| Server IP : 79.136.114.73 / Your IP : 18.116.239.69 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/icad.astacus.se/archive/ |
Upload File : |
<?php
session_start();
$SystemUserId = $_SESSION['ASTACUS_SSO_INFO'][0];
$link = mysql_connect ("localhost", "root", "root123");
mysql_select_db ("vpa");
$FileHash = $_GET['hash'];
$sql = "SELECT * FROM ICADARCHIVECheckedOutFiles where FileHash = '$FileHash';";
$result = mysql_query($sql);
$found = false;
while ($row = mysql_fetch_assoc($result)){
$found = true;
$userid = $row['UserId'];
}
if( $found == false || ($found == true && $SystemUserId == $userid)){
$sql = "SELECT * FROM ICADARCHIVEParameterData, ICADARCHIVEParameters, ICADARCHIVEGroups WHERE ICADARCHIVEGroups.GroupId = ICADARCHIVEParameters.ParameterGroupId and ICADARCHIVEParameters.ParameterId = ICADARCHIVEParameterData.ParameterId and FileHash = '$FileHash';";
$result = mysql_query($sql);
$FileName = "";
while ($row = mysql_fetch_assoc($result)){
$FileName = $row['Filename'];
$FilePath = $row['FilePath'];
}
if(strpos($_GET['path'],"icad_viewer_files") > 0){
$FilePath = $_GET['path'];
$FileName = $_GET['filename'];
}
header("Content-type: application/octet-stream");
header('Content-Disposition: attachment; filename="'.$FileName.'"');
readfile("$FilePath");
}else{
echo("<script>alert('Denna fil är utcheckad!'); history.back(-1);</script>");
}
?>