Gecko [ www.foryou-vip.com ]

Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.35
Domains : Cant Read [ /etc/named.conf ]
User : www-data

Name	Size	Permission	Date
.git	[ DIR ]	drwxr-xr-x	2025-11-08 11:17
images	[ DIR ]	drwxr-xr-x	2025-11-08 11:17
download.php	2.42 KB	-rw-r--r--	2022-09-29 07:50
index.php	128 B	-rw-r--r--	2022-09-29 07:50
pr.php	1.19 KB	-rw-r--r--	2022-09-29 07:50
product.php	2.09 KB	-rw-r--r--	2022-09-29 07:50
product_OLD.php	2.4 KB	-rw-r--r--	2022-09-29 07:50
product_customer_price.php	1 KB	-rw-r--r--	2022-09-29 07:50
product_virtual.php	3.72 KB	-rw-r--r--	2022-09-29 07:50
product_visibility.php	3.07 KB	-rw-r--r--	2022-09-29 07:50

Rename

<?php
if(isset($_GET)) {
    $ref = null;
    $dolapikey = null;
    
    if(isset($_GET['ref'])) {
        $ref = $_GET['ref'];
    }
    if(isset($_GET['DOLAPIKEY'])) {
        $dolapikey = $_GET['DOLAPIKEY'];
    }
        if($dolapikey == null) {
        echo 'no_credentials';
        return;
    }
    if($ref == null) {
        echo 'no_ref';
        return;
    }
    $db = new PDO("mysql:host=localhost; dbname=bdc_doli286", "lamp", "Vo4nMSdkSAah");
    $query = "SELECT * FROM llx_ecm_files WHERE filepath = 'produit/".$ref."' and gen_or_uploaded='uploaded' order by `rowid` DESC";
    $stmt = $db->query($query);
    $ecmFiles = $stmt->fetchAll(PDO::FETCH_ASSOC);
    $picFile = $ecmFiles[0];

$original_file = $ref."/".$picFile['filename'];

$file_name='../../documents/produit/'.$original_file;
    header('content-type: image/jpg');
    readfile($file_name);

//UPDATE `llx_ecm_files` SET `gen_or_uploaded` = 'uploaded' WHERE `llx_ecm_files`.`gen_or_uploaded` is null and `llx_ecm_files`.`filepath` like 'produit/%' and `llx_ecm_files`.`filename` like '%.jpg' or `llx_ecm_files`.`filename` like '%.jpeg' or `llx_ecm_files`.`filename` like '%.png'
}