<?php
require_once INCLUDE_DIR."/master_class.php";
class ProtecfolderProtection_Class
{
function createHtaccess($pPath)
{
$filecreation=true;
$pPath=trim($pPath);
if(!file_exists($pPath.".htaccess"))
{
$htacessFile=$pPath.".htaccess";
$handalHtaccess=fopen($htacessFile, 'w') or die('can not create HTACCESS file please check folder permission');
}
else
{
$htacessFile=trim($pPath).".htaccess";
if(is_writable($htacessFile))
{
unlink($htacessFile);
$handalHtaccess=fopen($htacessFile, 'w') or die('can not create HTACCESS file please check folder permission');
}
else
{
$filecreation=false;
return $filecreation;
}
}
$lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
$lsProtectHtacessPasswords="<FilesMatch .htpasswd>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>\n";
$File = $pPath.".htpasswd";
$AuthUserFile= "\"".$File."\"";
$DataHtaccess = "AuthUserFile $AuthUserFile\nAuthName \"For Members Only\"\nAuthType Basic\nrequire valid-user";
//echo $DataHtaccess;
fwrite($handalHtaccess,trim($lsProtectHtacess));
fwrite($handalHtaccess,"\n");
fwrite($handalHtaccess,trim($lsProtectHtacessPasswords));
fwrite($handalHtaccess,"\n");
fwrite($handalHtaccess, trim($DataHtaccess));
fclose($handalHtaccess);
return $filecreation;
}
function createPasswdfile($ppath,$pproductId)
{
$filecreation=true;
//SELECT p.userid,ps.password FROM prefix_product_users
//LEFT JOIN prefix_users ps ON ps.id = p.userid
//where p.productid=1;
$ppath=trim($ppath);
$productIds=(implode(',',$pproductId));
$user=new users_class();
$curentTimeStamp= strtotime(date("Y/m/dH:i:s"));
//$query="SELECT distinct p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p LEFT JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.uptodate>$curentTimeStamp or p.islifetime=1)";
$payGearstatusValue="Active";
$masterclassObj=new master_class();
$masterId=$masterclassObj->getMasterId("productmembershipstatus");
$masterValuesId=$masterclassObj->getMasterValuesId($payGearstatusValue,$masterId);
$query="SELECT distinct p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.productmembershipstatusid=$masterValuesId) and (ps.isapproved=1) and (ps.islockedout=0)";
$result=$user->View($query);
// $query="SELECT distinct p.userid,ps.username as username,ps.password as password FROM prefix_product_users p LEFT JOIN prefix_users ps ON ps.id = p.userid;";
$File = trim($ppath).".htpasswd";
if(!file_exists($File))
{
$HandleHdpass = fopen($File, 'w') or die("can't create HTACCESS PASSWORD file please check folder permission");
}
else
{
if(is_writable($File))
{
unlink($File);
$HandleHdpass = fopen($File, 'w') or die("can't create HTACCESS PASSWORD file please check folder permission");
}
else
{
$filecreation=false;
return $filecreation;
}
}
if($result!=false)
{
foreach($result as $key=>$value)
{
$user=$value['username'];
$pass=$value['password'];
$secSalt=$value['secretsalt'];
$decriptedPassword=decrypt($pass,$secSalt);
$usernamePass=getHtpassword($user,$decriptedPassword);
fwrite($HandleHdpass, $usernamePass);
fwrite($HandleHdpass,"\n");
}
fclose($HandleHdpass);
}
return $filecreation;
}
function copyDownloadScript($pPath)
{
/* $localpath=getenv("SCRIPT_NAME");
$absolutepath=getenv("SCRIPT_FILENAME");
echo substr($absolutepath,0,strpos($absolutepath,$localpath));
$file = $_SERVER["SCRIPT_NAME"];
$break = Explode('/', $file);
$pfile = $break[count($break) - 1]; */
$scriptPath="C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/project_ProtectedFolder/DownloadScript/download.php";
$newfile="C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/project_ProtectedFolder/".$pPath."/download.php";
try{
//copy($scriptPath, $newfile);
$fsrc = fopen($scriptPath,'r');
$fdest = fopen($newfile,'w');
$len = stream_copy_to_stream($fsrc,$fdest);
fclose($fsrc);
fclose($fdest);
return $len;
}
catch(Exception $e)
{
$result = $e->getMessage();
echo $result;
}
}
/*new function update passwordfile added*/
function updatePasswdfile($ppath,$pproductId)
{
$filecreation=true;
$ppath=trim($ppath);
/*Added By Asmita*/
$productIds=(implode(',',$pproductId));
$user=new users_class();
$curentTimeStamp= strtotime(date("Y/m/dH:i:s"));
$payGearstatusValue="Active";
$masterclassObj=new master_class();
$masterId=$masterclassObj->getMasterId("productmembershipstatus");
$masterValuesId=$masterclassObj->getMasterValuesId($payGearstatusValue,$masterId);
$query="SELECT distinct p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid in($productIds) and (p.productmembershipstatusid=$masterValuesId)";
// $query="SELECT distinct p.userid,ps.username as username,ps.password as password,secretsalt FROM ".TABLE_PREFIX."product_users p LEFT JOIN ".TABLE_PREFIX."users ps ON ps.id = p.userid where p.productid=$pproductId and (p.uptodate>$curentTimeStamp or p.islifetime=1)";
$result=$user->View($query);
$File = trim($ppath).".htpasswd";
if(!file_exists($File))
{
$HandleHdpass = fopen($File, 'w') or die("can't create HTACCESS PASSWORD file please check folder permission");
}
else
{
if(is_writable($File))
{
unlink($File);
$HandleHdpass = fopen($File, 'w') or die("can't create HTACCESS PASSWORD file please check folder permission");
