PageRenderTime 53ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/modules/PNphpBB2/attach_mod/includes/functions_admin.php

https://gitlab.com/bulwye/reliquerunt
PHP | 550 lines | 415 code | 88 blank | 47 comment | 124 complexity | 5b3daba2235888692e69e93f528b4608 MD5 | raw file
    

  1. <?php

    2. 

  2. /** 

    3. 

  3. *

    4. 

  4. * @package attachment_mod

    5. 

  5. * @version $Id: functions_admin.php,v 1.4 2006/04/22 16:21:09 acydburn Exp $

    6. 

  6. * @copyright (c) 2002 Meik Sievertsen

    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License 

    8. 

  8. *

    9. 

  9. */

    10. 

  10. 

    11. 

  11. /**

    12. 

  12. * All Attachment Functions only needed in Admin

    13. 

  13. */

    14. 

  14. 

    15. 

  15. /**

    16. 

  16. * Set/Change Quotas

    17. 

  17. */

    18. 

  18. function process_quota_settings($mode, $id, $quota_type, $quota_limit_id = 0)

    19. 

  19. {

    20. 

  20. 	global $db;

    21. 

  21. 

    22. 

  22. 	$id = (int) $id;

    23. 

  23. 	$quota_type = (int) $quota_type;

    24. 

  24. 	$quota_limit_id = (int) $quota_limit_id;

    25. 

  25. 

    26. 

  26. 	if ($mode == 'user')

    27. 

  27. 	{

    28. 

  28. 		if (!$quota_limit_id)

    29. 

  29. 		{

    30. 

  30. 			$sql = 'DELETE FROM ' . QUOTA_TABLE . "

    31. 

  31. 				WHERE user_id = $id

    32. 

  32. 					AND quota_type = $quota_type";

    33. 

  33. 		}

    34. 

  34. 		else

    35. 

  35. 		{

    36. 

  36. 			// Check if user is already entered

    37. 

  37. 			$sql = 'SELECT user_id 

    38. 

  38. 				FROM ' . QUOTA_TABLE . " 

    39. 

  39. 				WHERE user_id = $id

    40. 

  40. 					AND quota_type = $quota_type";

    41. 

  41. 

    42. 

  42. 			if (!($result = $db->sql_query($sql)))

    43. 

  43. 			{

    44. 

  44. 				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);

    45. 

  45. 			}

    46. 

  46. 

    47. 

  47. 			if ($db->sql_numrows($result) == 0)

    48. 

  48. 			{

    49. 

  49. 				$sql_ary = array(

    50. 

  50. 					'user_id'		=> (int) $id,

    51. 

  51. 					'group_id'		=> 0,

    52. 

  52. 					'quota_type'	=> (int) $quota_type,

    53. 

  53. 					'quota_limit_id'=> (int) $quota_limit_id

    54. 

  54. 				);

    55. 

  55. 

    56. 

  56. 				$sql = 'INSERT INTO ' . QUOTA_TABLE . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary);

    57. 

  57. 			}

    58. 

  58. 			else

    59. 

  59. 			{

    60. 

  60. 				$sql = 'UPDATE ' . QUOTA_TABLE . "

    61. 

  61. 					SET quota_limit_id = $quota_limit_id

    62. 

  62. 					WHERE user_id = $id

    63. 

  63. 						AND quota_type = $quota_type";

    64. 

  64. 			}

    65. 

  65. 			$db->sql_freeresult($result);

    66. 

  66. 		}

    67. 

  67. 	

    68. 

  68. 		if (!($result = $db->sql_query($sql)))

    69. 

  69. 		{

    70. 

  70. 			message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);

    71. 

  71. 		}

    72. 

  72. 		

    73. 

  73. 	}

    74. 

  74. 	else if ($mode == 'group')

    75. 

  75. 	{

    76. 

  76. 		if (!$quota_limit_id)

    77. 

  77. 		{

    78. 

  78. 			$sql = 'DELETE FROM ' . QUOTA_TABLE . " 

    79. 

  79. 				WHERE group_id = $id 

    80. 

  80. 					AND quota_type = $quota_type";

    81. 

  81. 

    82. 

