| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package acp 5 * @version $Id$ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @ignore 13 */ 14 if (!defined('IN_PHPBB')) 15 { 16 exit; 17 } 18 19 /** 20 * @package acp 21 */ 22 class acp_attachments 23 { 24 var $u_action; 25 var $new_config; 26 27 function main($id, $mode) 28 { 29 global $db, $user, $auth, $template, $cache; 30 global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; 31 32 $user->add_lang(array('posting', 'viewtopic', 'acp/attachments')); 33 34 $error = $notify = array(); 35 $submit = (isset($_POST['submit'])) ? true : false; 36 $action = request_var('action', ''); 37 38 $form_key = 'acp_attach'; 39 add_form_key($form_key); 40 41 if ($submit && !check_form_key($form_key)) 42 { 43 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 44 } 45 46 switch ($mode) 47 { 48 case 'attach': 49 $l_title = 'ACP_ATTACHMENT_SETTINGS'; 50 break; 51 52 case 'extensions': 53 $l_title = 'ACP_MANAGE_EXTENSIONS'; 54 break; 55 56 case 'ext_groups': 57 $l_title = 'ACP_EXTENSION_GROUPS'; 58 break; 59 60 case 'orphan': 61 $l_title = 'ACP_ORPHAN_ATTACHMENTS'; 62 break; 63 64 default: 65 trigger_error('NO_MODE', E_USER_ERROR); 66 break; 67 } 68 69 $this->tpl_name = 'acp_attachments'; 70 $this->page_title = $l_title; 71 72 $template->assign_vars(array( 73 'L_TITLE' => $user->lang[$l_title], 74 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'], 75 'U_ACTION' => $this->u_action) 76 ); 77 78 switch ($mode) 79 { 80 case 'attach': 81 82 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); 83 84 $sql = 'SELECT group_name, cat_id 85 FROM ' . EXTENSION_GROUPS_TABLE . ' 86 WHERE cat_id > 0 87 ORDER BY cat_id'; 88 $result = $db->sql_query($sql); 89 90 $s_assigned_groups = array(); 91 while ($row = $db->sql_fetchrow($result)) 92 { 93 $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; 94 $s_assigned_groups[$row['cat_id']][] = $row['group_name']; 95 } 96 $db->sql_freeresult($result); 97 98 $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']'; 99 100 $display_vars = array( 101 'title' => 'ACP_ATTACHMENT_SETTINGS', 102 'vars' => array( 103 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 104 105 'img_max_width' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 106 'img_max_height' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 107 'img_link_width' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 108 'img_link_height' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 109 110 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 111 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 112 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 113 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 114 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 115 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 116 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 117 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false), 118 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false), 119 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 120 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true), 121 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 122 'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 123 124 125 'legend2' => $l_legend_cat_images, 126 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 127 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 128 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 129 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 130 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 131 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 132 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 133 ) 134 ); 135 136 $this->new_config = $config; 137 $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config; 138 $error = array(); 139 140 // We validate the complete config if whished 141 validate_config_vars($display_vars['vars'], $cfg_array, $error); 142 143 // Do not write values if there is an error 144 if (sizeof($error)) 145 { 146 $submit = false; 147 } 148 149 // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... 