/**
* Deliver the download file
*
* If enabled, the file is symlinked to better support large file downloads
*
* @access public
* @param string $file
* @param bool $redirect True if we should perform a header redirect instead of calling edd_readfile_chunked()
* @return void
*/
function edd_deliver_download($file = '', $redirect = false)
{
/*
* If symlinks are enabled, a link to the file will be created
* This symlink is used to hide the true location of the file, even when the file URL is revealed
* The symlink is deleted after it is used
*/
if (edd_symlink_file_downloads() && edd_is_local_file($file)) {
$file = edd_get_local_path_from_url($file);
// Generate a symbolic link
$ext = edd_get_file_extension($file);
$parts = explode('.', $file);
$name = basename($parts[0]);
$md5 = md5($file);
$file_name = $name . '_' . substr($md5, 0, -15) . '.' . $ext;
$path = edd_get_symlink_dir() . '/' . $file_name;
$url = edd_get_symlink_url() . '/' . $file_name;
// Set a transient to ensure this symlink is not deleted before it can be used
set_transient(md5($file_name), '1', 30);
// Schedule deletion of the symlink
if (!wp_next_scheduled('edd_cleanup_file_symlinks')) {
wp_schedule_single_event(current_time('timestamp') + 60, 'edd_cleanup_file_symlinks');
}
// Make sure the symlink doesn't already exist before we create it
if (!file_exists($path)) {
$link = @symlink(realpath($file), $path);
} else {
$link = true;
}
if ($link) {
// Send the browser to the file
header('Location: ' . $url);
} else {
edd_readfile_chunked($file);
}
} elseif ($redirect) {
header('Location: ' . $file);
} else {
// Read the file and deliver it in chunks
edd_readfile_chunked($file);
}
}
/**
* Checks if the string (filename) provided is an image URL
*
* @since 1.0
* @param string $str Filename
* @return bool Whether or not the filename is an image
*/
function edd_string_is_image_url($str)
{
$ext = edd_get_file_extension($str);
switch (strtolower($ext)) {
case 'jpg':
$return = true;
break;
case 'png':
$return = true;
break;
case 'gif':
$return = true;
break;
default:
$return = false;
break;
}
return (bool) apply_filters('edd_string_is_image', $return, $str);
}
/**
* The free download process.
*
* Modified from:
* /includes/process-download.php -> edd_process_download()
* Modifed parts:
* Stripping the purchase validation process.
*
* @return void
*/
function vp_edd_fd_process_download()
{
global $edd_options;
$valid = true;
$payment = -1;
$download = isset($_GET['did']) ? (int) $_GET['did'] : '';
$expire = isset($_GET['expire']) ? base64_decode(rawurldecode($_GET['expire'])) : '';
$file_key = isset($_GET['file']) ? (int) $_GET['file'] : '';
// if( $download === '' || $email === '' || $file_key === '' )
if ($download === '' || $file_key === '') {
return false;
}
// make sure user logged in
$must_logged_in = isset($edd_options['vp_edd_fd_must_logged_in']) ? $edd_options['vp_edd_fd_must_logged_in'] : false;
if ($must_logged_in) {
if (!is_user_logged_in()) {
$valid = false;
}
}
// Make sure the link hasn't expired
if (current_time('timestamp') > $expire) {
wp_die(apply_filters('edd_download_link_expired_text', __('Sorry but your download link has expired.', 'edd')), __('Error', 'edd'));
}
// Check to see if the file download limit has been reached
if (edd_is_file_at_download_limit($download, -1, $file_key)) {
wp_die(apply_filters('edd_download_limit_reached_text', __('Sorry but you have hit your download limit for this file.', 'edd')), __('Error', 'edd'));
}
if ($valid) {
// setup the download
$download_files = edd_get_download_files($download);
$requested_file = apply_filters('edd_requested_file', $download_files[$file_key]['file'], $download_files, $file_key);
// gather user data
$user_info = array();
if ($must_logged_in) {
global $user_ID;
$user_data = get_userdata($user_ID);
$user_info['email'] = $user_data->user_email;
$user_info['id'] = $user_ID;
$user_info['name'] = $user_data->display_name;
} else {
$user_info['email'] = 'anonymous';
$user_info['id'] = 'anonymous';
}
edd_record_download_in_log($download, $file_key, $user_info, edd_get_ip(), $payment);
$file_extension = edd_get_file_extension($requested_file);
$ctype = edd_get_file_ctype($file_extension);
if (!edd_is_func_disabled('set_time_limit') && !ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
nocache_headers();
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . apply_filters('edd_requested_file_name', basename($requested_file)) . "\";");
