sibtracker/system/file.php

<?php
@session_start ();

define ( 'DATALIFEENGINE', true );
define ( 'FILE_DIR', '../uploads/files/' );
define ( 'ROOT_DIR', '..' );
define ( 'SYSTEM_DIR', ROOT_DIR . '/system' );

@error_reporting ( E_ALL ^ E_NOTICE );
@ini_set ( 'display_errors', true );
@ini_set ( 'html_errors', false );
@ini_set ( 'error_reporting', E_ALL ^ E_NOTICE );

require SYSTEM_DIR . '/data/config.php';
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . '/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';
require_once SYSTEM_DIR . '/modules/sitelogin.php';
require_once SYSTEM_DIR . '/classes/download.class.php';

$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
	$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
	while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
		foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
	}
	$cache->set( "usergroup", $user_group );
	$db->free();
}

if (! $is_logged) {$member_id['user_group'] = 5;}
if (! $user_group[$member_id['user_group']]['allow_files']) die ( "Access denied" );

	$_SERVER['HTTP_REFERER'] = clean_url ( $_SERVER['HTTP_REFERER'] );
	$_SERVER['HTTP_HOST'] = clean_url ( $_SERVER['HTTP_HOST'] );
	if ($_SERVER['HTTP_HOST'] != $_SERVER['HTTP_REFERER']) {
		@header ( 'Location: ' . $config['http_home_url'] );
		die ( "Access denied!!!<br /><br />Please visit <a href=\"{$config['http_home_url']}\">{$config['http_home_url']}</a>" );
	}

$id = intval ( $_REQUEST['id'] );

if ($_REQUEST['area'] == "static") $row = $db->super_query ( "SELECT name, onserver FROM " . PREFIX . "_static_files WHERE id ='$id'" );
else $row = $db->super_query ( "SELECT name, onserver FROM " . PREFIX . "_files WHERE id ='$id'" );

if (! $row) die ( "Access denied" );

$config['files_max_speed'] = intval ( $config['files_max_speed'] );

$file = new download ( FILE_DIR . $row['onserver'], $row['name'], $config['files_force'], $config['files_max_speed'] );

if ($_REQUEST['area'] == "static") {
        if ($config['files_count'] == "yes" and ! $file->range)
		$db->query ( "UPDATE " . PREFIX . "_static_files SET dcount=dcount+1 WHERE id ='$id'" );
} else {
	if ($config['files_count'] == "yes" and ! $file->range)
	$db->query ( "UPDATE " . PREFIX . "_files SET dcount=dcount+1 WHERE id ='$id'" );
}

$db->close ();
$file->download_file ();
?>
message 2019-05-18 13:46:03 +08:00			`<?php`
			`@session_start ();`

			`define ( 'DATALIFEENGINE', true );`
			`define ( 'FILE_DIR', '../uploads/files/' );`
			`define ( 'ROOT_DIR', '..' );`
			`define ( 'SYSTEM_DIR', ROOT_DIR . '/system' );`

			`@error_reporting ( E_ALL ^ E_NOTICE );`
			`@ini_set ( 'display_errors', true );`
			`@ini_set ( 'html_errors', false );`
			`@ini_set ( 'error_reporting', E_ALL ^ E_NOTICE );`

			`require SYSTEM_DIR . '/data/config.php';`
			`require_once SYSTEM_DIR . '/classes/mysql.php';`
			`require_once SYSTEM_DIR . '/data/dbconfig.php';`
			`require_once SYSTEM_DIR . '/modules/functions.php';`
			`require_once SYSTEM_DIR . '/modules/sitelogin.php';`
			`require_once SYSTEM_DIR . '/classes/download.class.php';`

			`$user_group = $cache->get( "usergroup" );`
			`if( ! $user_group ) {$user_group = array ();`
			`$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );`
			`while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();`
			`foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}`
			`}`
			`$cache->set( "usergroup", $user_group );`
			`$db->free();`
			`}`

			`if (! $is_logged) {$member_id['user_group'] = 5;}`
			`if (! $user_group[$member_id['user_group']]['allow_files']) die ( "Access denied" );`

			`$_SERVER['HTTP_REFERER'] = clean_url ( $_SERVER['HTTP_REFERER'] );`
			`$_SERVER['HTTP_HOST'] = clean_url ( $_SERVER['HTTP_HOST'] );`
			`if ($_SERVER['HTTP_HOST'] != $_SERVER['HTTP_REFERER']) {`
			`@header ( 'Location: ' . $config['http_home_url'] );`
			`die ( "Access denied!!!<br /><br />Please visit <a href=\"{$config['http_home_url']}\">{$config['http_home_url']}</a>" );`
			`}`

			`$id = intval ( $_REQUEST['id'] );`

			`if ($_REQUEST['area'] == "static") $row = $db->super_query ( "SELECT name, onserver FROM " . PREFIX . "_static_files WHERE id ='$id'" );`
			`else $row = $db->super_query ( "SELECT name, onserver FROM " . PREFIX . "_files WHERE id ='$id'" );`

			`if (! $row) die ( "Access denied" );`

			`$config['files_max_speed'] = intval ( $config['files_max_speed'] );`

			`$file = new download ( FILE_DIR . $row['onserver'], $row['name'], $config['files_force'], $config['files_max_speed'] );`

			`if ($_REQUEST['area'] == "static") {`
			`if ($config['files_count'] == "yes" and ! $file->range)`
			`$db->query ( "UPDATE " . PREFIX . "_static_files SET dcount=dcount+1 WHERE id ='$id'" );`
			`} else {`
			`if ($config['files_count'] == "yes" and ! $file->range)`
			`$db->query ( "UPDATE " . PREFIX . "_files SET dcount=dcount+1 WHERE id ='$id'" );`
			`}`

			`$db->close ();`
			`$file->download_file ();`
			`?>`