walterdavis/gist:4698086

## gistfile1.php
<?php
//moved everything to "Before HTML" to reduce the chance of header errors
ini_set('display_errors', 1);
error_reporting(E_ALL);
$message = $meta = '';
//basic security: only files in this folder may be downloaded
//set this to the relative path to the downloads folder
$safe_files = scandir(realpath('./downloads'));
foreach($safe_files as $key => $val){
  if(substr($val, 0, 1) == '.'){
    unset($safe_files[$key]);
  }
}
//the simplest thing that could possibly work:
//create a folder called db just outside the htdocs folder
//and give it write permissions (777, or 700, but owned by the Web server)
$file = dirname(dirname(__FILE__)) . '/db/data.json';
if(!file_exists($file)){
  if(!is_dir(dirname($file))){
    die('Could not locate the database folder');
  }
  file_put_contents($file, '');
}
function retrieve(){
  global $file;
  $arr = array();
  $data = file_get_contents($file);
  if(strlen($data) > 2){
    $arr = json_decode($data);
    //basic sanitation, JSON can be used for Evil...
    foreach($arr as $key => $val){
      $arr[$key] = (string) $val;
    }
  }
  return $arr;
}
function store($data){
  global $file;
  file_put_contents($file, json_encode($data));
}
function downloads($name){
  //cache the value since there will be multiple reads per page
  static $data;
  $total = 0;
  if(!isset($data)){
    $data = retrieve();
  }
  //count through the array for mentions of this item
  foreach($data as $key => $val){
    if($val == $name) $total++;
  }
  return $total;
}
function track($name){
  //get a fresh copy of the data
  $data = retrieve();
  //push on a new mention and save it
  $data[] = $name;
  store($data);
  //strip off the querystring and redirect to the file
  //I'm using the same page, so it looks like this
  $base = $_SERVER['PHP_SELF'];
  header('Location: ' . $base . '?download=' . $_GET['file']);
  exit;
}
//all that to do this:
if(isset($_GET['track'])){
  track($_GET['track']);
}
if(isset($_GET['download'])){
  $download = trim(strip_tags($_GET['download']));
  if(in_array($download, $safe_files)){
    $message = 'Now downloading ' . $download;
    $meta = '<meta http-equiv="refresh" content="1;url=downloads/' . $download . '"></meta>';
  }
}
?>
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8" />
  <title>Click Me!</title>
  <!--[if IE]>
  <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
  <![endif]-->
  <?= $meta ?>
</head>
<body>
  <div>
    <div><?= $message ?></div>
    <ul>
      <li><a href="?track=One&amp;file=one.txt">Link One</a> (<?=downloads('One')?>)</li>
      <li><a href="?track=Two&amp;file=two.txt">Link Two</a> (<?=downloads('Two')?>)</li>
      <li><a href="?track=Three&amp;file=three.txt">Link Thre</a>e (<?=downloads('Three')?>)</li>
      <li><a href="?track=Four&amp;file=four.txt">Link Four</a> (<?=downloads('Four')?>)</li>
      <li><a href="?track=Five&amp;file=five.txt">Link Five</a> (<?=downloads('Five')?>)</li>
      <li><a href="?track=Six&amp;file=six.txt">Link Six</a> (<?=downloads('Six')?>)</li>
    </ul>
  </div>
</body>
</html>
	<?php
	//moved everything to "Before HTML" to reduce the chance of header errors
	ini_set('display_errors', 1);
	error_reporting(E_ALL);
	$message = $meta = '';
	//basic security: only files in this folder may be downloaded
	//set this to the relative path to the downloads folder
	$safe_files = scandir(realpath('./downloads'));
	foreach($safe_files as $key => $val){
	if(substr($val, 0, 1) == '.'){
	unset($safe_files[$key]);
	}
	}
	//the simplest thing that could possibly work:
	//create a folder called db just outside the htdocs folder
	//and give it write permissions (777, or 700, but owned by the Web server)
	$file = dirname(dirname(__FILE__)) . '/db/data.json';
	if(!file_exists($file)){
	if(!is_dir(dirname($file))){
	die('Could not locate the database folder');
	}
	file_put_contents($file, '');
	}
	function retrieve(){
	global $file;
	$arr = array();
	$data = file_get_contents($file);
	if(strlen($data) > 2){
	$arr = json_decode($data);
	//basic sanitation, JSON can be used for Evil...
	foreach($arr as $key => $val){
	$arr[$key] = (string) $val;
	}
	}
	return $arr;
	}
	function store($data){
	global $file;
	file_put_contents($file, json_encode($data));
	}
	function downloads($name){
	//cache the value since there will be multiple reads per page
	static $data;
	$total = 0;
	if(!isset($data)){
	$data = retrieve();
	}
	//count through the array for mentions of this item
	foreach($data as $key => $val){
	if($val == $name) $total++;
	}
	return $total;
	}
	function track($name){
	//get a fresh copy of the data
	$data = retrieve();
	//push on a new mention and save it
	$data[] = $name;
	store($data);
	//strip off the querystring and redirect to the file
	//I'm using the same page, so it looks like this
	$base = $_SERVER['PHP_SELF'];
	header('Location: ' . $base . '?download=' . $_GET['file']);
	exit;
	}
	//all that to do this:
	if(isset($_GET['track'])){
	track($_GET['track']);
	}
	if(isset($_GET['download'])){
	$download = trim(strip_tags($_GET['download']));
	if(in_array($download, $safe_files)){
	$message = 'Now downloading ' . $download;
	$meta = '<meta http-equiv="refresh" content="1;url=downloads/' . $download . '"></meta>';
	}
	}
	?>
	<!DOCTYPE html>
	<html>
	<head>
	<meta charset="utf-8" />
	<title>Click Me!</title>
	<!--[if IE]>
	<script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
	<![endif]-->
	<?= $meta ?>
	</head>
	<body>
	<div>
	<div><?= $message ?></div>
	<ul>
	<li><a href="?track=One&file=one.txt">Link One</a> (<?=downloads('One')?>)</li>
	<li><a href="?track=Two&file=two.txt">Link Two</a> (<?=downloads('Two')?>)</li>
	<li><a href="?track=Three&file=three.txt">Link Thre</a>e (<?=downloads('Three')?>)</li>
	<li><a href="?track=Four&file=four.txt">Link Four</a> (<?=downloads('Four')?>)</li>
	<li><a href="?track=Five&file=five.txt">Link Five</a> (<?=downloads('Five')?>)</li>
	<li><a href="?track=Six&file=six.txt">Link Six</a> (<?=downloads('Six')?>)</li>
	</ul>
	</div>
	</body>
	</html>