<?php define('WP_USE_THEMES', false); require '../../../../wp-load.php'; //get the filename $file = ssd_unswapChars($_REQUEST['file']); //fix it if there is no leading http, etc if (substr($file, 0, 1) == "/") { $file = "http://" . $_SERVER['HTTP_HOST'] . $file; } elseif (substr($file, 0, 4) != "http") { $file = "http://" . $_SERVER['HTTP_HOST'] . "/" . $file; } //serverfile $serverfile = str_replace("http://" . $_SERVER['HTTP_HOST'], $_SERVER['DOCUMENT_ROOT'], $file); $require = ssd_getOption("require"); global $current_user; //if user has session flag, fetch and return the file if ($file && ($require == "email" && $_SESSION['ssd_email_validates'] || $require == "user" && $current_user->ID)) { //save file in database if ($require == "user") { $wpdb->insert($wpdb->ss_downloads, array('email' => $current_user->email, 'file' => $file, 'ip' => $_SERVER['REMOTE_ADDR'], 'referrer' => $_SERVER['HTTP_REFERER']), array('%s', '%s', '%s', '%s')); } else { $wpdb->insert($wpdb->ss_downloads, array('email' => $_SESSION['ssd_email'], 'file' => $file, 'ip' => $_SERVER['REMOTE_ADDR'], 'referrer' => $_SERVER['HTTP_REFERER']), array('%s', '%s', '%s', '%s')); } if (GETFILE_REDIRECT === "cURL") { $curl_handle = curl_init(); curl_setopt($curl_handle, CURLOPT_URL, $file); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, true); $r = curl_exec($curl_handle); curl_close($curl_handle); session_write_close();
$_SESSION['ssd_email'] = $email; $_SESSION['ssd_email_validates'] = true; //save the email to the db $wpdb->insert($wpdb->justemails, array('email' => $email), array('%s')); //if we're set to email file, email the file $delivery = ssd_getOption("delivery"); if ($delivery == "email_link" || $delivery == "email_attachment") { require_once ABSPATH . "/wp-includes/class-phpmailer.php"; //send email $to = $email; $subject = "Your Requested File From " . get_bloginfo("name"); $from = get_bloginfo('name') . "<" . get_bloginfo('admin_email') . ">"; if ($delivery == "email_attachment") { $body = "Your requested file is attached."; //get the filename $file = ssd_unswapChars($file); //fix it if there is no leading http, etc if (substr($file, 0, 1) == "/") { $file = "http://" . $_SERVER['HTTP_HOST'] . $file; } elseif (substr($file, 0, 4) != "http") { $file = "http://" . $_SERVER['HTTP_HOST'] . "/" . $file; } //serverfile $serverfile = str_replace("http://" . $_SERVER['HTTP_HOST'], $_SERVER['DOCUMENT_ROOT'], $file); $attachment = $serverfile; } else { $body .= "Download your file here: <a href=\"" . SSD_PLUGIN_URL . "/services/getfile.php?file=" . $file . "\">" . $title . "</a>"; $body .= "<br /><br /><small>Note: You must use the same computer and browser that you submitted your email address from to access the file.</small>"; } $mail = new PHPMailer(); // defaults to using php "mail()"