//Connection vars are set correctly above this line$link = mysql_connect($dbHo

1. //Connection vars are set correctly above this line
2. $link = mysql_connect($dbHost,$dbUser,$dbPass) or die("Unable to connect to database");
3.  
4. mysql_select_db("$dbName") or die("Unable to select database $dbName");
5.  
6. $IP_addr = $HTTP_SERVER_VARS["REMOTE_ADDR"];
7. $strCurrentUser="";
8. $sqlquery = "select username_clean,group_id from phpbb3_users,phpbb3_sessions where phpbb3_users.user_id=session_user_id AND (session_ip='$IP_addr' OR session_id ='".session_id()."') order by session_time DESC";
9. $result_user=mysql_query($sqlquery);
10. if($result_user){
11.    $aryRow=mysql_fetch_assoc($result_user);
12.    $strCurrentUser=$aryRow['username_clean'];
13.    $intGroupID=$aryRow['group_id'];
14. }
15. if($strCurrentUser==""){
16.    $sqlquery = "select username_clean,group_id from phpbb3_users where user_ip='$IP_addr'";
17.    $result_user=mysql_query($sqlquery);
18.    if($result_user){
19.       $aryRow=mysql_fetch_assoc($result_user);
20.       $strCurrentUser=$aryRow['username_clean'];
21.       $intGroupID=$aryRow['group_id'];
22.    }   
23. }
24.  
25. if($strCurrentUser=="") {
26.    header('location: download_error.php?Error=Not%20Logged%20In');
27. }
28. $sqlquery = "select * from gs_vids where title='".mysql_real_escape_string($_GET['t'])."'";
29.  
30. $results = mysql_query($sqlquery) or die('Query failed: ' . mysql_error());;
31.  
32. if ($row = mysql_fetch_assoc($results)){
33.    $filename = $row['filename'];
34.    $subscription_level=$row['subscription_level'];
35.    if(!haspermission($intGroupID,$subscription_level)){
36.       header('location: download_error.php?Error=Permission');
37.       exit;
38.    }
39.    header('location: '.$filename);
40. }else{
41.    header('location: download_error.php?Error=Not%20Found');
42. }
43.  
44. mysql_close($link);