| [ Index ] |
|
Code source de e107 0.7.8 |
1 <?php 2 3 /* 4 + ----------------------------------------------------------------------------+ 5 | e107 website system 6 | 7 | ©Steve Dunstan 2001-2002 8 | http://e107.org 9 | jalist@e107.org 10 | 11 | Released under the terms and conditions of the 12 | GNU General Public License (http://gnu.org). 13 | 14 | $Source: /cvsroot/e107/e107_0.7/request.php,v $ 15 | $Revision: 1.40 $ 16 | $Date: 2006/11/09 09:28:58 $ 17 | $Author: lisa_ $ 18 +----------------------------------------------------------------------------+ 19 */ 20 21 require_once ("class2.php"); 22 include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_download.php"); 23 24 if (!e_QUERY || isset($_POST['userlogin'])) { 25 header("location: {$e107->base_path}"); 26 exit(); 27 } 28 29 $id = FALSE; 30 if (!is_numeric(e_QUERY)) { 31 if ($sql->db_Select("download", "download_id", "download_url='".$tp -> toDB(e_QUERY)."'")) { 32 $row = $sql->db_Fetch(); 33 $type = "file"; 34 $id = $row['download_id']; 35 } else if(strstr(e_QUERY, "http://") || strstr(e_QUERY, "ftp://" || strstr(e_QUERY, "https://"))) { 36 header("location: ".e_QUERY); 37 exit(); 38 } else if(file_exists($DOWNLOADS_DIRECTORY.e_QUERY)) { 39 send_file($DOWNLOADS_DIRECTORY.e_QUERY); 40 exit(); 41 } 42 } 43 44 if(strstr(e_QUERY, "mirror")) { 45 list($action, $download_id, $mirror_id) = explode(".", e_QUERY); 46 $download_id = intval($download_id); 47 $mirror_id = intval($mirror_id); 48 $qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_id WHERE d.download_id = {$download_id}"; 49 if ($sql->db_Select_gen($qry)) { 50 $row = $sql->db_Fetch(); 51 extract($row); 52 if (check_class($download_category_class) && check_class($download_class)) { 53 if($pref['download_limits'] && $download_active == 1) { 54 check_download_limits(); 55 } 56 $mirrorList = explode(chr(1), $download_mirror); 57 $mstr = ""; 58 foreach($mirrorList as $mirror) { 59 if($mirror) { 60 $tmp = explode(",", $mirror); 61 $mid = intval($tmp[0]); 62 $address = $tmp[1]; 63 $requests = $tmp[2]; 64 if($tmp[0] == $mirror_id) { 65 $gaddress = $address; 66 $requests ++; 67 } 68 $mstr .= $mid.",".$address.",".$requests.chr(1); 69 } 70 } 71 $sql->db_Update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'"); 72 $sql->db_Update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'"); 73 header("Location: {$gaddress}"); 74 exit(); 75 } 76 } 77 } 78 79 $tmp = explode(".", e_QUERY); 80 if (!$tmp[1] || strstr(e_QUERY, "pub_")) { 81 $id = intval($tmp[0]); 82 $type = "file"; 83 } else { 84 $table = preg_replace("#\W#", "", $tp -> toDB($tmp[0], true)); 85 $id = intval($tmp[1]); 86 $type = "image"; 87 } 88 89 if (preg_match("#.*\.[a-z,A-Z]{3,4}#", e_QUERY)) { 90 if(strstr(e_QUERY, "pub_")) 91 { 92 $bid = str_replace("pub_", "", e_QUERY); 93 if (file_exists(e_FILE."public/".$bid)) 94 { 95 send_file(e_FILE."public/".$bid); 96 exit(); 97 } 98 } 99 if (file_exists($DOWNLOADS_DIRECTORY.e_QUERY)) { 100 send_file($DOWNLOADS_DIRECTORY.e_QUERY); 101 exit(); 102 } 103 require_once(HEADERF); 104 $ns->tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."