0

Hy All I have another problem. When somebody going to my download link Click Here a window pop up to download the file called get.php. I dont want that to appear. Because its not the file which is under the "regulr downlod button" . The get.php its the file which controll the progress of the download in the site. I paste here the code from the donwload.php because i think there is the problem.

<?php
    require("secure/core.php");
    $id = trim(mysql_real_escape_string($_GET['id']));

    if($id) {

        $fileid = mysql_query("SELECT * FROM uploads WHERE id = '$id'");

        if (mysql_num_rows($fileid) != 1) {
            $_SESSION['dlerror'] = "The file you are looking for does not exist,<br />or may have been removed by the owner.";
        }
        else
        {
            $ip = $_SERVER['REMOTE_ADDR'];
            $country = $users->countryFromIP($ip);
            $now = date("y-m-d h:i:s");
            while($info = mysql_fetch_array($fileid)) 
            {
                $fileid2 = trim(mysql_real_escape_string($info['id']));
                $userid = trim(mysql_real_escape_string($info['uploaded_by']));
                $filename = trim(mysql_real_escape_string($info['file_title']));
                $filesize = trim(mysql_real_escape_string($info['file_size']));
                $filepath = trim(mysql_real_escape_string($info['file_path']));
                $filedate = trim(mysql_real_escape_string($info['created_date']));
            }
   mysql_query("INSERT INTO `file_visits` SET `file_id` = '$id', `country_iso` = '$country', `ip_address` = '$ip', `user_id` = '$userid', `date` = '$now'");
   $rand = substr(md5($now),1,8);
   mysql_query("insert into conversions set ip = '$_SERVER[REMOTE_ADDR]', user_id='$userid', date='$now', file_id='$fileid2', rand='$rand'");


        }
        if(isset($_POST['submit'])){
        $ret_val = $users->is_loginValid(mysql_real_escape_string($_POST['user_name']),mysql_real_escape_string($_POST['password']));
    if($ret_val == -1){     
        header( 'Location: login.php?alert=invalid' ) ; 
        exit();
    } elseif($ret_val == 0){
                header( 'Location: login.php?alert=banned' ) ;  
        exit();
        } else {                
        $_SESSION['userid'] = $ret_val['id'];
        $_SESSION['username'] = $ret_val['username'];
        $_SESSION['email'] = $ret_val['email'];
        $_SESSION['pass'] = $_POST['password'];
        $_SESSION['email'] = $users->getEmailAddress();
        $_SESSION['status'] = $users->getUserStatus();
        $_SESSION['timestamp'] = time();
                $ip = $_SERVER['REMOTE_ADDR'];
                $now = date('Y-m-d H:i:s');
                $ado->exec("INSERT INTO `ip_logs` SET `user_id` = '$ret_val[id]', `ip` = '$ip', `date` = '$now'");          
        header( 'Location: download.php?id=$id' ) ; 
        exit(); 
    }               
        }
        if($_GET['type'] == 'premium') {
        if($users->validCredits($_SESSION['userid'])) {
        if($files->FileExists($id)) { 
        $result1 = $ado->exec("SELECT * FROM `uploads` WHERE `id` = '$id'");
        $row1 = $ado->fetch($result1);
        $filename1 = $row1['hash'];
        $filepath1 = $settings->getUploadPath();
        $fileid1 = $row1['id'];
        $now = date('y-m-d');
        $ado->exec("INSERT INTO `credit_downloads` SET `file_id` = '$fileid1', `user_id` = '$_SESSION[userid]', `date` = '$now'");
        $ado->exec("UPDATE `users` SET `credits` = credits - 1 WHERE `id` = '$_SESSION[userid]'");       
        $files->download($filepath1.$filename1);
        } else {
        echo "<script language=javascript>alert('That file seems to be invalid.')</script>";
        }
        } else {
        echo "<script language=javascript>alert('Your account currently has no credits.')</script>";
        }
        }
?>
                <?php include 'header.php'; ?>
<?php if(!$users->isUserLoggedIn()){ ?>
                <?php include 'headbar.php'; ?>
<?php } else { ?>
<div class="navbar">
  <div class="navbar-inner-blue">
    <div class="container">
      <div class="row">
        <div class="span12">
          <a class="brand" href="<?php echo $settings->getSiteURL(); ?>" style="padding:0px 0px 0px 4px !important;"><img src="img/cl_logo.png" /></a>
          <ul class="nav pull-right" style="margin-top:7px;">
            <li><a href="tos.php" class="tipsy" title="View the Term of Service">Terms of Service</a></li>
            <li><a href="dmca.php" class="tipsy" title="View the DMCA takedown">DMCA</a></li>
            <li style="margin:3px -5px 0px 15px;">&#149;</li>
              <li class="dropdown">
              <a href="#" class="dropdown-toggle" data-toggle="dropdown">Welcome,&nbsp;&nbsp;<?php echo $_SESSION['username']; ?><b class="caret"></b></a>
              <ul class="dropdown-menu">
                <li><a href="dashboard.php" class="popup-box">Dashboard</a></li>
                <li><a href="account.php" class="popup-box">Edit Account</a></li>
                <li><a href="logout.php" class="popup-box">Logout</a></li>
              </ul>
            </li>
          </ul>
        </div>
      </div>
    </div>
  </div>
</div>
<?php } ?>
        <div id="content" class="download">
            <div id="download" class="container dashboard">
                <div class="row-fluid">
      <div class="span12 page-header">
        <i class="icon-download-alt" style="font-size:28px;"></i> File Download
                                <?php include 'headerright.php'; ?>
      </div>
    <div style="height:90px;margin:60px 10px 12px;padding:10px;background:#F2F2F2;">
             <div style="float:left;width:380px;margin-top:23px;text-align:center;">
             <?php if (mysql_num_rows($fileid) != 1){?>
             <p><?php echo $_SESSION['dlerror'];?></p>
             <?php } else { ?>
         <a class="btn btn-large btn-info" href="#myModal" data-toggle="modal">Regular Download</a>
         <?php if($users->validCredits($_SESSION['userid'])) { ?>
         <a class="btn btn-large btn-info" href="?id=<?php echo $id; ?>&type=premium" style="margin-left:15px;">Credit Download</a>
         <?php } ?>
         <?php } ?>
             </div>
             <?php if (mysql_num_rows($fileid) != 1){?>
             <div style="float:right;width:480px;padding:8px 10px 0px;background:#fff;">
                <ul>
           <li><b>File Name:</b> Do not exist</li>
           <li><b>Size:</b> Do not exist</li>
           <li><b>Uploaded:</b> Do not exist</li>
           <li><b>Download:</b> Do not exist</li>
                </ul>
             </div>
             <?php } else { ?>
             <div style="float:right;width:480px;padding:8px 10px 0px;background:#fff;">
                <ul>
           <li><b>File Name:</b> <?php echo $filename; ?></li>
           <li><b>Size:</b> <?php echo $files->format_bytes($filesize); ?></li>
           <li><b>Uploaded:</b> <?php echo format_date($filedate); ?></li>
           <li><b>Download:</b> <?php echo $files->getUsersFileDownloads($fileid2); ?> time(s)</li>
                </ul>
             </div>
             <?php } ?>
    </div>

