Home Explore Help
Register Sign In
CQ_ADI
/
adicn
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e16aee2163
Branches Tags
adicn
/
phpcms
/
modules
/
content
/
down.php

down.php 7.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175 
  1. <?php
    2. 

  2. defined('IN_PHPCMS') or exit('No permission resources.');
    3. 

  3. //模型缓存路径
    4. 

  4. define('CACHE_MODEL_PATH',CACHE_PATH.'caches_model'.DIRECTORY_SEPARATOR.'caches_data'.DIRECTORY_SEPARATOR);
    5. 

  5. class down {
    6. 

  6. 	private $db;
    7. 

  7. 	function __construct() {
    8. 

  8. 		$this->db = pc_base::load_model('content_model');
    9. 

  9. 	}
    10. 

  10. 

  11. 	public function init() {
    12. 

  12. 		$a_k = trim($_GET['a_k']);
    13. 

  13. 		if(!isset($a_k)) showmessage(L('illegal_parameters'));
    14. 

  14. 		$a_k = sys_auth($a_k, 'DECODE', pc_base::load_config('system','auth_key'));
    15. 

  15. 		if(empty($a_k)) showmessage(L('illegal_parameters'));
    16. 

  16. 		unset($i,$m,$f);
    17. 

  17. 		$a_k = safe_replace($a_k);
    18. 

  18.         parse_str($a_k);
    19. 

  19. 		if(isset($i)) $i = $id = intval($i);
    20. 

  20. 		if(!isset($m)) showmessage(L('illegal_parameters'));
    21. 

  21. 		if(!isset($modelid)||!isset($catid)) showmessage(L('illegal_parameters'));
    22. 

  22. 		if(empty($f)) showmessage(L('url_invalid'));
    23. 

  23. 		$allow_visitor = 1;
    24. 

  24. 		$MODEL = getcache('model','commons');
    25. 

  25. 		$tablename = $this->db->table_name = $this->db->db_tablepre.$MODEL[$modelid]['tablename'];
    26. 

  26. 		$this->db->table_name = $tablename.'_data';
    27. 

  27. 		$rs = $this->db->get_one(array('id'=>$id));	
    28. 

  28. 		$siteids = getcache('category_content','commons');
    29. 

  29. 		$siteid = $siteids[$catid];
    30. 

  30. 		$CATEGORYS = getcache('category_content_'.$siteid,'commons');
    31. 

  31. 

  32. 		$this->category = $CATEGORYS[$catid];
    33. 

  33. 		$this->category_setting = string2array($this->category['setting']);
    34. 

  34. 		
    35. 

  35. 		//检查文章会员组权限
    36. 

  36. 		$groupids_view = '';
    37. 

  37. 		if ($rs['groupids_view']) $groupids_view = explode(',', $rs['groupids_view']);
    38. 

  38. 		if($groupids_view && is_array($groupids_view)) {
    39. 

  39. 			$_groupid = param::get_cookie('_groupid');
    40. 

  40. 			$_groupid = intval($_groupid);
    41. 

  41. 			if(!$_groupid) {
    42. 

  42. 				$forward = urlencode(get_url());
    43. 

  43. 				showmessage(L('login_website'),APP_PATH.'index.php?m=member&c=index&a=login&forward='.$forward);
    44. 

  44. 			}
    45. 

  45. 			if(!in_array($_groupid,$groupids_view)) showmessage(L('no_priv'));
    46. 

  46. 		} else {
    47. 

  47. 			//根据栏目访问权限判断权限
    48. 

  48. 			$_priv_data = $this->_category_priv($catid);
    49. 

  49. 			if($_priv_data=='-1') {
    50. 

  50. 				$forward = urlencode(get_url());
    51. 

  51. 				showmessage(L('login_website'),APP_PATH.'index.php?m=member&c=index&a=login&forward='.$forward);
    52. 

  52. 			} elseif($_priv_data=='-2') {
    53. 

  53. 				showmessage(L('no_priv'));
    54. 

  54. 			}
    55. 

  55. 		}
    56. 

  56. 		//阅读收费 类型
    57. 

  57. 		$paytype = $rs['paytype'];
    58. 

  58. 		$readpoint = $rs['readpoint'];
    59. 

  59. 		if($readpoint || $this->category_setting['defaultchargepoint']) {
    60. 

