Plugin Conflict: EBD breaks download links when using Download Monitor 4.9.x

Yes, I am experiencing exactly the same problem of broken download links with EBD 6.9.6, DLM 4.9.3 and Contact Form 7 5.8.4 All was sworking fine until the update to DLM. Hope this can get fixed as EBD is a slick solution to the need for an email address before download. Cheers

Okay, I don’t have a site to test this with, currently, as the client I had which encountered this simply removed EBD for the time being (they weren’t actively using it), but it seems like https://www.ads-software.com/support/topic/fixed-bug-email-before-download-includes-class-email-before-download-db-php119/ might be something to consider as a potential fix (or at least a step in the right direction to get this working again…?)

Also, as mentioned in the EBD plugin’s Slack on Nov. 23rd by Bruno Silva (see: https://emailbeforedo-euo7121.slack.com/archives/C02Q3FWAE2J) there are sometimes links like https://example.com/download/2037/?tmstv=1700745768?uid=6a09adfe1a incorrectly include the uid with ? when it should be using & considering tmstv is already at the start of the URL parameters.

That would explain why “uuid” is invalid/missing since it’s using a malformed set of URL parameters in a situation like that. This then looks to be caused by the code snippet in includes/class-email-before-downlaod-process.php of:

$permalink = get_option('permalink_structure');
if($permalink != ""){
  $spacer = "?uid=";
}else{
  $spacer = "&uid=";
}

where it’s checking the permalink structure to see if pretty permalinks are enabled to determine if ? or & should be used, but that has a blindspot for how DLM might be inserting the tmstv parameter in recent versions so EBD thinks it’s okay to use ? when it’s actually not the first URL parameter & should be using & instead.

This should probably be checking what the resulting URL output would be for the download and then determine if ? or & should be used based on that URL to then append the uid parameter accordingly and then use as needed.

To build off of my most recent comments above…

This is entirely untested, but might be a step in the right direction. Currently, includes/class-email-before-downlaod-process.php has:

public function link_url($link)
{
  $permalink = get_option('permalink_structure');
  if($permalink != ""){
    $spacer = "?uid=";
  }else{
    $spacer = "&uid=";
  }
  $generated_link = '';
  if($link->expire_time > 0)
    $generated_link =home_url().'?ebddl='.$link->uid;
  else
    $generated_link =do_shortcode("[download_data id=\"$link->selected_id\" data=\"download_link\"]").$spacer.$link->uid;
  return $generated_link;
}

which could/should become:

public function link_url($link)
{
  $generated_link = '';
  if($link->expire_time > 0){
	$generated_link = home_url().'?ebddl='.$link->uid;
  }else{
    $generated_link = do_shortcode("[download_data id=\"$link->selected_id\" data=\"download_link\"]");
    $parsed_link = parse_url($generated_link);
    if(isset($parsed_link['query'])){ // The link already has URL parameters being set
      $generated_link = $generated_link.'&uid='.$link->uid;
    }else{ // This is the first URL parameter in the link
      $generated_link = $generated_link.'?uid='.$link->uid;
    }
  }
  return $generated_link;
}

to more accurately generate the download URL with the correct URL parameter structure (where I suppose the ?ebddl variation of the download link doesn’t need to check since it’s just using that URL parameter directly on the main site URL to resolve so it should always just be ? to then be handled accordingly when visited.)

Additionally, one might also want to update includes/class-email-before-download-db.php where it currently has:

$expiration = $expired[0] * $duration[$expired[1]];

which could/should become:

$expiration = (int)$expired[0] * (int)$duration[$expired[1]];

so it is more likely to calculate the expiration without issue (per @john-attends.) Again, untested code, but these 2 updates together do seem to be related to what might be causing issues here (both with the current version of Download Monitor [make sure the URL parameters are being included properly] & modern PHP versions [make sure the expiration is calculated properly.])

Honestly, this might be all that’s needed to fix things so I’d love to hear if someone that still has EBD being used on their site can confirm if the issue persists after making these 2 changes or not (or if the issue’s still there and/or if there’s different issues then happening.)

At that point, we can then push for the plugin dev to implement the fix (and ideally also put the plugin on GitHub so community-based support/development like this can be handled in a more structured & optimal way as well as pushing tagged versions to the plugin’s SVN so past versions are available to reference/download [per that oddly stopping back with version 5.1.9 when it really can be useful to have & also given how quick it can be to make a version available this way.])

• This reply was modified 10 months, 3 weeks ago by KZeni.

Hello @kzeni , I just tested your fix code, it doesn’t solve the issue, and the second parameter in the URL remains prefixed by “?”. Even if I change manually the “?” to “&” in the URL, the UID error is thrown anyway.

I rolled back Download Monitor plugin to v4.8.10 and now the email link works again, even with the wrong parameter concatenation.

• This reply was modified 10 months, 2 weeks ago by lellolallo.

Hello guys, I also came across this problem after updating plugins. I managed to adjust the EBD using @kzeni initial idea, but I made the adjustments in another function and it worked.

