<?php define('WP_USE_THEMES', false); require '../../../../wp-load.php'; //get the filename $file = ssd_unswapChars($_REQUEST['file']); //fix it if there is no leading http, etc if (substr($file, 0, 1) == "/") { $file = "http://" . $_SERVER['HTTP_HOST'] . $file; } elseif (substr($file, 0, 4) != "http") { $file = "http://" . $_SERVER['HTTP_HOST'] . "/" . $file; } //serverfile $serverfile = str_replace("http://" . $_SERVER['HTTP_HOST'], $_SERVER['DOCUMENT_ROOT'], $file); $require = ssd_getOption("require"); global $current_user; //if user has session flag, fetch and return the file if ($file && ($require == "email" && $_SESSION['ssd_email_validates'] || $require == "user" && $current_user->ID)) { //save file in database if ($require == "user") { $wpdb->insert($wpdb->ss_downloads, array('email' => $current_user->email, 'file' => $file, 'ip' => $_SERVER['REMOTE_ADDR'], 'referrer' => $_SERVER['HTTP_REFERER']), array('%s', '%s', '%s', '%s')); } else { $wpdb->insert($wpdb->ss_downloads, array('email' => $_SESSION['ssd_email'], 'file' => $file, 'ip' => $_SERVER['REMOTE_ADDR'], 'referrer' => $_SERVER['HTTP_REFERER']), array('%s', '%s', '%s', '%s')); } if (GETFILE_REDIRECT === "cURL") { $curl_handle = curl_init(); curl_setopt($curl_handle, CURLOPT_URL, $file); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, true); $r = curl_exec($curl_handle); curl_close($curl_handle); session_write_close();
function ssd_ss_downloads() { global $wpdb; $sql = "SELECT je.email, UNIX_TIMESTAMP(je.timestamp) as timestamp FROM {$wpdb->justemails} je "; $collected_emails = $wpdb->get_col($sql); ?> <div class="wrap"> <div id="ssdownloads_notifications"> </div> <style> .ssd_message {background-color: #D5E4F7; background-repeat: no-repeat; margin: .5em 0; padding: 6px 6px 6px 6px; color: #345395; font-size: 11px; font-weight: bold; line-height: 1.3em; } .ssd_success {background-color: #CFEECA; color: #208A1B; } .ssd_error {background-color: #F9D6CB; color: #E36154; } .ssd_alert {background-color: #FFF6CC; color: #CF8516; } .ssd_message a {color: #345395; } .ssd_success a {color: #208A1B; } .ssd_error a {color: #E36154; } .ssd_alert a {color: #CF8516; } </style> <script> jQuery.get('http://www.strangerstudios.com/ss-downloads-notifications/?v=<?php echo SSDOWNLOADS_VERSION; ?> ', function(data) { jQuery('#ssdownloads_notifications').html(data); }); </script> <h2>Collected Email Addresses</h2> <textarea style="width: 500px; height: 100px;"><?php echo implode(", ", $collected_emails); ?> </textarea> <?php if ($msg) { ?> <p class="ssd_message <?php echo $msgt; ?> "><?php echo $msg; ?> </p> <?php } ?> <h2> File Downloads <small> (<a target="_blank" href="<?php echo get_bloginfo("url"); ?> /wp-content/plugins/ss-downloads/services/exportdownloads.php">Download Full Report</a>) (<a id="clear_ssd_db" href="#" style="color: #CC0000;">Clear Table</a>) </small> <script> jQuery('#clear_ssd_db').click(function(){ if(window.confirm("This will delete *all download information including email addresses* from the SS Downloads table. Press OK to continue and reset the download database.")) window.location='?page=ssdownloads&ssdreset=1'; }); </script> </h2> <table class="widefat page fixed" cellspacing="0"> <thead> <tr> <th class="manage-column" scope="col" width="70%">File</th> <th class="manage-column" scope="col"># Downloads</th> <th class="manage-column" scope="col">Last Download</th> </tr> </thead> <tbody> <?php $sql = "SELECT file as filename, COUNT(id) as num, MAX(UNIX_TIMESTAMP(timestamp)) as timestamp FROM {$wpdb->ss_downloads} GROUP BY file ORDER BY timestamp DESC"; $files = $wpdb->get_results($sql); if (count($files)) { foreach ($files as $file) { ?> <tr> <td><a target="_blank" href="<?php echo $file->filename; ?> "><?php echo $file->filename; ?> </a></td> <td><?php echo $file->num; ?> </td> <td><?php echo date("n/d/Y g:i A e", $file->timestamp); ?