So we’re finally at the “interesting” stuff: the page that checks if a user is allowed or not to download a certain package.
As in previous posts in order to allow a user to download a certain file he/she must be a member of a given group; e.g. we want to restrict the downloads of MySoftware.exe and make this available only to the members of the grp_MySoftware group. We defined then in our database that this file has the following entry:
PackageDesc = “My beautiful software 1.0″
PackageName = “MySoftware.exe”
PackageType = “Special”
NeededGroup = “grp_MySoftware”
The code that you find below will check if the user that is visiting the page is part of the grp_MySoftware group and, if successful, build the download link by redirecting him/her to the closest distribution point. Example http://192.168.xxx.1/files/MySoftware.exe where xxx is the subnet of the client visiting the page.
So now let’s see the code and remember to change the MyDomain = “contoso” to your domain name (E.g. if you have mycompany.com just type mycompany).
The code that follows is self-explanatory so just…read it and check the commented lines!
‘======CODE======
<!– #include file=”adovbs.inc” –>
<%
Session.Timeout=10
Dim NEEDED_GROUP
Dim SOURCE
Dim FILE
Dim MyDomain
‘Dim USERID
FILE = Request.querystring(“file”)
USERID = Request.querystring(“UserName”)
MyDomain = “contoso”
Dim Licensed
Set cnnSearch = Server.CreateObject(“ADODB.Connection”)
cnnSearch.Open “Provider=Microsoft.Jet.OLEDB.4.0;Data Source=” & Server.Mappath(“db/downloads.mdb”) & “;”
strSQL2 = “SELECT Packages.NeededGroup FROM Packages WHERE (((Packages.PackageName)=’” & FILE & “‘)) GROUP BY Packages.NeededGroup;”
Set rstSearch2 = cnnSearch.Execute(strSQL2)
Do While Not rstSearch2.EOF
NEEDED_GROUP= rstSearch2.Fields(“NeededGroup”).Value
rstSearch2.MoveNext
Loop
Call CheckGroup
Sub CheckGroup
Set objDictionary = CreateObject(“Scripting.Dictionary”)
set User = GetObject(“WinNT://” & MyDomain & “/” + USERID)
For Each Prop In User.groups
if instr(Prop.Name,right(NEEDED_GROUP,3)) > 0 then
Licensed = True
end if
Next
End Sub
if Licensed = True then
Call GimmePack(FILE)
else
Call RequestPack(NEEDED_GROUP, FILE)
End if
‘ *** Get the visitor’s subnet
CLIENT_IP = Request.ServerVariables(“REMOTE_ADDR”)
SUBNET0 = Split(CLIENT_IP,”.”)
‘ *** Check the distribution point for the given subnet
strSQL = “SELECT Sites.Subnet, Sites.Distrib_Point FROM Sites WHERE (((Sites.Subnet)=’” & SUBNET0(2) & “‘)) GROUP BY Sites.Subnet, Sites.Distrib_Point;”
Set rstSearch = cnnSearch.Execute(strSQL)
Do While Not rstSearch.EOF
Session(“SOURCE”) = rstSearch.Fields(“Distrib_Point”).Value
rstSearch.MoveNext
Loop
‘ *** Create the download link and redirect the by using the REFRESH metatag so the package automatically starts downloading
Sub GimmePack(FILE)
DOWNLOAD_LINK = Session(“SOURCE”) & FILE
response.write “<html><head><META http-equiv=’refresh’ content=’3;URL=” & DOWNLOAD_LINK & “‘><title>Download page for ” & FILE & “</title></head><body>”
response.write “<center><FONT FACE=TAHOMA SIZE=2 COLOR=#006699>You are registered to download <b>” & FILE & “</b></FONT><br>”
response.write “<FONT FACE=TAHOMA SIZE=2 COLOR=#006699>Your download should start in few seconds, if this doesn’t happen, click <a href=” & DOWNLOAD_LINK & “>HERE</a></b> to download the file</FONT><center>”
LogHit
End Sub
Sub LogHit
CLIENT_IP = Request.ServerVariables(“REMOTE_ADDR”)
Dim DB_CONNECTIONSTRING
DB_CONNECTIONSTRING = “Provider=Microsoft.Jet.OLEDB.4.0;Data Source=” & Server.Mappath(“db/hits.mdb”) & “;”
Dim objRecordset
Set objRecordset = Server.CreateObject(“ADODB.Recordset”)
strSQL = “SELECT * FROM downloads;”
objRecordset.Open strSQL, DB_CONNECTIONSTRING, adOpenKeyset, adLockPessimistic, adCmdText
objRecordset.AddNew
objRecordset.Fields(“Package”) = FILE
objRecordset.Fields(“UserName”) = USERID
objRecordset.Fields(“IP_ADDR”) = CLIENT_IP
objRecordset.Fields(“Date”) = Date
objRecordset.Update
objRecordset.Close
Set objRecordset = Nothing
End Sub
Sub RequestPack(NEEDED_GROUP, FILE)
Response.Redirect “request_package.asp?UserName=” & UCase(USERID) & “?Group=” & NEEDED_GROUP & “?File=” & FILE & ” ”
‘ Session.Abandon
End Sub
%><head><title>..:: Download Center ::..</title></head>
‘======END CODE======