Esempio n. 1
 * General download code plugin settings
function dc_manage_settings()
    echo '<div class="wrap">';
    echo '<h2>Download Codes &raquo; Settings</h2>';
    // Overwrite existing options
    if (isset($_POST['submit'])) {
        $dc_file_location = trim('' != trim($_POST['dc_file_location_abs']) ? $_POST['dc_file_location_abs'] : $_POST['dc_file_location']);
        $dc_max_attempts = $_POST['dc_max_attempts'];
        // Update zip location
        if ($dc_file_location != '') {
            if (substr($dc_file_location, -1) != '/') {
                $dc_file_location .= '/';
            update_option('dc_file_location', $dc_file_location);
        // Update number of maximum attempts
        if (is_numeric($dc_max_attempts)) {
            update_option('dc_max_attempts', $dc_max_attempts);
        // Update file types
        if ('' != trim($_POST['dc_file_types'])) {
            update_option('dc_file_types', trim($_POST['dc_file_types']));
        // Update character list
        update_option('dc_code_chars', $_POST['dc_code_chars'] == '' ? DC_CODE_CHARS : $_POST['dc_code_chars']);
        // Update header settings
        update_option('dc_header_content_type', $_POST['dc_header_content_type'] == '' ? DC_HEADER_CONTENT_TYPE : $_POST['dc_header_content_type']);
        // Update xsenfile enabled flag
        update_option('dc_xsendfile_enabled', isset($_POST['dc_xsendfile_enabled']) ? 'true' : 'false');
        // Update messages
        update_option('dc_msg_code_enter', $_POST['dc_msg_code_enter']);
        update_option('dc_msg_code_valid', $_POST['dc_msg_code_valid']);
        update_option('dc_msg_code_invalid', $_POST['dc_msg_code_invalid']);
        update_option('dc_msg_max_downloads_reached', $_POST['dc_msg_max_downloads_reached']);
        update_option('dc_msg_max_attempts_reached', $_POST['dc_msg_max_attempts_reached']);
        // Print message
        echo dc_admin_message('The settings have been updated.');
    echo '<form action="admin.php?page=dc-manage-settings" method="post">';
    echo '<h3>File Settings</h3>';
    echo '<table class="form-table">';
     * Location of download files
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-location">Location of download files</label></th>';
    if ('' == get_option('dc_file_location') || '' != get_option('dc_file_location') && '/' != substr(get_option('dc_file_location'), 0, 1)) {
        // If current location of download files is empty or relative, try to locate the upload folder
        $wp_upload_dir = wp_upload_dir();
        $files = scandir($wp_upload_dir['basedir']);
        echo '<td>' . $wp_upload_dir['basedir'] . '/ <select name="dc_file_location" id="settings-location">';
        foreach ($files as $folder) {
            if (is_dir($wp_upload_dir['basedir'] . '/' . $folder) && $folder != '.' && $folder != '..') {
                echo '<option' . ($folder . '/' == get_option('dc_file_location') ? ' selected="selected"' : '') . '>' . $folder . '</option>';
        echo '</select>';
        // Provide possibility to define upload path directly
        echo '<p>If the upload folder cannot be determined or if the release management does not work (or if you want to have another download file location) you may specify the absolute path of the download file location here:</p>';
        echo '<input type="text" name="dc_file_location_abs" class="large-text" / >';
        echo '</td>';
    } else {
        echo '<td><input type="text" name="dc_file_location" id="settings-location" class="large-text" value="' . get_option('dc_file_location') . '" /></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-max">Maximum attempts</label></th>';
    echo '<td><input type="text" name="dc_max_attempts" id="settings-max" class="small-text" value="' . dc_max_attempts() . '" />';
    echo ' <span class="description">Maximum invalid download attempts</span></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-filetypes">Allowed file types</label></th>';
    echo '<td><input type="text" name="dc_file_types" id="settings-filetypes" class="regular-text" value="' . implode(', ', dc_file_types()) . '" />';
    echo ' <span class="description">Separated by comma</span></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-chars">Allowed characters</label></th>';
    echo '<td><input type="text" name="dc_code_chars" id="settings-chars" class="regular-text" value="' . dc_code_chars() . '" />';
    echo ' <span class="description">Codes will contain a random mix of these characters</span></td>';
    echo '</tr>';
    echo '</table>';
     * Headers
    echo '<h3>Header Settings</h3>';
    echo '<p>Finetune request headers to fix client-server issues:</p>';
    echo '<table class="form-table">';
    // Content type
    $dc_header_content_type = dc_header_content_type();
    $content_type_options = array('Default (MIME Type)', 'application/force-download', 'application/octet-stream', 'application/download');
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="headers-content-type">Content type</label></th>';
    echo '<td><select name="dc_header_content_type" id="headers-content-type">';
    foreach ($content_type_options as $option) {
        echo '<option' . ($option == $dc_header_content_type ? ' selected="selected"' : '') . '>' . $option . '</option>';
    echo '</select> <span class="description">Override default content type (which is the MIME type of the download file)</span></td>';
    echo '</tr>';
    // Support for x-sendfile
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="headers-xsendfile-enabled">Apache X-Sendfile</label></th>';
    echo '<td><input type="checkbox" name="dc_xsendfile_enabled" id="dc-xsendfile-enabled" ' . (dc_xsendfile_enabled() ? 'checked' : '') . ' />';