> </td> </tr> <?php } } else { ?> <tr> <td colspan="3"><p>No downloads yet.</p></td> </tr> <?php } ?> </tbody> </table> <h2>Settings</h2> <form action="" method="post" enctype="multipart/form-data"> <?php //get/set settings if ($_REQUEST['savesettings']) { ssd_setOption("require"); ssd_setOption("delivery"); ssd_setOption("templatemethod"); ssd_setOption("ssdshortcode"); } $require = ssd_getOption("require"); $delivery = ssd_getOption("delivery"); $templatemethod = ssd_getOption("templatemethod"); $ssdshortcode = ssd_getOption("ssdshortcode"); ?> <table class="form-table"> <tbody> <tr> <th scope="row" valign="top" colspan="2"> <label for="require">Required For Downloads:</label><br /> <select name="require"> <option value="email" <?php if ($require == "email") { ?> selected="selected"<?php } ?> >Properly Formatted Email Address</option> <option value="user" <?php if ($require == "user") { ?> selected="selected"<?php } ?> >User Signup</option> </select> </th> </tr> <tr> <th scope="row" valign="top" colspan="2"> <label for="delivery">File Delivery Method:</label><br /> <select name="delivery"> <option value="link" <?php if ($delivery == "link") { ?> selected="selected"<?php } ?> >Show Link to File</option> <option value="email_attachment" <?php if ($delivery == "email_attachment") { ?> selected="selected"<?php } ?> >Send File as Email Attachment</option> <option value="email_link" <?php if ($delivery == "email_link") { ?> selected="selected"<?php } ?> >Send Link to File by Email</option> </select> </th> </tr> <tr> <th scope="row" valign="top" colspan="2"> <label for="templatemethod">Template Method:</label><br /> <select name="templatemethod"> <option value="" <?php if ($templatemethod == "") { ?> selected="selected"<?php } ?> >Let WordPress Choose</option> <option value="file_get_contents" <?php if ($templatemethod == "file_get_contents") { ?> selected="selected"<?php } ?> >file_get_contents()</option> <option value="cURL" <?php if ($templatemethod == "cURL") { ?> selected="selected"<?php } ?> >cURL</option> </select> <br /><small>If you don't see the download form and/or see errors, changing this might help.</small> </th> </tr> <tr> <th scope="row" valign="top" colspan="2"> <label for="ssdshortcode">Shortcode:</label><br /> <input type="text" name="ssdshortcode" value="<?php echo $ssdshortcode; ?> " /> <br /><small>Can change this to resolve plugin conflicts.</small> <p> With your current settings, your shortcode to embed a download form would be something like:<br /> <strong>[<?php echo $ssdshortcode; ?> file="filename.txt" title="title"]</strong> </p> </th> </tr> </tbody> </table> <p class="submit"> <input name="savesettings" type="submit" value="Save Settings" /> </p> </form> </div> <?php }
<?php define('WP_USE_THEMES', false); require '../../../../wp-load.php'; $email = $_REQUEST['email']; $postid = $_REQUEST['postid']; $title = $_REQUEST['title']; $file = $_REQUEST['file']; if (is_email($email)) { //update session vars for form use $_SESSION['ssd_email'] = $email; $_SESSION['ssd_email_validates'] = true; //save the email to the db $wpdb->insert($wpdb->justemails, array('email' => $email), array('%s')); //if we're set to email file, email the file $delivery = ssd_getOption("delivery"); if ($delivery == "email_link" || $delivery == "email_attachment") { require_once ABSPATH . "/wp-includes/class-phpmailer.php"; //send email $to = $email; $subject = "Your Requested File From " . get_bloginfo("name"); $from = get_bloginfo('name') . "<" . get_bloginfo('admin_email') . ">"; if ($delivery == "email_attachment") { $body = "Your requested file is attached."; //get the filename $file = ssd_unswapChars($file); //fix it if there is no leading http, etc if (substr($file, 0, 1) == "/") { $file = "http://" . $_SERVER['HTTP_HOST'] . $file; } elseif (substr($file, 0, 4) != "http") { $file = "http://" . $_SERVER['HTTP_HOST'] . "/" . $file;