} else {
// Override content type with header setting
header('Content-Type: ' . $content_type);
}
// Transfer encoding
header('Content-Transfer-Encoding: binary');
// Content length
header('Content-Length: ' . filesize(dc_file_location() . $release->filename));
// Cache handling
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Expires: 0');
// Stream file
ob_clean();
flush();
$handle = fopen(dc_file_location() . $release->filename, 'rb');
$chunksize = 1 * (1024 * 1024);
$buffer = '';
if ($handle === false) {
exit;
}
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
echo $buffer;
flush();
}
// Close file
fclose($handle);
// Exit
exit;
}
/**
* Sends headers to download file when download code was entered successfully
*/
function dc_send_download_headers()
{
global $wpdb;
// Only continue if lease is provided as a query parameter
if (isset($_GET['lease'])) {
// Get details for code and release
$release = $wpdb->get_row($wpdb->prepare("SELECT r.*, c.ID as code, c.code_prefix, c.code_suffix FROM " . dc_tbl_releases() . " r INNER JOIN " . dc_tbl_codes() . " c ON c.release = r.ID WHERE MD5(CONCAT('wp-dl-hash',c.ID)) = %s", array($_GET['lease'])));
// Get # of downloads with this code
$downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code= %s", array($release->code)));
// Start download if maximum of allowed downloads is not reached
if ($downloads->downloads < $release->allowed_downloads) {
// Get current IP
$IP = $_SERVER['REMOTE_ADDR'];
// Insert download in downloads table
$wpdb->insert(dc_tbl_downloads(), array('code' => $release->code, 'IP' => $IP), array('%d', '%s'));
// If Apache's xsendfile is enabled (must be installed and working on server side)
if (dc_xsendfile_enabled()) {
header('X-Sendfile: ' . dc_file_location() . $release->filename);
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=\\"' . urlencode($release->filename) . '\\"');
exit;
}
// Increase timeout for slow connections
set_time_limit(0);
// Deactivate output compression (required for IE, otherwise Content-Disposition is ignored)
if (ini_get('zlib.output_compression')) {
ini_set('zlib.output_compression', 'Off');
}
// Content description
header('Content-Description: File Transfer');
// Content disposition
if (strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") > 0) {
header('Content-Disposition: attachment; filename="' . urlencode($release->filename) . '"');
} else {
header('Content-Disposition: attachment; filename*=UTF-8\'\'' . urlencode($release->filename));
}
// Content type
$content_type = dc_header_content_type();
if ($content_type == DC_HEADER_CONTENT_TYPE) {
// Send MIME type of current file
header('Content-Type: ' . get_mime_content_type(dc_file_location() . $release->filename));
} else {
// Override content type with header setting
header('Content-Type: ' . $content_type);
}
// Transfer encoding
header('Content-Transfer-Encoding: binary');
// Content length
header('Content-Length: ' . filesize(dc_file_location() . $release->filename));
// Cache handling
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Expires: 0');
// Stream file
ob_clean();
flush();
$handle = fopen(dc_file_location() . $release->filename, 'rb');
$chunksize = 1 * (1024 * 1024);
$buffer = '';
if ($handle === false) {
exit;
}
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
echo $buffer;
flush();
}
// Close file
fclose($handle);
// Exit
exit;
}
}
}
/**
* Manages releases
*/
function dc_manage_releases()
{
global $wpdb;
$wpdb->query('SET OPTION SQL_BIG_SELECTS = 1');
// Get parameters
$get_action = $_GET['action'];
$get_release = $_GET['release'];
// Post parameters
$post_action = $_POST['action'];
$post_release = $_POST['release'];
// Show page title
echo '<div class="wrap">';
echo '<h2>Download Codes » Manage Releases</h2>';
switch ($get_action) {
case 'edit':
case 'add':
// Update or insert release
if (isset($_POST['submit'])) {
if ($post_action == 'add') {
$result = dc_add_release();
if (is_array($result)) {
echo dc_admin_message(implode('</p><p>', $result));
} else {
if ($result === FALSE) {
echo dc_admin_message('There was an error adding the release');
} else {
echo dc_admin_message('The release was added successfully');
$add_success = true;
}
}
}
if ($post_action == 'edit') {
$result = dc_edit_release();
if (is_array($result)) {
// display errors
} else {
if ($result === FALSE) {
echo dc_admin_message('There was an error updating the release');
} else {
echo dc_admin_message('The release was updated successfully');
$edit_success = true;
}
}
}
}
break;
case 'delete':
$result = dc_delete_release($get_release);
if ($result) {
echo dc_admin_message('The release was deleted successfully');
} else {
echo dc_admin_message('There was an error deleting the release');
}
break;
}
if (($get_action == 'edit' || $get_action == 'add') && !$add_success) {
//*********************************************
// Add or edit a release
//*********************************************
// Get zip files in download folder
$files = scandir(dc_file_location());
$num_download_files = 0;
foreach ($files as $filename) {
if (in_array(strtolower(substr($filename, -3)), dc_file_types())) {
$num_download_files++;
}
}
if ($num_download_files == 0) {
