<?

include "config.php";

 function check_id($id) {
   global $db;
   return $db->fetchrow("SELECT content_id FROM content WHERE content_id='$id' AND status='online' AND kind='dnl'");
 }

 if (!$id) $id = $_GET['id'];

 if (check_id($id)) {
   $fields = $db->fetchrow("SELECT * FROM expDownloads WHERE content_id='$id'");
   $db->query("UPDATE expDownloads SET hits=hits+1 WHERE content_id='$id'");
   if ($fields['filetype']) header("Content-type: $fields[filetype]");
   else header("Content-type: application/force-download");

   $file = $_config['absolute_path'] 
      . ($_config['relative_path'] ? '/'.$_config['relative_path'] : '') 
      . '/files/dnl'.$id;

   header("Content-Disposition: attachment; filename=\"$fields[filename]\"");
   header("Content-Length: ".filesize($file));
 
   header("Expires: 0");
   header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
   header("Pragma: public");
 
   readfile($file);
   die();
  }

  else
    header("Location: ".$_SERVER['HTTP_REFERRER']);
?>