<?
	@session_start();
	require_once('includes/inc.settings.php');
	require_once('includes/inc.functions.php');
  require_once('sec/msg/inc.msg.php');

  require_once("includes/class.text.php");
	$Text = new Text();
  require_once("includes/class.user.php");
	$User = new User();
  require_once('sec/msg/class.msgs.php');
  $Msgs = new Msgs();
  require_once("includes/class.files.php");

if(!empty($_GET['id'])&&is_numeric($_GET['id'])&&$_GET['id']>0&&!empty($_GET['msg'])&&is_numeric($_GET['msg'])&&$_GET['msg']>0&&$User->id>0){
	$FID = $_GET['id'];
	$MID = $_GET['msg'];
	$F = @$db->fetch_assoc($db->query("SELECT * FROM $DB.files WHERE id='".$FID."'"));
	if($F['id']==$FID){
		if($Msgs->IsMyAttach($User->id,$MID,$FID)==1){


			header('HTTP/1.1 200 OK');
			header('Date: ' . date("D M j G:i:s T Y"));
			header('Last-Modified: ' . date("D M j G:i:s T Y"));
			header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
			header("Content-Type: $F[type]");//application/octet-stream");//$F[type]");//echo $F['type'];
			header("Content-Length: ".$F['size']);
			header("Content-Disposition: attachment; filename=\"".$F['orginal_name']."\"");
			header("Content-Transfer-Encoding: Binary");
			readfile($F['dir'].'/'.$F['filename']);

		}else
			echo "It isn't your file!";
	}else{
		echo "Some error";
	};
}else{
	echo "Some error!";
};
?>