For some reason $_GET[‘uid’] is returning 0. So I renamed the parameter only when delivering the file and it worked.

I change the class “record” and “ebd_the_download” on class-email-before-download-public.php

public function record($allowed, $download){
        $permalink = get_option('permalink_structure');
        if($permalink != ""){
            $downloadID = $download->post->ID;
        }else {
            $downloadID = sanitize_key($_GET['download']);

        }
        $db = new Email_Before_Download_DB();
        
            if(isset($_GET['uid'])) {
                $link = $db->select_link('uid', $_GET['uid_new']);
                if (!$link)
                    wp_die(__('Invalid UID Please fill out a new form to generate a new link.', 'email-before-download'));

                if ($this->expired($link))
                    wp_die(__('This download has expired. Please fill out a new form to generate a new link.', 'email-before-download'));

                $db->mark_downloaded($link->id);
            }


    return $allowed;
}

public function ebd_the_download($content){
        
    if(isset($_GET['ebddl'])) {

    $db = new Email_Before_Download_DB();
    $download_id = sanitize_key($_GET['download']);

            $link = $db->select_link('uid', sanitize_key($_GET['ebddl']));
            // if($download_id == 'ebddl')
            //     return 'Custom link!';
            if ($this->expired($link))
                wp_die(__('This download has expired. Please fill out a new form to generate a new link.', 'email-before-download'));

            $url = do_shortcode("[download_data id=\"".$link->selected_id."\" data=\"download_link\"]");
            $parsed_link = parse_url($url);
            
            if(isset($parsed_link['query'])){ 
                // The link already has URL parameters being set
                $url .= "&uid_new=".$link->uid;
            }else{ 
                $url .= "?uid_new=".$link->uid;
                // This is the first URL parameter in the link
            }
           
            if ( ! function_exists( 'wp_redirect' ) ) {
                return $content;
            }
            wp_redirect( $url );
            exit;
        }


return $content;
}

Thank you @joaokrabbe for your code, I tested it in my environment, Download Monitor v 4.9.3, Email Before Download 6.9.6 – unfortunately it doesn’t work there, the same error is thrown.

• This reply was modified 10 months, 2 weeks ago by lellolallo.
• This reply was modified 10 months, 2 weeks ago by lellolallo.

@lellolallo Just to confirm, did you test it with:

• The 2 edits from #post-17251628 (both includes/class-email-before-download-process.php and includes/class-email-before-download-db.php edits; first to make it more aware of URL parameters it might need to take into account beyond whether it’s pretty permalink enabled or not when creating the download’s link URL while the second has it make sure expiration is being calculated properly)
• As well as the 2 edits from #post-17263768 (both then in public/class-email-before-download-public.php; first appears to hand off the uid as uid_new in the URL parameters to avoid conflict while the second appears to also do that as well as also using my fix for having it check for existing URL parameters before taking the visitor to that download’s URL [as that old code that only checked for pretty permalinks was in multiple spots])

Or did you try a portion of these edits at a given time? I’m just wondering since they all might be needed.

@joaokrabbe on a similar point, did you put these edit in place alongside my suggested group of updates or did you find it to work when those are the only edits made? If you did have my suggested updates as well as your edits, did my suggested edits also need to be updated to utilize the uid_new URL parameter as well?

I’m wondering if there still might be more to patch to get this working properly since it appears, per joaokrabbe’s suggested edit, there might be other areas where the URL is being prepped/processed to be accounted for. *If it turns out we haven’t yet gotten to a set of edits that gets things working consistently again.

I tested both configurations:

• KZeni 2 edits together with joaokrabbe 2 edits

• Just joaokrabbe 2 edits

but please consider that my environment has a lot of plugins installed, I’m afraid the problem can be due also to some other conflict. I did not investigate any more the root cause of the failure, just observed the error message.

Hi everyone,

Thank you for reviewing the issue and coming up with suggestions. We are going to try to implement some of these to see if we can find a resolution.

Thanks,

@mandsconsulting This is fantastic news! Thanks for giving this a look!

Marking this as resolved as version 6.9.7 of Email Before Download was released about 5 days ago to address this issue and https://www.ads-software.com/support/topic/invalid-uid-after-upgrade-to-4-9/#post-17291883 has confirmed this update fixed the issue (thankfully I had notifications turned on for that topic in the Download Monitor support forum as I otherwise wouldn’t have known there was an updated version made available of EBD to fix this issue [having disabled EBD to avoid this issue in the meantime.])

Side note, it still sure would be nice if EBD were to get added to GitHub (then linked to in the plugin description so it’s easily found) to help facilitate these community-based potential fixes, etc. Also, I see these new versions still aren’t being tagged via the WP.org SVN (https://plugins.trac.www.ads-software.com/browser/email-before-download/tags) to be able to have a history of past versions being available (see the “Previous Versions” section & dropdown on https://www.ads-software.com/plugins/email-before-download/advanced/ as it’s missing any/all version 6.x releases), if/when needed.

Also, for those curious about what needed to be updated, here’s a link to this latest EBD release’s changeset: https://plugins.trac.www.ads-software.com/changeset/3010606