8 files changed, 278 insertions, 20 deletions
diff --git a/application/libraries/Ddownload/Ddownload.php b/application/libraries/Ddownload/Ddownload.php
new file mode 100644
index 000000000..808dfe776
--- /dev/null
+++ b/application/libraries/Ddownload/Ddownload.php
@@ -0,0 +1,34 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+abstract class Ddownload_Driver extends CI_Driver {
+
+	abstract public function serveFile($file, $filename, $type);
+}
+
+class Ddownload extends CI_Driver_Library {
+
+	protected $_adapter = null;
+
+	protected $valid_drivers = array(
+		'ddownload_php', 'ddownload_nginx', 'ddownload_lighttpd'
+	);
+
+	function __construct()
+	{
+		$CI =& get_instance();
+
+		$this->_adapter = $CI->config->item('download_driver');
+	}
+
+	public function serveFile($file, $filename, $type)
+	{
+		$this->{$this->_adapter}->serveFile($file, $filename, $type);
+	}
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php
new file mode 100644
index 000000000..780f60838
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php
@@ -0,0 +1,26 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_lighttpd extends Ddownload_Driver {
+
+	public function serveFile($file, $filename, $type)
+	{
+		$CI =& get_instance();
+		$upload_path = $CI->config->item('upload_path');
+
+		if (strpos($file, $upload_path) !== 0) {
+			show_error('Invalid file path');
+		}
+
+		header('Content-disposition: inline; filename="'.$filename."\"\n");
+		header('Content-Type: '.$type."\n");
+		header('X-Sendfile: '.$file."\n");
+	}
+
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_nginx.php b/application/libraries/Ddownload/drivers/Ddownload_nginx.php
new file mode 100644
index 000000000..2410df4d4
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_nginx.php
@@ -0,0 +1,29 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_nginx extends Ddownload_Driver {
+
+	public function serveFile($file, $filename, $type)
+	{
+		$CI =& get_instance();
+		$upload_path = $CI->config->item('upload_path');
+		$download_location = $CI->config->item('download_nginx_location');
+
+		if (strpos($file, $upload_path) === 0) {
+			$file_path = substr($file, strlen($upload_path));
+		} else {
+			show_error('Invalid file path');
+		}
+
+		header('Content-disposition: inline; filename="'.$filename."\"\n");
+		header('Content-Type: '.$type."\n");
+		header('X-Accel-Redirect: '.$download_location.$file_path."\n");
+	}
+
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_php.php b/application/libraries/Ddownload/drivers/Ddownload_php.php
new file mode 100644
index 000000000..344db53f0
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_php.php
@@ -0,0 +1,111 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_php extends Ddownload_Driver {
+
+	// Original source: http://www.phpfreaks.com/forums/index.php?topic=198274.msg895468#msg895468
+	public function serveFile($file, $filename, $type)
+	{
+		$fp = @fopen($file, 'r');
+
+		$size	= filesize($file); // File size
+		$length = $size;	   // Content length
+		$start	= 0;		   // Start byte
+		$end	= $size - 1;	   // End byte
+		// Now that we've gotten so far without errors we send the accept range header
+		/* At the moment we only support single ranges.
+		* Multiple ranges requires some more work to ensure it works correctly
+		* and comply with the spesifications: http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
+		*
+		* Multirange support annouces itself with:
+		* header('Accept-Ranges: bytes');
+		*
+		* Multirange content must be sent with multipart/byteranges mediatype,
+		* (mediatype = mimetype)
+		* as well as a boundry header to indicate the various chunks of data.
+		*/
+		header("Accept-Ranges: 0-$length");
+		// header('Accept-Ranges: bytes');
+		// multipart/byteranges
+		// http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
+		if (isset($_SERVER['HTTP_RANGE']))
+		{
+			$c_start = $start;
+			$c_end	 = $end;
+			// Extract the range string
+			list(, $range) = explode('=', $_SERVER['HTTP_RANGE'], 2);
+			// Make sure the client hasn't sent us a multibyte range
+			if (strpos($range, ',') !== false)
+			{
+				// (?) Shoud this be issued here, or should the first
+				// range be used? Or should the header be ignored and
+				// we output the whole content?
+				header('HTTP/1.1 416 Requested Range Not Satisfiable');
+				header("Content-Range: bytes $start-$end/$size");
+				// (?) Echo some info to the client?
+				exit;
+			}
+			// If the range starts with an '-' we start from the beginning
+			// If not, we forward the file pointer
+			// And make sure to get the end byte if spesified
+			if ($range{0} == '-')
+			{
+				// The n-number of the last bytes is requested
+				$c_start = $size - substr($range, 1);
+			}
+			else
+			{
+				$range	= explode('-', $range);
+				$c_start = $range[0];
+				$c_end	 = (isset($range[1]) && is_numeric($range[1])) ? $range[1] : $size;
+			}
+			/* Check the range and make sure it's treated according to the specs.
+			* http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
+			*/
+			// End bytes can not be larger than $end.
+			$c_end = ($c_end > $end) ? $end : $c_end;
+			// Validate the requested range and return an error if it's not correct.
+			if ($c_start > $c_end || $c_start > $size - 1 || $c_end >= $size)
+			{
+				header('HTTP/1.1 416 Requested Range Not Satisfiable');
+				header("Content-Range: bytes $start-$end/$size");
+				// (?) Echo some info to the client?
+				exit;
+			}
+			$start	= $c_start;
+			$end	= $c_end;
+			$length = $end - $start + 1; // Calculate new content length
+			fseek($fp, $start);
+			header('HTTP/1.1 206 Partial Content');
+			// Notify the client the byte range we'll be outputting
+			header("Content-Range: bytes $start-$end/$size");
+		}
+		header("Content-Length: $length");
+		header("Content-disposition: inline; filename=\"".$filename."\"\n");
+		header("Content-Type: ".$type."\n");
+
+		// Start buffered download
+		$buffer = 1024 * 8;
+		while(!feof($fp) && ($p = ftell($fp)) <= $end)
+		{
+			if ($p + $buffer > $end)
+			{
+				// In case we're only outputtin a chunk, make sure we don't
+				// read past the length
+				$buffer = $end - $p + 1;
+			}
+			set_time_limit(0); // Reset time limit for big files
+			echo fread($fp, $buffer);
+			flush(); // Free up memory. Otherwise large files will trigger PHP's memory limit.
+		}
+
+		fclose($fp);
+	}
+
+}
diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php
index 96d61e3cc..07a16190c 100644
--- a/application/libraries/Duser/Duser.php
+++ b/application/libraries/Duser/Duser.php
@@ -9,14 +9,11 @@
 
