| 123456789101112131415161718192021222324 |
- <?php
- //這個 PHP 只限用於載入用家自己的資料。要載入別人的帖子請不要用這個 PHP
- include_once("../auth.php");//避免有人直接 Call 此 PHP 檔
- $dataStorage = $sysConfigDir . '/userdata/' . $_SESSION['login'] . "/";
- if (isset($_GET['filename']) && $_GET['filename'] != ""){
- $filename = $_GET['filename'];
- $filename = str_replace("../","",$filename); //避免被退出
- //檢查此檔案是否存在
- if (file_exists($dataStorage . $filename)){
- echo realpath($dataStorage . $filename);
- header('X-Sendfile: ' . realpath($dataStorage . $filename));
- header('Content-Type: ' . mime_content_type(realpath($dataStorage . $filename)));
- }else{
- //檔案不存在
- http_response_code(404);
- die();
- }
-
- }else{
- http_response_code(400);
- die();
- }
- ?>
|
