File password feature problem

All support enquiries for DFH go in here...

File password feature problem

Postby test » Sun Oct 23, 2011 6:07 pm

I'm using DFH v1.2.2.

When I enter a file password, and then upload it, it's ok.
But when I'm trying to download the file - it takes me back to the start page (the one that you see the normal users and the members comparison table). Long story short - When I enter the correct password I'm getting back to download.php?file=blahblahblah

Funny thing is, that when I go to the admin panel, then re-enable the "file password" feature, saves the settings, and then tries to download the same file, with the same correct password - I can get to the captcha screen, but it only happens with the same browser window that I've used to edit the settings, and I think also probably because I'm still logged in as admin.

I've tried setting config.php's permission 666, and even 777, but it does not help.

Please help, thanks.
test
Standard Member
 
Posts: 37
Joined: Tue Apr 05, 2011 1:21 pm

Re: File password feature problem

Postby SamEA » Mon Oct 24, 2011 2:36 am

Please post or PM me your URL in order to know exactly what goes wrong.
SamEA,
DaddyScripts' Admin & Developer.

Require a PHP or general IT freelancer? Don't hesitate to PM me.
User avatar
SamEA
Site Admin
 
Posts: 1165
Joined: Sat Feb 19, 2011 7:51 pm

Re: File password feature problem

Postby test » Tue Oct 25, 2011 1:08 pm

Sent you a PM... Thanks.
test
Standard Member
 
Posts: 37
Joined: Tue Apr 05, 2011 1:21 pm

Re: File password feature problem

Postby SamEA » Tue Oct 25, 2011 4:34 pm

test wrote:Sent you a PM... Thanks.


Thank you for your PM. Will do a fresh install myself and see if this error message occurs when near a PC.
SamEA,
DaddyScripts' Admin & Developer.

Require a PHP or general IT freelancer? Don't hesitate to PM me.
User avatar
SamEA
Site Admin
 
Posts: 1165
Joined: Sat Feb 19, 2011 7:51 pm

Re: File password feature problem

Postby SamEA » Fri Nov 04, 2011 3:17 am

This is a bug within DFH v1.2.2.

To fix this bug, replace download.php with the following:
Code: Select all
<?php
///////////////////////////////////////////////////////////////////////////
//  Product: Daddy's File Host               
//  Version: 1.2                       
//                        
// by DaddyScripts.com                  
//                               
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)
//////////////////////////////////////////////////////////////////////////

require_once("./config.php");
include("./header.php");

if(in_array($language, $LANGUAGE_LIST)) {
  include('./lang/'.$language.'.php');
} else {
  include('./lang/'.$LANGUAGE_LIST[0].'.php');
}

if (is_file('./files/'.$_GET['file'] .'.dfh')){
}else{
echo "<center><b>$lang[inlink]</center></b><br />";
?> <META HTTP-EQUIV="Refresh"
      CONTENT="10; URL=index.php"> <?
include("./squareads.php");?><p><?

echo "<center><b>$lang[uwbr]</center></b><br />";
  ?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
  die();
}

if (isset($_SESSION['user'])){
emailcheck();
if ($ucontent[5] == "true"){
$_SESSION['emailactcheck'] = "ok";
}
}
if (isset($_GET['del']) || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin" || isset($_POST['pass']) || $_SESSION['randno'] == $_POST['access'] && isset($_SESSION['randno'])){
unset($_SESSION['randno']);

$rand1 =rand(0,9);
$rand2 =rand(0,9);
$rand3 =rand(0,9);
$rand4 =rand(0,9);
$rand5 =rand(0,9);
$rand6 =rand(0,9);
$secrandcode = $rand1. $rand2. $rand3. $rand4. $rand5. $rand6;

$bans=file("./secure/bans.dfh");
foreach($bans as $line)
{
  if ($line==$_SERVER['REMOTE_ADDR']){
?>
<center><table style='margin-top:20px;width:790px;height:400px;'><tr><td style='border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;' valign=top><?
    echo "$lang[younallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
    include("./footer.php");
    die();
  }
}

if(isset($_GET['file'])) {
  $filecrc = $_GET['file'];
} else {
?>

<?
?>
<center><table style='margin-top:20px;width:790px;height:400px;'><tr><td style='border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;' valign=top><?
  echo "$lang[inlink] <br />";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
  include("./footer.php");
  die();
}

