milfs/images/secure/index.php

50 lines
1.2 KiB
PHP
Raw Normal View History

2014-09-25 15:46:41 +00:00
<?php
session_start();
// Comprobamos si existe la variable
/*if ( !isset ( $_SESSION['id'] ) ) {
2020-03-17 21:22:06 +00:00
// Si no existe
2014-09-25 15:46:41 +00:00
header("Location: ../nodisponible.jpg");
// echo "hola mundo2";
}*/
2015-03-09 20:09:52 +00:00
if(!isset($_GET['file']) ){
2014-09-25 15:46:41 +00:00
header("Location: ../sinimagen.jpg");
2020-03-17 21:22:06 +00:00
2014-09-25 15:46:41 +00:00
}
include("../../includes/datos.php");
$dir="$path_images_secure/";
2014-09-25 15:46:41 +00:00
if ((!$file=realpath($dir.$_GET['file']))
|| strpos($file,realpath($dir))!==0 || substr($file,-4)=='.php'){
//header('HTTP/1.0 404 Not Found');
2018-07-18 10:48:05 +00:00
header("Location: ../sinimagen.jpg?");
2014-09-25 15:46:41 +00:00
exit();
}
$ref=@$_SERVER['HTTP_REFERER'];
if (strpos($ref,'https://')===0 || strpos($ref,'https')!==0){
2014-09-25 15:46:41 +00:00
$mime=array(
2020-03-17 21:22:06 +00:00
'JPEG'=>'image/jpeg',
'JPG'=>'image/jpeg',
2014-09-25 15:46:41 +00:00
'jpg'=>'image/jpeg',
2020-03-17 21:22:06 +00:00
'jpeg'=>'image/jpeg',
2014-09-25 15:46:41 +00:00
'png'=>'image/png',
2020-03-17 21:22:06 +00:00
'PNG'=>'image/png',
2014-09-25 15:46:41 +00:00
'mid'=>'audio/x-midi',
'wav'=>'audio/x-wav'
);
if(@$mime[substr($file,-3)] =='') {
2015-03-09 20:09:52 +00:00
header('Location: ../pixel.png');
2020-03-17 21:22:06 +00:00
2015-03-09 20:09:52 +00:00
exit();
}
2014-09-25 15:46:41 +00:00
$stat=stat($file);
header('Content-Type: '.$mime[substr($file,-3)]);
header('Content-Length: '.$stat[7]);
header('Last-Modified: '.gmdate('D, d M Y H:i:s',$stat[9]).' GMT');
readfile($file);
exit();
}
header('Pragma: no-cache');
header('Cache-Control: no-cache, no-store, must-revalidate');
include($file.'.php');
?>