150 foreach ($display_vars['vars'] as $config_name => $null) 151 { 152 if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) 153 { 154 continue; 155 } 156 157 $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; 158 159 if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm'))) 160 { 161 $size_var = request_var($config_name, ''); 162 $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value); 163 } 164 165 if ($submit) 166 { 167 set_config($config_name, $config_value); 168 } 169 } 170 171 $this->perform_site_list(); 172 173 if ($submit) 174 { 175 add_log('admin', 'LOG_CONFIG_ATTACH'); 176 177 // Check Settings 178 $this->test_upload($error, $this->new_config['upload_path'], false); 179 180 if (!sizeof($error)) 181 { 182 trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); 183 } 184 } 185 186 $template->assign_var('S_ATTACHMENT_SETTINGS', true); 187 188 if ($action == 'imgmagick') 189 { 190 $this->new_config['img_imagick'] = $this->search_imagemagick(); 191 } 192 193 // We strip eventually manual added convert program, we only want the patch 194 if ($this->new_config['img_imagick']) 195 { 196 // Change path separator 197 $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']); 198 $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); 199 200 // Check for trailing slash 201 if (substr($this->new_config['img_imagick'], -1) !== '/') 202 { 203 $this->new_config['img_imagick'] .= '/'; 204 } 205 } 206 207 $supported_types = get_supported_image_types(); 208 209 // Check Thumbnail Support 210 if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) 211 { 212 $this->new_config['img_create_thumbnail'] = 0; 213 } 214 215 $template->assign_vars(array( 216 'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick', 217 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true) 218 ); 219 220 // Secure Download Options - Same procedure as with banning 221 $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; 222 223 $sql = 'SELECT * 224 FROM ' . SITELIST_TABLE; 225 $result = $db->sql_query($sql); 226 227 $defined_ips = ''; 228 $ips = array(); 229 230 while ($row = $db->sql_fetchrow($result)) 231 { 232 $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']; 233 if ($value) 234 { 235 $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>'; 236 $ips[$row['site_id']] = $value; 237 } 238 } 239 $db->sql_freeresult($result); 240 241 $template->assign_vars(array( 242 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'], 243 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false, 244 'S_WARNING' => (sizeof($error)) ? true : false, 245 246 'WARNING_MSG' => implode('<br />', $error), 247 'DEFINED_IPS' => $defined_ips, 248 249 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'], 250 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'], 251 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS']) 252 ); 253 254 // Output relevant options 255 foreach ($display_vars['vars'] as $config_key => $vars) 256 { 257 if (!is_array($vars) && strpos($config_key, 'legend') === false) 258 { 259 continue; 260 } 261 262 if (strpos($config_key, 'legend') !== false) 263 { 264 $template->assign_block_vars('options', array( 265 'S_LEGEND' => true, 266 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars) 267 ); 268 269 continue; 270 } 271 272 $type = explode(':', $vars['type']); 273 274 $l_explain = ''; 275 if ($vars['explain'] && isset($vars['lang_explain'])) 276 { 277 $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain']; 278 } 279 else if ($vars['explain']) 280 { 281 $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : ''; 282 } 283 284 $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars); 285 if (empty($content)) 286 { 287 continue; 288 } 289 290 $template->assign_block_vars('options', array( 291 'KEY' => $config_key, 292 'TITLE' => $user->lang[$vars['lang']], 293 'S_EXPLAIN' => $vars['explain'], 294 'TITLE_EXPLAIN' => $l_explain, 295 'CONTENT' => $content, 296 ) 297 ); 298 299 unset($display_vars['vars'][$config_key]); 300 } 301 302 break; 303 304 case 'extensions': 305 306 if ($submit || isset($_POST['add_extension_check'])) 307 { 308 if ($submit) 309 { 310 // Change Extensions ? 311 $extension_change_list = request_var('extension_change_list', array(0)); 312 $group_select_list = request_var('group_select', array(0)); 313 314 // Generate correct Change List 315 $extensions = array(); 316 317 for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++) 318 { 319 $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i]; 320 } 321 322 $sql = 'SELECT * 323 FROM ' . EXTENSIONS_TABLE . ' 324 ORDER BY extension_id'; 325 $result = $db->sql_query($sql); 326 327 while ($row = $db->sql_fetchrow($result)) 328 { 329 if ($row['group_id'] != $extensions[$row['extension_id']]['group_id']) 330 { 331 $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' 332 SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' 333 WHERE extension_id = ' . $row['extension_id']; 334 $db->sql_query($sql); 335 336 add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']); 337 } 338 } 339 $db->sql_freeresult($result); 340 341 // Delete Extension? 342 $extension_id_list = request_var('extension_id_list', array(0)); 343 344 if (sizeof($extension_id_list)) 345 { 346 $sql = 'SELECT extension 347 FROM ' . EXTENSIONS_TABLE . ' 348 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 349 $result = $db->sql_query($sql); 350 351 $extension_list = ''; 352 while ($row = $db->sql_fetchrow($result)) 353 { 354 $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension']; 355 } 356 $db->sql_freeresult($result); 357 358 $sql = 'DELETE 359 FROM ' . EXTENSIONS_TABLE . ' 360 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 361 $db->sql_query($sql); 362 363 add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list); 364 } 365 } 366 367 // Add Extension? 