#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    3
    Rep Power
    0

    Giving access permissions for content for users


    I would like to give the users the permissions to access the files from my e-commerce site to just have a preview.If he is having the preview of one file,he should not have the access to other files for some time until the preview time of first one which he is using is expired.Can anyone please help me out in developing this code.
  2. #2
  3. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,997
    Rep Power
    9397
    You'll have to explain a lot more and show some code before you can get any particularly useful advice.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    3
    Rep Power
    0
    My actual requirement is I need to give permission to the registered users on my website to have a view of an eBook available from total number of books available.if user requests to view a book, he is allowed to view only that book and the view option for other books for the same user should be disabled for a week even though he completed reading the first one.

    I have the code to limit the number of downloads but could not make it to change it to limit the number of views.
    PHP Code:
    <?php    include('includes/application_top.php');    if (!tep_session_is_registered('customer_id')) die;  // Check download.php was called with proper GET parameters   if ((isset($HTTP_GET_VARS['order']) && !is_numeric($HTTP_GET_VARS['order'])) || (isset($HTTP_GET_VARS['id']) && !is_numeric($HTTP_GET_VARS['id'])) ) {     die;   }    // Check that order_id, customer_id and filename match   $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");   if (!tep_db_num_rows($downloads_query)) die;   $downloads = tep_db_fetch_array($downloads_query); // MySQL 3.22 does not have INTERVAL   list($dt_year, $dt_month, $dt_day) = explode('-', $downloads['date_purchased_day']);   $download_timestamp = mktime(23, 59, 59, $dt_month, $dt_day + $downloads['download_maxdays'], $dt_year);  // Die if time expired (maxdays = 0 means no time limit)   if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die; // Die if remaining count is <=0   if ($downloads['download_count'] <= 0) die; // Die if file is not there   if (!file_exists(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'])) die;    // Now decrement counter   tep_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count = download_count-1 where orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "'");  // Returns a random name, 16 to 20 characters long // There are more than 10^28 combinations // The directory is "hidden", i.e. starts with '.' function tep_random_name() {   $letters = 'abcdefghijklmnopqrstuvwxyz';   $dirname = '.';   $length = floor(tep_rand(16,20));   for ($i = 1; $i <= $length; $i++) {    $q = floor(tep_rand(1,26));    $dirname .= $letters[$q];   }   return $dirname; }  // Unlinks all subdirectories and files in $dir // Works only on one subdir level, will not recurse function tep_unlink_temp_dir($dir) {   $h1 = opendir($dir);   while ($subdir = readdir($h1)) { // Ignore non directories     if (!is_dir($dir . $subdir)) continue; // Ignore . and .. and CVS     if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue; // Loop and unlink files in subdirectory     $h2 = opendir($dir . $subdir);     while ($file = readdir($h2)) {       if ($file == '.' || $file == '..') continue;       @unlink($dir . $subdir . '/' . $file);     }     closedir($h2);      @rmdir($dir . $subdir);   }   closedir($h1); }   // Now send the file with header() magic   header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");   header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");   header("Cache-Control: no-cache, must-revalidate");   header("Pragma: no-cache");   header("Content-Type: Application/octet-stream");   header("Content-disposition: attachment; filename=" . $downloads['orders_products_filename']);    if (DOWNLOAD_BY_REDIRECT == 'true') { // This will work only on Unix/Linux hosts     tep_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC);     $tempdir = tep_random_name();     umask(0000);     mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777);     symlink(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);     if (file_exists(DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])) {       tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']));     }   }  // Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources   readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']); ?>
  6. #4
  7. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,997
    Rep Power
    9397
    Views and downloads are practically identical.

