diff options
Diffstat (limited to 'frontend/pages/passthrough.php')
| -rw-r--r-- | frontend/pages/passthrough.php | 40 |
1 files changed, 19 insertions, 21 deletions
diff --git a/frontend/pages/passthrough.php b/frontend/pages/passthrough.php index e444aa2..40ee579 100644 --- a/frontend/pages/passthrough.php +++ b/frontend/pages/passthrough.php @@ -1,11 +1,10 @@ <?php -function init_passthrough() { - global $S, $request; - if (strpos('../',$request['dir'].'/'.$request['file']) !== false || !file_exists($request['dir'].'/'.$request['file']) && !file_exists($request['dir'].'/'.$request['file'].'.php')) { - debug('passthrough','File not found '.$request['dir'].'/'.$request['file']); +function init_passthrough(&$S) { + if (strpos('../',$_REQUEST['dir'].'/'.$_REQUEST['file']) !== false || !file_exists($_REQUEST['dir'].'/'.$_REQUEST['file']) && !file_exists($_REQUEST['dir'].'/'.$_REQUEST['file'].'.php')) { + debug('passthrough','File not found '.$_REQUEST['dir'].'/'.$_REQUEST['file']); return '404'; } - switch (strtolower($request['ext'])) { + switch (strtolower($_REQUEST['ext'])) { // http://www.w3schools.com/media/media_mimeref.asp case 'mp3': contenttype('audio/mpeg'); @@ -46,37 +45,36 @@ function init_passthrough() { contenttype('application/bzip2'); break; default: - debug('passthrough', 'Unknown extension '.$request['ext']); + debug('passthrough', 'Unknown extension '.$_REQUEST['ext']); return '404'; } // Set filesize if we're working with a static file (needed for normal download and streaming behavior) - if (strtolower($request['ext']) != 'php' && file_exists($request['dir'].'/'.$request['file'])) { - header('Content-Length: '.filesize($request['dir'].'/'.$request['file'])); + if (strtolower($_REQUEST['ext']) != 'php' && file_exists($_REQUEST['dir'].'/'.$_REQUEST['file'])) { + header('Content-Length: '.filesize($_REQUEST['dir'].'/'.$_REQUEST['file'])); } // Force browser to download, possibly set dynamic filename, passed by previous page or by HTTP request (taken from the PHP manual on readfile() - if (isset($request['download']) && $request['download']) { + if (isset($_REQUEST['download']) && $_REQUEST['download']) { header('Content-Description: File Transfer'); header('Content-Transfer-Encoding: binary'); - if (isset($request['download_name']) && strlen($request['download_name']) > 0) { - header('Content-Disposition: attachment; filename="'.str_replace('"','\'', $request['download_name']).'"'); + if (isset($_REQUEST['download_name']) && strlen($_REQUEST['download_name']) > 0) { + header('Content-Disposition: attachment; filename="'.str_replace('"','\'', $_REQUEST['download_name']).'"'); } else { header('Content-Disposition: attachment'); } } $S['notemplates']=true; } -function body_passthrough() { - global $request; - if (strtolower($request['ext']) == 'php') { - $_SERVER['PHP_SELF']=substr($_SERVER['PHP_SELF'],0,strlen($_SERVER['PHP_SELF'])-strlen('main.php')).$request['dir'].'/'.$request['file']; - unset($GLOBALS['S'], $GLOBALS['request'], $GLOBALS['conf']); - chdir($request['dir']); +function body_passthrough(&$S) { + if (strtolower($_REQUEST['ext']) == 'php') { + $_SERVER['PHP_SELF']=substr($_SERVER['PHP_SELF'],0,strlen($_SERVER['PHP_SELF'])-strlen('main.php')).$_REQUEST['dir'].'/'.$_REQUEST['file']; + unset($GLOBALS['S']); + chdir($_REQUEST['dir']); error_reporting(E_DEFAULT); - return $request['file']; - } elseif (file_exists($request['dir'].'/'.$request['file'])) { - readfile($request['dir'].'/'.$request['file']); + return $_REQUEST['file']; + } elseif (file_exists($_REQUEST['dir'].'/'.$_REQUEST['file'])) { + readfile($_REQUEST['dir'].'/'.$_REQUEST['file']); } else { - return $request['dir'].'/'.$request['file'].'.php'; + return $_REQUEST['dir'].'/'.$_REQUEST['file'].'.php'; } } ?> |