Zubrag.com
May 22, 2012, 05:28:49 am *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
Zubrag.com :: Forum > zubrag.com > Questions About Our Scripts > Smart File Download > Specify Sub Directories With Smart File Download
Pages: [1]
  Print  
Author Topic: Specify Sub Directories With Smart File Download  (Read 1872 times)
mtg
Newbie
*
Posts: 15
« on: April 14, 2009, 08:37:44 am »
Is there anyway to specify the exact sub directory a file is in? Right now the script is just searching for the file name passed in the URL and uses the first file it finds with that name. This is a problem for me because I have sub directories that have files with the same names and it always gets the first file it finds with the file name specified. I have been using links like this:
http://www.mysite.com/download.php?f=/subdir/anothersubdir/filename.pdf

The sub directories specified appear to be ignored entirely. Is there anyway to specify the exact sub directory to search rather than searching everything in the base directory and returning the first file name found?
Logged
mtg
Newbie
*
Posts: 15
« Reply #1 on: April 14, 2009, 09:57:19 am »
I was able to resolve this by deleting the find_file function. All of this from line 87-115 was replaced:

Code:
// Get real file name.
// Remove any path info to avoid hacking by adding relative path, etc.
$fname = basename($_GET['f']);

// Check if the file exists
// Check in subfolders too
function find_file ($dirname, $fname, &$file_path) {

  $dir = opendir($dirname);

  while ($file = readdir($dir)) {
    if (empty($file_path) && $file != '.' && $file != '..') {
      if (is_dir($dirname.'/'.$file)) {
        find_file($dirname.'/'.$file, $fname, $file_path);
      }
      else {
        if (file_exists($dirname.'/'.$fname)) {
          $file_path = $dirname.'/'.$fname;
          return;
        }
      }
    }
  }

} // find_file

// get full file path (including subfolders)
$file_path = '';
find_file(BASE_DIR, $fname, $file_path);


Replaced the above with the following, and if you are passing directories in the URL, you can now read them and give absolute paths to the file instead of the script trying to just search for the first file with the file name specified:

Code:
// Get the name and path of the file and set the exact file path to the file
$fname = basename($_GET['f']);
$fpath = dirname($_GET['f']);
$file_path = "".BASE_DIR."".$fpath."/".$fname."";


There are security issues with this and parent directories can be traversed, so it's recommended to remove unwanted characters from the $file_path like ../ to prevent directory traversal.
Logged
mtg
Newbie
*
Posts: 15
« Reply #2 on: April 14, 2009, 11:06:44 am »
Regarding the security issues, this code can be added AFTER the above modified code. I am not sure if this will prevent all attacks. You could also use regular expressions or even check the length of dirname.

Code:
//Remove unwanted characters to prevent directory traversal
$unwantedchars = array("..", "../", "..\\", "%2e%2e%2f", "%2e%2e/", "..%2f", "%2e%2e%5c", "%c1%1c", "%c0%9v", "%c0%af");
$file_path = str_replace($unwantedchars, "", $file_path);

//Set to the real path to return canonicalized absolute pathname
$file_path = realpath($file_path);
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC