function redirectToFile($file) { $db = new DownloadsDB(); $ipaddress = $db->escape($_SERVER['REMOTE_ADDR']); $agent = $db->escape($_SERVER['HTTP_USER_AGENT']); $id = $db->escape($file['id']); $path = $db->escape($file['path']); $db->query("INSERT INTO requests (dateRequested, IPAddress, requestedFileID, userAgent) VALUES (NOW(), '{$ipaddress}', {$id}, '{$agent}')"); header("Status: 302 Found"); header("Location: {$path}"); }
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Downloads install/upgrade</title> </head> <body> <?php include 'DownloadsDB.php'; $db = new DownloadsDB(); if (!$db->query("SELECT * FROM users LIMIT 1") && !$_POST['password'] && !$_POST['username']) { ?> <form action="install.php" method="post" accept-charset="utf-8"> <p><label for="username">Username</label> <input type="text" name="username" value="" id="username"></p> <p><label for="password">Password</label> <input type="password" name="password" value="" id="password"></p> <p><input type="submit" value="Continue →"></p> </form> <?php } else { function getVersionFromFilename($filename) { $matches = null; if (!preg_match("/(\\d+\\.\\d+)/", $filename, $matches)) { return ""; } return $matches[0]; } $tables = array(); foreach ($db->query("SHOW TABLES") as $tmp) { $tables[] = $tmp['Tables_in_' . DBNAME];
<?php if (!$_POST || !$_POST['package'] || !$_POST['version'] || !$_POST['path']) { print "MISSING PARAMETERS"; } else { include "DownloadsDB.php"; $db = new DownloadsDB(); if (!$db->isLoggedIn()) { print "INVALID CREDENTIALS"; return; } $package = $db->escape($_POST['package']); $version = $db->escape($_POST['version']); $path = $db->escape($_POST['path']); $db->query("INSERT INTO releases (package, version, path, dateAdded) VALUES ('{$package}', '{$version}', '{$path}', NOW())"); } print "SUCCESS";
<?php include 'DownloadsDB.php'; $db = new DownloadsDB(); if ($_POST['id'] && $_POST['package'] && $_POST['version'] && $_POST['path'] && $db->isLoggedIn()) { $package = $db->escape($_POST['package']); $version = $db->escape($_POST['version']); $path = $db->escape($_POST['path']); $id = $db->escape($_POST['id']); $db->query("UPDATE releases SET package='{$package}', version='{$version}', path='{$path}' WHERE id={$id}"); header("Location: admin.php"); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Edit</title> <link rel="stylesheet" href="style.css" type="text/css"> <style type="text/css" media="screen"> label { width: 200px; display: block; float: left; text-align: right; position: relative; top: 2px; margin-right: 10px; } </style> </head> <body>
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Downloads</title> <link rel="stylesheet" href="style.css" type="text/css" media="screen" charset="utf-8"> </head> <body> <?php include 'DownloadsDB.php'; $db = new DownloadsDB(); ?> <h1 id="banner">Downloads</h1> <div class="copy"> <h1>The following packages are available for download:</h1> <ul> <?php foreach ($db->query("SELECT DISTINCT(displayName) FROM files;") as $app) { $app = $app['displayName']; echo "<li><a href=\"{$app}\">{$app}</a></li>"; } ?> </ul> </div> <div class="copy"> <h1>Recent releases</h1> <ul> <?php foreach ($db->query("SELECT filename, dateAdded FROM files ORDER BY dateAdded DESC LIMIT 10;") as $release) {
?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Downloads admin</title> <link rel="stylesheet" href="style.css" type="text/css"> <script src="mootools-core.js" type="text/javascript" charset="utf-8"></script> <script src="admin.js" type="text/javascript" charset="utf-8"></script> </head> <body> <h1 id="banner">Downloads admin</h1> <?php include "DownloadsDB.php"; $db = new DownloadsDB(); // Check for password and prompt if necessary. if (!$db->isLoggedIn()) { ?> <div id="login"><h1>Log in</h1> <form action="" method="post" accept-charset="utf-8"> <p><label for="password">Password: </label><input type="password" name="password" value="" id="password_entry"></input> <p><input type="submit" value="Continue →"></p> </form></div> <?php } else { $packages = $db->packages(); ?> <!-- Add new release --> <div class="center">