getUserID(); // check whether the user has CreditSpending permission set to Y $sql = "SELECT * FROM `$user_permission_blocking` WHERE `UserID` = '".$UserID."'"; $res = $objDB->ddlQuery($sql); $row = $objDB->get_row($res); $objUser_permission_blocking->setUser_permission_blocking($row['UserPermissionBlockingID']); $AllowCreditSpending = $objUser_permission_blocking->getCreditSpending(); $smarty->assign("AllowCreditSpending", $AllowCreditSpending); // get available user credit $sql_credit = "SELECT * FROM `$user_credit` WHERE `UserID`=".$UserID; $res_credit = $objDB->ddlQuery($sql_credit); $num_credit = $objDB->numberRow($res_credit); if($num_credit) { $row_credit = $objDB->get_row($res_credit); $CreditAvailable = $row_credit['CreditAvailable']; } else { $CreditAvailable = 0; } $smarty->assign("CreditAvailable",$CreditAvailable); // Sanitizing data for output $ProductID = htmlentities($_GET['ProductID'], ENT_QUOTES, 'UTF-8'); // Sanitizing the direct DB input $ProductID_IN = mysql_real_escape_string($_GET['ProductID']); // Objects sanitize their own DB input, so we input here direct REQUEST $ProductID_RAW = $_GET['ProductID']; if( empty($ProductID) && !is_int($ProductID) ) { header("location:index.php?msg=Invalid product id format"); exit(); } /* check whether the product is valid */ $sql = "SELECT * FROM `$product` WHERE `ProductID`='$ProductID_IN' AND (`Status`='Active' OR `Status`='BuyOut')"; $res = $objDB->ddlQuery($sql); $numberRow = $objDB->numberRow($res); if($numberRow != 1) { header("location:index.php?msg=Product does not exists"); exit(); } /***********************/ /* get product record */ $row = $objDB->get_row($res, 'MYSQL_ASSOC'); $smarty->assign("Product", $row); /***********************/ // check if free download available if( empty($row['CreditValue']) && empty($row['BuyOutPrice']) ) { $FreeDownload = true; $smarty->assign("FreeDownload", $FreeDownload); } // get the category names $CatIDsStr = $row[CatID]; $CatIDsArr = $CategoryNamesArr = array(); $CatIDsArr = explode(",", $CatIDsStr); foreach($CatIDsArr as $CatID) { $objCategory->setCategory($CatID); $CategoryNamesArr[] = $objCategory->getCatName(); } $CategoryNames = implode(", ", $CategoryNamesArr); $smarty->assign("CategoryNames", $CategoryNames); // get the theme names $ThemeIDsStr = $row[ThemeID]; $ThemeIDsArr = $ThemeNamesArr = array(); $ThemeIDsArr = explode(",", $ThemeIDsStr); foreach($ThemeIDsArr as $ThemeID) { $objTheme->setTheme($ThemeID); $ThemeNamesArr[] = $objTheme->getThemeName(); } $ThemeNames = implode(", ", $ThemeNamesArr); $smarty->assign("ThemeNames", $ThemeNames); // get product author name $UserID = $row['UserID']; $objUser->setUser($UserID ); $UserName = $objUser->getUserName(); $smarty->assign("AuthorName", $UserName); $smarty->assign("AuthorUserID", $UserID); // get product features $FeatureIDsStr = $row[RequiredFeatureID]; $FeatureIDsArr = $FeatureNamesArr = array(); $FeatureIDsArr = explode(",", $FeatureIDsStr); foreach($FeatureIDsArr as $FeatureID) { $objRequired_feature->setRequired_feature($FeatureID); $FeatureNamesArr[] = $objRequired_feature->getFeatureName(); } $FeatureNames = implode(", ", $FeatureNamesArr); $smarty->assign("FeatureNames", $FeatureNames); // get product compatibility $CompatibilityIDsStr = $row[CompatibilityID]; $CompatibilityIDsArr = $CompatibilityNamesArr = array(); $CompatibilityIDsArr = explode(",", $CompatibilityIDsStr); foreach($CompatibilityIDsArr as $CompatibilityID) { $objCompatibility->setCompatibility($CompatibilityID); $CompatibilityNamesArr[] = $objCompatibility->getCompatibilityName(); } $CompatibilityNames = implode(", ", $CompatibilityNamesArr); $smarty->assign("CompatibilityNames", $CompatibilityNames); // get the zip file size $ZipFileSize = GetReadableFileSize( "./upload/" . $row['ZipFile_Path'] ); $smarty->assign("ZipFileSize", $ZipFileSize); // check if the user has enough credit to download the product $CreditValue = $row['CreditValue']; $BuyOutPrice = $row['BuyOutPrice']; if($CreditAvailable < $CreditValue) $AllowDownload = false; else $AllowDownload = true; if($CreditAvailable < $BuyOutPrice) $AllowBuyOut = false; else $AllowBuyOut = true; $AllowAllDownload = true; if($CreditAvailable < $CreditValue || $CreditAvailable < $BuyOutPrice) { //$AllowAllDownload = false; if($CreditValue > 0) $BuyAtLeast = $CreditValue - $CreditAvailable; else $BuyAtLeast = $BuyOutPrice - $CreditAvailable; } /* if(!empty($_SESSION['download_file_path'])) { $download_file_path = $_SESSION['download_file_path']; $smarty->assign("download_file_path", $download_file_path); } */ $RatingBarStatic = rating_bar($ProductID, 5, 'static'); $smarty->assign("RatingBarStatic", $RatingBarStatic); $smarty->assign("CreditAvailable", $CreditAvailable); $smarty->assign("AllowDownload", $AllowDownload); $smarty->assign("AllowBuyOut", $AllowBuyOut); $smarty->assign("AllowAllDownload", $AllowAllDownload); $smarty->assign("BuyAtLeast", $BuyAtLeast); // Title $TitleText = "Download"; $smarty->assign("TitleText", $TitleText); // additional css style tooltip here $HeaderContent = ' '; $smarty->assign("HeaderContent", $HeaderContent); $smarty->assign("tpl_page","download.tpl"); $smarty->display("container.tpl"); ?>