arriej/TSN-Ranksystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release 1.3.22

Browse Source
This commit is contained in:
Newcomer1989
2023-02-01 20:44:58 +01:00
parent b96e32b713
commit f7d7aedc5a
100 changed files with 5710 additions and 1435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
webinterface/download_file.php
View File

@@ -12,15 +12,15 @@ try {
$err_lvl = 3;
}
if (isset($db_csrf[$_GET['csrf_token']]) && isset($_GET['file']) && substr($_GET['file'],0,10) == "db_export_" && file_exists($cfg['logs_path'].$_GET['file'])) {
if (isset($db_csrf[$_GET['csrf_token']]) && isset($_GET['file']) && substr($_GET['file'],0,10) == "db_export_" && file_exists($GLOBALS['logpath'].$_GET['file']) && isset($_SESSION[$rspathhex.'username']) && hash_equals($_SESSION[$rspathhex.'username'], $cfg['webinterface_user']) && hash_equals($_SESSION[$rspathhex.'password'], $cfg['webinterface_pass'])) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($cfg['logs_path'].$_GET['file']).'"');
header('Content-Disposition: attachment; filename="'.basename($GLOBALS['logpath'].$_GET['file']).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($cfg['logs_path'].$_GET['file']));
readfile($cfg['logs_path'].$_GET['file']);
header('Content-Length: ' . filesize($GLOBALS['logpath'].$_GET['file']));
readfile($GLOBALS['logpath'].$_GET['file']);
} else {
rem_session_ts3();
echo "Error on downloading file. File do not exists (anymore)? If yes, try it again. There could happened a problem with your session.";