function getUpgrade()
{
$app = JFactory::getApplication();
$user = JFactory::getUser();
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$cid = $this->_id;
$query->select($db->qn('membership_id'))->select($db->qn('status'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('user_id') . ' = ' . $db->q($user->get('id')))->where($db->qn('id') . ' = ' . $db->q($cid));
$db->setQuery($query);
$membership = $db->loadObject();
if (empty($membership)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
if ($membership->status != MEMBERSHIP_STATUS_ACTIVE) {
JError::raiseWarning(500, JText::_('COM_RSMEMBERSHIP_MEMBERSHIP_NOT_ACTIVE'));
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$query->clear();
$query->select('u.*')->select($db->qn('mfrom.name', 'fromname'))->select($db->qn('mto.name', 'toname'))->select($db->qn('mto.term_id'))->from($db->qn('#__rsmembership_membership_upgrades', 'u'))->join('left', $db->qn('#__rsmembership_memberships', 'mfrom') . ' ON ' . $db->qn('mfrom.id') . ' = ' . $db->qn('u.membership_from_id'))->join('left', $db->qn('#__rsmembership_memberships', 'mto') . ' ON ' . $db->qn('mto.id') . ' = ' . $db->qn('u.membership_to_id'))->where($db->qn('u.membership_from_id') . ' = ' . $db->q($membership->membership_id))->where($db->qn('u.membership_to_id') . ' = ' . $db->q($this->to_id))->where($db->qn('u.published') . ' = ' . $db->q(1));
$db->setQuery($query);
$return = $db->loadObject();
$this->term_id = $return->term_id;
if (empty($return)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
return $return;
}
public function __construct()
{
parent::__construct();
jimport('joomla.filesystem.folder');
// Some workarounds are needed for Windows
$this->isWindows = DIRECTORY_SEPARATOR == '\\';
// Get logged in user
$this->user = JFactory::getUser();
$app = JFactory::getApplication();
$jinput = $app->input;
$db = JFactory::getDbo();
$query = $db->getQuery(true);
// Not logged in - must redirect to login.
if ($this->user->guest) {
$link = base64_encode((string) JUri::getInstance());
$app->redirect(JRoute::_('index.php?option=com_users&view=login&return=' . $link, false));
}
// Membership doesn't match - redirect back to My Memberships page.
if (!$this->_getMembership()) {
$app = JFactory::getApplication();
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$this->getParentFolders();
$this->getExtraParentFolders();
// Let's see if the membership is active
if ($this->_data->status > 0) {
return;
}
// let's get the path
$path = $jinput->get('path', '', 'string');
if (!empty($path)) {
$path = explode("|", $path);
// extract the parent folder's id
$parent_id = (int) $path[0];
if (empty($parent_id)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
// extract the path within the parent
$path = !empty($path[1]) ? $path[1] : '';
// check where are we looking
$from = $this->getFrom();
if ($from == 'membership') {
$parent = $this->_parents[$parent_id];
} elseif ($from == 'extra') {
$parent = $this->_extra_parents[$parent_id];
}
// check if the parent is within the allowed parents list
if (empty($parent)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$this->_parent = $parent_id;
// compute the full path: parent + path
$path = realpath($parent . '/' . $path);
$parent = realpath($parent);
// check if we are trying to access a path that's not within the parent
if (strpos($path, $parent) !== 0) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
// let's see if we've requested a download
$task = $jinput->get('task', '', 'cmd');
if ($task == 'download') {
// check if path exists and is a file
if (is_file($path)) {
// check if we need to agree to terms first
$query->select($db->qn('term_id'))->from($db->qn('#__rsmembership_files'))->where($db->qn('path') . ' = ' . $db->q($path));
$db->setQuery($query);
$term_id = $db->loadResult();
if (!empty($term_id)) {
$row = JTable::getInstance('Term', 'RSMembershipTable');
$row->load($term_id);
if (!$row->published) {
$term_id = 0;
}
}
$agree = $jinput->get('agree', '', 'string');
if (!empty($term_id) && empty($agree)) {
$this->terms = $row->description;
} else {
