| [ Index ] |
PHP Cross Reference of phpBB 3.0 Beta 3 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package acp 5 * @version $Id: acp_attachments.php,v 1.39 2006/10/28 11:03:33 acydburn Exp $ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @package acp 13 */ 14 class acp_attachments 15 { 16 var $u_action; 17 var $new_config; 18 19 function main($id, $mode) 20 { 21 global $db, $user, $auth, $template, $cache; 22 global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; 23 24 $user->add_lang(array('posting', 'viewtopic', 'acp/attachments')); 25 26 $error = $notify = array(); 27 $submit = (isset($_POST['submit'])) ? true : false; 28 $action = request_var('action', ''); 29 30 switch ($mode) 31 { 32 case 'attach': 33 $l_title = 'ACP_ATTACHMENT_SETTINGS'; 34 break; 35 36 case 'extensions': 37 $l_title = 'ACP_MANAGE_EXTENSIONS'; 38 break; 39 40 case 'ext_groups': 41 $l_title = 'ACP_EXTENSION_GROUPS'; 42 break; 43 44 case 'orphan': 45 $l_title = 'ACP_ORPHAN_ATTACHMENTS'; 46 break; 47 48 default: 49 trigger_error('NO_MODE', E_USER_ERROR); 50 break; 51 } 52 53 $this->tpl_name = 'acp_attachments'; 54 $this->page_title = $l_title; 55 56 $template->assign_vars(array( 57 'L_TITLE' => $user->lang[$l_title], 58 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'], 59 'U_ACTION' => $this->u_action, 60 ) 61 ); 62 63 switch ($mode) 64 { 65 case 'attach': 66 67 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); 68 69 $sql = 'SELECT group_name, cat_id 70 FROM ' . EXTENSION_GROUPS_TABLE . ' 71 WHERE cat_id > 0 72 ORDER BY cat_id'; 73 $result = $db->sql_query($sql); 74 75 $s_assigned_groups = array(); 76 while ($row = $db->sql_fetchrow($result)) 77 { 78 $s_assigned_groups[$row['cat_id']][] = $row['group_name']; 79 } 80 $db->sql_freeresult($result); 81 82 $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((sizeof($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']'; 83 84 $display_vars = array( 85 'title' => 'ACP_ATTACHMENT_SETTINGS', 86 'vars' => array( 87 'img_max_width' => false, 'img_max_height' => false, 'img_link_width' => false, 'img_link_height' => false, 88 89 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 90 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 91 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 92 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 93 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 94 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 95 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 96 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 97 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false), 98 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false), 99 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 100 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true), 101 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 102 103 'legend2' => $l_legend_cat_images, 104 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 105 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 106 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' px'), 107 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 108 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 109 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), 110 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), 111 ) 112 ); 113 114 $this->new_config = $config; 115 $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config; 116 $error = array(); 117 118 // We validate the complete config if whished 119 validate_config_vars($display_vars['vars'], $cfg_array, $error); 120 121 // Do not write values if there is an error 122 if (sizeof($error)) 123 { 124 $submit = false; 125 } 126 127 // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... 128 foreach ($display_vars['vars'] as $config_name => $null) 129 { 130 if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) 131 { 132 continue; 133 } 134 135 $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; 136 137 if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm'))) 138 { 139 $size_var = request_var($config_name, ''); 140 $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value); 141 } 142 143 if ($submit) 144 { 145 set_config($config_name, $config_value); 146 } 147 } 148 149 $this->perform_site_list(); 150 151 if ($submit) 152 { 153 add_log('admin', 'LOG_CONFIG_ATTACH'); 154 155 // Check Settings 156 $this->test_upload($error, $this->new_config['upload_path'], false); 157 158 if (!sizeof($error)) 159 { 160 trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); 161 } 162 } 163 164 $template->assign_var('S_ATTACHMENT_SETTINGS', true); 165 166 if ($action == 'imgmagick') 167 { 168 $this->new_config['img_imagick'] = $this->search_imagemagick(); 169 } 170 171 // We strip eventually manual added convert program, we only want the patch 172 $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); 173 174 $supported_types = get_supported_image_types(); 175 176 // Check Thumbnail Support 177 if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) 178 { 179 $this->new_config['img_create_thumbnail'] = 