Код:
<?
$IBOARD=1;
error_reporting(E_ERROR | E_WARNING | E_PARSE |E_CORE_ERROR | E_CORE_WARNING);
require("config/database.php");
require("config/iboard.php");
require("db/$DBdriver.php");
if ($DBpersist) $link=db_pconnect($DBhost,$DBusername,$DBpassword,$DBname);
else $link=db_connect($DBhost,$DBusername,$DBpassword,$DBname);
$fid = db_slashes($_GET['fid']);
$action = db_slashes($_GET['a']);
$phid = db_slashes($_GET['ph']);
$key = db_slashes($_GET['key']);
if ($action!="thumb" && $action!="photo") {
$sql = "SELECT file_id,file_type,file_name FROM ".$GLOBALS['DBprefix']."File WHERE file_id=\"$fid\"";
$res = db_query($sql,$link);
if (db_num_rows($res)==0) echo "File not in database!";
else {
$file=db_fetch_row($res);
db_free_result($res);
if (!$action) {
if ($_SERVER["HTTP_RANGE"]) {
$length = filesize($GLOBALS['opt_dir']."/files/".$file[0].".htm");
$range = $_SERVER["HTTP_RANGE"];
$range = str_replace("bytes=", "", $range);
$range = str_replace("-", "", $range);
}
if ($range) header("HTTP/1.1 206 Partial Content");
else header("HTTP/1.1 200 OK");
if ($file[1]) header("Content-Type: ".$file[1]);
else header("Content-Type: application/octet-stream");
if (strpos($file[1],"image")===false) header("Content-Disposition: attachment; filename=".$file[2]);
header("Accept-Ranges: bytes");
// header("Content-Length: ".($length-$range));
header("Content-Range: bytes $range-".($length-1)."/".$length);
$fh=fopen($GLOBALS['opt_dir']."/files/".$file[0].".htm","r");
if ($range) $fseek($fh,$range);
while ($buffer=fread($fh,16*1024)) echo $buffer;
fclose($fh);
}
elseif ($action=="preview") {
if (file_exists($GLOBALS['opt_dir']."/files/".$file[0]."_p.htm")) {
header("Content-Type: image/png");
header("Content-Length: ".filesize($GLOBALS['opt_dir']."/files/".$file[0]."_p.htm"));
readfile($GLOBALS['opt_dir']."/files/".$file[0]."_p.htm");
}
else {
$fh=fopen($GLOBALS['opt_dir']."/files/".$file[0].".htm","r");
$buffer=fread($fh,filesize($GLOBALS['opt_dir']."/files/".$file[0].".htm"));
fclose($fh);
$full = imagecreatefromstring($buffer);
unset($buffer);
$sizex = imagesx($full);
$sizey = imagesy($full);
if (!$opt_previewx) $opt_previewx=256;
if (!$opt_previewy) $opt_previewy=64;
$coeff=1;
while ($sizex/$coeff>$opt_previewx) $coeff++;
while ($sizey/$coeff>$opt_previewy) $coeff++;
if ($coeff>1) {
if ($GLOBALS['opt_GD2']) $thumb = imagecreatetruecolor($sizex/$coeff,$sizey/$coeff);
else $thumb = imagecreate($sizex/$coeff,$sizey/$coeff);
if ($GLOBALS['opt_GD2']) imagecopyresampled($thumb,$full,0,0,0,0,$sizex/$coeff,$sizey/$coeff,$sizex,$sizey);
else imagecopyresized($thumb,$full,0,0,0,0,$sizex/$coeff,$sizey/$coeff,$sizex,$sizey);
imagedestroy($full);
imagepng($thumb,$GLOBALS['opt_dir']."/files/".$file[0]."_p.htm");
header("Content-Type: image/png");
header("Content-Length: ".filesize($GLOBALS['opt_dir']."/files/".$file[0]."_p.htm"));
imagepng($thumb);
}
else {
header("Content-Type: ".$file[1]);
header("Content-Length: ".filesize($GLOBALS['opt_dir']."/files/".$file[0].".htm"));
readfile($GLOBALS['opt_dir']."/files/".$file[0].".htm");
}
}
}
}
}
elseif ($action=="thumb") {
$sql = "SELECT ph_tid,ph_key FROM ".$GLOBALS['DBprefix']."Photo WHERE ph_id=\"$phid\" AND ph_key=\"$key\"";
$res = db_query($sql,$link);
list($thumb,$phkey)=db_fetch_row($res);
if ($key==$phkey) {
$len=filesize($GLOBALS['opt_dir']."/photos/previews/$thumb.jpg");
header("Content-Type: image/jpeg");
header("Content-Length: ".$len);
readfile($GLOBALS['opt_dir']."/photos/previews/$thumb.jpg");
}
else echo "ERROR: BAD KEY";
}
elseif ($action=="photo") {
$sql = "SELECT ph_tid,ph_key FROM ".$GLOBALS['DBprefix']."Photo WHERE ph_id=\"$phid\" AND ph_key=\"$key\"";
$res = db_query($sql,$link);
list($photo,$phkey)=db_fetch_row($res);
if ($key==$phkey) {
$len=filesize($GLOBALS['opt_dir']."/photos/$photo.jpg");
header("Content-Type: image/jpeg");
header("Content-Length: ".$len);
readfile($GLOBALS['opt_dir']."/photos/$photo.jpg");
}
else echo "ERROR: BAD KEY";
}