368 $add_extension = strtolower(request_var('add_extension', '')); 369 $add_extension_group = request_var('add_group_select', 0); 370 $add = (isset($_POST['add_extension_check'])) ? true : false; 371 372 if ($add_extension && $add) 373 { 374 if (!sizeof($error)) 375 { 376 $sql = 'SELECT extension_id 377 FROM ' . EXTENSIONS_TABLE . " 378 WHERE extension = '" . $db->sql_escape($add_extension) . "'"; 379 $result = $db->sql_query($sql); 380 381 if ($row = $db->sql_fetchrow($result)) 382 { 383 $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension); 384 } 385 $db->sql_freeresult($result); 386 387 if (!sizeof($error)) 388 { 389 $sql_ary = array( 390 'group_id' => $add_extension_group, 391 'extension' => $add_extension 392 ); 393 394 $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); 395 add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension); 396 } 397 } 398 } 399 400 if (!sizeof($error)) 401 { 402 $notify[] = $user->lang['EXTENSIONS_UPDATED']; 403 } 404 405 $cache->destroy('_extensions'); 406 } 407 408 $template->assign_vars(array( 409 'S_EXTENSIONS' => true, 410 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '', 411 'GROUP_SELECT_OPTIONS' => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group')) 412 ); 413 414 $sql = 'SELECT * 415 FROM ' . EXTENSIONS_TABLE . ' 416 ORDER BY group_id, extension'; 417 $result = $db->sql_query($sql); 418 419 if ($row = $db->sql_fetchrow($result)) 420 { 421 $old_group_id = $row['group_id']; 422 do 423 { 424 $s_spacer = false; 425 426 $current_group_id = $row['group_id']; 427 if ($old_group_id != $current_group_id) 428 { 429 $s_spacer = true; 430 $old_group_id = $current_group_id; 431 } 432 433 $template->assign_block_vars('extensions', array( 434 'S_SPACER' => $s_spacer, 435 'EXTENSION_ID' => $row['extension_id'], 436 'EXTENSION' => $row['extension'], 437 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id'])) 438 ); 439 } 440 while ($row = $db->sql_fetchrow($result)); 441 } 442 $db->sql_freeresult($result); 443 444 break; 445 446 case 'ext_groups': 447 448 $template->assign_var('S_EXTENSION_GROUPS', true); 449 450 if ($submit) 451 { 452 $action = request_var('action', ''); 453 $group_id = request_var('g', 0); 454 455 if ($action != 'add' && $action != 'edit') 456 { 457 trigger_error('NO_MODE', E_USER_ERROR); 458 } 459 460 if (!$group_id && $action == 'edit') 461 { 462 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 463 } 464 465 if ($group_id) 466 { 467 $sql = 'SELECT * 468 FROM ' . EXTENSION_GROUPS_TABLE . " 469 WHERE group_id = $group_id"; 470 $result = $db->sql_query($sql); 471 $ext_row = $db->sql_fetchrow($result); 472 $db->sql_freeresult($result); 473 474 if (!$ext_row) 475 { 476 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 477 } 478 } 479 else 480 { 481 $ext_row = array(); 482 } 483 484 $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); 485 $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : ''); 486 487 if (!$group_name) 488 { 489 $error[] = $user->lang['NO_EXT_GROUP_NAME']; 490 } 491 492 // Check New Group Name 493 if ($new_group_name) 494 { 495 $sql = 'SELECT group_id 496 FROM ' . EXTENSION_GROUPS_TABLE . " 497 WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'"; 498 if ($group_id) 499 { 500 $sql .= ' AND group_id <> ' . $group_id; 501 } 502 $result = $db->sql_query($sql); 503 504 if ($db->sql_fetchrow($result)) 505 { 506 $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name); 507 } 508 $db->sql_freeresult($result); 509 } 510 511 if (!sizeof($error)) 512 { 513 // Ok, build the update/insert array 514 $upload_icon = request_var('upload_icon', 'no_image'); 515 $size_select = request_var('size_select', 'b'); 516 $forum_select = request_var('forum_select', false); 517 $allowed_forums = request_var('allowed_forums', array(0)); 518 $allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false; 519 $max_filesize = request_var('max_filesize', 0); 520 $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize); 521 $allow_group = (isset($_POST['allow_group'])) ? true : false; 522 523 if ($max_filesize == $config['max_filesize']) 524 { 525 $max_filesize = 0; 526 } 527 528 if (!sizeof($allowed_forums)) 529 { 530 $forum_select = false; 531 } 532 533 $group_ary = array( 534 'group_name' => $group_name, 535 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE), 536 'allow_group' => ($allow_group) ? 1 : 0, 537 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon, 538 'max_filesize' => $max_filesize, 539 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '', 540 'allow_in_pm' => ($allow_in_pm) ? 