function wpsc_download_file() { global $wpdb; if (isset($_GET['downloadid'])) { // strip out anything that isnt 'a' to 'z' or '0' to '9' ini_set('max_execution_time', 10800); $downloadid = preg_replace("/[^a-z0-9]+/i", '', strtolower($_GET['downloadid'])); $download_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_DOWNLOAD_STATUS . "` WHERE `uniqueid` = '" . $downloadid . "' AND `downloads` > '0' AND `active`='1' LIMIT 1", ARRAY_A); if ($download_data == null && is_numeric($downloadid)) { $download_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_DOWNLOAD_STATUS . "` WHERE `id` = '" . $downloadid . "' AND `downloads` > '0' AND `active`='1' AND `uniqueid` IS NULL LIMIT 1", ARRAY_A); } if (get_option('wpsc_ip_lock_downloads') == 1 && $_SERVER['REMOTE_ADDR'] != null) { $ip_number = $_SERVER['REMOTE_ADDR']; if ($download_data['ip_number'] == '') { // if the IP number is not set, set it $wpdb->update(WPSC_TABLE_DOWNLOAD_STATUS, array('ip_number' => $ip_number), array('id' => $download_data['id'])); } else { if ($ip_number != $download_data['ip_number']) { // if the IP number is set but does not match, fail here. exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } } } $file_id = $download_data['fileid']; $file_data = wpsc_get_downloadable_file($file_id); if ($file_data == null) { exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } if ($download_data != null) { if ((int) $download_data['downloads'] >= 1) { $download_count = (int) $download_data['downloads'] - 1; } else { $download_count = 0; } $wpdb->update(WPSC_TABLE_DOWNLOAD_STATUS, array('downloads' => $download_count), array('id' => $download_data['id'])); $cart_contents = $wpdb->get_results("SELECT `" . WPSC_TABLE_CART_CONTENTS . "`.*, {$wpdb->posts}.`guid` FROM `" . WPSC_TABLE_CART_CONTENTS . "` LEFT JOIN {$wpdb->posts} ON `" . WPSC_TABLE_CART_CONTENTS . "`.`prodid`= {$wpdb->posts}.`post_parent` WHERE {$wpdb->posts}.`post_type` = 'wpsc-product-file' AND `purchaseid` =" . $download_data['purchid'], ARRAY_A); $dl = 0; foreach ($cart_contents as $cart_content) { if ($cart_content['guid'] == 1) { $dl++; } } if (count($cart_contents) == $dl) { $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('processed' => '4'), array('id' => $download_data['purchid'])); } do_action('wpsc_alter_download_action', $file_id); $file_path = WPSC_FILE_DIR . basename($file_data->post_title); $file_name = basename($file_data->post_title); if (is_file($file_path)) { if (!ini_get('safe_mode')) { set_time_limit(0); } header('Content-Type: ' . $file_data->post_mime_type); header('Content-Length: ' . filesize($file_path)); header('Content-Transfer-Encoding: binary'); header('Content-Disposition: attachment; filename="' . stripslashes($file_name) . '"'); if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != '') { /* There is a bug in how IE handles downloads from servers using HTTPS, this is part of the fix, you may also need: session_cache_limiter('public'); session_cache_expire(30); At the start of your index.php file or before the session is started */ header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: public"); } else { header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); } header("Pragma: public"); header("Expires: 0"); // destroy the session to allow the file to be downloaded on some buggy browsers and webservers session_destroy(); wpsc_readfile_chunked($file_path); exit; } else { wp_die(__('Sorry something has gone wrong with your download!', 'wpsc')); } } else { exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } } }
function wpsc_download_file() { global $wpdb; if (isset($_GET['downloadid'])) { // strip out anything that isnt 'a' to 'z' or '0' to '9' ini_set('max_execution_time', 10800); $downloadid = preg_replace("/[^a-z0-9]+/i", '', strtolower($_GET['downloadid'])); $download_data = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_DOWNLOAD_STATUS . "` WHERE `uniqueid` = '%s' AND `downloads` > '0' AND `active`='1' LIMIT 1", $downloadid), ARRAY_A); if (is_null($download_data) && is_numeric($downloadid)) { $download_data = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_DOWNLOAD_STATUS . "` WHERE `id` = %d AND `downloads` > '0' AND `active`='1' AND `uniqueid` IS NULL LIMIT 1", $downloadid), ARRAY_A); } if (get_option('wpsc_ip_lock_downloads') == 1 && $_SERVER['REMOTE_ADDR'] != null) { $ip_number = $_SERVER['REMOTE_ADDR']; if ($download_data['ip_number'] == '') { // if the IP number is not set, set it $wpdb->update(WPSC_TABLE_DOWNLOAD_STATUS, array('ip_number' => $ip_number), array('id' => $download_data['id'])); } else { if ($ip_number != $download_data['ip_number']) { // if the IP number is set but does not match, fail here. exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } } } $file_id = $download_data['fileid']; $file_data = wpsc_get_downloadable_file($file_id); if ($file_data == null) { exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } if ($download_data != null) { if ((int) $download_data['downloads'] >= 1) { $download_count = (int) $download_data['downloads'] - 1; } else { $download_count = 0; } $wpdb->update(WPSC_TABLE_DOWNLOAD_STATUS, array('downloads' => $download_count), array('id' => $download_data['id'])); $cart_contents = $wpdb->get_results($wpdb->prepare("SELECT `" . WPSC_TABLE_CART_CONTENTS . "`.*, {$wpdb->posts}.`guid` FROM `" . WPSC_TABLE_CART_CONTENTS . "` LEFT JOIN {$wpdb->posts} ON `" . WPSC_TABLE_CART_CONTENTS . "`.`prodid`= {$wpdb->posts}.`post_parent` WHERE {$wpdb->posts}.`post_type` = 'wpsc-product-file' AND `purchaseid` = %d", $download_data['purchid']), ARRAY_A); $dl = 0; foreach ($cart_contents as $cart_content) { if ($cart_content['guid'] == 1) { $dl++; } } if (count($cart_contents) == $dl) { wpsc_update_purchase_log_status($download_data['purchid'], 4); } _wpsc_force_download_file($file_id); } else { exit(_e('This download is no longer valid, Please contact the site administrator for more information.', 'wpsc')); } } }