function ym_download_edit($id = false)
{
    global $wpdb, $ym_dl_post_assoc;
    $checked = array();
    $download = ym_get_download($id);
    $attribs = ym_get_download_attributes($id);
    $posts = get_posts(array('post_status' => 'publish', 'post_type' => 'any', 'numberposts' => -1));
    if ($id) {
        $sql = 'SELECT post_id
				FROM ' . $ym_dl_post_assoc . '
				WHERE download_id = ' . $id;
        $results = $wpdb->get_results($sql);
        foreach ($results as $result) {
            $checked[] = $result->post_id;
        }
    }
    echo ym_start_box($id ? __('Edit Download: ', 'ym') . $download->title : __('Add Download', 'ym'));
    echo '	<form enctype="multipart/form-data" action="" method="post">
			<input type="hidden" name="action" value="goedit" />
			<table style="width: 100%;" cellspacing="10">
				<tr valign="middle">
					<td>' . __('Title (required)', "ym") . '</td>
					<td>
						<input type="text" style="width: 320px;" value="' . $download->title . '" name="title" />
					</td>
				</tr>
				<tr valign="top">
					<td>
						' . __('Upload a file', "ym") . '
					</td>
					<td>
						<div style="margin-bottom: 10px">' . __('Point to a file already on the server <small>(http:// etc required for this to work)', 'ym') . '</small>
						<br /><input type="text" name="remote_file" style="width: 700px;" /></div>
						<div style="margin-bottom: 10px"><strong>' . __('OR', 'ym') . '</strong></div>
						<div style="margin-bottom: 10px">' . __('Upload the file directly', 'ym') . '
						<input type="file" name="upload" style="width: 320px;" /></div>
						<div>' . ($id ? '<br />' . __('Currently Using:', 'ym') . ' <em>' . $download->filename . '</em>.' : '') . '</div>
					</td>
				</tr>
				<tr valign="top">
					<td>' . __('Restrict Access?', "ym") . '</td>
					<td>
						<input type="checkbox" name="memberonly" ' . ($download->members ? "checked='checked'" : '') . ' />
						<span style="color: gray; font-size: 10px; font-weight: normal;">' . __('If chosen, only users of the appropriate access level can access the file. User level is calculated by checking access to a certain post or posts.', "ym") . '</span>
						<br /><select name="link_to_post_id[]" multiple size=10 style="height: 250px; width: 450px;">';
    foreach ($posts as $row) {
        $selected = in_array($row->ID, $checked) ? 'selected="selected"' : '';
        echo '<option value="' . $row->ID . '" ' . $selected . ' >' . $row->post_title . '</option>';
    }
    echo '				</select>
					</td>
				</tr>';
    foreach ($attribs as $i => $attrib) {
        $value = $attrib->value;
        echo '<tr>
				<td style="vertical-align: top;">' . ucfirst($attrib->name) . '</td>
				<td style="vertical-align: top;">';
        ym_generate_field($attrib->field_name, $attrib->field_type_id, $value, false, 'attribute_' . $attrib->id);
        echo '<div style="font-size: 10px; color: gray;">' . $attrib->caption . '</div>';
        echo '</td>
		</tr>';
    }
    echo '	</table>
					
			<p class="submit">
				<div style="float: right;">
					<input type="submit"  class="button" name="submit_edit_download" value="' . __('Save Download', "ym") . '" />
				</div>
				<input type="button" class="button" onclick="document.location=\'' . YM_ADMIN_URL . '&ym_page=ym-content-downloads\';" value="' . __('Back to downloads', 'ym') . '" />
			</p>
			
			<input type="hidden" name="download_id" value="' . $download->id . '" /> 
			</form>';
    echo ym_end_box();
}
function ym_download_file($download_id)
{
    get_currentuserinfo();
    global $wpdb, $current_user, $ym_upload_root;
    $allow_download = true;
    if ($download = ym_get_download($download_id)) {
        if ($download->members) {
            $allow_download = false;
            if ($current_user->ID) {
                if (!isset($current_user->caps['administrator'])) {
                    $posts = ym_get_download_posts($download_id);
                    foreach ($posts as $post) {
                        if (ym_user_has_access($post->post_id)) {
                            $allow_download = true;
                            break;
                        }
                    }
                } else {
                    $allow_download = true;
                }
            }
        }
        if ($allow_download) {
            $abs_file = ym_get_abs_file($download->filename);
            if (file_exists($abs_file)) {
                set_time_limit(0);
                ini_set('memory_limit', -1);
                $file_name = strrpos($download->filename, '/');
                $loc = substr($download->filename, 0, $file_name);
                $file_name = substr($download->filename, $file_name + 1);
                @ym_log_transaction(YM_DOWNLOAD_STARTED, $download->filename, $current_user->ID);
                header("Pragma: public");
                // required
                header("Expires: 0");
                header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
                header("Cache-Control: private", false);
                // required for certain browsers
                header("Content-type: application/force-download");
                header("Content-Transfer-Encoding: Binary");
                header("Content-length: " . @filesize($abs_file));
                header("Content-disposition: attachment; filename=\"" . $file_name . "\"");
                //readfile($abs_file);
                flush();
                $file = fopen($abs_file, "rb");
                while (!feof($file)) {
                    // send the current file part to the browser
                    print fread($file, 8192);
                    flush();
                }
                fclose($file);
                @ym_log_transaction(YM_DOWNLOAD_COMPLETED, $download->filename, $current_user->ID);
                exit;
            } else {
                echo __('You can not download this file because it does not exist. Please notify the Administrator.', 'ym');
                exit;
            }
        } else {
            echo __('You can not download this file because you do not have access', 'ym');
            exit;
        }
    } else {
        die;
    }
}