1 : 0, 541 ); 542 543 if ($action == 'add') 544 { 545 $group_ary['download_mode'] = INLINE_LINK; 546 } 547 548 $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET '; 549 $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary); 550 $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : ''; 551 552 $db->sql_query($sql); 553 554 if ($action == 'add') 555 { 556 $group_id = $db->sql_nextid(); 557 } 558 559 $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name; 560 add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name); 561 } 562 563 $extension_list = request_var('extensions', array(0)); 564 565 if ($action == 'edit' && sizeof($extension_list)) 566 { 567 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 568 SET group_id = 0 569 WHERE group_id = $group_id"; 570 $db->sql_query($sql); 571 } 572 573 if (sizeof($extension_list)) 574 { 575 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 576 SET group_id = $group_id 577 WHERE " . $db->sql_in_set('extension_id', $extension_list); 578 $db->sql_query($sql); 579 } 580 581 $cache->destroy('_extensions'); 582 583 if (!sizeof($error)) 584 { 585 $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)]; 586 } 587 } 588 589 $cat_lang = array( 590 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 591 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 592 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 593 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 594 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 595 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 596 ); 597 598 $group_id = request_var('g', 0); 599 $action = (isset($_POST['add'])) ? 'add' : $action; 600 601 switch ($action) 602 { 603 case 'delete': 604 605 if (confirm_box(true)) 606 { 607 $sql = 'SELECT group_name 608 FROM ' . EXTENSION_GROUPS_TABLE . " 609 WHERE group_id = $group_id"; 610 $result = $db->sql_query($sql); 611 $group_name = (string) $db->sql_fetchfield('group_name'); 612 $db->sql_freeresult($result); 613 614 $sql = 'DELETE 615 FROM ' . EXTENSION_GROUPS_TABLE . " 616 WHERE group_id = $group_id"; 617 $db->sql_query($sql); 618 619 // Set corresponding Extensions to a pending Group 620 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 621 SET group_id = 0 622 WHERE group_id = $group_id"; 623 $db->sql_query($sql); 624 625 add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name); 626 627 $cache->destroy('_extensions'); 628 629 trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action)); 630 } 631 else 632 { 633 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 634 'i' => $id, 635 'mode' => $mode, 636 'group_id' => $group_id, 637 'action' => 'delete', 638 ))); 639 } 640 641 break; 642 643 case 'edit': 644 645 if (!$group_id) 646 { 647 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 648 } 649 650 $sql = 'SELECT * 651 FROM ' . EXTENSION_GROUPS_TABLE . " 652 WHERE group_id = $group_id"; 653 $result = $db->sql_query($sql); 654 $ext_group_row = $db->sql_fetchrow($result); 655 $db->sql_freeresult($result); 656 657 $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums'])); 658 659 // no break; 660 661 case 'add': 662 663 if ($action == 'add') 664 { 665 $ext_group_row = array( 666 'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)), 667 'cat_id' => 0, 668 'allow_group' => 1, 669 'allow_in_pm' => 1, 670 'upload_icon' => '', 671 'max_filesize' => 0, 672 ); 673 674 $forum_ids = array(); 675 } 676 677 $extensions = array(); 678 679 $sql = 'SELECT * 680 FROM ' . EXTENSIONS_TABLE . " 681 WHERE group_id = $group_id 682 OR group_id = 0 683 ORDER BY extension"; 684 $result = $db->sql_query($sql); 685 $extensions = $db->sql_fetchrowset($result); 686 $db->sql_freeresult($result); 687 688 if ($ext_group_row['max_filesize'] == 0) 689 { 690 $ext_group_row['max_filesize'] = (int) $config['max_filesize']; 691 } 692 693 $max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b')); 694 $size_format = $max_filesize['si_identifier']; 695 $ext_group_row['max_filesize'] = $max_filesize['value']; 696 697 $img_path = $config['upload_icons_path']; 698 699 $filename_list = ''; 700 $no_image_select = false; 701 702 $imglist = filelist($phpbb_root_path . $img_path); 703 704 if (!empty($imglist[''])) 705 { 706 $imglist = array_values($imglist); 707 $imglist = $imglist[0]; 708 709 foreach ($imglist as $key => $img) 710 { 711 if (!