header("Content-Transfer-Encoding: binary");
$file_path = realpath($requested_file);
if (strpos($requested_file, 'http://') === false && strpos($requested_file, 'https://') === false && strpos($requested_file, 'ftp://') === false && file_exists($file_path)) {
/** This is an absolute path */
edd_deliver_download($file_path);
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
/** This is a local file given by URL */
$upload_dir = wp_upload_dir();
$file_path = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$file_path = realpath($file_path);
if (file_exists($file_path)) {
edd_deliver_download($file_path);
} else {
// Absolute path couldn't be discovered so send straight to the file URL
header("Location: " . $requested_file);
}
} else {
// This is a remote file
header("Location: " . $requested_file);
}
}
exit;
} else {
wp_die(apply_filters('edd_deny_download_message', __('You do not have permission to download this file.', 'vp_edd_fd')), __('Error', 'edd'));
}
exit;
}
/**
* Process a settings import from a json file
*
* @since 1.7
* @return void
*/
function edd_tools_import_export_process_import()
{
if (empty($_POST['edd_import_nonce'])) {
return;
}
if (!wp_verify_nonce($_POST['edd_import_nonce'], 'edd_import_nonce')) {
return;
}
if (!current_user_can('manage_shop_settings')) {
return;
}
if (edd_get_file_extension($_FILES['import_file']['name']) != 'json') {
wp_die(__('Please upload a valid .json file', 'edd'));
}
$import_file = $_FILES['import_file']['tmp_name'];
if (empty($import_file)) {
wp_die(__('Please upload a file to import', 'edd'));
}
// Retrieve the settings from the file and convert the json object to an array
$settings = edd_object_to_array(json_decode(file_get_contents($import_file)));
update_option('edd_settings', $settings);
wp_safe_redirect(admin_url('edit.php?post_type=download&page=edd-tools&edd-message=settings-imported'));
exit;
}
/**
* Filter filters and convert http to https
*
* @since 2.0
* @param mixed $content
* @return mixed
*/
function edd_enforced_ssl_asset_filter($content)
{
if (is_array($content)) {
$content = array_map('edd_enforced_ssl_asset_filter', $content);
} else {
// Detect if URL ends in a common domain suffix. We want to only affect assets
$extension = untrailingslashit(edd_get_file_extension($content));
$suffixes = array('br', 'ca', 'cn', 'com', 'de', 'dev', 'edu', 'fr', 'in', 'info', 'jp', 'local', 'mobi', 'name', 'net', 'nz', 'org', 'ru');
if (!in_array($extension, $suffixes)) {
$content = str_replace('http:', 'https:', $content);
}
}
return $content;
}
/**
* Set up and store the Featured Image
*
* @since 2.6
* @return void
*/
private function set_image($download_id = 0, $image = '', $post_author = 0)
{
$is_url = false !== filter_var($image, FILTER_VALIDATE_URL);
$is_local = $is_url && false !== strpos($image, site_url());
$ext = edd_get_file_extension($image);
if ($is_url && $is_local) {
// Image given by URL, see if we have an attachment already
$attachment_id = attachment_url_to_postid($image);
} elseif ($is_url) {
if (!function_exists('media_sideload_image')) {
require_once ABSPATH . 'wp-admin/includes/file.php';
}
// Image given by external URL
$url = media_sideload_image($image, $download_id, '', 'src');
if (!is_wp_error($url)) {
$attachment_id = attachment_url_to_postid($url);
}
} elseif (false === strpos($image, '/') && edd_get_file_extension($image)) {
// Image given by name only
$upload_dir = wp_upload_dir();
if (file_exists(trailingslashit($upload_dir['path']) . $image)) {
// Look in current upload directory first
$file = trailingslashit($upload_dir['path']) . $image;
} else {
// Now look through year/month sub folders of upload directory for files with our image's same extension
$files = glob($upload_dir['basedir'] . '/*/*/*{' . $ext . '}', GLOB_BRACE);
foreach ($files as $file) {
if (basename($file) == $image) {
// Found our file
break;
}
// Make sure $file is unset so our empty check below does not return a false positive
unset($file);
}
}
if (!empty($file)) {
// We found the file, let's see if it already exists in the media library
$guid = str_replace($upload_dir['basedir'], $upload_dir['baseurl'], $file);
$attachment_id = attachment_url_to_postid($guid);
if (empty($attachment_id)) {
// Doesn't exist in the media library, let's add it
$filetype = wp_check_filetype(basename($file), null);
// Prepare an array of post data for the attachment.
