function cookie_test($cookie_timeout = 0, $cookie_name = '')
 {
     // Test for valid APR cookie.
     // Returns TRUE if a valid APR cookie, derived from $cookie_name exists.  If $cookie_name is an empty string, then
     // $cookie_name will be assigned the URL of the current browser page.  Returns FALSE if the named APR cookie does not
     // exist.  If $cookie_timeout is greater than zero, then FALSE will be returned if the APR cookie is older than
     // $cookie_timeout minutes.
     // -- The Assurer, 2012-04-30.
     global $eStore_debug_manager;
     // Need access to debug manager.
     if ($cookie_name == '') {
         $cookie_name = eStore_aprtp::curPageURL();
     }
     // Use URL of current browser page.
     $eStore_debug_manager->downloads("Authenticating APR request for: {$cookie_name}", ESTORE_LEVEL_STATUS);
     $random_key = get_option('eStore_random_code');
     $cookie_flavor = md5(RC4Crypt::encrypt($random_key, $cookie_name));
     // Derive the APR cookie name.
     if (!isset($_COOKIE["{$cookie_flavor}"])) {
         $eStore_debug_manager->downloads("\$_COOKIE[{$cookie_flavor}] not found.", ESTORE_LEVEL_STATUS);
         return FALSE;
         // No cookie for you!
     }
     if ($cookie_timeout > 0) {
         // Test for age of APR cookie, if $cookie_timeout is at least 1 minute...
         $cookie_time = (int) RC4Crypt::decrypt($random_key, base64_decode(rawurldecode($_COOKIE[$cookie_flavor])));
         $cookie_timeout = (int) ($cookie_timeout * 60 + $cookie_time);
         if ($cookie_timeout <= (int) time()) {
             $eStore_debug_manager->downloads("\$_COOKIE[{$cookie_flavor}] expired.", ESTORE_LEVEL_STATUS);
             return FALSE;
             // APR cookie has expired.
         }
     }
     return TRUE;
 }
Exemple #2
0
 function decrypt($pwd, $data)
 {
     return RC4Crypt::encrypt($pwd, $data);
 }
function eStore_generate_download_key($product_id, $url = '')
{
    $time = time();
    $random_key = get_option('eStore_random_code');
    if (empty($url)) {
        $download = $product_id . '|' . $time;
    } else {
        $download = $product_id . '|' . $time . '|' . $url;
    }
    $download_key = rawurlencode(base64_encode(RC4Crypt::encrypt($random_key, $download)));
    return $download_key;
}
echo '<h4 align="center">' . $lang['download_title'] . '</h4><br>';
echo '<strong>' . $lang['download_trouble_title'] . '</strong><br>';
echo $lang['download_trouble_text'];
echo '<p>&nbsp;</p>';
if (file_exists("download_sessions/{$product_id}.dat")) {
    $download_file = "download_sessions/{$product_id}.dat";
} elseif (file_exists("sessions/{$product_id}.dat")) {
    $download_file = "sessions/{$product_id}.dat";
} elseif (!empty($module) && file_exists("modules/{$mod}/sessions/{$product_id}.dat")) {
    $download_file = "modules/{$mod}/sessions/{$product_id}.dat";
}
if (file_exists($download_file)) {
    $lines = array();
    $lines = file($download_file);
    $i = 1;
    foreach ($lines as $thisline) {
        $thisline = trim($thisline);
        if (!empty($thisline)) {
            list($id, $id_item, $category, $subcategory, $title, $filename, $digital, $folder1, $currency, $weight, $price, $quantity, $option1, $option2, $tax, $ship, $discount1, $discount2, $ip_name) = explode('|', $thisline);
        }
        if ($digital == 1) {
            @($folder = $subcategory == 'ProductModule' ? 'medias/' . $mod . '/' . $folder1 : $upload_folder);
            $download_product = $folder . '|' . $filename . '|' . $timestamp;
            $download_cart_link = 'resume_download.php?file=' . rawurlencode(base64_encode(RC4Crypt::encrypt($secret, $download_product)));
            echo '<li>' . $lang['download_your_file'] . '&nbsp;' . $i . '&nbsp;:&nbsp;&nbsp;&nbsp;<input class="download" type="button" name="download" value="' . $lang['button_download'] . '" onClick="location.href=\'' . $download_cart_link . '\'">&nbsp;&nbsp;&nbsp;<a href="' . $download_cart_link . '">' . $title . '</a></li><br><br>' . "\n";
            $i++;
        }
    }
} else {
    echo "<div align=\"left\">" . $lang['download_error'] . "</div><br>\n";
}