<?
# auto download script
# copyright 2001 <antonio.bonifati@polimi.it>

//define('WWWHOME', '/u/www.polimi.it/htdocs');
define('WWWHOME', '');

function stripPointPoint(&$path)
{
   $path=str_replace('../', '', $path);
   $path=str_replace('..', '', $path);   
   $path = str_replace('/pubblicazioni', '', $path);
   
   return $path;
}

# strip ../ and .. from $f for security reasons
$f = $_REQUEST['f'];
$f = stripPointPoint($f);
# $bf is the basename of the file
# and $pf the complete path on server

$bf=basename($f);
$pf=WWWHOME.$f;
error_log("errore " . $pf);
error_log("errore2 " . $bf);
error_log("f " . $f);
# send HTTP headers
header("Content-type: application/octet-stream; name=\"$bf\"");
header("Content-disposition: attachment; filename=\"$bf\"");
header("Content-Length: ". filesize($f));

# send file
@readfile($f);
?>