PageRenderTime 55ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/forum/includes/acp/acp_attachments.php

https://bitbucket.org/itoxable/chiron-gaming
PHP | 1459 lines | 1269 code | 142 blank | 48 comment | 105 complexity | 22f5f8cce42b4b97235e920e16af058b MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0 
    

  1. <?php

    2. 

  2. /**

    3. 

  3. *

    4. 

  4. * @package acp

    5. 

  5. * @version $Id$

    6. 

  6. * @copyright (c) 2005 phpBB Group

    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License

    8. 

  8. *

    9. 

  9. */

    10. 

  10. 

    11. 

  11. /**

    12. 

  12. * @ignore

    13. 

  13. */

    14. 

  14. if (!defined('IN_PHPBB'))

    15. 

  15. {

    16. 

  16. 	exit;

    17. 

  17. }

    18. 

  18. 

    19. 

  19. /**

    20. 

  20. * @package acp

    21. 

  21. */

    22. 

  22. class acp_attachments

    23. 

  23. {

    24. 

  24. 	var $u_action;

    25. 

  25. 	var $new_config;

    26. 

  26. 

    27. 

  27. 	function main($id, $mode)

    28. 

  28. 	{

    29. 

  29. 		global $db, $user, $auth, $template, $cache;

    30. 

  30. 		global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;

    31. 

  31. 

    32. 

  32. 		$user->add_lang(array('posting', 'viewtopic', 'acp/attachments'));

    33. 

  33. 

    34. 

  34. 		$error = $notify = array();

    35. 

  35. 		$submit = (isset($_POST['submit'])) ? true : false;

    36. 

  36. 		$action = request_var('action', '');

    37. 

  37. 

    38. 

  38. 		$form_key = 'acp_attach';

    39. 

  39. 		add_form_key($form_key);

    40. 

  40. 

    41. 

  41. 		if ($submit && !check_form_key($form_key))

    42. 

  42. 		{

    43. 

  43. 			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);

    44. 

  44. 		}

    45. 

  45. 

    46. 

  46. 		switch ($mode)

    47. 

  47. 		{

    48. 

  48. 			case 'attach':

    49. 

  49. 				$l_title = 'ACP_ATTACHMENT_SETTINGS';

    50. 

  50. 			break;

    51. 

  51. 

    52. 

  52. 			case 'extensions':

    53. 

  53. 				$l_title = 'ACP_MANAGE_EXTENSIONS';

    54. 

  54. 			break;

    55. 

  55. 

    56. 

  56. 			case 'ext_groups':

    57. 

  57. 				$l_title = 'ACP_EXTENSION_GROUPS';

    58. 

  58. 			break;

    59. 

  59. 

    60. 

  60. 			case 'orphan':

    61. 

  61. 				$l_title = 'ACP_ORPHAN_ATTACHMENTS';

    62. 

  62. 			break;

    63. 

  63. 

    64. 

  64. 			default:

    65. 

  65. 				trigger_error('NO_MODE', E_USER_ERROR);

    66. 

  66. 			break;

    67. 

  67. 		}

    68. 

  68. 

    69. 

  69. 		$this->tpl_name = 'acp_attachments';

    70. 

  70. 		$this->page_title = $l_title;

    71. 

  71. 

    72. 

  72. 		$template->assign_vars(array(

    73. 

  73. 			'L_TITLE'			=> $user->lang[$l_title],

    74. 

  74. 			'L_TITLE_EXPLAIN'	=> $user->lang[$l_title . '_EXPLAIN'],

    75. 

  75. 			'U_ACTION'			=> $this->u_action)

    76. 

  76. 		);

    77. 

  77. 

    78. 

  78. 		switch ($mode)

    79. 

  79. 		{

    80. 

  80. 			case 'attach':

    81. 

  81. 

    82. 

  82. 				include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);

    83. 

  83. 

    84. 

  84. 				$sql = 'SELECT group_name, cat_id

    85. 

  85. 					FROM ' . EXTENSION_GROUPS_TABLE . '

    86. 

  86. 					WHERE cat_id > 0

    87. 

  87. 					ORDER BY cat_id';

    88. 

  88. 				$result = $db->sql_query($sql);

    89. 

  89. 

    90. 

  90. 				$s_assigned_groups = array();

    91. 

  91. 				while ($row = $db->sql_fetchrow($result))

    92. 

  92. 				{

    93. 

  93. 					$row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

    94. 

  94. 					$s_assigned_groups[$row['cat_id']][] = $row['group_name'];

    95. 

  95. 				}

    96. 

  96. 				$db->sql_freeresult($result);

    97. 

  97. 

    98. 

  98. 				$l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']';

    99. 

  99. 

    100. 

  100. 				$display_vars = array(

    101. 

  101. 					'title'	=> 'ACP_ATTACHMENT_SETTINGS',

    102. 

  102. 					'vars'	=> array(

    103. 

  103. 						'legend1'				=> 'ACP_ATTACHMENT_SETTINGS',

    104. 

  104. 

    105. 

  105. 						'img_max_width'			=> array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),

    106. 

  106. 						'img_max_height'		=> array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),

    107. 

  107. 						'img_link_width'		=> array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),

    108. 

  108. 						'img_link_height'		=> array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),

    109. 

  109. 

    110. 

  110. 						'allow_attachments'		=> array('lang' => 'ALLOW_ATTACHMENTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),

    111. 

  111. 						'allow_pm_attach'		=> array('lang' => 'ALLOW_PM_ATTACHMENTS',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),

    112. 

  112. 						'upload_path'			=> array('lang' => 'UPLOAD_DIR',			'validate' => 'wpath',	'type' => 'text:25:100', 'explain' => true),

    113. 

  113. 						'display_order'			=> array('lang' => 'DISPLAY_ORDER',			'validate' => 'bool',	'type' => 'custom', 'method' => 'display_order', 'explain' => true),

    114. 

  114. 						'attachment_quota'		=> array('lang' => 'ATTACH_QUOTA',			'validate' => 'string',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),

    115. 

  115. 						'max_filesize'			=> array('lang' => 'ATTACH_MAX_FILESIZE',	'validate' => 'string',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),

    116. 

  116. 						'max_filesize_pm'		=> array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),

    117. 

  117. 						'max_attachments'		=> array('lang' => 'MAX_ATTACHMENTS',		'validate' => 'int',	'type' => 'text:3:3', 'explain' => false),

    118. 

  118. 						'max_attachments_pm'	=> array('lang' => 'MAX_ATTACHMENTS_PM',	'validate' => 'int',	'type' => 'text:3:3', 'explain' => false),

    119. 

  119. 						'secure_downloads'		=> array('lang' => 'SECURE_DOWNLOADS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),

    120. 

  120. 						'secure_allow_deny'		=> array('lang' => 'SECURE_ALLOW_DENY',		'validate' => 'int',	'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),

    121. 

  121. 						'secure_allow_empty_referer'	=> array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),

    122. 

  122. 						'check_attachment_content' 		=> array('lang' => 'CHECK_CONTENT', 'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),

    123. 

  123. 

    124. 

  124. 

    125. 

  125. 						'legend2'					=> $l_legend_cat_images,

    126. 

  126. 						'img_display_inlined'		=> array('lang' => 'DISPLAY_INLINED',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),

    127. 

  127. 						'img_create_thumbnail'		=> array('lang' => 'CREATE_THUMBNAIL',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),

    128. 

  128. 						'img_max_thumb_width'		=> array('lang' => 'MAX_THUMB_WIDTH',		'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),

    129. 

  129. 						'img_min_thumb_filesize'	=> array('lang' => 'MIN_THUMB_FILESIZE',	'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),

    130. 

  130. 						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'string',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),

    131. 

  131. 						'img_max'					=> array('lang' => 'MAX_IMAGE_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),

    132. 

  132. 						'img_link'					=> array('lang' => 'IMAGE_LINK_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),

    133. 

  133. 					)

    134. 

  134. 				);

    135. 

  135. 

    136. 

  136. 				$this->new_config = $config;

    137. 

  137. 				$cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config;

    138. 

  138. 				$error = array();

    139. 

  139. 

    140. 

  140. 				// We validate the complete config if whished

    141. 

  141. 				validate_config_vars($display_vars['vars'], $cfg_array, $error);

    142. 

  142. 

    143. 

  143. 				// Do not write values if there is an error

    144. 

  144. 				if (sizeof($error))

    145. 

  145. 				{

    146. 

  146. 					$submit = false;

    147. 

  147. 				}

    148. 

  148. 

    149. 

  149. 				// We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...

    150. 

  150. 				foreach ($display_vars['vars'] as $config_name => $null)

    151. 

  151. 				{

    152. 

  152. 					if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)

    153. 

  153. 					{

    154. 

  154. 						continue;

    155. 

  155. 					}

    156. 

  156. 

    157. 

  157. 					$this->new_config[$config_name] = $config_value = $cfg_array[$config_name];

    158. 

  158. 

    159. 

  159. 					if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))

    160. 

  160. 					{

    161. 

  161. 						$size_var = request_var($config_name, '');

    162. 

  162. 						$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);

    163. 

  163. 					}

    164. 

  164. 

    165. 

  165. 					if ($submit)

    166. 

  166. 					{

    167. 

