/** * Download a backup file * * @param string $file Filename (without the path) * @return void * @note Filename should have been sanitized and checked before calling this. * */ function DBADMIN_download($file) { global $_CONF; require_once $_CONF['path_system'] . 'classes/downloader.class.php'; $dl = new downloader(); $dl->setLogFile($_CONF['path'] . 'logs/error.log'); $dl->setLogging(true); $dl->setDebug(true); $dl->setPath($_CONF['backup_path']); $dl->setAllowedExtensions(array('sql' => 'application/x-gzip-compressed', 'gz' => 'application/x-gzip-compressed')); $dl->downloadFile($file); }
echo COM_siteHeader(); echo COM_startBlock('Access Denied'); echo 'You do not have access rights to this file. Your attempt has been logged.'; echo COM_endBlock(); echo COM_siteFooter(); } if (DB_count($_TABLES['nxfile_filesubmissions'], 'id', $fid) > 0) { include_once $_CONF['path_system'] . 'classes/downloader.class.php'; $query = DB_query("SELECT cid,ftype,fname,tempname FROM {$_TABLES['nxfile_filesubmissions']} WHERE id={$fid}"); list($cid, $ftype, $fname, $tname) = DB_fetchARRAY($query); $directory = $_FMCONF['storage_path'] . $cid . '/submissions/'; $logfile = $_CONF['path'] . 'logs/error.log'; if ($ftype == "file") { $pos = strrpos($tname, '.') + 1; $ext = strtolower(substr($tname, $pos)); $download = new downloader(); $download->_setAvailableExtensions($_FMCONF['downloadfiletypes']); $download->setAllowedExtensions($_FMCONF['downloadfiletypes']); $download->setLogFile($logfile); $download->setLogging(true); $download->setPath($directory); $download->downloadFile($tname); DB_query("UPDATE {$_TABLES['nxfile_filedetail']} SET hits = hits +1 WHERE fid='{$fid}' "); if ($download->areErrors()) { echo $LANG_FMERR['download1']; echo $download->printWarnings(); echo $download->printErrors(); return false; } } else { $url = $fname;
if (in_array($customer_file, $no_files)) { die('<h1>FATAL ERROR: Unauthorized Access</h1>'); } if (file_exists($customer_file)) { include $customer_file; } else { die('Purchase Details Not Found. Contact Administrator.'); } if ($_GET['file'] == '') { die('Invalid File Information. Contact Administrator.'); } $file_id = (int) $_GET['file']; if (!isset($product_files[$file_id])) { die('Invalid File Information. Contact Administrator.'); } $file = $product_files[$file_id]; if (download_is_expired($customer_info['expire_date'])) { die('Download has expired.'); } if (file_exists($file['source'])) { $download = new downloader(); $download->set_byfile($file['source']); $download->mime = ''; $download->use_resume = true; //Enable Resume Mode $download->filename = $file['filename']; $download->download(); exit; } else { die("Download file ID {$file_id} is not valid. Please contact webmaster."); }
$exportscript .= '<?php' . LB; $exportscript .= '// Export Form Defintion for: ' . DB_getItem($_TABLES['nxform_definitions'], 'name', "id='{$formid}'") . LB; $exportscript .= '// Date: ' . $date[0] . LB . LB; $i = 1; foreach ($exportforms as $formid) { $exportscript .= LB . LB . '# Export Form Definitions ' . LB; $exportscript .= generateSQL('formDefinitions', $formid, "900{$i}"); $exportscript .= LB . '# Export Field Definitions ' . LB; $exportscript .= generateSQL('formFields', $formid, "900{$i}"); $i++; } $exportscript .= LB . '?>'; if (!($fp = @fopen($downloadDirectory . $file, "w"))) { COM_errorLog("Error exporting form definition - Unable to write to file: {$exportfile}"); } else { fwrite($fp, $exportscript); fclose($fp); // Send new file to user's browser $download = new downloader(); $download->_setAvailableExtensions($downloadFileType); $download->setAllowedExtensions($downloadFileType); $download->setPath($downloadDirectory); $logfile = $_CONF['path'] . 'logs/error.log'; $download->setLogFile($logfile); $download->setLogging(true); $download->downloadFile($file); if ($download->areErrors()) { COM_errorLog("Error downloading nexform Export SQL file: " . $download->printErrors()); } } }
