DBI 783 file hosting in a test directory.

.htaccess

XSendFile On
XSendFileAllowAbove On
RewriteEngine On
RewriteBase /test/

# If it's not a real file or folder, route to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [L]

index.php

<?php
// enable X-SendFile in your apache settings.
$baseDir = realpath("D:/path/to/your/Games"); // Change to your files location
$baseUrl = basename(__FILE__);

// Auth check
$userAgent = $_SERVER['HTTP_USER_AGENT'];
if (strpos($userAgent, 'DBI/783-ru (FW: 19.0.1S; SN: XJJ00000000000') === false) { // Serial blanked for security. Chang it to your Serial or remove that section to allow all Switches.
    http_response_code(403);
    echo "Access denied.";
    exit;
}

// Serve file if requested
if (isset($_GET['file'])) {
    $requestedFile = str_replace(['..', '\\'], '', $_GET['file']);
    $fullPath = realpath($baseDir . DIRECTORY_SEPARATOR . $requestedFile);

    if (!$fullPath || strpos($fullPath, $baseDir) !== 0 || !is_file($fullPath)) {
        http_response_code(404);
        echo "File not found.";
        exit;
    }

    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename="' . basename($fullPath) . '"');
    header('X-Sendfile: ' . $fullPath);
    exit;
}

// Determine current subdirectory
$requestUri = $_SERVER['REQUEST_URI'];
$scriptName = dirname($_SERVER['SCRIPT_NAME']);
$relativePath = trim(str_replace($scriptName, '', $requestUri), '/');
$currentSubdir = str_replace(['..', '\\'], '', urldecode($relativePath));
$currentPath = realpath($baseDir . DIRECTORY_SEPARATOR . $currentSubdir);

if (!$currentPath || strpos($currentPath, $baseDir) !== 0 || !is_dir($currentPath)) {
    http_response_code(404);
    echo "Directory not found.";
    exit;
}

// Build directory listing
function listDirectory($dir, $relativeDir, $baseDir, $baseUrl) {
    $html = '<ul>';
    $items = scandir($dir);

    foreach ($items as $item) {
        if ($item === '.' || $item === '..') continue;
        $itemPath = $dir . DIRECTORY_SEPARATOR . $item;
        $relativePath = ltrim(str_replace('\\', '/', ($relativeDir ? $relativeDir . '/' : '') . $item), '/');

        if (is_dir($itemPath)) {
            $html .= '<li><strong><a href="' . htmlspecialchars($relativePath) . '/">' . htmlspecialchars($item) . '</a></strong></li>';
        } else {
            $html .= '<li><a href="' . htmlspecialchars($baseUrl) . '?file=' . urlencode($relativePath) . '">' . htmlspecialchars($item) . '</a></li>';
        }
    }

    $html .= '</ul>';
    return $html;
}

// Breadcrumbs
$breadcrumb = '<p><a href="' . htmlspecialchars($baseUrl) . '">Root</a>';
if ($currentSubdir) {
    $parts = explode('/', $currentSubdir);
    $path = '';
    foreach ($parts as $part) {
        $path .= ($path ? '/' : '') . $part;
        $breadcrumb .= ' / <a href="' . htmlspecialchars($baseUrl) . '?dir=' . urlencode($path) . '">' . htmlspecialchars($part) . '</a>';
    }
}
$breadcrumb .= '</p>';

// Output HTML
echo '<!DOCTYPE html>
<html>
<head>
    <title>Directory Listing</title>
    <style>
        body { font-family: sans-serif; padding: 20px; }
        ul { list-style: none; padding-left: 20px; }
        a { text-decoration: none; color: blue; }
        a:hover { text-decoration: underline; }
    </style>
</head>
<body>
    <h1>Shop Directory Listing</h1>';
echo $breadcrumb;
echo listDirectory($currentPath, $currentSubdir, $baseDir, $baseUrl);
echo '</body></html>';