Forum

Thread tagged as: Question, Members

Secure Downloads - Link not working

Hi there,

Really struggling with the secure downloads on the members app.

I have created the template and in the CMS it uploads to the folder on server (outside of public_html) with no problems.

It link also gets displayed when the member is logged in.

Its when you click on the link to download the file, it says:

The contrac.teamfc.uk page isn’t working

contrac.teamfc.uk is currently unable to handle this request.
HTTP ERROR 500

This is my template

<perch:before>
    <h1 class="logged-in-title2">Downloads</h1>
</perch:before>

<a href="<perch:content id="file" type="file" label="File" order="2" bucket="secure" />">
     <perch:content type="text" id="desc" label="Title" order="1" required="true" title="true" />
</a>

This is my member template

<?php
    if (perch_member_logged_in()) {
        echo '<h1 class="logged-in-title">Welcome back, '.perch_member_get('first_name').'!</h1>';
    }else{
        echo '<h1>Hello!</h1>';
        echo '<p>You are not logged in.';
    }
?>

<?php
    if (perch_member_logged_in()) {
        perch_content('Downloads');
?>

    <a href="profile.php" class="logged-in__logged-out button button--black">Edit profile</a>
    <a href="logout.php" class="logged-in__logged-out button button--black">Log out</a>


<?php
    }else{
        perch_members_login_form();
    }
?>

Then this is my buckets.php file

<?php
return array(
    'secure' => array(
        'web_path'  => '/members/download.php?file=',
        'file_path' => '/home/teamfcuk/secure',
    ),
);
?>

This is my download.php file

<?php
    include('../admin/runtime.php');

    // config
    $bucket_name = 'secure';
    $url_param   = 'file';


    // By default, deny downloads unless we've proved the member is allowed this file.
    $allow_download = false;


    // Check a member is logged in
    if (perch_member_logged_in()) {
        $allow_download = true;
    }

    /*
    Alternatively, you could check for a specific tag, e.g.

    if (perch_member_has_tag('client')) {
        $allow_download = true;
    }

    */


    // Deliver the file.
    if ($allow_download) {
        perch_members_secure_download(perch_get($url_param), $bucket_name);
    }

    exit;

Here is a screenshot of the folder with the PDF uploaded correctly https://goo.gl/PlKCdv

And the full link is https://contrac.teamfc.uk/members/download.php?file=/chicopee-a4-case-study-2pp-sodexo.pdf