  60. 			if(!$readpoint) {
    61. 

  61. 				$readpoint = $this->category_setting['defaultchargepoint'];
    62. 

  62. 				$paytype = $this->category_setting['paytype'];
    63. 

  63. 			}		
    64. 

  64. 			//检查是否支付过
    65. 

  65. 			$allow_visitor = self::_check_payment($catid.'_'.$id,$paytype,$catid);
    66. 

  66. 			if(!$allow_visitor) {
    67. 

  67. 				$http_referer = urlencode(get_url());
    68. 

  68. 				$allow_visitor = sys_auth($catid.'_'.$id.'|'.$readpoint.'|'.$paytype).'&http_referer='.$http_referer;
    69. 

  69. 			} else {
    70. 

  70. 				$allow_visitor = 1;
    71. 

  71. 			}
    72. 

  72. 		}
    73. 

  73. 		if(preg_match('/(php|phtml|php3|php4|jsp|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\.|$)/i',$f) || strpos($f, ":\\")!==FALSE || strpos($f,'..')!==FALSE) showmessage(L('url_error'));
    74. 

  74. 		if(strpos($f, 'http://') !== FALSE || strpos($f, 'ftp://') !== FALSE || strpos($f, '://') === FALSE) {
    75. 

  75. 			$pc_auth_key = md5(pc_base::load_config('system','auth_key').$_SERVER['HTTP_USER_AGENT'].'down');
    76. 

  76. 			$a_k = urlencode(sys_auth("i=$i&d=$d&s=$s&t=".SYS_TIME."&ip=".ip()."&m=".$m."&f=$f&modelid=".$modelid, 'ENCODE', $pc_auth_key));
    77. 

  77. 			$downurl = '?m=content&c=down&a=download&a_k='.$a_k;
    78. 

  78. 		} else {
    79. 

  79. 			$downurl = $f;			
    80. 

  80. 		}
    81. 

  81. 		include template('content','download');
    82. 

  82. 	}
    83. 

  83. 	
    84. 

  84. 	public function download() {
    85. 

  85. 		$a_k = trim($_GET['a_k']);
    86. 

  86. 		$pc_auth_key = md5(pc_base::load_config('system','auth_key').$_SERVER['HTTP_USER_AGENT'].'down');
    87. 

  87. 		$a_k = sys_auth($a_k, 'DECODE', $pc_auth_key);
    88. 

  88. 		if(empty($a_k)) showmessage(L('illegal_parameters'));
    89. 

  89. 		unset($i,$m,$f,$t,$ip);
    90. 

  90. 		$a_k = safe_replace($a_k); parse_str($a_k);		
    91. 

  91. 		if(isset($i)) $downid = intval($i);
    92. 

  92. 		if(!isset($m)) showmessage(L('illegal_parameters'));
    93. 

  93. 		if(!isset($modelid)) showmessage(L('illegal_parameters'));
    94. 

  94. 		if(empty($f)) showmessage(L('url_invalid'));
    95. 

  95. 		if(!$i || $m<0) showmessage(L('illegal_parameters'));
    96. 

  96. 		if(!isset($t)) showmessage(L('illegal_parameters'));
    97. 

  97. 		if(!isset($ip)) showmessage(L('illegal_parameters'));
    98. 

  98. 		$starttime = intval($t);
    99. 

  99. 		if(preg_match('/(php|phtml|php3|php4|jsp|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\.|$)/i',$f) || strpos($f, ":\\")!==FALSE || strpos($f,'..')!==FALSE) showmessage(L('url_error'));
    100. 

  100. 		$fileurl = trim($f);
    101. 

  101. 		if(!$downid || empty($fileurl) || !preg_match("/[0-9]{10}/", $starttime) || !preg_match("/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/", $ip) || $ip != ip()) showmessage(L('illegal_parameters'));	
    102. 

  102. 		$endtime = SYS_TIME - $starttime;
    103. 

  103. 		if($endtime > 3600) showmessage(L('url_invalid'));
    104. 

  104. 		if($m) $fileurl = trim($s).trim($fileurl);
    105. 

  105. 		if(preg_match('/(php|phtml|php3|php4|jsp|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\.|$)/i',$fileurl) ) showmessage(L('url_error'));
    106. 

