Kurze Frage in die PHP Runde:
Hochladen der Dateien, Bilder werden super angeziegt funktioniert->
jedoch beim downloaden zB bei einer doc Datei kommt folgende fehlermeldung:
home/www/ziele/_md/XXXX.at/XXXXXXX/download.php on line 103
Was könnte ich hier ändern damit es funktioniert !?
Bitte bitte helft hier mir ... danke im voraus!
grüsse astra4ever
DOWNLOAD MOD !!! => download.php
Forumsregeln
phpBB 2.0 hat das Ende seiner Lebenszeit überschritten
phpBB 2.0 wird nicht mehr aktiv unterstützt. Insbesondere werden - auch bei Sicherheitslücken - keine Patches mehr bereitgestellt. Der Einsatz von phpBB 2.0 erfolgt daher auf eigene Gefahr. Wir empfehlen einen Umstieg auf phpBB 3.0, welches aktiv weiterentwickelt wird und für welches regelmäßig Updates zur Verfügung gestellt werden.
phpBB 2.0 hat das Ende seiner Lebenszeit überschritten
phpBB 2.0 wird nicht mehr aktiv unterstützt. Insbesondere werden - auch bei Sicherheitslücken - keine Patches mehr bereitgestellt. Der Einsatz von phpBB 2.0 erfolgt daher auf eigene Gefahr. Wir empfehlen einen Umstieg auf phpBB 3.0, welches aktiv weiterentwickelt wird und für welches regelmäßig Updates zur Verfügung gestellt werden.
-
astra4ever2005
- Mitglied
- Beiträge: 32
- Registriert: 07.06.2005 20:13
DOWNLOAD MOD !!! => download.php
Zuletzt geändert von astra4ever2005 am 21.07.2005 22:25, insgesamt 1-mal geändert.
Re: download.php
Was genau steht denn da an der stelle in der download.php?astra4ever2005 hat geschrieben:Kurze Frage in die PHP Runde:
Hochladen der Dateien, Bilder werden super angeziegt funktioniert->
jedoch beim downloaden zB bei einer doc Datei kommt folgende fehlermeldung:
home/www/ziele/_md/XXXX.at/XXXXXXX/download.php on line 103
[..]
mfg
-
astra4ever2005
- Mitglied
- Beiträge: 32
- Registriert: 07.06.2005 20:13
Re: download.php
Fatal error: Call to undefined function: get_var() in /home/www/ziele... sonst nichts die meldung steht ganz oben in einem neuen weissen fenster... das XXX steht für meine homepage und unterordner...t2004 hat geschrieben:Was genau steht denn da an der stelle in der download.php?astra4ever2005 hat geschrieben:Kurze Frage in die PHP Runde:
Hochladen der Dateien, Bilder werden super angeziegt funktioniert->
jedoch beim downloaden zB bei einer doc Datei kommt folgende fehlermeldung:
home/www/ziele/_md/XXXX.at/XXXXXXX/download.php on line 103
[..]
mfg
-
astra4ever2005
- Mitglied
- Beiträge: 32
- Registriert: 07.06.2005 20:13
aso...
kompletter Auszug aus der Datei... 
danke dass du mir heflen möchtest...
<?php
/***************************************************************************
* download.php
* -------------------
* begin : Monday, Apr 1, 2002
* copyright : (C) 2002 Meik Sievertsen
* email : acyd.burn@gmx.de
*
* $Id: download.php,v 1.41 2005/05/09 19:30:43 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if ( defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
//
// Delete the / * to uncomment the block, and edit the values (read the comments) to
// enable additional security to your board (preventing third site linkage)
//
/*
define('ALLOWED_DENIED', 0);
define('DENIED_ALLOWED', 1);
//
// From this line on you are able to edit the stuff
//
// Possible Values:
// ALLOWED_DENIED <- First allow the listed sites, and then deny all others
// DENIED_ALLOWED <- First deny the listed sites, and then allow all others
$allow_deny_order = ALLOWED_DENIED;
//
// Allowed Syntax:
// Full Domain Name -> www.opentools.de
// Partial Domain Names -> opentools.de
//
$sites = array(
$board_config['server_name'], // This is your domain
'opentools.de',
'phpbb.com',
'phpbbhacks.com',
'phpbb.de'
);
// This is the message displayed, if someone links to this site...