  167. 						set_config($config_name, $config_value);

    168. 

  168. 					}

    169. 

  169. 				}

    170. 

  170. 

    171. 

  171. 				$this->perform_site_list();

    172. 

  172. 

    173. 

  173. 				if ($submit)

    174. 

  174. 				{

    175. 

  175. 					add_log('admin', 'LOG_CONFIG_ATTACH');

    176. 

  176. 

    177. 

  177. 					// Check Settings

    178. 

  178. 					$this->test_upload($error, $this->new_config['upload_path'], false);

    179. 

  179. 

    180. 

  180. 					if (!sizeof($error))

    181. 

  181. 					{

    182. 

  182. 						trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));

    183. 

  183. 					}

    184. 

  184. 				}

    185. 

  185. 

    186. 

  186. 				$template->assign_var('S_ATTACHMENT_SETTINGS', true);

    187. 

  187. 

    188. 

  188. 				if ($action == 'imgmagick')

    189. 

  189. 				{

    190. 

  190. 					$this->new_config['img_imagick'] = $this->search_imagemagick();

    191. 

  191. 				}

    192. 

  192. 

    193. 

  193. 				// We strip eventually manual added convert program, we only want the patch

    194. 

  194. 				if ($this->new_config['img_imagick'])

    195. 

  195. 				{

    196. 

  196. 					// Change path separator

    197. 

  197. 					$this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']);

    198. 

  198. 					$this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);

    199. 

  199. 

    200. 

  200. 					// Check for trailing slash

    201. 

  201. 					if (substr($this->new_config['img_imagick'], -1) !== '/')

    202. 

  202. 					{

    203. 

  203. 						$this->new_config['img_imagick'] .= '/';

    204. 

  204. 					}

    205. 

  205. 				}

    206. 

  206. 

    207. 

  207. 				$supported_types = get_supported_image_types();

    208. 

  208. 

    209. 

  209. 				// Check Thumbnail Support

    210. 

  210. 				if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format'])))

    211. 

  211. 				{

    212. 

  212. 					$this->new_config['img_create_thumbnail'] = 0;

    213. 

  213. 				}

    214. 

  214. 

    215. 

  215. 				$template->assign_vars(array(

    216. 

  216. 					'U_SEARCH_IMAGICK'		=> $this->u_action . '&amp;action=imgmagick',

    217. 

  217. 					'S_THUMBNAIL_SUPPORT'	=> (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true)

    218. 

  218. 				);

    219. 

  219. 

    220. 

  220. 				// Secure Download Options - Same procedure as with banning

    221. 

  221. 				$allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';

    222. 

  222. 

    223. 

  223. 				$sql = 'SELECT *

    224. 

  224. 					FROM ' . SITELIST_TABLE;

    225. 

  225. 				$result = $db->sql_query($sql);

    226. 

  226. 

    227. 

  227. 				$defined_ips = '';

    228. 

  228. 				$ips = array();

    229. 

  229. 

    230. 

  230. 				while ($row = $db->sql_fetchrow($result))

    231. 

  231. 				{

    232. 

  232. 					$value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];

    233. 

  233. 					if ($value)

    234. 

  234. 					{

    235. 

  235. 						$defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';

    236. 

  236. 						$ips[$row['site_id']] = $value;

    237. 

  237. 					}

    238. 

  238. 				}

    239. 

  239. 				$db->sql_freeresult($result);

    240. 

  240. 

    241. 

  241. 				$template->assign_vars(array(

    242. 

  242. 					'S_SECURE_DOWNLOADS'	=> $this->new_config['secure_downloads'],

    243. 

  243. 					'S_DEFINED_IPS'			=> ($defined_ips != '') ? true : false,

    244. 

  244. 					'S_WARNING'				=> (sizeof($error)) ? true : false,

    245. 

  245. 

    246. 

  246. 					'WARNING_MSG'			=> implode('<br />', $error),

    247. 

  247. 					'DEFINED_IPS'			=> $defined_ips,

    248. 

  248. 

    249. 

  249. 					'L_SECURE_TITLE'		=> $user->lang['DEFINE_' . $allow_deny . '_IPS'],

    250. 

  250. 					'L_IP_EXCLUDE'			=> $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'],

    251. 

  251. 					'L_REMOVE_IPS'			=> $user->lang['REMOVE_' . $allow_deny . '_IPS'])

    252. 

  252. 				);

    253. 

  253. 

    254. 

  254. 				// Output relevant options

    255. 

  255. 				foreach ($display_vars['vars'] as $config_key => $vars)

    256. 

  256. 				{

    257. 

  257. 					if (!is_array($vars) && strpos($config_key, 'legend') === false)

    258. 

  258. 					{

    259. 

  259. 						continue;

    260. 

  260. 					}

    261. 

  261. 

    262. 

  262. 					if (strpos($config_key, 'legend') !== false)

    263. 

  263. 					{

    264. 

  264. 						$template->assign_block_vars('options', array(

    265. 

  265. 							'S_LEGEND'		=> true,

    266. 

  266. 							'LEGEND'		=> (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars)

    267. 

  267. 						);

    268. 

  268. 

    269. 

  269. 						continue;

    270. 

  270. 					}

    271. 

  271. 

    272. 

  272. 					$type = explode(':', $vars['type']);

    273. 

  273. 

    274. 

  274. 					$l_explain = '';

    275. 

  275. 					if ($vars['explain'] && isset($vars['lang_explain']))

    276. 

  276. 					{

    277. 

  277. 						$l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain'];

    278. 

  278. 					}

    279. 

  279. 					else if ($vars['explain'])

    280. 

  280. 					{

    281. 

  281. 						$l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';

    282. 

  282. 					}

    283. 

  283. 

    284. 

  284. 					$content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);

    285. 

  285. 					if (empty($content))

    286. 

  286. 					{

    287. 

  287. 						continue;

    288. 

  288. 					}

    289. 

  289. 

    290. 

  290. 					$template->assign_block_vars('options', array(

    291. 

  291. 						'KEY'			=> $config_key,

    292. 

  292. 						'TITLE'			=> $user->lang[$vars['lang']],

    293. 

  293. 						'S_EXPLAIN'		=> $vars['explain'],

    294. 

  294. 						'TITLE_EXPLAIN'	=> $l_explain,

    295. 

  295. 						'CONTENT'		=> $content,

    296. 

  296. 						)

    297. 

  297. 					);

    298. 

  298. 

    299. 

  299. 					unset($display_vars['vars'][$config_key]);

    300. 

  300. 				}

    301. 

  301. 

    302. 

  302. 			break;

    303. 

  303. 

    304. 

  304. 			case 'extensions':

    305. 

  305. 

    306. 

  306. 				if ($submit || isset($_POST['add_extension_check']))

    307. 

  307. 				{

    308. 

  308. 					if ($submit)

    309. 

  309. 					{

    310. 

  310. 						// Change Extensions ?

    311. 

  311. 						$extension_change_list	= request_var('extension_change_list', array(0));

    312. 

  312. 						$group_select_list		= request_var('group_select', array(0));

    313. 

  313. 

    314. 

  314. 						// Generate correct Change List

    315. 

  315. 						$extensions = array();

    316. 

  316. 

    317. 

  317. 						for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++)

    318. 

  318. 						{

    319. 

  319. 							$extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i];

    320. 

  320. 						}

    321. 

  321. 

    322. 

  322. 						$sql = 'SELECT *

    323. 

  323. 							FROM ' . EXTENSIONS_TABLE . '

    324. 

  324. 							ORDER BY extension_id';

    325. 

  325. 						$result = $db->sql_query($sql);

    326. 

  326. 

    327. 

  327. 						while ($row = $db->sql_fetchrow($result))

    328. 

  328. 						{

    329. 

  329. 							if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])

    330. 

  330. 							{

    331. 

  331. 								$sql = 'UPDATE ' . EXTENSIONS_TABLE . '

    332. 

  332. 									SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '

    333. 

  333. 									WHERE extension_id = ' . $row['extension_id'];

    334. 

  334. 								$db->sql_query($sql);

    335. 

  335. 

    336. 

  336. 								add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']);

    337. 

  337. 							}

    338. 

  338. 						}

    339. 

  339. 						$db->sql_freeresult($result);

    340. 

  340. 

    341. 

  341. 						// Delete Extension?

    342. 

  342. 						$extension_id_list = request_var('extension_id_list', array(0));

    343. 

  343. 

    344. 

  344. 						if (sizeof($extension_id_list))

    345. 

  345. 						{

    346. 

  346. 							$sql = 'SELECT extension

    347. 

  347. 								FROM ' . EXTENSIONS_TABLE . '

    348. 

  348. 								WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);

    349. 

  349. 							$result = $db->sql_query($sql);

    350. 

  350. 

    351. 

  351. 							$extension_list = '';

    352. 

  352. 							while ($row = $db->sql_fetchrow($result))

    353. 

  353. 							{

    354. 

  354. 								$extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension'];

    355. 

  355. 							}

    356. 

  356. 							$db->sql_freeresult($result);

    357. 

  357. 

    358. 

  358. 							$sql = 'DELETE

    359. 

  359. 								FROM ' . EXTENSIONS_TABLE . '

    360. 

