<?php

//////////////////////////////////////////////////////////////////////////////////////////
///
/// Projekt: shop to date 6
/// Autor: Volker Sauer, (C) 2005, 2006, 2007, 2008
/// etor Softwareentwicklung e.K.
/// Bottroper Str. 19, 45899 Gelsenkirchen, sauer@etor.de
///
/// Datei: shop/download.php -> s2ddown.php
/// Art: Shop Download von ESD Dateien
/// Inhalt: ESD
/// Beschreibung: ESD
/// Benötigt: alles
/// CML-Parsing: nein
///
//////////////////////////////////////////////////////////////////////////////////////////
///
/// Letzte Änderungen:
/// 10.02.2009 Variable für Encryption geändert
///
//////////////////////////////////////////////////////////////////////////////////////////
///<10.02.2009/6.0.3.8/>

define('ROOT', './');
define('ASSETS', ROOT.'assets/');
require(ASSETS.'s2diconf.php');
require(CC_INCLUDE_INIT);
require(CC_BLOGIC_CONFIG);

// Parameter einlesen
$uid = get(PARAMETER_ID, CHECK_ALPHANUM);
$order_id = get(PARAMETER_ORDER, CHECK_ALPHANUM);

$order = new order($order_id);

// Angemeldet?
if (!$session->client_id) {
	$config = new config('downloads');
	$config->set('noclient', $config->noclient + 1);
	script_die(CC_RESSOURCE_DOWNLOADPLEASELOGIN, __FILE__, __LINE__);
}

// Berechtigung für diesen Auftrag?
if ($order->client->client_id != $session->client_id) {
	$config = new config('downloads');
	$config->set('noaccess', $config->noaccess + 1);
	script_die(CC_RESSOURCE_DOWNLOADPLEASELOGIN, __FILE__, __LINE__);
}

// Artikel gekauft?
$esd_item = false;
foreach ($order->items as $item)
	if ($item->download_uid == $uid)
		$esd_item = $item;

if (!$esd_item) {
	$config = new config('downloads');
	$config->set('noaccess', $config->noaccess + 1);
	script_die(CC_RESSOURCE_DOWNLOADPLEASELOGIN, __FILE__, __LINE__);
}

// Bezahlt?
if ($esd_item->order_status < 'd') {
	$config = new config('downloads');
	$config->set('noaccess', $config->noaccess + 1);
	script_die(CC_RESSOURCE_DOWNLOADPLEASELOGIN, __FILE__, __LINE__);
}

// Statistik Kunde/Auftrag
$esd_item->download_count++;
$esd_item->store();

// Statistik gesamt
$config = new config('downloads');
$config->set('overallcount', $config->overallcount + 1);

// Statistik Artikel
$download = new abstractdb(TABLE_DOWNLOADPRODUCTS, $esd_item->download_uid);
if ($download->filename) {
	$download->download_count++;
	$download->store();
}

// Datei auf Server vorhanden?
$filename = md5($download->filename.$download->id.CC_SITE_FILEKEY);
if (!file_exists(DOWNLOADS.$filename)) {
	$config = new config('downloads');
	$config->set('filegone', $config->filegone + 1);
	script_die(CC_RESSOURCE_DOWNLOADGONE, __FILE__, __LINE__);
}

// Datei als Download ausgeben, In-Browser Anzeige verhindern
header("Content-type: application");
header("Content-Disposition: attachment; filename=".$esd_item->download_filename);
readfile(DOWNLOADS.$filename);

?>