}
else
{
$filecreation=false;
return $filecreation;
}
}
if($result!=false)
{
foreach($result as $key=>$value)
{
$user=$value['username'];
$pass=$value['password'];
$secSalt=$value['secretsalt'];
$decriptedPassword=decrypt($pass,$secSalt);
$usernamePass=getHtpassword($user,$decriptedPassword);
fwrite($HandleHdpass, $usernamePass);
fwrite($HandleHdpass,"\n");
}
fclose($HandleHdpass);
}
return $filecreation;
}
/***********************************************************************************/
function createModRewriteHtaccess($pPath)
{
$filecreation=true;
$fileHtpass=trim($pPath).".htpasswd";
if(file_exists($fileHtpass) && is_writable($fileHtpass) )
unlink($fileHtpass);
$File = $pPath.".htaccess";
$File=trim($File);
if(!file_exists($File))
{
$Handle = fopen($File, 'w') or die('can not create HTACCESS NEW_REWRITE FILE');
$lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
$userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]";
$userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]";
$userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]";
$Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n #rewritecond %{REQUEST_FILENAME} -d\n#RewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$ $userAuthFile1";
fwrite($Handle,trim($lsProtectHtacess));
fwrite($Handle,"\n");
fwrite($Handle, trim($Data));
fclose($Handle);
}
else
{
if(is_writable($File))
{
unlink($File);
$Handle = fopen("$File", 'w') or die('can not create HTACCESS NEW_REWRITE File');
}
else
{
$filecreation=false;
return $filecreation;
}
$lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
$userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]";
$userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]";
$userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]";
$Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n #rewritecond %{REQUEST_FILENAME} -d\n#RewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$ $userAuthFile1";
fwrite($Handle,trim($lsProtectHtacess));
fwrite($Handle,"\n");
fwrite($Handle, trim($Data));
fclose($Handle);
}
return $filecreation;
}
function createPhpIncludeHtaccess($pPath)
{
$filecreation=true;
$fileHtpass=trim($pPath).".htpasswd";
if(file_exists($fileHtpass) && is_writable($fileHtpass) )
{
unlink($fileHtpass);
}
$File = trim($pPath).".htaccess";
$File=trim($File);
if(file_exists($File) )
{
if(is_writable($File))
{
unlink($File);
$Handle = fopen($File, 'w') or die('can not create HTACCESS PHP INCLUDE File');;
$lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
$userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]";
$userAuthFile2=WEB_URL."/"."is_valid_request_php_include.php?file=%{REQUEST_URI}&req=dir [L]";
$userAuthFile3=WEB_URL."/"."is_valid_request_php_include.php?file=%{REQUEST_URI}&req_no_file=no_file [L]";
$Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\nrewritecond %{REQUEST_FILENAME} -d\nRewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{REQUEST_FILENAME} !page_not_found.php$ \n RewriteCond %{REQUEST_URI} ^(.+).php\$\nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$ $userAuthFile1";
fwrite($Handle,trim($lsProtectHtacess));
fwrite($Handle,"\n");
fwrite($Handle, trim($Data));
fclose($Handle);
}
else
{
$filecreation=false;
return $filecreation;
}
}
else
{
$Handle = fopen($File, 'w') or die('can not create HTACCESS PHP INCLUDE File');;
$lsProtectHtacess=" <FilesMatch .htaccess>\nOrder allow,deny\nDeny from all\nSatisfy All\n</FilesMatch>";
$userAuthFile1=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI} [L]";
$userAuthFile2=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req=dir [L]";
$userAuthFile3=WEB_URL."/"."is_valid_request.php?file=%{REQUEST_URI}&req_no_file=no_file [L]";
$Data = "Options +Indexes +FollowSymlinks\n RewriteEngine on\n rewritecond %{REQUEST_FILENAME} -d\nRewriteRule ^(.*)\$ $userAuthFile2 \nrewritecond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ $userAuthFile3 \n RewriteCond %{REQUEST_URI} ^(.+).php\$\nRewriteCond %{HTTP_COOKIE} !membersite_userid= [NC]\nRewriteRule ^(.+)\.*\$ $userAuthFile1";
fwrite($Handle,trim($lsProtectHtacess));
fwrite($Handle,"\n");
fwrite($Handle, trim($Data));
fclose($Handle);
}
return $filecreation;
}
function create_page_not_found_php($pPath)
{
$file_page_not_found=trim($pPath)."page_not_found.php";
if(file_exists($file_page_not_found) )
{
if(is_writable($file_page_not_found))
{
$lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
$ls_file_con_file_not_found=file_get_contents($lsfile_not_found);
$Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found.php File');;
fwrite($Handle,$ls_file_con_file_not_found);
fclose($Handle);
$filecreation=true;
}
else
{
$filecreation=false;
return $filecreation;
}
}
else
{
$lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
$ls_file_con_file_not_found=file_get_contents($lsfile_not_found);
$Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found File');;
fwrite($Handle,$ls_file_con_file_not_found);
fclose($Handle);
$filecreation=true;
return $filecreation;
}
return $filecreation;
}
}
?>