<?php
/* +----------------------------------------------------------------------+
   | Netautor Professional Application Server                             |
   +----------------------------------------------------------------------+
   | Copyright (C) 1998-2005 digiconcept GmbH. <www.digiconcept.net>      |
   +----------------------------------------------------------------------+
   | This file is subject to license, that is bundled with this package   |
   | in the file LICENSE.TXT, and is available at through the             |
   | world-wide-web at http://www.netautor.com/license/                   |
   |                                                                      |
   | If you did not receive a copy of the license and are unable to       |
   | obtain it through the world-wide-web, please send a note to          |
   | hide@address.com so we can mail you a copy.                      |
   +----------------------------------------------------------------------+
   | Authors: Stefan Rottensteiner <hide@address.com>    |
   |          Marek  Kadziela      <hide@address.com>	      |
   |          Gregor Wollner                                              |
   |          Christian Unger                                             |
   |          Helli  Kleinhans  									      |
   +----------------------------------------------------------------------+*/

	/**
	 * Netautor ImageWrapper
	 * @version $Revision: 1.5 $
	 */

	error_reporting(0);
	if(strstr($filename,'='))
	{
		//	---	include necessary functions
		//	---	read configuration 4 pool
		include_once ('../../config/pool.conf');

		if(empty($pool))
		{
			@Header('Content-Type: text/plain');
			die('Error: No MultiMedia-Pool definition detected !');
		}

		$name=substr($filename,0,strpos($filename,'='));
		$path=substr($filename,strpos($filename,'=')+1);

		if(!isset($pool[$name]) || empty($pool[$name]))
		{
			@Header('Content-Type: text/plain');
			die("Error: Pool '".$name."' not defined in pool.conf! ");
		}

		$filename=$pool[$name].$path;
	}

	$filename 		= str_replace('//','/',$filename);

	if(!is_file($filename))
	{
		@Header('Content-Type: text/plain');
		die('Error: File not found');
	}

	/* Check 4 bad file extensions. Immediat silent exit if file seems to not be a standard file to download */
	$fileextension	= trim(strtolower(substr($filename,1+(strrpos($filename,'.')))));
	$exclude		= array('php'=>true	,'php3'=>true	,'php4'=>true	,'phtml'=>true	,'conf'=>true,
							'cfg'=>true	,'ini'=>true	,'init'=>true	,'bat'=>true	,'exe'=>true,
							'dll'=>true	,'asp'=>true	,'dat'=>true	,'fnc'=>true	,'inc'=>true,
							'c'=>true	,'d'=>true	);

	if(empty($fileextension) || isset($exclude[$fileextension]) || !strrpos($filename,'.'))
	{
		@Header('Content-Type: text/plain');
		die('Error: File disallowed');
	}

	if(file_exists($filename))
	{
		$info		=array();
		include_once ('../include/functions/filetype.fnc');
		ext2mime($filename,$info);
		$mimetype	= (strpos($info['mimetype'],'/')?'image/jpeg':$info['mimetype']);
		$filesize	= filesize($filename);
		Header('Content-Disposition: inline; filename="'.basename($filename).'" ; size='.$filesize );
		if (empty($info['description'])) Header('Content-Description: '.$info['description']);
		Header('Content-Type: '.trim($mimetype));
		Header('Content-Length: '.$filesize);
		readfile($filename);
	}
	else
	{
		@Header('Content-Type: text/plain');
		echo 'Error: File not found !('.$filename.')';
	}
	exit();
?>