$lang['Denied_Message'] = 'You are not authorized to view, download or link to this Site.';
// End of editable area
//
// Parse the order and evaluate the array
//
$site = explode('?', $HTTP_SERVER_VARS['HTTP_REFERER']);
$url = trim($site[0]);
//$url = $HTTP_HOST;
if ($url != '')
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? FALSE : TRUE;
for ($i = 0; $i < count($sites); $i++)
{
if (strstr($url, $sites[$i]))
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? TRUE : FALSE;
break;
}
}
}
else
{
$allowed = TRUE;
}
if ($allowed == FALSE)
{
message_die(GENERAL_MESSAGE, $lang['Denied_Message']);
}
// Delete the following line, to uncomment this block
*/
$download_id = get_var('id', 0);
$thumbnail = get_var('thumb', 0);
// Send file to browser
function send_file_to_browser($attachment, $upload_dir)
{
global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $db, $attach_config;
$filename = ($upload_dir == '') ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload']))
{
if (@!file_exists(@amod_realpath($filename)))
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
else
{
$gotit = TRUE;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin.
//
if (!empty($_SERVER['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
}
else if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
}
else if (!isset($HTTP_USER_AGENT))
{
$HTTP_USER_AGENT = '';
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[2];
$browser_agent = 'opera';
}
else if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'ie';
}
else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'omniweb';
}
else if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'netscape';
}
else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'mozilla';
}
else if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'konqueror';
}
else
{
$browser_version = 0;
$browser_agent = 'other';
}
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image'))
{
$attachment['mimetype'] = ($browser_agent == 'ie' || $browser_agent == 'opera') ? 'application/octetstream' : 'application/octet-stream';
}
// Now the tricky part... let's dance
// @ob_end_clean();
// @ini_set('zlib.output_compression', 'Off');
header('Pragma: public');
// header('Content-Transfer-Encoding: none');
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . htmlspecialchars($attachment['real_filename']) . '"');
header('Content-Disposition: inline; filename="' . htmlspecialchars($attachment['real_filename']) . '"');
//
// Now send the File Contents to the Browser
//
if ($gotit)
{
$size = @filesize($filename);
if ($size)
{
header("Content-length: $size");
}
readfile($filename);
}
else if (!$gotit && intval($attach_config['allow_ftp_upload']))
{
$conn_id = attach_init_ftp();
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if ( (preg_match("/text/i", $attachment['mimetype'])) || (preg_match("/html/i", $attachment['mimetype'])) )
{
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $filename, $mode);
if (!$result)
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
@ftp_quit($conn_id);
$size = @filesize($tmp_filename);
if ($size)
{
header("Content-length: $size");
}
readfile($tmp_filename);
@unlink($tmp_filename);
}
else
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
exit;
}
//
// End Functions
//
//
// Start Session Management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if (!$download_id)
{
message_die(GENERAL_ERROR, $lang['No_attachment_selected']);
}
if ($attach_config['disable_mod'] && $userdata['user_level'] != ADMIN)
{
message_die(GENERAL_MESSAGE, $lang['Attachment_feature_disabled']);
}
$sql = 'SELECT *
FROM ' . ATTACHMENTS_DESC_TABLE . "
WHERE attach_id = $download_id";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
if (!($attachment = $db->sql_fetchrow($result)))
{
message_die(GENERAL_MESSAGE, $lang['Error_no_attachment']);
}
$attachment['physical_filename'] = basename($attachment['physical_filename']);
$db->sql_freeresult($result);
// get forum_id for attachment authorization or private message authorization
$authorised = false;
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . $attachment['attach_id'];
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
$auth_pages = $db->sql_fetchrowset($result);
$num_auth_pages = $db->sql_numrows($result);
for ($i = 0; $i < $num_auth_pages && $authorised == false; $i++)
{
if (intval($auth_pages[$i]['post_id']) != 0)
{