$attachment = array('guid' => $guid, 'post_mime_type' => $filetype['type'], 'post_title' => preg_replace('/\\.[^.]+$/', '', $image), 'post_content' => '', 'post_status' => 'inherit', 'post_author' => $post_author);
// Insert the attachment.
$attachment_id = wp_insert_attachment($attachment, $file, $download_id);
// Make sure that this file is included, as wp_generate_attachment_metadata() depends on it.
require_once ABSPATH . 'wp-admin/includes/image.php';
// Generate the metadata for the attachment, and update the database record.
$attach_data = wp_generate_attachment_metadata($attachment_id, $file);
wp_update_attachment_metadata($attachment_id, $attach_data);
}
}
}
if (!empty($attachment_id)) {
return set_post_thumbnail($download_id, $attachment_id);
}
return false;
}
/**
* Process add-on Downloads
*
* Handles the file download process for add-ons.
*
* @access private
* @since 1.1
* @return void
*/
function affwp_process_add_on_download()
{
if (!isset($_GET['add_on'])) {
return;
}
if (!is_user_logged_in()) {
return;
}
$add_on = absint($_GET['add_on']);
if ('download' != get_post_type($add_on)) {
return;
}
$has_ultimate_license = in_array(3, affwp_get_users_price_ids());
$has_professional_license = in_array(2, affwp_get_users_price_ids());
if (!($has_ultimate_license || $has_professional_license)) {
wp_die('You need either an Ultimate or Professional license to download this add-on', 'Error', array('response' => 403));
}
$user_info = array();
$user_data = get_userdata(get_current_user_id());
$user_info['email'] = $user_data->user_email;
$user_info['id'] = $user_data->ID;
$user_info['name'] = $user_data->display_name;
edd_record_download_in_log($add_on, 0, $user_info, edd_get_ip(), 0, 0);
$download_files = edd_get_download_files($add_on);
$requested_file = $download_files[0]['file'];
$file_extension = edd_get_file_extension($requested_file);
$ctype = edd_get_file_ctype($file_extension);
if (!edd_is_func_disabled('set_time_limit') && !ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
nocache_headers();
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . basename($requested_file) . "\"");
header("Content-Transfer-Encoding: binary");
$method = edd_get_file_download_method();
if ('x_sendfile' == $method && (!function_exists('apache_get_modules') || !in_array('mod_xsendfile', apache_get_modules()))) {
// If X-Sendfile is selected but is not supported, fallback to Direct
$method = 'direct';
}
switch ($method) {
case 'redirect':
// Redirect straight to the file
header("Location: " . $requested_file);
break;
case 'direct':
default:
$direct = false;
$file_details = parse_url($requested_file);
$schemes = array('http', 'https');
// Direct URL schemes
if ((!isset($file_details['scheme']) || !in_array($file_details['scheme'], $schemes)) && isset($file_details['path']) && file_exists($requested_file)) {
/** This is an absolute path */
$direct = true;
$file_path = $requested_file;
} else {
if (defined('UPLOADS') && strpos($requested_file, UPLOADS) !== false) {
/**
* This is a local file given by URL so we need to figure out the path
* UPLOADS is always relative to ABSPATH
* site_url() is the URL to where WordPress is installed
*/
$file_path = str_replace(site_url(), '', $requested_file);
$file_path = realpath(ABSPATH . $file_path);
$direct = true;
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
/** This is a local file given by URL so we need to figure out the path */
$file_path = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$file_path = realpath($file_path);
$direct = true;
}
}
}
// Now deliver the file based on the kind of software the server is running / has enabled
if (function_exists('apache_get_modules') && in_array('mod_xsendfile', apache_get_modules())) {
header("X-Sendfile: {$file_path}");
} elseif (stristr(getenv('SERVER_SOFTWARE'), 'lighttpd')) {
header("X-LIGHTTPD-send-file: {$file_path}");
} elseif (stristr(getenv('SERVER_SOFTWARE'), 'nginx') || stristr(getenv('SERVER_SOFTWARE'), 'cherokee')) {
// We need a path relative to the domain
$file_path = str_ireplace($_SERVER['DOCUMENT_ROOT'], '', $file_path);
header("X-Accel-Redirect: /{$file_path}");
} else {
if ($direct) {
edd_deliver_download($file_path);
} else {
// The file supplied does not have a discoverable absolute path
header("Location: " . $requested_file);
}
}
break;
}
edd_die();
exit;
}
/**
* Process Download
*
* Handles the file download process.