 abstract class Duser_Driver extends CI_Driver {
 
-	// List of optional functions or function groups that are implemented
+	// List of optional functions that are implemented
 	//
-	// Possible values are names of functions already implemented in this
-	// abstract class or the function groups listed below.
-	//
-	// Possible function groups are:
-	//  - can_register_new_users
-	//  - can_reset_password
+	// Possible values are:
+	//  - can_register_new_users (only supported with the DB driver!)
+	//  - can_reset_password (only supported with the DB driver!)
 	public $optional_functions = array();
 
 	/*
@@ -24,12 +21,26 @@ abstract class Duser_Driver extends CI_Driver {
 	 *  - username string
 	 *  - userid INT > 0
 	 *
+	 * @param username
+	 * @param password
 	 * @return mixed array on success, false on failure
 	 */
 	abstract public function login($username, $password);
 
+	/*
+	 * @param username
+	 * @return boolean true is username exists, false otherwise
+	 */
 	public function username_exists($username) {
-		return false;
+		return null;
+	}
+
+	/*
+	 * @param userid
+	 * @return string email address of the user
+	 */
+	public function get_email($userid) {
+		return null;
 	}
 }
 
@@ -38,7 +49,7 @@ class Duser extends CI_Driver_Library {
 	protected $_adapter = null;
 
 	protected $valid_drivers = array(
-		'duser_db', 'duser_ldap'
+		'duser_db', 'duser_ldap', 'duser_fluxbb'
 	);
 
 	function __construct()
@@ -87,8 +98,6 @@ class Duser extends CI_Driver_Library {
 
 	public function username_exists($username)
 	{
-		$this->require_implemented(__FUNCTION__);
-
 		if ($username === false) {
 			return false;
 		}
@@ -98,8 +107,6 @@ class Duser extends CI_Driver_Library {
 
 	public function get_email($userid)
 	{
-		$this->require_implemented(__FUNCTION__);
-
 		return $this->{$this->_adapter}->get_email($userid);
 	}
 }
diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php
index 1258ec585..a58b5a298 100644
--- a/application/libraries/Duser/drivers/Duser_db.php
+++ b/application/libraries/Duser/drivers/Duser_db.php
@@ -9,11 +9,13 @@
 
 class Duser_db extends Duser_Driver {
 
+	/* FIXME: If you use this driver as a template, remove can_reset_password
+	 * and can_register_new_users. These features require the DB driver and
+	 * will NOT work with other drivers.
+	 */
 	public $optional_functions = array(
-		'username_exists',
 		'can_reset_password',
 		'can_register_new_users',
-		'get_email',
 	);
 
 	public function login($username, $password)
@@ -26,11 +28,7 @@ class Duser_db extends Duser_Driver {
 			WHERE `username` = ?
 			', array($username))->row_array();
 
-		if (!isset($query["username"]) || $query["username"] !== $username) {
-			return false;
-		}
-
-		if (!isset($query["password"])) {
+		if (empty($query)) {
 			return false;
 		}
 
diff --git a/application/libraries/Duser/drivers/Duser_fluxbb.php b/application/libraries/Duser/drivers/Duser_fluxbb.php
new file mode 100644
index 000000000..1790e830b
--- /dev/null
+++ b/application/libraries/Duser/drivers/Duser_fluxbb.php
@@ -0,0 +1,53 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Duser_fluxbb extends Duser_Driver {
+
+	private $CI = null;
+	private $config = array();
+
+	function __construct()
+	{
+		$this->CI =& get_instance();
+		$this->config = $this->CI->config->item('auth_fluxbb');
+	}
+
+	public function login($username, $password)
+	{
+		$query = $this->CI->db->query('
+			SELECT username, id
+			FROM '.$this->config['database'].'.users
+			WHERE username = ? AND password = ?
+			', array($username, sha1($password)))->row_array();
+
+		if (!empty($query)) {
+			return array(
+				'username' => $query['username'],
+				'userid' => $query['id']
+			);
+		} else {
+			return false;
+		}
+	}
+
+	public function username_exists($username)
+	{
+		$query = $this->CI->db->query('
+			SELECT id
+			FROM '.$this->config['database'].'.users
+			WHERE username = ?
+			', array($username));
+
+		if ($query->num_rows() > 0) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+}
diff --git a/application/libraries/index.html b/application/libraries/index.html
index c942a79ce..c942a79ce 100755..100644
--- a/application/libraries/index.html
+++ b/application/libraries/index.html