| [ Index ] |
PHP Cross Reference of E107 v0.7.22 code documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 + ----------------------------------------------------------------------------+ 5 | e107 website system 6 | 7 | ©Steve Dunstan 2001-2002 8 | http://e107.org 9 | jalist@e107.org 10 | 11 | Released under the terms and conditions of the 12 | GNU General Public License (http://gnu.org). 13 | 14 | $Source: /cvs_backup/e107_0.7/request.php,v $ 15 | $Revision: 11346 $ 16 | $Date: 2010-02-17 13:56:14 -0500 (Wed, 17 Feb 2010) $ 17 | $Author: secretr $ 18 +----------------------------------------------------------------------------+ 19 */ 20 21 // ********************************** SEE HIGHLIGHTED AND NUMBERED QUERIES ***************************** 22 23 require_once ("class2.php"); 24 include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_download.php"); 25 26 if (!e_QUERY || isset($_POST['userlogin'])) 27 { 28 header("location: {$e107->base_path}"); 29 exit(); 30 } 31 32 $id = FALSE; 33 if (!is_numeric(e_QUERY)) 34 { 35 if ($sql->db_Select('download', 'download_id', "download_url='".$tp -> toDB(e_QUERY)."'")) 36 { 37 $row = $sql->db_Fetch(); 38 $type = 'file'; 39 $id = $row['download_id']; 40 } 41 elseif((strpos(e_QUERY, "http://") === 0) || (strpos(e_QUERY, "ftp://") === 0) || (strpos(e_QUERY, "https://") === 0)) 42 { 43 header("location: ".e_QUERY); 44 exit(); 45 } 46 elseif(file_exists($DOWNLOADS_DIRECTORY.e_QUERY)) // 1 - should we allow this? 47 { 48 send_file($DOWNLOADS_DIRECTORY.e_QUERY); 49 exit(); 50 } 51 } 52 53 54 if(strstr(e_QUERY, "mirror")) 55 { // Download from mirror 56 list($action, $download_id, $mirror_id) = explode(".", e_QUERY); 57 $download_id = intval($download_id); 58 $mirror_id = intval($mirror_id); 59 $qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_category WHERE d.download_id = {$download_id}"; 60 if ($sql->db_Select_gen($qry)) 61 { 62 $row = $sql->db_Fetch(); 63 extract($row); 64 if (check_class($download_category_class) && check_class($download_class)) 65 { 66 if($pref['download_limits'] && $download_active == 1) 67 { 68 check_download_limits(); 69 } 70 $mirrorList = explode(chr(1), $download_mirror); 71 $mstr = ""; 72 foreach($mirrorList as $mirror) 73 { 74 if($mirror) 75 { 76 $tmp = explode(",", $mirror); 77 $mid = intval($tmp[0]); 78 $address = $tmp[1]; 79 $requests = $tmp[2]; 80 if($tmp[0] == $mirror_id) 81 { 82 $gaddress = trim($address); 83 $requests ++; 84 } 85 $mstr .= $mid.",".$address.",".$requests.chr(1); 86 } 87 } 88 $sql->db_Update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'"); 89 $sql->db_Update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'"); 90 header("Location: {$gaddress}"); 91 exit(); 92 } 93 header("Location: ".e_BASE."download.php?error.{$download_id}.1"); 94 exit; 95 } 96 } 97 98 $tmp = explode(".", e_QUERY); 99 if (!$tmp[1] || strstr(e_QUERY, "pub_")) 100 { 101 $id = intval($tmp[0]); 102 $type = "file"; 103 } 104 else 105 { 106 $table = preg_replace("#\W#", "", $tp -> toDB($tmp[0], true)); 107 $id = intval($tmp[1]); 108 $type = "image"; 109 } 110 111 112 if (preg_match("#.*\.[a-z,A-Z]{3,4}#", e_QUERY)) 113 { 114 if(strstr(e_QUERY, "pub_")) 115 { 116 $bid = str_replace("pub_", "", e_QUERY); 117 if (file_exists(e_FILE."public/".$bid)) 118 { 119 send_file(e_FILE."public/".$bid); 120 exit(); 121 } 122 } 123 if (file_exists($DOWNLOADS_DIRECTORY.e_QUERY)) 124 { 125 send_file($DOWNLOADS_DIRECTORY.e_QUERY); 126 exit(); 127 } 128 require_once(HEADERF); 129 $ns->tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."\n<br /><br />\n<a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 130 require_once(FOOTERF); 131 exit(); 132 } 133 134 if ($type == "file") 135 { 136 $qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_category WHERE d.download_id = {$id}"; 137 if ($sql->db_Select_gen($qry)) 138 { 139 $row = $sql->db_Fetch(); 140 if (check_class($row['download_category_class']) && check_class($row['download_class'])) 141 { 142 if ($row['download_active'] == 0) 143 { // Inactive download - don't allow 144 require_once(HEADERF); 145 $ns -> tablerender(LAN_dl_61, "<div style='text-align:center'>".str_replace('--LINK--',"<a href='".e_HTTP.'download.php'."'>",LAN_dl_78).'</div>'); 146 require_once(FOOTERF); 147 exit(); 148 } 149 150 if($pref['download_limits'] && $row['download_active'] == 1) 151 { 152 check_download_limits(); 153 } 154 extract($row); 155 if($download_mirror) 156 { 157 $array = explode(chr(1), $download_mirror); 158 $c = (count($array)-1); 159 for ($i=1; $i < $c; $i++) 160 { 161 $d = mt_rand(0, $i); 162 $tmp = $array[$i]; 163 $array[$i] = $array[$d]; 164 $array[$d] = $tmp; 165 } 166 $tmp = explode(",", $array[0]); 167 $mirror_id = $tmp[0]; 168 $mstr = ""; 169 foreach($array as $mirror) 170 { 171 if($mirror) 172 { 173 $tmp = explode(",", $mirror); 174 $mid = $tmp[0]; 175 $address = $tmp[1]; 176 $requests = $tmp[2]; 177 if($tmp[0] == $mirror_id) 178 { 179 $gaddress = trim($address); 180 $requests ++; 181 } 182 $mstr .= $mid.",".$address.",".$requests.chr(1); 183 } 184 } 185 $sql -> db_Update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'"); 186 $sql -> db_Update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'"); 187 188 header("Location: ".$gaddress); 189 exit(); 190 } 191 192 // increment download count 193 $sql->db_Update("download", "download_requested = download_requested + 1 WHERE download_id = '{$id}'"); 194 $user_id = USER ? USERID : 0; 195 $ip = $e107->getip(); 196 $request_data = "'0', '{$user_id}', '{$ip}', '{$id}', '".time()."'"; 197 //add request info to db 198 $sql->db_Insert("download_requests", $request_data, FALSE); 199 if (preg_match("/Binary\s(.*?)\/.*/", $download_url, $result)) 200 { 201 $bid = $result[1]; 202 $result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'"); 203 $binary_data = @mysql_result($result, 0, "binary_data"); 204 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 205 $binary_name = @mysql_result($result, 0, "binary_name"); 206 header("Content-type: {$binary_filetype}"); 207 header("Content-length: {$download_filesize}"); 208 header("Content-Disposition: attachment; filename={$binary_name}"); 209 header("Content-Description: PHP Generated Data"); 210 echo $binary_data; 211 exit(); 212 } 213 if (strstr($download_url, "http://") || strstr($download_url, "ftp://") || strstr($download_url, "https://")) { 214 header("Location: {$download_url}"); 215 exit(); 216 } 217 else 218 { 219 if (file_exists($DOWNLOADS_DIRECTORY.$download_url)) 220 { 221 send_file($DOWNLOADS_DIRECTORY.$download_url); 222 exit(); 223 } 224 elseif(file_exists(e_FILE."public/{$download_url}")) 225 { 226 send_file(e_FILE."public/{$download_url}"); 227 exit(); 228 } 229 } 230 } 231 else 232 { // Download Access Denied. 233 if((!strpos($pref['download_denied'],".php") && 234 !strpos($pref['download_denied'],".htm") && 235 !strpos($pref['download_denied'],".html") && 236 !strpos($pref['download_denied'],".shtml") || 237 (strpos($pref['download_denied'],"signup.php") && USER == TRUE) 238 )) 239 { 240 header("Location: ".e_BASE."download.php?error.