-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhandledownload.php
70 lines (62 loc) · 1.61 KB
/
handledownload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
#Start the session
session_start();
?>
<?php
include('config/setup.php');
$message = "";
if(isset($_GET['id']) && is_numeric($_GET['id'])) {
$id=$_GET['id'];
$query = "SELECT * FROM file WHERE file_id=$id";
$result = mysqli_query($dbc,$query);
$message.=$query."<br>";
if(mysqli_num_rows($result) == 1)
{
$file_data = mysqli_fetch_assoc($result);
$savename= D_STORAGE.$file_data['savename'];
$filename = $file_data['filename'];
if(file_exists($savename))
{
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($filename).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($savename));
readfile($savename);
$date = date('Y-m-d H:i:s');
$query = "UPDATE file SET lastdownloadtime='$date' WHERE file_id = $id";
$result = mysqli_query($dbc,$query);
exit;
if($_SESSION['category'] =='admin') {
header("Location: admin/StuffManage.php");
}else {
header("Location: inventory.php");
}
}
else
{
$message.="File does not exit!".$filename;
}
}
else
{
$message.="Error file name";
}
}
else
{
$message.="Error ID";
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<h4>Message:</h4>
<?php echo '<p>'.$message.'</p>' ?>
</body>
</html>