The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.
|
 |
|
Dev Shed Forums
> Programming Languages
> PHP Development
|
PHP5 - Giving access permissions for content for users
Discuss Giving access permissions for content for users in the PHP Development forum on Dev Shed.
Giving access permissions for content for users PHP Development forum discussing coding practices, tips on PHP, and other PHP-related topics. PHP is an open source scripting language that has taken the web development industry by storm.
|
|
 |
|
|
|
|
Dev Shed Forums Sponsor:
|
|
|
December 5th, 2012, 12:47 AM
|
|
Registered User
|
|
Join Date: Dec 2012
Posts: 3
Time spent in forums: 1 h 24 m 31 sec
Reputation Power: 0
|
|
|
PHP5 - Giving access permissions for content for users
I would like to give the users the permissions to access the files from my e-commerce site to just have a preview.If he is having the preview of one file,he should not have the access to other files for some time until the preview time of first one which he is using is expired.Can anyone please help me out in developing this code.
|
December 5th, 2012, 01:25 AM
|
 |
Still alive
|
|
Join Date: Mar 2007
Location: Washington, USA
|
|
|
You'll have to explain a lot more and show some code before you can get any particularly useful advice.
|
December 5th, 2012, 02:15 AM
|
|
Registered User
|
|
Join Date: Dec 2012
Posts: 3
Time spent in forums: 1 h 24 m 31 sec
Reputation Power: 0
|
|
My actual requirement is I need to give permission to the registered users on my website to have a view of an eBook available from total number of books available.if user requests to view a book, he is allowed to view only that book and the view option for other books for the same user should be disabled for a week even though he completed reading the first one.
I have the code to limit the number of downloads but could not make it to change it to limit the number of views.
PHP Code:
<?php include('includes/application_top.php'); if (!tep_session_is_registered('customer_id')) die; // Check download.php was called with proper GET parameters if ((isset($HTTP_GET_VARS['order']) && !is_numeric($HTTP_GET_VARS['order'])) || (isset($HTTP_GET_VARS['id']) && !is_numeric($HTTP_GET_VARS['id'])) ) { die; } // Check that order_id, customer_id and filename match $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'"); if (!tep_db_num_rows($downloads_query)) die; $downloads = tep_db_fetch_array($downloads_query); // MySQL 3.22 does not have INTERVAL list($dt_year, $dt_month, $dt_day) = explode('-', $downloads['date_purchased_day']); $download_timestamp = mktime(23, 59, 59, $dt_month, $dt_day + $downloads['download_maxdays'], $dt_year); // Die if time expired (maxdays = 0 means no time limit) if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die; // Die if remaining count is <=0 if ($downloads['download_count'] <= 0) die; // Die if file is not there if (!file_exists(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'])) die; // Now decrement counter tep_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count = download_count-1 where orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "'"); // Returns a random name, 16 to 20 characters long // There are more than 10^28 combinations // The directory is "hidden", i.e. starts with '.' function tep_random_name() { $letters = 'abcdefghijklmnopqrstuvwxyz'; $dirname = '.'; $length = floor(tep_rand(16,20)); for ($i = 1; $i <= $length; $i++) { $q = floor(tep_rand(1,26)); $dirname .= $letters[$q]; } return $dirname; } // Unlinks all subdirectories and files in $dir // Works only on one subdir level, will not recurse function tep_unlink_temp_dir($dir) { $h1 = opendir($dir); while ($subdir = readdir($h1)) { // Ignore non directories if (!is_dir($dir . $subdir)) continue; // Ignore . and .. and CVS if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue; // Loop and unlink files in subdirectory $h2 = opendir($dir . $subdir); while ($file = readdir($h2)) { if ($file == '.' || $file == '..') continue; @unlink($dir . $subdir . '/' . $file); } closedir($h2); @rmdir($dir . $subdir); } closedir($h1); } // Now send the file with header() magic header("Expires: Mon, 26 Nov 1962 00:00:00 GMT"); header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: Application/octet-stream"); header("Content-disposition: attachment; filename=" . $downloads['orders_products_filename']); if (DOWNLOAD_BY_REDIRECT == 'true') { // This will work only on Unix/Linux hosts tep_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC); $tempdir = tep_random_name(); umask(0000); mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777); symlink(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']); if (file_exists(DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])) { tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])); } } // Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']); ?>
|
December 5th, 2012, 02:27 AM
|
|
Still alive
|
|
Join Date: Mar 2007
Location: Washington, USA
|
|
|
Views and downloads are practically identical.