0; 180 } 181 182 $template->assign_vars(array( 183 'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick', 184 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true, 185 ) 186 ); 187 188 // Secure Download Options - Same procedure as with banning 189 $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; 190 191 $sql = 'SELECT * 192 FROM ' . SITELIST_TABLE; 193 $result = $db->sql_query($sql); 194 195 $defined_ips = ''; 196 $ips = array(); 197 198 while ($row = $db->sql_fetchrow($result)) 199 { 200 $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']; 201 if ($value) 202 { 203 $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>'; 204 $ips[$row['site_id']] = $value; 205 } 206 } 207 $db->sql_freeresult($result); 208 209 $template->assign_vars(array( 210 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'], 211 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false, 212 'S_WARNING' => (sizeof($error)) ? true : false, 213 214 'WARNING_MSG' => implode('<br />', $error), 215 'DEFINED_IPS' => $defined_ips, 216 217 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'], 218 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'], 219 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS'], 220 ) 221 ); 222 223 // Output relevant options 224 foreach ($display_vars['vars'] as $config_key => $vars) 225 { 226 if (!is_array($vars) && strpos($config_key, 'legend') === false) 227 { 228 continue; 229 } 230 231 if (strpos($config_key, 'legend') !== false) 232 { 233 $template->assign_block_vars('options', array( 234 'S_LEGEND' => true, 235 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars) 236 ); 237 238 continue; 239 } 240 241 $type = explode(':', $vars['type']); 242 243 $l_explain = ''; 244 if ($vars['explain'] && isset($vars['lang_explain'])) 245 { 246 $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain']; 247 } 248 else if ($vars['explain']) 249 { 250 $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : ''; 251 } 252 253 $template->assign_block_vars('options', array( 254 'KEY' => $config_key, 255 'TITLE' => $user->lang[$vars['lang']], 256 'S_EXPLAIN' => $vars['explain'], 257 'TITLE_EXPLAIN' => $l_explain, 258 'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars), 259 ) 260 ); 261 262 unset($display_vars['vars'][$config_key]); 263 } 264 265 break; 266 267 case 'extensions': 268 269 if ($submit || isset($_POST['add_extension_check'])) 270 { 271 if ($submit) 272 { 273 // Change Extensions ? 274 $extension_change_list = (isset($_POST['extension_change_list'])) ? array_map('intval', $_POST['extension_change_list']) : array(); 275 $group_select_list = (isset($_POST['group_select'])) ? array_map('intval', $_POST['group_select']) : array(); 276 277 // Generate correct Change List 278 $extensions = array(); 279 280 for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++) 281 { 282 $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i]; 283 } 284 285 $sql = 'SELECT * 286 FROM ' . EXTENSIONS_TABLE . ' 287 ORDER BY extension_id'; 288 $result = $db->sql_query($sql); 289 290 while ($row = $db->sql_fetchrow($result)) 291 { 292 if ($row['group_id'] != $extensions[$row['extension_id']]['group_id']) 293 { 294 $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' 295 SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' 296 WHERE extension_id = ' . $row['extension_id']; 297 $db->sql_query($sql); 298 299 add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']); 300 } 301 } 302 $db->sql_freeresult($result); 303 304 // Delete Extension? 305 $extension_id_list = (isset($_POST['extension_id_list'])) ? array_map('intval', $_POST['extension_id_list']) : array(); 306 307 if (sizeof($extension_id_list)) 308 { 309 $sql = 'SELECT extension 310 FROM ' . EXTENSIONS_TABLE . ' 311 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 312 $result = $db->sql_query($sql); 313 314 $extension_list = ''; 315 while ($row = $db->sql_fetchrow($result)) 316 { 317 $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension']; 318 } 319 $db->sql_freeresult($result); 320 321 $sql = 'DELETE 322 FROM ' . EXTENSIONS_TABLE . ' 323 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 324 $db->sql_query($sql); 325 326 add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list); 327 } 328 } 329 330 // Add Extension? 331 $add_extension = strtolower(request_var('add_extension', '')); 332 $add_extension_group = request_var('add_group_select', 0); 333 $add = (isset($_POST['add_extension_check'])) ? true : false; 334 335 if ($add_extension != '' && $add) 336 { 337 if (!sizeof($error)) 338 { 339 $sql = 'SELECT extension_id 340 FROM ' . EXTENSIONS_TABLE . " 341 WHERE extension = '" . $db->sql_escape($add_extension) . "'"; 342 $result = $db->sql_query($sql); 343 344 if ($row = $db->sql_fetchrow($result)) 345 { 346 $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension); 347 } 348 $db->sql_freeresult($result); 349 350 if (!sizeof($error)) 351 { 352 $sql_ary = array( 353 'group_id' => $add_extension_group, 354 'extension' => $add_extension 355 ); 356 357 $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); 358 