<?php

##
#
# Jisko: An open-source microblogging application
# Copyright (C) 2008  Rubén Díaz <outime@gmail.com> & Matías Parodi <mparodilabs@gmail.com>
# 
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
##

define("SECURITY", 1);

include('./config.php');
mysql_pconnect(DB_HOST, DB_USER, DB_PASSWORD);
mysql_select_db(DB_NAME);

include('./includes/functions.php');

$permalink = safe_str($_GET['p'], true);

$sql = "
		SELECT `notes`.`attached_file`, `users`.`username`
		FROM `notes`
		INNER JOIN `users` ON `users`.`id_user` = `notes`.`id_user`
		WHERE (`notes`.`permalink` = '" . $permalink . "')
		LIMIT 1;";
$result = mysql_query($sql);

if (mysql_affected_rows() == 1) {

	$row = mysql_fetch_assoc($result);
	mysql_free_result($result);

	if (!empty($row['attached_file'])) {
		header('Content-type: application/octet-stream');
		header('Content-Disposition: attachment; filename="' . $row['attached_file'] . '"');
		$fp = fopen('uploads/' . $row['username'] . '/'. $row['attached_file'], 'r');
		fpassthru($fp);
	}
}

?>