One Hat Cyber Team

Your IP : 172.16.0.254

Server IP : 58.26.163.33

Server : Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64

Server Software : Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25

PHP Version : 7.3.25

Buat File | Buat Folder

Dir : C:/xampp7/htdocs/edgpens/reports/

Edit File: app_download.php

<?php 
include("../odbc.php");

session_start();

if ($_SESSION['session'])
	$session = updateSession($_SESSION["session"]);
else
	$session = '';

if (!$session) {
	$_SESSION["session"]		= false;
	$_SESSION['success']		= 3;
	$_SESSION['success_msg']	= "Please Login!";
	echo "<script>window.location.replace('../login.php?success=3');</script>";
	exit();
}

$ii 	= (isset($_GET['ii'])) ? $_GET['ii'] : '' ;
$zz 	= (isset($_GET['zz'])) ? $_GET['zz'] : '' ;
$f_name = pathinfo($zz, PATHINFO_FILENAME);

if($f_name=='issc'){
	$sql 	= "SELECT idKapal FROM kod_kapal WHERE md5(concat('fif',idKapal))=?";
	$tgt 	= "idKapal";
	$dir 	= "vessel";
}else{
	$sql 	= "SELECT idPermohonan FROM permohonan_main WHERE md5(concat('fif',idPermohonan))=?";
	$tgt 	= "idPermohonan";
	$dir 	= "application";
}

$stmt  			= $mysqli->stmt_init();
$stmt->prepare($sql);
$stmt->bind_param("s", $permohonan_main = $ii);
$stmt->execute();
$result 		= $stmt->get_result() or die($mysqli->error);
$stmt->close();
$row = $result->fetch_assoc();
$idp = $row[$tgt];

$file = __DIR__ . DIRECTORY_SEPARATOR . "/../upload/{$dir}/{$idp}/{$zz}";
$f_exist = file_exists($file);
	
if($f_exist):
	$f_mime = mime_content_type($file);
	$f_size = filesize($file);
	// $f_name = basename($file);
	ob_start();
    header("Content-Type: {$f_mime}");
    header("Content-Length: {$f_size}");
	header("Content-Disposition:filename={$zz}");
    readfile($file); 
    ob_end_flush();
else:
	echo "<strong style='color:red'>File Not Exist!</strong>";
	// echo "<script>window.location.replace('../dashboard.php');</script>";
endif;