PageRenderTime 49ms CodeModel.GetById 11ms app.highlight 31ms RepoModel.GetById 1ms app.codeStats 0ms

/upload/attach_mod/includes/functions_admin.php

http://torrentpier2.googlecode.com/
PHP | 394 lines | 299 code | 62 blank | 33 comment | 91 complexity | 460ac08be4c0363881fd4df567dabd55 MD5 | raw file
  1<?php
  2
  3/**
  4* All Attachment Functions only needed in Admin
  5*/
  6
  7/**
  8* Set/Change Quotas
  9*/
 10function process_quota_settings($mode, $id, $quota_type, $quota_limit_id = 0)
 11{
 12	$id = (int) $id;
 13	$quota_type = (int) $quota_type;
 14	$quota_limit_id = (int) $quota_limit_id;
 15
 16	if ($mode == 'user')
 17	{
 18		if (!$quota_limit_id)
 19		{
 20			$sql = 'DELETE FROM ' . BB_QUOTA . "
 21				WHERE user_id = $id
 22					AND quota_type = $quota_type";
 23		}
 24		else
 25		{
 26			// Check if user is already entered
 27			$sql = 'SELECT user_id
 28				FROM ' . BB_QUOTA . "
 29				WHERE user_id = $id
 30					AND quota_type = $quota_type";
 31
 32			if( !($result = DB()->sql_query($sql)) )
 33			{
 34				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
 35			}
 36
 37			if (DB()->num_rows($result) == 0)
 38			{
 39				$sql_ary = array(
 40					'user_id'		=> (int) $id,
 41					'group_id'		=> 0,
 42					'quota_type'	=> (int) $quota_type,
 43					'quota_limit_id'=> (int) $quota_limit_id
 44				);
 45
 46				$sql = 'INSERT INTO ' . BB_QUOTA . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary);
 47			}
 48			else
 49			{
 50				$sql = 'UPDATE ' . BB_QUOTA . "
 51					SET quota_limit_id = $quota_limit_id
 52					WHERE user_id = $id
 53						AND quota_type = $quota_type";
 54			}
 55			DB()->sql_freeresult($result);
 56		}
 57
 58		if (!($result = DB()->sql_query($sql)))
 59		{
 60			message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);
 61		}
 62
 63	}
 64	else if ($mode == 'group')
 65	{
 66		if (!$quota_limit_id)
 67		{
 68			$sql = 'DELETE FROM ' . BB_QUOTA . "
 69				WHERE group_id = $id
 70					AND quota_type = $quota_type";
 71
 72			if( !($result = DB()->sql_query($sql)) )
 73			{
 74				message_die(GENERAL_ERROR, 'Unable to delete quota Settings', '', __LINE__, __FILE__, $sql);
 75			}
 76		}
 77		else
 78		{
 79			// Check if user is already entered
 80			$sql = 'SELECT group_id
 81				FROM ' . BB_QUOTA . "
 82				WHERE group_id = $id
 83					AND quota_type = $quota_type";
 84
 85			if( !($result = DB()->sql_query($sql)) )
 86			{
 87				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
 88			}
 89
 90			if (DB()->num_rows($result) == 0)
 91			{
 92				$sql = 'INSERT INTO ' . BB_QUOTA . " (user_id, group_id, quota_type, quota_limit_id)
 93					VALUES (0, $id, $quota_type, $quota_limit_id)";
 94			}
 95			else
 96			{
 97				$sql = 'UPDATE ' . BB_QUOTA . " SET quota_limit_id = $quota_limit_id
 98					WHERE group_id = $id AND quota_type = $quota_type";
 99			}
100
101			if (!DB()->sql_query($sql))
102			{
103				message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);
104			}
105		}
106	}
107}
108
109/**
110* sort multi-dimensional Array
111*/
112function sort_multi_array ($sort_array, $key, $sort_order, $pre_string_sort = 0)
113{
114	$last_element = sizeof($sort_array) - 1;
115
116	if (!$pre_string_sort)
117	{
118		$string_sort = (!is_numeric(@$sort_array[$last_element-1][$key]) ) ? true : false;
119	}
120	else
121	{
122		$string_sort = $pre_string_sort;
123	}
124
125	for ($i = 0; $i < $last_element; $i++)
126	{
127		$num_iterations = $last_element - $i;
128
129		for ($j = 0; $j < $num_iterations; $j++)
130		{
131			$next = 0;
132
133			// do checks based on key
134			$switch = false;
