$text

"); } $vars = explode("|", base64_decode($data)); $id = $vars[0]; $oldip = $vars[1]; $expiredate = $vars[2]; $custname = $vars[3]; $address = $vars[4]; $desc = $vars[5]; $email = $vars[6]; $transId = $vars[7]; $amount = $vars[8]; $authAmountString = $vars[9]; $testMode = $vars[10]; $postcode = $vars[11]; $tel = $vars[12]; $fax = $vars[13]; $country = $vars[14]; $md5 = md5($transId . "," . $oldip); $expiretime = strftime("%A %e %B %Y %I:%M %p", $expiredate); $ip = $GLOBALS['REMOTE_ADDR']; $forwarder = $GLOBALS['HTTP_X_FORWARDED_FOR']; if(($forwarder != "") && ($forwarder != "unknown")) { $ip = $forwarder; } $date = mktime(date("H"), date("i"), 0, date("m"), date("d"), date("Y")); if($oldip == $ip) { if($date <= $expiredate) { if($md5 == $hash) { /* application/x-ms-download application/octet-stream */ $mime = "application/zip"; $ext = ".zip"; if(!($cnx = @mysqli_connect($host, $username, $password))) { download_denied("Database error", "Error with database connection"); } if(!(@mysqli_select_db($database, $cnx))) { download_denied("Database error", "Error with database selection"); } if(!($queryID = @mysqli_query("SELECT Title, Filename, Price, NumDownloads FROM $magsTbl WHERE ProdID=\"$id\"", $cnx))) { download_denied("Database error", "Error with database query"); } if(mysqli_num_rows($queryID) == 1) { $queryRow = mysqli_fetch_array($queryID); $fname = $dlDir.$queryRow[Filename]; // Path from 'web' $name = ereg_replace("[\/:*?\"<>|.]", "", $queryRow[Title]).$ext; // Created filename e.g. Title.zip $filepath = $fullPath.$fname; // Full path to download e.g. /home/sites/site5/ etc. $size = filesize($filepath); // Filesize using full path if($size) { $numdownloads = $queryRow[NumDownloads] + 1; if(!($queryID = @mysqli_query("UPDATE $magsTbl SET NumDownloads = $numdownloads WHERE ProdID=\"$id\"", $cnx))) { download_denied("Database error", "Error with database update query"); } if(ereg("MSIE", getenv("HTTP_USER_AGENT"))) { $attachment = " "; } else { $attachment = " attachment;"; } $filetext = "filename=\"$name\";"; $file = fopen($filepath, "r"); header("Content-Type: $mime"); header("Content-Length: $size"); header("Content-Disposition:$attachment $filetext"); header("Content-Transfer-Encoding: binary"); header("Content-Description: File Transfer"); $download_exec = "Yes"; @fpassthru($file); } else { download_denied("The file doesn't exist", "The file doesn't exist or contains no data."); $download_exec = "No - The file wasn't found or contained no data"; } } else { download_denied("Invalid ID", "The magazine indicated does not exist!"); $download_exec = "No - The magazine ID ($id) wasn't found"; } } else { download_denied("Hash Mismatch", "There was a mismatch with encrypted data."); $download_exec = "No - md5 hash mismatch"; } } else { download_denied("Page Expired", "You needed to download the file within 24 hours!"); $download_exec = "No - The date wasn't within 24 hours"; } } else { download_denied("Permission denied", "You are not allowed to download that file!

Please note, some ISPs assign dynamic IP addresses each time you connect to the Internet, and this may be stopping you from downloading. If this is the case, please contact us with your payment details."); $download_exec = "No - IP address didn't match"; } $today = strftime("%A %e %B %Y %I:%M %p", time()); $logstring = "WorldPay Transaction ID: $transId Date: $today Name: $custname Email: $email Address: $address Magazine: $desc Amount asked for: $amount Auth amount string: $authAmountString Test mode: $testMode Expiry Date: $expiretime IP Address: $ip Expected IP Address: $oldip Download Executed: $download_exec Postcode: $postcode Phone: $tel Fax: $fax Country: $country ----------------------------------------------------------------------------------------\n\n"; if(($logDir[strlen($log_dir)] != "/") && ($logDir != "")) { $logDir .= "/"; } $log = $fullPath . $logDir . "downloads2.txt"; $fp = fopen($log, "a"); fwrite($fp, $logstring); fclose($fp); ?>