query('SELECT a.*, i.*, it.typename, it.viewperm, it.replyperm, it.getattachperm FROM '.tname('attachments').' a LEFT JOIN '.tname('spaceitems').' i ON i.itemid=a.itemid LEFT JOIN '.tname('itemtypes').' it ON it.typeid=i.itemtypeid WHERE a.aid=\''.$aid.'\''); if($item = $_SGLOBAL['db']->fetch_array($query)) { if($_SGLOBAL['supe_uid'] != $item['uid'] && !empty($item['uid'])) { if($item['folder'] != 1) { messagebox('error', 'not_found'); } // removed by lwx at 2010-4-30 15:59 /* if(!checkfriend($item['getattachperm'], $item['uid'])) { messagebox('error', 'not_found'); } */ // added by lwx at 2010-4-30 15:59 // 向 UCH 请求好友分组信息并判断是否具有权限 dz_do_action('check_friend_grade_perm', $item['getattachperm'], $item['uid']); // end of hook } } else { messagebox('error', 'not_found'); } //积分 if(!empty($_SGLOBAL['supe_uid']) && empty($_SCONFIG['allowguestdownload'])) { include_once(S_ROOT.'./language/spacecp.lang.php'); include_once(S_ROOT.'./function/spacecp.func.php'); checkcredit('attachment', 1); batchcredit($_SGLOBAL['supe_uid'], 'attachment'); } $_SGLOBAL['db']->query('UPDATE '.tname('attachments').' SET downloads=downloads+1 WHERE aid=\''.$aid.'\''); // removed by lwx at 2009-4-28 10:03 //$filename = A_DIR.'/'.$item['filepath']; //if(is_readable($filename)) { //if(!empty($item['isimage'])) { // echo '

'; //} else { // removed by lwx at 2009-4-28 10:03 //header('Cache-control: max-age=31536000'); //header('Expires: '.gmdate('D, d M Y H:i:s', $_SGLOBAL['timestamp'] + 31536000).' GMT'); //header('Content-Encoding: none'); // added by lwx at 2009-4-28 10:06 header('Date: '.gmdate('D, d M Y H:i:s', $item['dateline']).' GMT'); header('Last-Modified: '.gmdate('D, d M Y H:i:s', $item['dateline']).' GMT'); header('Content-Encoding: none'); $item['filename'] = (strtolower($_SCONFIG['charset']) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE')) ? urlencode($item['filename']) : $item['filename']; // removed by lwx at 2009-4-28 10:13 //header('Content-Disposition: attachment; filename='.$item['filename']); //header('Content-Type: application/octet-stream'); // added by lwx at 2009-4-28 10:13 $attach_mimetype = get_mime_type($item['attachtype']); header('Content-type: '.$attach_mimetype); if (substr($attach_mimetype, 0, 5) == 'image') { header('Content-Disposition: inline; filename='.$item['filename']); } else { header('Content-Disposition: attachment; filename='.$item['filename']); } // added by lwx at 2009-4-28 10:01 dz_do_action('mogilefs_attachment_fetch', $item['filepath']); // end of hook if(!@readfile($filename)) { //兼容 @ob_end_clean(); if($fh = fopen($filename, 'rb')) { while(!feof($fh)) { echo fread($fh, 4096); flush(); @ob_flush(); } @fclose($fh); } } //} //} else { // messagebox('error', 'not_found'); //} ?>