\n<br /><br />\n<a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 105 require_once(FOOTERF); 106 exit(); 107 } 108 109 if ($type == "file") 110 { 111 $qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_category WHERE d.download_id = {$id}"; 112 if ($sql->db_Select_gen($qry)) { 113 $row = $sql->db_Fetch(); 114 if (check_class($row['download_category_class']) && check_class($row['download_class'])) { 115 if($pref['download_limits'] && $row['download_active'] == 1) { 116 check_download_limits(); 117 } 118 extract($row); 119 if($download_mirror) { 120 $array = explode(chr(1), $download_mirror); 121 $c = (count($array)-1); 122 for ($i=1; $i < $c; $i++) { 123 $d = mt_rand(0, $i); 124 $tmp = $array[$i]; 125 $array[$i] = $array[$d]; 126 $array[$d] = $tmp; 127 } 128 $tmp = explode(",", $array[0]); 129 $mirror_id = $tmp[0]; 130 $mstr = ""; 131 foreach($array as $mirror) { 132 if($mirror) { 133 $tmp = explode(",", $mirror); 134 $mid = $tmp[0]; 135 $address = $tmp[1]; 136 $requests = $tmp[2]; 137 if($tmp[0] == $mirror_id) { 138 $gaddress = $address; 139 $requests ++; 140 } 141 $mstr .= "{$mid}, {$address}, {$requests}".chr(1); 142 } 143 } 144 $sql -> db_Update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'"); 145 $sql -> db_Update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'"); 146 147 header("Location: ".$gaddress); 148 exit(); 149 } 150 151 // increment download count 152 $sql->db_Update("download", "download_requested = download_requested + 1 WHERE download_id = '{$id}'"); 153 $user_id = USER ? USERID : 0; 154 $ip = $e107->getip(); 155 $request_data = "'0', '{$user_id}', '{$ip}', '{$id}', '".time()."'"; 156 //add request info to db 157 $sql->db_Insert("download_requests", $request_data, FALSE); 158 if (preg_match("/Binary\s(.*?)\/.*/", $download_url, $result)) { 159 $bid = $result[1]; 160 $result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'"); 161 $binary_data = @mysql_result($result, 0, "binary_data"); 162 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 163 $binary_name = @mysql_result($result, 0, "binary_name"); 164 header("Content-type: {$binary_filetype}"); 165 header("Content-length: {$download_filesize}"); 166 header("Content-Disposition: attachment; filename={$binary_name}"); 167 header("Content-Description: PHP Generated Data"); 168 echo $binary_data; 169 exit(); 170 } 171 if (strstr($download_url, "http://") || strstr($download_url, "ftp://") || strstr($download_url, "https://")) { 172 header("Location: {$download_url}"); 173 exit(); 174 } else { 175 if (file_exists($DOWNLOADS_DIRECTORY.$download_url)) { 176 send_file($DOWNLOADS_DIRECTORY.$download_url); 177 exit(); 178 } else if(file_exists(e_FILE."public/{$download_url}")) { 179 send_file(e_FILE."public/{$download_url}"); 180 exit(); 181 } 182 } 183 } else { 184 // Download Access Denied. 185 if((!strpos($pref['download_denied'],".php") && 186 !strpos($pref['download_denied'],".htm") && 187 !strpos($pref['download_denied'],".html") && 188 !strpos($pref['download_denied'],".shtml") || 189 (strpos($pref['download_denied'],"signup.php") && USER == TRUE) 190 )){ 191 require_once(HEADERF); 192 $denied_message = ($pref['download_denied'] && !strpos($pref['download_denied'],"signup.php")) ? $tp->toHTML($pref['download_denied'],"","defs") : LAN_dl_63; 193 $ns -> tablerender(LAN_dl_61, $denied_message); 194 require_once(FOOTERF); 195 exit(); 196 }else{ 197 header("Location: ".trim($pref['download_denied'])); 198 } 199 } 200 } 201 else if(strstr(e_QUERY, "pub_")) 202 { 203 /* check to see if public upload and not in download table ... */ 204 $bid = str_replace("pub_", "", e_QUERY); 205 if($result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '$bid' ")) 206 { 207 $binary_data = @mysql_result($result, 0, "binary_data"); 208 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 209 $binary_name = @mysql_result($result, 0, "binary_name"); 210 header("Content-type: {$binary_filetype}"); 211 header("Content-length: {$download_filesize}"); 212 header("Content-Disposition: attachment; filename={$binary_name}"); 213 header("Content-Description: PHP Generated Data"); 214 echo $binary_data; 215 exit(); 216 } 217 } 218 219 require_once(HEADERF); 220 $ns -> tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."