Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- define('DIR_DOWNLOAD','../arquivos/');
- $arquivo = $_GET['arquivo'];
- if(stripos($arquivo, './') !== false || stripos($arquivo, '../') !== false){
- exit('Operação DOWNLOAD inválida');
- }
- $arquivo = DIR_DOWNLOAD.$arquivo;
- if(!file_exists($arquivo)){
- exit('Operação DOWNLOAD inválida');
- }
- header('Content-type: octet/stream');
- header('Content-disposition: attachment; filename="'.basename($arquivo).'";');
- header('Content-Length: '.filesize($arquivo));
- readfile($arquivo);
- exit;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement