Pixture Inc. * Distributed under the GPL Licence. */ /** * Step-1: start Drupal's bootstrap to use drupal database * and includes necessary drupal files */ $debug = 1; $current_dir = getcwd(); if ($current_dir == FALSE) { if ($debug) { $debugout[] = "getcwd() returned FALSE!\n"; } } else { if ($debug) { $debugout[] = "getcwd() succeeded\n"; $debugout[] = "getcwd() returned [". $current_dir . "]\n"; } } // we need to change the current directory to the (drupal-root) directory // in order to include some necessary files. if (file_exists('../../../../includes/bootstrap.inc')) { // If this script is in the (drupal-root)/sites/(site)/modules/pubdlcnt directory if ($debug) { $debugout[] = "module seems to be installed to the (drupal-root)/sites/(site)/modules directory\n"; } @chdir('../../../../'); // go to drupal root } else if (file_exists('../../includes/bootstrap.inc')) { // If this script is in the (drupal-root)/modules/pubdlcnt directory if ($debug) { $debugout[] = "module seems to be installed to the (drupal-root)/modules directory\n"; } @chdir('../../'); // go to drupal root } else { // Non standard location: you need to edit the line below so that chdir() // command change the directory to the drupal root directory of your server // using an absolute path. // First, please delete the line below and then edit the next line if ($debug) { $debugout[] = "Error: module seems to be installed to a non standard directory\n"; } print "Error: Public Download Count module failed to work. The file pubdlcnt.php requires manual editing.\n"; @chdir('/absolute-path-to-drupal-root/'); // <---- edit this line! if (!file_exits('./includes/bootstrap.inc')) { // We can not locate the bootstrap.inc file, let's give up using the // script and just fetch the file if ($debug) { $debugout[] = "calling header('Location: " . $_GET['file'] . "')\n"; print_r($debugout); exit; } header('Location: ' . $_GET['file']); exit; } } if ($debug) { $debugout[] = "including bootstrap.inc and other necessary drupal files\n"; } @include_once './includes/bootstrap.inc'; // following two lines are needed for check_url() and valid_url() call @include_once './includes/common.inc'; @include_once './modules/filter/filter.module'; // start Drupal bootstrap for accessing database if ($debug) { $debugout[] = "calling drupal_bootstrap()\n"; } drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE); if ($debug) { $debugout[] = "chdir(" . $current_dir . ") to return to the original directory\n"; } if ($current_dir) { @chdir($current_dir); } /** * Step-2: get file query value (URL of the actual file to be downloaded) */ $url = check_url($_GET['file']); $nid = check_url($_GET['nid']); if ($debug) { $debugout[] = "getting parameters...\n"; $debugout[] = " file [" . $url . "]\n"; $debugout[] = " nid [" . $nid . "]\n"; } if (!eregi("^(f|ht)tps?:\/\/.*", $url)) { // check if this is absolute URL // if the URL is relative, then convert it to absolute if ($debug) { $debugout[] = "URL seems to be a relative URL. Let's add server name\n"; $debugout[] = "Before [$url]\n"; } $url = "http://" . $_SERVER['SERVER_NAME'] . $url; if ($debug) { $debugout[] = "After [$url]\n"; } } /** * Step-3: check if the url is valid or not */ if ($debug) { $debugout[] = "calling is_valid_file_url(" . $url . ")\n"; } if (is_valid_file_url($url)) { /** * Step-4: update counter data (only if the URL is valid and file exists) */ if ($debug) { $debugout[] = "URL is valid. Let's update the download counter for $filename\n"; } $filename = basename($url); pubdlcnt_update_counter($filename, $nid); } else { if ($debug) { $debugout[] = "URL is not valid. Skip updating the download counter.\n"; } } /** * Step-5: redirect to the original URL of the file */ if ($debug) { $debugout[] = "OK, let's jump to the original file URL\n"; $debugout[] = "calling header('Location: " . $_GET['file'] . "')\n"; print_r($debugout); exit; } header('Location: ' . $url); exit; /** * Function to check if the specified file URL is valid or not */ function is_valid_file_url($url) { // replace space characters in the URL with '%20' to support file name // with space characters $url = preg_replace('/\s/', '%20', $url); if (!valid_url($url, true)) { return false; } // URL end with slach (/) and no file name if (preg_match('/\/$/', $url)) { return false; } // in case of FTP, we just return TRUE (the file exists) if (preg_match('/ftps?:\/\/.*/i', $url)) { return true; } // extract file name and extention $filename = basename($url); $extension = explode(".", $filename); // file name does not have extension if (($num = count($extension)) <= 1) { return false; } $ext = $extension[$num - 1]; // get valid extensions settings from Drupal $result = db_query("SELECT value FROM {variable} WHERE name = 'pubdlcnt_valid_extensions'"); $valid_extensions = unserialize(db_result($result)); if (!empty($valid_extensions)) { $valid_ext_array = explode(" ", $valid_extensions); // invalid extension if (!in_array($ext, $valid_ext_array)) { return false; } } if (!url_exits($url)) { return false; } return true; // it seems that the file URL is valid } /** * Function to check if the specified file URL really exists or not */ function url_exits($url) { if (!function_exists('get_headers')) { return true; // PHP4 } $header = get_headers($url); // Here are popular status code back from the server // // URL exits 'HTTP/1.1 200 OK' // URL does not exits 'HTTP/1.1 404 Not Found' // Can not access URL 'HTTP/1.1 403 Forbidden' // Can not access server 'HTTP/1.1 500 Internal Server Error // // So we return true only when 'HTTP/1.1 200 OK' is returned if (strstr($header[0], '200')) { return true; } return false; } /** * Function to update the data base with new counter value */ function pubdlcnt_update_counter($name, $nid) { $count = 1; $name = db_escape_string($name); // security purpose if (empty($nid)) { // node nid is invalid return; } // today(00:00:00AM) in Unix time $today = mktime(0, 0, 0, date("m"), date("d"), date("Y")); // convert to datettime format $mysqldate = date("Y-m-d H:i:s", $today); $result = db_query("SELECT * FROM {pubdlcnt} WHERE name='%s' AND date='%s'", $name, $mysqldate); if ($rec = db_fetch_object($result)) { $count = $rec->count + 1; // update an existing record db_query("UPDATE {pubdlcnt} SET count=%d WHERE name='%s' AND date='%s'", $count, $name, $mysqldate); } else { // insert a new record db_query("INSERT INTO {pubdlcnt} (name, nid, date, count) VALUES ('%s', %d, '%s', %d)", $name, $nid, $mysqldate, $count); } } ?>