Пример #1
0
     } else {
         // Override content type with header setting
         header('Content-Type: ' . $content_type);
     }
     // Transfer encoding
     header('Content-Transfer-Encoding: binary');
     // Content length
     header('Content-Length: ' . filesize(dc_file_location() . $release->filename));
     // Cache handling
     header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
     header('Pragma: public');
     header('Expires: 0');
     // Stream file
     ob_clean();
     flush();
     $handle = fopen(dc_file_location() . $release->filename, 'rb');
     $chunksize = 1 * (1024 * 1024);
     $buffer = '';
     if ($handle === false) {
         exit;
     }
     while (!feof($handle)) {
         $buffer = fread($handle, $chunksize);
         echo $buffer;
         flush();
     }
     // Close file
     fclose($handle);
     // Exit
     exit;
 }
Пример #2
0
/**
 * Sends headers to download file when download code was entered successfully
 */
function dc_send_download_headers()
{
    global $wpdb;
    // Only continue if lease is provided as a query parameter
    if (isset($_GET['lease'])) {
        // Get details for code and release
        $release = $wpdb->get_row($wpdb->prepare("SELECT r.*, c.ID as code, c.code_prefix, c.code_suffix FROM " . dc_tbl_releases() . " r INNER JOIN " . dc_tbl_codes() . " c ON c.release = r.ID WHERE MD5(CONCAT('wp-dl-hash',c.ID)) = %s", array($_GET['lease'])));
        // Get # of downloads with this code
        $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code= %s", array($release->code)));
        // Start download if maximum of allowed downloads is not reached
        if ($downloads->downloads < $release->allowed_downloads) {
            // Get current IP
            $IP = $_SERVER['REMOTE_ADDR'];
            // Insert download in downloads table
            $wpdb->insert(dc_tbl_downloads(), array('code' => $release->code, 'IP' => $IP), array('%d', '%s'));
            // If Apache's xsendfile is enabled (must be installed and working on server side)
            if (dc_xsendfile_enabled()) {
                header('X-Sendfile: ' . dc_file_location() . $release->filename);
                header('Content-Type: application/octet-stream');
                header('Content-Disposition: attachment; filename=\\"' . urlencode($release->filename) . '\\"');
                exit;
            }
            // Increase timeout for slow connections
            set_time_limit(0);
            // Deactivate output compression (required for IE, otherwise Content-Disposition is ignored)
            if (ini_get('zlib.output_compression')) {
                ini_set('zlib.output_compression', 'Off');
            }
            // Content description
            header('Content-Description: File Transfer');
            // Content disposition
            if (strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") > 0) {
                header('Content-Disposition: attachment; filename="' . urlencode($release->filename) . '"');
            } else {
                header('Content-Disposition: attachment; filename*=UTF-8\'\'' . urlencode($release->filename));
            }
            // Content type
            $content_type = dc_header_content_type();
            if ($content_type == DC_HEADER_CONTENT_TYPE) {
                // Send MIME type of current file
                header('Content-Type: ' . get_mime_content_type(dc_file_location() . $release->filename));
            } else {
                // Override content type with header setting
                header('Content-Type: ' . $content_type);
            }
            // Transfer encoding
            header('Content-Transfer-Encoding: binary');
            // Content length
            header('Content-Length: ' . filesize(dc_file_location() . $release->filename));
            // Cache handling
            header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
            header('Pragma: public');
            header('Expires: 0');
            // Stream file
            ob_clean();
            flush();
            $handle = fopen(dc_file_location() . $release->filename, 'rb');
            $chunksize = 1 * (1024 * 1024);
            $buffer = '';
            if ($handle === false) {
                exit;
            }
            while (!feof($handle)) {
                $buffer = fread($handle, $chunksize);
                echo $buffer;
                flush();
            }
            // Close file
            fclose($handle);
            // Exit
            exit;
        }
    }
}
Пример #3
0
/**
 * Manages releases
 */
function dc_manage_releases()
{
    global $wpdb;
    $wpdb->query('SET OPTION SQL_BIG_SELECTS = 1');
    // Get parameters
    $get_action = $_GET['action'];
    $get_release = $_GET['release'];
    // Post parameters
    $post_action = $_POST['action'];
    $post_release = $_POST['release'];
    // Show page title
    echo '<div class="wrap">';
    echo '<h2>Download Codes &raquo; Manage Releases</h2>';
    switch ($get_action) {
        case 'edit':
        case 'add':
            // Update or insert release
            if (isset($_POST['submit'])) {
                if ($post_action == 'add') {
                    $result = dc_add_release();
                    if (is_array($result)) {
                        echo dc_admin_message(implode('</p><p>', $result));
                    } else {
                        if ($result === FALSE) {
                            echo dc_admin_message('There was an error adding the release');
                        } else {
                            echo dc_admin_message('The release was added successfully');
                            $add_success = true;
