Tiny File Manager

File "open.php"
Full Path: /home/analogde/www/filetypes/open.php
File size: 2.21 KB
MIME-type: text/x-php
Charset: utf-8
Open Edit Advanced Editor Back
<?php
/***************************************************************
*  Copyright notice
*
*  (c) 2003-2004 Tobias Bender (tobias@phpXplorer.org)
*  All rights reserved
*
*  This script is part of the phpXplorer project. The phpXplorer project is
*  free software; you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation; either version 2 of the License, or
*  (at your option) any later version.
*
*  The GNU General Public License can be found at
*  http://www.gnu.org/copyleft/gpl.html.
*  A copy is found in the textfile GPL.txt distributed with these scripts.
*
*  This script is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/

require(dirname(__FILE__) . "/defaultActionHead.php");

$fileName = getRequestVar("fileName");
$action = getRequestVar("action");

# check for url manipulation
if(!(strpos($fileName, "..") === FALSE))
	die($PXP_languages[$PXP_language]['accessDenied'] . " (804)");
	
	
$pInfo = checkFilePermissions($fileName);
if(!$pInfo["allowOpen"])
	die($PXP_languages[$PXP_language]["accessDenied"] . " (809)");


if($action == "download"){
	header("Content-type: " . $TP_mimeType[$pInfo["extKey"]]);
	header("Content-Disposition: attachment; filename=" . $fileName);
	readfile($currentDir . "/" . $fileName);
}else{
	if($PXP_create_htaccess == 2){
		if($TP_mimeType[$pInfo["extKey"]]){
			if($TP_mimeType[$pInfo["extKey"]] == "application/php"){
				require($currentDir . "/" . $fileName);
			}else{
				header("Content-type: " . $TP_mimeType[$pInfo["extKey"]]);

				if($TP_mimeTypeDisposition[$pInfo["extKey"]])
					header("Content-Disposition: attachment; filename=" . $fileName);
				
				readfile($currentDir . "/" . $fileName);
			}
		}
	}else{
		$currentURL = str_replace($HTTP_SERVER_VARS["DOCUMENT_ROOT"], "http://" . $HTTP_SERVER_VARS["HTTP_HOST"], $currentDir . "/" . $fileName);
		header("Location:" . $currentURL);
	}
}

?>