Question concerning download managing

[DPtheGod]

Greetings!

I am looking to set up a system for my website similar to NarutoFan. Basically, I want to be able to have a login script for my main page where people can log in, if they are currently not logged in the forum. I am running vBulletin 3.6.8 right now. I want the script to be able to make it so people can submit a payment, and the system records that a payment was received, and they can gain access to the videos and podcasts section. Then for purchasing them on DVD and also the material based merchandise, just a checkout system. Also, I want to make it so anyone who is not a paying customer cannot access the downloads if they happen to find where the files are located on the server.

Would anyone know where I could start on this?

[Dismounted]

Include the vBulletin backend, and then check the usergroup when people try to access that page.

Do you know PHP well?

[DPtheGod]

I am decent with it, but I am a n00b with MySQL lol. So, I'd really have no idea where to begin. What all would I have to do to include the vBulletin backend? That is something I am unfamiliar with, unfortunetely.

[Dismounted]

PHP Code:

$curdir = getcwd();
chdir('/PATH/TO/FORUMS');
require_once('./global.php');
chdir($curdir); 


[DPtheGod]

Thanks for the help.

Although, I am getting this error when trying use a login script I got on here a while back:

Code:

Warning: main(login_inc2.php) [function.main]: failed to open stream: No such file or directory in /home/hiroanim/public_html/menu.php on line 167

Fatal error: main() [function.require]: Failed opening required 'login_inc2.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/hiroanim/public_html/menu.php on line 167

I have the login_inc2.php file both in my forums directory, and the root directory, and I am using this code to call it:

PHP Code:

<?php
   require_once('login_inc2.php');
?>

I was curious if you noticed anything wrong with it?

This code is frustrating lol

Edit: Nevermind! I have gotten it to work! Thank you for the help!

Also, I have one more question. Let's say I have a directory on my server that has a bunch of render image files, and I only want people who have obtained access either sending a payment in or reaching a certain usergroup from posting, but someone who does have access gives out the file name and location on the server, is it possible to restrict anyone not in the usergroup from accessing the file?

I know how to set it up so that the page is restricted from people who are not in the usergroup, but I want to be sure that paying customers can't send out the full url of the files to non-paying customers and have them steal all of the premium renders.

[Dismounted]

Quote:

Originally Posted by DPtheGod

Also, I have one more question. Let's say I have a directory on my server that has a bunch of render image files, and I only want people who have obtained access either sending a payment in or reaching a certain usergroup from posting, but someone who does have access gives out the file name and location on the server, is it possible to restrict anyone not in the usergroup from accessing the file?

I know how to set it up so that the page is restricted from people who are not in the usergroup, but I want to be sure that paying customers can't send out the full url of the files to non-paying customers and have them steal all of the premium renders.

The easiest way would be to lock down that directory with .htaccess:

Code:

Order allow, deny

And then use a script to check the usergroup before grabbing and outputting the file (via PHP).

[DPtheGod]

Thank you for your help with the htaccess file. I set it up, and I can't access anything as a guess, which I like. However, I set up a page with the following code:

PHP Code:

<?php
if ($vbulletin->userinfo['usergroupid'] == '6' )
    {
    echo "Welcome to the premium section!";
             } else {
             echo "You do not have permission for this page"; }
    ?>

<a href="Avatars.rar">A</a>

And when I load that page in my main page using a php include, it doesn't let me download the rar file. Do I have to include some type of php code inside of the htacces? Or did I mess up my coding? Also, is there a way to detect if the user is a secondary member of that usergroup?

Thank you for all of your help so far, it means a lot to me.

Edit: I've fixed the code, and have it working:

PHP Code:

<?php
if ($vbulletin->userinfo['usergroupid'] == '6' )
    {
    echo "Welcome to the premium section!<br /><a href='/depu/Avatars.rar'>A</a>";
             } else {
             echo "You do not have permission for this page"; }
    ?>

But it is giving me this error:

Quote:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Is there something else I have to include in my htaccess file?

[Dismounted]

You need to fetch the file (with the file() functions), and then output the appropriate headers along with the data.