We allow "special users" to download Multimedia files - which are kept outside "web root". We check if the users belong to special group "5" and then allow download through the following script. Now we want to to restrict download limit to 500MB a month per special member.
Current Code :
___________________________________________________________
<?
$threadspath = "/home/myhotboard.com/public_html/hotboard/";
include "{$threadspath}/main.inc.php";
$userob = new user;
$user = $userob -> authenticate("U_Groups");
$specialgroup = "5";
$redirectURL = "http://www.myhotboard.com/hbfriend/hbfriend.htm";
if (!preg_match("-$specialgroup-",$user['U_Groups'])) {
// Their not in the special group so we go elsewhere...
header("Location: $redirectURL");
}
define('FILEDIR', '/home/downloads/');
//storage directory outside the root
$path = FILEDIR . $file;
header("Content-type: application/force-download\n");
header("Content-disposition: attachment; filename="$file"\n");
header("Content-transfer-encoding: binary\n");
header("Content-length: " . filesize($path) . "\n");
header ("Connection: close");
//send file contents
$fp=fopen($path, "r");
fpassthru($fp);
fclose($fp);
?>
____________________________________________________________
Future Code : (Proposed changes in CAP)
<?
$threadspath = "/home/myhotboard.com/public_html/hotboard/";
include "{$threadspath}/main.inc.php";
$userob = new user;
$user = $userob -> authenticate("U_Groups");
$specialgroup = "5";
$redirectURL
= "http://www.myhotboard.com/hbfriend/hbfriend.htm";
if (!preg_match("-$specialgroup-",$user['U_Groups'])) {
// Their not in the special group so we go elsewhere...
header("Location: $redirectURL");
-- ELSE CHECK MYSQL TABLE
-- TOTAL(FILESIZE) THIS MONTH > 500MB
-- GO TO "YOU DOWNLOAD LIMIT HAS EXCEEDED" PAGE
-- SELECT STATEMENT from the TABLE
-- A NEW TABLE IN DATABASE WILL CONTAIN USER_ID,
--USER_NAME, DATE, FILESIZE
-- BASICALY DOWNLOAD HISTORY
}
define('FILEDIR', '/home/myhotboard.com/downloads/');
//storage directory outside the root
$path = FILEDIR . $file;
-- INSERT INTO MYSQLTABLE USERNAME, USER_ID, DATE, FILESIZE($PATH);
header("Content-type: application/force-download\n");
header("Content-disposition: attachment; filename="$file"\n");
header("Content-transfer-encoding: binary\n");
header("Content-length: " . filesize($path) . "\n");
header ("Connection: close");
//send file contents
$fp=fopen($path, "r");
fpassthru($fp);
fclose($fp);
?>
Let's say the table will be like
Hotclips_t
User_Id
User_Name
TimeStamp
FileSize
This gets inserted whenever a user downloads a file. This also is checked against before a user wants to download a file.
I am a novice in PHP-MySQL code. Any help?
Thanks,
hb