exit; } if (!empty($token)) { // Get product by token $sql = "SELECT d.id, d.file, d.prod_type\n FROM {$_TABLES['paypal.purchases']} AS p \n LEFT JOIN {$_TABLES['paypal.products']} AS d \n ON d.id = p.product_id \n WHERE p.token = '{$token}'\n AND p.expiration > '{$_PP_CONF['now']->toMySQL()}'"; } else { // Get product by product ID. Have to check the user id also $sql = "SELECT d.id, d.file, d.prod_type\n FROM {$_TABLES['paypal.products']} AS d \n LEFT JOIN {$_TABLES['paypal.purchases']} AS p \n ON d.id = p.product_id \n WHERE d.id = '{$id}' \n AND\n ( \n (\n p.user_id <> 1 \n AND \n p.user_id = '" . (int) $_USER['uid'] . "'\n AND \n p.expiration > '{$_PP_CONF['now']->toMySql()}'\n )\n OR \n ( d.price <= 0 )\n ) \n LIMIT 1"; } //echo $sql;die; $res = DB_query($sql); $A = DB_fetchArray($res, false); // If a file was found, do the download. // Otherwise refresh to the home page and log it. if (is_array($A) && !empty($A['file'])) { $dwnld = new downloader(); $logfile = $_PP_CONF['logfile']; if (!file_exists($logfile)) { $fp = fopen($logfile, "w+"); if (!$fp) { COM_errorLog("Failed to create {$logfile}", 1); } else { fwrite($fp, "**** Created Logfile ***\n"); } } if (file_exists($logfile)) { $dwnld->setLogFile($logfile); $dwnld->setLogging(true); } else { $dwnld->setLogginf(false); }
public function testSetAllowedExtensionsFail() { // .pl (Perl scripts) is not allowed $dl2 = new downloader(); $dl2->setAllowedExtensions(array('jpg' => 'image/jpeg', 'pl' => 'application/x-perl')); $this->assertTrue($dl2->areErrors()); // one invalid extension will invalidate the entire list $this->assertFalse($dl2->checkExtension('jpg')); $this->assertFalse($dl2->checkExtension('jpeg')); $this->assertFalse($dl2->checkExtension('pl')); }
// | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ /** * For really strict webhosts, this file an be used to show images in pages that * serve the images from outside of the webtree to a place that the webserver * user can actually write too * * @author Tony Bibbs, tony AT tonybibbs DOT com * */ require_once 'lib-common.php'; require_once $_CONF['path_system'] . 'classes/downloader.class.php'; $downloader = new downloader(); $downloader->setLogFile($_CONF['path_log'] . 'error.log'); $downloader->setLogging(true); $downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png')); COM_setArgNames(array('mode', 'image')); $mode = COM_applyFilter(COM_getArgument('mode')); $image = COM_applyFilter(COM_getArgument('image')); if (strstr($image, '..')) { // Can you believe this, some jackass tried to relative pathing to access // files they shouldn't have access to? COM_accessLog('Someone tried to illegally access files using getimage.php'); exit; } // Set the path properly switch ($mode) { case 'show':
/** * Method to submit the downloads file to the browser. * * * @return null */ public function send() { global $jlistConfig; jimport('joomla.environment.uri'); $jinput = JFactory::getApplication()->input; $app = JFactory::getApplication(); $params = $app->getParams(); $user = JFactory::getUser(); $groups = implode(',', $user->getAuthorisedViewLevels()); $db = JFactory::getDBO(); $config = array('ignore_request' => true); $model = $this->getModel('send', 'jdownloadsModel', $config); $user_rules = JDHelper::getUserRules(); clearstatcache(); $active = $app->getMenu()->getActive(); if ($active) { $current_link = $active->link; } else { $current_link = JRoute::_(JUri::current() . '?option=com_jdownloads'); } // abort when downloads are offline if ($jlistConfig['offline']) { $msg = JDHelper::getOnlyLanguageSubstring($jlistConfig['offline.text']); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } $allow = false; $extern = false; $extern_site = false; $can_download = false; $aup_exist = false; $profile = ''; // Which file types shall be viewed in browser $view_types = array(); $view_types = explode(',', $jlistConfig['file.types.view']); // get request data $cat_id = $db->escape($jinput->get('catid', 0, 'int')); $file_id = $db->escape($jinput->get('id', 0, 'int')); $mirror = $db->escape($jinput->get('m', 0, 'int')); $files_list = $db->escape($jinput->get('list', '', 'string')); $zip_file = $db->escape($jinput->get('user', 0, 'cmd')); // get session data $stored_random_id = (int) JDHelper::getSessionDecoded('jd_random_id'); $stored_file_id = (int) JDHelper::getSessionDecoded('jd_fileid'); $stored_cat_id = (int) JDHelper::getSessionDecoded('jd_catid'); $stored_files_list = JDHelper::getSessionDecoded('jd_list'); // compare and check it if ($cat_id > 0 && $cat_id != $stored_cat_id || $file_id > 0 && $file_id != $stored_file_id || $zip_file > 0 && $zip_file != $stored_random_id || $files_list != '' && $files_list != $stored_files_list) { // perhaps use it a direct download option $this->items = $model->getItems($file_id); if ($this->items) { $this->state = $model->getState(); $sum_selected_files = $this->state->get('sum_selected_files'); $sum_selected_volume = $this->state->get('sum_selected_volume'); $sum_files_prices = $this->state->get('sum_files_prices'); $must_confirm_license = $this->state->get('must_confirm_license'); $directlink = $this->state->get('directlink_used'); $marked_files_id = $this->state->get('download.marked_files.id'); // check the permission access for direct download option $within_the_user_limits = JDHelper::checkDirectDownloadLimits($cat_id, $file_id, $files_list, $user_rules, $sum_selected_files, $sum_selected_volume); if ($within_the_user_limits !== true) { // user has his limits reached or not enough points $msg = JText::_($within_the_user_limits); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } } else { // invalid data found / url manipulations? $msg = JText::_('COM_JDOWNLOADS_INVALID_DOWNLOAD_DATA_MSG'); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } } // check leeching if ($is_leeching = JDHelper::useAntiLeeching()) { // download stopped - view hint $msg = JText::_('COM_JDOWNLOADS_ANTILEECH_MSG') . ' ' . JText::_('COM_JDOWNLOADS_ANTILEECH_MSG2'); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } if ($zip_file) { // user has selected more as a single file $zip_file = $jlistConfig['zipfile.prefix'] . $zip_file . '.zip'; $filename = $jlistConfig['files.uploaddir'] . '/' . $jlistConfig['tempzipfiles.folder.name'] . '/' . $zip_file; if (!file_exists($filename)) { // download stopped - zip file not found $msg = JText::_('COM_JDOWNLOADS_FILE_NOT_FOUND') . ': ' . basename($zip_file); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } } // download action check (not for uncategorized) if ($cat_id > 1) { // If the category has been passed in the data or URL check it. $allow = $user->authorise('download', 'com_jdownloads.category.' . $cat_id); if ($file_id && $allow) { // If the category has been passed in the data or URL check it. $allow = $user->authorise('download', 'com_jdownloads.download.' . $file_id); } } else { if ($file_id) { // If the category has been passed in the data or URL check it. $allow = $user->authorise('download', 'com_jdownloads.download.' . $file_id); } } if (!$allow) { // download stopped - user has not the right to download it $msg = JText::_('COM_JDOWNLOADS_DOWNLOAD_NOT_ALLOWED_MSG'); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } $transfer_speed = (int) $user_rules->transfer_speed_limit_kb; if ($jlistConfig['use.alphauserpoints']) { // get AUP user info $api_AUP = JPATH_SITE . DS . 'components' . DS . 'com_alphauserpoints' . DS . 'helper.php'; if (file_exists($api_AUP) && !$user->guest) { require_once $api_AUP; $aup_exist = true; // get user profile data from AUP $profile = AlphaUserPointsHelper::getUserInfo('', $user->id); // get standard points value from AUP $db->setQuery("SELECT points FROM #__alpha_userpoints_rules WHERE published = 1 AND plugin_function = 'plgaup_jdownloads_user_download'"); $aup_fix_points = floatval($db->loadResult()); //$aup_fix_points = JDHelper::strToNumber($aup_fix_points); } } // build a array with IDs $files_arr = explode(',', $files_list); // get the files data for multi or single download $query = $db->getQuery(true); $query->select('a.