add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension); 359 } 360 } 361 } 362 363 if (!sizeof($error)) 364 { 365 $notify[] = $user->lang['EXTENSIONS_UPDATED']; 366 } 367 368 $cache->destroy('_extensions'); 369 } 370 371 $template->assign_vars(array( 372 'S_EXTENSIONS' => true, 373 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '', 374 'GROUP_SELECT_OPTIONS' => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group')) 375 ); 376 377 $sql = 'SELECT * 378 FROM ' . EXTENSIONS_TABLE . ' 379 ORDER BY group_id, extension'; 380 $result = $db->sql_query($sql); 381 382 if ($row = $db->sql_fetchrow($result)) 383 { 384 $old_group_id = $row['group_id']; 385 do 386 { 387 $s_spacer = false; 388 389 $current_group_id = $row['group_id']; 390 if ($old_group_id != $current_group_id) 391 { 392 $s_spacer = true; 393 $old_group_id = $current_group_id; 394 } 395 396 $template->assign_block_vars('extensions', array( 397 'S_SPACER' => $s_spacer, 398 'EXTENSION_ID' => $row['extension_id'], 399 'EXTENSION' => $row['extension'], 400 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id'])) 401 ); 402 } 403 while ($row = $db->sql_fetchrow($result)); 404 } 405 $db->sql_freeresult($result); 406 407 break; 408 409 case 'ext_groups': 410 411 $template->assign_var('S_EXTENSION_GROUPS', true); 412 413 if ($submit) 414 { 415 $action = request_var('action', ''); 416 $group_id = request_var('g', 0); 417 418 if ($action != 'add' && $action != 'edit') 419 { 420 trigger_error('NO_MODE', E_USER_ERROR); 421 } 422 423 if (!$group_id && $action == 'edit') 424 { 425 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 426 } 427 428 if ($group_id) 429 { 430 $sql = 'SELECT * FROM ' . EXTENSION_GROUPS_TABLE . " 431 WHERE group_id = $group_id"; 432 $result = $db->sql_query($sql); 433 $ext_row = $db->sql_fetchrow($result); 434 $db->sql_freeresult($result); 435 } 436 else 437 { 438 $ext_row = array(); 439 } 440 441 $group_name = request_var('group_name', '', true); 442 $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : ''); 443 444 if (!$group_name) 445 { 446 $error[] = $user->lang['NO_EXT_GROUP_NAME']; 447 } 448 449 // Check New Group Name 450 if ($new_group_name) 451 { 452 $sql = 'SELECT group_id 453 FROM ' . EXTENSION_GROUPS_TABLE . " 454 WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'"; 455 $result = $db->sql_query($sql); 456 457 if ($db->sql_fetchrow($result)) 458 { 459 $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name); 460 } 461 $db->sql_freeresult($result); 462 } 463 464 if (!sizeof($error)) 465 { 466 // Ok, build the update/insert array 467 $upload_icon = request_var('upload_icon', 'no_image'); 468 $size_select = request_var('size_select', 'b'); 469 $forum_select = request_var('forum_select', false); 470 $allowed_forums = isset($_POST['allowed_forums']) ? array_map('intval', array_values($_POST['allowed_forums'])) : array(); 471 $allow_in_pm = isset($_POST['allow_in_pm']) ? true : false; 472 $max_filesize = request_var('max_filesize', 0); 473 $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize); 474 $allow_group = (isset($_POST['allow_group'])) ? 1 : 0; 475 476 if ($max_filesize == $config['max_filesize']) 477 { 478 $max_filesize = 0; 479 } 480 481 if (!sizeof($allowed_forums)) 482 { 483 $forum_select = false; 484 } 485 486 $group_ary = array( 487 'group_name' => $group_name, 488 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE), 489 'allow_group' => $allow_group, 490 'download_mode' => request_var('download_mode', INLINE_LINK), 491 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon, 492 'max_filesize' => $max_filesize, 493 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '', 494 'allow_in_pm' => ($allow_in_pm) ? 1 : 0 495 ); 496 497 $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET '; 498 $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary); 499 $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : ''; 500 501 $db->sql_query($sql); 502 503 if ($action == 'add') 504 { 505 $group_id = $db->sql_nextid(); 506 } 507 508 add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name); 509 } 510 511 $extension_list = isset($_REQUEST['extensions']) ? array_map('intval', array_values($_REQUEST['extensions'])) : array(); 512 513 if ($action == 'edit' && sizeof($extension_list)) 514 { 515 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 516 SET group_id = 0 517 WHERE group_id = $group_id"; 518 $db->sql_query($sql); 519 } 520 521 if (sizeof($extension_list)) 522 { 523 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 524 SET group_id = $group_id 525 WHERE " . $db->sql_in_set('extension_id', $extension_list); 526 $db->sql_query($sql); 527 } 528 529 $this->rewrite_extensions(); 530 531 if (!sizeof($error)) 532 { 533 $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)]; 534 } 535 } 536 537 $cat_lang = array( 538 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 539 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 540 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 541 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 542 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 543 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 544 ); 545 546 $group_id = request_var('g', 0); 547 $action = (isset($_POST['add'])) ? 