  360. 								WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);

    361. 

  361. 							$db->sql_query($sql);

    362. 

  362. 

    363. 

  363. 							add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list);

    364. 

  364. 						}

    365. 

  365. 					}

    366. 

  366. 

    367. 

  367. 					// Add Extension?

    368. 

  368. 					$add_extension			= strtolower(request_var('add_extension', ''));

    369. 

  369. 					$add_extension_group	= request_var('add_group_select', 0);

    370. 

  370. 					$add					= (isset($_POST['add_extension_check'])) ? true : false;

    371. 

  371. 

    372. 

  372. 					if ($add_extension && $add)

    373. 

  373. 					{

    374. 

  374. 						if (!sizeof($error))

    375. 

  375. 						{

    376. 

  376. 							$sql = 'SELECT extension_id

    377. 

  377. 								FROM ' . EXTENSIONS_TABLE . "

    378. 

  378. 								WHERE extension = '" . $db->sql_escape($add_extension) . "'";

    379. 

  379. 							$result = $db->sql_query($sql);

    380. 

  380. 

    381. 

  381. 							if ($row = $db->sql_fetchrow($result))

    382. 

  382. 							{

    383. 

  383. 								$error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);

    384. 

  384. 							}

    385. 

  385. 							$db->sql_freeresult($result);

    386. 

  386. 

    387. 

  387. 							if (!sizeof($error))

    388. 

  388. 							{

    389. 

  389. 								$sql_ary = array(

    390. 

  390. 									'group_id'	=>	$add_extension_group,

    391. 

  391. 									'extension'	=>	$add_extension

    392. 

  392. 								);

    393. 

  393. 

    394. 

  394. 								$db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));

    395. 

  395. 								add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension);

    396. 

  396. 							}

    397. 

  397. 						}

    398. 

  398. 					}

    399. 

  399. 

    400. 

  400. 					if (!sizeof($error))

    401. 

  401. 					{

    402. 

  402. 						$notify[] = $user->lang['EXTENSIONS_UPDATED'];

    403. 

  403. 					}

    404. 

  404. 

    405. 

  405. 					$cache->destroy('_extensions');

    406. 

  406. 				}

    407. 

  407. 

    408. 

  408. 				$template->assign_vars(array(

    409. 

  409. 					'S_EXTENSIONS'			=> true,

    410. 

  410. 					'ADD_EXTENSION'			=> (isset($add_extension)) ? $add_extension : '',

    411. 

  411. 					'GROUP_SELECT_OPTIONS'	=> (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))

    412. 

  412. 				);

    413. 

  413. 

    414. 

  414. 				$sql = 'SELECT *

    415. 

  415. 					FROM ' . EXTENSIONS_TABLE . '

    416. 

  416. 					ORDER BY group_id, extension';

    417. 

  417. 				$result = $db->sql_query($sql);

    418. 

  418. 

    419. 

  419. 				if ($row = $db->sql_fetchrow($result))

    420. 

  420. 				{

    421. 

  421. 					$old_group_id = $row['group_id'];

    422. 

  422. 					do

    423. 

  423. 					{

    424. 

  424. 						$s_spacer = false;

    425. 

  425. 

    426. 

  426. 						$current_group_id = $row['group_id'];

    427. 

  427. 						if ($old_group_id != $current_group_id)

    428. 

  428. 						{

    429. 

  429. 							$s_spacer = true;

    430. 

  430. 							$old_group_id = $current_group_id;

    431. 

  431. 						}

    432. 

  432. 

    433. 

  433. 						$template->assign_block_vars('extensions', array(

    434. 

  434. 							'S_SPACER'		=> $s_spacer,

    435. 

  435. 							'EXTENSION_ID'	=> $row['extension_id'],

    436. 

  436. 							'EXTENSION'		=> $row['extension'],

    437. 

  437. 							'GROUP_OPTIONS'	=> $this->group_select('group_select[]', $row['group_id']))

    438. 

  438. 						);

    439. 

  439. 					}

    440. 

  440. 					while ($row = $db->sql_fetchrow($result));

    441. 

  441. 				}

    442. 

  442. 				$db->sql_freeresult($result);

    443. 

  443. 

    444. 

  444. 			break;

    445. 

  445. 

    446. 

  446. 			case 'ext_groups':

    447. 

  447. 

    448. 

  448. 				$template->assign_var('S_EXTENSION_GROUPS', true);

    449. 

  449. 

    450. 

  450. 				if ($submit)

    451. 

  451. 				{

    452. 

  452. 					$action = request_var('action', '');

    453. 

  453. 					$group_id = request_var('g', 0);

    454. 

  454. 

    455. 

  455. 					if ($action != 'add' && $action != 'edit')

    456. 

  456. 					{

    457. 

  457. 						trigger_error('NO_MODE', E_USER_ERROR);

    458. 

  458. 					}

    459. 

  459. 

    460. 

  460. 					if (!$group_id && $action == 'edit')

    461. 

  461. 					{

    462. 

  462. 						trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);

    463. 

  463. 					}

    464. 

  464. 

    465. 

  465. 					if ($group_id)

    466. 

  466. 					{

    467. 

  467. 						$sql = 'SELECT *

    468. 

  468. 							FROM ' . EXTENSION_GROUPS_TABLE . "

    469. 

  469. 							WHERE group_id = $group_id";

    470. 

  470. 						$result = $db->sql_query($sql);

    471. 

  471. 						$ext_row = $db->sql_fetchrow($result);

    472. 

  472. 						$db->sql_freeresult($result);

    473. 

  473. 

    474. 

  474. 						if (!$ext_row)

    475. 

  475. 						{

    476. 

  476. 							trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);

    477. 

  477. 						}

    478. 

  478. 					}

    479. 

  479. 					else

    480. 

  480. 					{

    481. 

  481. 						$ext_row = array();

    482. 

  482. 					}

    483. 

  483. 

    484. 

  484. 					$group_name = utf8_normalize_nfc(request_var('group_name', '', true));

    485. 

  485. 					$new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');

    486. 

  486. 

    487. 

  487. 					if (!$group_name)

    488. 

  488. 					{

    489. 

  489. 						$error[] = $user->lang['NO_EXT_GROUP_NAME'];

    490. 

  490. 					}

    491. 

  491. 

    492. 

  492. 					// Check New Group Name

    493. 

  493. 					if ($new_group_name)

    494. 

  494. 					{

    495. 

  495. 						$sql = 'SELECT group_id

    496. 

  496. 							FROM ' . EXTENSION_GROUPS_TABLE . "

    497. 

  497. 							WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";

    498. 

  498. 						if ($group_id)

    499. 

  499. 						{

    500. 

  500. 							$sql .= ' AND group_id <> ' . $group_id;

    501. 

  501. 						}

    502. 

  502. 						$result = $db->sql_query($sql);

    503. 

  503. 

    504. 

  504. 						if ($db->sql_fetchrow($result))

    505. 

  505. 						{

    506. 

  506. 							$error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name);

    507. 

  507. 						}

    508. 

  508. 						$db->sql_freeresult($result);

    509. 

  509. 					}

    510. 

  510. 

    511. 

  511. 					if (!sizeof($error))

    512. 

  512. 					{

    513. 

  513. 						// Ok, build the update/insert array

    514. 

  514. 						$upload_icon	= request_var('upload_icon', 'no_image');

    515. 

  515. 						$size_select	= request_var('size_select', 'b');

    516. 

  516. 						$forum_select	= request_var('forum_select', false);

    517. 

  517. 						$allowed_forums	= request_var('allowed_forums', array(0));

    518. 

  518. 						$allow_in_pm	= (isset($_POST['allow_in_pm'])) ? true : false;

    519. 

  519. 						$max_filesize	= request_var('max_filesize', 0);

    520. 

  520. 						$max_filesize	= ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);

    521. 

  521. 						$allow_group	= (isset($_POST['allow_group'])) ? true : false;

    522. 

  522. 

    523. 

  523. 						if ($max_filesize == $config['max_filesize'])

    524. 

  524. 						{

    525. 

  525. 							$max_filesize = 0;

    526. 

  526. 						}

    527. 

  527. 

    528. 

  528. 						if (!sizeof($allowed_forums))

    529. 

  529. 						{

    530. 

  530. 							$forum_select = false;

    531. 

  531. 						}

    532. 

  532. 

    533. 

  533. 						$group_ary = array(

    534. 

  534. 							'group_name'	=> $group_name,

    535. 

  535. 							'cat_id'		=> request_var('special_category', ATTACHMENT_CATEGORY_NONE),

    536. 

  536. 							'allow_group'	=> ($allow_group) ? 1 : 0,

    537. 

  537. 							'upload_icon'	=> ($upload_icon == 'no_image') ? '' : $upload_icon,

    538. 

  538. 							'max_filesize'	=> $max_filesize,

    539. 

  539. 							'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '',

    540. 

  540. 							'allow_in_pm'	=> ($allow_in_pm) ? 1 : 0,

    541. 

  541. 						);

    542. 

  542. 

    543. 

  543. 						if ($action == 'add')

    544. 

  544. 						{

    545. 

  545. 							$group_ary['download_mode'] = INLINE_LINK;

    546. 

  546. 						}

    547. 

