Downloads - Allow Guests To See But Not Download

blith · Posted: Thu Apr 22, 2004 9:50 am

Ok, good! Just to be perfectly clear. I install it starting at the function getit line. The stuff before that remains? Thanks...

blith · Posted: Thu Apr 22, 2004 9:55 am

Raven, the code still allows unregistered users to download. I wanted the fetching mod and the allow visitors to see but not download to work in conjunction. Please help. Thank you.

Raven · Posted: Thu Apr 22, 2004 10:06 am

That is the code I use. You have to modify the $lidarray, of course. I don't believe I made any other changes. fetch.php must reside in your www folder. Also, this code should be right ahead of the function getit() code

Code:

function gfx($random_num) {
global $module_name;
$image = ImageCreateFromJPEG("modules/$module_name/images/code_bg.jpg");
$text_color = ImageColorAllocate($image, 0, 0, 0);
Header("Content-type: image/jpeg");
ImageString ($image, 5, 3, 2, $random_num, $text_color);
ImageJPEG($image, '', 75);
ImageDestroy($image);
// echo "$random_num";
die();
}

blith · Posted: Thu Apr 22, 2004 10:19 am

I see I can be an unregistered user and download from your site. I just tried it and the only thing I have to do is enter the password and I can download. I thought you had the unregistered view but not download thing going here... but you allow unregistered to download.

Raven · Posted: Thu Apr 22, 2004 10:24 am

I think you misunderstand. This restricts CERTAIN files, not all files. Only the $lid of certain downloads are protected. Those in the $lidarray. For instance, unregistered visitors cannot download the regular nuke releases.

Rikk03 · Worker Joined: Feb 16, 2004 Posts: 164

May i suggest EDL 2.1 I have the module and LOVE it, dual upload file AND image upload WITH description! - the options are awesome AND no hotlinking!

Yes i know - small fee - but its worth it.

u can find it at

Only registered users can see links on this board!
Get registered or login to the forums!

Regards

Richard

blith · Posted: Thu Apr 22, 2004 10:30 am

Okay, so how do I incorporate the code that allows visitors to view all but not download any which was discussed at the beginning of this thread? That is why I was saying that some of the code you wanted to replace was split up into the fetch.php file. It is not all in the index.php file any longer...

Raven · Posted: Thu Apr 22, 2004 10:34 am

Just replace this

Code:

function getit($lid) {
// Add a new line of code for each $lid to block for Registered Users only
$lidArray[] = xx;
$lidArray[] = yy;
$lidArray[] = zz;
$lid = intval($lid);
$hits = intval($hits);
global $prefix, $dbi, $user, $admin, $module_name;
if (!is_user($user)&&in_array($lid,$lidArray)&&!is_admin($admin)) {
$pagetitle = "- "._ACCESSDENIED."";
include("header.php");
title("$sitename: "._ACCESSDENIED."");
OpenTable();
echo "<center>"._RESTRICTEDAREA." "
.""._MODULEUSERS.""
.""._GOBACK."";
CloseTable();
include("footer.php");
die();
}

with that code at the beginning of this thread.

blith · Posted: Thu Apr 22, 2004 12:59 pm

Okay, I am sorry but I have tried this in the way you say and then many different configurations. I cannot get the code to work so that visitors may see the downloads but not get them until they register. Then once someone is register I would like the fetching mod to kick in... I would like both conditions to be met and I cannot get the code together. I will continue to try any other suggestions or a proven method would be appreciated. Thanks Raven, et al!

Rikk03 · Worker Joined: Feb 16, 2004 Posts: 164

blith ....EDL 2.1 does all of what you requested.

........all the effort......the module is only $5

If you consider your time worth something then it would save you alot of money.

blith · Posted: Fri Apr 23, 2004 6:39 am

Rikk03 wrote:

blith ....EDL 2.1 does all of what you requested.

........all the effort......the module is only $5

If you consider your time worth something then it would save you alot of money.