'add' : $action; 548 549 switch ($action) 550 { 551 case 'delete': 552 553 if (confirm_box(true)) 554 { 555 $sql = 'SELECT group_name 556 FROM ' . EXTENSION_GROUPS_TABLE . " 557 WHERE group_id = $group_id"; 558 $result = $db->sql_query($sql); 559 $group_name = (string) $db->sql_fetchfield('group_name'); 560 $db->sql_freeresult($result); 561 562 $sql = 'DELETE 563 FROM ' . EXTENSION_GROUPS_TABLE . " 564 WHERE group_id = $group_id"; 565 $db->sql_query($sql); 566 567 // Set corresponding Extensions to a pending Group 568 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 569 SET group_id = 0 570 WHERE group_id = $group_id"; 571 $db->sql_query($sql); 572 573 add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name); 574 575 $this->rewrite_extensions(); 576 577 trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action)); 578 } 579 else 580 { 581 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 582 'i' => $id, 583 'mode' => $mode, 584 'action' => $action, 585 'group_id' => $group_id, 586 'action' => 'delete', 587 ))); 588 } 589 590 break; 591 592 case 'edit': 593 594 if (!$group_id) 595 { 596 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 597 } 598 599 $sql = 'SELECT * 600 FROM ' . EXTENSION_GROUPS_TABLE . " 601 WHERE group_id = $group_id"; 602 $result = $db->sql_query($sql); 603 $ext_group_row = $db->sql_fetchrow($result); 604 $db->sql_freeresult($result); 605 606 $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums'])); 607 608 // no break; 609 610 case 'add': 611 612 if ($action == 'add') 613 { 614 $ext_group_row = array( 615 'group_name' => request_var('group_name', '', true), 616 'cat_id' => 0, 617 'allow_group' => 1, 618 'allow_in_pm' => 1, 619 'download_mode' => 1, 620 'upload_icon' => '', 621 'max_filesize' => 0, 622 ); 623 624 $forum_ids = array(); 625 } 626 627 $extensions = array(); 628 629 $sql = 'SELECT * 630 FROM ' . EXTENSIONS_TABLE . " 631 WHERE group_id = $group_id 632 OR group_id = 0 633 ORDER BY extension"; 634 $result = $db->sql_query($sql); 635 $extensions = $db->sql_fetchrowset($result); 636 $db->sql_freeresult($result); 637 638 if ($ext_group_row['max_filesize'] == 0) 639 { 640 $ext_group_row['max_filesize'] = (int) $config['max_filesize']; 641 } 642 643 $size_format = ($ext_group_row['max_filesize'] >= 1048576) ? 'mb' : (($ext_group_row['max_filesize'] >= 1024) ? 'kb' : 'b'); 644 645 $ext_group_row['max_filesize'] = ($ext_group_row['max_filesize'] >= 1048576) ? round($ext_group_row['max_filesize'] / 1048576 * 100) / 100 : (($ext_group_row['max_filesize'] >= 1024) ? round($ext_group_row['max_filesize'] / 1024 * 100) / 100 : $ext_group_row['max_filesize']); 646 647 $img_path = $config['upload_icons_path']; 648 649 $filename_list = ''; 650 $no_image_select = false; 651 652 $imglist = filelist($phpbb_root_path . $img_path); 653 654 if (sizeof($imglist)) 655 { 656 $imglist = array_values($imglist); 657 $imglist = $imglist[0]; 658 659 foreach ($imglist as $key => $img) 660 { 661 if (!$ext_group_row['upload_icon']) 662 { 663 $no_image_select = true; 664 $selected = ''; 665 } 666 else 667 { 668 $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : ''; 669 } 670 671 $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>'; 672 } 673 } 674 675 $i = 0; 676 $assigned_extensions = ''; 677 foreach ($extensions as $num => $row) 678 { 679 if ($row['group_id'] == $group_id && $group_id) 680 { 681 $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension']; 682 $i++; 683 } 684 } 685 686 $s_extension_options = ''; 687 foreach ($extensions as $row) 688 { 689 $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>'; 690 } 691 692 $template->assign_vars(array( 693 'PHPBB_ROOT_PATH' => $phpbb_root_path, 694 'IMG_PATH' => $img_path, 695 'ACTION' => $action, 696 'GROUP_ID' => $group_id, 697 'GROUP_NAME' => $ext_group_row['group_name'], 698 'ALLOW_GROUP' => $ext_group_row['allow_group'], 699 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], 700 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], 701 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], 702 'ASSIGNED_EXTENSIONS' => $assigned_extensions, 703 704 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), 705 'S_DOWNLOAD_SELECT' => $this->download_select('download_mode', $group_id, 'download_mode'), 706 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format), 707 'S_EXTENSION_OPTIONS' => $s_extension_options, 708 'S_FILENAME_LIST' => $filename_list, 709 'S_EDIT_GROUP' => true, 710 'S_NO_IMAGE' => $no_image_select, 711 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false, 712 713 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"), 714 715 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'], 716 ) 717 ); 718 719 $s_forum_id_options = ''; 720 721 $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id 722 FROM ' . FORUMS_TABLE . ' 723 ORDER BY left_id ASC'; 724 $result = $db->sql_query($sql, 600); 725 726 $right = $cat_right = $padding_inc = 0; 727 $padding = $forum_list = $holding = ''; 728 $padding_store = array('0' => ''); 729 while ($row = $db->sql_fetchrow($result)) 730 { 731 if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) 732 { 733 // Non-postable forum with no subforums, don't display 734 continue; 735 } 736 737 if (!