{$id}.1"); 241 exit(); 242 } 243 else 244 { 245 header("Location: ".trim($pref['download_denied'])); 246 exit(); 247 } 248 } 249 } 250 else if(strstr(e_QUERY, "pub_")) 251 { 252 /* check to see if public upload and not in download table ... */ 253 $bid = str_replace("pub_", "", e_QUERY); 254 if($result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '$bid' ")) 255 { 256 $binary_data = @mysql_result($result, 0, "binary_data"); 257 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 258 $binary_name = @mysql_result($result, 0, "binary_name"); 259 header("Content-type: {$binary_filetype}"); 260 header("Content-length: {$download_filesize}"); 261 header("Content-Disposition: attachment; filename={$binary_name}"); 262 header("Content-Description: PHP Generated Data"); 263 echo $binary_data; 264 exit(); 265 } 266 } 267 268 require_once(HEADERF); 269 $ns -> tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."<br /><br /><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 270 require_once(FOOTERF); 271 exit(); 272 } 273 274 $sql->db_Select($table, "*", "{$table}_id = '{$id}'"); 275 $row = $sql->db_Fetch(); 276 extract($row); 277 $image = ($table == "upload" ? $upload_ss : $download_image); 278 if (preg_match("/Binary\s(.*?)\/.*/", $image, $result)) 279 { 280 $bid = $result[1]; 281 $result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'"); 282 $binary_data = @mysql_result($result, 0, "binary_data"); 283 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 284 $binary_name = @mysql_result($result, 0, "binary_name"); 285 header("Content-type: {$binary_filetype}"); 286 header("Content-Disposition: inline; filename={$binary_name}"); 287 echo $binary_data; 288 exit(); 289 } 290 291 292 $image = ($table == "upload" ? $upload_ss : $download_image); 293 294 if (strpos($image, "http") !== FALSE) 295 { 296 header("Location: {$image}"); 297 exit(); 298 } 299 else 300 { 301 if ($table == "download") 302 { 303 require_once(HEADERF); 304 if (file_exists(e_FILE."download/{$image}")) 305 { 306 $disp = "<div style='text-align:center'><img src='".e_FILE."download/{$image}' alt='' /></div>"; 307 } 308 else if(file_exists(e_FILE."downloadimages/{$image}")) 309 { 310 $disp = "<div style='text-align:center'><img src='".e_FILE."downloadimages/{$image}' alt='' /></div>"; 311 } 312 else 313 { 314 $disp = "<div style='text-align:center'><img src='".e_FILE."public/{$image}' alt='' /></div>"; 315 } 316 $disp .= "<br /><div style='text-align:center'><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"; 317 $ns->tablerender($image, $disp); 318 319 require_once(FOOTERF); 320 } else 321 { 322 if (is_file(e_FILE."public/{$image}")) 323 { 324 echo "<img src='".e_FILE."public/{$image}' alt='' />"; 325 } 326 elseif(is_file(e_FILE."downloadimages/{$image}")) 327 { 328 echo "<img src='".e_FILE."downloadimages/{$image}' alt='' />"; 329 } 330 else 331 { 332 require_once(HEADERF); 333 $ns -> tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."<br /><br /><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 334 require_once(FOOTERF); 335 exit; 336 } 337 exit(); 338 } 339 } 340 341 342 343 // File retrieval function. by Cam. 344 function send_file($file) 345 { 346 global $pref, $DOWNLOADS_DIRECTORY,$FILES_DIRECTORY, $e107; 347 if (!$pref['download_php']) 348 { 349 header("Location: ".SITEURL.$file); 350 exit(); 351 } 352 @set_time_limit(10 * 60); 353 @e107_ini_set("max_execution_time", 10 * 60); 354 while (@ob_end_clean()); // kill all output buffering else it eats server resources 355 $filename = $file; 356 $file = basename($file); 357 $path = realpath($filename); 358 $path_downloads = realpath($DOWNLOADS_DIRECTORY); 359 $path_public = realpath($FILES_DIRECTORY."public/"); 360 if(!strstr($path, $path_downloads) && !strstr($path,$path_public)) 361 { 362 if(E107_DEBUG_LEVEL > 0 && ADMIN) 363 { 364 echo "Failed to Download <b>".$file."</b><br />"; 365 echo "The file-path <b>".$path."