1<?php
2if (!defined('e107_INIT'))
3{
4	require_once("../../class2.php");
5}
6
7
8e107::lan('download','download');
9
10
11$log = e107::getAdminLog();
12$id = FALSE;
13
14
15
16if (!is_numeric(e_QUERY) && empty($_GET['id']))
17{
18	if ($sql->select('download', 'download_id', "download_url='".$tp->toDB(e_QUERY)."'"))
19	{
20		$row = $sql->fetch();
21		$type = 'file';
22		$id = $row['download_id'];
23	}
24	elseif((strpos(e_QUERY, "http://") === 0) || (strpos(e_QUERY, "ftp://") === 0) || (strpos(e_QUERY, "https://") === 0))
25	{
26		header("location: ".e_QUERY);
27		exit();
28	}
29	elseif(file_exists(e_DOWNLOAD.e_QUERY)) 		// 1 - should we allow this?
30	{
31		e107::getFile()->send(e_DOWNLOAD.e_QUERY);
32		exit();
33	}
34}
35
36
37
38
39if(strstr(e_QUERY, "mirror"))
40{	// Download from mirror
41	list($action, $download_id, $mirror_id) = explode(".", e_QUERY);
42	$download_id = intval($download_id);
43	$mirror_id = intval($mirror_id);
44	$qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_category WHERE d.download_id = {$download_id}";
45	if ($sql->gen($qry))
46	{
47		$row = $sql->fetch();
48		extract($row);
49		if (check_class($download_category_class) && check_class($download_class))
50		{
51			if($pref['download_limits'] && $download_active == 1)
52			{
53				check_download_limits();
54			}
55			$mirrorList = explode(chr(1), $download_mirror);
56			$mstr = "";
57			foreach($mirrorList as $mirror)
58			{
59				if($mirror)
60				{
61					$tmp = explode(",", $mirror);
62					$mid = intval($tmp[0]);
63					$address = $tmp[1];
64					$requests = $tmp[2];
65					if($tmp[0] == $mirror_id)
66					{
67						$gaddress = trim($address);
68						$requests ++;
69					}
70					$mstr .= $mid.",".$address.",".$requests.chr(1);
71				}
72			}
73			$sql->update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'");
74			$sql->update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'");
75			header("Location: ".decorate_download_location($gaddress));
76			exit();
77		}
78
79		$goUrl = e107::url('download', 'index', null, array('query'=>array('action'=>'error','id'=>1))); // ."?action=error&id=1";
80		e107::redirect($goUrl);
81		//header("Location: ".e_BASE."download.php?error.{$download_id}.1");
82		exit;
83	}
84}
85
86$tmp = explode(".", e_QUERY);
87if (!$tmp[1] || strstr(e_QUERY, "pub_"))
88{
89	$id = intval($tmp[0]);
90	$type = "file";
91}
92else
93{
94	$table = preg_replace("#\W#", "", $tp->toDB($tmp[0], true));
95	$id = intval($tmp[1]);
96	$type = "image";
97}
98
99if(vartrue($_GET['id'])) // SEF URL
100{
101	$id = intval($_GET['id']);
102	$type = 'file';
103}
104
105
106
107if (preg_match("#.*\.[a-z,A-Z]{3,4}#", e_QUERY))
108{
109	if(strstr(e_QUERY, "pub_"))
110	{
111		$bid = str_replace("pub_", "", e_QUERY);
112		if (file_exists(e_UPLOAD.$bid))
113		{
114			e107::getFile()->send(e_UPLOAD.$bid);
115			exit();
116		}
117		$log->addError("Line".__LINE__.": Couldn't find ".e_UPLOAD.$bid."");
118	}
119	if (file_exists(e_DOWNLOAD.e_QUERY))
120	{
121		e107::getFile()->send(e_DOWNLOAD.e_QUERY);
122		exit();
123	}
124	$log->addError("Line".__LINE__.": Couldn't find ".e_DOWNLOAD.e_QUERY);
125	$log->toFile('download_requests','Download Requests', true); // Create a log file and add the log messages
126	require_once(HEADERF);
127	$ns->tablerender(LAN_ERROR, "<div style='text-align:center'>".LAN_FILE_NOT_FOUND."\n<br /><br />\n<a href='javascript:history.back(1)'>".LAN_BACK."</a></div>");
128	require_once(FOOTERF);
129	exit();
130}
131
132if ($type == "file")
133{
134	$qry = "SELECT d.*, dc.download_category_class FROM #download as d LEFT JOIN #download_category AS dc ON dc.download_category_id = d.download_category WHERE d.download_id = {$id}";
135	if ($sql->gen($qry))
136	{
137		$row = $sql->fetch();
138
139		$row['download_url'] = $tp->replaceConstants($row['download_url']); // must be relative file-path.