*
* @access private
* @since 1.0
* @return void
*/
function edd_process_download()
{
$args = apply_filters('edd_process_download_args', array('download' => isset($_GET['download']) ? (int) $_GET['download'] : '', 'email' => isset($_GET['email']) ? rawurldecode($_GET['email']) : '', 'expire' => isset($_GET['expire']) ? base64_decode(rawurldecode($_GET['expire'])) : '', 'file_key' => isset($_GET['file']) ? (int) $_GET['file'] : '', 'key' => isset($_GET['download_key']) ? $_GET['download_key'] : ''));
if ($args['download'] === '' || $args['email'] === '' || $args['file_key'] === '') {
return false;
}
extract($args);
$payment = edd_verify_download_link($download, $key, $email, $expire, $file_key);
// Defaulting this to true for now because the method below doesn't work well
$has_access = apply_filters('edd_file_download_has_access', true, $payment, $args);
//$has_access = ( edd_logged_in_only() && is_user_logged_in() ) || !edd_logged_in_only() ? true : false;
if ($payment && $has_access) {
do_action('edd_process_verified_download', $download, $email);
// payment has been verified, setup the download
$download_files = edd_get_download_files($download);
$requested_file = apply_filters('edd_requested_file', $download_files[$file_key]['file']);
$user_info = array();
$user_info['email'] = $email;
if (is_user_logged_in()) {
global $user_ID;
$user_data = get_userdata($user_ID);
$user_info['id'] = $user_ID;
$user_info['name'] = $user_data->display_name;
}
edd_record_download_in_log($download, $file_key, $user_info, edd_get_ip(), $payment);
$file_extension = edd_get_file_extension($requested_file);
$ctype = edd_get_file_ctype($file_extension);
if (!edd_is_func_disabled('set_time_limit') && !ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
@ob_end_clean();
if (ob_get_level()) {
@ob_end_clean();
}
// Zip corruption fix
nocache_headers();
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . apply_filters('edd_requested_file_name', basename($requested_file)) . "\";");
header("Content-Transfer-Encoding: binary");
if (strpos($requested_file, 'http://') === false && strpos($requested_file, 'https://') === false && strpos($requested_file, 'ftp://') === false) {
// this is an absolute path
$requested_file = realpath($requested_file);
if (file_exists($requested_file)) {
if ($size = @filesize($requested_file)) {
header("Content-Length: " . $size);
}
@edd_readfile_chunked($requested_file);
} else {
wp_die(__('Sorry but this file does not exist.', 'edd'), __('Error', 'edd'));
}
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
// This is a local file given by URL
$upload_dir = wp_upload_dir();
$requested_file = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$requested_file = realpath($requested_file);
if (file_exists($requested_file)) {
if ($size = @filesize($requested_file)) {
header("Content-Length: " . $size);
}
@edd_readfile_chunked($requested_file);
} else {
wp_die(__('Sorry but this file does not exist.', 'edd'), __('Error', 'edd'));
}
} else {
// This is a remote file
header("Location: " . $requested_file);
}
}
exit;
} else {
$error_message = __('You do not have permission to download this file', 'edd');
wp_die(apply_filters('edd_deny_download_message', $error_message, __('Purchase Verification Failed', 'edd')));
}
exit;
}
/**
* Deliver the download file
*
* If enabled, the file is symlinked to better support large file downloads
*
* @access public
* @param string file
* @return void
*/
function edd_deliver_download($file = '')
{
global $edd_options;
$symlink = apply_filters('edd_symlink_file_downloads', isset($edd_options['symlink_file_downloads']));
/*
* If symlinks are enabled, a link to the file will be created
* This symlink is used to hide the true location of the file, even when the file URL is revealed
* The symlink is deleted after it is used
*/
if ($symlink && function_exists('symlink')) {
// Generate a symbolic link
$ext = edd_get_file_extension($file);
$parts = explode('.', $file);
$name = basename($parts[0]);
$md5 = md5($file);
$file_name = $name . '_' . substr($md5, 0, -15) . '.' . $ext;
$path = edd_get_symlink_dir() . '/' . $file_name;
$url = edd_get_symlink_url() . '/' . $file_name;
// Set a transient to ensure this symlink is not deleted before it can be used
set_transient(md5($file_name), '1', 30);
// Schedule deletion of the symlink
if (!wp_next_scheduled('edd_cleanup_file_symlinks')) {
wp_schedule_single_event(time() + 60, 'edd_cleanup_file_symlinks');
}