<br /><br /><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 221 require_once(FOOTERF); 222 exit(); 223 } 224 225 $sql->db_Select($table, "*", "{$table}_id = '{$id}'"); 226 $row = $sql->db_Fetch(); 227 extract($row); 228 $image = ($table == "upload" ? $upload_ss : $download_image); 229 if (preg_match("/Binary\s(.*?)\/.*/", $image, $result)) { 230 $bid = $result[1]; 231 $result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'"); 232 $binary_data = @mysql_result($result, 0, "binary_data"); 233 $binary_filetype = @mysql_result($result, 0, "binary_filetype"); 234 $binary_name = @mysql_result($result, 0, "binary_name"); 235 header("Content-type: {$binary_filetype}"); 236 header("Content-Disposition: inline; filename={$binary_name}"); 237 echo $binary_data; 238 exit(); 239 } 240 241 $image = ($table == "upload" ? $upload_ss : $download_image); 242 243 if (strpos($image, "http") !== FALSE) { 244 header("Location: {$image}"); 245 exit(); 246 } else { 247 if ($table == "download") { 248 require_once(HEADERF); 249 if (file_exists(e_FILE."download/{$image}")) { 250 $disp = "<div style='text-align:center'><img src='".e_FILE."download/{$image}' alt='' /></div>"; 251 } 252 else if(file_exists(e_FILE."downloadimages/{$image}")) { 253 $disp = "<div style='text-align:center'><img src='".e_FILE."downloadimages/{$image}' alt='' /></div>"; 254 } else { 255 $disp = "<div style='text-align:center'><img src='".e_FILE."public/{$image}' alt='' /></div>"; 256 } 257 $disp .= "<br /><div style='text-align:center'><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"; 258 $ns->tablerender($image, $disp); 259 260 require_once(FOOTERF); 261 } else { 262 if (is_file(e_FILE."public/{$image}")) { 263 echo "<img src='".e_FILE."public/{$image}' alt='' />"; 264 } elseif(is_file(e_FILE."downloadimages/{$image}")) { 265 echo "<img src='".e_FILE."downloadimages/{$image}' alt='' />"; 266 } else { 267 require_once(HEADERF); 268 $ns -> tablerender(LAN_dl_61, "<div style='text-align:center'>".LAN_dl_65."<br /><br /><a href='javascript:history.back(1)'>".LAN_dl_64."</a></div>"); 269 require_once(FOOTERF); 270 exit; 271 } 272 exit(); 273 } 274 } 275 276 // File retrieval function. by Cam. 277 function send_file($file) { 278 global $pref, $DOWNLOADS_DIRECTORY,$FILES_DIRECTORY, $e107; 279 if (!$pref['download_php']) 280 { 281 header("Location: ".SITEURL.$file); 282 exit(); 283 } 284 @set_time_limit(10 * 60); 285 @e107_ini_set("max_execution_time", 10 * 60); 286 while (@ob_end_clean()); // kill all output buffering else it eats server resources 287 $filename = $file; 288 $file = basename($file); 289 $path = realpath($filename); 290 $path_downloads = realpath($DOWNLOADS_DIRECTORY); 291 $path_public = realpath($FILES_DIRECTORY."public/"); 292 if(!strstr($path, $path_downloads) && !strstr($path,$path_public)) { 293 if(E107_DEBUG_LEVEL > 0 && ADMIN){ 294 echo "Failed to Download <b>".$file."</b><br />"; 295 echo "The file-path <b>".$path."