*'); $query->from('#__jdownloads_files AS a'); // Join on category table. $query->select('c.title AS category_title, c.id AS category_id, c.cat_dir AS category_cat_dir, c.cat_dir_parent AS category_cat_dir_parent'); $query->join('LEFT', '#__jdownloads_categories AS c on c.id = a.cat_id'); // Join on license table. $query->select('l.title AS license_title'); $query->join('LEFT', '#__jdownloads_licenses AS l on l.id = a.license'); $query->where('(a.published = ' . $db->Quote('1') . ')'); if ($files_list) { $query->where('a.file_id IN (' . $files_list . ')'); } else { $query->where('a.file_id = ' . $db->Quote($file_id)); } // Filter by access level so when we get not a result this user has not the access to view it $query->where('a.access IN (' . $groups . ')'); $query->where('c.access IN (' . $groups . ')'); $db->setQuery($query); $files = $db->loadObjectList(); if (!$files) { // invalid data or user has not really the access $msg = JText::_('COM_JDOWNLOADS_DATA_NOT_FOUND'); $app->redirect(JRoute::_($current_link), $msg, 'error'); } // When we have a regged user, we must check whether he downloads the file in parts. // If so, we may only once write the download data in log and compute the AUP etc. $download_in_parts = JDHelper::getLastDownloadActivity($user->id, $files_list, $file_id, $user_rules->download_limit_after_this_time); if (count($files) > 1) { // mass download if (!$download_in_parts) { // add AUP points if ($jlistConfig['use.alphauserpoints'] && $aup_exist) { if ($jlistConfig['use.alphauserpoints.with.price.field']) { $db->setQuery("SELECT SUM(price) FROM #__jdownloads_files WHERE file_id IN ({$files_list})"); $sum_points = (int) $db->loadResult(); if ($profile->points >= $sum_points) { foreach ($files as $aup_data) { $db->setQuery("SELECT price FROM #__jdownloads_files WHERE file_id = '{$aup_data->file_id}'"); if ($price = floatval($db->loadResult())) { $can_download = JDHelper::setAUPPointsDownloads($user->id, $aup_data->file_title, $aup_data->file_id, $price, $profile); } } } } else { // use fix points $sum_points = $aup_fix_points * count($files_arr); if ($profile->points >= $sum_points) { foreach ($files as $aup_data) { $can_download = JDHelper::setAUPPointsDownloads($user->id, $aup_data->file_title, $aup_data->file_id, 0, $profile); } } else { $can_download = false; } } } else { // no AUP active $can_download = true; } if ($jlistConfig['user.can.download.file.when.zero.points'] && !$user->guest) { $can_download = true; } } else { $can_download = true; } } else { // single download // we must be ensure that the user cannot skiped special options or settings // check at first the password option if ($files[0]->password_md5 != '') { // captcha is activated for this user $session_result = (int) JDHelper::getSessionDecoded('jd_password_run'); if ($session_result < 2) { // Abort !!! $msg = JText::_('COM_JDOWNLOADS_ANTILEECH_MSG'); $app->redirect(JRoute::_($current_link), $msg, 'error'); } else { JDHelper::writeSessionEncoded('0', 'jd_password_run'); } } else { // when is not use a password, we must check captcha if ($user_rules->view_captcha) { // captcha is activated for this user $session_result = (int) JDHelper::getSessionDecoded('jd_captcha_run'); if ($session_result < 2) { // Abort !!! $msg = JText::_('COM_JDOWNLOADS_ANTILEECH_MSG'); $app->redirect(JRoute::_($current_link), $msg, 'error'); } else { JDHelper::writeSessionEncoded('0', 'jd_captcha_run'); } } } if (!$mirror) { if ($files[0]->url_download) { // build the complete category path if ($files[0]->cat_id > 1) { // Download has a category if ($files[0]->category_cat_dir_parent != '') { $cat_dir = $files[0]->category_cat_dir_parent . '/' . $files[0]->category_cat_dir; } else { $cat_dir = $files[0]->category_cat_dir; } $filename = $jlistConfig['files.uploaddir'] . '/' . $cat_dir . '/' . $files[0]->url_download; $filename_direct = $jlistConfig['files.uploaddir'] . '/' . $cat_dir . '/' . $files[0]->url_download; } else { // Download is 'uncategorized' $filename = $jlistConfig['files.uploaddir'] . '/' . $jlistConfig['uncategorised.files.folder.name'] . '/' . $files[0]->url_download; } } elseif ($files[0]->other_file_id) { // A file from another Download was assigned $query = $db->getQuery(true); $query->select('a.