    echo '<span class="description">Only check this setting if Apache\'s x-sendfile module is installed and configured properly</span>';
    echo '</td>';
    echo '</tr>';
    echo '</table>';
     * Messages
    echo '<h3>Messages</h3>';
    echo '<p>Specify custom messages that your users see while downloading releases:</p>';
    echo '<table class="form-table">';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-msg-enter">"Enter code"</label></th>';
    echo '<td><input type="text" name="dc_msg_code_enter" id="settings-msg-enter" class="large-text" value="' . dc_msg('code_enter') . '" /></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-msg-valid">"Code valid"</label></th>';
    echo '<td><input type="text" name="dc_msg_code_valid" id="settings-msg-valid" class="large-text" value="' . dc_msg('code_valid') . '" /></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-msg-invalid">"Code invalid"</label></th>';
    echo '<td><input type="text" name="dc_msg_code_invalid" id="settings-msg-invalid" class="large-text" value="' . dc_msg('code_invalid') . '" /></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-msg-downloads">"Maximum downloads reached"</label></th>';
    echo '<td><input type="text" name="dc_msg_max_downloads_reached" id="settings-msg-downloads" class="large-text" value="' . dc_msg('max_downloads_reached') . '" /></td>';
    echo '</tr>';
    echo '<tr valign="top">';
    echo '<th scope="row"><label for="settings-msg-attempts">"Maximum attempts reached"</label></th>';
    echo '<td><input type="text" name="dc_msg_max_attempts_reached" id="settings-msg-attempts" class="large-text" value="' . dc_msg('max_attempts_reached') . '" /></td>';
    echo '</tr>';
    echo '</table>';
    echo '<p class="submit">';
    echo '<input type="submit" name="submit" class="button-primary" value="Save Changes" />';
    echo '</p>';
    echo '</form>';
    echo '</div>';
Esempio n. 2
 * Creates a download form for the shortcode "download-code"
function dc_embed_download_code_form($atts)
    global $wpdb;
    $id = "";
    $anchor = "";
    $post_code = "";
    // Get attributes
    extract(shortcode_atts(array('id' => '0', 'anchor' => ''), $atts));
    // Set shortcode id, i.e. the release id to which the shortcode relates. If no id is provided, this value is assumed as "all".
    $shortcode_id = $id == 0 ? 'all' : $id;
    // Check if code has been submitted for the release to which the current shortcode relates
    if (isset($_POST['submit_' . $shortcode_id])) {
        // Get current IP
        $IP = $_SERVER['REMOTE_ADDR'];
        // Get submitted code and release id
        $submitted_release = $_POST['submitted_release_' . $shortcode_id] != '' ? $_POST['submitted_release_' . $shortcode_id] : 'all';
        $post_code = strtoupper(trim($_POST['code_' . $shortcode_id]));
        // Get matching code record from database to check if code is valid for given release id or for all releases
        $code = $wpdb->get_row($wpdb->prepare("SELECT ID, `release` FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s" . ($submitted_release != 'all' ? ' AND `release` = %d' : ''), $submitted_release != 'all' ? array($post_code, $submitted_release) : array($post_code)));
        if ($code->ID) {
            // Get release details
            $release = $wpdb->get_row("SELECT * FROM " . dc_tbl_releases() . " WHERE ID = " . $code->release);
            // Get # of downloads with this code
            $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code=(SELECT ID FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s )", array($post_code)));
            // Start download if maximum of allowed downloads is not reached
            if ($downloads->downloads < $release->allowed_downloads) {
                // Set temporary download lease id
                $download_lease_id[$shortcode_id] = md5('wp-dl-hash' . $code->ID);
            } else {
                $ret = dc_msg('max_downloads_reached');
        } else {
            // Get # of attempts from this IP
            $attempts = $wpdb->get_row("SELECT COUNT(*) AS attempts FROM " . dc_tbl_downloads() . " WHERE IP='" . $IP . "' AND code = -1 AND DATE(started_at) > DATE(CURRENT_DATE() - 1)");
            if ($attempts->attempts < dc_max_attempts()) {
                // Insert attempt
                $wpdb->insert(dc_tbl_downloads(), array('code' => -1, 'IP' => $IP), array('%d', '%s'));
                $ret = dc_msg('code_invalid');
            } else {
                $ret = dc_msg('max_attempts_reached');
    // Compile HTML result
    $html = '<div class="dc-download-code">';
    if ($download_lease_id[$shortcode_id] && ($shortcode_id == 'all' || $shortcode_id == $submitted_release)) {
        // Show link for download
        $html .= '<p>' . dc_msg('code_valid') . '</p>';
        $html .= '<p><a href="' . site_url() . '/?lease=' . $download_lease_id[$shortcode_id] . '">' . ($release->artist ? $release->artist . ' - ' : '') . $release->title . '</a> ' . format_bytes(filesize(dc_file_location() . $release->filename)) . '</p>';
    } else {
        // Show message
        if ($ret != '') {
            $html .= '<p>' . $ret . '</p>';
        // Display form
        $html .= '<form action="' . ('' == $anchor ? '' : '#' . $anchor) . '" name="dc_form" method="post">';
        $html .= '<p><input type="hidden" name="submitted_release_' . $shortcode_id . '" value="' . $shortcode_id . '" />';
        $html .= dc_msg('code_enter') . ' <input type="text" name="code_' . $shortcode_id . '" value="' . ($post_code != "" ? $post_code : ($_GET['yourcode'] != "" ? $_GET['yourcode'] : "")) . '" size="20" /> ';
        $html .= '<input type="submit" name="submit_' . $shortcode_id . '" value="' . __('Submit') . '" /></p>';
        $html .= '</form>';
    $html .= '</div>';
    return $html;