www.gusucode.com > RQCMS PHP文章管理系统 v2.3PHP源码程序 > RQCMS PHP文章管理系统 v2.3/rqcms_v2.3/rqcms_v2.3/core/attachment.php
<?php if ($host['attachments_remote_open']&&!$host['attach_display']) //禁止从非本站下载 { if(strpos($refer_url,RQ_HTTP.RQ_HOST)!=0) run404('附件禁止从地址栏直接输入或从其他站点链接访问'); } // 查询文章 $aid = intval($_GET['url1']); if (!$aid) { run404('不存在的记录'); } else { $attachinfo = $DB->fetch_first("select * from ".DB_PREFIX."attachment where aid='$aid'"); if (!$attachinfo) { run404(); } else { $DB->unbuffered_query("UPDATE ".DB_PREFIX."attachment SET downloads=downloads+1 WHERE aid='$aid'"); } } //验证下载验证 $downid='dk'.$aid; $sendkey=isset($_COOKIE[$downid])?$_COOKIE[$downid]:''; $downkey=md5(md5(DB_USER.$aid)); $downkey=substr($downkey,0,4); /* @文件下载 */ if($host['attach_display']&&($sendkey!=$downkey||$refer_url!=$page_url)&&!$attachinfo['isimage'])//显示下载页面后再下载 { $title=$attachinfo['filename'].' 下载'; setcookie($downid,$downkey,$timestamp+3600); } else { $filepath = RQ_DATA.'/files/'.$attachinfo['filepath']; $filepath=str_replace('//','/',$filepath); $attachment = $attachinfo['isimage'] ? 'inline' : 'attachment'; $attachinfo['filetype'] = $attachinfo['filetype'] ? $attachinfo['filetype'] : 'unknown/unknown'; doAction('attachment_before_download'); if(is_readable($filepath)) { ob_end_clean(); $ua = $_SERVER["HTTP_USER_AGENT"]; $filename=$attachinfo['filename']; $encoded_filename = urlencode($filename); $encoded_filename = str_replace("+", "%20", $encoded_filename); //参考 http://www.fising.cn/2012/05/php-%E6%8F%90%E4%BE%9B%E6%96%87%E4%BB%B6%E4%B8%8B%E8%BD%BD%E4%B8%AD%E6%96%87%E6%96%87%E4%BB%B6%E5%90%8D.shtml if (preg_match("/MSIE/", $ua)) { header('Content-Disposition: attachment; filename="' . $encoded_filename . '"'); } else if (preg_match("/Firefox/", $ua)) { header("Content-Disposition: attachment; filename*=\"utf8''" . $filename . '"'); } else { header('Content-Disposition: attachment; filename="' . $filename . '"'); } header('Cache-control: max-age=31536000'); header('Expires: ' . gmdate('D, d M Y H:i:s',$timestamp+31536000) . ' GMT'); header('Content-Encoding: none'); header('Content-type: '.$attachinfo['filetype']); header('Content-Length: '.filesize($filepath)); $fp = fopen($filepath, 'rb'); fpassthru($fp); fclose($fp); exit; } else { run404('读取附件失败'); } } ?>