I will look at it... thanks.

blith · Posted: Tue Apr 27, 2004 7:59 am

In 7.2 ther is an update_point command, I assume for the new point system. Here is the code change in 7.2:

Code:

function getit($lid) {
global $prefix, $dbi, $user, $admin;
if (!is_admin($admin)&&!is_user($user)) {
$pagetitle = "- "._ACCESSDENIED."";
include("header.php");
title("$sitename: "._ACCESSDENIED."");
OpenTable();
echo "<center>"._RESTRICTEDAREA." "
.""._MODULEUSERS.""
.""._GOBACK."";
CloseTable();
include("footer.php");
die();
}
global $prefix, $db;
$lid = intval($lid);
$hits = intval($hits);
$db->sql_query("update ".$prefix."_downloads_downloads set hits=hits+1 WHERE lid=$lid");
update_points(17);
$result = $db->sql_query("SELECT url FROM ".$prefix."_downloads_downloads WHERE lid='$lid'");
list($url) = $db->sql_fetchrow($result);
Header("Location: $url");
}

Raven · Posted: Tue Apr 27, 2004 8:11 am

For 7.2

Code:

function getit($lid) {
/**********************************************************************/
/*Begin Raven's code to restrict certain downloads or all downloads to*/
/* view for all visitors but only downloadable by registered users. */
/**********************************************************************/
global $user, $admin;
// Add a new line of code for each $lid to block for Registered Users only
// -1 in the FIRST entry will only allow registred users and admin to download while allowing visitors to see the list
$lidArray[] = -1;
$lidArray[] = 9999; // EXAMPLE!!!
if (($lidArray[0]==-1||in_array($lid,$lidArray))&&(!is_user($user)&&!is_admin($admin))) {
 $pagetitle = "- "._ACCESSDENIED."";
 include("header.php");
 title("$sitename: "._ACCESSDENIED."");
 OpenTable();
 echo "<center>"._RESTRICTEDAREA." "
 .""._MODULEUSERS.""
 .""._GOBACK."";
 CloseTable();
 include("footer.php");
 die();
}
/**********************************************************************/
/*End Raven's code to restrict certain downloads or all downloads to */
/* view for all visitors but only downloadable by registered users. */
/**********************************************************************/
global $prefix, $db;
$lid = intval($lid);
$db->sql_query("update ".$prefix."_downloads_downloads set hits=hits+1 WHERE lid='$lid'");
update_points(17);
$result = $db->sql_query("SELECT url FROM ".$prefix."_downloads_downloads WHERE lid='$lid'");
list($url) = $db->sql_fetchrow($result);
Header("Location: $url");
}

newbie · Regular Joined: May 03, 2004 Posts: 62 Location: USA

Raven,

Are there any necessary changes in this code for 7.3?

Thanks.

***Edited to Add***

I used the code from the very first post in 7.3 and it worked without a hitch!

Thanks!

Raven · Posted: Sat May 15, 2004 8:46 pm

Muffin · Client Joined: Apr 10, 2004 Posts: 649 Location: UK

My code is different again in v7.0

All I see is:

Quote:

function getit($lid) {
global $prefix, $db;
$lid = intval($lid);
$db->sql_query("update ".$prefix."_downloads_downloads set hits=hits+1 WHERE lid='$lid'");
update_points(17);
$result = $db->sql_query("SELECT url FROM ".$prefix."_downloads_downloads WHERE lid='$lid'");
list($url) = $db->sql_fetchrow($result);
Header("Location: $url");
}

I cant see where to put a get it mod in can someone explain to a confused newbie please as my code is different to the ones stated here.