echo dc_admin_message('No files have been uploaded to the releases folder: <em>' . dc_file_location() . '</em></p><p><strong>You must do this first before adding a release!</strong>');
}
// Get current release
if ('' != $get_release) {
$release = dc_get_release($get_release);
}
if ('' != $post_release) {
$release = dc_get_release($post_release);
}
// Write page subtitle
echo '<h3>' . ('add' == $get_action ? 'Add New' : 'Edit') . ' Release</h3>';
echo '<p><a href="admin.php?page=dc-manage-releases">« Back to releases</a></p>';
// Display form
echo '<form action="admin.php?page=dc-manage-releases&action=' . $get_action . '" method="post">';
echo '<input type="hidden" name="release" value="' . $release->ID . '" />';
echo '<input type="hidden" name="action" value="' . $get_action . '" />';
echo '<table class="form-table">';
// Title
echo '<tr valign="top">';
echo '<th scope="row"><label for="release-title">Title</label></th>';
echo '<td><input type="text" name="title" id="release-title" class="regular-text" value="' . $release->title . '" />';
echo ' <span class="description">For example, the album title</span></td>';
echo '</tr>';
// Artist
echo '<tr valign="top">';
echo '<th scope="row"><label for="release-artist">Artist (optional)</label></th>';
echo '<td><input type="text" name="artist" id="release-artist" class="regular-text" value="' . $release->artist . '" />';
echo ' <span class="description">The band or artist</span></td>';
echo '</tr>';
// File
echo '<tr valign="top">';
echo '<th scope="row"><label for="release-file">File</label></th>';
echo '<td>' . dc_file_location() . ' <select name="filename" id="release-file">-->';
// Get array of allowed file types/extensions
$allowed_file_types = dc_file_types();
// List all files matching the allowed extensions
foreach ($files as $filename) {
$file_extension_array = split("\\.", $filename);
$file_extension = strtolower($file_extension_array[sizeof($file_extension_array) - 1]);
if (in_array($file_extension, $allowed_file_types)) {
echo '<option' . ($filename == $release->filename ? ' selected="selected"' : '') . '>' . $filename . '</option>';
}
}
echo '</select></td>';
echo '</tr>';
// Allowed downloads
echo '<tr valign="top">';
echo '<th scope="row"><label for="release-downloads">Allowed downloads</label></th>';
echo '<td><input type="text" name="downloads" id="release-downloads" class="small-text" value="' . ($release->allowed_downloads > 0 ? $release->allowed_downloads : DC_ALLOWED_DOWNLOADS) . '" />';
echo ' <span class="description">Maximum number of times each code can be used</span></td>';
echo '</tr>';
echo '</table>';
// Submit
echo '<p class="submit">';
echo '<input type="submit" name="submit" class="button-primary" value="' . ($get_action == 'edit' ? 'Save Changes' : 'Add Release') . '" />';
echo '</p>';
echo '</form>';
} else {
//*********************************************
// List releases
//*********************************************
// Write page subtitle
echo '<h3>Releases</h3>';
// Get releases
$releases = dc_get_releases();
// Check if the releases are empty
if (sizeof($releases) == 0) {
echo dc_admin_message('No releases have been created yet');
echo '<p>You might want to <a href="admin.php?page=dc-manage-releases&action=add">add a new release</a></p>';
} else {
echo '<table class="widefat">';
echo '<thead>';
echo '<tr><th>Title</th><th>Artist</th><th>ID</th><th>File</th><th>Codes</th><th>Downloaded</th><th>Actions</th></tr>';
echo '</thead>';
echo '<tbody>';
foreach ($releases as $release) {
echo '<tr>';
echo '<td><strong>' . $release->title . '</strong></td><td>' . $release->artist . '</td>';
echo '<td>' . $release->ID . '</td>';
echo '<td>' . $release->filename . '</td>';
echo '<td>' . $release->codes . '</td><td>' . $release->downloads . '</td>';
echo '<td>';
echo '<a href="admin.php?page=dc-manage-releases&release=' . $release->ID . '&action=edit" class="action-edit">Edit</a> | ';
echo '<a href="admin.php?page=dc-manage-codes&release=' . $release->ID . '" class="action-manage">Manage codes</a> | ';
echo '<a href="admin.php?page=dc-manage-codes&release=' . $release->ID . '&action=report" class="action-report" rel="dc_downloads-' . $release->ID . '">View report</a> | ';
echo '<a href="admin.php?page=dc-manage-releases&release=' . $release->ID . '&action=delete" class="action-delete">Delete</a>';
echo '</td>';
echo '</tr>';
}
echo '</tbody>';
echo '<tfoot>';
echo '<tr><th>Title</th><th>Artist</th><th>ID</th><th>File</th><th>Codes</th><th>Downloaded</th><th>Actions</th></tr>';
echo '</tfoot>';
echo '</table>';
foreach ($releases as $release) {
dc_list_downloads($release->ID, NULL, FALSE);
}
}
// Show link to add a new release
echo '<p><a class="button-primary" href="admin.php?page=dc-manage-releases&action=add">Add New Release</a></p>';
}
echo '</div>';
}
/**
* Creates a download form for the shortcode "download-code"
*/
function dc_embed_download_code_form($atts)
{
global $wpdb;
$id = "";
$anchor = "";
$post_code = "";
// Get attributes
extract(shortcode_atts(array('id' => '0', 'anchor' => ''), $atts));
// Set shortcode id, i.e. the release id to which the shortcode relates. If no id is provided, this value is assumed as "all".
