/** * return download link after verifying password * data format: json */ function wpdm_getlink() { global $wpdb; if (!isset($_POST['id'])) { return; } $id = (int) $_POST['id']; $password = isset($_POST['password']) ? addslashes($_POST['password']) : ''; $file = get_post($id, ARRAY_A); //$file['ID'] = $file['ID']; $file = wpdm_setup_package_data($file); $key = uniqid(); $file1 = $file; // and( password='******' or password like '%[$password]%') $plock = isset($file['password']) && $file['password'] != '' ? 1 : 0; $data = array('error' => '', 'downloadurl' => ''); if (isset($_POST['reCaptchaVerify'])) { $ret = remote_post('https://www.google.com/recaptcha/api/siteverify', array('secret' => get_option('_wpdm_recaptcha_secret_key'), 'response' => $_POST['reCaptchaVerify'], 'remoteip' => $_SERVER['REMOTE_ADDR'])); $ret = json_decode($ret); if ($ret->success == 1) { $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); $download_url = wpdm_download_url($file, "_wpdmkey={$key}"); $data['downloadurl'] = $download_url; } else { $data['error'] = __("Captcha Verification Failed!", "wpmdpro"); } header("Content-type: application/json"); echo json_encode($data); die; } if ($plock == 1 && $password != $file['password'] && !strpos("__" . $file['password'], "[{$password}]")) { $data['error'] = __('Wrong Password!', 'wpdmpro'); $file = array(); } if ($plock == 1 && $password == '') { $data['error'] = __('Wrong Password!', 'wpdmpro'); $file = array(); } $ux = ""; if ($plock == 1 && isset($file['ID'])) { update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); } if (isset($file['ID']) && $file['ID'] != '') { $pu = isset($file['password_usage']) && is_array($file['password_usage']) ? $file['password_usage'] : array(); $pul = $file['password_usage_limit']; if (is_array($pu) && isset($pu[$password]) && $pu[$password] >= $pul && $pul > 0) { $data['error'] = __('Password usages limit exceeded', 'wpdmpro'); } else { if (!is_array($pu)) { $pu = array(); } $pu[$password] = isset($pu[$password]) ? $pu[$password] + 1 : 1; update_post_meta($file['ID'], '__wpdm_password_usage', $pu); } } if (isset($_COOKIE['unlocked_' . $file1['ID']]) && $_COOKIE['unlocked_' . $file1['ID']] == 1) { $data['error'] = ''; $file = $file1; } if ($data['error'] == '') { $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; $data['downloadurl'] = wpdm_download_url($file, "_wpdmkey={$key}"); } // home_url('/?downloadkey='.md5($file['files']).'&file='.$id.$ux); $adata = apply_filters("wpdmgetlink", $data, $file); $data = is_array($adata) ? $adata : $data; if (!wpdm_is_ajax()) { @setcookie("wpdm_getlink_data_" . $key, json_encode($data)); if (isset($data['downloadurl']) && $data['downloadurl'] != '') { header("location: " . $data['downloadurl']); die; } header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key); die; } header("Content-type: application/json"); die(json_encode($data)); }
function wpdm_do_register() { global $wp_query, $wpdb; if (!isset($_POST['wpdm_reg']) || !get_option('users_can_register')) { return; } extract($_POST['wpdm_reg']); $_SESSION['tmp_reg_info'] = $_POST['wpdm_reg']; $user_id = username_exists($user_login); $loginurl = $_POST['permalink']; if ($user_login == '') { $_SESSION['reg_error'] = __('Username is Empty!', 'wpdmpro'); if (wpdm_is_ajax()) { die('Error: ' . $_SESSION['reg_error']); } header("location: " . $_POST['permalink']); die; } if (!isset($user_email) || !is_email($user_email)) { $_SESSION['reg_error'] = __('Invalid Email Address!', 'wpdmpro'); if (wpdm_is_ajax()) { die('Error: ' . $_SESSION['reg_error']); } header("location: " . $_POST['permalink']); die; } if (!$user_id) { $user_id = email_exists($user_email); if (!$user_id) { $auto_login = isset($user_pass) && $user_pass != '' ? 