*'); $query->from('#__jdownloads_files AS a'); // Join on category table. $query->select('c.id AS category_id, c.cat_dir AS category_cat_dir, c.cat_dir_parent AS category_cat_dir_parent'); $query->join('LEFT', '#__jdownloads_categories AS c on c.id = a.cat_id'); $query->where('a.published = ' . $db->Quote('1')); $query->where('a.file_id = ' . $db->Quote($files[0]->other_file_id)); $query->where('a.access IN (' . $groups . ')'); $db->setQuery($query); $other_file_data = $db->loadObject(); if ($other_file_data->cat_id > 1) { // the assigned Download has a category if ($other_file_data->category_cat_dir_parent != '') { $cat_dir = $other_file_data->category_cat_dir_parent . '/' . $other_file_data->category_cat_dir; } else { $cat_dir = $other_file_data->category_cat_dir; } $filename = $jlistConfig['files.uploaddir'] . '/' . $cat_dir . '/' . $other_file_data->url_download; $filename_direct = $jlistConfig['files.uploaddir'] . '/' . $cat_dir . '/' . $other_file_data->url_download; } else { // Download is 'uncategorized' $filename = $jlistConfig['files.uploaddir'] . '/' . $jlistConfig['uncategorised.files.folder.name'] . '/' . $other_file_data->url_download; } } else { $filename = $files[0]->extern_file; if ($files[0]->extern_site) { $extern_site = true; } $extern = true; } } else { // is mirror if ($mirror == 1) { $filename = $files[0]->mirror_1; if ($files[0]->extern_site_mirror_1) { $extern_site = true; } } else { $filename = $files[0]->mirror_2; if ($files[0]->extern_site_mirror_2) { $extern_site = true; } } $extern = true; } $price = ''; // Is AUP rule or price option used - we need the price for it if ($aup_exist) { if ($jlistConfig['use.alphauserpoints.with.price.field']) { $price = floatval($files[0]->price); } else { $price = $aup_fix_points; } } if (!$download_in_parts) { $can_download = JDHelper::setAUPPointsDownload($user->id, $files[0]->file_title, $files[0]->file_id, $price, $profile); if ($jlistConfig['user.can.download.file.when.zero.points'] && $user->id) { $can_download = true; } } else { $can_download = true; } } // plugin support // load external plugins $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('jdownloads'); $results = $dispatcher->trigger('onBeforeDownloadIsSendJD', array(&$files, &$can_download, $user_rules, $download_in_parts)); if (!$can_download) { $msg = JText::_('COM_JDOWNLOADS_BACKEND_SET_AUP_FE_MESSAGE_NO_DOWNLOAD'); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } else { // run download if (!$download_in_parts) { // send at first e-mail if ($jlistConfig['send.mailto.option'] == '1' && $files) { JDHelper::sendMailDownload($files); } // give uploader AUP points when is set on if ($jlistConfig['use.alphauserpoints']) { if ($jlistConfig['use.alphauserpoints.with.price.field']) { JDHelper::setAUPPointsDownloaderToUploaderPrice($files); } else { JDHelper::setAUPPointsDownloaderToUploader($files); } } // write data in log if ($jlistConfig['activate.download.log']) { JDHelper::updateLog($type = 1, $files, ''); } // update downloads hits if (count($files) > 1) { $db->setQuery('UPDATE #__jdownloads_files SET downloads=downloads+1 WHERE file_id IN (' . $files_list . ')'); $db->execute(); } else { $db->setQuery("UPDATE #__jdownloads_files SET downloads=downloads+1 WHERE file_id = '" . $files[0]->file_id . "'"); $db->execute(); } } // get filesize if (!$extern) { if (!file_exists($filename)) { $msg = JText::_('COM_JDOWNLOADS_FILE_NOT_FOUND') . ': ' . basename($filename); $app->redirect(JRoute::_($current_link), $msg, 'notice'); } else { $size = filesize($filename); } } else { $size = JDHelper::getUrlFilesize($filename); } // if url go to other website - open it in a new browser window if ($extern_site) { echo "<script>document.location.href='{$filename}';</script>\n"; exit; } // if set the option for direct link to the file if (!