Here is my DR

Perch: 2.8.27
Production mode: Production (100)
Installed apps: content (2.8.27), assets (2.8.27), categories (2.8.27), perch_forms (1.8.3), perch_blog (5.0), perch_members (1.4.2)
DB driver: PDO
DB tables: perch2_blog_authors (3), perch2_blog_comments (0), perch2_blog_index (71), perch2_blog_posts (2), perch2_blog_posts_to_tags (0), perch2_blog_sections (1), perch2_blog_tags (0), perch2_blogs (1), perch2_categories (17), perch2_category_counts (1), perch2_category_sets (3), perch2_content_index (15902), perch2_content_items (871), perch2_content_regions (12), perch2_forms (1), perch2_forms_responses (1), perch2_members (3), perch2_members_forms (0), perch2_members_member_tags (1), perch2_members_sessions (29), perch2_members_tags (1), perch2_navigation (0), perch2_navigation_pages (0), perch2_page_templates (1), perch2_pages (5), perch2_resource_log (3680), perch2_resource_tags (0), perch2_resources (592), perch2_resources_to_tags (0), perch2_settings (25), perch2_user_passwords (0), perch2_user_privileges (39), perch2_user_role_privileges (34), perch2_user_roles (2), perch2_users (4)
Users: 4
App runtimes:
<?php
    $apps_list = array(
        'content',
        'categories',
        'perch_forms',
        'perch_members',
        'perch_blog'
    );
Scheduled tasks for perch_blog: delete_spam_comments (1440 mins)
Editor plug-ins: markitup
H1: c353df99ac6fbdcc3b8ddc2f6cf1e3ee
L1: 896bc08cf2fb6710ab69742481fc6f63
F1: 2edba60ed1f613d6dd804feb202456a2
headerColour: #356490
content_singlePageEdit: 1
helpURL:
siteURL: /
hideBranding: 1
content_collapseList: 1
lang: en-gb
update_2.8.20: done
latest_version: 2.8.15
on_sale_version: 2.8.27
headerScheme: dark
dashboard: 0
hide_pwd_reset: 0
content_hideNonEditableRegions: 1
content_frontend_edit: 1
perch_blog_update: 5.0.1
perch_blog_post_url: /news/post.php?s={postSlug}
perch_blog_site_name: Contrac Lighting
perch_blog_slug_format: %Y-%m-%d-{postTitle}
perch_blog_akismet_key:
perch_blog_max_spam_days: 0
perch_blog_comment_notify: 0
perch_members_update: 1.4
perch_members_login_page: /members/login.php?r={returnURL}
update_2.8.27: done
PERCH_DEVELOPMENT: 10
PERCH_STAGING: 50
PERCH_PRODUCTION: 100
PERCH_DB_USERNAME: teamfcuk_contrac
PERCH_DB_SERVER: 87.117.252.235
PERCH_DB_DATABASE: teamfcuk_contrac
PERCH_DB_PREFIX: perch2_
PERCH_CLEAN_RESOURCES:
PERCH_TZ: Europe/London
PERCH_EMAIL_FROM: chris@teamfc.co.uk
PERCH_EMAIL_FROM_NAME: Thom Watson
PERCH_LOGINPATH: /admin
PERCH_PATH: /home/teamfcuk/public_html/contrac/admin
PERCH_CORE: /home/teamfcuk/public_html/contrac/admin/core
PERCH_RESFILEPATH: /home/teamfcuk/public_html/contrac/admin/resources
PERCH_RESPATH: /admin/resources
PERCH_HTML5: 1
PERCH_RUNWAY:
PERCH_ERROR_MODE: DIE
PERCH_DATE_LONG: %d %B %Y
PERCH_DATE_SHORT: %d %b %Y
PERCH_TIME_SHORT: %H:%M
PERCH_TIME_LONG: %H:%M:%S
PERCH_RUNWAY_ROUTED:
PERCH_STRONG_PASSWORDS:
PERCH_DEBUG:
PERCH_PREVIEW_ARG: preview
PERCH_TEMPLATE_PATH: /home/teamfcuk/public_html/contrac/admin/templates
PERCH_DEFAULT_DOC: index.php
PERCH_DEFAULT_EXT: .php
PERCH_PRODUCTION_MODE: 100
PERCH_RWD:
PERCH_HTML_ENTITIES:
PERCH_SSL:
PERCH_STRIPSLASHES:
PERCH_PROGRESSIVE_FLUSH: 1
PERCH_PARANOID:
PERCH_FORCE_SECURE_COOKIES:
PERCH_PASSWORD_MIN_LENGTH: 6
PERCH_MAX_FAILED_LOGINS: 10
PERCH_AUTH_LOCKOUT_DURATION: 1 HOUR
PERCH_VERIFY_UPLOADS:
PERCH_AUTH_PLUGIN:
PERCH_DB_CHARSET: utf8
PERCH_DB_PORT:
PERCH_DB_SOCKET:
PERCH_SESSION_TIMEOUT_MINS: 20
HOSTING SETTINGS