1 : 0; $user_pass = isset($user_pass) && $user_pass != '' ? $user_pass : wp_generate_password(12, false); $user_id = wp_create_user($user_login, $user_pass, $user_email); $display_name = isset($display_name) ? $display_name : $user_id; $headers = "From: " . get_option('sitename') . " <" . get_option('admin_email') . ">\r\nContent-type: text/html\r\n"; $message = file_get_contents(dirname(__FILE__) . '/templates/wpdm-new-user.html'); $loginurl = $_POST['permalink']; $message = str_replace(array("[#support_email#]", "[#homeurl#]", "[#sitename#]", "[#loginurl#]", "[#name#]", "[#username#]", "[#password#]", "[#date#]"), array(get_option('admin_email'), site_url('/'), get_option('blogname'), $loginurl, $display_name, $user_login, $user_pass, date("M d, Y")), $message); if ($user_id) { wp_mail($user_email, "Welcome to " . get_option('sitename'), $message, $headers); } unset($_SESSION['guest_order']); unset($_SESSION['login_error']); unset($_SESSION['tmp_reg_info']); //if(!isset($_SESSION['reg_warning'])) $creds['user_login'] = $user_login; $creds['user_password'] = $user_pass; $creds['remember'] = true; $_SESSION['sccs_msg'] = "Your account has been created successfully and login info sent to your mail address."; if ($auto_login == 1) { $_SESSION['sccs_msg'] = "Your account has been created successfully and login now."; wp_signon($creds); wp_set_current_user($user_id); wp_set_auth_cookie($user_id); } if (wpdm_is_ajax()) { die('success'); } header("location: " . $loginurl); die; } else { $_SESSION['reg_error'] = __('Email already exists.'); $plink = $_POST['permalink'] ? $_POST['permalink'] : $_SERVER['HTTP_REFERER']; if (wpdm_is_ajax()) { die('Error: ' . $_SESSION['reg_error']); } header("location: " . $loginurl); die; } } else { $_SESSION['reg_error'] = __('User already exists.'); $plink = $_POST['permalink'] ? $_POST['permalink'] : $_SERVER['HTTP_REFERER']; if (wpdm_is_ajax()) { die('Error: ' . $_SESSION['reg_error']); } header("location: " . $loginurl); die; } die; }
function wpdm_check_update() { if (!current_user_can('manage_options')) { return; } $latest = ''; //get_option('wpdm_latest'); $latest_check = get_option('wpdm_latest_check'); $time = time() - intval($latest_check); $plugins = get_plugins(); $latest_v_url = 'http://www.wpdownloadmanager.com/versions.php'; if ($latest == '' || $time > 86400) { $latest = remote_get($latest_v_url); update_option('wpdm_latest', $latest); update_option('wpdm_latest_check', time()); } $latest = maybe_unserialize($latest); $page = isset($_REQUEST['page']) ? esc_attr($_REQUEST['page']) : ''; $plugin_info_url = isset($_REQUEST['plugin_url']) ? $_REQUEST['plugin_url'] : 'http://www.wpdownloadmanager.com/purchases/'; foreach ($latest as $plugin_dir => $latestv) { $plugin_data = wpdm_plugin_data($plugin_dir); if (version_compare($plugin_data['Version'], $latestv, '<') == true) { $plugin_name = $plugin_data['Name']; $plugin_info_url = $plugin_data['PluginURI']; $trid = sanitize_title($plugin_name); if ($trid != '') { if ($page == 'plugins') { echo <<<NOTICE <script type="text/javascript"> jQuery(function(){ jQuery('tr#{$trid}').addClass('update').after('<tr class="plugin-update-tr"><td colspan=3 class="plugin-update colspanchange"><div style="background:#D54E21;border-top:0px;padding:5px 15px;color:#fff">There is a new version of {$plugin_name} available. <b><a href="{$plugin_info_url}#{$latestv}" style="color:#fff;float: right;background: rgba(0,0,0,0.2);padding: 5px 15px;margin-top:-5px;margin-right: -15px" target=_blank>Download v{$latestv} <i class="fa fa-long-arrow-right"></i></a></b></div></td></tr>'); }); </script> NOTICE; } else { echo <<<NOTICE <script type="text/javascript"> jQuery(function(){ jQuery('.wrap > h2').after('<div class="updated error" style="margin:10px 0px;padding:10px;border:2px solid #dd3d36;border-radius:4px;background: #ffffff"><div style="float:left;"><b style="color:#dd3d36;">Important!</b><br/>There is a new version of <u>{$plugin_name}</u> available.</div> <a style="border-radius:2px;float:right;display:inline-table;color:#ffffff;background:#D54E21;padding:10px 15px" href="{$plugin_info_url}#{$latestv}" target=_blank>Download v{$latestv} <i class="fa fa-long-arrow-right"></i></a><div style="clear:both"></div></div>'); }); </script> NOTICE; } } } } if (wpdm_is_ajax()) { die; } }