$ext_group_row['upload_icon']) 712 { 713 $no_image_select = true; 714 $selected = ''; 715 } 716 else 717 { 718 $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : ''; 719 } 720 721 if (strlen($img) > 255) 722 { 723 continue; 724 } 725 726 $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>'; 727 } 728 } 729 730 $i = 0; 731 $assigned_extensions = ''; 732 foreach ($extensions as $num => $row) 733 { 734 if ($row['group_id'] == $group_id && $group_id) 735 { 736 $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension']; 737 $i++; 738 } 739 } 740 741 $s_extension_options = ''; 742 foreach ($extensions as $row) 743 { 744 $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>'; 745 } 746 747 $template->assign_vars(array( 748 'PHPBB_ROOT_PATH' => $phpbb_root_path, 749 'IMG_PATH' => $img_path, 750 'ACTION' => $action, 751 'GROUP_ID' => $group_id, 752 'GROUP_NAME' => $ext_group_row['group_name'], 753 'ALLOW_GROUP' => $ext_group_row['allow_group'], 754 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], 755 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], 756 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], 757 'ASSIGNED_EXTENSIONS' => $assigned_extensions, 758 759 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), 760 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format), 761 'S_EXTENSION_OPTIONS' => $s_extension_options, 762 'S_FILENAME_LIST' => $filename_list, 763 'S_EDIT_GROUP' => true, 764 'S_NO_IMAGE' => $no_image_select, 765 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false, 766 767 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"), 768 'U_BACK' => $this->u_action, 769 770 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP']) 771 ); 772 773 $s_forum_id_options = ''; 774 775 /** @todo use in-built function **/ 776 777 $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id 778 FROM ' . FORUMS_TABLE . ' 779 ORDER BY left_id ASC'; 780 $result = $db->sql_query($sql, 600); 781 782 $right = $cat_right = $padding_inc = 0; 783 $padding = $forum_list = $holding = ''; 784 $padding_store = array('0' => ''); 785 786 while ($row = $db->sql_fetchrow($result)) 787 { 788 if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) 789 { 790 // Non-postable forum with no subforums, don't display 791 continue; 792 } 793 794 if (!$auth->acl_get('f_list', $row['forum_id'])) 795 { 796 // if the user does not have permissions to list this forum skip 797 continue; 798 } 799 800 if ($row['left_id'] < $right) 801 { 802 $padding .= ' '; 803 $padding_store[$row['parent_id']] = $padding; 804 } 805 else if ($row['left_id'] > $right + 1) 806 { 807 $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']]; 808 } 809 810 $right = $row['right_id']; 811 812 $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : ''; 813 814 if ($row['left_id'] > $cat_right) 815 { 816 // make sure we don't forget anything 817 $s_forum_id_options .= $holding; 818 $holding = ''; 819 } 820 821 if ($row['right_id'] - $row['left_id'] > 1) 822 { 823 $cat_right = max($cat_right, $row['right_id']); 824 825 $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 826 } 827 else 828 { 829 $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 830 $holding = ''; 831 } 832 } 833 834 if ($holding) 835 { 836 $s_forum_id_options .= $holding; 837 } 838 839 $db->sql_freeresult($result); 840 unset($padding_store); 841 842 $template->assign_vars(array( 843 'S_FORUM_ID_OPTIONS' => $s_forum_id_options) 844 ); 845 846 break; 847 } 848 849 $sql = 'SELECT * 850 FROM ' . EXTENSION_GROUPS_TABLE . ' 851 ORDER BY allow_group DESC, allow_in_pm DESC, group_name'; 852 $result = $db->sql_query($sql); 853 854 $old_allow_group = $old_allow_pm = 1; 855 while ($row = $db->sql_fetchrow($result)) 856 { 857 $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false; 858 859 $template->assign_block_vars('groups', array( 860 'S_ADD_SPACER' => $s_add_spacer, 861 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false, 862 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false, 863 864 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 865 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", 866 867 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'], 868 'CATEGORY' => $cat_lang[$row['cat_id']], 869 ) 870 ); 871 872 $old_allow_group = $row['allow_group']; 873 $old_allow_pm = $row['allow_in_pm']; 874 } 875 $db->sql_freeresult($result); 876 877 break; 878 879 case 'orphan': 880 881 if ($submit) 882 { 883 $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); 884 $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array(); 885 $post_ids = request_var('post_id', array('' => 0)); 886 887 if (sizeof($delete_files)) 888 { 889 $sql = 'SELECT * 890 FROM ' . ATTACHMENTS_TABLE . ' 891 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' 892 AND is_orphan = 1'; 893 $result = $db->sql_query($sql); 894 895 $delete_files = array(); 896 while ($row = $db->sql_fetchrow($result)) 897 { 898 phpbb_unlink($row['physical_filename'], 'file'); 899 900 if ($row['thumbnail']) 901 { 902 phpbb_unlink($row['physical_filename'], 'thumbnail'); 903 } 904 905 $delete_files[$row['attach_id']] = $row['real_filename']; 906 } 907 $db->sql_freeresult($result); 908 } 909 910 if (sizeof($delete_files)) 