Fieldtype, Module

Archived
Forum
(read-only)

Protected Links

ExpressionEngine 2, ExpressionEngine 3, ExpressionEngine 4, ExpressionEngine 5, ExpressionEngine 6

Back to this add-on's main page
View Other Add-ons From Yuri Salimovskiy

Protected Links  >  Thread
     

Files not downloading after update to EE 2.5.1

Support Request

Garrett
Posted: 18 June 2012 05:18 PM
Garrett

Hello,

After updating to EE 2.5.1 (and Protected Links 1.9.1) my links no longer work. They download empty files. I am generating links on the fly with:

<a href="{exp:protected_links:generate
 url='{cf_sd_boxcom_link}'
 only_link='yes'
 deny_hotlink='yes'
 filename='{cf_sd_filename}'
 }"

The cf_sd_boxcom_link custom field links to a direct download link hosted on box.com that generally looks like this:

https://daptech.box.com/shared/static/a72178bfcbbaebde6884.zip 

Note: the above link is live and suitable for testing.

When I click on a link generated in this manner, it downloads an emtpy file. Again, this was working just fine before I updated EE and Protected Links. I did try using the older verison of Protected Links that was modified (see http://devot-ee.com/add-ons/support/protected-links/viewthread/5322), but the links would time out. Could the EE update have done something? I am not sure how to troubleshoot this any further.

 
 
Yuri Salimovskiy
Posted: 19 June 2012 08:38 AM # 1
Developer
Yuri Salimovskiy

Try setting EE debug preferences to show errors to everyone and then open downloaded file with a text editor - it should have some information.
 
Garrett
Posted: 19 June 2012 01:13 PM # 2
Garrett

Indeed:

A PHP Error was encountered

Severity: Warning
Message:  Cannot modify header information - headers already sent by (output started at /[snipped]/expressionengine/third_party/protected_links/mod.protected_links.php:246)
Filename: core/Common.php
Line Number: 408

</div>

I am seeing the cannot modify header information warning on a lot of pages. I suppose this is not something limited to Protected Links. I haven’t been paying very close attention to my PHP warnings, so I cannot say if one particular addon or update is responsible. I guess I’ll have to do some more troubleshooting. Any suggestions as to where to start?
 
Yuri Salimovskiy
Posted: 19 June 2012 01:35 PM # 3
Developer
Yuri Salimovskiy

“cannot modify header” is not really a problem here (if there is no other error)

try replacing

if (ini_get('open_basedir') == '' && ini_get('safe_mode' == 'Off'))
          {
              curl_setopt($chCURLOPT_FOLLOWLOCATIONtrue);
          

with simply

curl_setopt($chCURLOPT_FOLLOWLOCATIONtrue); 

if that does not help - debug Curl output.
I’m pretty sure this is more related to file hosting you use than EE or Protected Links
 
Garrett
Posted: 19 June 2012 02:06 PM # 4
Garrett

That did not work. The contents of the downloaded file is the same as before. I do have other PHP warnings on my page, all related to empty segment variables. How do I debug the Curl output?
 
Yuri Salimovskiy
Posted: 19 June 2012 02:07 PM # 5
Developer
Yuri Salimovskiy

Check these links for CURL debugging advices and example
https://ebay.custhelp.com/app/answers/detail/a_id/1070/~/how-can-i-debug-php-curl-sessions?
http://stackoverflow.com/questions/1795684/how-to-debug-curl-call-to-amazon-s3-when-it-get-stuck

The curl_exec() call is made at line 221
 
Garrett
Posted: 19 June 2012 02:15 PM # 6
Garrett

First, I tried adding:

curl_setopt($curlCURLOPT_VERBOSE1); 

But the file out put was the same, just the PHP warning error. Then I noticed something. On line 214 of the latest mod.protected_links.php you have:

curl_setopt($chCURLOPT_FOLLOWLOCATIONtrue); 

The first parameter is the variable $ch, but in the rest of the curl_setopt() calls the first parameter is $curl. Should line 214 be:

curl_setopt($curlCURLOPT_FOLLOWLOCATIONtrue); 

I tried to changing to that, and now when I click a link it just hangs and eventually times out. No file is ever downloaded.