  82. 			if (!($result = $db->sql_query($sql)))

    83. 

  83. 			{

    84. 

  84. 				message_die(GENERAL_ERROR, 'Unable to delete quota Settings', '', __LINE__, __FILE__, $sql);

    85. 

  85. 			}

    86. 

  86. 		}

    87. 

  87. 		else

    88. 

  88. 		{

    89. 

  89. 			// Check if user is already entered

    90. 

  90. 			$sql = 'SELECT group_id 

    91. 

  91. 				FROM ' . QUOTA_TABLE . " 

    92. 

  92. 				WHERE group_id = $id 

    93. 

  93. 					AND quota_type = $quota_type";

    94. 

  94. 

    95. 

  95. 			if (!($result = $db->sql_query($sql)))

    96. 

  96. 			{

    97. 

  97. 				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);

    98. 

  98. 			}

    99. 

  99. 

    100. 

  100. 			if ($db->sql_numrows($result) == 0)

    101. 

  101. 			{

    102. 

  102. 				$sql = 'INSERT INTO ' . QUOTA_TABLE . " (user_id, group_id, quota_type, quota_limit_id) 

    103. 

  103. 					VALUES (0, $id, $quota_type, $quota_limit_id)";

    104. 

  104. 			}

    105. 

  105. 			else

    106. 

  106. 			{

    107. 

  107. 				$sql = 'UPDATE ' . QUOTA_TABLE . " SET quota_limit_id = $quota_limit_id 

    108. 

  108. 					WHERE group_id = $id AND quota_type = $quota_type";

    109. 

  109. 			}

    110. 

  110. 	

    111. 

  111. 			if (!$db->sql_query($sql))

    112. 

  112. 			{

    113. 

  113. 				message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);

    114. 

  114. 			}

    115. 

  115. 		}

    116. 

  116. 	}

    117. 

  117. }

    118. 

  118. 

    119. 

  119. /**

    120. 

  120. * sort multi-dimensional Array

    121. 

  121. */

    122. 

  122. function sort_multi_array ($sort_array, $key, $sort_order, $pre_string_sort = 0) 

    123. 

  123. {

    124. 

  124. 	$last_element = sizeof($sort_array) - 1;

    125. 

  125. 

    126. 

  126. 	if (!$pre_string_sort)

    127. 

  127. 	{

    128. 

  128. 		$string_sort = (!is_numeric($sort_array[$last_element-1][$key]) ) ? true : false;

    129. 

  129. 	}

    130. 

  130. 	else

    131. 

  131. 	{

    132. 

  132. 		$string_sort = $pre_string_sort;

    133. 

  133. 	}

    134. 

  134. 

    135. 

  135. 	for ($i = 0; $i < $last_element; $i++) 

    136. 

  136. 	{

    137. 

  137. 		$num_iterations = $last_element - $i;

    138. 

  138. 

    139. 

  139. 		for ($j = 0; $j < $num_iterations; $j++) 

    140. 

  140. 		{

    141. 

  141. 			$next = 0;

    142. 

  142. 

    143. 

  143. 			// do checks based on key

    144. 

  144. 			$switch = false;

    145. 

  145. 			if (!$string_sort)

    146. 

  146. 			{

    147. 

  147. 				if (($sort_order == 'DESC' && intval($sort_array[$j][$key]) < intval($sort_array[$j + 1][$key])) || ($sort_order == 'ASC' && intval($sort_array[$j][$key]) > intval($sort_array[$j + 1][$key])))

    148. 

  148. 				{

    149. 

  149. 					$switch = true;

    150. 

  150. 				}

    151. 

  151. 			}

    152. 

  152. 			else

    153. 

  153. 			{

    154. 

  154. 				if (($sort_order == 'DESC' && strcasecmp($sort_array[$j][$key], $sort_array[$j + 1][$key]) < 0) || ($sort_order == 'ASC' && strcasecmp($sort_array[$j][$key], $sort_array[$j + 1][$key]) > 0))

    155. 

  155. 				{

    156. 

  156. 					$switch = true;

    157. 

  157. 				}

    158. 

  158. 			}

    159. 

  159. 

    160. 