                        }
                    }
                }
                if ($post_action == 'edit') {
                    $result = dc_edit_release();
                    if (is_array($result)) {
                        // display errors
                    } else {
                        if ($result === FALSE) {
                            echo dc_admin_message('There was an error updating the release');
                        } else {
                            echo dc_admin_message('The release was updated successfully');
                            $edit_success = true;
                        }
                    }
                }
            }
            break;
        case 'delete':
            $result = dc_delete_release($get_release);
            if ($result) {
                echo dc_admin_message('The release was deleted successfully');
            } else {
                echo dc_admin_message('There was an error deleting the release');
            }
            break;
    }
    if (($get_action == 'edit' || $get_action == 'add') && !$add_success) {
        //*********************************************
        // Add or edit a release
        //*********************************************
        // Get zip files in download folder
        $files = scandir(dc_file_location());
        $num_download_files = 0;
        foreach ($files as $filename) {
            if (in_array(strtolower(substr($filename, -3)), dc_file_types())) {
                $num_download_files++;
            }
        }
        if ($num_download_files == 0) {
            echo dc_admin_message('No files have been uploaded to the releases folder: <em>' . dc_file_location() . '</em></p><p><strong>You must do this first before adding a release!</strong>');
        }
        // Get current release
        if ('' != $get_release) {
            $release = dc_get_release($get_release);
        }
        if ('' != $post_release) {
            $release = dc_get_release($post_release);
        }
        // Write page subtitle
        echo '<h3>' . ('add' == $get_action ? 'Add New' : 'Edit') . ' Release</h3>';
        echo '<p><a href="admin.php?page=dc-manage-releases">&laquo; Back to releases</a></p>';
        // Display form
        echo '<form action="admin.php?page=dc-manage-releases&action=' . $get_action . '" method="post">';
        echo '<input type="hidden" name="release" value="' . $release->ID . '" />';
        echo '<input type="hidden" name="action" value="' . $get_action . '" />';
        echo '<table class="form-table">';
        // Title
        echo '<tr valign="top">';
        echo '<th scope="row"><label for="release-title">Title</label></th>';
        echo '<td><input type="text" name="title" id="release-title" class="regular-text" value="' . $release->title . '" />';
        echo ' <span class="description">For example, the album title</span></td>';
        echo '</tr>';
        // Artist
        echo '<tr valign="top">';
        echo '<th scope="row"><label for="release-artist">Artist (optional)</label></th>';
        echo '<td><input type="text" name="artist" id="release-artist" class="regular-text" value="' . $release->artist . '" />';
        echo ' <span class="description">The band or artist</span></td>';
        echo '</tr>';
        // File
        echo '<tr valign="top">';
        echo '<th scope="row"><label for="release-file">File</label></th>';
        echo '<td>' . dc_file_location() . ' <select name="filename" id="release-file">-->';
        // Get array of allowed file types/extensions
        $allowed_file_types = dc_file_types();
        // List all files matching the allowed extensions
        foreach ($files as $filename) {
            $file_extension_array = split("\\.", $filename);
            $file_extension = strtolower($file_extension_array[sizeof($file_extension_array) - 1]);
            if (in_array($file_extension, $allowed_file_types)) {
                echo '<option' . ($filename == $release->filename ? ' selected="selected"' : '') . '>' . $filename . '</option>';
            }
        }
        echo '</select></td>';
        echo '</tr>';
        // Allowed downloads
        echo '<tr valign="top">';
        echo '<th scope="row"><label for="release-downloads">Allowed downloads</label></th>';
        echo '<td><input type="text" name="downloads" id="release-downloads" class="small-text" value="' . ($release->allowed_downloads > 0 ? $release->allowed_downloads : DC_ALLOWED_DOWNLOADS) . '" />';
        echo ' <span class="description">Maximum number of times each code can be used</span></td>';
        echo '</tr>';
        echo '</table>';
        // Submit
        echo '<p class="submit">';
        echo '<input type="submit" name="submit" class="button-primary" value="' . ($get_action == 'edit' ? 'Save Changes' : 'Add Release') . '" />';
        echo '</p>';
        echo '</form>';
    } else {
        //*********************************************
        // List releases
        //*********************************************
        // Write page subtitle
        echo '<h3>Releases</h3>';
        // Get releases
        $releases = dc_get_releases();
        // Check if the releases are empty
        if (sizeof($releases) == 0) {
            echo dc_admin_message('No releases have been created yet');
            echo '<p>You might want to <a href="admin.php?page=dc-manage-releases&action=add">add a new release</a></p>';
        } else {
            echo '<table class="widefat">';
            echo '<thead>';
            echo '<tr><th>Title</th><th>Artist</th><th>ID</th><th>File</th><th>Codes</th><th>Downloaded</th><th>Actions</th></tr>';
            echo '</thead>';
            echo '<tbody>';