911 { 912 $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . ' 913 WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files)); 914 $db->sql_query($sql); 915 916 add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files)); 917 $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files)); 918 } 919 920 $upload_list = array(); 921 foreach ($add_files as $attach_id) 922 { 923 if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id])) 924 { 925 $upload_list[$attach_id] = $post_ids[$attach_id]; 926 } 927 } 928 unset($add_files); 929 930 if (sizeof($upload_list)) 931 { 932 $template->assign_var('S_UPLOADING_FILES', true); 933 934 $sql = 'SELECT forum_id, forum_name 935 FROM ' . FORUMS_TABLE; 936 $result = $db->sql_query($sql); 937 938 $forum_names = array(); 939 while ($row = $db->sql_fetchrow($result)) 940 { 941 $forum_names[$row['forum_id']] = $row['forum_name']; 942 } 943 $db->sql_freeresult($result); 944 945 $sql = 'SELECT forum_id, topic_id, post_id, poster_id 946 FROM ' . POSTS_TABLE . ' 947 WHERE ' . $db->sql_in_set('post_id', $upload_list); 948 $result = $db->sql_query($sql); 949 950 $post_info = array(); 951 while ($row = $db->sql_fetchrow($result)) 952 { 953 $post_info[$row['post_id']] = $row; 954 } 955 $db->sql_freeresult($result); 956 957 // Select those attachments we want to change... 958 $sql = 'SELECT * 959 FROM ' . ATTACHMENTS_TABLE . ' 960 WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . ' 961 AND is_orphan = 1'; 962 $result = $db->sql_query($sql); 963 964 $files_added = $space_taken = 0; 965 while ($row = $db->sql_fetchrow($result)) 966 { 967 $post_row = $post_info[$upload_list[$row['attach_id']]]; 968 969 $template->assign_block_vars('upload', array( 970 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']), 971 'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false, 972 'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '') 973 ); 974 975 if (!$auth->acl_get('f_attach', $post_row['forum_id'])) 976 { 977 continue; 978 } 979 980 // Adjust attachment entry 981 $sql_ary = array( 982 'in_message' => 0, 983 'is_orphan' => 0, 984 'poster_id' => $post_row['poster_id'], 985 'post_msg_id' => $post_row['post_id'], 986 'topic_id' => $post_row['topic_id'], 987 ); 988 989 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 990 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 991 WHERE attach_id = ' . $row['attach_id']; 992 $db->sql_query($sql); 993 994 $sql = 'UPDATE ' . POSTS_TABLE . ' 995 SET post_attachment = 1 996 WHERE post_id = ' . $post_row['post_id']; 997 $db->sql_query($sql); 998 999 $sql = 'UPDATE ' . TOPICS_TABLE . ' 1000 SET topic_attachment = 1 1001 WHERE topic_id = ' . $post_row['topic_id']; 1002 $db->sql_query($sql); 1003 1004 $space_taken += $row['filesize']; 1005 $files_added++; 1006 1007 add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']); 1008 } 1009 $db->sql_freeresult($result); 1010 1011 if ($files_added) 1012 { 1013 set_config_count('upload_dir_size', $space_taken, true); 1014 set_config_count('num_files', $files_added, true); 1015 } 1016 } 1017 } 1018 1019 $template->assign_vars(array( 1020 'S_ORPHAN' => true) 1021 ); 1022 1023 // Just get the files with is_orphan set and older than 3 hours 1024 $sql = 'SELECT * 1025 FROM ' . ATTACHMENTS_TABLE . ' 1026 WHERE is_orphan = 1 1027 AND filetime < ' . (time() - 3*60*60) . ' 1028 ORDER BY filetime DESC'; 1029 $result = $db->sql_query($sql); 1030 1031 while ($row = $db->sql_fetchrow($result)) 1032 { 1033 $template->assign_block_vars('orphan', array( 1034 'FILESIZE' => get_formatted_filesize($row['filesize']), 1035 'FILETIME' => $user->format_date($row['filetime']), 1036 'REAL_FILENAME' => utf8_basename($row['real_filename']), 1037 'PHYSICAL_FILENAME' => utf8_basename($row['physical_filename']), 1038 'ATTACH_ID' => $row['attach_id'], 1039 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '', 1040 'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id'])) 1041 ); 1042 } 1043 $db->sql_freeresult($result); 1044 1045 break; 1046 } 1047 1048 if (sizeof($error)) 1049 { 1050 $template->assign_vars(array( 1051 'S_WARNING' => true, 1052 'WARNING_MSG' => implode('<br />', $error)) 1053 ); 1054 } 1055 1056 if (sizeof($notify)) 1057 { 1058 $template->assign_vars(array( 1059 'S_NOTIFY' => true, 1060 'NOTIFY_MSG' => implode('<br />', $notify)) 1061 ); 1062 } 1063 } 1064 1065 /** 1066 * Build Select for category items 1067 */ 1068 function category_select($select_name, $group_id = false, $key = '') 1069 { 1070 global $db, $user; 1071 1072 $types = array( 1073 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 1074 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 1075 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 1076 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 1077 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 1078 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 1079 ); 1080 1081 if ($group_id) 1082 { 1083 $sql = 'SELECT cat_id 1084 FROM ' . EXTENSION_GROUPS_TABLE . ' 1085 WHERE group_id = ' . (int) $group_id; 1086 $result = $db->sql_query($sql); 1087 1088 $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id']; 1089 1090 $db->sql_freeresult($result); 1091 } 1092 else 1093 { 1094 $cat_type = ATTACHMENT_CATEGORY_NONE; 1095 } 1096 1097 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1098 1099 foreach ($types as $type => $mode) 1100 { 1101 $selected = ($type == $cat_type) ? ' selected="selected"' : ''; 1102 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>'; 1103 } 1104 1105 $group_select .