Before we can see your code you need to edit your post. If you haven't noticed all the newlines are gone - that's what happens when you paste your code into the popup dialog the PHP code tag gives you.
Leave the [php] tags in but re-paste your code in between them. Then Preview Post and make sure it's all readable.
|
December 5th, 2012, 03:32 AM
|
|
Registered User
|
|
Join Date: Dec 2012
Posts: 3
Time spent in forums: 1 h 24 m 31 sec
Reputation Power: 0
|
|
PHP Code:
<?php
include('includes/application_top.php');
if (!tep_session_is_registered('customer_id')) die;
// Check download.php was called with proper GET parameters
if ((isset($HTTP_GET_VARS['order']) && !is_numeric($HTTP_GET_VARS['order'])) || (isset($HTTP_GET_VARS['id']) && !is_numeric($HTTP_GET_VARS['id'])) ) {
die;
}
// Check that order_id, customer_id and filename match
$downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");
if (!tep_db_num_rows($downloads_query)) die;
$downloads = tep_db_fetch_array($downloads_query);
// MySQL 3.22 does not have INTERVAL
list($dt_year, $dt_month, $dt_day) = explode('-', $downloads['date_purchased_day']);
$download_timestamp = mktime(23, 59, 59, $dt_month, $dt_day + $downloads['download_maxdays'], $dt_year);
// Die if time expired (maxdays = 0 means no time limit)
if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die;
// Die if remaining count is <=0
if ($downloads['download_count'] <= 0) die;
// Die if file is not there
if (!file_exists(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'])) die;
// Now decrement counter
tep_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count = download_count-1 where orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "'");
// Returns a random name, 16 to 20 characters long
// There are more than 10^28 combinations
// The directory is "hidden", i.e. starts with '.'
function tep_random_name()
{
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
$length = floor(tep_rand(16,20));
for ($i = 1; $i <= $length; $i++) {
$q = floor(tep_rand(1,26));
$dirname .= $letters[$q];
}
return $dirname;
}
// Unlinks all subdirectories and files in $dir
// Works only on one subdir level, will not recurse
function tep_unlink_temp_dir($dir)
{
$h1 = opendir($dir);
while ($subdir = readdir($h1)) {
// Ignore non directories
if (!is_dir($dir . $subdir)) continue;
// Ignore . and .. and CVS
if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue;
// Loop and unlink files in subdirectory
$h2 = opendir($dir . $subdir);
while ($file = readdir($h2)) {
if ($file == '.' || $file == '..') continue;
@unlink($dir . $subdir . '/' . $file);
}
closedir($h2);
@rmdir($dir . $subdir);
}
closedir($h1);
}
// Now send the file with header() magic
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/octet-stream");
header("Content-disposition: attachment; filename=" . $downloads['orders_products_filename']);
if (DOWNLOAD_BY_REDIRECT == 'true') {
// This will work only on Unix/Linux hosts
tep_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC);
$tempdir = tep_random_name();
umask(0000);
mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777);
symlink(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);
if (file_exists(DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])) {
tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']));
}
}
// Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources
readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']);
?>
Last edited by E-Oreo : December 5th, 2012 at 11:24 PM.
|
December 5th, 2012, 12:33 PM
|
|
Still alive
|
|
Join Date: Mar 2007
Location: Washington, USA
|
|
|
Edit your post and keep the [php] tags.
|
Developer Shed Advertisers and Affiliates
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
Rate This Thread |
 Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