$sql = 'SELECT forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $auth_pages[$i]['post_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_id = $row['forum_id'];
$is_auth = array();
$is_auth = auth(AUTH_ALL, $forum_id, $userdata);
if ($is_auth['auth_download'])
{
$authorised = TRUE;
}
}
else
{
if ( (intval($attach_config['allow_pm_attach'])) && ( ($userdata['user_id'] == $auth_pages[$i]['user_id_2']) || ($userdata['user_id'] == $auth_pages[$i]['user_id_1']) ) || ($userdata['user_level'] == ADMIN) )
{
$authorised = TRUE;
}
}
}
if (!$authorised)
{
message_die(GENERAL_MESSAGE, $lang['Sorry_auth_view_attach']);
}
//
// Get Information on currently allowed Extensions
//
$sql = "SELECT e.extension, g.download_mode
FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e
WHERE (g.allow_group = 1) AND (g.group_id = e.group_id)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query Allowed Extensions.', '', __LINE__, __FILE__, $sql);
}
$rows = $db->sql_fetchrowset($result);
$num_rows = $db->sql_numrows($result);
for ($i = 0; $i < $num_rows; $i++)
{
$extension = strtolower(trim($rows[$i]['extension']));
$allowed_extensions[] = $extension;
$download_mode[$extension] = $rows[$i]['download_mode'];
}
//
// disallowed ?
//
if ( (!in_array($attachment['extension'], $allowed_extensions)) && ($userdata['user_level'] != ADMIN) )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Extension_disabled_after_posting'], $attachment['extension']));
}
$download_mode = intval($download_mode[$attachment['extension']]);
if ($thumbnail)
{
$attachment['physical_filename'] = THUMB_DIR . '/t_' . $attachment['physical_filename'];
}
//
// Update download count
//
if (!$thumbnail)
{
$sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '
SET download_count = download_count + 1
WHERE attach_id = ' . $attachment['attach_id'];
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Couldn\'t update attachment download count', '', __LINE__, __FILE__, $sql);
}
}
//
// Determine the 'presenting'-method
//
if ($download_mode == PHYSICAL_LINK)
{
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['server_name']));
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
$script_name = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($board_config['script_path']));
if ($script_name[strlen($script_name)] != '/')
{
$script_name .= '/';
}
if (intval($attach_config['allow_ftp_upload']))
{
if (trim($attach_config['download_path']) == '')
{
message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting');
}
$url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename'];
$redirect_path = $url;
}
else
{
$url = $upload_dir . '/' . $attachment['physical_filename'];
// $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url));
$redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url;
}
// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
{
header('Refresh: 0; URL=' . $redirect_path);
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>';
exit;
}
// Behave as per HTTP/1.1 spec for others
header('Location: ' . $redirect_path);
exit;
}
else
{
if (intval($attach_config['allow_ftp_upload']))
{
// We do not need a download path, we are not downloading physically
send_file_to_browser($attachment, '');
exit;
}
else
{
send_file_to_browser($attachment, $upload_dir);
exit;
}
}
?>
danke dass du mir heflen möchtest...
<?php
/***************************************************************************
* download.php
* -------------------
* begin : Monday, Apr 1, 2002
* copyright : (C) 2002 Meik Sievertsen
* email : acyd.burn@gmx.de
*
* $Id: download.php,v 1.41 2005/05/09 19:30:43 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if ( defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
//
// Delete the / * to uncomment the block, and edit the values (read the comments) to
// enable additional security to your board (preventing third site linkage)
//
/*
define('ALLOWED_DENIED', 0);
define('DENIED_ALLOWED', 1);
//
// From this line on you are able to edit the stuff
//
// Possible Values:
// ALLOWED_DENIED <- First allow the listed sites, and then deny all others
// DENIED_ALLOWED <- First deny the listed sites, and then allow all others
$allow_deny_order = ALLOWED_DENIED;
//
// Allowed Syntax:
// Full Domain Name -> www.opentools.de
// Partial Domain Names -> opentools.de
//
$sites = array(
$board_config['server_name'], // This is your domain
'opentools.de',
'phpbb.com',
'phpbbhacks.com',
'phpbb.de'
);
// This is the message displayed, if someone links to this site...