= '</select>'; 1106 1107 return $group_select; 1108 } 1109 1110 /** 1111 * Extension group select 1112 */ 1113 function group_select($select_name, $default_group = false, $key = '') 1114 { 1115 global $db, $user; 1116 1117 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1118 1119 $sql = 'SELECT group_id, group_name 1120 FROM ' . EXTENSION_GROUPS_TABLE . ' 1121 ORDER BY group_name'; 1122 $result = $db->sql_query($sql); 1123 1124 $group_name = array(); 1125 while ($row = $db->sql_fetchrow($result)) 1126 { 1127 $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; 1128 $group_name[] = $row; 1129 } 1130 $db->sql_freeresult($result); 1131 1132 $row['group_id'] = 0; 1133 $row['group_name'] = $user->lang['NOT_ASSIGNED']; 1134 $group_name[] = $row; 1135 1136 for ($i = 0; $i < sizeof($group_name); $i++) 1137 { 1138 if ($default_group === false) 1139 { 1140 $selected = ($i == 0) ? ' selected="selected"' : ''; 1141 } 1142 else 1143 { 1144 $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : ''; 1145 } 1146 1147 $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>'; 1148 } 1149 1150 $group_select .= '</select>'; 1151 1152 return $group_select; 1153 } 1154 1155 /** 1156 * Search Imagick 1157 */ 1158 function search_imagemagick() 1159 { 1160 $imagick = ''; 1161 1162 $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : ''; 1163 1164 $magic_home = getenv('MAGICK_HOME'); 1165 1166 if (empty($magic_home)) 1167 { 1168 $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); 1169 $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); 1170 1171 $locations = array_merge($path_locations, $locations); 1172 1173 foreach ($locations as $location) 1174 { 1175 // The path might not end properly, fudge it 1176 if (substr($location, -1) !== '/') 1177 { 1178 $location .= '/'; 1179 } 1180 1181 if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000) 1182 { 1183 $imagick = str_replace('\\', '/', $location); 1184 continue; 1185 } 1186 } 1187 } 1188 else 1189 { 1190 $imagick = str_replace('\\', '/', $magic_home); 1191 } 1192 1193 return $imagick; 1194 } 1195 1196 /** 1197 * Test Settings 1198 */ 1199 function test_upload(&$error, $upload_dir, $create_directory = false) 1200 { 1201 global $user, $phpbb_root_path; 1202 1203 // Does the target directory exist, is it a directory and writable. 1204 if ($create_directory) 1205 { 1206 if (!file_exists($phpbb_root_path . $upload_dir)) 1207 { 1208 @mkdir($phpbb_root_path . $upload_dir, 0777); 1209 phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE); 1210 } 1211 } 1212 1213 if (!file_exists($phpbb_root_path . $upload_dir)) 1214 { 1215 $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); 1216 return; 1217 } 1218 1219 if (!is_dir($phpbb_root_path . $upload_dir)) 1220 { 1221 $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); 1222 return; 1223 } 1224 1225 if (!phpbb_is_writable($phpbb_root_path . $upload_dir)) 1226 { 1227 $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); 1228 return; 1229 } 1230 } 1231 1232 /** 1233 * Perform operations on sites for external linking 1234 */ 1235 function perform_site_list() 1236 { 1237 global $db, $user; 1238 1239 if (isset($_REQUEST['securesubmit'])) 1240 { 1241 // Grab the list of entries 1242 $ips = request_var('ips', ''); 1243 $ip_list = array_unique(explode("\n", $ips)); 1244 $ip_list_log = implode(', ', $ip_list); 1245 1246 $ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0; 1247 1248 $iplist = array(); 1249 $hostlist = array(); 1250 1251 foreach ($ip_list as $item) 1252 { 1253 if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode)) 1254 { 1255 // Don't ask about all this, just don't ask ... ! 1256 $ip_1_counter = $ip_range_explode[1]; 1257 $ip_1_end = $ip_range_explode[5]; 1258 1259 while ($ip_1_counter <= $ip_1_end) 1260 { 1261 $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; 1262 $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; 1263 1264 if ($ip_2_counter == 0 && $ip_2_end == 254) 1265 { 1266 $ip_2_counter = 256; 1267 $ip_2_fragment = 256; 1268 1269 $iplist[] = "'$ip_1_counter.