$auth->acl_get('f_list', $row['forum_id'])) 738 { 739 // if the user does not have permissions to list this forum skip 740 continue; 741 } 742 743 if ($row['left_id'] < $right) 744 { 745 $padding .= ' '; 746 $padding_store[$row['parent_id']] = $padding; 747 } 748 else if ($row['left_id'] > $right + 1) 749 { 750 $padding = $padding_store[$row['parent_id']]; 751 } 752 753 $right = $row['right_id']; 754 755 $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : ''; 756 757 if ($row['left_id'] > $cat_right) 758 { 759 $holding = ''; 760 } 761 762 if ($row['right_id'] - $row['left_id'] > 1) 763 { 764 $cat_right = max($cat_right, $row['right_id']); 765 766 $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="blue"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 767 } 768 else 769 { 770 $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="blue"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 771 $holding = ''; 772 } 773 } 774 $db->sql_freeresult($result); 775 unset($padding_store); 776 777 $template->assign_vars(array( 778 'S_FORUM_ID_OPTIONS' => $s_forum_id_options) 779 ); 780 781 break; 782 783 case 'deactivate': 784 case 'activate': 785 786 if (!$group_id) 787 { 788 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 789 } 790 791 $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' 792 SET allow_group = ' . (($action == 'activate') ? '1' : '0') . " 793 WHERE group_id = $group_id"; 794 $db->sql_query($sql); 795 796 $this->rewrite_extensions(); 797 798 break; 799 } 800 801 $sql = 'SELECT * 802 FROM ' . EXTENSION_GROUPS_TABLE . ' 803 ORDER BY allow_group DESC, group_name'; 804 $result = $db->sql_query($sql); 805 806 $act_deact = 'activate'; 807 while ($row = $db->sql_fetchrow($result)) 808 { 809 $s_add_spacer = ($row['allow_group'] == 0 && $act_deact == 'deactivate') ? true : false; 810 811 $act_deact = ($row['allow_group']) ? 'deactivate' : 'activate'; 812 813 $template->assign_block_vars('groups', array( 814 'S_ADD_SPACER' => $s_add_spacer, 815 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false, 816 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false, 817 818 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 819 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", 820 'U_ACT_DEACT' => $this->u_action . "&action=$act_deact&g={$row['group_id']}", 821 822 'L_ACT_DEACT' => $user->lang[strtoupper($act_deact)], 823 'GROUP_NAME' => $row['group_name'], 824 'CATEGORY' => $cat_lang[$row['cat_id']], 825 ) 826 ); 827 828 } 829 $db->sql_freeresult($result); 830 831 break; 832 833 case 'orphan': 834 835 if ($submit) 836 { 837 $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); 838 $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array(); 839 $post_ids = request_var('post_id', array('' => 0)); 840 841 if (sizeof($delete_files)) 842 { 843 $sql = 'SELECT * 844 FROM ' . ATTACHMENTS_TABLE . ' 845 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' 846 AND is_orphan = 1'; 847 $result = $db->sql_query($sql); 848 849 $delete_files = array(); 850 while ($row = $db->sql_fetchrow($result)) 851 { 852 phpbb_unlink($row['physical_filename']); 853 854 if ($row['thumbnail']) 855 { 856 phpbb_unlink($row['physical_filename'], 'thumbnail'); 857 } 858 859 $delete_files[$row['attach_id']] = $row['real_filename']; 860 } 861 $db->sql_freeresult($result); 862 } 863 864 if (sizeof($delete_files)) 865 { 866 $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . ' 867 WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files)); 868 $db->sql_query($sql); 869 870 add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files)); 871 $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files)); 872 } 873 874 $upload_list = array(); 875 foreach ($add_files as $attach_id) 876 { 877 if (!in_array($attach_id, array_keys($delete_files)) && !empty($post_ids[$attach_id])) 878 { 879 $upload_list[$attach_id] = $post_ids[$attach_id]; 880 } 881 } 882 unset($add_files); 883 884 if (sizeof($upload_list)) 885 { 886 $template->assign_var('S_UPLOADING_FILES', true); 887 888 $sql = 'SELECT forum_id, forum_name 889 FROM ' . FORUMS_TABLE; 890 $result = $db->sql_query($sql); 891 892 $forum_names = array(); 893 while ($row = $db->sql_fetchrow($result)) 894 { 895 $forum_names[$row['forum_id']] = $row['forum_name']; 896 } 897 $db->sql_freeresult($result); 898 899 $sql = 'SELECT forum_id, topic_id, post_id, poster_id 900 FROM ' . POSTS_TABLE . ' 901 WHERE ' . $db->sql_in_set('post_id', $upload_list); 902 $result = $db->sql_query($sql); 903 904 $post_info = array(); 905 while ($row = $db->sql_fetchrow($result)) 906 { 907 $post_info[$row['post_id']] = $row; 908 } 909 $db->sql_freeresult($result); 910 911 // Select those attachments we want to change... 