Also why does my code say:

Quote:

function getit($lid) {
global $prefix, $db;
$lid = intval($lid);

$db; when everyone elses says $dbi;

I'm very confused. lol

Raven · Posted: Thu Jun 10, 2004 11:50 am

Put it before your global statemet, as I did in the example above.

scz74 · New Member Joined: Aug 18, 2004 Posts: 4

hi raven, i have nuke7.2 and installed nsndownloads my problem is a download file can only be viewed by the group it has permission to. how can i edit the code so that all groups including visitors can view but only the group with permission can download? i saw your code edit at the start of this topic but it doesnt match my modules/Download/index.php

here is my getit file:

Code:

case "getit":

$lid = intval($lid);

$result = $db->sql_query("SELECT * FROM ".$prefix."_nsngd_downloads WHERE lid=$lid AND active>'0'");

$lidinfo = $db->sql_fetchrow($result);

include("header.php");

$priv = $lidinfo['sid'] - 2;

if (($lidinfo['sid'] == 0) || ($lidinfo['sid'] == 1 AND is_user($user)) || ($lidinfo['sid'] == 2 AND is_admin($admin)) || ($lidinfo['sid'] > 2 AND in_group($priv))) {

if ($lidinfo['lid'] == "" OR $lidinfo['active'] == 0) {

title(_DOWNLOADPROFILE.": "._INVALIDDOWNLOAD);

OpenTable();

echo "<center>"._INVALIDDOWNLOAD."</center>\n";

} else {

$fetchid = base64_encode($lidinfo['url']);

$title = stripslashes($lidinfo['title']);

title(_DOWNLOADPROFILE.": $title");

OpenTable();

mt_srand ((double)microtime()*1000000);

$maxran = 1000000;

$random_num = mt_rand(0, $maxran);

$lidinfo['description'] = stripslashes($lidinfo['description']);

$lidinfo['description'] = ereg_replace ("\r\n", " ", $lidinfo['description']);

echo "".$lidinfo['description']." <hr>";

echo ""._VERSION.": ".$lidinfo['version']." \n";

echo ""._FILESIZE.": ".CoolSize($lidinfo['filesize'])." ";

echo ""._ADDEDON.": ".CoolDate($lidinfo['date'])." \n";

echo ""._DOWNLOADS.": ".$lidinfo['hits']." ";

echo ""._HOMEPAGE.": ";

if ($lidinfo['homepage'] == "" || $lidinfo['homepage'] == "http://") {

echo _DL_NOTLIST;

} else {

echo "<a href='".$lidinfo['homepage']."' target='new'>".$lidinfo['homepage']."</a>";

}

echo "<hr>";

echo _DL_DIRECTIONS." "._DL_DLNOTES1."$title"._DL_DLNOTES2." ";

echo "<center><table border='0'>";

echo "<form action='modules.php?name=$module_name' method='POST'>";

echo "<input type='hidden' name='op' value='go'>";

echo "<input type='hidden' name='lid' value='".$lidinfo['lid']."'>";

echo "<input type='hidden' name='fetchid' value='$fetchid'>";

if ($dl_config['usegfxcheck'] == 1) {

if (extension_loaded("gd")) {

echo "<tr><td>"._DL_YOURPASS.":</td><td><img src='modules.php?name=$module_name&op=gfx&random_num=$random_num' height='20' width='80' border='0' alt='"._DL_YOURPASS."' title='"._DL_YOURPASS."'></td></tr>";

echo "<tr><td>"._DL_TYPEPASS.":</td><td><input type='text' name='passcode' size='10' maxlength='10'></td></tr>";

echo "<input type='hidden' NAME='checkpass' value='$random_num'>";

} else {

$datekey = date("F j");

$rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));

$code = substr($rcode, 2, 8);

$ThemeSel = get_theme();

if (file_exists("themes/$ThemeSel/images/downloads/code_bg.png")) {

$imgpath = "themes/$ThemeSel/images";

} else {

$imgpath = "images";

}

echo "<tr><td>"._DL_YOURPASS.":</td><td height='20' width='80' background='$imgpath/code_bg.png' class='storytitle' align='center'>$code</td></tr>";

echo "<tr><td>"._DL_TYPEPASS.":</td><td><input type='text' name='passcode' size='10' maxlength='10'></td></tr>";

echo "<input type='hidden' name='checkpass' value='$code'>";

