For about 6 months this has been stomping me.
Now repeat the assignment from the previous project, only this time, instead of cookies use sessions. Since sessions are being used, it is unnecessary to have the seven day limit from the previous assignment. However users should only be able to download the file once per session.
My index.php is
<?php
#start the session before any output
session_start();
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
require($_SERVER['DOCUMENT_ROOT']."/template_top.inc");
$regex_for_compatible_browser = "^(.*indows.*irefox.*)||(.*ac.*irefox.*)||(.*msie.*indows.*)$";
$ua = $_SERVER['HTTP_USER_AGENT']."<br />";
if (!preg_match("/$regex_for_compatible_browser/i", $ua)){
echo '<a href="
http://www.getfirefox.com/">You are on Windows or Mac, but you need Firefox.</a>';
}
$ip = $_SERVER['REMOTE_ADDR'];
$ipCheck = substr($ip,0,3);
if ($ipCheck == "202") {echo "Hacker IP; No access."; exit();}
if ($_SESSION['email']) {
echo $_SESSION['email'];
}
else {
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
}
?>
<form method="post" name="vnosnaForma" action="download.php">
<span id="new1Label">Enter Your e-mail: </span><input type="text"
size="25" name="email" value="<?php echo $_GET['email']; ?>">
<input type="submit" name="button" value="Download now!" />
<input type="hidden" name="check" value="1" />
<input type="text" name="downloaded" value="<?php
if (!($_GET['email'] || $_SESSION['email'])) {
echo "Please include your email address.";
} ?>"/>
</form>
<?php
}
if (!($_GET['email'])) {
$_SESSION['email'] = $customer_email;
}
require($_SERVER['DOCUMENT_ROOT']."/template_bottom.inc");
?>
And the download.php is
<?php
#start the session
session_start();
if
(isset
($_POST['check'])
AND
(isset($_POST['email']))
AND
(empty($_SESSION['email']))
)
{//user clicked form download button
$customer_email = $_SESSION['email'];
if (!($customer_email)) {
$customer_email = $_GET['email'];
//$customer_email = $_SESSION['email'];
}
//setcookie("sevendays", "email", time()+60*60*24*7);
$filepath = $_SERVER['DOCUMENT_ROOT']."/.php_files/acme_brochure.pdf";
if (file_exists($filepath)) {
header("Content-Type: application/force-download");
header("Content-Disposition:filename=\"brochure.pdf\"");
$fd = fopen($filepath,'rb');
fpassthru($fd);
fclose($fd);
if (!($_GET['email'])) {
#the customer wants us to remember him/her for next time
$_SESSION['email'] = $customer_email;
}
}
}//end isset(check)
?>
What is not happening given these 2 files?
--
Member - Liberal International This is doctor@@
nl2k.ab.ca Ici doctor@@
nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising!
http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism
Time for Stephen to move on on Oct 19 2015!!