PHP: 5.6.17
Zend: 2.6.0
OS: Linux
SAPI: cgi-fcgi
Safe mode: not detected
MySQL client: mysqlnd 5.0.11-dev - 20120503 - $Id: 3c688b6bbc30d36af3ac34fdd4b7b5b787fe5555 $
MySQL server: 5.5.48-cll
Free disk space: 56.43 GB
Extensions: Core, date, ereg, libxml, openssl, pcre, sqlite3, zlib, bcmath, calendar, ctype, curl, dom, filter, ftp, gd, hash, iconv, SPL, json, mbstring, mcrypt, session, mysql, mysqli, standard, Phar, posix, Reflection, mysqlnd, SimpleXML, soap, sockets, imap, tokenizer, xml, xmlreader, xmlwriter, cgi-fcgi, homeloader, PDO, pdo_sqlite, pdo_mysql, ionCube Loader, Zend Guard Loader
GD: Yes
ImageMagick: No
PHP max upload size: 2M
PHP max form post size: 8M
PHP memory limit: 1028M
Total max uploadable file size: 2M
Resource folder writeable: Yes
Session timeout: 24 minutes
Native JSON: Yes
Filter functions: Yes
Transliteration functions: No
CONTEXT_DOCUMENT_ROOT: /home/teamfcuk/public_html/contrac
DOCUMENT_ROOT: /home/teamfcuk/public_html/contrac
GATEWAY_INTERFACE: CGI/1.1
HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
HTTP_ACCEPT_ENCODING: gzip, deflate, sdch
HTTP_ACCEPT_LANGUAGE: en-US,en;q=0.8,fr;q=0.6
HTTP_CONNECTION: keep-alive
HTTP_COOKIE: __unam=c3834f5-15332d09d52-7a1f72c4-354; cmsa=1; p_m=103f7107b492e956ec390ef6c2b9ca9f363b9074; _ga=GA1.2.85343822.1457444132; PHPSESSID=b643a6651b0f4c2292d49b6be0a99ef7
HTTP_HOST: contrac.teamfc.uk
HTTP_REFERER: https://contrac.teamfc.uk/admin/core/settings/diagnostics/
HTTP_UPGRADE_INSECURE_REQUESTS: 1
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.37 Safari/537.36
PATH: /bin:/usr/bin
PHPRC: /home/teamfcuk/public_html/contrac
QUERY_STRING: extended
REDIRECT_STATUS: 200
REMOTE_ADDR: 86.2.239.205
REMOTE_PORT: 49830
REQUEST_METHOD: GET
REQUEST_SCHEME: http
REQUEST_URI: /admin/core/settings/diagnostics/?extended
SCRIPT_FILENAME: /home/teamfcuk/public_html/contrac/admin/core/settings/diagnostics/index.php
SCRIPT_NAME: /admin/core/settings/diagnostics/index.php
SERVER_ADDR: 87.117.252.235
SERVER_ADMIN: webmaster@contrac.teamfc.uk
SERVER_NAME: contrac.teamfc.uk
SERVER_PORT: 80
SERVER_PROTOCOL: HTTP/1.1
SERVER_SOFTWARE: Apache
UNIQUE_ID: VvLUqFd1-OsAAUqtHRsAAAAX
PHP_SELF: /admin/core/settings/diagnostics/index.php
REQUEST_TIME_FLOAT: 1458754728.65
REQUEST_TIME: 1458754728
argc: 1

Any ideas what I am doing wrong. I followed the example below https://docs.grabaperch.com/addons/members/downloads/

Thanks

Fishtank Creative

Fishtank Creative 2 points

  • 5 years ago
Drew McLellan

Drew McLellan 2638 points
Perch Support

Is there anything in your error log?

This is what I'm getting in the error log

[Wed Mar 23 17:40:37.485075 2016] [:error] [pid 85627] [client 81.136.159.71:55956] File does not exist: /home/teamfcuk/public_html/contrac/download.php
[Wed Mar 23 17:39:27.603207 2016] [:error] [pid 73026] [client 81.136.159.71:55914] File does not exist: /home/teamfcuk/public_html/contrac/download.php
[Wed Mar 23 17:39:17.688474 2016] [:error] [pid 73928] [client 81.136.159.71:55904] File does not exist: /home/teamfcuk/public_html/contrac/download.php
[Wed Mar 23 16:40:45.034429 2016] [:error] [pid 59276] [client 86.2.239.205:58735] File does not exist: /home/teamfcuk/public_html/contrac/members/login.php, referer: https://contrac.teamfc.uk/admin/core/apps/content/edit/?id=21
[Wed Mar 23 16:39:21.811949 2016] [:error] [pid 45089] [client 86.2.239.205:57745] File does not exist: /home/teamfcuk/public_html/contrac/members/login.php, referer: https://contrac.teamfc.uk/admin/core/apps/content/page/?id=13
[Wed Mar 23 16:31:45.015214 2016] [:error] [pid 48780] [client 86.2.239.205:52426] File does not exist: /home/teamfcuk/public_html/contrac/members/login.php
[Wed Mar 23 16:27:28.374873 2016] [:error] [pid 36413] [client 86.2.239.205:49456] File does not exist: /home/teamfcuk/public_html/contrac/members/login.php
Drew McLellan