  160. 			if ($switch)

    161. 

  161. 			{

    162. 

  162. 				$temp = $sort_array[$j];

    163. 

  163. 				$sort_array[$j] = $sort_array[$j + 1];

    164. 

  164. 				$sort_array[$j + 1] = $temp;

    165. 

  165. 			}

    166. 

  166. 		}

    167. 

  167. 	}

    168. 

  168. 

    169. 

  169. 	return $sort_array;

    170. 

  170. }

    171. 

  171. 

    172. 

  172. /**

    173. 

  173. * See if a post or pm really exist

    174. 

  174. */

    175. 

  175. function entry_exists($attach_id)

    176. 

  176. {

    177. 

  177. 	global $db;

    178. 

  178. 

    179. 

  179. 	$attach_id = (int) $attach_id;

    180. 

  180. 

    181. 

  181. 	if (!$attach_id)

    182. 

  182. 	{

    183. 

  183. 		return false;

    184. 

  184. 	}

    185. 

  185. 	

    186. 

  186. 	$sql = 'SELECT post_id, privmsgs_id

    187. 

  187. 		FROM ' . ATTACHMENTS_TABLE . "

    188. 

  188. 		WHERE attach_id = $attach_id";

    189. 

  189. 	$result = $db->sql_query($sql);

    190. 

  190. 

    191. 

  191. 	if (!$result)

    192. 

  192. 	{

    193. 

  193. 		message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);

    194. 

  194. 	}

    195. 

  195. 

    196. 

  196. 	$ids = $db->sql_fetchrowset($result);

    197. 

  197. 	$num_ids = $db->sql_numrows($result);

    198. 

  198. 	$db->sql_freeresult($result);

    199. 

  199. 

    200. 

  200. 	$exists = false;

    201. 

  201. 	

    202. 

  202. 	for ($i = 0; $i < $num_ids; $i++)

    203. 

  203. 	{

    204. 

  204. 		if (intval($ids[$i]['post_id']) != 0)

    205. 

  205. 		{

    206. 

  206. 			$sql = 'SELECT post_id

    207. 

  207. 				FROM ' . POSTS_TABLE . '

    208. 

  208. 				WHERE post_id = ' . intval($ids[$i]['post_id']);

    209. 

  209. 		}

    210. 

  210. 		else if (intval($ids[$i]['privmsgs_id']) != 0)

    211. 

  211. 		{

    212. 

  212. 			$sql = 'SELECT privmsgs_id

    213. 

  213. 				FROM ' . PRIVMSGS_TABLE . '

    214. 

  214. 				WHERE privmsgs_id = ' . intval($ids[$i]['privmsgs_id']);

    215. 

  215. 		}

    216. 

  216. 		$result = $db->sql_query($sql);

    217. 

  217. 

    218. 

  218. 		if (!$result)

    219. 

  219. 		{

    220. 

  220. 			message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);

    221. 

  221. 		}

    222. 

  222. 	

    223. 

  223. 		$num_rows = $db->sql_numrows($result);

    224. 

  224. 		$db->sql_freeresult($result);

    225. 

  225. 

    226. 

  226. 		if ($num_rows > 0)

    227. 

  227. 		{

    228. 

  228. 			$exists = true;

    229. 

  229. 			break;

    230. 

  230. 		}

    231. 

  231. 	}

    232. 

  232. 

    233. 

  233. 	return $exists;

    234. 

  234. }

    235. 

  235. 

    236. 

  236. /**

    237. 

  237. * Collect all Attachments in Filesystem

    238. 

  238. */

    239. 

  239. function collect_attachments()

    240. 

  240. {

    241. 

  241. 	global $upload_dir, $attach_config;

    242. 

  242. 

    243. 

  243. 	$file_attachments = array(); 

    244. 

  244. 

    245. 

  245. 	if (!intval($attach_config['allow_ftp_upload']))

    246. 

  246. 	{

    247. 

  247. 		if ($dir = @opendir($upload_dir))

    248. 

  248. 		{

    249. 

  249. 			while ($file = @readdir($dir))

    250. 

  250. 			{

    251. 

  251. 				if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file))

    252. 

