parkerslingshotrentals/admin/view-doc.php

<?php
require_once dirname(__DIR__) . '/db.php';

$token = preg_replace('/[^a-f0-9]/', '', $_GET['_t'] ?? '');
$stmt  = db()->prepare("SELECT token FROM admin_tokens WHERE token=? AND expires_at > NOW()");
$stmt->execute([$token]);
if (!$stmt->fetch()) {
    http_response_code(403);
    header('Content-Type: text/plain');
    exit('Unauthorized — please log in to the admin panel first.');
}

$ref  = strtoupper(preg_replace('/[^A-Z0-9\-]/', '', $_GET['ref'] ?? ''));
$type = in_array($_GET['type'] ?? '', ['license','insurance']) ? $_GET['type'] : '';
if (!$ref || !$type) {
    http_response_code(400);
    header('Content-Type: text/plain');
    exit('Missing parameters.');
}

$col  = $type === 'license' ? 'license_file' : 'insurance_file';
$row  = db()->prepare("SELECT {$col} AS file_path FROM bookings WHERE booking_ref=?")->execute([$ref]) ? null : null;
$stmt = db()->prepare("SELECT {$col} AS file_path FROM bookings WHERE booking_ref=?");
$stmt->execute([$ref]);
$row  = $stmt->fetch();

if (!$row || !$row['file_path']) {
    http_response_code(404);
    header('Content-Type: text/plain');
    exit('No document on file.');
}

// Path stored as uploads/{ref}/{filename}
$path = __DIR__ . '/../' . ltrim($row['file_path'], '/');
if (!file_exists($path)) {
    http_response_code(404);
    header('Content-Type: text/plain');
    exit('File not found.');
}

$mime = mime_content_type($path) ?: 'application/octet-stream';
header('Content-Type: ' . $mime);
header('Content-Disposition: inline; filename="' . basename($path) . '"');
header('Content-Length: ' . filesize($path));
header('Cache-Control: no-store, no-cache');
readfile($path);