0 && strlen($_GET['idFile']) <= 6) { $ssql = "SELECT bibPublic FROM articulos where fichero =".$_GET['idFile']; $rs = mysql_query($ssql, $conn) or die(mysql_error()); $row = mysql_fetch_array ($rs); if ($row[0] == 0) { mysql_free_result($rs); session_start(); if ($_SESSION["valido"] !="ok") { echo 'No es posible mostrar el fichero solicitado'; exit; } } $ssql = "SELECT * FROM ficheros where id=".$_GET['idFile']; $rs = mysql_query($ssql,$conn) or die(mysql_error()); $row = mysql_fetch_assoc($rs); $type = $row["tipo"]; $size = $row["size"]; $name = $row["name"]; $data = $row["data"]; header("Content-type: $type"); header("Content-length: $size"); header("Content-Disposition: inline; filename=$name"); header("Content-Description: PHP Generated Data"); echo $data; mysql_free_result($rs); } else echo 'No es posible mostrar el fichero solicitado'; } ?>