  252. 				{

    253. 

  253. 					$file_attachments[] = trim($file);

    254. 

  254. 				}

    255. 

  255. 			}

    256. 

  256. 		

    257. 

  257. 			closedir($dir);

    258. 

  258. 		}

    259. 

  259. 		else

    260. 

  260. 		{

    261. 

  261. 			message_die(GENERAL_ERROR, 'Is Safe Mode Restriction in effect? The Attachment Mod seems to be unable to collect the Attachments within the upload Directory. Try to use FTP Upload to circumvent this error. Another reason could be that the directory ' . $upload_dir . ' does not exist.');

    262. 

  262. 		}

    263. 

  263. 	}

    264. 

  264. 	else

    265. 

  265. 	{

    266. 

  266. 		$conn_id = attach_init_ftp();

    267. 

  267. 

    268. 

  268. 		$file_listing = array();

    269. 

  269. 

    270. 

  270. 		$file_listing = @ftp_rawlist($conn_id, '');

    271. 

  271. 

    272. 

  272. 		if (!$file_listing)

    273. 

  273. 		{

    274. 

  274. 			message_die(GENERAL_ERROR, 'Unable to get Raw File Listing. Please be sure the LIST command is enabled at your FTP Server.');

    275. 

  275. 		}

    276. 

  276. 

    277. 

  277. 		for ($i = 0; $i < sizeof($file_listing); $i++)

    278. 

  278. 		{

    279. 

  279. 			if (ereg("([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)", $file_listing[$i], $regs))

    280. 

  280. 			{

    281. 

  281. 				if ($regs[1] == 'd') 

    282. 

  282. 				{	

    283. 

  283. 					$dirinfo[0] = 1;	// Directory == 1

    284. 

  284. 				}

    285. 

  285. 				$dirinfo[1] = $regs[2]; // Size

    286. 

  286. 				$dirinfo[2] = $regs[3]; // Date

    287. 

  287. 				$dirinfo[3] = $regs[4]; // Filename

    288. 

  288. 				$dirinfo[4] = $regs[5]; // Time

    289. 

  289. 			}

    290. 

  290. 			

    291. 

  291. 			if ($dirinfo[0] != 1 && $dirinfo[4] != 'index.php' && $dirinfo[4] != '.htaccess')

    292. 

  292. 			{

    293. 

  293. 				$file_attachments[] = trim($dirinfo[4]);

    294. 

  294. 			}

    295. 

  295. 		}

    296. 

  296. 

    297. 

  297. 		@ftp_quit($conn_id);

    298. 

  298. 	}

    299. 

  299. 

    300. 

  300. 	return $file_attachments;

    301. 

  301. }

    302. 

  302. 

    303. 

  303. /**

    304. 

  304. * Returns the filesize of the upload directory in human readable format

    305. 

  305. */

    306. 

  306. function get_formatted_dirsize()

    307. 

  307. {

    308. 

  308. 	global $attach_config, $upload_dir, $lang;

    309. 

  309. 

    310. 

  310. 	$upload_dir_size = 0;

    311. 

  311. 

    312. 

  312. 	if (!intval($attach_config['allow_ftp_upload']))

    313. 

  313. 	{

    314. 

  314. 		if ($dirname = @opendir($upload_dir))

    315. 

  315. 		{

    316. 

  316. 			while ($file = @readdir($dirname))

    317. 

  317. 			{

    318. 

  318. 				if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file))

    319. 

  319. 				{

    320. 

  320. 					$upload_dir_size += @filesize($upload_dir . '/' . $file);

    321. 

  321. 				}

    322. 

  322. 			}

    323. 

  323. 			@closedir($dirname);

    324. 

  324. 		}

    325. 

  325. 		else

    326. 

  326. 		{

    327. 

  327. 			$upload_dir_size = $lang['Not_available'];

    328. 

  328. 			return $upload_dir_size;

    329. 

  329. 		}

    330. 

  330. 	}

    331. 

  331. 	else

    332. 

  332. 	{

    333. 

  333. 		$conn_id = attach_init_ftp();

    334. 

  334. 

    335. 

  335. 		$file_listing = array();

    336. 

  336. 