$lang['Denied_Message'] = 'You are not authorized to view, download or link to this Site.';
// End of editable area
//
// Parse the order and evaluate the array
//
$site = explode('?', $HTTP_SERVER_VARS['HTTP_REFERER']);
$url = trim($site[0]);
//$url = $HTTP_HOST;
if ($url != '')
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? FALSE : TRUE;
for ($i = 0; $i < count($sites); $i++)
{
if (strstr($url, $sites[$i]))
{
$allowed = ($allow_deny_order == ALLOWED_DENIED) ? TRUE : FALSE;
break;
}
}
}
else
{
$allowed = TRUE;
}
if ($allowed == FALSE)
{
message_die(GENERAL_MESSAGE, $lang['Denied_Message']);
}
// Delete the following line, to uncomment this block
*/
$download_id = get_var('id', 0);
$thumbnail = get_var('thumb', 0);
// Send file to browser
function send_file_to_browser($attachment, $upload_dir)
{
global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $db, $attach_config;
$filename = ($upload_dir == '') ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload']))
{
if (@!file_exists(@amod_realpath($filename)))
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
else
{
$gotit = TRUE;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin.
//
if (!empty($_SERVER['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
}
else if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']))
{
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
}
else if (!isset($HTTP_USER_AGENT))
{
$HTTP_USER_AGENT = '';
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[2];
$browser_agent = 'opera';
}
else if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'ie';
}
else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'omniweb';
}
else if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'netscape';
}
else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'mozilla';
}
else if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))
{
$browser_version = $log_version[1];
$browser_agent = 'konqueror';
}
else
{
$browser_version = 0;
$browser_agent = 'other';
}
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image'))
{
$attachment['mimetype'] = ($browser_agent == 'ie' || $browser_agent == 'opera') ? 'application/octetstream' : 'application/octet-stream';
}
// Now the tricky part... let's dance
// @ob_end_clean();
// @ini_set('zlib.output_compression', 'Off');
header('Pragma: public');
// header('Content-Transfer-Encoding: none');
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . htmlspecialchars($attachment['real_filename']) . '"');
header('Content-Disposition: inline; filename="' . htmlspecialchars($attachment['real_filename']) . '"');
//
// Now send the File Contents to the Browser
//
if ($gotit)
{
$size = @filesize($filename);
if ($size)
{
header("Content-length: $size");
}
readfile($filename);
}
else if (!$gotit && intval($attach_config['allow_ftp_upload']))
{
$conn_id = attach_init_ftp();
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if ( (preg_match("/text/i", $attachment['mimetype'])) || (preg_match("/html/i", $attachment['mimetype'])) )
{
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $filename, $mode);
if (!$result)
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
@ftp_quit($conn_id);
$size = @filesize($tmp_filename);
if ($size)
{
header("Content-length: $size");
}
readfile($tmp_filename);
@unlink($tmp_filename);
}
else
{
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
exit;
}
//
// End Functions
//
//
// Start Session Management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if (!$download_id)
{
message_die(GENERAL_ERROR, $lang['No_attachment_selected']);
}
if ($attach_config['disable_mod'] && $userdata['user_level'] != ADMIN)
{
message_die(GENERAL_MESSAGE, $lang['Attachment_feature_disabled']);
}
$sql = 'SELECT *
FROM ' . ATTACHMENTS_DESC_TABLE . "
WHERE attach_id = $download_id";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
if (!($attachment = $db->sql_fetchrow($result)))
{
message_die(GENERAL_MESSAGE, $lang['Error_no_attachment']);
}
$attachment['physical_filename'] = basename($attachment['physical_filename']);
$db->sql_freeresult($result);
// get forum_id for attachment authorization or private message authorization
$authorised = false;
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . $attachment['attach_id'];
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not query attachment informations', '', __LINE__, __FILE__, $sql);
}
$auth_pages = $db->sql_fetchrowset($result);
