/**
* Render Download Metabox
*
* @since 1.5
*/
function dedo_meta_box_download($post)
{
global $post;
$file_url = get_post_meta($post->ID, '_dedo_file_url', true);
$file_url = false != $file_url ? $file_url : '';
$file_size = get_post_meta($post->ID, '_dedo_file_size', true);
$file_size = false != $file_size ? size_format($file_size, 1) : '';
$file_count = get_post_meta($post->ID, '_dedo_file_count', true);
$file_count = false != $file_count ? $file_count : 0;
$file_options = get_post_meta($post->ID, '_dedo_file_options', true);
// Update status args
$status_args = array('ajaxURL' => admin_url('admin-ajax.php', isset($_SERVER['HTTPS']) ? 'https://' : 'http://'), 'nonce' => wp_create_nonce('dedo_download_update_status'), 'action' => 'dedo_download_update_status', 'default_icon' => dedo_get_file_icon('default'), 'lang_local' => __('Local File', 'delightful-downloads'), 'lang_remote' => __('Remote File', 'delightful-downloads'), 'lang_warning' => __('Inaccessible File', 'delightful-downloads'));
// Plupload args
$plupload_args = array('runtimes' => 'html5, silverlight, flash, html4', 'browse_button' => 'dedo-upload-button', 'container' => 'dedo-upload-container', 'drop_element' => 'dedo-drag-drop-area', 'file_data_name' => 'async-upload', 'multiple_queues' => false, 'multi_selection' => false, 'max_file_size' => wp_max_upload_size() . 'b', 'url' => admin_url('admin-ajax.php'), 'flash_swf_url' => includes_url('js/plupload/plupload.flash.swf'), 'silverlight_xap_url' => includes_url('js/plupload/plupload.silverlight.xap'), 'filters' => array(array('title' => __('Allowed Files'), 'extensions' => '*')), 'multipart' => true, 'urlstream_upload' => true, 'multipart_params' => array('_ajax_nonce' => wp_create_nonce('dedo_download_upload'), 'action' => 'dedo_download_upload', 'post_id' => $post->ID));
// File browser args
$file_browser_args = array('root' => dedo_get_upload_dir('basedir') . '/', 'url' => dedo_get_upload_dir('baseurl') . '/', 'script' => DEDO_PLUGIN_URL . 'assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php');
?>
<script type="text/javascript">
var updateStatusArgs = <?php
echo json_encode($status_args);
?>
;
</script>
<div id="dedo-new-download" style="<?php
echo !isset($file_url) || empty($file_url) ? 'display: block;' : 'display: none;';
?>
">
<a href="#dedo-upload-modal" class="button dedo-modal-action"><?php
_e('Upload File', 'delightful-downloads');
?>
</a>
<a href="#dedo-select-modal" class="button dedo-modal-action select-existing"><?php
_e('Existing File', 'delightful-downloads');
?>
</a>
</div>
<div id="dedo-existing-download" style="<?php
echo isset($file_url) && !empty($file_url) ? 'display: block;' : 'display: none;';
?>
">
<div class="left-panel">
<div class="file-icon">
<img src="<?php
echo dedo_get_file_icon($file_url);
?>
" />
</div>
<div class="file-name"><?php
echo dedo_get_file_name($file_url);
?>
</div>
<div class="file-size"><?php
echo $file_size;
?>
</div>
<div class="file-status">
<span class="status spinner"></span>
</div>
</div>
<div class="right-panel">
<table class="form-table">
<tbody>
<tr>
<th scope="row">
<?php
_e('Download Count', 'delightful-downloads');
?>
</th>
<td>
<input name="download_count" id="download_count" class="regular-text" type="number" min="0" value="<?php
echo $file_count;
?>
" />
<p class="description"><?php
_e('The number of times this file has been downloaded.');
?>
</p>
</td>
</tr>
<?php
$members_only = isset($file_options['members_only']) ? $file_options['members_only'] : '';
?>
<?php
