/** * Uninstalls the dc plugin. */ function dc_uninstall() { global $wpdb; // Delete wordpress options delete_option('dc_zip_location'); delete_option('dc_max_attempts'); delete_option('dc_header_content_type'); delete_option('dc_msg_code_enter'); delete_option('dc_msg_code_valid'); delete_option('dc_msg_code_invalid'); delete_option('dc_msg_max_downloads_reached'); delete_option('dc_msg_max_attempts_reached'); delete_option('dc_file_location'); delete_option('dc_file_types'); delete_option('dc_version'); // Delete database tables $wpdb->query("DROP TABLE " . dc_tbl_downloads()); $wpdb->query("DROP TABLE " . dc_tbl_codes()); $wpdb->query("DROP TABLE " . dc_tbl_code_groups()); $wpdb->query("DROP TABLE " . dc_tbl_releases()); }
/** * Delete a release */ function dc_delete_release($release_id) { global $wpdb; $result = 0; // Delete release $result += $wpdb->query($wpdb->prepare("DELETE FROM " . dc_tbl_releases() . " WHERE `ID` = %d", array(intval($release_id)))); // Delete code groups $result += $wpdb->query($wpdb->prepare("DELETE FROM " . dc_tbl_code_groups() . " WHERE `release` = %d", array(intval($release_id)))); // Delete codes $result += $wpdb->query($wpdb->prepare("DELETE FROM " . dc_tbl_codes() . " WHERE `release` = %d", array(intval($release_id)))); return $result; }
<?php /** * Download release file * * @package WordPress * @subpackage Twenty_Twelve_Child */ include_once $_SERVER['DOCUMENT_ROOT'] . '/wp-load.php'; global $wpdb; if (isset($_GET['lease'])) { /* get code & release details */ $release = $wpdb->get_row($wpdb->prepare("SELECT r.*, c.ID as code, c.code_prefix, c.code_suffix FROM " . dc_tbl_releases() . " r INNER JOIN " . dc_tbl_codes() . " c ON c.release = r.ID WHERE MD5(CONCAT('wp-dl-hash',c.ID)) = %s", array($_GET['lease']))); /* get numbwe of downloads for current code */ $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code= %s", array($release->code))); // Start download if maximum of allowed downloads is not reached if ($downloads->downloads < $release->allowed_downloads) { // Get current IP $IP = $_SERVER['REMOTE_ADDR']; // Insert download in downloads table $wpdb->insert(dc_tbl_downloads(), array('code' => $release->code, 'IP' => $IP), array('%d', '%s')); // If Apache's xsendfile is enabled (must be installed and working on server side) if (dc_xsendfile_enabled()) { header('X-Sendfile: ' . dc_file_location() . $release->filename); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=\\"' . urlencode($release->filename) . '\\"'); exit; } // Increase timeout for slow connections set_time_limit(0); // Deactivate output compression (required for IE, otherwise Content-Disposition is ignored)
return false; } print_r($obj); */ $return = array('error_message' => ''); /* get submitted code */ $post_code = strtoupper(trim($_POST['code'])); //$submitted_release = ( $_POST['submitted_release_' . $shortcode_id] != '' ? $_POST['submitted_release_' . $shortcode_id] : 'all' ); //$post_code = strtoupper( trim( $_POST['code_' . $shortcode_id] ) ); /* get matching code record from database to check if code is valid */ $wpdb->show_errors(); $code = $wpdb->get_row($wpdb->prepare("SELECT ID, `release` FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s", array($post_code))); if ($code->ID) { /* get release details */ $release = $wpdb->get_row("SELECT * FROM " . dc_tbl_releases() . " WHERE ID = " . $code->release); /* get number of downloads with this code */ $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code=(SELECT ID FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s )", array($post_code))); /* check if maximum of allowed downloads is reached */ if ($downloads->downloads < $release->allowed_downloads) { /* set temporary download lease ID */ $lease_ID = md5('wp-dl-hash' . $code->ID); /* generate html code for download form */ $sku = $release->title; $product_ID = get_product_id_by_sku($sku); $artists = array(); $data = get_field('product-artists', $product_ID); foreach ($data as $d) { $artists[] = get_the_title($d->ID); } $artist = implode(" & ", $artists);
/** * Sends headers to download file when download code was entered successfully */ function dc_send_download_headers() { global $wpdb; // Only continue if lease is provided as a query parameter if (isset($_GET['lease'])) { // Get details for code and release $release = $wpdb->get_row($wpdb->prepare("SELECT r.*, c.ID as code, c.code_prefix, c.code_suffix FROM " . dc_tbl_releases() . " r INNER JOIN " . dc_tbl_codes() . " c ON c.release = r.ID WHERE MD5(CONCAT('wp-dl-hash',c.ID)) = %s", array($_GET['lease']))); // Get # of downloads with this code $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code= %s", array($release->code))); // Start download if maximum of allowed downloads is not reached if ($downloads->downloads < $release->allowed_downloads) { // Get current IP $IP = $_SERVER['REMOTE_ADDR']; // Insert download in downloads table $wpdb->insert(dc_tbl_downloads(), array('code' => $release->code, 'IP' => $IP), array('%d', '%s')); // If Apache's xsendfile is enabled (must be installed and working on server side) if (dc_xsendfile_enabled()) { header('X-Sendfile: ' . dc_file_location() . $release->filename); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=\\"' . urlencode($release->filename) . '\\"'); exit; } // Increase timeout for slow connections set_time_limit(0); // Deactivate output compression (required for IE, otherwise Content-Disposition is ignored) if (ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } // Content description header('Content-Description: File Transfer'); // Content disposition if (strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") > 0) { header('Content-Disposition: attachment; filename="' . urlencode($release->filename) . '"'); } else { header('Content-Disposition: attachment; filename*=UTF-8\'\'' . urlencode($release->filename)); } // Content type $content_type = dc_header_content_type(); if ($content_type == DC_HEADER_CONTENT_TYPE) { // Send MIME type of current file header('Content-Type: ' . get_mime_content_type(dc_file_location() . $release->filename)); } else { // Override content type with header setting header('Content-Type: ' . $content_type); } // Transfer encoding header('Content-Transfer-Encoding: binary'); // Content length header('Content-Length: ' . filesize(dc_file_location() . $release->filename)); // Cache handling header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Expires: 0'); // Stream file ob_clean(); flush(); $handle = fopen(dc_file_location() . $release->filename, 'rb'); $chunksize = 1 * (1024 * 1024); $buffer = ''; if ($handle === false) { exit; } while (!feof($handle)) { $buffer = fread($handle, $chunksize); echo $buffer; flush(); } // Close file fclose($handle); // Exit exit; } } }
/** * Creates a download form for the shortcode "download-code" */ function dc_embed_download_code_form($atts) { global $wpdb; $id = ""; $anchor = ""; $post_code = ""; // Get attributes extract(shortcode_atts(array('id' => '0', 'anchor' => ''), $atts)); // Set shortcode id, i.e. the release id to which the shortcode relates. If no id is provided, this value is assumed as "all". $shortcode_id = $id == 0 ? 'all' : $id; // Check if code has been submitted for the release to which the current shortcode relates if (isset($_POST['submit_' . $shortcode_id])) { // Get current IP $IP = $_SERVER['REMOTE_ADDR']; // Get submitted code and release id $submitted_release = $_POST['submitted_release_' . $shortcode_id] != '' ? $_POST['submitted_release_' . $shortcode_id] : 'all'; $post_code = strtoupper(trim($_POST['code_' . $shortcode_id])); // Get matching code record from database to check if code is valid for given release id or for all releases $wpdb->show_errors(); $code = $wpdb->get_row($wpdb->prepare("SELECT ID, `release` FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s" . ($submitted_release != 'all' ? ' AND `release` = %d' : ''), $submitted_release != 'all' ? array($post_code, $submitted_release) : array($post_code))); if ($code->ID) { // Get release details $release = $wpdb->get_row("SELECT * FROM " . dc_tbl_releases() . " WHERE ID = " . $code->release); // Get # of downloads with this code $downloads = $wpdb->get_row($wpdb->prepare("SELECT COUNT(*) AS downloads FROM " . dc_tbl_downloads() . " WHERE code=(SELECT ID FROM " . dc_tbl_codes() . " WHERE CONCAT(code_prefix, code_suffix) = %s )", array($post_code))); // Start download if maximum of allowed downloads is not reached if ($downloads->downloads < $release->allowed_downloads) { // Set temporary download lease id $download_lease_id[$shortcode_id] = md5('wp-dl-hash' . $code->ID); } else { $ret = dc_msg('max_downloads_reached'); } } else { // Get # of attempts from this IP $attempts = $wpdb->get_row("SELECT COUNT(*) AS attempts FROM " . dc_tbl_downloads() . " WHERE IP='" . $IP . "' AND code = -1 AND DATE(started_at) > DATE(CURRENT_DATE() - 1)"); if ($attempts->attempts < dc_max_attempts()) { // Insert attempt $wpdb->insert(dc_tbl_downloads(), array('code' => -1, 'IP' => $IP), array('%d', '%s')); $ret = dc_msg('code_invalid'); } else { $ret = dc_msg('max_attempts_reached'); } } } // Compile HTML result $html = '<div class="dc-download-code">'; if ($download_lease_id[$shortcode_id] && ($shortcode_id == 'all' || $shortcode_id == $submitted_release)) { // Show link for download $html .= '<p>' . dc_msg('code_valid') . '</p>'; $html .= '<p><a href="' . site_url() . '/?lease=' . $download_lease_id[$shortcode_id] . '">' . ($release->artist ? $release->artist . ' - ' : '') . $release->title . '</a> ' . format_bytes(filesize(dc_file_location() . $release->filename)) . '</p>'; } else { // Show message if ($ret != '') { $html .= '<p>' . $ret . '</p>'; } // Display form $html .= '<form action="' . ('' == $anchor ? '' : '#' . $anchor) . '" name="dc_form" method="post">'; $html .= '<p><input type="hidden" name="submitted_release_' . $shortcode_id . '" value="' . $shortcode_id . '" />'; $html .= dc_msg('code_enter') . ' <input type="text" name="code_' . $shortcode_id . '" value="' . ($post_code != "" ? $post_code : ($_GET['yourcode'] != "" ? $_GET['yourcode'] : "")) . '" size="20" /> '; $html .= '<input type="submit" name="submit_' . $shortcode_id . '" value="' . __('Submit') . '" /></p>'; $html .= '</form>'; } $html .= '</div>'; return $html; }