Setting a user verification with auto_prepend Joomla

56 views Asked by At

Got stuck on something. I added a verification for each request to PDFs in a specific folder. I've use .htaccess with prepend.php. It is on a Joomla website.

The goal is to allow subscribed member to see different PDFs in the folder, but reject the non-subscribed and visitor.

.htaccess

# set .pdf extension to be PHP
AddType php5-script .pdf

# match the .pdf extension
<FilesMatch "\.pdf$">
# set the prepend file setting
php_value auto_prepend_file "prepend.php"
</FilesMatch>

prepend.php

<?php

// Loading Joomla User core Files
define( '_JEXEC', 1 );
define('JPATH_BASE', '../');
require_once ( '../includes/defines.php' );
require_once ( '../includes/framework.php' );

// Create the Application
$app = JFactory::getApplication('site');

// Error Message : Please Log-in
$error = 'Veuillez vous connecter.';

// Check wether Joomla User is logged-in
$user = JFactory::getUser();

// Define user id
$ClientUserId = $user->id;

// Connect to databases
$link = mysqli_connect("localhost", "dbuser", "dbpsw", "dbname");

// Search for Account type
if($ClientUserId != 0) {
$resultabo = mysqli_query($link, "SELECT * FROM tablename WHERE user_id='$ClientUserId' ORDER BY id DESC LIMIT 1");
} else die($error);

// Controling wether the user is logged-in in a subscribed account
while($row = $resultabo->fetch_assoc()) {

    $abo = $row["account_id"];

    if($abo > 1 AND $abo < 7 ) {

        // Note : All $abo between 6 and 7 are "subscribed"

        // Sending headers to subscribed user
        header("Content-Disposition", "inline; filename=myfilename.pdf");
        header('Content-type: application/pdf');
        readfile($_SERVER['SCRIPT_FILENAME']); // serve the requested file
        exit(0);

    } elseif ($abo == 1) {

        // Note : 1 is a registered member but not subscribed

        // echo message : Your account is not subscribed to our website, please go on WebsiteName to subscribe.     
        echo "";

    } else {

        // echo message : You encountered an error during your request. Please reload the page or log-in once again.
        echo '';

    }

}

// If nothing is triggered, die.
die()

?>

<!DOCTYPE html>
<html>
<body style="background-color: white;">
</body>
</html>

Problem is : Prepend file does not get read first so I'm stuck with this. Second Problem : I remember I found a way to read the prepend.php file, but the verification didn't work.

The only way I could get this work was on my local website and with different code :

.htaccess (local)

# Adding PDF compatibility to check 
AddHandler php5-script .pdf
AddType application/x-httpd-php .html .htm

#Path of the directory where are stored the PDFs
php_value include_path "./journal/"

#Check wether or not user is logged-in & show pdf if logged-in
php_value auto_prepend_file "prepend.php"

prepend.php (local)

<?php

/* Loading Joomla User core Files */
define( '_JEXEC', 1 );
define('JPATH_BASE', '../');
require_once ( JPATH_BASE .'/includes/defines.php' );
require_once ( JPATH_BASE .'/includes/framework.php' );

/* Create the Application */
$app = JFactory::getApplication('site');

$error = "Une erreur est survenue";

/* Check wether Joomla User is logged-in */
$user = JFactory::getUser();

/* Define user id */
$ClientUserId = $user->id;

/* Connect to databases */
$link = mysqli_connect("localhost", "root", "", "dbname");

/* Search for Account type */
$resultabo = mysqli_query($link, "SELECT * FROM tablename WHERE user_id='$ClientUserId' ORDER BY id DESC LIMIT 1");

while($row = $resultabo->fetch_assoc()) {

    $abo = $row["account_id"];

    $error = "Une erreur s'est produite. Veuillez rafraƮchir la page.";

        if ($abo == 1) die();

        else if($abo == 2) {

            header("Content-Disposition", "inline; filename=myfilename.myextension");
            header('Content-type: application/pdf');
            readfile($_SERVER['SCRIPT_FILENAME']); // serve the requested file
            exit(0);

        }

        else die();

}

die();

/* Old Method */
#if ($user->guest) die();
#else {
#   }

/* Sending back pdf */


?>

<html><body bgcolor="#FFFFFF"></body></html>

Thanks

0

There are 0 answers