$members_only_redirect = isset($file_options['members_only_redirect']) ? $file_options['members_only_redirect'] : '';
?>
<tr>
<th scope="row">
<?php
_e('Members Only', 'delightful-downloads');
?>
</th>
<td>
<label for="members_only_true"><input name="members_only" id="members_only_true" type="radio" value="1" <?php
echo 1 === $members_only ? 'checked' : '';
?>
/> <?php
_e('Yes', 'delightful-downloads');
?>
</label>
<label for="members_only_false"><input name="members_only" id="members_only_false" type="radio" value="0" <?php
echo 0 === $members_only ? 'checked' : '';
?>
/> <?php
_e('No', 'delightful-downloads');
?>
</label>
<label for="members_only_inherit"><input name="members_only" id="members_only_inherit" type="radio" value <?php
echo '' === $members_only ? 'checked' : '';
?>
/> <?php
_e('Inherit', 'delightful-downloads');
?>
</label>
<p class="description"><?php
_e('Allow only logged in users to download this file.');
?>
</p>
<div id="members_only_sub" class="dedo-sub-option" style="<?php
echo 0 === $members_only ? 'display: none;' : '';
?>
">
<?php
$args = array('name' => 'members_only_redirect', 'depth' => 0, 'selected' => $members_only_redirect, 'show_option_none' => __('Inherit', 'delightful-downloads'), 'option_none_value' => '', 'echo' => 0);
$list = wp_dropdown_pages($args);
// Add option groups
$list = explode('<option value="">' . __('Inherit', 'delightful-downloads') . '</option>', $list);
$list = implode('<optgroup label="' . __('Global', 'delightful-downloads') . '"><option value="">' . __('Inherit', 'delightful-downloads') . '</option></optgroup><optgroup label="' . __('Pages', 'delightful-downloads') . '">', $list);
$list = explode('</select>', $list);
$list = implode('</optgroup></select>', $list);
echo $list;
?>
<p class="description"><?php
_e('The page to redirect non-members.');
?>
</p>
</div>
</td>
</tr>
<?php
$open_browser = isset($file_options['open_browser']) ? $file_options['open_browser'] : '';
?>
<tr>
<th scope="row">
<?php
_e('Open In Browser', 'delightful-downloads');
?>
</th>
<td>
<label for="open_browser_true"><input name="open_browser" id="open_browser_true" type="radio" value="1" <?php
echo 1 === $open_browser ? 'checked' : '';
?>
/> <?php
_e('Yes', 'delightful-downloads');
?>
</label>
<label for="open_browser_false"><input name="open_browser" id="open_browser_false" type="radio" value="0" <?php
echo 0 === $open_browser ? 'checked' : '';
?>
/> <?php
_e('No', 'delightful-downloads');
?>
</label>
<label for="open_browser_inherit"><input name="open_browser" id="open_browser_inherit" type="radio" value <?php
echo '' === $open_browser ? 'checked' : '';
?>
/> <?php
_e('Inherit', 'delightful-downloads');
?>
</label>
<p class="description"><?php
echo sprintf(__('This file will attempt to open in the browser window. If the file is located within the Delightful Downloads upload directory, you will need to set the %sfolder protection%s setting to \'No\'.', 'delightful-downloads'), '<a href="' . admin_url('edit.php?post_type=dedo_download&page=dedo_settings&tab=advanced') . '" target="_blank">', '</a>');
?>
</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="footer">
<?php
_e('Replace File:', 'delightful-downloads');
?>
<a href="#dedo-upload-modal" class="button dedo-modal-action"><?php
_e('Upload', 'delightful-downloads');
?>
</a>
<a href="#dedo-select-modal" class="button dedo-modal-action select-existing"><?php
_e('Select Existing', 'delightful-downloads');
?>
</a>
<a href="#dedo-delete-modal" class="delete dedo-delete-file"><?php
_e('Delete File', 'delightful-downloads');
?>
</a>
</div>
</div>
<script type="text/javascript">
