<?php
/*
  utils.php

  ezgenerator utils 1.4
  http://www.ezgenerator.com

  Copyright (c) 2005 Image-line
*/

define('ER_FILENOTFOUND',1);
define('ER_NOFILE',2);
define('ER_BADFILEFORMAT',3);
define('STREAM_BUFFER',4096); // 4kb buffer per connection
define('STREAM_TIMEOUT',86400); // 24 hours timeout
define('USE_OB',false); // should it use ob_* block to wrap the flushed buffer

function abnormalExit($errCode) {
	switch ($errCode) {
		case ER_NOFILE:				$msg = 'File not specified'; break;
		case ER_FILENOTFOUND:		$msg = 'File not found'; break;
		case ER_BADFILEFORMAT:	    $msg = 'Illegal file format'; break;         	
		default:					$msg = 'Unknown error';	break;
	}
	die ('ERROR: '.$msg);
}

function getMIME($fileName) {
	switch(strtolower(substr(strrchr($fileName,"."),1))) {
  	case "zip": $contentType="application/zip zip"; break;
    case "mp3": $contentType="audio/mpeg"; break;
    case "pdf": $contentType="application/pdf"; break;
    case "txt": $contentType="text/plain"; break;
    case "htm": $contentType="text/html"; break;
    case "html": $contentType="text/html"; break;
    case "jpg": $contentType="image/jpeg"; break;
    case "jpeg": $contentType="image/jpeg"; break;
    case "gif": $contentType="image/gif"; break;
    default: $contentType="application/octet-stream";
   }
 return $contentType;
}

function return_file()
{
    $fileName = stripslashes($_GET['filename']);
    switch(strtolower(substr(strrchr($fileName,"."),1))) {
    case "php": abnormalExit(ER_BADFILEFORMAT);
    case "ezg": abnormalExit(ER_BADFILEFORMAT);
    }
    if (basename($fileName) != $fileName)  abnormalExit(ER_BADFILEFORMAT);
    $file = @fopen($fileName,'r') or abnormalExit(ER_FILENOTFOUND);

    $fileSize = filesize($fileName);

    /************** CHECK RANGE ****************/
    $partialContent = false;
    if (isset($_SERVER['HTTP_RANGE'])) {
        $rangeHeader = explode('-',substr($_SERVER['HTTP_RANGE'] , strlen('bytes=')));
	
        if ($rangeHeader[0] > 0) {
            $posStart = intval($rangeHeader[0]);
            $partialContent = true;
        }	else {
            $posStart = 0;
        }

        if ($rangeHeader[1] > 0) {
            $posEnd = intval($rangeHeader[1]);
            $partialContent = true;
        } else {
            $posEnd = $fileSize-1;
        }
    } else {
        $posStart = 0;
        $posEnd = $fileSize - 1;
    }
    /************** HEADERS ***************/
    header("Content-type: ".getMIME($fileName));
    header('Content-Disposition: attachment; filename="'.$fileName.'"');
    header("Content-Length: ".($posEnd - $posStart + 1));
    header('Date: '.gmdate('D, d M Y H:i:s \G\M\T',time()));
    header('Last-Modified: '.gmdate('D, d M Y H:i:s \G\M\T',filemtime($fileName)));
    header('Accept-Ranges: bytes');

    // cache prevention headers
    header("Cache-Control: post-check=0, pre-check=0", false);
    header("Pragma: no-cache");
    header("Expires: ".gmdate("D, d M Y H:i:s \G\M\T", mktime(date("H")+2, date("i"), date("s"), date("m"), date("d"), date("Y"))));

    // partial content headers
    if ($partialContent) {
        header("HTTP/1.0 206 Partial Content");
        header("Status: 206 Partial Content");
        header("Content-Range: bytes ".$posStart."-".$posEnd."/".$fileSize);
    }

    /************** DUMP *************/
    if (ini_get('safe_mode')) {
        fpassthru($file);
    }
    else
    {
        set_time_limit(STREAM_TIMEOUT);
        fseek($file, $posStart);
        if (USE_OB) ob_start();
        while (($posStart + STREAM_BUFFER < $posEnd) && (connection_status()==0)) {
            echo fread($file,STREAM_BUFFER);
            if (USE_OB) ob_flush();
            flush();
            $posStart += STREAM_BUFFER;
        }
        if (connection_status()==0) echo fread($file,$posEnd - $posStart + 1);
        if (USE_OB) ob_end_flush();
    }
    fclose($file);
}


function process_it()
{
   if (isset($_GET['action']))
   {
        $action = $_GET['action'];
        if ($action == 'download')  {return_file();}
        else if ($action == 'phpinfo')
        {
          if ((isset($_GET['pwd'])) && (crypt('admin',$_GET['pwd']) == 'llRanR22sJYds'))  { phpinfo();}
        }
   }
}

process_it();
?>