$foundfile=0;
if (file_exists("./files/".$filecrc.".dfh")) {
   $fh1=fopen("./files/".$filecrc.".dfh",r);
   $foundfile= explode('|', fgets($fh1));
   fclose($fh1);
}
{
  $thisline = explode('|', $line);
  if ($thisline[0]==$filecrc){
    $foundfile=$thisline;
  }
}

if(isset($_GET['del'])) {

$deleted=0;
$filecrc = $_GET['file'];
$filecrctxt = $filecrc . ".dfh";
$passcode = $_GET['del'];
if (file_exists("./files/".$filecrctxt)) {
   $fh2=fopen ("./files/".$filecrctxt,r);
   $thisline= explode('|', fgets($fh2));
   if($thisline[2] == $passcode){
$deleted=1;
fclose($fh2);
      if($thisline[10] <> ""){
      unlink("./userfiles/files/" .$thisline[10] ."/" .$filecrctxt);
      }
      unlink("./files/".$filecrctxt);
   }

}

if($deleted==1){
unlink("./storage/".$_GET['file']);
?>
<?
echo "<center><b>$lang[ufwd]</b></center><br />";
?> <META HTTP-EQUIV="Refresh"
      CONTENT="10; URL=index.php"> <?
include("./squareads.php");?><p><?

echo "<center><b>$lang[uwbr] </center></b><br />";
} else {
?><?
echo "<center><b>$lang[indlink2] </b></center><br />";
?> <META HTTP-EQUIV="Refresh"
      CONTENT="10; URL=index.php"> <?
include("./squareads.php");?><p><?

echo "<center><b>$lang[uwbr] </center></b><br />";
}
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();

}

if($foundfile==0) {
?> <?
  echo "<center><b>$lang[inlink]</center></b><br />";
?> <META HTTP-EQUIV="Refresh"
      CONTENT="10; URL=index.php"> <?
include("./squareads.php");?><p><?

echo "<center><b>$lang[uwbr]</center></b><br />";
  ?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
  die();
}

if(isset($foundfile[7]) && $foundfile[7]!=md5("") && (!isset($_POST['pass']) || $foundfile[7] != md5($_POST['pass']))){
?> 
 <p> <?
echo "<form action=\"download.php?file=".$foundfile[0]."\" method=\"post\"><center><b>$lang[pw2] : </center></b><p><center><input type=\"password\" name=\"pass\"><p><center><input value=\"Enter\" type=\"submit\" /></form>";
?><p><center><? echo $lang[petc];?></center><?
?><p><p><?
include("./bottomads.php");
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}
?>
<center>
 <? include("./ads.php");  ?>
<?

$filesize = filesize("./storage/".$foundfile[0]);
$filesize = $filesize / 1048576;

$userip=$_SERVER['REMOTE_ADDR'];
$time=time();

///////////////////////////////////////////TIMER////////////////////////////////////
if($filesize > $nodolimit) {
if(file_exists("./downloader/".$userip.".dfh"))
{

$downloaders = fopen("./downloader/".$userip.".dfh","r+");
flock($downloaders,2);

while (!feof($downloaders)) {
  $user[] = chop(fgets($downloaders,65536));
}

fseek($downloaders,0,SEEK_SET);
ftruncate($downloaders,0);