140
141		if (check_class($row['download_category_class']) && check_class($row['download_class']))
142		{
143			if ($row['download_active'] == 0) // Inactive download - don't allow
144			{
145				require_once(HEADERF);
146				$search = array("[","]");
147				$replace = array("<a href='".e_HTTP."download.php'>", "</a>");
148
149				$ns->tablerender(LAN_ERROR, "<div class='alert alert-warning' style='text-align:center'>".str_replace($search, $replace, LAN_dl_78).'</div>');
150				require_once(FOOTERF);
151				exit();
152			}
153
154			if($pref['download_limits'] && $row['download_active'] == 1)
155			{
156				check_download_limits();
157			}
158			extract($row);
159			if($download_mirror)
160			{
161				$array = explode(chr(1), $download_mirror);
162				$c = (count($array)-1);
163				for ($i=1; $i < $c; $i++)
164				{
165					$d = mt_rand(0, $i);
166					$tmp = $array[$i];
167					$array[$i] = $array[$d];
168					$array[$d] = $tmp;
169				}
170				$tmp = explode(",", $array[0]);
171				$mirror_id = $tmp[0];
172				$mstr = "";
173				foreach($array as $mirror)
174				{
175					if($mirror)
176					{
177						$tmp = explode(",", $mirror);
178						$mid = $tmp[0];
179						$address = $tmp[1];
180						$requests = $tmp[2];
181						if($tmp[0] == $mirror_id)
182						{
183							$gaddress = trim($address);
184							$requests ++;
185						}
186					  $mstr .= $mid.",".$address.",".$requests.chr(1);
187					}
188				}
189				$sql->update("download", "download_requested = download_requested + 1, download_mirror = '{$mstr}' WHERE download_id = '".intval($download_id)."'");
190				$sql->update("download_mirror", "mirror_count = mirror_count + 1 WHERE mirror_id = '".intval($mirror_id)."'");
191
192				header("Location: ".decorate_download_location($gaddress));
193				exit();
194			}
195
196			// increment download count
197			$sql->update("download", "download_requested = download_requested + 1 WHERE download_id = '{$id}'");
198			$user_id = USER ? USERID : 0;
199			$ip = e107::getIPHandler()->getIP(FALSE);
200			$request_data = "'0', '{$user_id}', '{$ip}', '{$id}', '".time()."'";
201			//add request info to db
202			$sql->db_Insert("download_requests", $request_data, FALSE);
203			if (preg_match("/Binary\s(.*?)\/.*/", $download_url, $result))
204			{
205				$bid = $result[1];
206				$result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'");
207				$binary_data = @mysql_result($result, 0, "binary_data");
208				$binary_filetype = @mysql_result($result, 0, "binary_filetype");
209				$binary_name = @mysql_result($result, 0, "binary_name");
210				header("Content-type: {$binary_filetype}");
211				header("Content-length: {$download_filesize}");
212				header("Content-Disposition: attachment; filename={$binary_name}");
213				header("Content-Description: PHP Generated Data");
214				echo $binary_data;
215				exit();
216			}
217			if (strstr($download_url, "http://") || strstr($download_url, "ftp://") || strstr($download_url, "https://"))
218			{
219				$download_url = e107::getParser()->parseTemplate($download_url,true); // support for shortcode-driven dynamic URLS.
220				e107::redirect(decorate_download_location($download_url));
221				// header("Location: {$download_url}");
222				exit();
223			}
224			else
225			{
226				if (file_exists(e_DOWNLOAD.$download_url))
227				{
228					e107::getFile()->send(e_DOWNLOAD.$download_url);
229					exit();
230				}
231				elseif(file_exists($download_url))
232				{
233					e107::getFile()->send($download_url);
234					exit();
235				}
236				elseif(file_exists(e_UPLOAD.$download_url))
237				{
238					e107::getFile()->send(e_UPLOAD.$download_url);
239					exit();
240				}
241				$log->addError("Couldn't find ".e_DOWNLOAD.$download_url." or ".$download_url." or ".e_UPLOAD.$download_ur);
242				$log->toFile('download_requests','Download Requests', true); // Create a log file and add the log messages
243			}
244		}
245		else
246		{	// Download Access Denied.
