Please keep in mind that .mpp files are the only file types that are not functioning properly. The programming works for all the other file types I have in my array. (.xls, ppt, pdf etc.) File types are added to a config.php file.
So with that in mind here is my code.
download.php
[php]<?php
if (!@ include_once ("./inc/auth.php"))
include_once ("…/inc/auth.php");
if (isset ($_GET[‘filename’]))
$filename = stripslashes($_GET[‘filename’]);
if ($AllowDownload) {
print “<table align=“center” class=“menu” cellpadding=“2” cellspacing=“0”>”;
print “\n\t
”;
if ($AllowAdmin)
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&path=" . htmlentities(rawurlencode($path)) . “&action=admin” class=“fade”><img class=“absmiddle” src=“gfx/nav_admin_panel.png” width=“140” height=“32” alt="$StrMenuAdmin" border=“0”> “;
print “<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&path=” . htmlentities(rawurlencode($path)) . “” class=“fade”><img class=“absmiddle” src=“gfx/nav_file_browser.png” width=“140” height=“32” alt="$StrUserDir" border=“0”> “;
if ($AllowCreate)
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&path=” . htmlentities(rawurlencode($path)) . “&action=create&type=directory” class=“fade”><img class=“absmiddle” src=“gfx/nav_new_folder.png” width=“140” height=“32” alt="$StrMenuCreateFolder" border=“0”> “;
if ($AllowCreate)
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&path=” . htmlentities(rawurlencode($path)) . “&action=create&type=file” class=“fade”><img class=“absmiddle” src=“gfx/nav_new_file.png” width=“120” height=“32” alt="$StrMenuCreateFile" border=“0”> “;
if ($AllowUpload)
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&path=” . htmlentities(rawurlencode($path)) . “&action=upload” class=“fade”><img class=“absmiddle” src=“gfx/nav_upload_files.png” width=“140” height=“32” alt="$StrMenuUploadFiles" border=“0”> “;
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$_SERVER[PATH_TRANSLATED]” class=“fade”><img class=“absmiddle” src=“gfx/nav_refresh_page.png” width=103 height=32 alt="$StrMenuRefreshPage" border=“0”> “;
print “\n\t\t<td style=“padding: 0 4px 0 4px;”><a href=”$base_url&action=logout” class=“fade”><img class=“absmiddle” src=“gfx/nav_log_out.png” width=“106” height=“32” alt="$StrMenuLogOut" border=“0”> “;
print “\n\t
”;
print “\n
\n\n”;
print “<table align=“center” class=“cap”>”;
print “\n\t
”;
print “\n\t\t<td class=“capLeft” align=“left”>”;
print “\n\t\t<td align=“center” style=“vertical-align: bottom;”>”;
print “<font class=“statusWrap”><font class=“status”> $StrDownload “” . htmlentities($filename) . “” “;
print “\n\t\t<td class=“capRight” align=“right”>”;
print “\n\t
”;
print “\n”;
print “\n<table align=“center” class=“container”>
<td align=“center” class=“container”>”;
print “\n\t<table align=“center” class=“content”>
<td valign=“top”>”;
print “<div align=“center” style=“margin-bottom: 40px;”>
<img src=“gfx/download.gif” width=“25” height=“24” alt=”$StrDownloadFile” border=“0”>
”;
print “<div style=“font-weight: normal”>$StrDownloadClickLink
”;
print “<a href=“inc/libfile.php?path=” . htmlentities(rawurlencode($path)) . “&filename=” . htmlentities(rawurlencode($filename)) . “&action=download”>”;
print “” . htmlentities($path . $filename);
print “
”;
print “<div style=“margin-top: 40px;”><a href=”$base_url&path=” . htmlentities(rawurlencode($path)) . “”><img class=“absmiddle” src=“gfx/button_cancel.png” alt="$StrCancel" width=“122” height=“27” border=“0”>";
print " “;
print “<a href=“inc/libfile.php?path=” . htmlentities(rawurlencode($path)) . “&filename=” . htmlentities(rawurlencode($filename)) . “&action=download”><img class=“absmiddle” src=“gfx/button_download.png” alt=”$StrYes” width=“145” height=“27” border=“0”>";
print “”;
print “\n\t