// Make sure the symlink doesn't already exist before we create it
if (!file_exists($path)) {
$link = symlink($file, $path);
} else {
$link = true;
}
if ($link) {
// Send the browser to the file
header('Location: ' . $url);
} else {
@edd_readfile_chunked($file);
}
} else {
// Read the file and deliver it in chunks
@edd_readfile_chunked($file);
}
}
/**
* Deliver the file download
*
* @since 3.2.4
* @return void
*/
public function process_package_download()
{
if (isset($_GET['key']) && isset($_GET['id']) && isset($_GET['license']) && isset($_GET['expires'])) {
$id = absint(urldecode($_GET['id']));
$hash = urldecode($_GET['key']);
$license = sanitize_text_field(urldecode($_GET['license']));
$expires = is_numeric($_GET['expires']) ? $_GET['expires'] : urldecode(base64_decode($_GET['expires']));
do_action('edd_sl_before_package_download', $id, $hash, $license, $expires);
if (time() > $expires) {
wp_die(__('Your download link has expired', 'edd_sl'), __('Error', 'edd_sl'), array('response' => 401));
}
if (empty($license)) {
wp_die(__('No license key provided', 'edd_sl'), __('Error', 'edd_sl'), array('response' => 401));
}
if (!edd_software_licensing()->is_download_id_valid_for_license($id, $license)) {
wp_die(__('Invalid license supplied', 'edd_sl'), __('Error', 'edd_sl'), array('response' => 401));
}
$requested_file = $this->get_download_package($id, $license, $hash, $expires);
$file_extension = edd_get_file_extension($requested_file);
$ctype = edd_get_file_ctype($file_extension);
if (!edd_is_func_disabled('set_time_limit') && !ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
nocache_headers();
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . apply_filters('edd_requested_file_name', basename($requested_file)) . "\";");
header("Content-Transfer-Encoding: binary");
$method = edd_get_file_download_method();
if ('x_sendfile' == $method && (!function_exists('apache_get_modules') || !in_array('mod_xsendfile', apache_get_modules()))) {
// If X-Sendfile is selected but is not supported, fallback to Direct
$method = 'direct';
}
$file_details = parse_url($requested_file);
$schemes = array('http', 'https');
// Direct URL schemes
if ((!isset($file_details['scheme']) || !in_array($file_details['scheme'], $schemes)) && isset($file_details['path']) && file_exists($requested_file)) {
/**
* Download method is set to to Redirect in settings but an absolute path was provided
* We need to switch to a direct download in order for the file to download properly
*/
$method = 'direct';
}
switch ($method) {
case 'redirect':
// Redirect straight to the file
header("Location: " . $requested_file);
break;
case 'direct':
default:
$direct = false;
if ((!isset($file_details['scheme']) || !in_array($file_details['scheme'], $schemes)) && isset($file_details['path']) && file_exists($requested_file)) {
/** This is an absolute path */
$direct = true;
$file_path = $requested_file;
} else {
if (defined('UPLOADS') && strpos($requested_file, UPLOADS) !== false) {
/**
* This is a local file given by URL so we need to figure out the path
* UPLOADS is always relative to ABSPATH
* site_url() is the URL to where WordPress is installed
*/
$file_path = str_replace(site_url(), '', $requested_file);
$file_path = realpath(ABSPATH . $file_path);
$direct = true;
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
/** This is a local file given by URL so we need to figure out the path */
$file_path = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$file_path = realpath($file_path);
$direct = true;
}
}
}
// Now deliver the file based on the kind of software the server is running / has enabled
if (function_exists('apache_get_modules') && in_array('mod_xsendfile', apache_get_modules())) {
header("X-Sendfile: {$file_path}");
} elseif (stristr(getenv('SERVER_SOFTWARE'), 'lighttpd')) {
header("X-LIGHTTPD-send-file: {$file_path}");
} elseif (stristr(getenv('SERVER_SOFTWARE'), 'nginx') || stristr(getenv('SERVER_SOFTWARE'), 'cherokee')) {
// We need a path relative to the domain
$file_path = str_ireplace($_SERVER['DOCUMENT_ROOT'], '', $file_path);
header("X-Accel-Redirect: /{$file_path}");
}
if ($direct) {
edd_deliver_download($file_path);
} else {
// The file supplied does not have a discoverable absolute path
header("Location: " . $requested_file);
}
break;
}
edd_die();
} else {
wp_die(__('You do not have permission to download this file', 'edd_sl'), __('Error', 'edd_sl'), array('response' => 401));
}
exit;
}
/**
* Process Download
*
* Handles the file download process.