135			if (!$string_sort)
136			{
137				if (($sort_order == 'DESC' && intval(@$sort_array[$j][$key]) < intval(@$sort_array[$j + 1][$key])) || ($sort_order == 'ASC' && intval(@$sort_array[$j][$key]) > intval(@$sort_array[$j + 1][$key])))
138				{
139					$switch = true;
140				}
141			}
142			else
143			{
144				if (($sort_order == 'DESC' && strcasecmp(@$sort_array[$j][$key], @$sort_array[$j + 1][$key]) < 0) || ($sort_order == 'ASC' && strcasecmp(@$sort_array[$j][$key], @$sort_array[$j + 1][$key]) > 0))
145				{
146					$switch = true;
147				}
148			}
149
150			if ($switch)
151			{
152				$temp = $sort_array[$j];
153				$sort_array[$j] = $sort_array[$j + 1];
154				$sort_array[$j + 1] = $temp;
155			}
156		}
157	}
158
159	return $sort_array;
160}
161
162/**
163* Returns the filesize of the upload directory in human readable format
164*/
165function get_formatted_dirsize()
166{
167	global $attach_config, $upload_dir, $lang;
168
169	$upload_dir_size = 0;
170
171	if (!intval($attach_config['allow_ftp_upload']))
172	{
173		if ($dirname = @opendir($upload_dir))
174		{
175			while ($file = @readdir($dirname))
176			{
177				if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file))
178				{
179					$upload_dir_size += @filesize($upload_dir . '/' . $file);
180				}
181			}
182			@closedir($dirname);
183		}
184		else
185		{
186			$upload_dir_size = $lang['NOT_AVAILABLE'];
187			return $upload_dir_size;
188		}
189	}
190	else
191	{
192		$conn_id = attach_init_ftp();
193
194		$file_listing = array();
195
196		$file_listing = @ftp_rawlist($conn_id, '');
197
198		if (!$file_listing)
199		{
200			$upload_dir_size = $lang['NOT_AVAILABLE'];
201			return $upload_dir_size;
202		}
203
204		for ($i = 0; $i < count($file_listing); $i++)
205		{
206			if (preg_match("/([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)/", $file_listing[$i], $regs))
207			{
208				if ($regs[1] == 'd')
209				{
210					$dirinfo[0] = 1;	// Directory == 1
211				}
212				$dirinfo[1] = $regs[2]; // Size
213				$dirinfo[2] = $regs[3]; // Date
214				$dirinfo[3] = $regs[4]; // Filename
215				$dirinfo[4] = $regs[5]; // Time
216			}
217
218			if ($dirinfo[0] != 1 && $dirinfo[4] != 'index.php' && $dirinfo[4] != '.htaccess')
219			{
220				$upload_dir_size += $dirinfo[1];
221			}
222		}
223
224		@ftp_quit($conn_id);
225	}
226
227	return humn_size($upload_dir_size);
228}
229
230/*
231* Build SQL-Statement for the search feature
232*/
233function search_attachments($order_by, &$total_rows)
234{
235	global $lang;
236
237	$where_sql = array();
238
239	// Get submitted Vars
240	$search_vars = array('search_keyword_fname', 'search_keyword_comment', 'search_author', 'search_size_smaller', 'search_size_greater', 'search_count_smaller', 'search_count_greater', 'search_days_greater', 'search_forum', 'search_cat');
241
242	for ($i = 0; $i < sizeof($search_vars); $i++)
243	{
244		$$search_vars[$i] = get_var($search_vars[$i], '');
245	}
246
247	// Author name search
248	if ($search_author != '')
249	{
250		// Bring in line with 2.0.x expected username
251		$search_author = addslashes(html_entity_decode($search_author));
252		$search_author = stripslashes(clean_username($search_author));
253
254		// Prepare for directly going into sql query
255		$search_author = str_replace('*', '%', attach_mod_sql_escape($search_author));
256
257		// We need the post_id's, because we want to query the Attachment Table
258		$sql = 'SELECT user_id
259			FROM ' . BB_USERS . "
260			WHERE username LIKE '$search_author'";
261
262		if (!($result = DB()->sql_query($sql)))
263		{