  106. 		//远程文件
    107. 

  107. 		if(strpos($fileurl, ':/') && (strpos($fileurl, pc_base::load_config('system','upload_url')) === false)) { 
    108. 

  108. 			header("Location: $fileurl");
    109. 

  109. 		} else {
    110. 

  110. 			if($d == 0) {
    111. 

  111. 				header("Location: ".$fileurl);
    112. 

  112. 			} else {
    113. 

  113. 				$fileurl = str_replace(array(pc_base::load_config('system','upload_url'),'/'), array(pc_base::load_config('system','upload_path'),DIRECTORY_SEPARATOR), $fileurl);
    114. 

  114. 				$filename = basename($fileurl);
    115. 

  115. 				//处理中文文件
    116. 

  116. 				if(preg_match("/^([\s\S]*?)([\x81-\xfe][\x40-\xfe])([\s\S]*?)/", $fileurl)) {
    117. 

  117. 					$filename = str_replace(array("%5C", "%2F", "%3A"), array("\\", "/", ":"), urlencode($fileurl));
    118. 

  118. 					$filename = urldecode(basename($filename));
    119. 

  119. 				}
    120. 

  120. 				$ext = fileext($filename);
    121. 

  121. 				$filename = date('Ymd_his').random(3).'.'.$ext;
    122. 

  122. 				$fileurl = str_replace(array('<','>'), '',$fileurl);
    123. 

  123. 				
    124. 

  124. 				file_down($fileurl, $filename);
    125. 

  125. 			}
    126. 

  126. 		}
    127. 

  127. 	}
    128. 

  128. 	
    129. 

  129. 	/**
    130. 

  130. 	 * 检查支付状态
    131. 

  131. 	 */
    132. 

  132. 	private function _check_payment($flag,$paytype,$catid) {
    133. 

  133. 		$_userid = param::get_cookie('_userid');
    134. 

  134. 		$_username = param::get_cookie('_username');
    135. 

  135. 		$siteids = getcache('category_content','commons');
    136. 

  136. 		$siteid = $siteids[$catid];
    137. 

  137. 		$CATEGORYS = getcache('category_content_'.$siteid,'commons');
    138. 

  138. 		$this->category = $CATEGORYS[$catid];
    139. 

  139. 		$this->category_setting = string2array($this->category['setting']);		
    140. 

  140. 		if(!$_userid) return false;
    141. 

  141. 		pc_base::load_app_class('spend','pay',0);
    142. 

  142. 		$setting = $this->category_setting;
    143. 

  143. 		$repeatchargedays = intval($setting['repeatchargedays']);
    144. 

  144. 		if($repeatchargedays) {
    145. 

  145. 			$fromtime = SYS_TIME - 86400 * $repeatchargedays;
    146. 

  146. 			$r = spend::spend_time($_userid,$fromtime,$flag);
    147. 

  147. 			if($r['id']) return true;
    148. 

  148. 		}
    149. 

  149. 		return false;
    150. 

  150. 	}
    151. 

  151. 

  152. 	/**
    153. 

  153. 	 * 检查阅读权限
    154. 

  154. 	 *
    155. 

  155. 	 */
    156. 

  156. 	private function _category_priv($catid) {
    157. 

  157. 		$catid = intval($catid);
    158. 

  158. 		if(!$catid) return '-2';
    159. 

  159. 		$_groupid = param::get_cookie('_groupid');
    160. 

  160. 		$_groupid = intval($_groupid);
    161. 

  161. 		if($_groupid==0) $_groupid = 8;
    162. 

  162. 		$this->category_priv_db = pc_base::load_model('category_priv_model');
    163. 

  163. 		$result = $this->category_priv_db->select(array('catid'=>$catid,'is_admin'=>0,'action'=>'visit'));
    164. 

  164. 		if($result) {
    165. 

  165. 			if(!$_groupid) return '-1';
    166. 

  166. 			foreach($result as $r) {
    167. 

  167. 				if($r['roleid'] == $_groupid) return '1';
    168. 

  168. 			}
    169. 

  169. 			return '-1';
    170. 

  170. 		} else {
    171. 

  171. 			return '1';
    172. 

  172. 		}
    173. 

  173. 	 }
    174. 

  174. }
    175. 

  175. ?>
    176.