  547. 

    548. 

  548. 						$sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';

    549. 

  549. 						$sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);

    550. 

  550. 						$sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';

    551. 

  551. 

    552. 

  552. 						$db->sql_query($sql);

    553. 

  553. 

    554. 

  554. 						if ($action == 'add')

    555. 

  555. 						{

    556. 

  556. 							$group_id = $db->sql_nextid();

    557. 

  557. 						}

    558. 

  558. 

    559. 

  559. 						$group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name;

    560. 

  560. 						add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);

    561. 

  561. 					}

    562. 

  562. 

    563. 

  563. 					$extension_list = request_var('extensions', array(0));

    564. 

  564. 

    565. 

  565. 					if ($action == 'edit' && sizeof($extension_list))

    566. 

  566. 					{

    567. 

  567. 						$sql = 'UPDATE ' . EXTENSIONS_TABLE . "

    568. 

  568. 							SET group_id = 0

    569. 

  569. 							WHERE group_id = $group_id";

    570. 

  570. 						$db->sql_query($sql);

    571. 

  571. 					}

    572. 

  572. 

    573. 

  573. 					if (sizeof($extension_list))

    574. 

  574. 					{

    575. 

  575. 						$sql = 'UPDATE ' . EXTENSIONS_TABLE . "

    576. 

  576. 							SET group_id = $group_id

    577. 

  577. 							WHERE " . $db->sql_in_set('extension_id', $extension_list);

    578. 

  578. 						$db->sql_query($sql);

    579. 

  579. 					}

    580. 

  580. 

    581. 

  581. 					$cache->destroy('_extensions');

    582. 

  582. 

    583. 

  583. 					if (!sizeof($error))

    584. 

  584. 					{

    585. 

  585. 						$notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)];

    586. 

  586. 					}

    587. 

  587. 				}

    588. 

  588. 

    589. 

  589. 				$cat_lang = array(

    590. 

  590. 					ATTACHMENT_CATEGORY_NONE		=> $user->lang['NO_FILE_CAT'],

    591. 

  591. 					ATTACHMENT_CATEGORY_IMAGE		=> $user->lang['CAT_IMAGES'],

    592. 

  592. 					ATTACHMENT_CATEGORY_WM			=> $user->lang['CAT_WM_FILES'],

    593. 

  593. 					ATTACHMENT_CATEGORY_RM			=> $user->lang['CAT_RM_FILES'],

    594. 

  594. 					ATTACHMENT_CATEGORY_FLASH		=> $user->lang['CAT_FLASH_FILES'],

    595. 

  595. 					ATTACHMENT_CATEGORY_QUICKTIME	=> $user->lang['CAT_QUICKTIME_FILES'],

    596. 

  596. 				);

    597. 

  597. 

    598. 

  598. 				$group_id = request_var('g', 0);

    599. 

  599. 				$action = (isset($_POST['add'])) ? 'add' : $action;

    600. 

  600. 

    601. 

  601. 				switch ($action)

    602. 

  602. 				{

    603. 

  603. 					case 'delete':

    604. 

  604. 

    605. 

  605. 						if (confirm_box(true))

    606. 

  606. 						{

    607. 

  607. 							$sql = 'SELECT group_name

    608. 

  608. 								FROM ' . EXTENSION_GROUPS_TABLE . "

    609. 

  609. 								WHERE group_id = $group_id";

    610. 

  610. 							$result = $db->sql_query($sql);

    611. 

  611. 							$group_name = (string) $db->sql_fetchfield('group_name');

    612. 

  612. 							$db->sql_freeresult($result);

    613. 

  613. 

    614. 

  614. 							$sql = 'DELETE

    615. 

  615. 								FROM ' . EXTENSION_GROUPS_TABLE . "

    616. 

  616. 								WHERE group_id = $group_id";

    617. 

  617. 							$db->sql_query($sql);

    618. 

  618. 

    619. 

  619. 							// Set corresponding Extensions to a pending Group

    620. 

  620. 							$sql = 'UPDATE ' . EXTENSIONS_TABLE . "

    621. 

  621. 								SET group_id = 0

    622. 

  622. 								WHERE group_id = $group_id";

    623. 

  623. 							$db->sql_query($sql);

    624. 

  624. 

    625. 

  625. 							add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);

    626. 

  626. 

    627. 

  627. 							$cache->destroy('_extensions');

    628. 

  628. 

    629. 

  629. 							trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action));

    630. 

  630. 						}

    631. 

  631. 						else

    632. 

  632. 						{

    633. 

  633. 							confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(

    634. 

  634. 								'i'			=> $id,

    635. 

  635. 								'mode'		=> $mode,

    636. 

  636. 								'group_id'	=> $group_id,

    637. 

  637. 								'action'	=> 'delete',

    638. 

  638. 							)));

    639. 

  639. 						}

    640. 

  640. 

    641. 

  641. 					break;

    642. 

  642. 

    643. 

  643. 					case 'edit':

    644. 

  644. 

    645. 

  645. 						if (!$group_id)

    646. 

  646. 						{

    647. 

  647. 							trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);

    648. 

  648. 						}

    649. 

  649. 

    650. 

  650. 						$sql = 'SELECT *

    651. 

  651. 							FROM ' . EXTENSION_GROUPS_TABLE . "

    652. 

  652. 							WHERE group_id = $group_id";

    653. 

  653. 						$result = $db->sql_query($sql);

    654. 

  654. 						$ext_group_row = $db->sql_fetchrow($result);

    655. 

  655. 						$db->sql_freeresult($result);

    656. 

  656. 

    657. 

  657. 						$forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums']));

    658. 

  658. 

    659. 

  659. 					// no break;

    660. 

  660. 

    661. 

  661. 					case 'add':

    662. 

  662. 

    663. 

  663. 						if ($action == 'add')

    664. 

  664. 						{

    665. 

  665. 							$ext_group_row = array(

    666. 

  666. 								'group_name'	=> utf8_normalize_nfc(request_var('group_name', '', true)),

    667. 

  667. 								'cat_id'		=> 0,

    668. 

  668. 								'allow_group'	=> 1,

    669. 

  669. 								'allow_in_pm'	=> 1,

    670. 

  670. 								'upload_icon'	=> '',

    671. 

  671. 								'max_filesize'	=> 0,

    672. 

  672. 							);

    673. 

  673. 

    674. 

  674. 							$forum_ids = array();

    675. 

  675. 						}

    676. 

  676. 

    677. 

  677. 						$extensions = array();

    678. 

  678. 

    679. 

  679. 						$sql = 'SELECT *

    680. 

  680. 							FROM ' . EXTENSIONS_TABLE . "

    681. 

  681. 							WHERE group_id = $group_id

    682. 

  682. 								OR group_id = 0

    683. 

  683. 							ORDER BY extension";

    684. 

  684. 						$result = $db->sql_query($sql);

    685. 

  685. 						$extensions = $db->sql_fetchrowset($result);

    686. 

  686. 						$db->sql_freeresult($result);

    687. 

  687. 

    688. 

  688. 						if ($ext_group_row['max_filesize'] == 0)

    689. 

  689. 						{

    690. 

  690. 							$ext_group_row['max_filesize'] = (int) $config['max_filesize'];

    691. 

  691. 						}

    692. 

  692. 

    693. 

  693. 						$max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b'));

    694. 

  694. 						$size_format = $max_filesize['si_identifier'];

    695. 

  695. 						$ext_group_row['max_filesize'] = $max_filesize['value'];

    696. 

  696. 

    697. 

  697. 						$img_path = $config['upload_icons_path'];

    698. 

  698. 

    699. 

  699. 						$filename_list = '';

    700. 

  700. 						$no_image_select = false;

    701. 

  701. 

    702. 

  702. 						$imglist = filelist($phpbb_root_path . $img_path);

    703. 

  703. 

    704. 

  704. 						if (!empty($imglist['']))

    705. 

  705. 						{

    706. 

  706. 							$imglist = array_values($imglist);

    707. 

  707. 							$imglist = $imglist[0];

    708. 

  708. 

    709. 

  709. 							foreach ($imglist as $key => $img)

    710. 

  710. 							{

    711. 

  711. 								if (!$ext_group_row['upload_icon'])

    712. 

  712. 								{

    713. 

  713. 									$no_image_select = true;

    714. 

  714. 									$selected = '';

    715. 

  715. 								}

    716. 

  716. 								else

    717. 

  717. 								{

    718. 

  718. 									$selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : '';

    719. 

  719. 								}

    720. 

  720. 

    721. 

  721. 								if (strlen($img) > 255)

    722. 

  722. 								{

    723. 

  723. 									continue;

    724. 

  724. 								}

    725. 

  725. 

    726. 

  726. 								$filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>';

    727. 

  727. 							}

    728. 

  728. 						}

    729. 

  729. 

    730. 

  730. 						$i = 0;

    731. 

  731. 						$assigned_extensions = '';

    732. 

  732. 						foreach ($extensions as $num => $row)

    733. 

  733. 						{

    734. 

  734. 							if ($row['group_id'] == $group_id && $group_id)

    735. 

  735. 							{

    736. 

  736. 								$assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension'];

    737. 

  737. 								$i++;

    738. 

