.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
That sounds like a permissions problem. ie: PHP is not being permitted to generate the symlink to put into that folder. Either because it can't write to the folder because PHP doesn't have sufficient write privileges, or because symlinking is disabled for that folder or for the filesystem or for the server in general.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Moderator note: the two threads on the same topic have been merged for continuity of discussion.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
I've no idea what you mean by "ambiguous text added".
--------
I think you and your host are completely misunderstanding the simple process that Zen Cart is trying to do here.
If your store is set to the default configuration of "Download By Redirect" being enabled, then this is what happens:
a) customer purchases the files
b) customer visits the download links (presented on order-completion screen and/or their my-account order history screen)
c) customer clicks the download link
d) then in the /pub/ folder ZC creates a new folder using a randomly-generated foldername prefixed with a dot
e) ZC looks up the name of the file associated with their purchase and finds the file in the /download/ folder and reads its filesize
f) it instructs PHP to request that the filesystem create a symlink in that /pub/.randomfoldername/ folder which points to the actual file from the /download/ folder (a symlink is like a "shortcut" or "alias" to the original, and NOT an actual copy of the file, since there's no need to make copies when symlinks will serve the purpose perfectly fine as long as symlinking is enabled on your server)
g) then it sends a "filesize and filename" header followed by a "location redirect" header to the browser to take the customer directly to that symlinked file and start a download. This makes the browser talk to Apache directly to obtain the file from the filesystem, without involving Zen Cart in any of the actual download of the file contents.
So, as I've said previously, if your account isn't permitting ZC to create the hidden folder in the /pub/ directory, or isn't being allowed to generate symlinks, or isn't being allowed to follow symlinks, then the downloads won't work. Zen Cart does try to detect whether the symlink was successfully generated and if it can't find the symlink after attempting to create it, normally will fallback to one of the other available methods: either direct-download from the /download/ folder (VERY insecure because the filename link can be shared with "friends" who will never have to pay for those downloads), or the download-by-streaming method which sends the file's contents directly instead of using the symlink/redirect. This latter approach is much more server-intensive and is a less desirable method but may be the only viable option in some server configurations. However it will not generate a 403-forbidden error because the permission to access the page is already granted since the file is being served from a PHP script.
If you are are not using Apache, then you will have to sort out with your hosting company how their webserver engine works instead of traditional configurations of webserver activity.
Also as has been discussed here, if there are characters in the filenames which make for complicated serving as URLs or paths in an HTML or browser request, then things could get interrupted. There will be no errors recorded about this failure because it's very difficult to detect this situation programmatically.
Further, as also mentioned, if the filename doesn't match a pattern that has been whitelisted in the /pub/.htaccess rules then the server's security will block the browser's request for the file. This will be recorded in the server's webserver errorlogs because the webserver is enforcing that rule.
I'm not sure why I'm having to write this here again, as much of this is already explained in the various FAQ articles talking about download delivery methods (which shows the "how it works" and "what each method does and why") and about relocating download folders for added security precautions (that is an advanced concept that may not work for all server configurations). Those articles are worth the read, especially when you're having problems such as you are purporting.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
I don't know if *you* are still having a problem, but I've just had a successful download of "Bright Red Eyed Bird" (both the .jpg and the .zip).
So, if you are having a problem it is local to your machine (cache files?), OR it is something amiss with whatever file you are using for testing.
Cheers
Rod
ps. Looking at my order history, I noted that you *did* originally include the file path (wallpaper) as part of the filename. Between that AND the space characters I could easily see how you'd be going around and around in circles.
Last edited by RodG; 13 May 2012 at 08:38 AM.
Did you also modify the .htaccess file in your /download directory? It's got the same file-extension list as the one in the pub folder, so it you don't have .jpg added those files won't be able to be copied over the /pub directory for the customers' downloads.
Hmmm, like RodG said ... it's working now! What did you do to correct your issue?
Last edited by lat9; 13 May 2012 at 01:13 PM.
I must disagree.
The .htaccess in the /download/ folder has NO effect on the files served from the /pub/ folder, even when those files are symlinked.
The .htaccess in the /download folder ONLY applies to files served directly from the /download/ folder. You can have completely different stuff in the /pub/ folder and they won't affect each other. And vice-versa.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Thanks for the clarification, DrByte! I apologize for the misinformation.
Here is where I am at to clear up all confusion.
The server is Apache so SymLinks should work. It is not a Windows server.
History:
SymLinks were working before. I am not sure when they stopped working. One major change I noticed was one day I got the "zencart new install screen" The solution to get the page back up and running was from /srv/disk1/8133219/www/michael to /home/www/michaelhulak/. After getting the page back up and running, I did a once over the page and discovered the SymLink downloads were no longer working. I put in a ticket to the webserver informing them of the changes needed in the config files and the symlinks no longer working. In the ticket response they told me the symlink is pointing to /home/www/michaelhulak/download/2009_04_25_IMG_7615_ED.jpg when it should be pointing to ../../download/2009_04_25_IMG_7615_ED.jpg. I opened this thread looking for help. I since asked my server to confirm symlinks is working and they told me to put an htacess file at the root of the page with Options +FollowSymLinks in it. I already have that in the htacess file inside the pub directory. I since asked them to confirm httpd.conf file is setup properly to allow my site to use SymLinks.
Successes:
- Using direct link instead of SymLinks works.
- I put extra text within the SymLink creation and this made the redirect fail over to direct. So this is just using direct download. The change was by adding AA in the /includes/modules/pages/download/header_php.php to make the line look like $link_create_status = @symlink(DIR_FS_DOWNLOAD . $origin_filename, DIR_FS_DOWNLOAD_PUBLIC . $tempdir . 'AA/' . $download_link);
Details about .htacess
pub folder contains:
## the following line is needed to allow Download-By-Redirect to work
Options +FollowSymLinks
......
<FilesMatch ".*\.(zip|ZIP|gzip|pdf|PDF|mp3|MP3|swf|SWF|wma|WMA|wmv|WMV|wav|epub|JPG|jpg)$">
Order Allow,Deny
Allow from all
</FilesMatch>
<IfModule mod_headers.c>
<FilesMatch ".*\.(zip|ZIP|gzip|pdf|PDF|mp3|MP3|swf|SWF|wma|WMA|wmv|WMV|wav|epub|JPG|jpg)$">
download folder contains:
# but now allow just *certain* necessary files:
<FilesMatch ".*\.(zip|ZIP|gzip|pdf|PDF|mp3|MP3|swf|SWF|wma|WMA|wmv|WMV|wav|epub|JPG|jpg)$">
Order Allow,Deny
Allow from all
</FilesMatch>
<IfModule mod_headers.c>
<FilesMatch ".*\.(zip|ZIP|pdf|PDF|mp3|MP3|swf|SWF|wma|WMA|wmv|WMV|wav|epub|JPG|jpg)$">
Details about PUB generated SymLinks
The Pub folder with 777 permissions gets created along with the link within properly. Example /pub/.bqvgmtvqnzjrbhj-1336959970/2009_04_25_IMG_7615_ED.jpg
Details about Download Folder
Permissions are 755
files for downloading are at the root of the download folder and without spaces or special characters. Example /download/2009_04_25_IMG_7615_ED.jpg
Last edited by MHulak; 14 May 2012 at 04:08 AM.
Bookmarks