*
* @access private
* @since 1.0
* @return void
*/
function edd_process_download()
{
if (isset($_GET['download']) && isset($_GET['email']) && isset($_GET['file'])) {
$download = urldecode($_GET['download']);
$key = urldecode($_GET['download_key']);
$email = rawurldecode($_GET['email']);
$file_key = urldecode($_GET['file']);
$expire = urldecode(base64_decode($_GET['expire']));
$payment = edd_verify_download_link($download, $key, $email, $expire, $file_key);
// defaulting this to true for now because the method below doesn't work well
$has_access = true;
//$has_access = ( edd_logged_in_only() && is_user_logged_in() ) || !edd_logged_in_only() ? true : false;
if ($payment && $has_access) {
do_action('edd_process_verified_download', $download, $email);
// payment has been verified, setup the download
$download_files = edd_get_download_files($download);
$requested_file = apply_filters('edd_requested_file', $download_files[$file_key]['file']);
$user_info = array();
$user_info['email'] = $email;
if (is_user_logged_in()) {
global $user_ID;
$user_data = get_userdata($user_ID);
$user_info['id'] = $user_ID;
$user_info['name'] = $user_data->display_name;
}
edd_record_download_in_log($download, $file_key, $user_info, edd_get_ip(), date('Y-m-d H:i:s'));
$file_extension = edd_get_file_extension($requested_file);
switch ($file_extension) {
case 'ai':
$ctype = "application/postscript";
break;
case 'aif':
$ctype = "audio/x-aiff";
break;
case 'aifc':
$ctype = "audio/x-aiff";
break;
case 'aiff':
$ctype = "audio/x-aiff";
break;
case 'asc':
$ctype = "text/plain";
break;
case 'atom':
$ctype = "application/atom+xml";
break;
case 'au':
$ctype = "audio/basic";
break;
case 'avi':
$ctype = "video/x-msvideo";
break;
case 'bcpio':
$ctype = "application/x-bcpio";
break;
case 'bin':
$ctype = "application/octet-stream";
break;
case 'bmp':
$ctype = "image/bmp";
break;
case 'cdf':
$ctype = "application/x-netcdf";
break;
case 'cgm':
$ctype = "image/cgm";
break;
case 'class':
$ctype = "application/octet-stream";
break;
case 'cpio':
$ctype = "application/x-cpio";
break;
case 'cpt':
$ctype = "application/mac-compactpro";
break;
case 'csh':
$ctype = "application/x-csh";
break;
case 'css':
$ctype = "text/css";
break;
case 'dcr':
$ctype = "application/x-director";
break;
case 'dif':
$ctype = "video/x-dv";
break;
case 'dir':
$ctype = "application/x-director";
break;
case 'djv':
$ctype = "image/vnd.djvu";
break;
case 'djvu':
$ctype = "image/vnd.djvu";
break;
case 'dll':
$ctype = "application/octet-stream";
break;
case 'dmg':
$ctype = "application/octet-stream";
break;
case 'dms':
$ctype = "application/octet-stream";
break;
case 'doc':
$ctype = "application/msword";
break;
case 'dtd':
$ctype = "application/xml-dtd";
break;
case 'dv':
$ctype = "video/x-dv";
break;
case 'dvi':
$ctype = "application/x-dvi";
break;
case 'dxr':
$ctype = "application/x-director";
break;
case 'eps':
$ctype = "application/postscript";
break;
case 'etx':
$ctype = "text/x-setext";
break;
case 'exe':
$ctype = "application/octet-stream";
break;
case 'ez':
$ctype = "application/andrew-inset";
break;
case 'gif':
$ctype = "image/gif";
break;
case 'gram':
$ctype = "application/srgs";
break;
case 'grxml':
$ctype = "application/srgs+xml";
break;
case 'gtar':
$ctype = "application/x-gtar";
break;
case 'hdf':
$ctype = "application/x-hdf";
break;
case 'hqx':
$ctype = "application/mac-binhex40";
break;
case 'htm':
$ctype = "text/html";
break;
case 'html':
$ctype = "text/html";
break;
case 'ice':
$ctype = "x-conference/x-cooltalk";
break;
case 'ico':
$ctype = "image/x-icon";
break;
case 'ics':
$ctype = "text/calendar";
break;
case 'ief':
$ctype = "image/ief";
break;
case 'ifb':
$ctype = "text/calendar";
break;
case 'iges':
$ctype = "model/iges";
break;
case 'igs':
$ctype = "model/iges";
break;
case 'jnlp':
$ctype = "application/x-java-jnlp-file";
break;
