/**
* Verifies a download purchase using a purchase key and email.
*
* @deprecated Please avoid usage of this function in favor of the tokenized urls with edd_validate_url_token()
* introduced in EDD 2.3
*
* @since 1.0
*
* @param int $download_id
* @param string $key
* @param string $email
* @param string $expire
* @param int $file_key
*
* @return bool True if payment and link was verified, false otherwise
*/
function edd_verify_download_link($download_id = 0, $key = '', $email = '', $expire = '', $file_key = 0)
{
$meta_query = array('relation' => 'AND', array('key' => '_edd_payment_purchase_key', 'value' => $key), array('key' => '_edd_payment_user_email', 'value' => $email));
$accepted_stati = apply_filters('edd_allowed_download_stati', array('publish', 'complete'));
$payments = get_posts(array('meta_query' => $meta_query, 'post_type' => 'edd_payment', 'post_status' => $accepted_stati));
if ($payments) {
foreach ($payments as $payment) {
$cart_details = edd_get_payment_meta_cart_details($payment->ID, true);
if (!empty($cart_details)) {
foreach ($cart_details as $cart_key => $cart_item) {
if ($cart_item['id'] != $download_id) {
continue;
}
$price_options = isset($cart_item['item_number']['options']) ? $cart_item['item_number']['options'] : false;
$price_id = isset($price_options['price_id']) ? $price_options['price_id'] : false;
$file_condition = edd_get_file_price_condition($cart_item['id'], $file_key);
// Check to see if the file download limit has been reached
if (edd_is_file_at_download_limit($cart_item['id'], $payment->ID, $file_key, $price_id)) {
wp_die(apply_filters('edd_download_limit_reached_text', __('Sorry but you have hit your download limit for this file.', 'edd')), __('Error', 'edd'), array('response' => 403));
}
// If this download has variable prices, we have to confirm that this file was included in their purchase
if (!empty($price_options) && $file_condition != 'all' && edd_has_variable_prices($cart_item['id'])) {
if ($file_condition == $price_options['price_id']) {
return $payment->ID;
}
}
// Make sure the link hasn't expired
if (base64_encode(base64_decode($expire, true)) === $expire) {
$expire = base64_decode($expire);
// If it is a base64 string, decode it. Old expiration dates were in base64
}
if (current_time('timestamp') > $expire) {
wp_die(apply_filters('edd_download_link_expired_text', __('Sorry but your download link has expired.', 'edd')), __('Error', 'edd'), array('response' => 403));
}
return $payment->ID;
// Payment has been verified and link is still valid
}
}
}
} else {
wp_die(__('No payments matching your request were found.', 'edd'), __('Error', 'edd'), array('response' => 403));
}
// Payment not verified
return false;
}
/**
* The free download process.
*
* Modified from:
* /includes/process-download.php -> edd_process_download()
* Modifed parts:
* Stripping the purchase validation process.
*
* @return void
*/
function vp_edd_fd_process_download()
{
global $edd_options;
$valid = true;
$payment = -1;
$download = isset($_GET['did']) ? (int) $_GET['did'] : '';
$expire = isset($_GET['expire']) ? base64_decode(rawurldecode($_GET['expire'])) : '';
$file_key = isset($_GET['file']) ? (int) $_GET['file'] : '';
// if( $download === '' || $email === '' || $file_key === '' )
if ($download === '' || $file_key === '') {
return false;
}
// make sure user logged in
$must_logged_in = isset($edd_options['vp_edd_fd_must_logged_in']) ? $edd_options['vp_edd_fd_must_logged_in'] : false;
if ($must_logged_in) {
if (!is_user_logged_in()) {
$valid = false;
}
}
// Make sure the link hasn't expired
if (current_time('timestamp') > $expire) {
wp_die(apply_filters('edd_download_link_expired_text', __('Sorry but your download link has expired.', 'edd')), __('Error', 'edd'));
}
// Check to see if the file download limit has been reached
if (edd_is_file_at_download_limit($download, -1, $file_key)) {
wp_die(apply_filters('edd_download_limit_reached_text', __('Sorry but you have hit your download limit for this file.', 'edd')), __('Error', 'edd'));
}
if ($valid) {
// setup the download
$download_files = edd_get_download_files($download);
$requested_file = apply_filters('edd_requested_file', $download_files[$file_key]['file'], $download_files, $file_key);
// gather user data
$user_info = array();
if ($must_logged_in) {
global $user_ID;
$user_data = get_userdata($user_ID);
$user_info['email'] = $user_data->user_email;
$user_info['id'] = $user_ID;
$user_info['name'] = $user_data->display_name;
} else {
$user_info['email'] = 'anonymous';
$user_info['id'] = 'anonymous';
}
edd_record_download_in_log($download, $file_key, $user_info, edd_get_ip(), $payment);
$file_extension = edd_get_file_extension($requested_file);
$ctype = edd_get_file_ctype($file_extension);
