45 lines
1.2 KiB
PHP
45 lines
1.2 KiB
PHP
<?php
|
|
|
|
/*
|
|
* smzint/Files (c) schmamazon.com 2025
|
|
*/
|
|
|
|
// download.php
|
|
|
|
include('../Auth/db.ini.php');
|
|
$fileId = filter_var($_POST['file'], FILTER_SANITIZE_NUMBER_INT);
|
|
|
|
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
|
|
if ($conn->connect_error) {
|
|
die("Connection failed: " . $conn->connect_error);
|
|
}
|
|
|
|
$sql = "SELECT * FROM smz_files_data WHERE id='$fileId'";
|
|
$result = $conn->query($sql);
|
|
$conn->close();
|
|
if ($result->num_rows > 0) {
|
|
while ($row = $result->fetch_assoc()) {
|
|
$fileName = $row["name"];
|
|
$fileType = $row["type"];
|
|
$fileHash = $row["hash"];
|
|
}
|
|
} else {
|
|
echo "Datei nicht in der Datenbank gefunden.";
|
|
}
|
|
|
|
$filePath = "data/$fileId";
|
|
|
|
if (file_exists($filePath)&& hash_equals($fileHash, hash_file("ADLER32", $filePath))) {
|
|
// Set headers to force download
|
|
header('Content-Description: File Transfer');
|
|
header('Content-Type: application/octet-stream');
|
|
header('Content-Disposition: attachment; filename="smzintFILES-'.$fileName.'.'.$fileType.'"');
|
|
header('Expires: 0');
|
|
header('Cache-Control: must-revalidate');
|
|
header('Pragma: public');
|
|
readfile($filePath);
|
|
exit;
|
|
} else {
|
|
echo "File not found.";
|
|
}
|
|
?>
|