  738. 							}

    739. 

  739. 						}

    740. 

  740. 

    741. 

  741. 						$s_extension_options = '';

    742. 

  742. 						foreach ($extensions as $row)

    743. 

  743. 						{

    744. 

  744. 							$s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>';

    745. 

  745. 						}

    746. 

  746. 

    747. 

  747. 						$template->assign_vars(array(

    748. 

  748. 							'PHPBB_ROOT_PATH'		=> $phpbb_root_path,

    749. 

  749. 							'IMG_PATH'				=> $img_path,

    750. 

  750. 							'ACTION'				=> $action,

    751. 

  751. 							'GROUP_ID'				=> $group_id,

    752. 

  752. 							'GROUP_NAME'			=> $ext_group_row['group_name'],

    753. 

  753. 							'ALLOW_GROUP'			=> $ext_group_row['allow_group'],

    754. 

  754. 							'ALLOW_IN_PM'			=> $ext_group_row['allow_in_pm'],

    755. 

  755. 							'UPLOAD_ICON_SRC'		=> $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'],

    756. 

  756. 							'EXTGROUP_FILESIZE'		=> $ext_group_row['max_filesize'],

    757. 

  757. 							'ASSIGNED_EXTENSIONS'	=> $assigned_extensions,

    758. 

  758. 

    759. 

  759. 							'S_CATEGORY_SELECT'			=> $this->category_select('special_category', $group_id, 'category'),

    760. 

  760. 							'S_EXT_GROUP_SIZE_OPTIONS'	=> size_select_options($size_format),

    761. 

  761. 							'S_EXTENSION_OPTIONS'		=> $s_extension_options,

    762. 

  762. 							'S_FILENAME_LIST'			=> $filename_list,

    763. 

  763. 							'S_EDIT_GROUP'				=> true,

    764. 

  764. 							'S_NO_IMAGE'				=> $no_image_select,

    765. 

  765. 							'S_FORUM_IDS'				=> (sizeof($forum_ids)) ? true : false,

    766. 

  766. 

    767. 

  767. 							'U_EXTENSIONS'		=> append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;mode=extensions"),

    768. 

  768. 							'U_BACK'			=> $this->u_action,

    769. 

  769. 

    770. 

  770. 							'L_LEGEND'			=> $user->lang[strtoupper($action) . '_EXTENSION_GROUP'])

    771. 

  771. 						);

    772. 

  772. 

    773. 

  773. 						$s_forum_id_options = '';

    774. 

  774. 

    775. 

  775. 						/** @todo use in-built function **/

    776. 

  776. 

    777. 

  777. 						$sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id

    778. 

  778. 							FROM ' . FORUMS_TABLE . '

    779. 

  779. 							ORDER BY left_id ASC';

    780. 

  780. 						$result = $db->sql_query($sql, 600);

    781. 

  781. 

    782. 

  782. 						$right = $cat_right = $padding_inc = 0;

    783. 

  783. 						$padding = $forum_list = $holding = '';

    784. 

  784. 						$padding_store = array('0' => '');

    785. 

  785. 

    786. 

  786. 						while ($row = $db->sql_fetchrow($result))

    787. 

  787. 						{

    788. 

  788. 							if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))

    789. 

  789. 							{

    790. 

  790. 								// Non-postable forum with no subforums, don't display

    791. 

  791. 								continue;

    792. 

  792. 							}

    793. 

  793. 

    794. 

  794. 							if (!$auth->acl_get('f_list', $row['forum_id']))

    795. 

  795. 							{

    796. 

  796. 								// if the user does not have permissions to list this forum skip

    797. 

  797. 								continue;

    798. 

  798. 							}

    799. 

  799. 

    800. 

  800. 							if ($row['left_id'] < $right)

    801. 

  801. 							{

    802. 

  802. 								$padding .= '&nbsp; &nbsp;';

    803. 

  803. 								$padding_store[$row['parent_id']] = $padding;

    804. 

  804. 							}

    805. 

  805. 							else if ($row['left_id'] > $right + 1)

    806. 

  806. 							{

    807. 

  807. 								$padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']];

    808. 

  808. 							}

    809. 

  809. 

    810. 

  810. 							$right = $row['right_id'];

    811. 

  811. 

    812. 

  812. 							$selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : '';

    813. 

  813. 

    814. 

  814. 							if ($row['left_id'] > $cat_right)

    815. 

  815. 							{

    816. 

  816. 								// make sure we don't forget anything

    817. 

  817. 								$s_forum_id_options .= $holding;

    818. 

  818. 								$holding = '';

    819. 

  819. 							}

    820. 

  820. 

    821. 

  821. 							if ($row['right_id'] - $row['left_id'] > 1)

    822. 

  822. 							{

    823. 

  823. 								$cat_right = max($cat_right, $row['right_id']);

    824. 

  824. 

    825. 

  825. 								$holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';

    826. 

  826. 							}

    827. 

  827. 							else

    828. 

  828. 							{

    829. 

  829. 								$s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';

    830. 

  830. 								$holding = '';

    831. 

  831. 							}

    832. 

  832. 						}

    833. 

  833. 

    834. 

  834. 						if ($holding)

    835. 

  835. 						{

    836. 

  836. 							$s_forum_id_options .= $holding;

    837. 

  837. 						}

    838. 

  838. 

    839. 

  839. 						$db->sql_freeresult($result);

    840. 

  840. 						unset($padding_store);

    841. 

  841. 

    842. 

  842. 						$template->assign_vars(array(

    843. 

  843. 							'S_FORUM_ID_OPTIONS'	=> $s_forum_id_options)

    844. 

  844. 						);

    845. 

  845. 

    846. 

  846. 					break;

    847. 

  847. 				}

    848. 

  848. 

    849. 

  849. 				$sql = 'SELECT *

    850. 

  850. 					FROM ' . EXTENSION_GROUPS_TABLE . '

    851. 

  851. 					ORDER BY allow_group DESC, allow_in_pm DESC, group_name';

    852. 

  852. 				$result = $db->sql_query($sql);

    853. 

  853. 

    854. 

  854. 				$old_allow_group = $old_allow_pm = 1;

    855. 

  855. 				while ($row = $db->sql_fetchrow($result))

    856. 

  856. 				{

    857. 

  857. 					$s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false;

    858. 

  858. 

    859. 

  859. 					$template->assign_block_vars('groups', array(

    860. 

  860. 						'S_ADD_SPACER'		=> $s_add_spacer,

    861. 

  861. 						'S_ALLOWED_IN_PM'	=> ($row['allow_in_pm']) ? true : false,

    862. 

  862. 						'S_GROUP_ALLOWED'	=> ($row['allow_group']) ? true : false,

    863. 

  863. 

    864. 

  864. 						'U_EDIT'		=> $this->u_action . "&amp;action=edit&amp;g={$row['group_id']}",

    865. 

  865. 						'U_DELETE'		=> $this->u_action . "&amp;action=delete&amp;g={$row['group_id']}",

    866. 

  866. 

    867. 

  867. 						'GROUP_NAME'	=> (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'],

    868. 

  868. 						'CATEGORY'		=> $cat_lang[$row['cat_id']],

    869. 

  869. 						)

    870. 

  870. 					);

    871. 

  871. 

    872. 

  872. 					$old_allow_group = $row['allow_group'];

    873. 

  873. 					$old_allow_pm = $row['allow_in_pm'];

    874. 

  874. 				}

    875. 

  875. 				$db->sql_freeresult($result);

    876. 

  876. 

    877. 

  877. 			break;

    878. 

  878. 

    879. 

  879. 			case 'orphan':

    880. 

  880. 

    881. 

  881. 				if ($submit)

    882. 

  882. 				{

    883. 

  883. 					$delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array();

    884. 

  884. 					$add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array();

    885. 

  885. 					$post_ids = request_var('post_id', array('' => 0));

    886. 

  886. 

    887. 

  887. 					if (sizeof($delete_files))

    888. 

  888. 					{

    889. 

  889. 						$sql = 'SELECT *

    890. 

  890. 							FROM ' . ATTACHMENTS_TABLE . '

    891. 

  891. 							WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '

    892. 

  892. 								AND is_orphan = 1';

    893. 

  893. 						$result = $db->sql_query($sql);

    894. 

  894. 

    895. 

  895. 						$delete_files = array();

    896. 

  896. 						while ($row = $db->sql_fetchrow($result))

    897. 

  897. 						{

    898. 

  898. 							phpbb_unlink($row['physical_filename'], 'file');

    899. 

  899. 

    900. 

  900. 							if ($row['thumbnail'])

    901. 

  901. 							{

    902. 

  902. 								phpbb_unlink($row['physical_filename'], 'thumbnail');

    903. 

  903. 							}

    904. 

  904. 

    905. 

  905. 							$delete_files[$row['attach_id']] = $row['real_filename'];

    906. 

  906. 						}

    907. 

  907. 						$db->sql_freeresult($result);

    908. 

  908. 					}

    909. 

  909. 

    910. 

  910. 					if (sizeof($delete_files))

    911. 

  911. 					{

    912. 

  912. 						$sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '

    913. 

  913. 							WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));

    914. 

  914. 						$db->sql_query($sql);

    915. 

  915. 

    916. 