 
 
Yuri Salimovskiy
Posted: 19 June 2012 02:20 PM # 7
Developer
Yuri Salimovskiy

Can you email me the link where I could reproduce/see the problem?
Control Panel access would also be a plus.
My address is support@intoeetive.com
 
Garrett
Posted: 19 June 2012 02:31 PM # 8
Garrett

One final piece of information. Lines 208-224 of mod_protected_links looks like this:

$curl curl_init(); 
curl_setopt($curlCURLOPT_URLstr_replace('&#47;','/',$url));
curl_setopt($curlCURLOPT_HEADERfalse);
curl_setopt($curlCURLOPT_RETURNTRANSFERtrue);
 if (ini_get('open_basedir') == '' && ini_get('safe_mode' == 'Off'))
{
 curl_setopt($curlCURLOPT_FOLLOWLOCATIONtrue);
 }
curl_setopt($curlCURLOPT_CURL_VERBOSEfalse);
 curl_setopt($curlCURLOPT_HTTPAUTHCURLAUTH_BASIC ) ;
  curl_setopt($curlCURLOPT_SSLVERSION3);
curl_setopt($curlCURLOPT_SSL_VERIFYPEERfalse);
 curl_setopt($curlCURLOPT_SSL_VERIFYHOST2);
curl_setopt($curlCURLOPT_USERAGENT'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0');
 $out curl_exec($curl);
$error curl_error($curl);
curl_close($curl); 

When I click a link, eventually I see a fatal PHP error message:

Fatal errorAllowed memory size of 33554432 bytes exhausted (tried to allocate 18941840 bytesin /[snipped]/expressionengine/third_party/protected_links/mod.protected_links.php on line 221 

I’ll set up the dev server so you can have access.
 
Garrett
Posted: 19 June 2012 02:37 PM # 9
Garrett

Also, it now works on smaller files. I tried a 3.6 mb file and it downloaded ok. Based on that error message it looks like anything around 33mb is going to fail. Can I set it so it doesn’t buffer the file in memory?
 
Garrett
Posted: 19 June 2012 04:17 PM # 10
Garrett

Looks like this is my problem:

http://devot-ee.com/add-ons/support/protected-links/viewthread/5421

The difference is I’m not using S3. Hosting the files locally on the server is not an option. Perhaps I can use fopen() to open the remote file as if it were in an S3 bucket. I’m not sure I’m up to the task with my limited PHP skills.
 
Garrett
Posted: 19 June 2012 04:53 PM # 11
Garrett

Alright, this seems to work. I added another storage type called “large_url” and added this code to mod.protected_links

case 'large_url'
                header("Pragma: public"); 
          header("Expires: 0"); 
          header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); 
          header("Cache-Control: public"FALSE); 
          header("Content-Description: File Transfer"); 
          header("Content-Type: " $type); 
          header("Accept-Ranges: bytes"); 
          if ($inline == true)
                {
                    header("Content-Disposition: inline; filename=\"" . $filename . "\";"); 
                }
                else
                {
                    header("Content-Disposition: attachment; filename=\"" . $filename . "\";"); 
                }
          header("Content-Transfer-Encoding: binary");
                $fp fopen($url"rb");
    while(!feof($fp)) {
     echo fread($fp4096);
     flush();
    }
                fclose($fp);
            break; 

Do you see any problems with this? Are there security risks? I am very much an intermediate PHP coder :)
 
Yuri Salimovskiy
Posted: 20 June 2012 02:46 AM # 12
Developer
Yuri Salimovskiy

If you’re not letting people add any files they want (which is a risk by itself) - there are no security risks.  Glad it’s working now! I think I’ll add something like your solution to next release.
 
 
← Links don’t work if system is offline? Getting error after upgrade to 1.9.3 →