DOWNLOAD LIMIT REACHED. Please try again later."; break; case 2: // NO SUCH FILE ID echo "

NO SUCH FILE

"; break; } } } } /* +--------------------------------------------------------------------------------------------------------+ | Form POSTed. Check capthca guess and file id. Present file if limit not reached and captcha is correct | +--------------------------------------------------------------------------------------------------------+ */ if ($_POST) // Form is being posted back for captcha validation - If successful, aloow file download { // see if guess is correct, else fail $key_query = "SELECT `key` FROM dlm_config"; $key_result = mysql_query($key_query) or die("Query failed : " . mysql_error()); $mykey = mysql_fetch_array($key_result); $user_input = $_POST['guess']; // The guess a user enters -- case sensitive $file_id = $_POST["file_id"]; $newcode = $_POST['code'] . $mykey; // Combine the hidden code field with $mykey $key = substr(md5($newcode), 0, 5); // Encrypt it and take first five characters if ($key == $user_input) { if ($master_check == 0) { // run function to see if we can download file $download_check = downloadable($file_id); switch ($download_check) // depending on $download_check, present file or message { case 0: // OK $query = "SELECT * FROM dlm_files WHERE id = '$file_id'"; $result = mysql_query($query) or die("Query failed : " . mysql_error()); $row = mysql_fetch_array($result); $path_array = explode('/', $row[1]); if ($onwindows) $path_array = explode('\\', $row[1]); $file_name = array_pop($path_array); $fp = fopen($row[1], 'rb'); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=$file_name"); //header("Content-Description: PHP3 Generated Data"); header("Pragma: no-cache"); header("Expires: 0"); header("Content-Length: ".filesize($row[1])); $total_chars = fpassthru($fp); fclose($fp); //echo "fpassthru: $total_chars. Filesize: " . filesize($row[1]); if ($total_chars == filesize($row[1])) // bytes sent equals size of file { //update stats db //look to see if theres an entry today for the file. if so, update by 1 //if not, insert a row $lookup_query = "SELECT * FROM dlm_stats WHERE dl_date = '$current_date' And file_id = '$file_id'"; $lookup_result = mysql_query($lookup_query) or die("Query failed : " . mysql_error()); $lookup_num_rows = mysql_num_rows($lookup_result); if ($lookup_num_rows == 1) // File has already been downloaded at least once today. Update { $update_row = mysql_fetch_row($lookup_result); $new_dl_count = $update_row[2] + 1; $update_query = "UPDATE dlm_stats SET dl_count = '$new_dl_count' WHERE dl_date = '$current_date' And file_id = '$file_id'"; $update_result = mysql_query($update_query) or die("Query failed : " . mysql_error()); } else // First time file has been downloaded today. Insert { $insert_query = "INSERT INTO dlm_stats VALUES ('$current_date', '$file_id', '1')"; $insert_result = mysql_query($insert_query) or die("Query failed : " . mysql_error()); } } break; case 1: // LIMIT REACHED pre_dlm(); echo "LIMIT REACHED"; break; case 2: // NO SUCH FILE ID pre_dlm(); echo "NO SUCH FILE"; break; } } elseif ($master_check == 1) { pre_dlm(); echo "We're sorry, all downloads have been disabled."; } } else { pre_dlm(); echo "

Sorry, you did not enter the correct verification code. Please try again.

"; drawform($file_id); // Call function to generate captcha form } } /* +---------------------------------------------------------------------------------------------------------+ | FUNCTIONS: | | 1. Draw form function. Draws captcha form for user to authenticate humanness with | | 2. Downloadable check function. Receives a file id and checks to see if download limit has been reached | | Returns 0=OK, 1=LIMIT REACHED, 2=NO SUCH FILE | | 3. Check master switch. +---------------------------------------------------------------------------------------------------------+ */ function drawform($myfile) { $rand_loop = rand(5, 10); // Pick length of random string $string = ''; // Initialize string for($i = 1; $i <= $rand_loop; $i++) { $rand1 = rand(48, 57); //0-9 $rand2 = rand(65, 90); //A-Z $rand3 = rand(97, 122); //a-z $rand_picker = rand(1, 3); // use rand 1, 2 or 3 switch ($rand_picker) { case 1: $string .= chr($rand1); break; case 2: $string .= chr($rand2); break; case 3: $string .= chr($rand3); break; } } $filename_query = "SELECT path FROM dlm_files WHERE id = '$myfile'"; $filename_result = mysql_query($filename_query) or die("Query failed : " . mysql_error()); while ($filename_row = mysql_fetch_array($filename_result)) { $name = array_pop(explode("/", $filename_row[0])); } $path_parts = pathinfo($name); // echo ""; echo ""; echo "\n"; echo "

