aj
/
chamilo-lms2


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
							<?php
/* For licensing terms, see /license.txt */
/**
 * Download script for course info
 * @package chamilo.course_info
 */
/**
 * Code
 */
require_once '../inc/global.inc.php';
$this_section = SECTION_COURSES;

if (isset($_GET['session'])) {
    $archive_path = api_get_path(SYS_ARCHIVE_PATH).'temp/';
    $_cid = true;
    $is_courseAdmin = true;
} else {
    $archive_path = api_get_path(SYS_ARCHIVE_PATH);
}

$archive_file = $_GET['archive'];
$archive_file = str_replace(array('..', '/', '\\'), '', $archive_file);

list($extension) = FileManager::getextension($archive_file);

if (empty($extension) || !file_exists($archive_path.$archive_file)) {
    exit;
}

$extension = strtolower($extension);
$content_type = '';

if (in_array($extension, array('xml', 'csv')) && (api_is_platform_admin(true) || api_is_drh())) {
    $content_type = 'application/force-download';
} elseif ($extension == 'zip' && $_cid && (api_is_platform_admin(true) || $is_courseAdmin)) {
    $content_type = 'application/force-download';
}

if (empty($content_type)) {
    api_not_allowed(true);
}

if (Security::check_abs_path($archive_path.$archive_file, $archive_path)) {
    header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
    header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
    header('Cache-Control: public');
    header('Pragma: no-cache');
    header('Content-Type: '.$content_type);
    header('Content-Length: '.filesize($archive_path.$archive_file));
    header('Content-Disposition: attachment; filename='.$archive_file);
    readfile($archive_path.$archive_file);
    exit;
} else {
    api_not_allowed(true);
}