*'"; 1270 } 1271 1272 while ($ip_2_counter <= $ip_2_end) 1273 { 1274 $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; 1275 $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; 1276 1277 if ($ip_3_counter == 0 && $ip_3_end == 254) 1278 { 1279 $ip_3_counter = 256; 1280 $ip_3_fragment = 256; 1281 1282 $iplist[] = "'$ip_1_counter.$ip_2_counter.*'"; 1283 } 1284 1285 while ($ip_3_counter <= $ip_3_end) 1286 { 1287 $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; 1288 $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; 1289 1290 if ($ip_4_counter == 0 && $ip_4_end == 254) 1291 { 1292 $ip_4_counter = 256; 1293 $ip_4_fragment = 256; 1294 1295 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; 1296 } 1297 1298 while ($ip_4_counter <= $ip_4_end) 1299 { 1300 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; 1301 $ip_4_counter++; 1302 } 1303 $ip_3_counter++; 1304 } 1305 $ip_2_counter++; 1306 } 1307 $ip_1_counter++; 1308 } 1309 } 1310 else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item))) 1311 { 1312 $iplist[] = "'" . trim($item) . "'"; 1313 } 1314 else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item))) 1315 { 1316 $hostlist[] = "'" . trim($item) . "'"; 1317 } 1318 else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item))) 1319 { 1320 $hostlist[] = "'" . trim($item) . "'"; 1321 } 1322 } 1323 1324 $sql = 'SELECT site_ip, site_hostname 1325 FROM ' . SITELIST_TABLE . " 1326 WHERE ip_exclude = $ip_exclude"; 1327 $result = $db->sql_query($sql); 1328 1329 if ($row = $db->sql_fetchrow($result)) 1330 { 1331 $iplist_tmp = array(); 1332 $hostlist_tmp = array(); 1333 do 1334 { 1335 if ($row['site_ip']) 1336 { 1337 if (strlen($row['site_ip']) > 40) 1338 { 1339 continue; 1340 } 1341 1342 $iplist_tmp[] = "'" . $row['site_ip'] . "'"; 1343 } 1344 else if ($row['site_hostname']) 1345 { 1346 if (strlen($row['site_hostname']) > 255) 1347 { 1348 continue; 1349 } 1350 1351 $hostlist_tmp[] = "'" . $row['site_hostname'] . "'"; 1352 } 1353 // break; 1354 } 1355 while ($row = $db->sql_fetchrow($result)); 1356 1357 $iplist = array_unique(array_diff($iplist, $iplist_tmp)); 1358 $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp)); 1359 unset($iplist_tmp); 1360 unset($hostlist_tmp); 1361 } 1362 $db->sql_freeresult($result); 1363 1364 if (sizeof($iplist)) 1365 { 1366 foreach ($iplist as $ip_entry) 1367 { 1368 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude) 1369 VALUES ($ip_entry, $ip_exclude)"; 1370 $db->sql_query($sql); 1371 } 1372 } 1373 1374 if (sizeof($hostlist)) 1375 { 1376 foreach ($hostlist as $host_entry) 1377 { 1378 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude) 1379 VALUES ($host_entry, $ip_exclude)"; 1380 $db->sql_query($sql); 1381 } 1382 } 1383 1384 if (!empty($ip_list_log)) 1385 { 1386 // Update log 1387 $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP'; 1388 add_log('admin', $log_entry, $ip_list_log); 1389 } 1390 1391 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1392 } 1393 else if (isset($_POST['unsecuresubmit'])) 1394 { 1395 $unip_sql = request_var('unip', array(0)); 1396 1397 if (sizeof($unip_sql)) 1398 { 1399 $l_unip_list = ''; 1400 1401 // Grab details of ips for logging information later 1402 $sql = 'SELECT site_ip, site_hostname 1403 FROM ' . SITELIST_TABLE . ' 1404 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1405 $result = $db->sql_query($sql); 1406 1407 while ($row = $db->sql_fetchrow($result)) 1408 { 1409 $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']); 1410 } 1411 $db->sql_freeresult($result); 1412 1413 $sql = 'DELETE FROM ' . SITELIST_TABLE . ' 1414 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1415 $db->sql_query($sql); 1416 1417 add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list); 1418 } 1419 1420 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1421 } 1422 } 1423 1424 /** 1425 * Write display_order config field 1426 */ 1427 function display_order($value, $key = '') 1428 { 1429 $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING'); 1430 1431 return h_radio('config[display_order]', $radio_ary, $value, $key); 1432 } 1433 1434 /** 1435 * Adjust all three max_filesize config vars for display 1436 */ 1437 function max_filesize($value, $key = '') 1438 { 1439 // Determine size var and adjust the value accordingly 1440 $filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b')); 1441 $size_var = $filesize['si_identifier']; 1442 $value = $filesize['value']; 1443 1444 return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>'; 1445 } 1446 1447 /** 1448 * Write secure_allow_deny config field 1449 */ 1450 function select_allow_deny($value, $key = '') 1451 { 1452 $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW'); 1453 1454 return h_radio('config[' . $key . ']', $radio_ary, $value, $key); 1455 } 1456 1457 } 1458 1459 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |