Location: PHPKode > projects > MembersGear > membersgear/includes/folderProtection.php
<?php
        require_once INCLUDE_DIR."/master_class.php";     
         class ProtecfolderProtection_Class
          {      
                   function createHtaccess($pPath)
                    {      
                           $filecreation=true;
                           $pPath=trim($pPath);
                           if(!file_exists($pPath.".htaccess"))
                            {
                                 
                                      $htacessFile=$pPath.".htaccess";
                                      $handalHtaccess=fopen($htacessFile, 'w') or die('can not create HTACCESS file please check folder permission');
                         
                            } 
                           else
                            {
                                  $htacessFile=trim($pPath).".htaccess";
                                  if(is_writable($htacessFile))
                                   {
                                        unlink($htacessFile);
                                        $handalHtaccess=fopen($htacessFile, 'w') or die('can not create HTACCESS file please check folder permission');  
                                   }
                                 else
                                  {
                                     $filecreation=false;
                                     return  $filecreation;
                                  }
                                        
                            }  
                            
                            $lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
                            $lsProtectHtacessPasswords="<FilesMatch .htpasswd>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>\n";
                            $File = $pPath.".htpasswd"; 
                            $AuthUserFile= "\"".$File."\"";
                            $DataHtaccess = "AuthUserFile $AuthUserFile\nAuthName \"For Members Only\"\nAuthType Basic\nrequire valid-user";
                            //echo $DataHtaccess;
                            fwrite($handalHtaccess,trim($lsProtectHtacess));
                            fwrite($handalHtaccess,"\n");
                            fwrite($handalHtaccess,trim($lsProtectHtacessPasswords));
                            fwrite($handalHtaccess,"\n"); 
                            fwrite($handalHtaccess, trim($DataHtaccess));
                            fclose($handalHtaccess);
                            return $filecreation;
                           
                    }     
             
                     function createPasswdfile($ppath,$pproductId)
                      {
                             
                             $filecreation=true;
                              //SELECT p.userid,ps.password FROM prefix_product_users
                             //LEFT JOIN prefix_users ps ON ps.id = p.userid
                             //where p.productid=1;
                              $ppath=trim($ppath);
                              $productIds=(implode(',',$pproductId));
                              $user=new users_class();
                              $curentTimeStamp= strtotime(date("Y/m/dH:i:s"));
                              
                              //$query="SELECT distinct  p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p LEFT JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.uptodate>$curentTimeStamp or p.islifetime=1)";
                              
                               $payGearstatusValue="Active";
                               $masterclassObj=new master_class();
                               $masterId=$masterclassObj->getMasterId("productmembershipstatus");
                               $masterValuesId=$masterclassObj->getMasterValuesId($payGearstatusValue,$masterId); 
                               
                               $query="SELECT distinct  p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p  JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.productmembershipstatusid=$masterValuesId) and (ps.isapproved=1) and (ps.islockedout=0)";
                               $result=$user->View($query);
                             // $query="SELECT distinct  p.userid,ps.username as username,ps.password as password FROM prefix_product_users p LEFT JOIN prefix_users ps ON ps.id = p.userid;";
                              $File = trim($ppath).".htpasswd";
                               if(!file_exists($File))
                                {
                                    $HandleHdpass = fopen($File, 'w')  or die("can't create HTACCESS PASSWORD file please check folder permission");
                                    
                                }
                                else
                                 {
                                           if(is_writable($File))
                                            {
                                              unlink($File);
                                              $HandleHdpass = fopen($File, 'w')  or die("can't create HTACCESS PASSWORD file please check folder permission"); 
                                
                                            }
                                           else
                                           {
                                             $filecreation=false;
                                             return $filecreation;
                                           }    
                                   }
                                       if($result!=false) 
                                        {     
                                           foreach($result as $key=>$value)
                                           {
                                                 $user=$value['username'];
                                                 $pass=$value['password'];
                                                 $secSalt=$value['secretsalt'];
                                                 $decriptedPassword=decrypt($pass,$secSalt);
                                                 
                                                 $usernamePass=getHtpassword($user,$decriptedPassword);
                                                  fwrite($HandleHdpass, $usernamePass);
                                                  fwrite($HandleHdpass,"\n");
                                           }
                                            
                                           fclose($HandleHdpass);
                                         
                                        }
                                        return $filecreation;      
                      }
                      
                      function copyDownloadScript($pPath)
                       {             
                          /* $localpath=getenv("SCRIPT_NAME");
                           $absolutepath=getenv("SCRIPT_FILENAME");
                          echo substr($absolutepath,0,strpos($absolutepath,$localpath));
                          $file = $_SERVER["SCRIPT_NAME"];
                          $break = Explode('/', $file);
                          $pfile = $break[count($break) - 1]; */
                          
                          $scriptPath="C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/project_ProtectedFolder/DownloadScript/download.php";
                          $newfile="C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/project_ProtectedFolder/".$pPath."/download.php";
                          
                          try{
                           
                            //copy($scriptPath, $newfile);
                              
                           
                                $fsrc = fopen($scriptPath,'r');
                                $fdest = fopen($newfile,'w');
                                $len = stream_copy_to_stream($fsrc,$fdest);
                                fclose($fsrc);
                                fclose($fdest);
                                return $len;
    
                            
                          }
                          catch(Exception $e)
                          {
                              $result = $e->getMessage();
                              echo $result;
                           }   
                                 
                                                  
                       }
                       
              /*new function update passwordfile added*/
              
               function updatePasswdfile($ppath,$pproductId)
                      {
                              
                              $filecreation=true;
                               $ppath=trim($ppath);
                               /*Added By Asmita*/
                               $productIds=(implode(',',$pproductId));
                               $user=new users_class();
                               $curentTimeStamp= strtotime(date("Y/m/dH:i:s"));
                               $payGearstatusValue="Active";
                               $masterclassObj=new master_class();
                               $masterId=$masterclassObj->getMasterId("productmembershipstatus");
                               $masterValuesId=$masterclassObj->getMasterValuesId($payGearstatusValue,$masterId); 
                               
                               $query="SELECT distinct  p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.productmembershipstatusid=$masterValuesId)";
                               
                             // $query="SELECT distinct  p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p LEFT JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid=$pproductId and (p.uptodate>$curentTimeStamp or p.islifetime=1)";
                              $result=$user->View($query);
                             
                              $File = trim($ppath).".htpasswd";
                               if(!file_exists($File))
                                {
                                    $HandleHdpass = fopen($File, 'w')  or die("can't create HTACCESS PASSWORD file please check folder permission");
                                    
                                }
                                else
                                 {
                                           
                                           if(is_writable($File))
                                            {
                                                unlink($File);
                                                $HandleHdpass = fopen($File, 'w')  or die("can't create HTACCESS PASSWORD file please check folder permission"); 
                                            }
                                          else
                                           {
                                             $filecreation=false;
                                             return $filecreation;
                                           }  
                                            
                                            
                                 }           
                                
                               if($result!=false) 
                                {     
                                   foreach($result as $key=>$value)
                                   {
                                         $user=$value['username'];
                                         $pass=$value['password'];
                                         $secSalt=$value['secretsalt'];
                                         $decriptedPassword=decrypt($pass,$secSalt);
                                         
                                         $usernamePass=getHtpassword($user,$decriptedPassword);
                                          fwrite($HandleHdpass, $usernamePass);
                                          fwrite($HandleHdpass,"\n");
                                   }
                                    
                                   fclose($HandleHdpass);
                                 
                                } 
                                
                             return $filecreation;        
                      }
                      
                     
        /***********************************************************************************/                      
                       
                       
                       
                     
                    
                     function createModRewriteHtaccess($pPath)
                      {
                            
                            $filecreation=true;  
                                  
                            $fileHtpass=trim($pPath).".htpasswd";
                            if(file_exists($fileHtpass) && is_writable($fileHtpass) )
                                unlink($fileHtpass);
                           
                             $File = $pPath.".htaccess";
                             $File=trim($File);
                             if(!file_exists($File))
                              {
                                   
                                    $Handle = fopen($File, 'w') or die('can not create HTACCESS NEW_REWRITE FILE');
                                    $lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
                                    $userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]"; 
                                    $userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]"; 
                                    $userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]"; 
                                    $Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n #rewritecond %{REQUEST_FILENAME} -d\n#RewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$  $userAuthFile1";
                                    fwrite($Handle,trim($lsProtectHtacess));
                                    fwrite($Handle,"\n");
                                    fwrite($Handle, trim($Data));
                                    fclose($Handle);
                                
                              } 
                              else
                               {
                                       if(is_writable($File))
                                        {
                                            unlink($File);
                                           $Handle = fopen("$File", 'w') or die('can not create HTACCESS NEW_REWRITE File');
                                        } 
                                       else
                                        {
                                          $filecreation=false;
                                          return  $filecreation;
                                        }  
                                        $lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
                                        $userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]"; 
                                        $userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]"; 
                                        $userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]"; 
                                        $Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n #rewritecond %{REQUEST_FILENAME} -d\n#RewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$  $userAuthFile1";
                                        fwrite($Handle,trim($lsProtectHtacess));
                                        fwrite($Handle,"\n");
                                        fwrite($Handle, trim($Data));
                                        fclose($Handle);
                                   
                               
                               } 
                               
                               return $filecreation;
                      
                      }
                      
                     

                      function createPhpIncludeHtaccess($pPath)
                       {    
                             $filecreation=true; 
                             $fileHtpass=trim($pPath).".htpasswd";
                              if(file_exists($fileHtpass) && is_writable($fileHtpass) ) 
                                {
                           
                                   unlink($fileHtpass); 
                                }
                             $File = trim($pPath).".htaccess";
                             $File=trim($File);
                             if(file_exists($File) )
                              {  
                                   if(is_writable($File)) 
                                    {
                                          unlink($File);
                                           $Handle = fopen($File, 'w') or die('can not create HTACCESS PHP INCLUDE File');;
                                            $lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
                                            $userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]"; 
                                            $userAuthFile2=WEB_URL."/"."is_valid_request_php_include.php?file=%{REQUEST_URI}&req=dir [L]"; 
                                            $userAuthFile3=WEB_URL."/"."is_valid_request_php_include.php?file=%{REQUEST_URI}&req_no_file=no_file [L]"; 
                                            $Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\nrewritecond %{REQUEST_FILENAME} -d\nRewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{REQUEST_FILENAME} !page_not_found.php$ \n RewriteCond %{REQUEST_URI} ^(.+).php\$\nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$  $userAuthFile1";
                                            fwrite($Handle,trim($lsProtectHtacess));
                                            fwrite($Handle,"\n");
                                            fwrite($Handle, trim($Data));
                                            fclose($Handle);
                                    }       
                                   else
                                    {
                                        $filecreation=false;
                                        return $filecreation;
                                    }   
                                        
                                       
                              } 
                             else
                              {   
                                
                                            $Handle = fopen($File, 'w') or die('can not create HTACCESS PHP INCLUDE File');;
                                            $lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
                                            $userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]"; 
                                            $userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]"; 
                                            $userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]"; 
                                            $Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n rewritecond %{REQUEST_FILENAME} -d\nRewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{REQUEST_URI} ^(.+).php\$\nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$  $userAuthFile1";
                                            fwrite($Handle,trim($lsProtectHtacess));
                                            fwrite($Handle,"\n");
                                            fwrite($Handle, trim($Data));
                                            fclose($Handle); 
                              }     
                       
                            return $filecreation;
                       
                       }
                       
                       function create_page_not_found_php($pPath) 
                        {
                        
                                     $file_page_not_found=trim($pPath)."page_not_found.php"; 
                                     
                                      if(file_exists($file_page_not_found) )
                                      {  
                                           if(is_writable($file_page_not_found)) 
                                            {
                                                 $lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
                                                 $ls_file_con_file_not_found=file_get_contents($lsfile_not_found); 
                                                 $Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found.php File');;   
                                                 fwrite($Handle,$ls_file_con_file_not_found);
                                                 fclose($Handle);
                                                 $filecreation=true;   
                                                  
                                            }       
                                           else
                                            {    
                                                $filecreation=false;     
                                                return $filecreation;
                                            }   
                                                
                                               
                                      } 
                                     else
                                      {
                                        
                                                 $lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
                                                 $ls_file_con_file_not_found=file_get_contents($lsfile_not_found); 
                                                 $Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found File');;   
                                                 fwrite($Handle,$ls_file_con_file_not_found);
                                                 fclose($Handle);
                                                 $filecreation=true;   
                                                
                                                return $filecreation;
                                           
                                      } 
                                   
                                    return $filecreation;
                        
                        
                        
                        } 
                       
                       
          }         
?>
Return current item: MembersGear