|
|
@@ -8,20 +8,16 @@ if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY'
|
|
|
|
|
|
$user = $_SESSION['user'];
|
|
|
if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
|
|
|
- $user=$_SESSION['look'];
|
|
|
+ $user = $_SESSION['look'];
|
|
|
}
|
|
|
|
|
|
-if (!empty($_REQUEST['path'])) {
|
|
|
- $path = $_REQUEST['path'];
|
|
|
+$path = $_REQUEST['path'];
|
|
|
+if (!empty($path) && file_exists($path)) {
|
|
|
header("Content-type: application/octet-stream");
|
|
|
header("Content-Transfer-Encoding: binary");
|
|
|
header("Content-disposition: attachment;filename=".basename($path));
|
|
|
- passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
|
|
|
+ passthru(VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
|
|
|
exit;
|
|
|
-}
|
|
|
-else {
|
|
|
+} else {
|
|
|
die('File not found');
|
|
|
}
|
|
|
-
|
|
|
-
|
|
|
-?>
|