/** * return download link after verifying password * data format: json */ function wpdm_getlink() { global $wpdb; if (!isset($_POST['id'])) { return; } $id = (int) $_POST['id']; $password = isset($_POST['password']) ? addslashes($_POST['password']) : ''; $file = get_post($id, ARRAY_A); //$file['ID'] = $file['ID']; $file = wpdm_setup_package_data($file); $key = uniqid(); $file1 = $file; // and( password='******' or password like '%[$password]%') $plock = isset($file['password_lock']) ? $file['password_lock'] : 0; $data = array('error' => '', 'downloadurl' => ''); if (isset($_POST['reCaptchaVerify'])) { $ret = remote_post('https://www.google.com/recaptcha/api/siteverify', array('secret' => get_option('_wpdm_recaptcha_secret_key'), 'response' => $_POST['reCaptchaVerify'], 'remoteip' => $_SERVER['REMOTE_ADDR'])); $ret = json_decode($ret); if ($ret->success == 1) { $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); $download_url = wpdm_download_url($file, "_wpdmkey={$key}"); $data['downloadurl'] = $download_url; } else { $data['error'] = __("Captcha Verification Failed!", "wpmdpro"); } header("Content-type: application/json"); echo json_encode($data); die; } if (isset($_POST['verify']) && $_POST['verify'] == 'email' && $file['email_lock'] == 1) { if (wpdm_verify_email($_POST['email'])) { $subject = "Your Download Link"; $site = get_option('blogname'); update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); //file_put_contents(WPDM_CACHE_DIR.'wpdm_'.$key,"3"); $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; $download_url = wpdm_download_url($file, "_wpdmkey={$key}"); $cff = isset($_POST['custom_form_field']) ? $_POST['custom_form_field'] : array(); $wpdb->insert("{$wpdb->prefix}ahm_emails", array('email' => $_POST['email'], 'pid' => $file['ID'], 'date' => time(), 'custom_data' => serialize($cff))); $eml = get_option('_wpdm_etpl'); $eml['fromname'] = isset($eml['fromname']) ? $eml['fromname'] : get_bloginfo('name'); $eml['frommail'] = isset($eml['frommail']) ? $eml['frommail'] : get_bloginfo('admin_email'); $eml['subject'] = isset($eml['subject']) ? $eml['subject'] : 'Download ' . $file['post_title']; $headers = 'From: ' . $eml['fromname'] . ' <' . $eml['frommail'] . '>' . "\r\nContent-type: text/html\r\n"; $file = wpdm_setup_package_data($file); $file['download_url'] = $download_url; //Custom Download URL for email lock $keys = array(); foreach ($file as $fkey => $value) { $_key = "[{$fkey}]"; $tdata[$_key] = $value; } $tdata["[site_url]"] = home_url('/'); $tdata["[site_name]"] = get_bloginfo('sitename'); $tdata["[download_url]"] = $download_url; $tdata["unsaved:///"] = ""; $tdata["[date]"] = date(get_option('date_format'), time()); $message = $eml['body']; foreach ($tdata as $skey => $svalue) { if (!is_array($svalue)) { $message = str_replace(strval($skey), strval($svalue), $message); $eml['subject'] = str_replace(strval($skey), strval($svalue), $eml['subject']); } } //do something before sending download link do_action("wpdm_before_email_download_link", $_POST, $file); $message = str_replace('[#message#]', stripslashes($message), file_get_contents(wpdm_tpl_path('html-frame.html', WPDM_BASE_DIR . 'email-templates/'))); wp_mail($_POST['email'], stripcslashes($eml['subject']), stripcslashes($message), $headers); $idl = isset($file['email_lock_idl']) ? $file['email_lock_idl'] : 0; if ($idl != 1) { $data['downloadurl'] = ""; $data['error'] = '<div class="alert alert-success">' . __('Download link sent to your email!', 'wpdmpro') . '</div>'; } else { $data['downloadurl'] = $file['download_url']; $data['error'] = ''; $data['msg'] = '<div class="alert alert-success">' . __('Download link also sent to your email!', 'wpdmpro') . '</div>'; } if (!wpdm_is_ajax()) { @setcookie("wpdm_getlink_data_" . $key, json_encode($data)); if (isset($data['downloadurl']) && $data['downloadurl'] != '') { header("location: " . $data['downloadurl']); die; } header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key); die; } header('HTTP/1.0 200 OK'); header("Content-type: application/json"); echo json_encode($data); die; } else { $data['downloadurl'] = ""; $data['error'] = '<div class="alert alert-danger">' . __('Invalid Email Address!', 'wpdmpro') . '</i>'; if (!wpdm_is_ajax()) { @setcookie("wpdm_getlink_data_" . $key, json_encode($data)); if (isset($data['downloadurl']) && $data['downloadurl'] != '') { header("location: " . $data['downloadurl']); die; } header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key); die; } header("Content-type: application/json"); echo json_encode($data); die; } } if (isset($_POST['force']) && $_POST['force'] != '') { $vr = explode('|', base64_decode($_POST['force'])); if ($vr[0] == 'unlocked') { $social = array('f' => 'wpdm_fb_likes', 'g' => 'wpdm_gplus1s', 't' => 'wpdm_tweets', 'l' => 'wpdm_lishare'); if ($_POST['social'] && isset($social[$_POST['social']])) { update_option($social[$_POST['social']], (int) get_option($social[$_POST['social']]) + 1); } update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; $data['downloadurl'] = wpdm_download_url($file, "_wpdmkey={$key}"); $adata = apply_filters("wpdmgetlink", $data, $file); $data = is_array($adata) ? $adata : $data; if (!wpdm_is_ajax()) { @setcookie("wpdm_getlink_data_" . $key, json_encode($data)); if (isset($data['downloadurl']) && $data['downloadurl'] != '') { header("location: " . $data['downloadurl']); die; } header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key); die; } header("Content-type: application/json"); die(json_encode($data)); } } if ($plock == 1 && $password != $file['password'] && !strpos("__" . $file['password'], "[{$password}]")) { $data['error'] = __('Wrong Password!', 'wpdmpro'); $file = array(); } if ($plock == 1 && $password == '') { $data['error'] = __('Wrong Password!', 'wpdmpro'); $file = array(); } $ux = ""; if ($plock == 1 && isset($file['ID'])) { update_post_meta($file['ID'], "__wpdmkey_" . $key, 3); } if (isset($file['ID']) && $file['ID'] != '') { $pu = isset($file['password_usage']) && is_array($file['password_usage']) ? $file['password_usage'] : array(); $pul = $file['password_usage_limit']; if (is_array($pu) && isset($pu[$password]) && $pu[$password] >= $pul && $pul > 0) { $data['error'] = __('Password usages limit exceeded', 'wpdmpro'); } else { if (!is_array($pu)) { $pu = array(); } $pu[$password] = isset($pu[$password]) ? $pu[$password] + 1 : 1; update_post_meta($file['ID'], '__wpdm_password_usage', $pu); } } if (isset($_COOKIE['unlocked_' . $file1['ID']]) && $_COOKIE['unlocked_' . $file1['ID']] == 1) { $data['error'] = ''; $file = $file1; } if ($data['error'] == '') { $_SESSION['_wpdm_unlocked_' . $file['ID']] = 1; $data['downloadurl'] = wpdm_download_url($file, "_wpdmkey={$key}"); } // home_url('/?downloadkey='.md5($file['files']).'&file='.$id.$ux); $adata = apply_filters("wpdmgetlink", $data, $file); $data = is_array($adata) ? $adata : $data; if (!wpdm_is_ajax()) { @setcookie("wpdm_getlink_data_" . $key, json_encode($data)); if (isset($data['downloadurl']) && $data['downloadurl'] != '') { header("location: " . $data['downloadurl']); die; } header("location: " . $_SERVER['HTTP_REFERER'] . "#nojs_popup|ckid:" . $key); die; } header("Content-type: application/json"); die(json_encode($data)); }
function updateProfile() { global $current_user; if (isset($_POST['wpdm_profile']) && is_user_logged_in()) { $error = 0; $pfile_data['display_name'] = $_POST['wpdm_profile']['display_name']; if ($_POST['password'] != $_POST['cpassword']) { $_SESSION['member_error'][] = 'Password not matched'; $error = 1; } if (!$error) { $pfile_data['ID'] = $current_user->ID; if ($_POST['password'] != '') { $pfile_data['user_pass'] = $_POST['password']; } wp_update_user($pfile_data); update_user_meta($current_user->ID, 'payment_account', $_POST['payment_account']); $_SESSION['member_success'] = 'Profile data updated successfully.'; } do_action("wpdm_update_profile"); if (wpdm_is_ajax()) { if ($error == 1) { $msg['type'] = 'danger'; $msg['msg'] = $_SESSION['member_error']; unset($_SESSION['member_error']); echo json_encode($msg); die; } else { $msg['type'] = 'success'; $msg['msg'] = $_SESSION['member_success']; unset($_SESSION['member_success']); echo json_encode($msg); die; } } header("location: " . $_SERVER['HTTP_REFERER']); die; } }
