AshleyQuick Posted February 25, 2009 Share Posted February 25, 2009 The following file doesn't allow downloads if the address is a subdomain. I've tried changing path, adding scripts and nothing's working. <?php if (!@include_once("./inc/auth.php")) include_once("../inc/auth.php"); include("../config.php"); include("../inc/functions.php"); include("../lang/$language.php"); session_save_path($session_save_dir); if (isset($_GET['path'])) $path = validate_path($_GET['path']); if (!isset($path)) $path = FALSE; if ($path == "./" || $path == ".\\" || $path == "/" || $path == "\\") $path = FALSE; if (isset($_GET['filename'])) $filename = basename(stripslashes($_GET['filename'])); if ($AllowDownload || $AllowView) { if (isset($_GET['filename']) && isset($_GET['action']) && is_file($home_directory.$path.$filename) || is_file("../".$home_directory.$path.$filename)) { if (is_file($home_directory.$path.$filename) && !strstr($home_directory, "./") && !strstr($home_directory, ".\\")) $fullpath = $home_directory.$path.$filename; else if (is_file("../".$home_directory.$path.$filename)) $fullpath = "../".$home_directory.$path.$filename; if (!$AllowDownload && $AllowView && !is_viewable_file($filename)) { print "<font color='#CC0000'>$StrAccessDenied</font>"; exit(); } if ($HTTPS) header("Pragma:"); header("Content-Type: ".get_mimetype($filename)); header("Content-Length: ".filesize($fullpath)); if ($_GET['action'] == "download"); header("Content-Disposition: attachment; filename=$filename"); readfile($fullpath); } else print "<font color='#CC0000'>$StrDownloadFail</font>"; } ?> Link to comment https://forums.phpfreaks.com/topic/146941-subdomain-path-directories-in-file-management-script/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.