<?php
error_reporting(0);
session_cache_limiter('public');
require_once('inc/init.php');

$host_referer = parse_url($_SERVER['HTTP_REFERER']);
$host_server = $_SERVER['HTTP_HOST'];
if(($pos = strpos($host_server, ':')) !== FALSE) {
	$host_server = substr($host_server, 0, $pos);
}
if( $_SERVER['HTTP_REFERER'] && !($host_referer['host'] == $host_server)) {
	printMsg('attach_referer_err');
}

if(!isLogin()){
	printMsg('attach_login');
}

$id = empty($_GET['id']) ? 0 : intval($_GET['id']);

if(empty($id)){
	printMsg('attach_notexist');
}

if(getPopedom(13)==0){
	printMsg('popedom_13');
}

$row=$db->row_select_one("attachments","id={$id}");
if(empty($row)){
	printMsg('attach_notexist');
}

$filepath="uploadfile/attachment/".$row['filepath'];
if(!file_exists($filepath)){
	printMsg('attach_notexist');
}

$filename=stristr($_SERVER['HTTP_USER_AGENT'], 'MSIE')?urlencode($row['filename']):$row['filename'];


ob_end_clean();
_header_('Content-Encoding: none');
_header_('Content-Type: application/octet-stream');
_header_('Content-Disposition: attachment; filename="'.$filename.'"');
_header_('Content-Length: '.filesize($filepath));


getlocalfile($filepath,1);
updateCredits($lg['userid'], 'downvar');


function getlocalfile($filename, $readmod = 2, $range = 0) {
	if($readmod == 1 || $readmod == 3 || $readmod == 4) {
		if($fp = @fopen($filename, 'rb')) {
			@fseek($fp, $range);
			if(function_exists('fpassthru') && ($readmod == 3 || $readmod == 4)) {
				@fpassthru($fp);
			} else {
				echo @fread($fp, filesize($filename));
			}
		}
		@fclose($fp);
	} else {
		@readfile($filename);
	}
	@flush(); @ob_flush();
}

?>