247			if((!strpos($pref['download_denied'],".php") &&
248				!strpos($pref['download_denied'],".htm") &&
249				!strpos($pref['download_denied'],".html") &&
250				!strpos($pref['download_denied'],".shtml") ||
251				(strpos($pref['download_denied'],"signup.php") && USER == TRUE)
252				))
253			{
254			//	$goUrl = e107::getUrl()->create('download/index')."?action=error&id=1";
255				$goUrl = e107::url('download', 'index', null, array('query'=>array('action'=>'error','id'=>1)));
256				e107::redirect($goUrl);
257				exit();
258			}
259			else
260			{
261				e107::redirect(trim($pref['download_denied']));
262				exit();
263			}
264		}
265	}
266	else if(strstr(e_QUERY, "pub_"))
267	{
268		/* check to see if public upload and not in download table ... */
269		$bid = str_replace("pub_", "", e_QUERY);
270		if($result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '$bid' "))
271		{
272			$binary_data = @mysql_result($result, 0, "binary_data");
273			$binary_filetype = @mysql_result($result, 0, "binary_filetype");
274			$binary_name = @mysql_result($result, 0, "binary_name");
275			header("Content-type: {$binary_filetype}");
276			header("Content-length: {$download_filesize}");
277			header("Content-Disposition: attachment; filename={$binary_name}");
278			header("Content-Description: PHP Generated Data");
279			echo $binary_data;
280			exit();
281		}
282	}
283
284
285	$log->addError("Line".__LINE__.": Couldn't find ".e_DOWNLOAD.e_QUERY);
286	$log->toFile('download_requests','Download Requests', true); // Create a log file and add the log messages
287	require_once(HEADERF);
288	$ns -> tablerender(LAN_ERROR, "<div style='text-align:center'>".LAN_FILE_NOT_FOUND."<br /><br /><a href='javascript:history.back(1)'>".LAN_BACK."</a></div>");
289	require_once(FOOTERF);
290	exit();
291}
292
293$sql->select($table, "*", "{$table}_id = '{$id}'");
294$row = $sql->fetch();
295extract($row);
296$image = ($table == "upload" ? $upload_ss : $download_image);
297if (preg_match("/Binary\s(.*?)\/.*/", $image, $result))
298{
299	$bid = $result[1];
300	$result = @mysql_query("SELECT * FROM ".MPREFIX."rbinary WHERE binary_id = '{$bid}'");
301	$binary_data = @mysql_result($result, 0, "binary_data");
302	$binary_filetype = @mysql_result($result, 0, "binary_filetype");
303	$binary_name = @mysql_result($result, 0, "binary_name");
304	header("Content-type: {$binary_filetype}");
305	header("Content-Disposition: inline; filename={$binary_name}");
306	echo $binary_data;
307	exit();
308}
309
310
311$image = ($table == "upload" ? $upload_ss : $download_image);
312
313if (strpos($image, "http") !== FALSE)
314{
315	e107::redirect($image);
316	exit();
317}
318else
319{
320	if ($table == "download")
321	{
322		require_once(HEADERF);
323         $imagecaption = ''; // TODO ?name or text Screenshot
324
325		if (file_exists(e_FILE."download/{$image}"))
326		{
327			$disp = "<div style='text-align:center'><img class='img-responsive img-fluid' src='".e_FILE_ABS."download/{$image}' alt='' /></div>";
328		}
329		else if(file_exists(e_FILE."downloadimages/{$image}"))
330		{
331			$disp = "<div style='text-align:center'><img class='img-responsive img-fluid' src='".e_FILE_ABS."downloadimages/{$image}' alt='' /></div>";
332		}
333		else
334		{
335             $image = $tp->replaceConstants($image,'abs');
336			$disp = "<div style='text-align:center'><img class='img-responsive img-fluid' src='".$image."' alt='' /></div>";
337		}
338
339		$disp .= "<br /><div style='text-align:center'><a href='javascript:history.back(1)'>".LAN_BACK."</a></div>";
340
341		$ns->tablerender($imagecaption, $disp);
342
343		require_once(FOOTERF);
344	} else
345	{
346		if (is_file(e_UPLOAD.$image))
347		{