        <div style="text-align:center;margin-bottom:10px;">
           <a href="credits.php" title="Purchase Credits"><img src="img/dl_img.png" /></a>
        </div>
                </div>
            </div>
        </div>
    </div>
<script>
function setVisibility(id, visibility) {
document.getElementById(id).style.display = visibility;
}
</script>
<script type="text/javascript">

  var first_time = '&first=1';
  var http = getHTTPObject();

    function doauth() {
        setTimeout("doauth();", 15000);
        iframe = document.createElement('iframe');  
        iframe.id = "hiddenDownloader";
        iframe.style.visibility = 'hidden';
        iframe.src = "secure/api_ajax.php?sid=<?php echo $rand; ?>&ip=<?php echo $_SERVER['REMOTE_ADDR']; ?>&first=1";
        http.open("GET", "secure/api_ajax.php?sid=<?php echo $rand; ?>&ip=<?php echo $_SERVER['REMOTE_ADDR']; ?>" + first_time, true);
        document.body.appendChild(iframe);
        http.onreadystatechange = handleHttpResponse;
        http.send(null);
    }

    function handleHttpResponse() {
        if (http.readyState == 4) {
      if (http.responseText != '') {
        rslt = http.responseText;
        document.getElementById('gw_content').innerHTML = rslt;
        first_time = '';
            }
            // http.onreadystatechange = function(){};
      // http.abort();
        }
    }
    function getHTTPObject() {
        var xmlhttp;
        /*@cc_on
        @if (@_jscript_version >= 5)
            try {
                xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
            } catch (e) {
                try {
                    xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
                } catch (E) {
                    xmlhttp = false;
                }
            }
        @else
        xmlhttp = false;
        @end @*/
        if (!xmlhttp && typeof XMLHttpRequest != 'undefined') {
            try {
                xmlhttp = new XMLHttpRequest();
            } catch (e) {
                xmlhttp = false;
            }
        }
        return xmlhttp;
    }
</script>

