I have already implemented direct downloads in my forum by inserting the following piece of code inside download/file.php
FIND
Code: Select all
// Now the tricky part... let's dance
Code: Select all
// Read and write for owner, read for everybody else
chmod($filename, 0644);
// Set expire time
// size (MB) * 180s or 180s
$exp = max(intval($size/1024/1024*180), 180);
$dir = time().'_'.$exp.'_'.$user->data['session_id'].'_'.rand();
if(!mkdir('./tmp/'.$dir)){
echo 'Something went wrong creating a directory named "'. $dir .'"';
return 0;
}
$real_filename = htmlspecialchars_decode($attachment['real_filename']);
symlink('../../../files/'.$attachment['physical_filename'], './tmp/'.$dir.'/'.$real_filename) or die("Unable to create download link");
// Close the db connection before sending the file
$db->sql_close();
$entities = array('%25', '%5C', '%3F', '%23', '%5B', '%5D');
$replacements = array( "%", "\\", "?", "#", "[", "]" );
header('Location: ./tmp/'.$dir.'/'.str_replace($replacements, $entities, $real_filename));
file_gc();
Code: Select all
#! /bin/bash
time=`date +%s`
cd '/home/user/public_html/phpBB/download/tmp/'
#echo $time
for folder in $(ls -d */)
do
#echo "$folder"
IFS="_"
name=( $folder )
t=${name[0]}
d=${name[1]}
if [ "$time" -gt "$((t + d))" ]; then
#echo "$folder"
rm -rf "$folder"
fi
done
And last but not least a .htaccess file inside the tmp directory with the following content:
Code: Select all
Options -Indexes
<Files clean.sh>
order deny,allow
deny from all
</Files>