.php';
//TODO switch to array
extract($config, EXTR_OVERWRITE);
include 'include/utils.php';
if ($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager")
{
response('forbiden', 403)->send();
exit;
}
include 'include/mime_type_lib.php';
if (
strpos($_POST['path'], '/') === 0
|| strpos($_POST['path'], '../') !== false
|| strpos($_POST['path'], './') === 0
)
{
response('wrong path', 400)->send();
exit;
}
if (strpos($_POST['name'], '/') !== false)
{
response('wrong path', 400)->send();
exit;
}
$path = $current_path . $_POST['path'];
$name = $_POST['name'];
$info = pathinfo($name);
if ( ! in_array(fix_strtolower($info['extension']), $ext))
{
response('wrong extension', 400)->send();
exit;
}
if ( ! file_exists($path . $name))
{
response('File not found', 404)->send();
exit;
}
$img_size = (string) (filesize($path . $name)); // Get the image size as string
$mime_type = get_file_mime_type($path . $name); // Get the correct MIME type depending on the file.
response(file_get_contents($path . $name), 200, array(
'Pragma' => 'private',
'Cache-control' => 'private, must-revalidate',
'Content-Type' => $mime_type,
'Content-Length' => $img_size,
'Content-Disposition' => 'attachment; filename="' . ($name) . '"'
))->send();
exit;