function ym_download_list()
{
get_currentuserinfo();
global $ym_dl_db, $wpdb, $date_format, $current_user, $ym_upload_root;
if (!is_dir($ym_upload_root)) {
if (@mkdir($ym_upload_root, 0664)) {
ym_display_message(__('The uploads directory did not exist so it was created and the permissions set to 664. Please make sure to update these permissions if you are not happy with them.'));
} else {
ym_display_message(__('The uploads directory does not exist and it could not be created. Please make sure that "' . $ym_upload_root . '" is present and writeable by PHP before adding any downloads.', 'ym'), 'error');
}
}
$header_style = 'border-bottom: 1px solid silver; font-weight: bold;';
$downloadurl = get_option('ym_dl_url');
$downloadtype = get_option('ym_dl_type');
$sort = ym_request('sort', "title");
$sql = 'SELECT *
FROM ' . $ym_dl_db . '
ORDER BY ' . $sort;
$download = $wpdb->get_results($sql);
echo '<p>' . __('Downloads can be associated with pages and posts. When associated, they take on the page or post permissions including post purchased. Non associated downloads are accessible by all.', 'ym') . '</p>';
echo ym_start_box('All Downloads');
if (!is_writeable($ym_upload_root)) {
ym_display_message(__('The uploads directory is not writeable by PHP and therefore anything uploaded using this tool will fail. Please set the permissions and then refresh this page to see if you have been successful.', 'ym'), 'error');
}
echo ' <table style="width: 100%;" cellspacing="0" class="ym_table">
<tr>
<th><a href="' . YM_ADMIN_URL . '&ym_page=ym-content-downloads&sort=id">' . __('ID', "ym") . '</a></td>
<th><a href="' . YM_ADMIN_URL . '&ym_page=ym-content-downloads&sort=title">' . __('Title', "ym") . '</a></td>
<th><a href="' . YM_ADMIN_URL . '&ym_page=ym-content-downloads&sort=filename">' . __('File', "ym") . '</a></td>
<th style="width: 150px; text-align: center;">' . __('Limited Access', "ym") . '</td>
<th style="width: 140px; text-align: center;">' . __('File Exists?', "ym") . '</td>
<th style="width: 200px;"><a href="' . YM_ADMIN_URL . '&ym_page=ym-content-downloads&sort=postDate">' . __('Posted', "ym") . '</a></td>
<th style="width: 130px;">' . __('Action', "ym") . '</td>
</tr>';
if ($download) {
foreach ($download as $d) {
$date = date($date_format, strtotime($d->postDate));
$path = get_option('siteurl') . "/wp-content/uploads/";
$file = str_replace($path, "", $d->filename);
$links = explode("/", $file);
$file = end($links);
$user = get_userdata($d->user);
$abs_file = ym_get_abs_file($d->filename);
$edit_link = YM_ADMIN_URL . '&ym_page=ym-content-downloads&action=edit&id=' . $d->id . '&sort=' . $sort;
$delete_link = YM_ADMIN_URL . '&ym_page=ym-content-downloads&action=delete&id=' . $d->id . '&sort=' . $sort;
echo ' <tr>
<td>' . $d->id . '</td>
<td>' . $d->title . '</td>
<td>' . $file . '</td>
<td style="text-align:center; font-weight: bold;">
' . ($d->members ? __('<span style="color: green;">Yes</span>', 'ym') : __('<span style="color: red;">No</span>', 'ym')) . '
</td>
<td style="text-align:center; font-weight: bold;">
' . (file_exists($abs_file) ? __('<span style="color: green;">Yes</span>', 'ym') : __('<span style="color: red;">No</span>', 'ym')) . '
</td>
<td>' . $date . ' by ' . $current_user->user_login . '</td>
<td style="line-height: 2em;">
<a class="button" href="' . $edit_link . '">' . __('Edit', 'ym') . '</a>
<a class="button" href="' . $delete_link . '">' . __('Delete', 'ym') . '</a>
</td>
</tr>';
}
} else {
echo ' <tr>
<td colspan="6">' . __('No downloads have been added yet.', "ym") . '</td>
</tr>';
}
echo ' </table>';
echo ' <p class="submit">
<form action="" method="post" id="ym_dl_add" name="add_download">
<input type="hidden" name="action" value="add" />
<input type="submit" class="button" name="" value="' . __('Add New Download', "ym") . '" />
</form>
</p>';
echo ym_end_box();
}
function ym_download_file($download_id)
{
get_currentuserinfo();
global $wpdb, $current_user, $ym_upload_root;
$allow_download = true;
if ($download = ym_get_download($download_id)) {
if ($download->members) {
$allow_download = false;
if ($current_user->ID) {
if (!isset($current_user->caps['administrator'])) {
$posts = ym_get_download_posts($download_id);
foreach ($posts as $post) {
if (ym_user_has_access($post->post_id)) {
$allow_download = true;
break;
}
}
} else {
$allow_download = true;
}
}
}
if ($allow_download) {
$abs_file = ym_get_abs_file($download->filename);
if (file_exists($abs_file)) {
set_time_limit(0);
ini_set('memory_limit', -1);
$file_name = strrpos($download->filename, '/');
$loc = substr($download->filename, 0, $file_name);
$file_name = substr($download->filename, $file_name + 1);
@ym_log_transaction(YM_DOWNLOAD_STARTED, $download->filename, $current_user->ID);
header("Pragma: public");
// required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
// required for certain browsers
header("Content-type: application/force-download");
header("Content-Transfer-Encoding: Binary");
header("Content-length: " . @filesize($abs_file));
header("Content-disposition: attachment; filename=\"" . $file_name . "\"");
//readfile($abs_file);
flush();
$file = fopen($abs_file, "rb");
while (!feof($file)) {
// send the current file part to the browser
print fread($file, 8192);
flush();
}
fclose($file);
@ym_log_transaction(YM_DOWNLOAD_COMPLETED, $download->filename, $current_user->ID);
exit;
} else {
echo __('You can not download this file because it does not exist. Please notify the Administrator.', 'ym');
exit;
}
} else {
echo __('You can not download this file because you do not have access', 'ym');
exit;
}
} else {
die;
}
}
