summaryrefslogtreecommitdiffstats
path: root/common/contrib/pubdlcnt/SA-CONTRIB-2019-012.patch
blob: 7bb56fe824ecda22ac449e6a37e9be0d5bf69399 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
diff --git a/pubdlcnt.module b/pubdlcnt.module
index af20ba7..bd349ef 100644
--- a/pubdlcnt.module
+++ b/pubdlcnt.module
@@ -150,10 +150,22 @@ function _pubdlcnt_replace_anchor_url($all, $str1, $str2, $str3, $nid) {
       $str3 = $str3 . ' (' . $cnt . ')';
     }
   }
-  $matches[2] = base_path() . drupal_get_path('module', 'pubdlcnt') .
-          "/pubdlcnt.php?file=$matches[2]&nid=$nid";
 
-  $out = $matches[1] . $matches[2] . $matches[3] . $str2 . $str3;
+  $fid = db_result(db_query(
+    "SELECT id FROM {pubdlcnt} WHERE name='%s'",
+    $matches[2]));
+  if (empty($fid)) {
+    $today = gmdate('Y-m-d H:i:s');
+    db_query("INSERT INTO {pubdlcnt} (nid, name, count, date) VALUES (%d, '%s', %d, '%s')",
+      $nid, $matches[2], 0, $today);
+    $fid = db_last_insert_id('pubdlcnt', 'id');
+  }
+
+  $dlcnt_path = base_path() .
+      drupal_get_path('module', 'pubdlcnt') .
+      "/pubdlcnt.php?fid=" . $fid;
+
+  $out = $matches[1] . $dlcnt_path . $matches[3] . $str2 . $str3;
 
   return $out;  
 }
diff --git a/pubdlcnt.php b/pubdlcnt.php
index d4619e0..866e6a0 100755
--- a/pubdlcnt.php
+++ b/pubdlcnt.php
@@ -8,7 +8,7 @@
  *
  * @ingroup pubdlcnt
  *
- * Usage:  pubdlcnt.php?file=http://server/path/file.ext
+ * Usage:  pubdlcnt.php?fid={file_id}
  *
  * Requirement: PHP5 - get_headers() function is used
  *              (The script works fine with PHP4 but better with PHP5)
@@ -48,9 +48,6 @@ else {
   chdir('/absolute-path-to-drupal-root/'); // <---- edit this line!
 
   if (!file_exits('./includes/bootstrap.inc')) {
-    // We can not locate the bootstrap.inc file, let's give up using the
-    // script and just fetch the file
-    header('Location: ' . $_GET['file']);
     exit;
   }
 }
@@ -63,10 +60,27 @@ drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE);
 chdir($current_dir);
 
 /**
- * Step-2: get file query value (URL of the actual file to be downloaded)
+ * Step 2: Get file query value (fid of the file todownload)
  */
-$url = check_url($_GET['file']);
-$nid = check_url($_GET['nid']);
+
+if (!isset($_GET["fid"])) {
+  header($_SERVER["SERVER_PROTOCOL"] . " 400 Bad Request");
+  print "<pre>ERROR: no file specified for donwload.</pre>";
+  exit;
+}
+
+// Check that the fid given is valid:
+$rec = db_fetch_object(db_query(
+    "SELECT * FROM {pubdlcnt} WHERE id=%d",
+    $_GET["fid"]));
+if ($rec === FALSE) {
+  header($_SERVER["SERVER_PROTOCOL"] . " 400 Bad Request");
+  print "<pre>ERROR: invalid fid provided.</pre>";
+  exit;
+}
+
+$url = $rec->name;
+$nid = $rec->nid;
 
 if (!eregi("^(f|ht)tps?:\/\/.*", $url)) { // check if this is absolute URL 
   // if the URL is relative, then convert it to absolute
@@ -76,14 +90,17 @@ if (!eregi("^(f|ht)tps?:\/\/.*", $url)) { // check if this is absolute URL
 /**
  * Step-3: check if the url is valid or not
  */
-if (is_valid_file_url($url)) {
-  /**
-   * Step-4: update counter data (only if the URL is valid and file exists)
-   */
-  $filename = basename($url);
-  pubdlcnt_update_counter($filename, $nid);
+if (!is_valid_file_url($url)) {
+  header($_SERVER["SERVER_PROTOCOL"] . " 400 Bad Request");
+  print "<pre>ERROR: Invalid download url.</pre>";
 }
 
+/**
+ * Step-4: update counter data (only if the URL is valid and file exists)
+ */
+$filename = basename($url);
+pubdlcnt_update_counter($filename, $nid);
+
 /**
  * Step-5: redirect to the original URL of the file
  */