if (!edd_is_func_disabled('set_time_limit') && !ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
nocache_headers();
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . apply_filters('edd_requested_file_name', basename($requested_file)) . "\";");
header("Content-Transfer-Encoding: binary");
$file_path = realpath($requested_file);
if (strpos($requested_file, 'http://') === false && strpos($requested_file, 'https://') === false && strpos($requested_file, 'ftp://') === false && file_exists($file_path)) {
/** This is an absolute path */
edd_deliver_download($file_path);
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
/** This is a local file given by URL */
$upload_dir = wp_upload_dir();
$file_path = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$file_path = realpath($file_path);
if (file_exists($file_path)) {
edd_deliver_download($file_path);
} else {
// Absolute path couldn't be discovered so send straight to the file URL
header("Location: " . $requested_file);
}
} else {
// This is a remote file
header("Location: " . $requested_file);
}
}
exit;
} else {
wp_die(apply_filters('edd_deny_download_message', __('You do not have permission to download this file.', 'vp_edd_fd')), __('Error', 'edd'));
}
exit;
}
/**
* Used to process a signed URL for processing downloads
*
* @since 2.3
* @param array $args Arguments provided to download a file
* @return array Same arguments, with the status of verification added
*/
function edd_process_signed_download_url($args)
{
$parts = parse_url(add_query_arg(array()));
wp_parse_str($parts['query'], $query_args);
$url = add_query_arg($query_args, site_url());
$valid_token = edd_validate_url_token($url);
// Bail if the token isn't valid.
// The request should pass through EDD, or custom handling can be enabled with the action.
if (!$valid_token) {
$args['payment'] = false;
$args['has_access'] = false;
return $args;
}
$order_parts = explode(':', rawurldecode($_GET['eddfile']));
// Check to make sure not at download limit
if (edd_is_file_at_download_limit($order_parts[1], $order_parts[0], $order_parts[2], $order_parts[3])) {
wp_die(apply_filters('edd_download_limit_reached_text', __('Sorry but you have hit your download limit for this file.', 'easy-digital-downloads')), __('Error', 'easy-digital-downloads'), array('response' => 403));
}
$args['expire'] = $_GET['ttl'];
$args['download'] = $order_parts[1];
$args['payment'] = $order_parts[0];
$args['file_key'] = $order_parts[2];
$args['price_id'] = $order_parts[3];
$args['email'] = get_post_meta($order_parts[0], '_edd_payment_user_email', true);
$args['key'] = get_post_meta($order_parts[0], '_edd_payment_purchase_key', true);
$payment = new EDD_Payment($args['payment']);
$args['has_access'] = 'publish' === $payment->status ? true : false;
return $args;
}
/**
* Verify Download Link
*
* Verifies a download purchase using a purchase key and email.
*
* @access public
* @since 1.0
* @return boolean
*/
function edd_verify_download_link($download_id, $key, $email, $expire, $file_key)
{
$meta_query = array('relation' => 'AND', array('key' => '_edd_payment_purchase_key', 'value' => $key), array('key' => '_edd_payment_user_email', 'value' => $email));
$payments = get_posts(array('meta_query' => $meta_query, 'post_type' => 'edd_payment'));
if ($payments) {
foreach ($payments as $payment) {
$payment_meta = get_post_meta($payment->ID, '_edd_payment_meta', true);
$downloads = maybe_unserialize($payment_meta['downloads']);
$cart_details = unserialize($payment_meta['cart_details']);
if ($payment->post_status != 'publish' && $payment->post_status != 'complete') {
return false;
}
if ($downloads) {
foreach ($downloads as $key => $download) {
$id = isset($payment_meta['cart_details']) ? $download['id'] : $download;
$price_options = $cart_details[$key]['item_number']['options'];
$file_condition = edd_get_file_price_condition($id, $file_key);
$variable_prices_enabled = get_post_meta($id, '_variable_pricing', true);
// if this download has variable prices, we have to confirm that this file was included in their purchase
if (!empty($price_options) && $file_condition != 'all' && $variable_prices_enabled) {
if ($file_condition !== $price_options['price_id']) {
return false;
}
}
if ($id == $download_id) {
// check to see if the file download limit has been reached
if (edd_is_file_at_download_limit($id, $payment->ID, $file_key)) {
wp_die(apply_filters('edd_download_limit_reached_text', __('Sorry but you have hit your download limit for this file.'), 'edd'), __('Error', 'edd'));
}
// make sure the link hasn't expired
if (time() < $expire) {
return $payment->ID;
// payment has been verified and link is still valid
}
return false;
// payment verified, but link is no longer valid
}
}
}
}
}
// payment not verified
return false;
}
