I've got problem with dowwnload link script (this script block any attempt to explore my file system), when i use this script Malwarebytes Browser Guard blocks the website for a few minutes.
Maybe someone will know or have already had contact with it.
What is the cause of this?
Where did I go wrong?
1. Download_xls.php
<?php
//define error page
$url = url_for('error_2.php');
$error = $url;
// File path to downloads folder
$filepath = '/var/www/domain.com/public/files/xls';
$filename = null;
if (isset($_GET['file']) && basename($_GET['file']) == $_GET['file']) {
$filename = $_GET['file'];
} else {
header("Location: $error");
exit;
}
if ($filename) {
$abs_path = $filepath . DIRECTORY_SEPARATOR . $filename;
if (file_exists($abs_path) && is_readable($abs_path)) {
header('Content-type: application/octet-stream');
header('Content-length: ' . filesize($abs_path));
header('Content-disposition: attachment; filename=' . $filename);
header('Content-transfer-encoding: binary');
ob_clean();
flush();
readfile($abs_path);
} else {
header("Location: $error");
}
}
?>
2 index.php
<li><a href="download_xls.php?file=exel_test.xls">file download</a></li>
3. screen 3 attempts to download the file
question from:
https://stackoverflow.com/questions/65880886/malwarebytes-browser-guard-block-script-php 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