912 $sql = 'SELECT * 913 FROM ' . ATTACHMENTS_TABLE . ' 914 WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . ' 915 AND is_orphan = 1'; 916 $result = $db->sql_query($sql); 917 918 while ($row = $db->sql_fetchrow($result)) 919 { 920 $post_row = $post_info[$upload_list[$row['attach_id']]]; 921 922 $template->assign_block_vars('upload', array( 923 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']), 924 'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false, 925 'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '') 926 ); 927 928 if (!$auth->acl_get('f_attach', $post_row['forum_id'])) 929 { 930 continue; 931 } 932 933 // Adjust attachment entry 934 $sql_ary = array( 935 'in_message' => 0, 936 'is_orphan' => 0, 937 'poster_id' => $post_row['poster_id'], 938 'post_msg_id' => $post_row['post_id'], 939 'topic_id' => $post_row['topic_id'], 940 ); 941 942 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 943 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 944 WHERE attach_id = ' . $row['attach_id']; 945 $db->sql_query($sql); 946 947 $sql = 'UPDATE ' . POSTS_TABLE . ' 948 SET post_attachment = 1 949 WHERE post_id = ' . $post_row['post_id']; 950 $db->sql_query($sql); 951 952 $sql = 'UPDATE ' . TOPICS_TABLE . ' 953 SET topic_attachment = 1 954 WHERE topic_id = ' . $post_row['topic_id']; 955 $db->sql_query($sql); 956 957 add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']); 958 } 959 $db->sql_freeresult($result); 960 } 961 } 962 963 $template->assign_vars(array( 964 'S_ORPHAN' => true) 965 ); 966 967 // Just get the files with is_orphan set and older than 3 hours 968 $sql = 'SELECT * 969 FROM ' . ATTACHMENTS_TABLE . ' 970 WHERE is_orphan = 1 971 AND filetime < ' . (time() - 3*60*60) . ' 972 ORDER BY filetime DESC'; 973 $result = $db->sql_query($sql); 974 975 while ($row = $db->sql_fetchrow($result)) 976 { 977 $size_lang = ($row['filesize'] >= 1048576) ? $user->lang['MB'] : (($row['filesize'] >= 1024) ? $user->lang['KB'] : $user->lang['BYTES']); 978 $row['filesize'] = ($row['filesize'] >= 1048576) ? round((round($row['filesize'] / 1048576 * 100) / 100), 2) : (($row['filesize'] >= 1024) ? round((round($row['filesize'] / 1024 * 100) / 100), 2) : $row['filesize']); 979 980 $template->assign_block_vars('orphan', array( 981 'FILESIZE' => $row['filesize'] . ' ' . $size_lang, 982 'FILETIME' => $user->format_date($row['filetime']), 983 'REAL_FILENAME' => basename($row['real_filename']), 984 'PHYSICAL_FILENAME' => basename($row['physical_filename']), 985 'ATTACH_ID' => $row['attach_id'], 986 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '', 987 'U_FILE' => append_sid($phpbb_root_path . 'download.' . $phpEx, 'id=' . $row['attach_id'])) 988 ); 989 } 990 $db->sql_freeresult($result); 991 992 break; 993 } 994 995 if (sizeof($error)) 996 { 997 $template->assign_vars(array( 998 'S_WARNING' => true, 999 'WARNING_MSG' => implode('<br />', $error)) 1000 ); 1001 } 1002 1003 if (sizeof($notify)) 1004 { 1005 $template->assign_vars(array( 1006 'S_NOTIFY' => true, 1007 'NOTIFY_MSG' => implode('<br />', $notify)) 1008 ); 1009 } 1010 } 1011 1012 /** 1013 * Build Select for category items 1014 */ 1015 function category_select($select_name, $group_id = false, $key = '') 1016 { 1017 global $db, $user; 1018 1019 $types = array( 1020 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 1021 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 1022 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 1023 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 1024 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 1025 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 1026 ); 1027 1028 if ($group_id) 1029 { 1030 $sql = 'SELECT cat_id 1031 FROM ' . EXTENSION_GROUPS_TABLE . ' 1032 WHERE group_id = ' . (int) $group_id; 1033 $result = $db->sql_query($sql); 1034 1035 $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id']; 1036 1037 $db->sql_freeresult($result); 1038 } 1039 else 1040 { 1041 $cat_type = ATTACHMENT_CATEGORY_NONE; 1042 } 1043 1044 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1045 1046 foreach ($types as $type => $mode) 1047 { 1048 $selected = ($type == $cat_type) ? ' selected="selected"' : ''; 1049 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>'; 1050 } 1051 1052 $group_select .= '</select>'; 1053 1054 return $group_select; 1055 } 1056 1057 /** 1058 * Extension group select 1059 */ 1060 function group_select($select_name, $default_group = false, $key = '') 1061 { 1062 global $db, $user; 1063 1064 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1065 1066 $sql = 'SELECT group_id, group_name 1067 FROM ' . EXTENSION_GROUPS_TABLE . ' 1068 ORDER BY group_name'; 1069 $result = $db->sql_query($sql); 1070 1071 $group_name = array(); 1072 while ($row = $db->sql_fetchrow($result)) 1073 { 1074 $group_name[] = $row; 1075 } 1076 $db->sql_freeresult($result); 1077 1078 $row['group_id'] = 0; 1079 $row['group_name'] = $user->lang['NOT_ASSIGNED']; 1080 $group_name[] = $row; 1081 1082 for ($i = 0; $i < sizeof($group_name); $i++) 1083 { 1084 if ($default_group === false) 1085 { 1086 $selected = ($i == 0) ? ' selected="selected"' : ''; 1087 } 1088 else 1089 { 1090 $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : ''; 1091 } 1092 1093 $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>'; 1094 } 1095 1096 $group_select .