file_raw.php

   1 <?php
   2
   3 include_once("auth.php");
   4 include_once("time.php");
   5
   6 if (!$_GET["file_id"])  { die("No File Name Sent"); }
   7
   8 $_GET["file_id"] = mysql_real_escape_string($_GET["file_id"]);
   9
  10 if($role == 0 ) {
  11         $sql = 'select file_1, user_id from files where file_id ='.$_GET["file_id"];
  12 } else {
  13         $sql = 'select file_1, user_id from files where file_id ='.$_GET["file_id"].' and user_id='.$user_id;
  14 }
  15
  16 //echo $sql;
  17
  18 $result = mysql_query($sql);
  19
  20 $row = mysql_fetch_row($result);
  21
  22 $row[0] = htmlspecialchars($row[0]);
  23 $row[0] = tab2space($row[0]);
  24
  25 echo "<html><pre>".$row[0]."</pre></html>";
  26
  27 ?>