<?php

// view previously-generated statement

    // init database name
	$database = DB_PREFIX;	
	
    // process request
	if ($sid != '')
	{
	    // sid check
		require "includes/session/sidck.php";
        
        // fetch database name / open db
		$dbn = '';
        if ( isset($_POST['db']) ) $dbn = $_POST['db'];
		if ( isset($_GET['db']) ) $dbn = $_GET['db'];
		
		if ($dbn == '') die();
		
		$database .= $dbn;
		
		require "includes/db.php";
        
        
        // get period
        $file = getvar($db, 'f', 'string');
		$file .= '.pdf';
        $saveas = $file;
                
        // build file info
    	$filepath = clientPath() . $dbn . '/statements/' . $file;
        
        if (is_file($filepath))
    	{
    	   	$filesize = filesize($filepath);
    		
    		$mimetype = $mime_types[$filetype];
    		
    		
    		// set headers
    		header("Pragma: public");
    		header("Expires: 0");
    		header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    		header("Cache-Control: public");
    		header("Content-Description: File Transfer");
    		header("Content-Type: application/pdf");
    		header("Content-Transfer-Encoding: binary");
            header("Content-Disposition: inline; filename=\"$file\"");
    		header("Content-Length: " . $filesize);
    		
    		// download
    		$dlfile = fopen($filepath, "rb");
    		
    		if ($dlfile) 
    		{
    			while ( !feof($dlfile) ) 
    			{
    		    	print(fread($dlfile, 1024*8));
    		    	flush();
    		    	
    		    	if (connection_status() != 0) 
    				{
    		      		@fclose($dlfile);
    		      		die();
    		    	}
    		  	}
    		  
    		  	@fclose($dlfile);
    		} 
    	}
     }
?>