= '</select>'; 1097 1098 return $group_select; 1099 } 1100 1101 /** 1102 * Build select for download modes 1103 */ 1104 function download_select($select_name, $group_id = false, $key = '') 1105 { 1106 global $db, $user; 1107 1108 $types = array( 1109 INLINE_LINK => $user->lang['MODE_INLINE'], 1110 PHYSICAL_LINK => $user->lang['MODE_PHYSICAL'] 1111 ); 1112 1113 if ($group_id) 1114 { 1115 $sql = "SELECT download_mode 1116 FROM " . EXTENSION_GROUPS_TABLE . " 1117 WHERE group_id = " . (int) $group_id; 1118 $result = $db->sql_query($sql); 1119 1120 $download_mode = (!($row = $db->sql_fetchrow($result))) ? INLINE_LINK : $row['download_mode']; 1121 1122 $db->sql_freeresult($result); 1123 } 1124 else 1125 { 1126 $download_mode = INLINE_LINK; 1127 } 1128 1129 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1130 1131 foreach ($types as $type => $mode) 1132 { 1133 $selected = ($type == $download_mode) ? ' selected="selected"' : ''; 1134 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>'; 1135 } 1136 1137 $group_select .= '</select>'; 1138 1139 return $group_select; 1140 } 1141 1142 /** 1143 * Search Imagick 1144 */ 1145 function search_imagemagick() 1146 { 1147 $imagick = ''; 1148 1149 $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : ''; 1150 1151 $magic_home = getenv('MAGICK_HOME'); 1152 1153 if (empty($magic_home)) 1154 { 1155 $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); 1156 $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); 1157 1158 $locations = array_merge($path_locations, $locations); 1159 1160 foreach ($locations as $location) 1161 { 1162 // The path might not end properly, fudge it 1163 if (substr($location, -1, 1) !== '/') 1164 { 1165 $location .= '/'; 1166 } 1167 1168 if (@is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000) 1169 { 1170 $imagick = str_replace('\\', '/', $location); 1171 continue; 1172 } 1173 } 1174 } 1175 else 1176 { 1177 $imagick = str_replace('\\', '/', $magic_home); 1178 } 1179 1180 return $imagick; 1181 } 1182 1183 /** 1184 * Test Settings 1185 */ 1186 function test_upload(&$error, $upload_dir, $create_directory = false) 1187 { 1188 global $user, $phpbb_root_path; 1189 1190 // Does the target directory exist, is it a directory and writeable. 1191 if ($create_directory) 1192 { 1193 if (!file_exists($phpbb_root_path . $upload_dir)) 1194 { 1195 @mkdir($phpbb_root_path . $upload_dir, 0777); 1196 @chmod($phpbb_root_path . $upload_dir, 0777); 1197 } 1198 } 1199 1200 if (!file_exists($phpbb_root_path . $upload_dir)) 1201 { 1202 $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); 1203 return; 1204 } 1205 1206 if (!is_dir($phpbb_root_path . $upload_dir)) 1207 { 1208 $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); 1209 return; 1210 } 1211 1212 if (!is_writable($phpbb_root_path . $upload_dir)) 1213 { 1214 $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); 1215 return; 1216 } 1217 } 1218 1219 /** 1220 * Perform operations on sites for external linking 1221 */ 1222 function perform_site_list() 1223 { 1224 global $db, $user; 1225 1226 if (isset($_REQUEST['securesubmit'])) 1227 { 1228 // Grab the list of entries 1229 $ips = request_var('ips', ''); 1230 $ip_list = array_unique(explode("\n", $ips)); 1231 $ip_list_log = implode(', ', $ip_list); 1232 1233 $ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0; 1234 1235 $iplist = array(); 1236 $hostlist = array(); 1237 1238 foreach ($ip_list as $item) 1239 { 1240 if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode)) 1241 { 1242 // Don't ask about all this, just don't ask ... ! 1243 $ip_1_counter = $ip_range_explode[1]; 1244 $ip_1_end = $ip_range_explode[5]; 1245 1246 while ($ip_1_counter <= $ip_1_end) 1247 { 1248 $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; 1249 $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; 1250 1251 if ($ip_2_counter == 0 && $ip_2_end == 254) 1252 { 1253 $ip_2_counter = 256; 1254 $ip_2_fragment = 256; 1255 1256 $iplist[] = "'$ip_1_counter.*'"; 1257 } 1258 1259 while ($ip_2_counter <= $ip_2_end) 1260 { 1261 $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; 1262 $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; 1263 1264 if ($ip_3_counter == 0 && $ip_3_end == 254) 1265 { 1266 $ip_3_counter = 256; 1267 $ip_3_fragment = 256; 1268 1269 $iplist[] = "'$ip_1_counter.$ip_2_counter.