Drew McLellan 2638 points
Perch Support

Do those times relate to this error?

Yes, the ones from 17:39 onwards especially

Drew McLellan

Drew McLellan 2638 points
Perch Support

And that's the whole lot? No PHP errors?

It all looks ok to me on paper.

We have got our Hosting company to investigate this issue and this is what they have said:

++++++++++++

Hi Barry,

The issue lays in this section of code inside /home/teamfcuk/public_html/contrac/admin/addons/apps/perch_members/runtime.php

// find file type
if (function_exists('finfo_file')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $file_path);
finfo_close($finfo);
}else{
$mimetype = mime_content_type($file_path);
}

Confirmed by modifying the file and adding the following:

/home/teamfcuk/public_html/contrac/admin/addons/apps/perch_members/runtime.php

if (file_exists($file_path)) {
echo "Hello 1";
// find file type
if (function_exists('finfo_file')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, $file_path);
finfo_close($finfo);
}else{
$mimetype = mime_content_type($file_path);
}
echo "Hello 2";

/home/teamfcuk/public_html/contrac/members/download.php

// Deliver the file.
if ($allow_download) {
$tmp=perch_members_secure_download(perch_get($url_param), $bucket_name, true);
echo "$tmp";
}

Confirmed at https://contrac.teamfc.uk/members/download.php?file=/waveled4.pdf Hello 1

I have tried to changed the php version in case the current version was incompatible (5.6) but no success at php 5.4, 5.5. Debug this piece of code and its requirements will solve the issue.

++++++++++++

What should we do about this. Is there something you guys need to change or we need to change?

Has there been any update on what our Hosting company has found in regards to the members app?

Drew McLellan

Drew McLellan 2638 points
Perch Support

What am I missing here? The code doesn't appear to be any different apart from some debug messages.

Sorry its this code below. If we comment this out it works fine. But once we uncomment, stops working

// find file type
// if (function_exists('finfo_file')) {
//    $finfo = finfo_open(FILEINFO_MIME_TYPE);
//    $mimetype = finfo_file($finfo, $file_path);
//    finfo_close($finfo);
// }else{
//    $mimetype = mime_content_type($file_path);
// }

Full snippet here

if (substr($file_path, 0, strlen($bucket['file_path'])) == $bucket['file_path']) {

    if (file_exists($file_path)) {
        // find file type
        //if (function_exists('finfo_file')) {
        //    $finfo = finfo_open(FILEINFO_MIME_TYPE);
        //    $mimetype = finfo_file($finfo, $file_path);
        //    finfo_close($finfo);
        //}else{
        //    $mimetype = mime_content_type($file_path);
        //}
        if (!$mimetype) $mimetype = 'application/octet-stream';

        header("Content-Type: $mimetype", true);

        if ($force_download) {
            header("Content-Disposition: attachment; filename=\"".$file_name."\"", true);
            header("Content-Length: ".filesize($file_path), true);
            header("Content-Transfer-Encoding: binary\n", true);
        }
echo "Hello";
        if ($stream = fopen($file_path, 'rb')){
            ob_end_flush();
            while(!feof($stream) && connection_status() == 0){
                print(fread($stream, 8192));
                flush();
            }
            fclose($stream);
        }

        exit;
    }
}

All within /addons/apps/perch_members/runtime.php

Drew McLellan

Drew McLellan 2638 points
Perch Support

That suggests FINFO isn't working correctly, doesn't it?

We installed this module last night and its now working, Cheers for the help on this.