$shortcode_id = $id == 0 ? 'all' : $id;
// Check if code has been submitted for the release to which the current shortcode relates
if (isset($_POST['submit_' . $shortcode_id])) {
// Get current IP
$IP = $_SERVER['REMOTE_ADDR'];
// Get submitted code and release id
$submitted_release = $_POST['submitted_release_' . $shortcode_id] != '' ? $_POST['submitted_release_' . $shortcode_id] : 'all';
$post_code = strtoupper(trim($_POST['code_' . $shortcode_id]));
// Get matching code record from database to check if code is valid for given release id or for all releases
$wpdb->show_errors();
$code = $wpdb->get_row($wpdb->prepare("SELECT ID, `release` FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s" . ($submitted_release != 'all' ? ' AND `release` = %d' : ''), $submitted_release != 'all' ? array($post_code, $submitted_release) : array($post_code)));
if ($code->ID) {
// Get release details
$release = $wpdb->get_row("SELECT * FROM " . dc_tbl_releases() . " WHERE ID = " . $code->release);
// Get # of downloads with this code
$downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code=(SELECT ID FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s )", array($post_code)));
// Start download if maximum of allowed downloads is not reached
if ($downloads->downloads < $release->allowed_downloads) {
// Set temporary download lease id
$download_lease_id[$shortcode_id] = md5('wp-dl-hash' . $code->ID);
} else {
$ret = dc_msg('max_downloads_reached');
}
} else {
// Get # of attempts from this IP
$attempts = $wpdb->get_row("SELECT COUNT(*) AS attempts FROM " . dc_tbl_downloads() . " WHERE IP='" . $IP . "' AND code = -1 AND DATE(started_at) > DATE(CURRENT_DATE() - 1)");
if ($attempts->attempts < dc_max_attempts()) {
// Insert attempt
$wpdb->insert(dc_tbl_downloads(), array('code' => -1, 'IP' => $IP), array('%d', '%s'));
$ret = dc_msg('code_invalid');
} else {
$ret = dc_msg('max_attempts_reached');
}
}
}
// Compile HTML result
$html = '<div class="dc-download-code">';
if ($download_lease_id[$shortcode_id] && ($shortcode_id == 'all' || $shortcode_id == $submitted_release)) {
// Show link for download
$html .= '<p>' . dc_msg('code_valid') . '</p>';
$html .= '<p><a href="' . site_url() . '/?lease=' . $download_lease_id[$shortcode_id] . '">' . ($release->artist ? $release->artist . ' - ' : '') . $release->title . '</a> ' . format_bytes(filesize(dc_file_location() . $release->filename)) . '</p>';
} else {
// Show message
if ($ret != '') {
$html .= '<p>' . $ret . '</p>';
}
// Display form
$html .= '<form action="' . ('' == $anchor ? '' : '#' . $anchor) . '" name="dc_form" method="post">';
$html .= '<p><input type="hidden" name="submitted_release_' . $shortcode_id . '" value="' . $shortcode_id . '" />';
$html .= dc_msg('code_enter') . ' <input type="text" name="code_' . $shortcode_id . '" value="' . ($post_code != "" ? $post_code : ($_GET['yourcode'] != "" ? $_GET['yourcode'] : "")) . '" size="20" /> ';
$html .= '<input type="submit" name="submit_' . $shortcode_id . '" value="' . __('Submit') . '" /></p>';
$html .= '</form>';
}
$html .= '</div>';
return $html;
}