  916. 						add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));

    917. 

  917. 						$notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files));

    918. 

  918. 					}

    919. 

  919. 

    920. 

  920. 					$upload_list = array();

    921. 

  921. 					foreach ($add_files as $attach_id)

    922. 

  922. 					{

    923. 

  923. 						if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id]))

    924. 

  924. 						{

    925. 

  925. 							$upload_list[$attach_id] = $post_ids[$attach_id];

    926. 

  926. 						}

    927. 

  927. 					}

    928. 

  928. 					unset($add_files);

    929. 

  929. 

    930. 

  930. 					if (sizeof($upload_list))

    931. 

  931. 					{

    932. 

  932. 						$template->assign_var('S_UPLOADING_FILES', true);

    933. 

  933. 

    934. 

  934. 						$sql = 'SELECT forum_id, forum_name

    935. 

  935. 							FROM ' . FORUMS_TABLE;

    936. 

  936. 						$result = $db->sql_query($sql);

    937. 

  937. 

    938. 

  938. 						$forum_names = array();

    939. 

  939. 						while ($row = $db->sql_fetchrow($result))

    940. 

  940. 						{

    941. 

  941. 							$forum_names[$row['forum_id']] = $row['forum_name'];

    942. 

  942. 						}

    943. 

  943. 						$db->sql_freeresult($result);

    944. 

  944. 

    945. 

  945. 						$sql = 'SELECT forum_id, topic_id, post_id, poster_id

    946. 

  946. 							FROM ' . POSTS_TABLE . '

    947. 

  947. 							WHERE ' . $db->sql_in_set('post_id', $upload_list);

    948. 

  948. 						$result = $db->sql_query($sql);

    949. 

  949. 

    950. 

  950. 						$post_info = array();

    951. 

  951. 						while ($row = $db->sql_fetchrow($result))

    952. 

  952. 						{

    953. 

  953. 							$post_info[$row['post_id']] = $row;

    954. 

  954. 						}

    955. 

  955. 						$db->sql_freeresult($result);

    956. 

  956. 

    957. 

  957. 						// Select those attachments we want to change...

    958. 

  958. 						$sql = 'SELECT *

    959. 

  959. 							FROM ' . ATTACHMENTS_TABLE . '

    960. 

  960. 							WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '

    961. 

  961. 								AND is_orphan = 1';

    962. 

  962. 						$result = $db->sql_query($sql);

    963. 

  963. 

    964. 

  964. 						$files_added = $space_taken = 0;

    965. 

  965. 						while ($row = $db->sql_fetchrow($result))

    966. 

  966. 						{

    967. 

  967. 							$post_row = $post_info[$upload_list[$row['attach_id']]];

    968. 

  968. 

    969. 

  969. 							$template->assign_block_vars('upload', array(

    970. 

  970. 								'FILE_INFO'		=> sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),

    971. 

  971. 								'S_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,

    972. 

  972. 								'L_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')

    973. 

  973. 							);

    974. 

  974. 

    975. 

  975. 							if (!$auth->acl_get('f_attach', $post_row['forum_id']))

    976. 

  976. 							{

    977. 

  977. 								continue;

    978. 

  978. 							}

    979. 

  979. 

    980. 

  980. 							// Adjust attachment entry

    981. 

  981. 							$sql_ary = array(

    982. 

  982. 								'in_message'	=> 0,

    983. 

  983. 								'is_orphan'		=> 0,

    984. 

  984. 								'poster_id'		=> $post_row['poster_id'],

    985. 

  985. 								'post_msg_id'	=> $post_row['post_id'],

    986. 

  986. 								'topic_id'		=> $post_row['topic_id'],

    987. 

  987. 							);

    988. 

  988. 

    989. 

  989. 							$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '

    990. 

  990. 								SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '

    991. 

  991. 								WHERE attach_id = ' . $row['attach_id'];

    992. 

  992. 							$db->sql_query($sql);

    993. 

  993. 

    994. 

  994. 							$sql = 'UPDATE ' . POSTS_TABLE . '

    995. 

  995. 								SET post_attachment = 1

    996. 

  996. 								WHERE post_id = ' . $post_row['post_id'];

    997. 

  997. 							$db->sql_query($sql);

    998. 

  998. 

    999. 

  999. 							$sql = 'UPDATE ' . TOPICS_TABLE . '

    1000. 

  1000. 								SET topic_attachment = 1

    1001. 

  1001. 								WHERE topic_id = ' . $post_row['topic_id'];

    1002. 

  1002. 							$db->sql_query($sql);

    1003. 

  1003. 

    1004. 

  1004. 							$space_taken += $row['filesize'];

    1005. 

  1005. 							$files_added++;

    1006. 

  1006. 

    1007. 

  1007. 							add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);

    1008. 

  1008. 						}

    1009. 

  1009. 						$db->sql_freeresult($result);

    1010. 

  1010. 

    1011. 

  1011. 						if ($files_added)

    1012. 

  1012. 						{

    1013. 

  1013. 							set_config_count('upload_dir_size', $space_taken, true);

    1014. 

  1014. 							set_config_count('num_files', $files_added, true);

    1015. 

  1015. 						}

    1016. 

  1016. 					}

    1017. 

  1017. 				}

    1018. 

  1018. 

    1019. 

  1019. 				$template->assign_vars(array(

    1020. 

  1020. 					'S_ORPHAN'		=> true)

    1021. 

  1021. 				);

    1022. 

  1022. 

    1023. 

  1023. 				// Just get the files with is_orphan set and older than 3 hours

    1024. 

  1024. 				$sql = 'SELECT *

    1025. 

  1025. 					FROM ' . ATTACHMENTS_TABLE . '

    1026. 

  1026. 					WHERE is_orphan = 1

    1027. 

  1027. 						AND filetime < ' . (time() - 3*60*60) . '

    1028. 

  1028. 					ORDER BY filetime DESC';

    1029. 

  1029. 				$result = $db->sql_query($sql);

    1030. 

  1030. 

    1031. 

  1031. 				while ($row = $db->sql_fetchrow($result))

    1032. 

  1032. 				{

    1033. 

  1033. 					$template->assign_block_vars('orphan', array(

    1034. 

  1034. 						'FILESIZE'			=> get_formatted_filesize($row['filesize']),

    1035. 

  1035. 						'FILETIME'			=> $user->format_date($row['filetime']),

    1036. 

  1036. 						'REAL_FILENAME'		=> utf8_basename($row['real_filename']),

    1037. 

  1037. 						'PHYSICAL_FILENAME'	=> utf8_basename($row['physical_filename']),

    1038. 

  1038. 						'ATTACH_ID'			=> $row['attach_id'],

    1039. 

  1039. 						'POST_IDS'			=> (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',

    1040. 

  1040. 						'U_FILE'			=> append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))

    1041. 

  1041. 					);

    1042. 

  1042. 				}

    1043. 

  1043. 				$db->sql_freeresult($result);

    1044. 

  1044. 

    1045. 

  1045. 			break;

    1046. 

  1046. 		}

    1047. 

  1047. 

    1048. 

  1048. 		if (sizeof($error))

    1049. 

  1049. 		{

    1050. 

  1050. 			$template->assign_vars(array(

    1051. 

  1051. 				'S_WARNING'		=> true,

    1052. 

  1052. 				'WARNING_MSG'	=> implode('<br />', $error))

    1053. 

  1053. 			);

    1054. 

  1054. 		}

    1055. 

  1055. 

    1056. 

  1056. 		if (sizeof($notify))

    1057. 

  1057. 		{

    1058. 

  1058. 			$template->assign_vars(array(

    1059. 

  1059. 				'S_NOTIFY'		=> true,

    1060. 

  1060. 				'NOTIFY_MSG'	=> implode('<br />', $notify))

    1061. 

  1061. 			);

    1062. 

  1062. 		}

    1063. 

  1063. 	}

    1064. 

  1064. 

    1065. 

  1065. 	/**

    1066. 

  1066. 	* Build Select for category items

    1067. 

  1067. 	*/

    1068. 

  1068. 	function category_select($select_name, $group_id = false, $key = '')

    1069. 

  1069. 	{

    1070. 

  1070. 		global $db, $user;

    1071. 

  1071. 

    1072. 

  1072. 		$types = array(

    1073. 

  1073. 			ATTACHMENT_CATEGORY_NONE		=> $user->lang['NO_FILE_CAT'],

    1074. 

  1074. 			ATTACHMENT_CATEGORY_IMAGE		=> $user->lang['CAT_IMAGES'],

    1075. 

  1075. 			ATTACHMENT_CATEGORY_WM			=> $user->lang['CAT_WM_FILES'],

    1076. 

  1076. 			ATTACHMENT_CATEGORY_RM			=> $user->lang['CAT_RM_FILES'],

    1077. 

  1077. 			ATTACHMENT_CATEGORY_FLASH		=> $user->lang['CAT_FLASH_FILES'],

    1078. 

  1078. 			ATTACHMENT_CATEGORY_QUICKTIME	=> $user->lang['CAT_QUICKTIME_FILES'],

    1079. 

  1079. 		);

    1080. 

  1080. 

    1081. 

  1081. 		if ($group_id)

    1082. 

  1082. 		{

    1083. 

