<?php
require_once('resources/configdb.php');

$baseDir = "/var/www/vuplus-support.org/htdocs/openembedded/2.0/vti/ZZ_betaimages";
$path = realpath($baseDir . "/" . $_GET["file"]);
$cor_ref = "openembedded/2.0/vti/ZZ_betaimages";
$ref = $_SERVER['HTTP_REFERER'];

//require_once('../global.php');
//use wcf\system\WCF;
//if ($userID = WCF::getSession()->userID) {
	if ((substr(dirname($path), 0, strlen($baseDir)) === $baseDir) and (strpos($ref, $cor_ref) !== FALSE)){
		$myfilename = ($_GET['file']);
		if(!is_bot()) {
			$conn = new mysqli($servername, $username, $password, $dbname);
			if (!$conn->connect_error) {
				$sql = "INSERT INTO VTiImage SET file='" . basename($myfilename) .  "' ON DUPLICATE KEY UPDATE stat=stat+1";
				$conn->query($sql);
				$conn->close();
			} else {
				die("Connection failed: " . $conn->connect_error);
			}
		}
		header("Cache-Control: public");
		header("Content-Description: File Transfer");
		header("Content-Disposition: attachment; filename=" . basename($_GET['file']));
		header("Content-Length: ".filesize($path));
		header("Content-Type: application/force-download");
		header("Content-Transfer-Encoding: binary");
		ob_clean();
		ob_end_flush();
		readfile($path);
	}
//} else {
//	header('Location: https://www.vuplus-support.org');
//	exit();
//}

function is_bot()
{
	$botlist = array("Teoma", "alexa", "froogle", "Gigabot", "inktomi",
	"looksmart", "URL_Spider_SQL", "Firefly", "NationalDirectory",
	"Ask Jeeves", "TECNOSEEK", "InfoSeek", "WebFindBot", "girafabot",
	"crawler", "www.galaxy.com", "Googlebot", "Scooter", "Slurp",
	"msnbot", "appie", "FAST", "WebBug", "Spade", "ZyBorg", "rabaz",
	"Baiduspider", "Feedfetcher-Google", "TechnoratiSnoop", "Rankivabot",
	"Mediapartners-Google", "Sogou web spider", "WebAlta Crawler","TweetmemeBot",
	"Butterfly","Twitturls","Me.dium","Twiceler");
	foreach($botlist as $bot)
    {
		if(strpos($_SERVER['HTTP_USER_AGENT'],$bot)!==false)
		return true;    // Is a bot
	}
	return false;
}

?>