Shoutbox

Hi.
Ofcurse PHP!!
Thanks!!

I changed the script a bit:

code:

---

<?
$script = $_GET[script];
$tjek = $script.".plsc";

if (file_exists($tjek)) {

header("Content-Type: application/x-plsc");
header('Content-Disposition: attachment; filename="' . $script . '.plsc"');
readfile("$script.plsc");

} else {
echo "$tjek blev ikke fundet på serveren.";
}
?>

---

Hmm, this sounds interesting....

Because I has a few reports from people who had WinZip and such popping up when downloading from the scripts DB too.

So that code is confirmed to work?:

code:

---

header("Content-Type: application/x-plsc");
header('Content-Disposition: attachment; filename="' . $filename . "');
readfile("$filename");

---

quote:

---

Originally posted by MenthiX
Hmm, this sounds interesting....

Because I has a few reports from people who had WinZip and such popping up when downloading from the scripts DB too.

So that code is confirmed to work?:

code:

---

header("Content-Type: application/x-plsc");
header('Content-Disposition: attachment; filename="' . $filename . "');
readfile("$filename");

---

---

I think it's just the header "Content-Type: application/x-plsc" that does it.

quote:

---

Originally posted by SnuZZer
Hi.
Ofcurse PHP!!
Thanks!!

I changed the script a bit:

code:

---

<?
$script = $_GET[script];
$tjek = $script.".plsc";

if (file_exists($tjek)) {

header("Content-Type: application/x-plsc");
header('Content-Disposition: attachment; filename="' . $script . '.plsc"');
readfile("$script.plsc");

} else {
echo "$tjek blev ikke fundet på serveren.";
}
?>

---

---

Bad idea !

code:

---

<?
$script = $_GET[script]; // no! php search for the 'script' constant
$tjek = $script.".plsc"; // "$script.plsc" is more simple ...

if (file_exists($tjek)) { // and if I insert ../[...] , /home/[...],  C:\[...], http://[...], ftp://[...] ; file_exists will accept a folder too

header("Content-Type: application/x-plsc");
header('Content-Disposition: attachment; filename="' . $script . '.plsc"');
readfile("$script.plsc");

} else {
echo "$tjek blev ikke fundet på serveren."; // XSS vulnerability, $tjek = <script>alert("Cookies: " + document.cookie);</script>
}
?>

---

@Ezra : yes, but if you don't put the Content-Disposition header, you will get a download.php file

Edit : a more clean code :

code:

---

<?php

$script = (get_magic_quotes_gpc() ? stripslashes($_GET['script']) : $_GET['script']);
$scriptfn= "$script.plsc";

$error = 0;

if (empty($script))
    $error = 1;

else if (preg_match('#[/\\\\."]#', $script))
    $error = 2;

else if (!is_file($scriptfn))
   $error = 3;

if ($error === 0)
{
    header("Content-Type: application/x-plsc");
    header('Content-Disposition: attachment; filename="' . $scriptfn . '"');

    readfile($scriptfn);
}
else
{
    $scriptfn = htmlentities($scriptfn);
   
    switch ($error)
    {
        case 1:
            echo "File is empty !";
            break;
        case 2:
            echo "Illegal characters in file : $scriptfn";
            break;
        case 3:
            echo "File not found : $scriptfn";
            break;
    }
}

?>

---

Just change the error messages ...

quote:

---

Originally posted by mickael9

@Ezra : yes, but if you don't put the Content-Disposition header, you will get a download.php file

---

Yeah I know that, but as the download system from the database already works correctly, only that IE users sometimes download a .zip file, I meant that Menthix could probably fix that by only adding that to the headers