To prevent other web sites from leeching files from our site and scripts from repeatedly downlading our files, we ask that you enter the code below.

\n"; echo "\n"; echo "
\n"; echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
Please enter the text in the image exactly
as it appears in the box to the right.\n"; echo "
\"Image
\n"; echo "\n"; echo "
\n"; } function downloadable($myfile) { // Query database for info on the requested file id $query = "SELECT * FROM dlm_files WHERE id = '$myfile'"; $result = mysql_query($query) or die("Query failed : " . mysql_error()); $num_rows = mysql_num_rows($result); $end_flag = 2; global $current_date; if ($num_rows != 0) // If a row is returned, file exists. Put the data in $row { $row = mysql_fetch_array($result); $path_array = explode('/', $row[1]); $file_name = array_pop($path_array); $daily_limit = $row[2]; // -1 for unlimited, 0 for no downloads $total_limit = $row[3]; // -1 for unlimited, 0 for no downloads $total_count = 0; $daily_count = array(0 => 0); $end_flag = 0; //query database for totals for this file for today and total $daily_query = "SELECT dl_count FROM dlm_stats WHERE file_id = '$myfile' AND dl_date = '$current_date'"; // Get count for today only for this id $daily_result = mysql_query($daily_query) or die("Query failed : " . mysql_error()); $daily_count = mysql_fetch_row($daily_result); $total_query = "SELECT dl_count FROM dlm_stats WHERE file_id = '$myfile'"; // Get count for all days for this id $total_result = mysql_query($total_query) or die("Query failed : " . mysql_error()); while ($total_row = mysql_fetch_array($total_result)) { $total_count += $total_row[0]; // Add up the daily download counts } if (!$daily_count) {$daily_count = array(0 => 0);} // If the file hasn't been downloaded yet today, the $daily_count array becomes FALSE // $total_count and $daily_count[0] have values if ($total_limit == 0 Or $daily_limit == 0) // One or both limits are set to no downloads. { $end_flag = 1; } if ($total_limit >= 1 And $daily_limit == -1) // Check total limit; Daily is unlimited. { //check $total_count against $total_limit. Set flag if $total_count >= $total_limit if ($total_count >= $total_limit) { $end_flag = 1; } } if ($total_limit == -1 And $daily_limit >= 1) // Check daily limit; Total is unlimited. { //check $daily_count against $daily_limit. Set flag if $daily_count >= $daily_limit if ($daily_count[0] >= $daily_limit) { $end_flag = 1; } } if ($total_limit >= 1 And $daily_limit >= 1) // Both have fixed limits. Check against current counts. { if ($total_count >= $total_limit) // We've exceeded total limit { $end_flag = 1; } if ($daily_count[0] >= $daily_limit) // We've exceeded total limit { $end_flag = 1; } } } return $end_flag; // 0=OK, 1=LIMIT REACHED, 2=NO SUCH FILE } function checkmaster() { // Query config table to see if master switch is on or off $query = "SELECT alloff FROM dlm_config"; $result = mysql_query($query) or die("Query failed : " . mysql_error()); while ($row = mysql_fetch_array($result)) { return $row['alloff']; } } // pre_dlm is used for adding HTML/PHP code above the code for the download manager function pre_dlm() { echo << DOWNLOAD EOT; } // post_dlm is used for adding HTML/PHP code below the code for the download manager function post_dlm() { echo << EOT; } mysql_close($connection); post_dlm(); ?>