            foreach ($releases as $release) {
                echo '<tr>';
                echo '<td><strong>' . $release->title . '</strong></td><td>' . $release->artist . '</td>';
                echo '<td>' . $release->ID . '</td>';
                echo '<td>' . $release->filename . '</td>';
                echo '<td>' . $release->codes . '</td><td>' . $release->downloads . '</td>';
                echo '<td>';
                echo '<a href="admin.php?page=dc-manage-releases&amp;release=' . $release->ID . '&amp;action=edit" class="action-edit">Edit</a> | ';
                echo '<a href="admin.php?page=dc-manage-codes&amp;release=' . $release->ID . '" class="action-manage">Manage codes</a> | ';
                echo '<a href="admin.php?page=dc-manage-codes&amp;release=' . $release->ID . '&amp;action=report" class="action-report" rel="dc_downloads-' . $release->ID . '">View report</a> | ';
                echo '<a href="admin.php?page=dc-manage-releases&amp;release=' . $release->ID . '&amp;action=delete" class="action-delete">Delete</a>';
                echo '</td>';
                echo '</tr>';
            }
            echo '</tbody>';
            echo '<tfoot>';
            echo '<tr><th>Title</th><th>Artist</th><th>ID</th><th>File</th><th>Codes</th><th>Downloaded</th><th>Actions</th></tr>';
            echo '</tfoot>';
            echo '</table>';
            foreach ($releases as $release) {
                dc_list_downloads($release->ID, NULL, FALSE);
            }
        }
        // Show link to add a new release
        echo '<p><a class="button-primary" href="admin.php?page=dc-manage-releases&amp;action=add">Add New Release</a></p>';
    }
    echo '</div>';
}
Пример #4
0
/**
 * Creates a download form for the shortcode "download-code"
 */
function dc_embed_download_code_form($atts)
{
    global $wpdb;
    $id = "";
    $anchor = "";
    $post_code = "";
    // Get attributes
    extract(shortcode_atts(array('id' => '0', 'anchor' => ''), $atts));
    // Set shortcode id, i.e. the release id to which the shortcode relates. If no id is provided, this value is assumed as "all".
    $shortcode_id = $id == 0 ? 'all' : $id;
    // Check if code has been submitted for the release to which the current shortcode relates
    if (isset($_POST['submit_' . $shortcode_id])) {
        // Get current IP
        $IP = $_SERVER['REMOTE_ADDR'];
        // Get submitted code and release id
        $submitted_release = $_POST['submitted_release_' . $shortcode_id] != '' ? $_POST['submitted_release_' . $shortcode_id] : 'all';
        $post_code = strtoupper(trim($_POST['code_' . $shortcode_id]));
        // Get matching code record from database to check if code is valid for given release id or for all releases
        $wpdb->show_errors();
        $code = $wpdb->get_row($wpdb->prepare("SELECT ID, `release` FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s" . ($submitted_release != 'all' ? ' AND `release` = %d' : ''), $submitted_release != 'all' ? array($post_code, $submitted_release) : array($post_code)));
        if ($code->ID) {
            // Get release details
            $release = $wpdb->get_row("SELECT * FROM " . dc_tbl_releases() . " WHERE ID = " . $code->release);
            // Get # of downloads with this code
            $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code=(SELECT ID FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s )", array($post_code)));
            // Start download if maximum of allowed downloads is not reached
            if ($downloads->downloads < $release->allowed_downloads) {
                // Set temporary download lease id
                $download_lease_id[$shortcode_id] = md5('wp-dl-hash' . $code->ID);
            } else {
                $ret = dc_msg('max_downloads_reached');
            }
        } else {
            // Get # of attempts from this IP
            $attempts = $wpdb->get_row("SELECT COUNT(*) AS attempts FROM " . dc_tbl_downloads() . " WHERE IP='" . $IP . "' AND code = -1 AND DATE(started_at) > DATE(CURRENT_DATE() - 1)");
            if ($attempts->attempts < dc_max_attempts()) {
                // Insert attempt
                $wpdb->insert(dc_tbl_downloads(), array('code' => -1, 'IP' => $IP), array('%d', '%s'));
                $ret = dc_msg('code_invalid');
            } else {
                $ret = dc_msg('max_attempts_reached');
            }
        }
    }
    // Compile HTML result
    $html = '<div class="dc-download-code">';
    if ($download_lease_id[$shortcode_id] && ($shortcode_id == 'all' || $shortcode_id == $submitted_release)) {
        // Show link for download
        $html .= '<p>' . dc_msg('code_valid') . '</p>';
        $html .= '<p><a href="' . site_url() . '/?lease=' . $download_lease_id[$shortcode_id] . '">' . ($release->artist ? $release->artist . ' - ' : '') . $release->title . '</a> ' . format_bytes(filesize(dc_file_location() . $release->filename)) . '</p>';
    } else {
        // Show message
        if ($ret != '') {
            $html .= '<p>' . $ret . '</p>';
        }
        // Display form
        $html .= '<form action="' . ('' == $anchor ? '' : '#' . $anchor) . '" name="dc_form" method="post">';
        $html .= '<p><input type="hidden" name="submitted_release_' . $shortcode_id . '" value="' . $shortcode_id . '" />';
        $html .= dc_msg('code_enter') . ' <input type="text" name="code_' . $shortcode_id . '" value="' . ($post_code != "" ? $post_code : ($_GET['yourcode'] != "" ? $_GET['yourcode'] : "")) . '" size="20" /> ';
        $html .= '<input type="submit" name="submit_' . $shortcode_id . '" value="' . __('Submit') . '" /></p>';
        $html .= '</form>';
    }
    $html .= '</div>';
    return $html;
}