download.php at Energine

<?php
/**
 * Ð¤Ð°Ð¹Ð»-Ð¼Ð°ÑÑÑÑÑÐ¸Ð·Ð°ÑÐ¾Ñ Ð´Ð»Ñ ÐºÐ¾Ð½ÑÑÐ¾Ð»Ñ Ð·Ð°Ð³ÑÑÐ·ÐºÐ¸ Ð¿ÑÐ¸Ð²Ð°ÑÐ½ÑÑ ÑÐ°Ð¹Ð»Ð¾Ð²
 *
 * @package energine
 * @subpackage core
 * @author pavka
 * @copyright ColoCall 2008
 * @version $Id: download.php,v 1.1 2008/04/10 16:12:06 pavka Exp $
 */
function getFile($filePath){
    $fileType = 'application/octet-stream';
    header("Cache-Control: public, must-revalidate");
    header("Pragma: hack"); // WTF? oh well, it works...
    header("Content-Type: " . $fileType);
    header("Content-Length: " .(string)(filesize($filePath)) );
    header('Content-Disposition: attachment; filename="'.basename($filePath).'"');
    header("Content-Transfer-Encoding: binary\n");
    readfile($filePath);
}

//ÐµÑÐ»Ð¸ Ð²ÑÐ·Ð²Ð°Ð»Ð¸ download.php Ð½Ð°Ð¿ÑÑÐ¼ÑÑ - Ð½Ð¸ÑÐµÐ³Ð¾ Ð½Ðµ Ð¿ÑÐ¾Ð¸ÑÑÐ¾Ð´Ð¸Ñ
if ($_SERVER['REQUEST_URI'] == $_SERVER['SCRIPT_NAME']) {
    die ();
}
$protectedMode = isset($_GET['protected']);

//Ð¿Ð¾Ð´ÐºÐ»ÑÑÐ°ÐµÐ¼ Ð½Ð°ÑÐ°Ð»ÑÐ½ÑÐµ Ð½Ð°ÑÑÑÐ¾Ð¹ÐºÐ¸
require_once('core/framework/ini.func.php');

//Ð·Ð°Ð³ÑÑÐ¶Ð°ÐµÐ¼ ÐºÐ¾Ð½ÑÐ¸Ð³ÑÑÐ°ÑÐ¸Ñ Ð´Ð»Ñ ÑÐ¾Ð³Ð¾ ÑÑÐ¾Ð±Ñ Ð¿Ð¾Ð»ÑÑÐ¸ÑÑ ÐºÐ¾Ð½ÑÐ¸Ð³ÑÑÐ°ÑÐ¸Ð¾Ð½Ð½Ð¾Ðµ Ð·Ð½Ð°ÑÐµÐ½Ð¸Ðµ ÐºÐ¾ÑÐ½Ñ ÑÐ¸ÑÑÐµÐ¼Ñ
SystemConfig::load();

//Ð¿Ð¾Ð»ÑÑÐ°ÐµÐ¼ Ð¿ÑÑÑ Ðº ÑÐ°Ð¹Ð»Ñ
$filePath = str_replace(SystemConfig::_getConfigValue('site.root'), '', $_SERVER['REQUEST_URI']);

//ÐµÑÐ»Ð¸ ÑÐ°Ð¹Ð» Ð½Ðµ ÑÑÑÐµÑÑÐ²ÑÐµÑ - ÑÐ¾Ð¾Ð±ÑÐ°ÐµÐ¼ Ð¾Ð± ÑÑÐ¾Ð¼
if (!file_exists($filePath)) {
    die('File doesn\'t exist');
}
if (!$protectedMode) {
    //Ð¡ÑÐ°ÑÑÑÐµÐ¼ ÑÐµÑÑÐ¸Ñ
    UserSession::getInstance()->start();

    //Ð¡Ð¾Ð·Ð´Ð°ÐµÐ¼ Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ
    $user = AuthUser::getInstance();

    //ÐµÑÐ»Ð¸ Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ Ð°ÑÑÐµÐ½ÑÐ¸ÑÐ¸ÑÐ¸ÑÐ¾Ð²Ð°Ð½ - Ð²ÑÐ´Ð°ÐµÐ¼ ÑÐ°Ð¹Ð»
    if ($user->isAuthenticated()) {
        getFile($filePath);
    }
    else {
    	die('File is accesible only for site users');
    }
}
else {
    getFile($filePath);
}