<b> didn't match with either <b>$path_downloads</b> or <b>$path_public</b><br />"; 296 exit(); 297 }else{ 298 header("location: {$e107->base_path}"); 299 exit(); 300 } 301 } else { 302 if (is_file($filename) && is_readable($filename) && connection_status() == 0) { 303 if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) 304 { 305 $file = preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1); 306 } 307 if (isset($_SERVER['HTTP_RANGE'])) 308 { 309 $seek = intval(substr($_SERVER['HTTP_RANGE'] , strlen('bytes='))); 310 } 311 $bufsize = 2048; 312 ignore_user_abort(true); 313 $data_len = filesize($filename); 314 if ($seek > ($data_len - 1)) { $seek = 0; } 315 if ($filename == null) { $filename = basename($this->data); } 316 $res =& fopen($filename, 'rb'); 317 if ($seek) 318 { 319 fseek($res , $seek); 320 } 321 $data_len -= $seek; 322 header("Expires: 0"); 323 header("Cache-Control: max-age=30" ); 324 header("Content-Type: application/force-download"); 325 header("Content-Disposition: attachment; filename=\"{$file}\""); 326 header("Content-Length: {$data_len}"); 327 header("Pragma: public"); 328 if ($seek) 329 { 330 header("Accept-Ranges: bytes"); 331 header("HTTP/1.0 206 Partial Content"); 332 header("status: 206 Partial Content"); 333 header("Content-Range: bytes {$seek}-".($data_len - 1)."/{$data_len}"); 334 } 335 while (!connection_aborted() && $data_len > 0) 336 { 337 echo fread($res , $bufsize); 338 $data_len -= $bufsize; 339 } 340 fclose($res); 341 } else { 342 343 if(E107_DEBUG_LEVEL > 0 && ADMIN){ 344 echo "file failed =".$file."<br />"; 345 echo "path =".$path."<br />"; 346 exit(); 347 }else{ 348 header("location: ".e_BASE."index.php"); 349 exit(); 350 } 351 } 352 } 353 } 354 function check_download_limits() { 355 global $pref, $sql, $ns, $HEADER, $e107, $tp; 356 // Check download count limits 357 $qry = "SELECT gen_intdata, gen_chardata, (gen_intdata/gen_chardata) as count_perday FROM #generic WHERE gen_type = 'download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_chardata >= 0 AND gen_intdata >= 0) ORDER BY count_perday DESC"; 358 if($sql->db_Select_gen($qry)) { 359 $limits = $sql->db_Fetch(); 360 $cutoff = time() - (86400 * $limits['gen_chardata']); 361 if(USER) { 362 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID; 363 } else { 364 $ip = $e107->getip(); 365 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'"; 366 } 367 $qry = "SELECT COUNT(d.download_id) as count FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid"; 368 if($sql->db_Select_gen($qry)) { 369 $row=$sql->db_Fetch(); 370 if($row['count'] >= $limits['gen_intdata']) { 371 // Exceeded download count limit 372 373 require_once(HEADERF); 374 $ns->tablerender(LAN_dl_61, LAN_dl_62); 375 require(FOOTERF); 376 exit(); 377 } 378 } 379 } 380 // Check download bandwidth limits 381 $qry = "SELECT gen_user_id, gen_ip, (gen_user_id/gen_ip) as bw_perday FROM #generic WHERE gen_type='download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_user_id >= 0 AND gen_ip >= 0) ORDER BY bw_perday DESC"; 382 if($sql->db_Select_gen($qry)) { 383 $limit = $sql->db_Fetch(); 384 $cutoff = time() - (86400*$limit['gen_ip']); 385 if(USER) { 386 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID; 387 } else { 388 $ip = $e107->getip(); 389 $where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'"; 390 } 391 $qry = "SELECT SUM(d.download_filesize) as total_bw FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid"; 392 if($sql->db_Select_gen($qry)) { 393 $row=$sql->db_Fetch(); 394 if($row['total_bw'] / 1024 > $limit['gen_user_id']) { 395 //Exceed bandwith limit 396 require(HEADERF); 397 $ns->tablerender(LAN_dl_61, LAN_dl_62); 398 require(FOOTERF); 399 exit(); 400 } 401 } 402 } 403 } 404 405 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 01:23:32 2007 | par Balluche grâce à PHPXref 0.7 |