348			echo "<img src='".e_UPLOAD.$image."' alt='' />";
349		}
350		elseif(is_file(e_FILE."downloadimages/{$image}"))
351		{
352			echo "<img src='".e_FILE_ABS."downloadimages/{$image}' alt='' />";
353		}
354		else
355		{
356			require_once(HEADERF);
357			$ns->tablerender(LAN_ERROR, "<div style='text-align:center'>".LAN_FILE_NOT_FOUND."<br /><br /><a href='javascript:history.back(1)'>".LAN_BACK."</a></div>");
358			require_once(FOOTERF);
359			exit;
360		}
361		exit();
362	}
363}
364
365
366
367function check_download_limits()
368{
369	global $pref, $sql, $ns, $HEADER, $e107, $tp;
370	// Check download count limits
371	$qry = "SELECT gen_intdata, gen_chardata, (gen_intdata/gen_chardata) as count_perday FROM #generic WHERE gen_type = 'download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_chardata >= 0 AND gen_intdata >= 0) ORDER BY count_perday DESC";
372	if($sql->gen($qry))
373	{
374		$limits = $sql->fetch();
375		$cutoff = time() - (86400 * $limits['gen_chardata']);
376		if(USER)
377		{
378			$where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID;
379		}
380		else
381		{
382			$ip = e107::getIPHandler()->getIP(FALSE);
383			$where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'";
384		}
385		$qry = "SELECT COUNT(d.download_id) as count FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid";
386		if($sql->gen($qry))
387		{
388			$row = $sql->fetch();
389			if($row['count'] >= $limits['gen_intdata'])
390			{
391				// Exceeded download count limit
392			//	$goUrl = e107::getUrl()->create('download/index')."?action=error&id=2";
393				$goUrl = e107::url('download', 'index', null, array('query'=>array('action'=>'error','id'=>2)));
394				e107::redirect($goUrl);
395			 // 	e107::redirect(e_BASE."download.php?error.{$cutoff}.2");
396				/* require_once(HEADERF);
397				$ns->tablerender(LAN_ERROR, LAN_dl_62);
398				require(FOOTERF);  */
399				exit();
400			}
401		}
402	}
403	// Check download bandwidth limits
404	$qry = "SELECT gen_user_id, gen_ip, (gen_user_id/gen_ip) as bw_perday FROM #generic WHERE gen_type='download_limit' AND gen_datestamp IN (".USERCLASS_LIST.") AND (gen_user_id >= 0 AND gen_ip >= 0) ORDER BY bw_perday DESC";
405	if($sql->gen($qry))
406	{
407		$limit = $sql->fetch();
408		$cutoff = time() - (86400*$limit['gen_ip']);
409		if(USER)
410		{
411			$where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_userid = ".USERID;
412		}
413		else
414		{
415			$ip = e107::getIPHandler()->getIP(FALSE);
416			$where = "dr.download_request_datestamp > {$cutoff} AND dr.download_request_ip = '{$ip}'";
417		}
418		$qry = "SELECT SUM(d.download_filesize) as total_bw FROM #download_requests as dr LEFT JOIN #download as d ON dr.download_request_download_id = d.download_id AND d.download_active = 1 WHERE {$where} GROUP by dr.download_request_userid";
419		if($sql->gen($qry))
420		{
421			$row = $sql->fetch();
422
423			if($row['total_bw'] / 1024 > $limit['gen_user_id'])
424			{	//Exceed bandwith limit
425			//	$goUrl = e107::getUrl()->create('download/index')."?action=error&id=2";
426				$goUrl = e107::url('download', 'index', null, array('query'=>array('action'=>'error','id'=>2)));
427				 e107::redirect($goUrl);
428			 // e107::redirect(e_BASE."download.php?error.{$cutoff}.2");
429				/* require(HEADERF);
430				$ns->tablerender(LAN_ERROR, LAN_dl_62);
431				require(FOOTERF); */
432				exit();
433			}
434		}
435	}
436}
437
438function decorate_download_location($url)
439{
440	$pref = e107::getPref();
441	if ($pref['download_security_mode'] !== 'nginx-secure_link_md5')
442		return $url;
443	require_once(__DIR__."/handlers/NginxSecureLinkMd5Decorator.php");
444	$decorator = new NginxSecureLinkMd5Decorator($url, $pref);
445	return $decorator->decorate();
446}