case 'jp2':
$ctype = "image/jp2";
break;
case 'jpe':
$ctype = "image/jpeg";
break;
case 'jpeg':
$ctype = "image/jpeg";
break;
case 'jpg':
$ctype = "image/jpeg";
break;
case 'js':
$ctype = "application/x-javascript";
break;
case 'kar':
$ctype = "audio/midi";
break;
case 'latex':
$ctype = "application/x-latex";
break;
case 'lha':
$ctype = "application/octet-stream";
break;
case 'lzh':
$ctype = "application/octet-stream";
break;
case 'm3u':
$ctype = "audio/x-mpegurl";
break;
case 'm4a':
$ctype = "audio/mp4a-latm";
break;
case 'm4b':
$ctype = "audio/mp4a-latm";
break;
case 'm4p':
$ctype = "audio/mp4a-latm";
break;
case 'm4u':
$ctype = "video/vnd.mpegurl";
break;
case 'm4v':
$ctype = "video/x-m4v";
break;
case 'mac':
$ctype = "image/x-macpaint";
break;
case 'man':
$ctype = "application/x-troff-man";
break;
case 'mathml':
$ctype = "application/mathml+xml";
break;
case 'me':
$ctype = "application/x-troff-me";
break;
case 'mesh':
$ctype = "model/mesh";
break;
case 'mid':
$ctype = "audio/midi";
break;
case 'midi':
$ctype = "audio/midi";
break;
case 'mif':
$ctype = "application/vnd.mif";
break;
case 'mov':
$ctype = "video/quicktime";
break;
case 'movie':
$ctype = "video/x-sgi-movie";
break;
case 'mp2':
$ctype = "audio/mpeg";
break;
case 'mp3':
$ctype = "audio/mpeg";
break;
case 'mp4':
$ctype = "video/mp4";
break;
case 'mpe':
$ctype = "video/mpeg";
break;
case 'mpeg':
$ctype = "video/mpeg";
break;
case 'mpg':
$ctype = "video/mpeg";
break;
case 'mpga':
$ctype = "audio/mpeg";
break;
case 'ms':
$ctype = "application/x-troff-ms";
break;
case 'msh':
$ctype = "model/mesh";
break;
case 'mxu':
$ctype = "video/vnd.mpegurl";
break;
case 'nc':
$ctype = "application/x-netcdf";
break;
case 'oda':
$ctype = "application/oda";
break;
case 'ogg':
$ctype = "application/ogg";
break;
case 'pbm':
$ctype = "image/x-portable-bitmap";
break;
case 'pct':
$ctype = "image/pict";
break;
case 'pdb':
$ctype = "chemical/x-pdb";
break;
case 'pdf':
$ctype = "application/pdf";
break;
case 'pgm':
$ctype = "image/x-portable-graymap";
break;
case 'pgn':
$ctype = "application/x-chess-pgn";
break;
case 'pic':
$ctype = "image/pict";
break;
case 'pict':
$ctype = "image/pict";
break;
case 'png':
$ctype = "image/png";
break;
case 'pnm':
$ctype = "image/x-portable-anymap";
break;
case 'pnt':
$ctype = "image/x-macpaint";
break;
case 'pntg':
$ctype = "image/x-macpaint";
break;
case 'ppm':
$ctype = "image/x-portable-pixmap";
break;
case 'ppt':
$ctype = "application/vnd.ms-powerpoint";
break;
case 'ps':
$ctype = "application/postscript";
break;
case 'qt':
$ctype = "video/quicktime";
break;
case 'qti':
$ctype = "image/x-quicktime";
break;
case 'qtif':
$ctype = "image/x-quicktime";
break;
case 'ra':
$ctype = "audio/x-pn-realaudio";
break;
case 'ram':
$ctype = "audio/x-pn-realaudio";
break;
case 'ras':
$ctype = "image/x-cmu-raster";
break;
case 'rdf':
$ctype = "application/rdf+xml";
break;
case 'rgb':
$ctype = "image/x-rgb";
break;
case 'rm':
$ctype = "application/vnd.rn-realmedia";
break;
case 'roff':
$ctype = "application/x-troff";
break;
case 'rtf':
$ctype = "text/rtf";
break;
case 'rtx':
$ctype = "text/richtext";
break;
case 'sgm':
$ctype = "text/sgml";
break;
case 'sgml':
$ctype = "text/sgml";
break;
case 'sh':
$ctype = "application/x-sh";
break;
case 'shar':
$ctype = "application/x-shar";
break;
case 'silo':
$ctype = "model/mesh";
break;
case 'sit':
$ctype = "application/x-stuffit";
break;
case 'skd':
$ctype = "application/x-koan";
break;
case 'skm':
$ctype = "application/x-koan";
break;
case 'skp':
$ctype = "application/x-koan";
break;
case 'skt':
$ctype = "application/x-koan";
break;
case 'smi':
$ctype = "application/smil";
break;
case 'smil':
$ctype = "application/smil";
break;
case 'snd':
$ctype = "audio/basic";
break;
case 'so':
$ctype = "application/octet-stream";
break;
case 'spl':
$ctype = "application/x-futuresplash";
