42 lines
1.7 KiB
PHP
42 lines
1.7 KiB
PHP
<?php
|
|
|
|
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 3600) . ' GMT');
|
|
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
|
|
|
|
define('_PROJECT_DIR', getcwd() . '/../../'); // Директория проекта
|
|
define('_ROOT_DIR', getcwd() . '/'); // Директория где точка входа php
|
|
define('_SHOP_DIR', getcwd() . '/../'); // Директория где точка входа в магазин (index.php)
|
|
|
|
const _ENGINE_DIR = _PROJECT_DIR . 'engine/';
|
|
const _FILES_DIR_ = _SHOP_DIR . '/files/';
|
|
|
|
include(_ENGINE_DIR. '/core/db.class.php');
|
|
include(_PROJECT_DIR . '/config/db.cfg.php');
|
|
|
|
|
|
$core_db->q("SELECT * FROM `_sys_files` WHERE `id` = '".intval($_GET['id'])."'");
|
|
if ($core_db->r()) {
|
|
|
|
if ($core_db->f('private') == 1) {
|
|
session_start();
|
|
$sess_id = session_id();
|
|
$dbAuth = $core_db->new_db();
|
|
$dbAuth->q('SELECT `id` FROM `_sys_user_sessions` WHERE `session_id` = "'.db_escape_string($sess_id).'" ');
|
|
// Неавторизированному пользователю пустая картинка
|
|
if (!$dbAuth->nr()) {
|
|
header('Content-Disposition: attachment; filename=empty.gif');
|
|
header('Content-type: image/gif');
|
|
die(base64_decode($transparentPixelGif));
|
|
}
|
|
}
|
|
|
|
header('Content-Disposition: attachment; filename=' . $core_db->f('realname'));
|
|
header('Content-type: ' . $core_db->f('ext'));
|
|
die(file_get_contents(_FILES_DIR_ . $core_db->f('filename')));
|
|
} else {
|
|
$transparentPixelGif = 'R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==';
|
|
header('Content-type: image/gif');
|
|
header('Content-Disposition: attachment; filename=empty.gif');
|
|
die(base64_decode($transparentPixelGif));
|
|
}
|