*'"; 1270 } 1271 1272 while ($ip_3_counter <= $ip_3_end) 1273 { 1274 $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; 1275 $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; 1276 1277 if ($ip_4_counter == 0 && $ip_4_end == 254) 1278 { 1279 $ip_4_counter = 256; 1280 $ip_4_fragment = 256; 1281 1282 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; 1283 } 1284 1285 while ($ip_4_counter <= $ip_4_end) 1286 { 1287 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; 1288 $ip_4_counter++; 1289 } 1290 $ip_3_counter++; 1291 } 1292 $ip_2_counter++; 1293 } 1294 $ip_1_counter++; 1295 } 1296 } 1297 else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item))) 1298 { 1299 $iplist[] = "'" . trim($item) . "'"; 1300 } 1301 else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item))) 1302 { 1303 $hostlist[] = "'" . trim($item) . "'"; 1304 } 1305 else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item))) 1306 { 1307 $hostlist[] = "'" . trim($item) . "'"; 1308 } 1309 } 1310 1311 $sql = 'SELECT site_ip, site_hostname 1312 FROM ' . SITELIST_TABLE . " 1313 WHERE ip_exclude = $ip_exclude"; 1314 $result = $db->sql_query($sql); 1315 1316 if ($row = $db->sql_fetchrow($result)) 1317 { 1318 $iplist_tmp = array(); 1319 $hostlist_tmp = array(); 1320 do 1321 { 1322 if ($row['site_ip']) 1323 { 1324 $iplist_tmp[] = "'" . $row['site_ip'] . "'"; 1325 } 1326 else if ($row['site_hostname']) 1327 { 1328 $hostlist_tmp[] = "'" . $row['site_hostname'] . "'"; 1329 } 1330 // break; 1331 } 1332 while ($row = $db->sql_fetchrow($result)); 1333 1334 $iplist = array_unique(array_diff($iplist, $iplist_tmp)); 1335 $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp)); 1336 unset($iplist_tmp); 1337 unset($hostlist_tmp); 1338 } 1339 $db->sql_freeresult($result); 1340 1341 if (sizeof($iplist)) 1342 { 1343 foreach ($iplist as $ip_entry) 1344 { 1345 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude) 1346 VALUES ($ip_entry, $ip_exclude)"; 1347 $db->sql_query($sql); 1348 } 1349 } 1350 1351 if (sizeof($hostlist)) 1352 { 1353 foreach ($hostlist as $host_entry) 1354 { 1355 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude) 1356 VALUES ($host_entry, $ip_exclude)"; 1357 $db->sql_query($sql); 1358 } 1359 } 1360 1361 if (!empty($ip_list_log)) 1362 { 1363 // Update log 1364 $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP'; 1365 add_log('admin', $log_entry, $ip_list_log); 1366 } 1367 1368 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1369 } 1370 else if (isset($_POST['unsecuresubmit'])) 1371 { 1372 $unip_sql = array_map('intval', $_POST['unip']); 1373 1374 if (sizeof($unip_sql)) 1375 { 1376 $l_unip_list = ''; 1377 1378 // Grab details of ips for logging information later 1379 $sql = 'SELECT site_ip, site_hostname 1380 FROM ' . SITELIST_TABLE . ' 1381 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1382 $result = $db->sql_query($sql); 1383 1384 while ($row = $db->sql_fetchrow($result)) 1385 { 1386 $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']); 1387 } 1388 $db->sql_freeresult($result); 1389 1390 $sql = 'DELETE FROM ' . SITELIST_TABLE . ' 1391 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1392 $db->sql_query($sql); 1393 1394 add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list); 1395 } 1396 1397 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1398 } 1399 } 1400 1401 /** 1402 * Re-Write extensions cache file 1403 */ 1404 function rewrite_extensions() 1405 { 1406 global $db, $cache; 1407 1408 $sql = 'SELECT e.extension, g.* 1409 FROM ' . EXTENSIONS_TABLE . ' e, ' . EXTENSION_GROUPS_TABLE . ' g 1410 WHERE e.group_id = g.group_id 1411 AND g.allow_group = 1'; 1412 $result = $db->sql_query($sql); 1413 1414 $extensions = array(); 1415 while ($row = $db->sql_fetchrow($result)) 1416 { 1417 $extension = $row['extension']; 1418 1419 $extensions[$extension]['display_cat'] = (int) $row['cat_id']; 1420 $extensions[$extension]['download_mode']= (int) $row['download_mode']; 1421 $extensions[$extension]['upload_icon'] = (string) $row['upload_icon']; 1422 $extensions[$extension]['max_filesize'] = (int) $row['max_filesize']; 1423 1424 $allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array(); 1425 1426 if ($row['allow_in_pm']) 1427 { 1428 $allowed_forums = array_merge($allowed_forums, array(0)); 1429 } 1430 1431 // Store allowed extensions forum wise 1432 $extensions['_allowed_'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums; 1433 } 1434 $db->sql_freeresult($result); 1435 1436 $cache->destroy('_extensions'); 1437 $cache->put('_extensions', $extensions); 1438 } 1439 1440 /** 1441 * Write display_order config field 1442 */ 1443 function display_order($value, $key = '') 1444 { 1445 $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING'); 1446 1447 return h_radio('config[display_order]', $radio_ary, $value, $key); 1448 } 1449 1450 /** 1451 * Adjust all three max_filesize config vars for display 1452 */ 1453 function max_filesize($value, $key = '') 1454 { 1455 // Determine size var and adjust the value accordingly 1456 $size_var = ($value >= 1048576) ? 'mb' : (($value >= 1024) ? 'kb' : 'b'); 1457 $value = ($value >= 1048576) ? round($value / 1048576 * 100) / 100 : (($value >= 1024) ? round($value / 1024 * 100) / 100 : $value); 1458 1459 return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>'; 1460 } 1461 1462 /** 1463 * Write secure_allow_deny config field 1464 */ 1465 function select_allow_deny($value, $key = '') 1466 { 1467 $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW'); 1468 1469 return h_radio('config[' . $key . ']', $radio_ary, $value, $key); 1470 } 1471 1472 } 1473 1474 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 22 00:35:05 2006 | Cross-referenced by PHPXref 0.6 |