$jlistConfig['use.php.script.for.download']) { $root = str_replace('\\', '/', $_SERVER["DOCUMENT_ROOT"]); $root = rtrim($root, "/"); $host = $_SERVER["HTTP_HOST"] . '/'; $filename_direct = str_replace($root, $host, $filename_direct); $filename_direct = str_replace('//', '/', $filename_direct); if (strpos('http://', $filename_direct) === false && strpos('https://', $filename_direct) === false && strpos('ftp://', $filename_direct) === false) { $filename_direct = 'http://' . $filename_direct; } $app->redirect($filename_direct); } else { $only_filename = basename($filename); $extension = JDHelper::getFileExtension($only_filename); if ($extern) { $mime_type = JDHelper::getMimeTypeRemote($filename); } else { $mime_type = JDHelper::getMimeTyp($extension); } // Check for protocol and set the appropriate headers $use_ssl = false; $uri = JUri::getInstance(JUri::current()); $protocol = $uri->getScheme(); if ($protocol == 'https') { $use_ssl = true; } $open_in_browser = false; if (in_array($extension, $view_types)) { // view file in browser $open_in_browser = true; } clearstatcache(); if ($extern) { ob_end_clean(); // needed for MS IE - otherwise content disposition is not used? if (ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } header("Cache-Control: public, must-revalidate"); header('Cache-Control: pre-check=0, post-check=0, max-age=0'); // header("Pragma: no-cache"); // Problems with MS IE header("Expires: 0"); header("Content-Description: File Transfer"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Content-Type: " . $mime_type); header("Content-Length: " . (string) $size); if (!$open_in_browser) { header('Content-Disposition: attachment; filename="' . $only_filename . '"'); } else { // view file in browser header('Content-Disposition: inline; filename="' . $only_filename . '"'); } header("Content-Transfer-Encoding: binary\n"); // redirect to category when it is set the time if (intval($jlistConfig['redirect.after.download']) > 0) { header("refresh:" . $jlistConfig['redirect.after.download'] . "; url=" . $current_link); } // set_time_limit doesn't work in safe mode if (!ini_get('safe_mode')) { @set_time_limit(0); } @readfile($filename); flush(); exit; } else { $download_class_file = JPATH_SITE . DS . 'components' . DS . 'com_jdownloads' . DS . 'helpers' . DS . 'downloader.php'; if (file_exists($download_class_file)) { require_once $download_class_file; $object = new downloader(); $object->set_byfile($filename); // Type: Download from a file $object->set_filename($only_filename); // Set the file basename $object->set_filesize($size); // Set the file basename $object->set_mime($mime_type); // Set the mime type $object->set_speed($transfer_speed); // Set download speed $object->set_refresh($current_link, (int) $jlistConfig['redirect.after.download']); // // redirect to category when it is set the time in configuration $object->use_resume = true; // Set the value for using Resume Mode $object->use_ssl = $use_ssl; // Set support for SSL $object->open_in_browser = $open_in_browser; // Set whether the file shall be opened in browser window $object->use_autoexit = true; // Set the value for auto exit ('false' worked not really with extern file?) $object->download(); // Run the download flush(); exit; } else { $msg = JText::_('COM_JDOWNLOADS_FILE_NOT_FOUND') . ': ' . $filename; $app->redirect(JRoute::_($current_link), $msg, 'notice'); } } } } }
require_once '../lib-common.php'; /** * Require Downloader Class */ require_once $_CONF['path'] . 'system/classes/downloader.class.php'; // Incoming variable filter $vars = array('id' => 'number'); paypal_filterVars($vars, $_REQUEST); // This sql does double duty of getting the file name to download and making sure that the // user has 'permission' to get it $sql = "SELECT d.id, d.file, d.product_type, d.active FROM " . "{$_TABLES['paypal_products']} as d LEFT JOIN {$_TABLES['paypal_purchases']} as p " . "ON d.id = p.product_id WHERE d.id = {$_REQUEST['id']} AND " . "((p.user_id = {$_USER['uid']} AND (p.expiration > NOW() OR p.expiration IS NULL)) " . "OR (d.price <= 0)) LIMIT 1"; $res = DB_query($sql); $A = DB_fetchArray($res); // If a file was found, do the download. Otherwise refresh to the home page and log it. if (!empty($A['file']) && $A['product_type'] == '1' && $A['active'] == '1') { $dwnld = new downloader(); $dwnld->setLogFile($_CONF['path_log'] . 