<?php
global $user;
global $base_url;
$filename="";
if (in_array('administrator', array_values($user->roles))) {
$sid="";
if(isset($_GET["sid"])) {
$sid=$_GET["sid"];
$sql="SELECT filename FROM file_managed fm, file_usage fu WHERE fu.id=".$sid." AND fu.fid=fm.fid";
$query = db_query($sql);
foreach($query as $item) {
$filename=$item->filename;
}
}
header("LOCATION:".$base_url."/sites/default/files/webform/".$filename);
}
?>