$youcantdownload = 0;
foreach ($user as $line) {
list($savedip,$savedtime) = explode('|',$line);
 if ($savedip == $userip) {
    if ($time < $savedtime + ($downloadtimelimit*60)) {
      $youcantdownload = 1;
     $downtimer = $time - $savedtime ;
     $counter = $downloadtimelimit*60 - $downtimer;
    }
  }

  if ($time < $savedtime + ($downloadtimelimit*60)) {
    fputs($downloaders,"$savedip|$savedtime\n");
  }
}


if($youcantdownload==1) {

echo "<h1><center>Download Time Limit</center></h1>";
       ?><script type="text/javascript">

var running = false
var endTime = null
var timerID = null
var totalMinutes = <?php echo $counter;?>;

function startTimer() {
    running = true
    now = new Date()
    now = now.getTime()
    endTime = now + (1000 * totalMinutes);
    showCountDown()
}

function showCountDown() {
    var now = new Date()
    now = now.getTime()
    if (endTime - now <= 0) {
       clearTimeout(timerID)
       window.location.reload()

    } else {
        var delta = new Date(endTime - now)
        var theMin = delta.getMinutes()
        var theSec = delta.getSeconds()
        var theTime = theMin
        theTime += ((theSec < 10) ? ":0" : ":") + theSec
        document.getElementById('SessionTimeCount').innerHTML = 'Please wait ( <font color="#FF0000">' + theTime + '</font> ) Minutes for Download'
        if (running) {
            timerID = setTimeout("showCountDown()",1000)
        }
    }
}

window.onload=startTimer
</script>


<center><span id="SessionTimeCount"></span></center><br />
 <?

       include("./bottomads.php");
?><td><tr><table><?
       include("./footer.php");
      die();

}

}
}
///////////////////////////////////////////TIMER///////////////////////



$fsize = 0;
$fsizetxt = "";
  if ($filesize < 1)
  {
     $fsize = round($filesize*1024,0);
     $fsizetxt = "".$fsize." KB";
    $check1 = "KB";
  }
  else
    {
     $fsize = round($filesize,2);
     $fsizetxt = "".$fsize." MB";
$check1 = "MB";
  }

?>
<p>
<?
$quantity= $foundfile[5] * $fsizetxt;
$d=$descriptionoption;
switch ($d)
{
case false:
 $test="";
  break;
case true:
  $test= "$lang[fd6]";
  break;
default:
  echo ""; }
$f=$foundfile[6];
if ($f=="")
  $test2= "None";
else
  $test2= "$foundfile[6]";
$e=$descriptionoption;
switch ($e)
{
case false:
 $test4="";
  break;
case true:
  $test4= "$test2";
  break;
default:
  echo ""; }
$top = 1;
include ('./styles/'.$style.'/download.php');
$randcounter = rand(100,999);
?>
   <form id="form">
  <script>
function refreshh() {
window.location='<?php echo $scripturl . "download.php?file=" .$foundfile[0]; ?>';
}

function checksubmit()
{
if (document.getElementById("form").scode.value == <?php echo $secrandcode; ?> )
{
window.location='<?php echo $scripturl. "download2.php?a=" . $filecrc . "&b=" . md5($foundfile[2].$_SERVER['REMOTE_ADDR']) ?>';
window.setTimeout("refreshh()", 3000);
return false;
}
else
{
alert("ERROR:\n Securitycode was wrong!\n Please input the right Securitycode to download the File!");
window.location='<?php echo $scripturl . "download.php?file=" .$foundfile[0]; ?>';
}

}
</script>
<br>
<table cellspacing=2 cellpadding=2 border=0 height=16 width="250"><tr><td align=center background="img/captcha-a.png"><font color="#C0C0C0" size="5"><b><font face=times new roman><?php echo $secrandcode;?></td><td> Securitycode: <font size=1><strong><input type="text" name="scode" size="4" /></tr></table>
</form>
<p><div id="dl" align="center">

<?php

if($downloadtimer == 0) {
echo "<input type=\"button\" value=\"".$lang[dl_file_now]."\" onClick=window.location=\"".$scripturl. "download2.php?a=" . $filecrc . "&b=" . md5($foundfile[2].$_SERVER['REMOTE_ADDR'])."\">";
} else { ?>
<? echo $lang[nenjava];?>

