blob: 0a38aeef58b38af0a8e1d6ba5db4c2213a2bf748 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/session.php";
if (!isset($_GET['i'])) {
die();
}
if (strpos($_GET['i'], ".") !== false || strpos($_GET['i'], "/") !== false) {
die();
}
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/" . $_GET['i'] . ".png")) {
$file = $_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/" . $_GET['i'] . ".png";
} else {
$file = $_SERVER['DOCUMENT_ROOT'] . "/data/films/poster/\$default\$.png";
}
header('Content-Description: File Transfer');
header('Content-Type: ' . mime_content_type($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
ob_clean();
flush();
readfile($file);
exit;
|
