Initial commit

2025-01-30 11:43:37 +01:00
commit 6f1cc27ec4
823 changed files with 233091 additions and 0 deletions
--- a/download.php
+++ b/download.php
@@ -0,0 +1,33 @@
+<?php
+// Prevent direct access to file
+defined(security_key) or exit;
+// Disable the time limit (for large files)
+set_time_limit(0);
+// Customer must be logged-in and must provide the secret ID
+if (isset($_GET['id'], $_SESSION['account_loggedin'])) {
+    // Get the product download URL and check if the ID matches
+    $stmt = $pdo->prepare('SELECT pd.* FROM products_downloads pd JOIN transactions t ON t.account_id = ? JOIN transactions_items ti ON t.txn_id = ti.txn_id AND ti.item_id = pd.product_id AND MD5(CONCAT(ti.txn_id, pd.id)) = ?');
+    $stmt->execute([ $_SESSION['account_id'], $_GET['id'] ]);
+    // Fetch the product from the database and return the result as an Array
+    $product_download = $stmt->fetch(PDO::FETCH_ASSOC);
+    if (!$product_download) {
+        exit('Invalid ID!');
+    }
+} else {
+    exit('Invalid ID!');
+}
+// Create the headers for the downloadable file
+header('Pragma: public');
+header('Expires: 0');
+header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+header('Cache-Control: public');
+header('Content-Description: File Transfer');
+header('Content-type: application/octet-stream');
+header('Content-Disposition: attachment; filename="' . basename($product_download['file_path']) . '"');
+header('Content-Transfer-Encoding: binary');
+header('Content-Length: ' . filesize($product_download['file_path']));
+ob_end_flush();
+// Download file
+@readfile($product_download['file_path']);
+exit;
+?>