Movie download link - Page 2 Movie download link - Page 2
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Movie download link

Started by Stramm, March 06, 2007, 08:00:38 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages 1 2
User actions

mariahxxx

#20
February 17, 2008, 03:41:22 PM
sweet! it works! :)

thank u so much!

xoxo
Mariah

rassilon

#21
May 14, 2008, 05:09:19 AM
I see how to add the "download ..." link for Video and Document but what is a GIF, JPG, PPT or PPTX (MS Office 2007) files and MP3's considered?

Nibbler

#22
September 02, 2008, 02:31:18 PM
This plugin is insecure; there is no check on the file that is being requested for download. Anyone using this should disable it.

Niecher

#23
November 10, 2009, 01:14:00 PM
Hi Stramm, thanks for this plugin.

is there some method to check the session of users in the file down.php?

If the users are not registered then to redirect them to the page of login and thus to avoid hotlinking.

Thanks.

Stramm

#24
November 10, 2009, 02:16:20 PM
you shouldn't use this plugin as it is unsecure as Nibbler already pointed out.
I've another version here but not yet prepared it for public use.

It wouldn't be a problem to check for the user being logged in. But that wouldn't protect from hotlinking at all.

Niecher

#25
November 10, 2009, 03:17:37 PM
Thanks for your input, Stramm

Excuse me, but i dont know programming in PHP. I was reading about use session_start(), if(isset($_SESSION["variable_session"])){ and I dont understand nothing about this  ;D

Nibbler pointed out that this plugin is insecure to direct download... it means should I remove the plugin?  :o

What is the diferent between direct download:

mydomain.com/gallery/index.php?file=file_download/down&link=albums/uploads/mymusic.mp3

and

mydomain.com/gallery/albums/uploads/mymusic.mp3 <<< (Save as)

With this: index.php?file=file_download/down&link= in htaccess I need rewrite rule for files .php and redirect in hotlinking. But this does not interest to me to do.

I like this plugin, help me please  ::)

Joachim Müller

#26
November 10, 2009, 04:02:13 PM
Quote from: Niecher on November 10, 2009, 03:17:37 PM
Nibbler pointed out that this plugin is insecure to direct download... it means should I remove the plugin?  :o
Yes, that's what he said:
Quote from: Nibbler on September 02, 2008, 02:31:18 PM
This plugin is insecure; there is no check on the file that is being requested for download. Anyone using this should disable it.
If you're not a programmer that's fine, but you should take our word then that this plugin is insecure. Malevolent visitors of your site could use the plugin to obtain configuration files on your server that would give them admin access to your server. Anything could happen if you don't heed the advice to get rid of this plugin. That's what we consider "insecure". We're not ready to explain why exactly that is the case if you can't understand what the code does anyway.

Niecher

#27
November 10, 2009, 04:38:23 PM
Thanks, Joachim Müller

I take you word and I remove the plugin.

:'(

Niecher

#28
November 10, 2009, 04:55:44 PM
Quote from: Niecher on November 10, 2009, 04:38:23 PM
Thanks, Joachim Müller

I take you word and I remove the plugin.

:'(

Ohhhh, I just understand why is insecure !!!

Then I remove file down.php and index.php?file=file_download/down&link= but I use the rest of plugin for save file as
Print
Go Up Pages 1 2
User actions