$num_auth_pages = $db->sql_numrows($result);
for ($i = 0; $i < $num_auth_pages && $authorised == false; $i++)
{
if (intval($auth_pages[$i]['post_id']) != 0)
{
$sql = 'SELECT forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $auth_pages[$i]['post_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_id = $row['forum_id'];
$is_auth = array();
$is_auth = auth(AUTH_ALL, $forum_id, $userdata);
if ($is_auth['auth_download'])
{
$authorised = TRUE;
}
}
else
{
if ( (intval($attach_config['allow_pm_attach'])) && ( ($userdata['user_id'] == $auth_pages[$i]['user_id_2']) || ($userdata['user_id'] == $auth_pages[$i]['user_id_1']) ) || ($userdata['user_level'] == ADMIN) )
{
$authorised = TRUE;
}
}
}
if (!$authorised)
{
message_die(GENERAL_MESSAGE, $lang['Sorry_auth_view_attach']);
}
//
// Get Information on currently allowed Extensions
//
$sql = "SELECT e.extension, g.download_mode
FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e
WHERE (g.allow_group = 1) AND (g.group_id = e.group_id)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query Allowed Extensions.', '', __LINE__, __FILE__, $sql);
}
$rows = $db->sql_fetchrowset($result);
$num_rows = $db->sql_numrows($result);
for ($i = 0; $i < $num_rows; $i++)
{
$extension = strtolower(trim($rows[$i]['extension']));
$allowed_extensions[] = $extension;
$download_mode[$extension] = $rows[$i]['download_mode'];
}
//
// disallowed ?
//
if ( (!in_array($attachment['extension'], $allowed_extensions)) && ($userdata['user_level'] != ADMIN) )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Extension_disabled_after_posting'], $attachment['extension']));
}
$download_mode = intval($download_mode[$attachment['extension']]);
if ($thumbnail)
{
$attachment['physical_filename'] = THUMB_DIR . '/t_' . $attachment['physical_filename'];
}
//
// Update download count
//
if (!$thumbnail)
{
$sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '
SET download_count = download_count + 1
WHERE attach_id = ' . $attachment['attach_id'];
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Couldn\'t update attachment download count', '', __LINE__, __FILE__, $sql);
}
}
//
// Determine the 'presenting'-method
//
if ($download_mode == PHYSICAL_LINK)
{
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['server_name']));
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
$script_name = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($board_config['script_path']));
if ($script_name[strlen($script_name)] != '/')
{
$script_name .= '/';
}
if (intval($attach_config['allow_ftp_upload']))
{
if (trim($attach_config['download_path']) == '')
{
message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting');
}
$url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename'];
$redirect_path = $url;
}
else
{
$url = $upload_dir . '/' . $attachment['physical_filename'];
// $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url));
$redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url;
}
// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
{
header('Refresh: 0; URL=' . $redirect_path);
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>';
exit;
}
// Behave as per HTTP/1.1 spec for others
header('Location: ' . $redirect_path);
exit;
}
else
{
if (intval($attach_config['allow_ftp_upload']))
{
// We do not need a download path, we are not downloading physically
send_file_to_browser($attachment, '');
exit;
}
else
{
send_file_to_browser($attachment, $upload_dir);
exit;
}
}
?>
Re: aso...
Kein Problem, aber versprechen kann ich nichts kann Dir höchsten zeigen, wo der fehler meiner Meinung nach liegt, aber zur behebung werden ich ir nicht unbedingt weiterhelfen können (soviel weiß ich noch nicht über PHP)astra4ever2005 hat geschrieben:kompletter Auszug aus der Datei...
danke dass du mir heflen möchtest...
<?php
[...]
// Delete the following line, to uncomment this block
*/
$download_id = get_var('id', 0);
$thumbnail = get_var('thumb', 0);
[..]
?>
Also, in der Zeile 104 steht $download_id = get_var('id', 0); und du hast weiter oben bereits geschrieben, das du folgende Fehlermeldung bekommst Call to undefined function: get_var().Ob es überhaupt eine Funktion namens get_var() gibt weiß ich nciht, das einzige was mir spontan dazu eingefallen ist wäre $HTTP_GET_VARS('id',0); um einen Wert aus einer URL abzufragen...aber ich denke, da könne Dir die experten hier wesentlich besser helfen als ich. Trotzdem...ein Versuch kann nicht schaden
mfg