@ob_end_clean();
$filename = basename($path);
header("Cache-Control: public, must-revalidate");
header('Cache-Control: pre-check=0, post-check=0, max-age=0');
header("Pragma: no-cache");
header("Expires: 0");
header("Content-Description: File Transfer");
header("Expires: Sat, 01 Jan 2000 01:00:00 GMT");
if (preg_match('#Opera#', $_SERVER['HTTP_USER_AGENT'])) {
header("Content-Type: application/octetstream");
} else {
header("Content-Type: application/octet-stream");
}
header("Content-Length: " . (string) filesize($path));
header('Content-Disposition: attachment; filename="' . $filename . '"');
header("Content-Transfer-Encoding: binary\n");
@readfile($path);
$row = JTable::getInstance('Log', 'RSMembershipTable');
$row->date = JFactory::getDate()->toSql();
$row->user_id = $this->user->id;
$row->path = '[DWN] ' . $path;
$row->ip = $_SERVER['REMOTE_ADDR'];
$row->store();
exit;
}
} else {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
} else {
// check if the path exists and is a folder
if (is_dir($path)) {
$this->_folder = $path;
if (substr($this->_folder, -1) == '/') {
$this->_folder = substr($this->_folder, 0, -1);
}
} else {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
}
}
}
function getMembership()
{
$cid = $this->_id;
$app = JFactory::getApplication();
$user = JFactory::getUser();
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->select($db->qn('membership_id'))->select($db->qn('status'))->select($db->qn('extras'))->select($db->qn('last_transaction_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('user_id') . ' = ' . $db->q($user->get('id')))->where($db->qn('id') . ' = ' . $db->q($cid));
$db->setQuery($query);
$membership = $db->loadObject();
if (empty($membership)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
if ($membership->status == 1) {
JError::raiseWarning(500, JText::_('COM_RSMEMBERSHIP_MEMBERSHIP_NOT_EXPIRED'));
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$extras = explode(',', $membership->extras);
if (!empty($extras[0])) {
$this->_extras = $extras;
} else {
$this->_extras = array();
}
$last_transaction_id = $membership->last_transaction_id;
$query->clear();
$query->select('*')->from($db->qn('#__rsmembership_memberships'))->where($db->qn('id') . ' = ' . $db->q($membership->membership_id));
$db->setQuery($query);
$membership = $db->loadObject();
if ($membership->use_renewal_price) {
$membership->price = $membership->renewal_price;
}
if ($membership->no_renew) {
JError::raiseWarning(500, JText::_('COM_RSMEMBERSHIP_MEMBERSHIP_CANNOT_RENEW'));
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$this->term_id = $membership->term_id;
$membership->last_transaction_id = $last_transaction_id;
return $membership;
}
function getMembership()
{
$cid = $this->_id;
$app = JFactory::getApplication();
$user = JFactory::getUser();
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->select($db->qn('membership_id'))->select($db->qn('status'))->select($db->qn('extras'))->select($db->qn('last_transaction_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('user_id') . ' = ' . $db->q($user->get('id')))->where($db->qn('id') . ' = ' . $db->q($cid));
$db->setQuery($query);
$membership = $db->loadObject();
if (empty($membership)) {
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
if ($membership->status > 0) {
JError::raiseWarning(500, JText::_('COM_RSMEMBERSHIP_MEMBERSHIP_NOT_ACTIVE'));
$app->redirect(JRoute::_(RSMembershipRoute::MyMemberships(), false));
}
$last_transaction_id = $membership->last_transaction_id;
$query->clear();
$query->select('*')->from($db->qn('#__rsmembership_memberships'))->where($db->qn('published') . ' = ' . $db->q(1))->where($db->qn('id') . ' = ' . $db->q($membership->membership_id));
$db->setQuery($query);
$membership = $db->loadObject();
if ($membership) {
$query->clear();
$query->select('*')->from($db->qn('#__rsmembership_membership_extras'))->where($db->qn('membership_id') . ' = ' . $db->q($membership->id));
$db->setQuery($query);
$this->_extras = $db->loadColumn();
}
$membership->last_transaction_id = $last_transaction_id;
return $membership;
}