  1083. 			$sql = 'SELECT cat_id

    1084. 

  1084. 				FROM ' . EXTENSION_GROUPS_TABLE . '

    1085. 

  1085. 				WHERE group_id = ' . (int) $group_id;

    1086. 

  1086. 			$result = $db->sql_query($sql);

    1087. 

  1087. 

    1088. 

  1088. 			$cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id'];

    1089. 

  1089. 

    1090. 

  1090. 			$db->sql_freeresult($result);

    1091. 

  1091. 		}

    1092. 

  1092. 		else

    1093. 

  1093. 		{

    1094. 

  1094. 			$cat_type = ATTACHMENT_CATEGORY_NONE;

    1095. 

  1095. 		}

    1096. 

  1096. 

    1097. 

  1097. 		$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';

    1098. 

  1098. 

    1099. 

  1099. 		foreach ($types as $type => $mode)

    1100. 

  1100. 		{

    1101. 

  1101. 			$selected = ($type == $cat_type) ? ' selected="selected"' : '';

    1102. 

  1102. 			$group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>';

    1103. 

  1103. 		}

    1104. 

  1104. 

    1105. 

  1105. 		$group_select .= '</select>';

    1106. 

  1106. 

    1107. 

  1107. 		return $group_select;

    1108. 

  1108. 	}

    1109. 

  1109. 

    1110. 

  1110. 	/**

    1111. 

  1111. 	* Extension group select

    1112. 

  1112. 	*/

    1113. 

  1113. 	function group_select($select_name, $default_group = false, $key = '')

    1114. 

  1114. 	{

    1115. 

  1115. 		global $db, $user;

    1116. 

  1116. 

    1117. 

  1117. 		$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';

    1118. 

  1118. 

    1119. 

  1119. 		$sql = 'SELECT group_id, group_name

    1120. 

  1120. 			FROM ' . EXTENSION_GROUPS_TABLE . '

    1121. 

  1121. 			ORDER BY group_name';

    1122. 

  1122. 		$result = $db->sql_query($sql);

    1123. 

  1123. 

    1124. 

  1124. 		$group_name = array();

    1125. 

  1125. 		while ($row = $db->sql_fetchrow($result))

    1126. 

  1126. 		{

    1127. 

  1127. 			$row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

    1128. 

  1128. 			$group_name[] = $row;

    1129. 

  1129. 		}

    1130. 

  1130. 		$db->sql_freeresult($result);

    1131. 

  1131. 

    1132. 

  1132. 		$row['group_id'] = 0;

    1133. 

  1133. 		$row['group_name'] = $user->lang['NOT_ASSIGNED'];

    1134. 

  1134. 		$group_name[] = $row;

    1135. 

  1135. 

    1136. 

  1136. 		for ($i = 0; $i < sizeof($group_name); $i++)

    1137. 

  1137. 		{

    1138. 

  1138. 			if ($default_group === false)

    1139. 

  1139. 			{

    1140. 

  1140. 				$selected = ($i == 0) ? ' selected="selected"' : '';

    1141. 

  1141. 			}

    1142. 

  1142. 			else

    1143. 

  1143. 			{

    1144. 

  1144. 				$selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : '';

    1145. 

  1145. 			}

    1146. 

  1146. 

    1147. 

  1147. 			$group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>';

    1148. 

  1148. 		}

    1149. 

  1149. 

    1150. 

  1150. 		$group_select .= '</select>';

    1151. 

  1151. 

    1152. 

  1152. 		return $group_select;

    1153. 

  1153. 	}

    1154. 

  1154. 

    1155. 

  1155. 	/**

    1156. 

  1156. 	* Search Imagick

    1157. 

  1157. 	*/

    1158. 

  1158. 	function search_imagemagick()

    1159. 

  1159. 	{

    1160. 

  1160. 		$imagick = '';

    1161. 

  1161. 

    1162. 

  1162. 		$exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : '';

    1163. 

  1163. 

    1164. 

  1164. 		$magic_home = getenv('MAGICK_HOME');

    1165. 

  1165. 

    1166. 

  1166. 		if (empty($magic_home))

    1167. 

  1167. 		{

    1168. 

  1168. 			$locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');

    1169. 

  1169. 			$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));

    1170. 

  1170. 

    1171. 

  1171. 			$locations = array_merge($path_locations, $locations);

    1172. 

  1172. 

    1173. 

  1173. 			foreach ($locations as $location)

    1174. 

  1174. 			{

    1175. 

  1175. 				// The path might not end properly, fudge it

    1176. 

  1176. 				if (substr($location, -1) !== '/')

    1177. 

  1177. 				{

    1178. 

  1178. 					$location .= '/';

    1179. 

  1179. 				}

    1180. 

  1180. 

    1181. 

  1181. 				if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000)

    1182. 

  1182. 				{

    1183. 

  1183. 					$imagick = str_replace('\\', '/', $location);

    1184. 

  1184. 					continue;

    1185. 

  1185. 				}

    1186. 

  1186. 			}

    1187. 

  1187. 		}

    1188. 

  1188. 		else

    1189. 

  1189. 		{

    1190. 

  1190. 			$imagick = str_replace('\\', '/', $magic_home);

    1191. 

  1191. 		}

    1192. 

  1192. 

    1193. 

  1193. 		return $imagick;

    1194. 

  1194. 	}

    1195. 

  1195. 

    1196. 

  1196. 	/**

    1197. 

  1197. 	* Test Settings

    1198. 

  1198. 	*/

    1199. 

  1199. 	function test_upload(&$error, $upload_dir, $create_directory = false)

    1200. 

  1200. 	{

    1201. 

  1201. 		global $user, $phpbb_root_path;

    1202. 

  1202. 

    1203. 

  1203. 		// Does the target directory exist, is it a directory and writable.

    1204. 

  1204. 		if ($create_directory)

    1205. 

  1205. 		{

    1206. 

  1206. 			if (!file_exists($phpbb_root_path . $upload_dir))

    1207. 

  1207. 			{

    1208. 

  1208. 				@mkdir($phpbb_root_path . $upload_dir, 0777);

    1209. 

  1209. 				phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE);

    1210. 

  1210. 			}

    1211. 

  1211. 		}

    1212. 

  1212. 

    1213. 

  1213. 		if (!file_exists($phpbb_root_path . $upload_dir))

    1214. 

  1214. 		{

    1215. 

  1215. 			$error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);

    1216. 

  1216. 			return;

    1217. 

  1217. 		}

    1218. 

  1218. 

    1219. 

  1219. 		if (!is_dir($phpbb_root_path . $upload_dir))

    1220. 

  1220. 		{

    1221. 

  1221. 			$error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);

    1222. 

  1222. 			return;

    1223. 

  1223. 		}

    1224. 

  1224. 

    1225. 

  1225. 		if (!phpbb_is_writable($phpbb_root_path . $upload_dir))

    1226. 

  1226. 		{

    1227. 

  1227. 			$error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);

    1228. 

  1228. 			return;

    1229. 

  1229. 		}

    1230. 

  1230. 	}

    1231. 

  1231. 

    1232. 

  1232. 	/**

    1233. 

  1233. 	* Perform operations on sites for external linking

    1234. 

  1234. 	*/

    1235. 

  1235. 	function perform_site_list()

    1236. 

  1236. 	{

    1237. 

  1237. 		global $db, $user;

    1238. 

  1238. 

    1239. 

  1239. 		if (isset($_REQUEST['securesubmit']))

    1240. 

  1240. 		{

    1241. 

  1241. 			// Grab the list of entries

    1242. 

  1242. 			$ips = request_var('ips', '');

    1243. 

  1243. 			$ip_list = array_unique(explode("\n", $ips));

    1244. 

  1244. 			$ip_list_log = implode(', ', $ip_list);

    1245. 

  1245. 

    1246. 

  1246. 			$ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0;

    1247. 

  1247. 

    1248. 

  1248. 			$iplist = array();

    1249. 

  1249. 			$hostlist = array();

    1250. 

  1250. 

    1251. 

  1251. 			foreach ($ip_list as $item)

    1252. 

  1252. 			{

    1253. 

  1253. 				if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))

    1254. 

  1254. 				{

    1255. 

  1255. 					// Don't ask about all this, just don't ask ... !

    1256. 

  1256. 					$ip_1_counter = $ip_range_explode[1];

    1257. 

  1257. 					$ip_1_end = $ip_range_explode[5];

    1258. 

  1258. 

    1259. 

  1259. 					while ($ip_1_counter <= $ip_1_end)

    1260. 

  1260. 					{

    1261. 

  1261. 						$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;

    1262. 

  1262. 						$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];

    1263. 

  1263. 

    1264. 

  1264. 						if ($ip_2_counter == 0 && $ip_2_end == 254)

    1265. 

  1265. 						{

    1266. 

  1266. 							$ip_2_counter = 256;

    1267. 

  1267. 							$ip_2_fragment = 256;

    1268. 

  1268. 

    1269. 

  1269. 							$iplist[] = "'$ip_1_counter.*'";

    1270. 

  1270. 						}

    1271. 

  1271. 

    1272. 

  1272. 						while ($ip_2_counter <= $ip_2_end)

    1273. 

  1273. 						{

    1274. 

