資料檔案都在資料庫裡而且都是從舊的原封不動複製過來
只是要去按該檔案下載按鈕時就會出現該圖片
以下是我下載頁面的程式碼
session_start();
include("MariaDB_connect.php");
$file_md5 = @$_GET['file'];
$token = @$_GET['token'];
$type = @$_GET['type'];
$download_token =$_SESSION['user_token'];
@$path = "";
if($file_md5 && $download_token == $token && $_SESSION['user_name']){
if($type == "Malware"){
$sql = "SELECT * FROM file WHERE file_md5 = '".$file_md5."'";
}else if($type == "Report"){
$sql = "SELECT * FROM file_report WHERE report_md5 = '".$file_md5."'";
}
$result = mysql_query($sql);
$file_row = mysql_fetch_array($result);
$user_sql = "SELECT * FROM user WHERE user_name = '".$_SESSION['user_name']."'";
$user_result = mysql_query($user_sql);
$user_row = mysql_fetch_array($user_result);
if($type == "Malware"){//程式下載
$downloadstats_sql = "INSERT INTO file_downloadstats (file_id, user_id) VALUES ('".$file_row['file_id'] ."', '".$user_row['user_id']."')";
}else if($type == "Report"){//報告下載
$downloadstats_sql = "INSERT INTO report_downloadstats (report_id, user_id) VALUES ('".$file_row['report_id'] ."', '".$user_row['user_id']."')";
}
if(!mysql_query($downloadstats_sql)){
echo "無法下載";
}else{
//if($file_md5){
//解密後下載
//if($filename = $file_row['file_name']){
if($type == "Malware"){
$passphrase['a'] = $file_row['file_key'];//加密KEY
$filename = $file_md5;
$save_filename = $filename.'.'.$file_row['file_extension'];
$path = './file/'.$file_row['file_name'].'.d';
}else if($type == "Report"){
$passphrase['a'] = $file_row['report_key'];//加密KEY
$save_filename = $file_row['report_name'];
$path = './file/report/'.$file_row['report_md5'].'.d';
}
$iv = substr(md5('iv'.$passphrase['a'], true), 0, 8);
$key = substr(md5($passphrase['a'], true) . md5($passphrase['a'], true), 0, 24);
$opts = array('iv'=>$iv, 'key'=>$key);
$fp = fopen($path, 'rb');
stream_filter_append($fp, 'mdecrypt.tripledes', STREAM_FILTER_READ, $opts);
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename="'.$save_filename.'"');
$blocksize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, 'cbc');
//$data = rtrim(stream_get_contents($fp),"\0");
$data = stream_get_contents($fp);
//print_r($data);
$save_file = fopen('downtemp.d', 'wb');
fwrite($save_file, $data);
fclose($save_file);
while(true){
if($type == "Malware"){
$md5 = $file_row['file_md5'] ;
}else if($type == "Report"){
$md5 = $file_row['report_md5'] ;
}
if($md5 == md5_file('downtemp.d')){
$fps = fopen('downtemp.d', 'rb');
print_r(stream_get_contents($fps));
fclose($fps);
break;
}else{
//fwrite($save_file, "\0");
$save_file = fopen('downtemp.d', 'wb');
$data = substr($data,0,-1);
fwrite($save_file, $data);
fclose($save_file);
}
}
fclose($fp);
unlink('downtemp.d');
}
}else if ($file_md5 && $_SESSION['user_name'] && $download_token != $token){
header('refresh: 0;url="index.php?page=malware"');
}else{
//echo " token is not valid";
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
}
?>
已邀請的邦友 {{ invite_list.length }}/5
iThome鐵人賽
看影片追技術