264			message_die(GENERAL_ERROR, 'Couldn\'t obtain list of matching users (searching for: ' . $search_author . ')', '', __LINE__, __FILE__, $sql);
265		}
266
267		$matching_userids = '';
268		if ( $row = DB()->sql_fetchrow($result) )
269		{
270			do
271			{
272				$matching_userids .= (($matching_userids != '') ? ', ' : '') . intval($row['user_id']);
273			}
274			while ($row = DB()->sql_fetchrow($result));
275
276			DB()->sql_freeresult($result);
277		}
278		else
279		{
280			message_die(GENERAL_MESSAGE, $lang['NO_ATTACH_SEARCH_MATCH']);
281		}
282
283		$where_sql[] = ' (t.user_id_1 IN (' . $matching_userids . ')) ';
284	}
285
286	// Search Keyword
287	if ($search_keyword_fname != '')
288	{
289		$match_word = str_replace('*', '%', $search_keyword_fname);
290		$where_sql[] = " (a.real_filename LIKE '" . attach_mod_sql_escape($match_word) . "') ";
291	}
292
293	if ($search_keyword_comment != '')
294	{
295		$match_word = str_replace('*', '%', $search_keyword_comment);
296		$where_sql[] = " (a.comment LIKE '" . attach_mod_sql_escape($match_word) . "') ";
297	}
298
299	// Search Download Count
300	if ($search_count_smaller != '' || $search_count_greater != '')
301	{
302		if ($search_count_smaller != '')
303		{
304			$where_sql[] = ' (a.download_count < ' . (int) $search_count_smaller . ') ';
305		}
306		else if ($search_count_greater != '')
307		{
308			$where_sql[] = ' (a.download_count > ' . (int) $search_count_greater . ') ';
309		}
310	}
311
312	// Search Filesize
313	if ($search_size_smaller != '' || $search_size_greater != '')
314	{
315		if ($search_size_smaller != '')
316		{
317			$where_sql[] = ' (a.filesize < ' . (int) $search_size_smaller . ') ';
318		}
319		else if ($search_size_greater != '')
320		{
321			$where_sql[] = ' (a.filesize > ' . (int) $search_size_greater . ') ';
322		}
323	}
324
325	// Search Attachment Time
326	if ($search_days_greater != '')
327	{
328		$where_sql[] = ' (a.filetime < ' . ( TIMENOW - ((int) $search_days_greater * 86400)) . ') ';
329	}
330
331	// Search Forum
332	if ($search_forum)
333	{
334		$where_sql[] = ' (p.forum_id = ' . intval($search_forum) . ') ';
335	}
336
337	// Search Cat... nope... sorry :(
338
339	$sql = 'SELECT a.*, t.post_id, p.post_time, p.topic_id
340		FROM ' . BB_ATTACHMENTS . ' t, ' . BB_ATTACHMENTS_DESC . ' a, ' . BB_POSTS . ' p WHERE ';
341
342	if (sizeof($where_sql) > 0)
343	{
344		$sql .= implode('AND', $where_sql) . ' AND ';
345	}
346
347	$sql .= 't.post_id = p.post_id AND a.attach_id = t.attach_id ';
348
349	$total_rows_sql = $sql;
350
351	$sql .= $order_by;
352
353	if (!($result = DB()->sql_query($sql)))
354	{
355		message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql);
356	}
357
358	$attachments = DB()->sql_fetchrowset($result);
359	$num_attach = DB()->num_rows($result);
360	DB()->sql_freeresult($result);
361
362	if ($num_attach == 0)
363	{
364		message_die(GENERAL_MESSAGE, $lang['NO_ATTACH_SEARCH_MATCH']);
365	}
366
367	if (!($result = DB()->sql_query($total_rows_sql)))
368	{
369		message_die(GENERAL_ERROR, 'Could not query attachments', '', __LINE__, __FILE__, $sql);
370	}
371
372	$total_rows = DB()->num_rows($result);
373	DB()->sql_freeresult($result);
374
375	return $attachments;
376}
377
378/**
379* perform LIMIT statement on arrays
380*/
381function limit_array($array, $start, $pagelimit)
382{
383	// array from start - start+pagelimit
384	$limit = (sizeof($array) < ($start + $pagelimit)) ? sizeof($array) : $start + $pagelimit;
385
386	$limit_array = array();
387
388	for ($i = $start; $i < $limit; $i++)
389	{
390		$limit_array[] = $array[$i];
391	}
392
393	return $limit_array;
394}