<?php } ?>
</div>
<script language="Javascript">
x<?php echo $randcounter; ?>=<?php echo $downloadtimer; ?>;
function countdown()
{
 if ((0 <= 100) || (0 > 0))
 {
  x<?php echo $randcounter; ?>--;
  if(x<?php echo $randcounter; ?> == 0)
  {
document.getElementById("dl").innerHTML = '<input type="submit" value="<? echo $lang[dl_file_now];?>" onClick="checksubmit()" onClick="window.location=\'<?php echo $scripturl . "download2.php?a=" . $filecrc . "&b=" . md5($foundfile[2].$_SERVER['REMOTE_ADDR']) ?>\'">';
  }
  if(x<?php echo $randcounter; ?> > 0)
  {
 document.getElementById("dl").innerHTML = '<? echo $lang[dl_ticket];?><br><? echo $lang[dl_file_now1];?> <font color=#FF0000><b> '+x<?php echo $randcounter; ?>+'</b></font> <? echo $lang[dl_file_now2];?>...';
   setTimeout('countdown()',1000);
  }
 }
}
countdown();
</script><p>
<?php
$top = 0;
include ('./styles/'.$style.'/download.php');
include("./bottomads.php");
?>
 </td></tr></table></center>
<?php
include("./footer.php");
?>
<?
        $foo = '';

        if (!empty($_GET))
        {
                $foo .= '?';
                foreach ($_GET as $key => $val)
               {
                          $foo .= $key . '=' . $val;
               }
        }
$zufall = rand(10000000,99999999);
$ip=$_SERVER['REMOTE_ADDR'];
$host = gethostbyaddr($ip);
$datum = date("d.m.Y",time());
$uhrzeit = date("H:i",time());
$link = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"] . $foo;
$filename =  $foundfile[1];
$refferer = $_SERVER["HTTP_REFERER"];


$newfile = "./dl/".$zufall.".db";
$f=fopen($newfile, "w");
fwrite ($f,$ip."|".$host."|".$datum."|".$uhrzeit."|".$link."|".$filename."|".$refferer);
fclose($f);
chmod($newfile,0777);
}else{
$_SESSION['randno'] = md5(rand(1,100));
   $fop =  fopen('./files/' .$_GET['file'] .'.dfh', 'r');
   $foundfile = fread($fop, '999');
   fclose($fop);
   $foundfile = explode("|", $foundfile);
?>
<p align="center"><b><?php echo $lang[downloadattempt];?> <?php echo $foundfile[1];?></b></p>
<?php
include ('./styles/'.$style.'/comparison_table.php');
include('footer.php');
}
?>
SamEA,
DaddyScripts' Admin & Developer.

Require a PHP or general IT freelancer? Don't hesitate to PM me.
User avatar
SamEA
Site Admin
 
Posts: 1165
Joined: Sat Feb 19, 2011 7:51 pm

Re: File password feature problem

Postby test » Fri Nov 04, 2011 11:41 pm

Great news! Thanks!
I'll check the fix soon, and apply it. :)

Thanks again!
test
Standard Member
 
Posts: 37
Joined: Tue Apr 05, 2011 1:21 pm

Re: File password feature problem

Postby iheartbreakz » Thu Nov 17, 2011 10:53 pm

i have some changes on my download.php can you tell me what exact part you changed?
iheartbreakz
Moderator + Premium + Code Tester
 
Posts: 100
Joined: Wed Apr 20, 2011 2:14 pm

Re: File password feature problem

Postby SamEA » Mon Nov 21, 2011 12:30 pm

Changed
Code: Select all
if (isset($_GET['del']) || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin" || $_SESSION['randno'] == $_POST['access'] && isset($_SESSION['randno'])){

to
Code: Select all
if (isset($_GET['del']) || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin" || isset($_POST['pass']) || $_SESSION['randno'] == $_POST['access'] && isset($_SESSION['randno'])){


The only modification applied in that line, is that
Code: Select all
isset($_POST['pass'])
was added.
SamEA,
DaddyScripts' Admin & Developer.

Require a PHP or general IT freelancer? Don't hesitate to PM me.
User avatar
SamEA
Site Admin
 
Posts: 1165
Joined: Sat Feb 19, 2011 7:51 pm


Return to Daddy's File Host v1.X

Who is online

Users browsing this forum: No registered users and 27 guests

cron