. **/ require_once("../config/config.php"); if(isset($_GET['token'])){ $sql=$db->prepare("SELECT COUNT(id) AS count, id, name, extension FROM files WHERE token=:token"); $sql->execute(array(":token"=>$_GET['token'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']<1){ echo "Not found"; die(); } else{ if($res['extension']=="txt"){ header("Content-type: text/plain"); } else if($res['extension']=="js"){ header("Content-type: text/javascript"); } else if($res['extension']=="css"){ header("Content-type: text/css"); } else if($res['extension']=="html"){ header("Content-type: text/html"); } else if($res['extension']=="gif"){ header("Content-type: image/gif"); } else if($res['extension']=="png"){ header("Content-type: image/png"); } else if($res['extension']=="jpg" || $res['extension']=="jpeg"){ header("Content-type: image/jpeg"); } else if($res['extension']=="bmp"){ header("Content-type: image/bmp"); } else if($res['extension']=="pdf"){ header("Content-type: application/pdf"); } else{ header("Content-type: application/octet-stream"); header("Content-disposition: attachment; filename='".$res['name'].".".$res['extension']."'"); } $path="./files/".$res['id']; readfile($path); die(); } }