    Before we can see your code you need to edit your post. If you haven't noticed all the newlines are gone - that's what happens when you paste your code into the popup dialog the PHP code tag gives you.
    Leave the [php] tags in but re-paste your code in between them. Then Preview Post and make sure it's all readable.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    3
    Rep Power
    0
    PHP Code:
    <?php

      
    include('includes/application_top.php');

      if (!
    tep_session_is_registered('customer_id')) die;

    // Check download.php was called with proper GET parameters
      
    if ((isset($HTTP_GET_VARS['order']) && !is_numeric($HTTP_GET_VARS['order'])) || (isset($HTTP_GET_VARS['id']) && !is_numeric($HTTP_GET_VARS['id'])) ) {
        die;
      }
      
    // Check that order_id, customer_id and filename match
      
    $downloads_query tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " TABLE_ORDERS " o, " TABLE_ORDERS_PRODUCTS " op, " TABLE_ORDERS_PRODUCTS_DOWNLOAD " opd, " TABLE_ORDERS_STATUS " os where o.customers_id = '" . (int)$customer_id "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id "'");
      if (!
    tep_db_num_rows($downloads_query)) die;
      
    $downloads tep_db_fetch_array($downloads_query);
    // MySQL 3.22 does not have INTERVAL
      
    list($dt_year$dt_month$dt_day) = explode('-'$downloads['date_purchased_day']);
      
    $download_timestamp mktime(235959$dt_month$dt_day $downloads['download_maxdays'], $dt_year);

    // Die if time expired (maxdays = 0 means no time limit)
      
    if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die;
    // Die if remaining count is <=0
      
    if ($downloads['download_count'] <= 0) die;
    // Die if file is not there
      
    if (!file_exists(DIR_FS_DOWNLOAD $downloads['orders_products_filename'])) die;
      
    // Now decrement counter
      
    tep_db_query("update " TABLE_ORDERS_PRODUCTS_DOWNLOAD " set download_count = download_count-1 where orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "'");

    // Returns a random name, 16 to 20 characters long
    // There are more than 10^28 combinations
    // The directory is "hidden", i.e. starts with '.'
    function tep_random_name()
    {
      
    $letters 'abcdefghijklmnopqrstuvwxyz';
      
    $dirname '.';
      
    $length floor(tep_rand(16,20));
      for (
    $i 1$i <= $length$i++) {
       
    $q floor(tep_rand(1,26));
       
    $dirname .= $letters[$q];
      }
      return 
    $dirname;
    }

    // Unlinks all subdirectories and files in $dir
    // Works only on one subdir level, will not recurse
    function tep_unlink_temp_dir($dir)
    {
      
    $h1 opendir($dir);
      while (
    $subdir readdir($h1)) {
    // Ignore non directories
        
    if (!is_dir($dir $subdir)) continue;
    // Ignore . and .. and CVS
        
    if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue;
    // Loop and unlink files in subdirectory
        
    $h2 opendir($dir $subdir);
        while (
    $file readdir($h2)) {
          if (
    $file == '.' || $file == '..') continue;
          @
    unlink($dir $subdir '/' $file);
        }
        
    closedir($h2); 
        @
    rmdir($dir $subdir);
      }
      
    closedir($h1);
    }


    // Now send the file with header() magic
      
    header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
      
    header("Last-Modified: " gmdate("D,d M Y H:i:s") . " GMT");
      
    header("Cache-Control: no-cache, must-revalidate");
      
    header("Pragma: no-cache");
      
    header("Content-Type: Application/octet-stream");
      
    header("Content-disposition: attachment; filename=" $downloads['orders_products_filename']);

      if (
    DOWNLOAD_BY_REDIRECT == 'true') {
    // This will work only on Unix/Linux hosts
        
    tep_unlink_temp_dir(DIR_FS_DOWNLOAD_PUBLIC);
        
    $tempdir tep_random_name();
        
    umask(0000);
        
    mkdir(DIR_FS_DOWNLOAD_PUBLIC $tempdir0777);
        
    symlink(DIR_FS_DOWNLOAD $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC $tempdir '/' $downloads['orders_products_filename']);
        if (
    file_exists(DIR_FS_DOWNLOAD_PUBLIC $tempdir '/' $downloads['orders_products_filename'])) {
          
    tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC $tempdir '/' $downloads['orders_products_filename']));
        }
      }

    // Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources
      
    readfile(DIR_FS_DOWNLOAD $downloads['orders_products_filename']);
    ?>
    Last edited by E-Oreo; December 5th, 2012 at 11:24 PM.
  10. #6
  11. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,997
    Rep Power
    9397

IMN logo majestic logo threadwatch logo seochat tools logo