function updateProfile() { global $wp_query, $wpdb, $current_user; get_currentuserinfo(); if (isset($_POST['wpdm_profile']) && is_user_logged_in()) { extract($_POST); $error = 0; if ($password != $cpassword) { $_SESSION['member_error'][] = 'Password not matched'; $error = 1; } if (!$error) { $wpdm_profile['ID'] = $current_user->ID; if ($password != '') { $wpdm_profile['user_pass'] = $password; } wp_update_user($wpdm_profile); get_currentuserinfo(); update_user_meta($current_user->ID, 'payment_account', $payment_account); $_SESSION['member_success'] = 'Profile data updated successfully.'; } do_action("wpdm_update_profile"); if (wpdm_is_ajax()) { if ($error == 1) { $msg['type'] = 'danger'; $msg['msg'] = $_SESSION['member_error']; unset($_SESSION['member_error']); echo json_encode($msg); die; } else { $msg['type'] = 'success'; $msg['msg'] = $_SESSION['member_success']; unset($_SESSION['member_success']); echo json_encode($msg); die; } } header("location: " . $_SERVER['HTTP_REFERER']); die; } }
function wpdm_check_update() { if (!current_user_can(WPDM_ADMIN_CAP)) { return; } $latest = ''; //get_option('wpdm_latest'); $latest_check = get_option('wpdm_latest_check'); $time = time() - intval($latest_check); $plugins = get_plugins(); $latest_v_url = 'http://www.wpdownloadmanager.com/versions.php'; if ($latest == '' || $time > 86400) { $latest = remote_get($latest_v_url); update_option('wpdm_latest', $latest); update_option('wpdm_latest_check', time()); } $latest = maybe_unserialize($latest); $page = isset($_REQUEST['page']) ? esc_attr($_REQUEST['page']) : ''; $plugin_info_url = isset($_REQUEST['plugin_url']) ? $_REQUEST['plugin_url'] : 'http://www.wpdownloadmanager.com/purchases/'; if (is_array($latest)) { foreach ($latest as $plugin_dir => $latestv) { $plugin_data = wpdm_plugin_data($plugin_dir); $wpdmfree = $plugin_dir == 'download-manager' && version_compare($plugin_data['Version'], '3.0.0', '<'); if (version_compare($plugin_data['Version'], $latestv, '<') == true && !$wpdmfree) { $plugin_name = $plugin_data['Name']; $plugin_info_url = $plugin_data['PluginURI']; $trid = sanitize_title($plugin_name); $plugin_update_url = admin_url('/edit.php?post_type=wpdmpro&page=settings&tab=plugin-update&plugin=' . $plugin_dir); //'http://www.wpdownloadmanager.com/purchases/?'; // if ($trid != '') { if ($page == 'plugins') { echo <<<NOTICE <script type="text/javascript"> jQuery(function(){ jQuery('tr#{$trid}').addClass('update').after('<tr class="plugin-update-tr"><td colspan=3 class="plugin-update colspanchange"><div class="update-message">There is a new version of <strong>{$plugin_name}</strong> available. <b><a href="{$plugin_update_url}&v={$latestv}" style="color: #D54E21;margin-left:10px" target=_blank>[ Update v{$latestv} ]</a></b></div></td></tr>'); }); </script> NOTICE; } else { echo <<<NOTICE <script type="text/javascript"> jQuery(function(){ jQuery('.wrap > h2').after('<div class="updated error" style="margin:10px 0px;padding:10px;border:2px solid #dd3d36;border-radius:4px;background: #ffffff"><div style="float:left;"><b style="color:#dd3d36;">Important!</b><br/>There is a new version of <u>{$plugin_name}</u> available.</div> <a style="border-radius:2px; float:right;;color:#ffffff; background: #D54E21;padding:10px 15px" href="{$plugin_update_url}&v={$latestv}" target=_blank>Update v{$latestv} <i class="fa fa-long-arrow-right"></i></a><div style="clear:both"></div></div>'); }); </script> NOTICE; } } } } } if (wpdm_is_ajax()) { die; } }