header.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

<?
include_once("inc/auth.php");

if($SUB_DIR!="")
   $SUB_DIR=urldecode($SUB_DIR);
if($FILE_NAME!="")
   $FILE_NAME=urldecode($FILE_NAME);

$FB_STR1=$FILE_NAME;
if(strstr($FB_STR1,"/")||strstr($FB_STR1,"\\"))
   exit;

ob_end_clean();
$query = "SELECT * from PICTURE where PIC_ID=$PIC_ID";
$cursor= exequery($connection,$query);

if($ROW=mysql_fetch_array($cursor))
   $PIC_PATH=$ROW["PIC_PATH"];

if($FILE_NAME!="")
{
   $FILE_NAME=substr($FILE_NAME,strrpos($FILE_NAME,"/"));

   if($SUB_DIR!=""&&substr($PIC_PATH,strlen($PIC_PATH)-1,1)=="/")
      $FILE_PATH = $PIC_PATH.$SUB_DIR;
   else
      $FILE_PATH = $PIC_PATH."/".$SUB_DIR;

   $FILE_PATH .="/".$FILE_NAME;

   if(!file_exists($FILE_PATH))
   {
      echo "找不到文件：".$FILE_PATH;
      exit;
   }

   clearstatcache();
   $fp = fopen($FILE_PATH,"rb");

   $FILE_TYPE=substr(strrchr($FILE_NAME, "."), 1);
   $FILE_TYPE=strtolower($FILE_TYPE);

   if($FILE_TYPE=="swf" || $FILE_TYPE=="swc")
      Header("Content-type: application/x-shockwave-flash");
   else if($FILE_TYPE=="jpc" || $FILE_TYPE=="jpx" || $FILE_TYPE=="jb2")
      Header("Content-type: application/octet-stream");
   else if($FILE_TYPE=="wbmp")
      Header("Content-type: image/vnd.wap.wbmp");
   else
      Header("Content-type: image/".$FILE_TYPE);

   Header("Accept-Ranges: bytes");
   Header("Accept-Length: ".filesize($FILE_PATH));
   Header("Content-Disposition: attachment; filename=" . $FILE_NAME);

   while (!feof ($fp))
   {
      echo fread($fp,50000);
   }

   fclose($fp);
}
?>