/home/ejrndhmu/tokobiolink.com/download.php

<?php
session_start();
require_once 'includes/config.php';
require_once 'includes/functions.php';



// Check if user is logged in
if (!isset($_SESSION['user_id']) && !isset($_SESSION['reseller_id']) && !isset($_SESSION['admin_id'])) {
    http_response_code(401);
    die('Unauthorized access');
}

// Get product ID from URL parameter
if (!isset($_GET['product_id']) || !is_numeric($_GET['product_id'])) {
    http_response_code(400);
    die('Invalid product ID');
}

$product_id = (int)$_GET['product_id'];

// Get product information
$product = getProductById($product_id);
if (!$product) {
    http_response_code(404);
    die('Product not found');
}

// Check if product is active
if ($product['status'] !== 'active') {
    http_response_code(403);
    die('Product is not available');
}

$has_access = false;
$user_type = '';

// Check access based on user type
if (isset($_SESSION['admin_id'])) {
    // Admin has access to all products
    $has_access = true;
    $user_type = 'admin';
} elseif (isset($_SESSION['reseller_id'])) {
    // Check if reseller has access to this product
    $reseller_id = $_SESSION['reseller_id'];
    $reseller_access = getResellerProductAccess($reseller_id, $product_id);
    if ($reseller_access) {
        $has_access = true;
        $user_type = 'reseller';
    }
} elseif (isset($_SESSION['user_id'])) {
    // Check if user has access to this product
    $user_id = $_SESSION['user_id'];
    $user_access = getUserProductAccess($user_id);
    if (in_array($product_id, $user_access)) {
        $has_access = true;
        $user_type = 'user';
    }
}

// Deny access if user doesn't have permission
if (!$has_access) {
    http_response_code(403);
    die('You do not have access to this product');
}

// Validate file URL
if (empty($product['file_url'])) {
    http_response_code(404);
    die('Download file not available');
}

// Log download activity
$log_user_id = null;
if (isset($_SESSION['user_id'])) {
    $log_user_id = $_SESSION['user_id'];
} elseif (isset($_SESSION['reseller_id'])) {
    $log_user_id = $_SESSION['reseller_id'];
} elseif (isset($_SESSION['admin_id'])) {
    $log_user_id = $_SESSION['admin_id'];
}

if ($log_user_id) {
    logDownloadActivity($product_id, $log_user_id, $user_type);
}

// Redirect to actual file URL
header('Location: ' . $product['file_url']);
exit();

// Function to get reseller product access
function getResellerProductAccess($reseller_id, $product_id) {
    $db = new Database();
    $db->query('SELECT * FROM reseller_products WHERE reseller_id = :reseller_id AND product_id = :product_id');
    $db->bind(':reseller_id', $reseller_id);
    $db->bind(':product_id', $product_id);
    return $db->single();
}

// Function to log download activity
function logDownloadActivity($product_id, $user_id, $user_type) {
    $db = new Database();
    $db->query('INSERT INTO download_logs (product_id, user_id, user_type, downloaded_at) VALUES (:product_id, :user_id, :user_type, NOW())');
    $db->bind(':product_id', $product_id);
    $db->bind(':user_id', $user_id);
    $db->bind(':user_type', $user_type);
    $db->execute();
}
?>

[D] .well-known
[D] __MACOSX
[D] admin
[D] cgi-bin
[D] config
[D] includes
[D] reseller
[D] uploads
[D] user
[F] .htaccess
[F] 1.php
[F] 123.php
[F] 403.php
[F] 404.php
[F] 4z5enevnessqqjdcxuCakc.php
[F] alfroot.php
[F] app_azizkajafraniareyCakc.php
[F] catalog.php
[F] checkout.php
[F] download.php
[F] e.php
[F] e.txt
[F] error_log
[F] fc-pluginSettings-3-pinplugin.php
[F] forgot_password.php
[F] goods.php
[F] hamah_haxor.php
[F] hmh.php
[F] hmh.phtml
[F] HmH_Society-Final.php.php
[F] hmhfm.php
[F] index.html
[F] index_hmh.html
[F] index_thanos.html
[F] invoice.php
[F] Kiblat Digital Fix Custom Menu Res 9.1.1.zip
[F] login.php
[F] microapp.php
[F] mocok.txt
[F] package_checkout.php
[F] package_invoice.php
[F] page.php
[F] pwhb0t2cy9txbiga4ckhfrdsCakc.php
[F] register.php
[F] register_reseller.php
[F] ths_byp.php
[F] wp-setiings.php
[F] wpc.php
[F] wso_hmh.php
[F] xxxl.php