}

}

echo "<tr><td colspan='2' align='center'><input type='submit' name='"._DL_GOGET."' value='"._DL_GOGET."'></td></tr>";

echo "</form>";

echo "</table></center> ";

echo "<center>[ <a href='modules.php?name=$module_name&op=modifydownloadrequest&lid=$lid'>"._MODIFY."</a> ]</center>\n";

}

CloseTable();

} else {

OpenTable();

restricted($lidinfo['sid']);

CloseTable();

}

include("footer.php");

break;

takaharu · Client Joined: Sep 25, 2003 Posts: 58

Hi Raven ,

Can this hack be used on the nsn groupdownloads too ?
You see there is no function get it in the downloads index file ?

takaharu · Client Joined: Sep 25, 2003 Posts: 58

No luck ?

BobMarion · Posted: Sun Sep 05, 2004 12:00 pm

Open your modules/Downloads/functions.php file in a text editor. Look for function showlisting($lid) {. Now compare it to:

Code:

// Copyright (c) 2003 --- NukeScripts Network ---
// Can not be reproduced in whole or in part without
// written consent from NukeScripts Network CEO
function showlisting($lid) {
global $module_name, $admin, $db, $prefix, $user;
$lid = intval($lid);
$result = $db->sql_query("SELECT * FROM ".$prefix."_nsngd_downloads WHERE lid=$lid");
$lidinfo = $db->sql_fetchrow($result);
OpenTable();
$priv = $lidinfo['sid'] - 2;
//if (($lidinfo['sid'] == 0) || ($lidinfo['sid'] == 1 AND is_user($user)) || ($lidinfo['sid'] == 2 AND is_admin($admin)) || ($lidinfo['sid'] > 2 AND in_group($priv))) {
$lidinfo['title'] = stripslashes($lidinfo['title']);
$lidinfo['description'] = stripslashes($lidinfo['description']);
if (is_admin($admin)) {
$myimage = myimage("edit.png");
echo "<a href='modules.php?name=$module_name&file=admin&op=ModifyDownload&lid=$lid' target='$lid'><img align='middle' src='$myimage' border='0' alt='"._DL_EDIT."'></a> ";
} else {
$myimage = myimage("show.png");
echo "<img align='middle' src='$myimage' border='0' alt=''> ";
}
echo "<a href='modules.php?name=$module_name&op=getit&lid=$lid'>".$lidinfo['title']."</a>";
newdownloadgraphic($datetime, $lidinfo['date']);
popgraphic($lidinfo['hits']);
echo " ";
if ($lidinfo['sid'] == 0) {
$who_view = _DL_ALL;
} elseif ($lidinfo['sid'] == 1) {
$who_view = _DL_USERS;
} elseif ($lidinfo['sid'] == 2) {
$who_view = _DL_ADMIN;
} elseif ($lidinfo['sid'] >2) {
$newView = $lidinfo['sid'] - 2;
list($who_view) = $db->sql_fetchrow($db->sql_query("SELECT gname FROM ".$prefix."_nsngr_groups WHERE gid=$newView"));
$who_view = $who_view." "._DL_ONLY;
}
echo ""._DL_PERM.": $who_view \n";
echo ""._OWNER.": ".$lidinfo['name']." \n";
echo ""._VERSION.": ".$lidinfo['version']." \n";
echo ""._FILESIZE.": ".CoolSize($lidinfo['filesize'])." ";
echo ""._ADDEDON.": ".CoolDate($lidinfo['date'])." \n";
echo ""._SUBMITTER.": ".$lidinfo['submitter']." \n";
echo ""._DOWNLOADS.": ".$lidinfo['hits']." ";
echo ""._HOMEPAGE.": ";
if ($lidinfo['homepage'] == "" || $lidinfo['homepage'] == "http://") {
echo _DL_NOTLIST;
} else {
echo "<a href='".$lidinfo['homepage']."' target='new'>".$lidinfo['homepage']."</a>";
}
//} else {
// restricted2($lidinfo['sid']);
//}
CloseTable();
}

See the lines I put // in front of? By doing that it makes all users able to see the downloads but only the group can still download them.

