download script
Posted: Wed Jan 03, 2007 2:15 pm
A simple download script used to let people download files of type pdf, doc or other. I use it by supplying the script an array of files which are downloadable. And then in the directory with the files I place a htaccess file to disallow access, so that all downloads pass this script.
Part of the reason I show the code here is the new PDF XSS vulnerability which has been discovered. Which makes any pdf file on any site useable as XSS vector. So I tried it with this script, but whatever I try to add to the URL it doesn't seem to be successful.
Any criticque is welcome. Thanks.
Code: Select all
<?php
//download files
$files = array("some.pdf",
"another.pdf",
"yetanother.pdf",
"some.doc",
"another.doc",
"yetanother.doc"
);
if (isset($_GET['download_file']) && in_array($_GET['download_file'], $files))
{
$file = basename($_GET['download_file']);
$path = $_SERVER['DOCUMENT_ROOT'] . "/download/";
$fullPath = $path . $file;
if (!file_exists($fullPath) OR !is_readable($fullPath)) {
echo "File doesn't exist or is unreadable!";
exit;
}
if ($fd = fopen ($fullPath, "r")) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
switch ($ext) {
case "pdf":
header("Content-type: application/pdf");
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
break;
case "doc":
header("Content-type: application/doc");
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
break;
default;
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"".$path_parts["basename"]."\"");
}
header("Content-length: $fsize");
header("Cache-Control: private",false);
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
exit;
}
elseif ( isset($_GET['download_file']) && !in_array($_GET['download_file'],$files ))
{
die('Invalid File'); // or change to some more usefull error message ...
}
?>Any criticque is welcome. Thanks.