T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/private_html/api/record_download.php
<?php
session_start();
header('Content-Type: application/json');

require_once '../config/database.php';

// Check if user is logged in
if (!isset($_SESSION['user_id'])) {
    http_response_code(401);
    echo json_encode([
        'success' => false,
        'error' => 'User not logged in'
    ]);
    exit;
}

try {
    $pdo = getDBConnection();
    
    // Get request data
    $input = json_decode(file_get_contents('php://input'), true);
    $purchase_id = $input['purchase_id'] ?? null;
    $download_type = $input['download_type'] ?? 'original';
    $variation_id = $input['variation_id'] ?? null;
    $user_id = $_SESSION['user_id'];
    
    if (!$purchase_id) {
        throw new Exception('Purchase ID is required');
    }
    
    // Verify the purchase belongs to the user
    $stmt = $pdo->prepare("
        SELECT id, track_id FROM track_purchases 
        WHERE id = ? AND user_id = ?
    ");
    $stmt->execute([$purchase_id, $user_id]);
    $purchase = $stmt->fetch();
    
    if (!$purchase) {
        throw new Exception('Purchase not found or access denied');
    }
    
    // If downloading a variation, verify it belongs to the purchased track
    if ($download_type === 'variation' && $variation_id) {
        $stmt = $pdo->prepare("
            SELECT id FROM audio_variations 
            WHERE id = ? AND track_id = ?
        ");
        $stmt->execute([$variation_id, $purchase['track_id']]);
        
        if (!$stmt->fetch()) {
            throw new Exception('Variation not found or does not belong to purchased track');
        }
    }
    
    // Update download count and last downloaded time
    $stmt = $pdo->prepare("
        UPDATE track_purchases 
        SET download_count = download_count + 1, 
            last_downloaded = CURRENT_TIMESTAMP
        WHERE id = ?
    ");
    $stmt->execute([$purchase_id]);
    
    echo json_encode([
        'success' => true,
        'message' => 'Download recorded successfully',
        'download_type' => $download_type
    ]);
    
} catch (Exception $e) {
    http_response_code(400);
    echo json_encode([
        'success' => false,
        'error' => $e->getMessage()
    ]);
}
?>

CasperSecurity Mini