”;
print “\n\n\n”;
}
else
print “<div class=“msg_alert”><img class=“absmiddle” src=“gfx/icon_alert.png” width=“36” height=“32” alt=”$StrUserAlert" border=“0”> $StrAccessDenied";
?>[/php]
libfile.php
[php]<?php
if (!@ include_once ("./inc/auth.php"))
include_once ("…/inc/auth.php");
include ("…/config.php");
include ("…/inc/functions.php");
include ("…/lang/$language.php");
session_save_path($session_save_dir);
if (isset ($_GET[‘path’]) && $_GET[‘path’] != ‘’)
$path = validate_path($_GET[‘path’]);
if (!isset ($path))
$path = FALSE;
if ($path == “./” || $path == “.\” || $path == “/” || $path == “\”)
$path = FALSE;
if (isset ($_GET[‘filename’]))
$filename = basename(stripslashes($_GET[‘filename’]));
if ($AllowDownload || $AllowView) {
if (empty ($home_directory)) {
if (!empty ($_SESSION[‘home_directory’]))
$home_directory = $_SESSION[‘home_directory’];
}
if (isset ($_GET[‘filename’]) && isset ($_GET[‘action’]) && is_file($home_directory . $path . $filename) || is_file("…/" . $home_directory . $path . $filename)) {
if (is_file($home_directory . $path . $filename) && !strstr($home_directory, “./”) && !strstr($home_directory, “.\”))
$fullpath = $home_directory . $path . $filename;
else
if (is_file("…/" . $home_directory . $path . $filename))
$fullpath = “…/” . $home_directory . $path . $filename;
if (!$AllowDownload && $AllowView && !is_viewable_file($filename)) {
print “$StrAccessDenied”;
exit ();
}
if ($HTTPS)
header(“Pragma:”);
header(“Content-Type: " . get_mimetype($filename));
header(“Content-Length: " . filesize($fullpath));
if ($_GET[‘action’] == “download”)
;
//header(“Content-Disposition: attachment; filename=$filename”);
header(“Content-Disposition: attachment; filename=””.$filename.”";" );
readfile($fullpath);
}
else
print “$StrDownloadFail”;
}
?>[/php]
functions.php
This file does a number of different functions. I have only posted code that may be relevant to the issue.
[php]function is_valid_name($input)
Checks whether the directory- or filename is valid
{
if (strstr($input, "\\"))
return FALSE;
else
if (strstr($input, "/"))
return FALSE;
else
if (strstr($input, ":"))
return FALSE;
else
if (strstr($input, "?"))
return FALSE;
else
if (strstr($input, "*"))
return FALSE;
else
if (strstr($input, "\""))
return FALSE;
else
if (strstr($input, "<"))
return FALSE;
else
if (strstr($input, ">"))
return FALSE;
else
if (strstr($input, "|"))
return FALSE;
else
return TRUE;
}
function get_current_zoom_level($current_zoom_level, $zoom)
Get current zoom level
{
global $ZoomArray;
reset($ZoomArray);
while (list($number, $zoom_level) = each($ZoomArray))
if ($zoom_level == $current_zoom_level)
if (($number + $zoom) < 0)
return $number;
else
if (($number + $zoom) >= count($ZoomArray))
return $number;
else
return $number + $zoom;
}
function validate_path($path)
Validate path
{
global $StrAccessDenied;
if (stristr($path, "../") || stristr($path, "..\\"))
return TRUE;
else
return stripslashes($path);
}
function get_mimetype($filename)
Get MIME-type for file
{
global $MIMEtypes;
reset($MIMEtypes);
$extension = strtolower(substr(strrchr($filename, "."), 1));
if ($extension == "")
return "Unknown/Unknown";
while (list($mimetype, $file_extensions) = each($MIMEtypes))
foreach (explode(" ", $file_extensions) as $file_extension)
if ($extension == $file_extension)
return $mimetype;
return "Unknown/Unknown";
}
function get_linked_path($path, $base_url)
Get path with links to each folder
{
$string = " « <a href=\"$base_url\">Home</a> » ";
$array = explode("/", htmlentities($path));
unset ($array [count($array) - 1]);
foreach ($array as $entry) {
@ $temppath .= $entry . "/";
$string .= "<a href='$base_url&path=" . htmlentities(rawurlencode($temppath)) . "'>$entry</a> » ";
}
return $string;
}[/php]