  1274. 							$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;

    1275. 

  1275. 							$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];

    1276. 

  1276. 

    1277. 

  1277. 							if ($ip_3_counter == 0 && $ip_3_end == 254)

    1278. 

  1278. 							{

    1279. 

  1279. 								$ip_3_counter = 256;

    1280. 

  1280. 								$ip_3_fragment = 256;

    1281. 

  1281. 

    1282. 

  1282. 								$iplist[] = "'$ip_1_counter.$ip_2_counter.*'";

    1283. 

  1283. 							}

    1284. 

  1284. 

    1285. 

  1285. 							while ($ip_3_counter <= $ip_3_end)

    1286. 

  1286. 							{

    1287. 

  1287. 								$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;

    1288. 

  1288. 								$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];

    1289. 

  1289. 

    1290. 

  1290. 								if ($ip_4_counter == 0 && $ip_4_end == 254)

    1291. 

  1291. 								{

    1292. 

  1292. 									$ip_4_counter = 256;

    1293. 

  1293. 									$ip_4_fragment = 256;

    1294. 

  1294. 

    1295. 

  1295. 									$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";

    1296. 

  1296. 								}

    1297. 

  1297. 

    1298. 

  1298. 								while ($ip_4_counter <= $ip_4_end)

    1299. 

  1299. 								{

    1300. 

  1300. 									$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";

    1301. 

  1301. 									$ip_4_counter++;

    1302. 

  1302. 								}

    1303. 

  1303. 								$ip_3_counter++;

    1304. 

  1304. 							}

    1305. 

  1305. 							$ip_2_counter++;

    1306. 

  1306. 						}

    1307. 

  1307. 						$ip_1_counter++;

    1308. 

  1308. 					}

    1309. 

  1309. 				}

    1310. 

  1310. 				else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))

    1311. 

  1311. 				{

    1312. 

  1312. 					$iplist[] = "'" . trim($item) . "'";

    1313. 

  1313. 				}

    1314. 

  1314. 				else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))

    1315. 

  1315. 				{

    1316. 

  1316. 					$hostlist[] = "'" . trim($item) . "'";

    1317. 

  1317. 				}

    1318. 

  1318. 				else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))

    1319. 

  1319. 				{

    1320. 

  1320. 					$hostlist[] = "'" . trim($item) . "'";

    1321. 

  1321. 				}

    1322. 

  1322. 			}

    1323. 

  1323. 

    1324. 

  1324. 			$sql = 'SELECT site_ip, site_hostname

    1325. 

  1325. 				FROM ' . SITELIST_TABLE . "

    1326. 

  1326. 				WHERE ip_exclude = $ip_exclude";

    1327. 

  1327. 			$result = $db->sql_query($sql);

    1328. 

  1328. 

    1329. 

  1329. 			if ($row = $db->sql_fetchrow($result))

    1330. 

  1330. 			{

    1331. 

  1331. 				$iplist_tmp = array();

    1332. 

  1332. 				$hostlist_tmp = array();

    1333. 

  1333. 				do

    1334. 

  1334. 				{

    1335. 

  1335. 					if ($row['site_ip'])

    1336. 

  1336. 					{

    1337. 

  1337. 						if (strlen($row['site_ip']) > 40)

    1338. 

  1338. 						{

    1339. 

  1339. 							continue;

    1340. 

  1340. 						}

    1341. 

  1341. 

    1342. 

  1342. 						$iplist_tmp[] = "'" . $row['site_ip'] . "'";

    1343. 

  1343. 					}

    1344. 

  1344. 					else if ($row['site_hostname'])

    1345. 

  1345. 					{

    1346. 

  1346. 						if (strlen($row['site_hostname']) > 255)

    1347. 

  1347. 						{

    1348. 

  1348. 							continue;

    1349. 

  1349. 						}

    1350. 

  1350. 

    1351. 

  1351. 						$hostlist_tmp[] = "'" . $row['site_hostname'] . "'";

    1352. 

  1352. 					}

    1353. 

  1353. 					// break;

    1354. 

  1354. 				}

    1355. 

  1355. 				while ($row = $db->sql_fetchrow($result));

    1356. 

  1356. 

    1357. 

  1357. 				$iplist = array_unique(array_diff($iplist, $iplist_tmp));

    1358. 

  1358. 				$hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));

    1359. 

  1359. 				unset($iplist_tmp);

    1360. 

  1360. 				unset($hostlist_tmp);

    1361. 

  1361. 			}

    1362. 

  1362. 			$db->sql_freeresult($result);

    1363. 

  1363. 

    1364. 

  1364. 			if (sizeof($iplist))

    1365. 

  1365. 			{

    1366. 

  1366. 				foreach ($iplist as $ip_entry)

    1367. 

  1367. 				{

    1368. 

  1368. 					$sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)

    1369. 

  1369. 						VALUES ($ip_entry, $ip_exclude)";

    1370. 

  1370. 					$db->sql_query($sql);

    1371. 

  1371. 				}

    1372. 

  1372. 			}

    1373. 

  1373. 

    1374. 

  1374. 			if (sizeof($hostlist))

    1375. 

  1375. 			{

    1376. 

  1376. 				foreach ($hostlist as $host_entry)

    1377. 

  1377. 				{

    1378. 

  1378. 					$sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude)

    1379. 

  1379. 						VALUES ($host_entry, $ip_exclude)";

    1380. 

  1380. 					$db->sql_query($sql);

    1381. 

  1381. 				}

    1382. 

  1382. 			}

    1383. 

  1383. 

    1384. 

  1384. 			if (!empty($ip_list_log))

    1385. 

  1385. 			{

    1386. 

  1386. 				// Update log

    1387. 

  1387. 				$log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';

    1388. 

  1388. 				add_log('admin', $log_entry, $ip_list_log);

    1389. 

  1389. 			}

    1390. 

  1390. 

    1391. 

  1391. 			trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));

    1392. 

  1392. 		}

    1393. 

  1393. 		else if (isset($_POST['unsecuresubmit']))

    1394. 

  1394. 		{

    1395. 

  1395. 			$unip_sql = request_var('unip', array(0));

    1396. 

  1396. 

    1397. 

  1397. 			if (sizeof($unip_sql))

    1398. 

  1398. 			{

    1399. 

  1399. 				$l_unip_list = '';

    1400. 

  1400. 

    1401. 

  1401. 				// Grab details of ips for logging information later

    1402. 

  1402. 				$sql = 'SELECT site_ip, site_hostname

    1403. 

  1403. 					FROM ' . SITELIST_TABLE . '

    1404. 

  1404. 					WHERE ' . $db->sql_in_set('site_id', $unip_sql);

    1405. 

  1405. 				$result = $db->sql_query($sql);

    1406. 

  1406. 

    1407. 

  1407. 				while ($row = $db->sql_fetchrow($result))

    1408. 

  1408. 				{

    1409. 

  1409. 					$l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);

    1410. 

  1410. 				}

    1411. 

  1411. 				$db->sql_freeresult($result);

    1412. 

  1412. 

    1413. 

  1413. 				$sql = 'DELETE FROM ' . SITELIST_TABLE . '

    1414. 

  1414. 					WHERE ' . $db->sql_in_set('site_id', $unip_sql);

    1415. 

  1415. 				$db->sql_query($sql);

    1416. 

  1416. 

    1417. 

  1417. 				add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);

    1418. 

  1418. 			}

    1419. 

  1419. 

    1420. 

  1420. 			trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));

    1421. 

  1421. 		}

    1422. 

  1422. 	}

    1423. 

  1423. 

    1424. 

  1424. 	/**

    1425. 

  1425. 	* Write display_order config field

    1426. 

  1426. 	*/

    1427. 

  1427. 	function display_order($value, $key = '')

    1428. 

  1428. 	{

    1429. 

  1429. 		$radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING');

    1430. 

  1430. 

    1431. 

  1431. 		return h_radio('config[display_order]', $radio_ary, $value, $key);

    1432. 

  1432. 	}

    1433. 

  1433. 

    1434. 

  1434. 	/**

    1435. 

  1435. 	* Adjust all three max_filesize config vars for display

    1436. 

  1436. 	*/

    1437. 

  1437. 	function max_filesize($value, $key = '')

    1438. 

  1438. 	{

    1439. 

  1439. 		// Determine size var and adjust the value accordingly

    1440. 

  1440. 		$filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b'));

    1441. 

  1441. 		$size_var = $filesize['si_identifier'];

    1442. 

  1442. 		$value = $filesize['value'];

    1443. 

  1443. 

    1444. 

  1444. 		return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';

    1445. 

  1445. 	}

    1446. 

  1446. 

    1447. 

  1447. 	/**

    1448. 

  1448. 	* Write secure_allow_deny config field

    1449. 

  1449. 	*/

    1450. 

  1450. 	function select_allow_deny($value, $key = '')

    1451. 

  1451. 	{

    1452. 

  1452. 		$radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW');

    1453. 

  1453. 

    1454. 

  1454. 		return h_radio('config[' . $key . ']', $radio_ary, $value, $key);

    1455. 

  1455. 	}

    1456. 

  1456. 

    1457. 

  1457. }

    1458. 

  1458. 

    1459. 

  1459. ?>
    1460.