break;
case 'src':
$ctype = "application/x-wais-source";
break;
case 'sv4cpio':
$ctype = "application/x-sv4cpio";
break;
case 'sv4crc':
$ctype = "application/x-sv4crc";
break;
case 'svg':
$ctype = "image/svg+xml";
break;
case 'swf':
$ctype = "application/x-shockwave-flash";
break;
case 't':
$ctype = "application/x-troff";
break;
case 'tar':
$ctype = "application/x-tar";
break;
case 'tcl':
$ctype = "application/x-tcl";
break;
case 'tex':
$ctype = "application/x-tex";
break;
case 'texi':
$ctype = "application/x-texinfo";
break;
case 'texinfo':
$ctype = "application/x-texinfo";
break;
case 'tif':
$ctype = "image/tiff";
break;
case 'tiff':
$ctype = "image/tiff";
break;
case 'tr':
$ctype = "application/x-troff";
break;
case 'tsv':
$ctype = "text/tab-separated-values";
break;
case 'txt':
$ctype = "text/plain";
break;
case 'ustar':
$ctype = "application/x-ustar";
break;
case 'vcd':
$ctype = "application/x-cdlink";
break;
case 'vrml':
$ctype = "model/vrml";
break;
case 'vxml':
$ctype = "application/voicexml+xml";
break;
case 'wav':
$ctype = "audio/x-wav";
break;
case 'wbmp':
$ctype = "image/vnd.wap.wbmp";
break;
case 'wbmxl':
$ctype = "application/vnd.wap.wbxml";
break;
case 'wml':
$ctype = "text/vnd.wap.wml";
break;
case 'wmlc':
$ctype = "application/vnd.wap.wmlc";
break;
case 'wmls':
$ctype = "text/vnd.wap.wmlscript";
break;
case 'wmlsc':
$ctype = "application/vnd.wap.wmlscriptc";
break;
case 'wrl':
$ctype = "model/vrml";
break;
case 'xbm':
$ctype = "image/x-xbitmap";
break;
case 'xht':
$ctype = "application/xhtml+xml";
break;
case 'xhtml':
$ctype = "application/xhtml+xml";
break;
case 'xls':
$ctype = "application/vnd.ms-excel";
break;
case 'xml':
$ctype = "application/xml";
break;
case 'xpm':
$ctype = "image/x-xpixmap";
break;
case 'xsl':
$ctype = "application/xml";
break;
case 'xslt':
$ctype = "application/xslt+xml";
break;
case 'xul':
$ctype = "application/vnd.mozilla.xul+xml";
break;
case 'xwd':
$ctype = "image/x-xwindowdump";
break;
case 'xyz':
$ctype = "chemical/x-xyz";
break;
case 'zip':
$ctype = "application/zip";
break;
default:
$ctype = "application/force-download";
}
if (!ini_get('safe_mode')) {
set_time_limit(0);
}
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
@ini_set('zlib.output_compression', 'Off');
@ob_end_clean();
if (ob_get_level()) {
@ob_end_clean();
}
// Zip corruption fix
header("Pragma: no-cache");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Robots: none");
header("Content-Type: " . $ctype . "");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"" . apply_filters('edd_requested_file_name', basename($requested_file)) . "\";");
header("Content-Transfer-Encoding: binary");
if (strpos($requested_file, 'http://') === false && strpos($requested_file, 'https://') === false && strpos($requested_file, 'ftp://') === false) {
// this is an absolute path
$requested_file = realpath($requested_file);
if (file_exists($requested_file)) {
if ($size = @filesize($requested_file)) {
header("Content-Length: " . $size);
}
@edd_readfile_chunked($requested_file);
} else {
wp_die(__('Sorry but this file does not exist.', 'edd'), __('Error'));
}
} else {
if (strpos($requested_file, WP_CONTENT_URL) !== false) {
// this is a local file given by URL
$upload_dir = wp_upload_dir();
$requested_file = str_replace(WP_CONTENT_URL, WP_CONTENT_DIR, $requested_file);
$requested_file = realpath($requested_file);
if (file_exists($requested_file)) {
if ($size = @filesize($requested_file)) {
header("Content-Length: " . $size);
}
@edd_readfile_chunked($requested_file);
} else {
wp_die(__('Sorry but this file does not exist.', 'edd'), __('Error'));
}
} else {
// this is a remote file
header("Location: " . $requested_file);
}
}
exit;
} else {
wp_die(__('You do not have permission to download this file', 'edd'), __('Purchase Verification Failed', 'edd'));
}
exit;
}
}