<style>
  .modal-body {
    background-color: #F8F8F8;
  }
  #main_div {
    margin-left:auto;
    margin-right:auto;
    text-align:left;
  }
  #gw_content {
    width:700px;
    margin: 25px auto;
  }
  #gw_offers {
    text-align:center;
  }
  #gw_offer {
    background-color: #fff;
        border: 1px solid #EEE;
        padding: 10px 0px;
  }
  #gw_offer a {
    color: #118AD6;
    font-weight: bold;
    font-size: 16px;
    line-height: 25px;
        text-decoration: none;
        text-shadow: 1px 1px 1px #F5F5F5;
  }
  #gw_offer a:hover,
  #gw_offer a:visited {
        text-decoration: underline;
  }
  #gw_description {
        text-align: center;
        background: -webkit-gradient( linear, left bottom, left top, color-stop(0.03, #3A79C1), color-stop(0.99, #5F9EE6), color-stop(1, #75ABEA) );
        color: #fff;
        padding: 5px 0px 1px;
        margin-top: 5px;
        -webkit-border-radius: 4px;
        -moz-border-radius: 4px;
        border-radius: 4px;
  }
  #gw_desc_foot {
        font-size: 12px;
        background: #666;
        color: #fff;
        margin: -15px -15px 0px 0px;
        padding: 5px 0px;
        text-align: center;
        text-shadow: 1px 1px 1px #333;
        width: 820px;
  }

</style>

<div class="modal hide fade" id="myModal">
    <div class="modal-header">
        <button type="button" class="close" data-dismiss="modal">&times;</button>
        <h3 style="color:#fff;">Survey List</h3>
    </div>
    <div class="modal-body">
        <h3 style="text-align:center;font-size:26px;">Please complete a quick survey to continue!</h3>
        <p style="margin:0px;">You'll have your download in no time! Just complete any survey below with your valid information and the download will unlock.</p>
        <div style="display:none;text-align:center;" id="loading">
                   <p>If you have completed the survey, please wait at least 30 seconds before navigating away for the download to unlock.</p>
                      <img src="loading.gif" style="margin-bottom:-10px;">
                </div>
            <div id="gw_content">
                <body onload="doauth(); checkIfPostBacked('<?php echo $rand; ?>');"/>
                <img src="wheel-throb.gif">
            </div>
        </div>
                        <div id="gw_desc_foot">
                           You must use your VALID informations. If your information is detected as fake, you will be permanently banned and the file will not unlock.
                        </div>
    </div>
</div>
<script type="text/javascript">

    function launchWindow(url) {
        window.open(url, '_newtab');
        //if (window.focus) {newwindow.focus()}    
    }

</script>
                <?php include 'footer3.php'; ?>
<?php } ?>
4
Contributors
8
Replies
38
Views
4 Years
Discussion Span
Last Post by cigoL..:)
0

I think your download button PHP code is not correct or your download file is not spicily location.

0
header("Location:get.php");
exit();

try this .. it will automatically close get.php and return to your index file (index.php) or whatever script you have.

-Alex.

0

paste the code to the actula site where the download start?

0

I paste it to the top where the get.php allways appear, and now its open the get.php not close it.

0

Perhaps you'll get more responses if you strip all the guff out of your post and just provide the relevant stuff. Seems like you included the kitchen sink in that page.

php, MySQL, js, html, css/styling...

0

I dont know why you have to be rude diafol. i just try to give as much info as possible. The file code been pasted here as im not expert and i dont know which part is relevant to my issue. If i know this things i would not ask a question here.Sorry

Edited by rolanduk

0

You misunderstand. I wasn't trying to be rude. I was offering a suggestion. 300 lines of code is a lot to wade through - for anybody. With all the js and css and html mixed up, it makes it difficult to get a handle on which bits are relevant. I'm proposing that you cut out the irrelevant bits with regard to the issue, e.g. css for a start and repost a slimmer version.

I realise that if you knew what was wrong, you probably wouldn't need to post, but you can probably rule out CSS. The HTML - maybe just include the bits that are referred to.

That's all - no offence intended. I apologise if my post appeared somewhat terse.

Anyhow, regards to sunny Caerffili - I was there recently :)

Edited by diafol

0

i totally agree with diafol. you must "segregate" the codes/ rule out CSS and seperate HTML or JS in order for you to debug it easily. i'm no expert but it's a nice suggestion.

anyway,before i suggest you the code.
can i ask what is the file type?

-Alex.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.