Now in the next function, showresults($lid) { compare to:

Code:

// Copyright (c) 2003 --- NukeScripts Network ---
// Can not be reproduced in whole or in part without
// written consent from NukeScripts Network CEO
function showresults($lid) {
global $module_name, $admin, $db, $prefix, $user;
$lid = intval($lid);
$lidinfo = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_nsngd_downloads WHERE lid=$lid"));
OpenTable();
$priv = $lidinfo['sid'] - 2;
//if (($lidinfo['sid'] == 0) || ($lidinfo['sid'] == 1 AND is_user($user)) || ($lidinfo['sid'] == 2 AND is_admin($admin)) || ($lidinfo['sid'] > 2 AND in_group($priv))) {
$lidinfo['title'] = stripslashes($lidinfo['title']);
$lidinfo['description'] = stripslashes($lidinfo['description']);
if (is_admin($admin)) {
$myimage = myimage("edit.png");
echo "<a href='modules.php?name=$module_name&file=admin&op=ModifyDownload&lid=$lid' target='$lid'><img align='middle' src='$myimage' border='0' alt='"._DL_EDIT."' title='"._DL_EDIT."'></a> ";
} else {
$myimage = myimage("show.png");
echo "<img align='middle' src='$myimage' border='0' alt='' title=''> ";
}
echo "<a href='modules.php?name=$module_name&op=getit&lid=$lid'>".$lidinfo['title']."</a>";
newdownloadgraphic($datetime, $lidinfo['date']);
popgraphic($lidinfo['hits']);
echo " \n";
if ($lidinfo['sid'] == 0) {
$who_view = _DL_ALL;
} elseif ($lidinfo['sid'] == 1) {
$who_view = _DL_USERS;
} elseif ($lidinfo['sid'] == 2) {
$who_view = _DL_ADMIN;
} elseif ($lidinfo['sid'] >2) {
$newView = $lidinfo['sid'] - 2;
list($who_view) = $db->sql_fetchrow($db->sql_query("SELECT gname FROM ".$prefix."_nsngr_groups WHERE gid=$newView"));
$who_view = $who_view." "._DL_ONLY;
}
echo ""._DL_PERM.": $who_view \n";
echo ""._OWNER.": ".$lidinfo['name']." \n";
echo ""._VERSION.": ".$lidinfo['version']." \n";
echo ""._FILESIZE.": ".CoolSize($lidinfo['filesize'])." \n";
echo ""._ADDEDON.": ".CoolDate($lidinfo['date'])." \n";
echo ""._SUBMITTER.": ".$lidinfo['submitter']." \n";
echo ""._DOWNLOADS.": ".$lidinfo['hits']." \n";
echo ""._HOMEPAGE.": ";
if ($lidinfo['homepage'] == "" || $lidinfo['homepage'] == "http://") {
echo _DL_NOTLIST." \n";
} else {
echo "<a href='".$lidinfo['homepage']."' target='new'>".$lidinfo['homepage']."</a> \n";
}
$result2 = $db->sql_query("SELECT * FROM ".$prefix."_nsngd_categories WHERE cid='".$lidinfo['cid']."'");
$cidinfo = $db->sql_fetchrow($result2);
$cidinfo['title'] = "<a href=modules.php?name=$module_name&cid=".$lidinfo['cid'].">".$cidinfo['title']."</a>";
$cidinfo['title'] = getparentlink($cidinfo['parentid'], $cidinfo['title']);
echo ""._CATEGORY.": ".$cidinfo['title']."\n";
//} else {
// restricted2($lidinfo['sid']);
//}
CloseTable();
}

You will see more //'s that are in front of the lines to allow all users to see but not download the files.