<b> didn't match with either <b>{$path_downloads}</b> or <b>{$path_public}</b><br />"; 366 exit(); 367 } 368 else 369 { 370 header("location: {$e107->base_path}"); 371 exit(); 372 } 373 } 374 else 375 { 376 if (is_file($filename) && is_readable($filename) && connection_status() == 0) 377 { 378 $seek = 0; 379 if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) 380 { 381 $file = preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1); 382 } 383 if (isset($_SERVER['HTTP_RANGE'])) 384 { 385 $seek = intval(substr($_SERVER['HTTP_RANGE'] , strlen('bytes='))); 386 } 387 $bufsize = 2048; 388 ignore_user_abort(true); 389 $data_len = filesize($filename); 390 if ($seek > ($data_len - 1)) { $seek = 0; } 391 if ($filename == null) { $filename = basename($this->data); } 392 $res =& fopen($filename, 'rb'); 393 if ($seek) 394 { 395 fseek($res , $seek); 396 } 397 $data_len -= $seek; 398 header("Expires: 0"); 399 header("Cache-Control: max-age=30" ); 400 header("Content-Type: application/force-download"); 401 header("Content-Disposition: attachment; filename=\"{$file}\""); 402 header("Content-Length: {$data_len}"); 403 header("Pragma: public"); 404 if ($seek) 405 { 406 header("Accept-Ranges: bytes"); 407 header("HTTP/1.0 206 Partial Content"); 408 header("status: 206 Partial Content"); 409 header("Content-Range: bytes {$seek}-".($data_len - 1)."/{$data_len}"); 410 } 411 while (!connection_aborted() && $data_len > 0) 412 { 413 echo fread($res , $bufsize); 414 $data_len -= $bufsize; 415 } 416 fclose($res); 417 } 418 else 419 { 420 if(E107_DEBUG_LEVEL > 0 && ADMIN) 421 { 422 echo "file failed =".$file."<br />"; 423 echo "path =".$path."<br />"; 424 exit(); 425 } 426 else 427 { 428 header("location: ".e_BASE."index.php"); 429 exit(); 430 } 431 } 432 } 433 } 434 435 436 function check_download_limits() 437 { 438 global $pref, $sql, $ns, $HEADER, $e107, $tp; 439 // Check download count limits 440 $qry = "SELECT gen_intdata, gen_chardata, (gen_intdata/gen_chardata) as count_perday FROM #generic WHERE gen_type = 'download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_chardata >= 0 AND gen_intdata >= 0) ORDER BY count_perday DESC"; 441 if($sql->db_Select_gen($qry)) 442 { 443 $limits = $sql->db_Fetch(); 444 $cutoff = time() - (86400 * $limits['gen_chardata']); 445 if(USER) 446 { 447 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID; 448 } else { 449 $ip = $e107->getip(); 450 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'"; 451 } 452 $qry = "SELECT COUNT(d.download_id) as count FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid"; 453 if($sql->db_Select_gen($qry)) 454 { 455 $row=$sql->db_Fetch(); 456 if($row['count'] >= $limits['gen_intdata']) 457 { 458 // Exceeded download count limit 459 header("Location: ".e_BASE."download.php?error.{$cutoff}.2"); 460 /* require_once(HEADERF); 461 $ns->tablerender(LAN_dl_61, LAN_dl_62); 462 require(FOOTERF); */ 463 exit(); 464 } 465 } 466 } 467 // Check download bandwidth limits 468 $qry = "SELECT gen_user_id, gen_ip, (gen_user_id/gen_ip) as bw_perday FROM #generic WHERE gen_type='download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_user_id >= 0 AND gen_ip >= 0) ORDER BY bw_perday DESC"; 469 if($sql->db_Select_gen($qry)) { 470 $limit = $sql->db_Fetch(); 471 $cutoff = time() - (86400*$limit['gen_ip']); 472 if(USER) { 473 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID; 474 } else { 475 $ip = $e107->getip(); 476 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'"; 477 } 478 $qry = "SELECT SUM(d.download_filesize) as total_bw FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid"; 479 if($sql->db_Select_gen($qry)) { 480 $row=$sql->db_Fetch(); 481 if($row['total_bw'] / 1024 > $limit['gen_user_id']) 482 { //Exceed bandwith limit 483 header("Location: ".e_BASE."download.php?error.{$cutoff}.2"); 484 /* require(HEADERF); 485 $ns->tablerender(LAN_dl_61, LAN_dl_62); 486 require(FOOTERF); */ 487 exit(); 488 } 489 } 490 } 491 } 492 493 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Aug 3 00:19:13 2010 |