'paypal_downloads.log'); $dwnld->setLogging(true); $dwnld->setAllowedExtensions($_PAY_CONF['allowedextensions']); $dwnld->setPath($_PAY_CONF['download_path']); $dwnld->downloadFile($A['file']); // Check for errors if ($dwnld->areErrors()) { $errs = $dwnld->printErrors(false); COM_errorLog("PAYPAL-DWNLD: {$_USER['username']} tried to download the file with id " . "{$_REQUEST['id']} but for some reason could not. Download path is set to: " . $_PAY_CONF['download_path'], 1); COM_errorLog("PAYPAL-DWNLD: {$errs}", 1); echo COM_refresh($_CONF['site_url']); } else { $dwnld->_logItem('Download Success', "{$_USER['username']} successfully downloaded " . "the file with id {$_REQUEST['id']}."); $sql = "INSERT INTO {$_TABLES['paypal_downloads']} SET product_id = {$A['id']}, " . "file = '{$A['file']}', user_id = {$_USER['uid']}, " . "dl_date = NOW()"; DB_query($sql);
} // getting login data from session or use guest accounts else if (isset($_SESSION["LMS_USER"]) && $_SESSION["LMS_USER"] instanceof lms_user && $_SESSION["LMS_USER"]->is_logged_in()) { $login = $_SESSION["LMS_USER"]->get_login(); $password = $_SESSION["LMS_USER"]->get_password(); } else { $login = '******'; $password = '******'; } try { while (ob_get_level() > 0) { ob_end_clean(); } } catch (Exception $e) { } $downloader = new downloader(); $downloader->connect_to_mysql(); // If user is not logged in, open login dialog. If user is logged in // and not guest, then display "Access denied" message. if (!$downloader->check_permissions($login, $identifier, $password)) { if ($login == 'guest') { throw new Exception("Access denied. Please login.", E_USER_AUTHORIZATION); } else { throw new Exception("No rights to download object " . $identifier . ".", E_USER_RIGHTS); } } $data = $downloader->get_document_attributes($identifier); // print_r($data); // print("name=" . $data["name"] ); // exit(); header("Pragma: private");
function nexdoc_createArchiveFromFolder($rootfolder) { global $_CONF, $_TABLES, $_FMCONF, $_USER; $archiveDirectory = "{$_FMCONF['storage_path']}tmp/"; $zipfilename = ppRandomFilename(6) . '.zip'; if (file_exists("{$archiveDirectory}{$zipfilename}")) { @unlink("{$archiveDirectory}{$zipfilename}"); //COM_errorLog("Creating archive {$archiveDirectory}{$zipfilename} - removing existing file"); } else { //COM_errorLog("Creating archive {$archiveDirectory}{$zipfilename}"); } if (!fm_getPermission($rootfolder, 'view')) { COM_errorLog("User: {$_USER['uid']} does not have view access to the root folder: {$rootfolder}"); return ''; } $zip = new ZipArchive(); $zipOpenResult = $zip->open("{$archiveDirectory}{$zipfilename}", ZIPARCHIVE::CREATE); if ($zipOpenResult === TRUE) { /* If user is inside a workspace or directory then we need to process * list of files from parent folder down and add any needed folders to archive * $fileitems will contain just file id's - checking a folder will just add files to hidden form field */ $filesAdded = array(); $sql = "SELECT a.cid,a.fid,a.fname,b.pid,b.name as folder FROM {$_TABLES['nxfile_files']} a "; $sql .= "LEFT JOIN {$_TABLES['nxfile_categories']} b on b.cid=a.cid "; $sql .= "WHERE a.cid={$rootfolder}"; $query = DB_query($sql); $pfolders = array(); // Array of parent folders that I will need to create folders for in archive $files = array(); while ($A = DB_fetchArray($query)) { // Add any files now to the archive that are in the Root Folder $sourcefile = $_FMCONF['storage_path'] . "{$rootfolder}/{$A['fname']}"; if (file_exists($sourcefile)) { //COM_errorLog("$i: Adding file ({$A['fid']}): $sourcefile "); $zip->addFile($sourcefile, $A['fname']); } } if (DB_count($_TABLES['nxfile_categories'], 'pid', $cid)) { nexdoc_archiveAddParentFromFolder($zip, $rootfolder); } $zip->close(); //COM_errorLog("Completed {$archiveDirectory}{$zipfilename}, filesize: " . filesize("{$archiveDirectory}{$zipfilename}")); include_once $_CONF['path_system'] . 'classes/downloader.class.php'; $download = new downloader(); $download->setLogging(false); $download->_setAvailableExtensions(array('zip' => 'application/x-zip-compresseed')); $download->setAllowedExtensions(array('zip' => 'application/x-zip-compresseed')); $download->setPath($archiveDirectory); $download->downloadFile($zipfilename); if ($download->areErrors()) { $err = $download->printWarnings(); $err .= "\n" . $download->printErrors(); COM_errorLog("nexFile: Download error for user: {$_USER['uid']} - file: {$archiveDirectory}{$zipfilename}, Err => {$err}"); } } else { COM_errorLog("Failed to create {$archiveDirectory}{$zipfilename}, Err => {$zipOpenResult}"); } }
