<?
/******************************************************************************
# Copyright notice
#
# This file is part of Wiki-Map project [http://wiki-map.sourceforge.net/]
# Wiki-Map is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.
#
# The GNU General Public License can be found at
# http://www.gnu.org/copyleft/gpl.html.
# A copy is found in the textfile GPL and important notices to the
# license from the team is found in the textfile LICENSE distributed
# with these scripts.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# This copyright notice MUST APPEAR in all copies and derivatives of the script!
#*********************************************************************************
# $Source: /cvsroot/wiki-map/htdocs/getf.php,v $
# $Header: /cvsroot/wiki-map/htdocs/getf.php,v 1.1 2005/11/22 05:12:37 soumya42 Exp $
# $Author: soumya42 $
# All PHP scripts requires
dss.php # DSS has global variables setup, and some common scripts
codepage.php # Includes all user prompts declared as variable string for internatiolization
authorize.php # Check authorization for running the program
All these scripts are referenced from /htdocs/ directory
# Global database variables (Defined in dss.php)
#
# $host - Database host
# $db_base - Database name
# $db_owner - Database user
# $db_passwd - Database password
#
# ------------------- Your program should come below this --------------------------- -->
*/
header("Cache-Control:no-cache");
if ( !isset($_COOKIE['login'])){
// -------------- You have to log in to access this page ---------------
header("Location:login.php?st=require&rt=".$_SERVER[PHP_SELF]);
exit();
}
require_once('config.php');
if (!isset($_GET['id'])){
?>
<html>
<head>
<style type="text/css">
@import url(wikimap.css);
</style>
<title>Wiki-Map: File Download</title>
</head>
<body>
<? Echo "User: ".$_COOKIE['name']; ?>
<H2>Download files from server </H2><hr>
<?
function cdtu2e($dt) { // Change date format unix to Indian
$y = substr($dt,0,4);
$m = substr($dt,5,2);
$d = substr($dt,8,2);
return $d.'/'.$m.'/'.$y;
} // cdtu2e
$db = mysql_connect($db_host, $db_owner, $db_passwd);
if (!$db) {
die('Could not connect: ' . mysql_error());
exit;
}
$sdb = mysql_select_db($db_base,$db) or die("Err:DB ".mysql_error()."<BR>");
echo $sql."<BR>";
$sql = "SELECT groups FROM user WHERE logname='".$_COOKIE['login']."';";
$result = mysql_query($sql);
/* -------- User groups -----------------
adm - admin group: Grant priviledges to other, also has other powers
sup - Super user: Modify, delete others file
mem - Confirmed member: Add, view, modify own info
ver - Verified by email confirmation
uc - unconfirmed new user : Add info with moderation, but can't view
ban - all postings removed from listing
---------------------------------------------- */
//Get groups
if(mysql_num_rows($result) != 0) {
list($group) = mysql_fetch_array($result);
} else {
echo "Login is corrupt <br>";
exit;
}
// Check authorization
if ($group == 'uc') {
echo "<H1>You do not have authorization for this!</H1><BR>";
echo "[$group] Contact system administrator ... <BR>";
exit;
}
//Get file names
$sql = "SELECT maps.id,maps.desc, maps.fname, maps.type, maps.size, maps.uploaded, maps.valid_fr, maps.valid_upto, ".
"user.f_name, user.l_name FROM maps,user WHERE ((maps.contributor=user.logname) && (user.groups <> 'ban'));";
$result = mysql_query($sql);
echo "<TABLE><TR><TH>Type</TH><TH>Description</TH><TH>File Name</TH><TH> UPLOADED ON </TH><TH>Contributor</TH></TR>";
while(list($id,$desc,$fname,$ftype,$fsize,$fdate,$v_fr,$v_to,$own,$own2) = mysql_fetch_array($result))
{
$ficon = "unknown.png"; //icontype($ftype);
if (preg_match('/image/',$ftype)) {$ficon = "image2.png";}
if (preg_match('/pdf/',$ftype)) {$ficon = "pdf.png";}
if (preg_match('/text/',$ftype)) {$ficon = "text.png";}
if (preg_match('/compressed/',$ftype)) {$ficon = "compressed.png";}
$ficon = "<IMG SRC='pics/".$ficon."' height=20 width=20>";
$d_fr = cdtu2e($v_fr);
$d_to = cdtu2e($v_to);
$fkb = round($fsize / 1000);
$d_up = substr($fdate,6,2).'/'.substr($fdate,4,2).'/'.substr($fdate,0,4);
echo "<TR><TD>$ficon</TD>".
"<TD>$desc<BR><FONT SIZE= -2> Validity: $d_fr to $d_to, Size: $fkb KB</FONT></TD>".
"<TD><A HREF='$_SERVER[PHP_SELF]?id=$id'>$fname</A></TD>".
"<TD>$d_up</TD><TD><FONT SIZE=-1>$own $own2</FONT></TD></TR>";
}
echo "</TABLE><HR><H3><A HREF='index.html'>Home</A></H3>";
?>
</body>
</html>
<?php
} else {
//places files into server
$db = mysql_connect($db_host, $db_owner, $db_passwd);
if (!$db) {
die('Could not connect: ' . mysql_error());
exit;
}
$sdb = mysql_select_db($db_base,$db) or die("Err:DB ".mysql_error()."<BR>");
$id = $_GET['id'];
$query = "SELECT fname, type, size, image FROM maps WHERE id = '$id'";
$result = mysql_query($query) or die('Error, query failed');
list($name, $type, $size, $content) = mysql_fetch_array($result);
header("Content-length: $size");
header("Content-type: $type");
header("Content-Disposition: attachment; filename=$name");
echo $content;
}
?>
<!--
#---------------------------- End of program --------------------------------------------
# $Log: getf.php,v $
# Revision 1.1 2005/11/22 05:12:37 soumya42
# File download - new addition
#
#
-->