Added file existence check.

I added a check to see if the file exists.

Author: SysVoid

web/download/file/index.php

@@ -8,20 +8,16 @@
 
 $user = $_SESSION['user'];
 if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
-    $user=$_SESSION['look'];
+    $user = $_SESSION['look'];
 }
 
-if (!empty($_REQUEST['path'])) {
-    $path = $_REQUEST['path'];
+$path = $_REQUEST['path'];
+if (!empty($path) && file_exists($path)) {
     header("Content-type: application/octet-stream");
     header("Content-Transfer-Encoding: binary");
     header("Content-disposition: attachment;filename=".basename($path));
-    passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
+    passthru(VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
     exit;
-}
-else {
+} else {
     die('File not found');
 }
-
-
-?>