akshay Posted July 1, 2010 Share Posted July 1, 2010 Hello. I wrote this code for a hosting site... It works fine, but if the file status is set to "private" / "password" is turned on, the user is redirected to 404 page (File not found) <?php include_once("../sql.php"); session_start(); $sessid=session_id(); global $f; $f=$_GET['f']; //check for login: if(isset($_COOKIE['token'])) { $emailhash=$_COOKIE['token']; $loginq="SELECT * FROM users WHERE emailhash='$emailhash' AND status='active' "; $loginres=mysql_query($loginq,$conn) or die(mysql_error()); if(mysql_num_rows($loginres)==1) { $fname=mysql_result($loginres,0,'fname'); $lname=mysql_result($loginres,0,'lname'); $email=mysql_result($loginres,0,'email'); $loginmsg="<font face=\"Arial\" color=\"#1b1463\">Welcome <b>$fname $lname !</b> | <a href=\"http://fict-site-anything.com/logout.php\" target=\"_blank\">Logout</a></font>"; } else { setcookie("token","",time()-60,"/","fict-site-anything.com",0); //unset cookie $loginmsg="<font face=\"Arial\" color=\"#1b1463\">You are not logged in | <a href=\"http://fict-site-anything.com/login.php\" target=\"_blank\">Login</a> | <a href=\"http://fict-site-anything.com/acctypes.php\" target=\"_blank\"><b>Sign Up!</b></a></font>"; $email=""; } } else { $email=""; $loginmsg="<font face=\"Arial\" color=\"#1b1463\">You are not logged in | <a href=\"http://fict-site-anything.com/login.php\" target=\"_blank\">Login</a> | <a href=\"http://fict-site-anything.com/acctypes.php\" target=\"_blank\"><b>Sign Up!</b></a></font>"; } $sqlquery="Select * from files where fileid='$f' "; $result=mysql_query($sqlquery,$conn) or die(mysql_error()); if (mysql_num_rows($result) > 0 ) { $filename=mysql_result($result,0,'name'); $realpath=mysql_result($result,0,'realpath'); $downloads=mysql_result($result,0,'downloads'); $ext=mysql_result($result,0,'ext'); $size=filesize($realpath); if ($size>=1000 && $size<1000000) { $sizeunit="KB"; $size=round($size/1000,2); } elseif ($size>=1000000 && $size<1000000000) { $sizeunit="MB"; $size=round($size/1000000,2); } elseif ($size>=1000000000 && $size<1000000000000) { $size=round($size/1000000000,2); $sizeunit="GB"; } elseif ($size>=1000000000000 && $size<1000000000000000) { $size=round($size/1000000000000,2);; $sizeunit="TB"; } else { $sizeunit="bytes"; } $status=mysql_result($result,0,'status'); $filepw=mysql_result($result,0,'password'); // $privacy=mysql_result($result,0,'privacy'); <-- Depreciate & Replace by 'status' if($filepw!='' || $filepw!=NULL) { $filepwenc=md5(md5($filepw)); if(!isset($_GET['key']) || $_GET['key'] != $filepwenc) { header("location: http://fict-site-anything.com/dl/checkpass.php?f=$f&sessid=$realsessid"); exit; } } if($status=='private') { $privateq="SELECT * FROM files WHERE status='private' AND email='$email' AND fileid='$f' "; $privateq_res=mysql_query($privateq,$conn); if(mysql_num_rows($privateq_res)==0) header("location: http://fict-site-anything.com/error.php?msg=private"); } //if status private, ends. if($status!='active' && $status!='private') { header("location: http://fict-site-anything.com/error.php?msg=$status"); exit; } } else { header("location: http://fict-site-anything.com/error.php?err=404"); } A bug-fix / suggestion is really appreciated! Thank you! Link to comment https://forums.phpfreaks.com/topic/206417-ridiculous-if-else-situation/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.