function spider_channel($intChannelID, $strUrl) { $download = new downloader(); $feed = new agregator_feed(); $data = new data(); $keyword = new keyword(); // закачиваем ресурс $str_data = $download->get_resource($strUrl); if ($str_data == false) { return false; } // обрабатываем документ $arrData = $feed->parse($str_data); $arrFeed = $arrData['feed']; $arrItems = $arrData['items']; // если данные присутствуют, делаем следующее if ($arrFeed) { $arrFeed->feed_id = $intChannelID; $arrFeed->feed_url = $strUrl; $arrFeed->lastindex = date("Ymdhis"); //$arrFeedData->feed->update = date("Ymdhis"); // отправляем массив данных на сохранение $data->save_feed($arrFeed->feed_id, $arrFeed->feed_url, $arrFeed->lastindex, $arrFeed->lastbuilddate_int, $arrFeed->pubdate_int, null, $arrFeed->title, $arrFeed->link, $arrFeed->description, $arrFeed->language, $arrFeed->copyright, $arrFeed->managingeditor, $arrFeed->webmaster, $arrFeed->pubdate, $arrFeed->lastbuilddate, $arrFeed->category, $arrFeed->generator, $arrFeed->docs, $arrFeed->cloud, $arrFeed->ttl, $arrFeed->image_url, $arrFeed->image_title, $arrFeed->image_link); for ($intCountItems = 0, $intNumItems = count($arrItems); $intCountItems < $intNumItems; $intCountItems++) { unset($itemsum); $arrItems[$intCountItems]->feed_id = $intChannelID; //print_r($arrItems[$intCountItems]); $item_id = $data->save_item("null", $arrItems[$intCountItems]->feed_id, $arrItems[$intCountItems]->pubdate_int, $arrItems[$intCountItems]->title, $arrItems[$intCountItems]->link, $arrItems[$intCountItems]->description, $arrItems[$intCountItems]->author, $arrItems[$intCountItems]->category, $arrItems[$intCountItems]->comments, $arrItems[$intCountItems]->enclousure, $arrItems[$intCountItems]->guid, $arrItems[$intCountItems]->pubdate, $arrItems[$intCountItems]->source, addslashes(json_encode($arrItems[$intCountItems]))); if (isset($item_id) && $item_id > 0) { echo " new item: " . $item_id . "\n"; // Save enclosure if (isset($arrItems[$intCountItems]->enclousure['URL']) && $arrItems[$intCountItems]->enclousure['LENGTH'] > 0) { $enclosure_tmp = array(); // TODO: Download file // ... $enclosure_tmp['hash_32'] = md5($arrItems[$intCountItems]->enclousure['URL']); $enclosure_tmp['hash_2'] = substr($enclosure_tmp['hash_32'], 0, 2); $enclosure_tmp['hash_1'] = substr($enclosure_tmp['hash_32'], 0, 1); $enclosure_tmp['length'] = $arrItems[$intCountItems]->enclousure['LENGTH']; $enclosure_tmp['type'] = addslashes($arrItems[$intCountItems]->enclousure['TYPE']); $enclosure_tmp['url'] = addslashes($arrItems[$intCountItems]->enclousure['URL']); $_e_p = "../public/static"; // create folder in static, static/a/ab/ if (!is_dir($_e_p . "/" . $enclosure_tmp['hash_1'])) { mkdir($_e_p . "/" . $enclosure_tmp['hash_1']); } if (!is_dir($_e_p . "/" . $enclosure_tmp['hash_1'] . "/" . $enclosure_tmp['hash_2'])) { mkdir($_e_p . "/" . $enclosure_tmp['hash_1'] . "/" . $enclosure_tmp['hash_2']); } // get file from server, save in static file_put_contents($_e_p . "/" . $enclosure_tmp['hash_1'] . "/" . $enclosure_tmp['hash_2'] . "/" . $enclosure_tmp['hash_32'], file_get_contents($enclosure_tmp['url'])); ///$_e = file_get_contents($enclosure_tmp['url']); $data->feed_item_enclosure_add($item_id, $enclosure_tmp['hash_1'], $enclosure_tmp['hash_2'], $enclosure_tmp['hash_32'], $enclosure_tmp['length'], $enclosure_tmp['type'], $enclosure_tmp['url']); unset($enclosure_tmp); } $arr_keywords = $keyword->extract_keywords($arrItems[$intCountItems]->title . " " . $arrItems[$intCountItems]->description); foreach ($arr_keywords as $k) { if ($keyword->check($k) == false) { $keyword_id = $keyword->save($k); } else { $keyword_id = $keyword->get($k); } if ($item_id !== 0 || $item_id !== '' || $keyword_id !== 0 || $keyword_id !== '') { // mysql_query("INSERT INTO `feed_keyword_item` (`keyword_id`,`item_id`) VALUES ('{$keyword_id}','{$item_id}')"); } } unset($arr_keywords); } } return true; } return false; }