var pluploadArgs = <?php
echo json_encode($plupload_args);
?>
;
</script>
<div id="dedo-upload-modal" class="dedo-modal" style="display: none; width: 40%; left: 50%; margin-left: -20%;">
<a href="#" class="dedo-modal-close" title="Close"><span class="media-modal-icon"></span></a>
<div id="dedo-upload-container" class="dedo-modal-content">
<h1><?php
_e('Upload File', 'delightful-downloads');
?>
</h1>
<div id="dedo-drag-drop-area-container">
<div id="dedo-drag-drop-area">
<p class="drag-drop-info"><?php
_e('Drop file here', 'delightful-downloads');
?>
</p>
<p><?php
_e('or', 'delightful-downloads');
?>
</p>
<p class="drag-drop-button"><input id="dedo-upload-button" type="button" value="<?php
_e('Select File', 'delightful-downloads');
?>
" class="button" />
<div id="dedo-progress-percent" style="width: 0%;"></div>
<div id="dedo-progress-text">0%</div>
</div>
</div>
<p><?php
printf(__('Maximum upload file size: %s.', 'delightful-downloads'), size_format(wp_max_upload_size(), 1));
?>
</p>
<div id="dedo-progress-error" style="display: none"></div>
</div>
</div>
<script type="text/javascript">
var fileBrowserArgs = <?php
echo json_encode($file_browser_args);
?>
;
</script>
<div id="dedo-select-modal" class="dedo-modal" style="display: none; width: 40%; left: 50%; margin-left: -20%;">
<a href="#" class="dedo-modal-close" title="Close"><span class="media-modal-icon"></span></a>
<div class="dedo-modal-content">
<h1><?php
_e('Existing File', 'delightful-downloads');
?>
</h1>
<p><?php
_e('Manually enter a file URL, or use the file browser.', 'delightful-downloads');
?>
</p>
<p>
<?php
wp_nonce_field('ddownload_file_save', 'ddownload_file_save_nonce');
?>
<input name="dedo-file-url" id="dedo-file-url" type="text" class="large-text" value="<?php
echo $file_url;
?>
" placeholder="<?php
_e('File URL or path...', 'delightful-downloads');
?>
" />
</p>
<p>
<div id="dedo-file-browser"><p><?php
_e('Loading...', 'delightful-downloads');
?>
</p></div>
</p>
<p>
<a href="#" id="dedo-select-done" class="button button-primary"><?php
_e('Confirm', 'delightful-downloads');
?>
</a>
</p>
</div>
</div>
<?php
}
/**
* Protect uploads dir from direct access
*
* @since 1.3
*/
function dedo_folder_protection($folder_protection = '')
{
global $dedo_options;
// Allow custom options to be passed, set to save options if not
$folder_protection = '' === $folder_protection ? $dedo_options['folder_protection'] : $folder_protection;
// Get delightful downloads upload base path
$upload_dir = dedo_get_upload_dir('dedo_basedir');
// Create upload dir if needed, return on fail. Causes fatal error on activation otherwise
if (!wp_mkdir_p($upload_dir)) {
return;
}
// Add htaccess protection if enabled, else delete it
if (1 == $folder_protection) {
if (!file_exists($upload_dir . '/.htaccess') && wp_is_writable($upload_dir)) {
$content = "Options -Indexes\n";
$content .= "deny from all";
@file_put_contents($upload_dir . '/.htaccess', $content);
}
} else {
if (file_exists($upload_dir . '/.htaccess') && wp_is_writable($upload_dir)) {
@unlink($upload_dir . '/.htaccess');
}
}
// Check for root index.php
if (!file_exists($upload_dir . '/index.php') && wp_is_writable($upload_dir)) {
@file_put_contents($upload_dir . '/index.php', '<?php' . PHP_EOL . '// You shall not pass!');
}
// Check subdirs for index.php
$subdirs = dedo_folder_scan($upload_dir);
foreach ($subdirs as $subdir) {
if (!file_exists($subdir . '/index.php') && wp_is_writable($subdir)) {
@file_put_contents($subdir . '/index.php', '<?php' . PHP_EOL . '// You shall not pass!');
}
}
}