    337. 

  337. 		$file_listing = @ftp_rawlist($conn_id, '');

    338. 

  338. 

    339. 

  339. 		if (!$file_listing)

    340. 

  340. 		{

    341. 

  341. 			$upload_dir_size = $lang['Not_available'];

    342. 

  342. 			return $upload_dir_size;

    343. 

  343. 		}

    344. 

  344. 

    345. 

  345. 		for ($i = 0; $i < count($file_listing); $i++)

    346. 

  346. 		{

    347. 

  347. 			if (ereg("([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)", $file_listing[$i], $regs))

    348. 

  348. 			{

    349. 

  349. 				if ($regs[1] == 'd') 

    350. 

  350. 				{	

    351. 

  351. 					$dirinfo[0] = 1;	// Directory == 1

    352. 

  352. 				}

    353. 

  353. 				$dirinfo[1] = $regs[2]; // Size

    354. 

  354. 				$dirinfo[2] = $regs[3]; // Date

    355. 

  355. 				$dirinfo[3] = $regs[4]; // Filename

    356. 

  356. 				$dirinfo[4] = $regs[5]; // Time

    357. 

  357. 			}

    358. 

  358. 			

    359. 

  359. 			if ($dirinfo[0] != 1 && $dirinfo[4] != 'index.php' && $dirinfo[4] != '.htaccess')

    360. 

  360. 			{

    361. 

  361. 				$upload_dir_size += $dirinfo[1];

    362. 

  362. 			}

    363. 

  363. 		}

    364. 

  364. 

    365. 

  365. 		@ftp_quit($conn_id);

    366. 

  366. 	}

    367. 

  367. 

    368. 

  368. 	if ($upload_dir_size >= 1048576)

    369. 

  369. 	{

    370. 

  370. 		$upload_dir_size = round($upload_dir_size / 1048576 * 100) / 100 . ' ' . $lang['MB'];

    371. 

  371. 	}

    372. 

  372. 	else if ($upload_dir_size >= 1024)

    373. 

  373. 	{

    374. 

  374. 		$upload_dir_size = round($upload_dir_size / 1024 * 100) / 100 . ' ' . $lang['KB'];

    375. 

  375. 	}

    376. 

  376. 	else

    377. 

  377. 	{

    378. 

  378. 		$upload_dir_size = $upload_dir_size . ' ' . $lang['Bytes'];

    379. 

  379. 	}

    380. 

  380. 

    381. 

  381. 	return $upload_dir_size;

    382. 

  382. }

    383. 

  383. 

    384. 

  384. /*

    385. 

  385. * Build SQL-Statement for the search feature

    386. 

  386. */

    387. 

  387. function search_attachments($order_by, &$total_rows)

    388. 

  388. {

    389. 

  389. 	global $db, $HTTP_POST_VARS, $HTTP_GET_VARS, $lang;

    390. 

  390. 	

    391. 

  391. 	$where_sql = array();

    392. 

  392. 

    393. 

  393. 	// Get submitted Vars

    394. 

  394. 	$search_vars = array('search_keyword_fname', 'search_keyword_comment', 'search_author', 'search_size_smaller', 'search_size_greater', 'search_count_smaller', 'search_count_greater', 'search_days_greater', 'search_forum', 'search_cat');

    395. 

  395. 	

    396. 

  396. 	for ($i = 0; $i < sizeof($search_vars); $i++)

    397. 

  397. 	{

    398. 

  398. 		$$search_vars[$i] = get_var($search_vars[$i], '');

    399. 

  399. 	}

    400. 

  400. 

    401. 

  401. 	// Author name search 

    402. 

  402. 	if ($search_author != '')

    403. 

  403. 	{

    404. 

  404. 		// Bring in line with 2.0.x expected username

    405. 

  405. 		$search_author = addslashes(html_entity_decode($search_author));

    406. 

  406. 		$search_author = stripslashes(phpbb_clean_username($search_author));

    407. 

  407. 

    408. 

  408. 		// Prepare for directly going into sql query

    409. 

  409. 		$search_author = str_replace('*', '%', attach_mod_sql_escape($search_author));

    410. 

  410. 

    411. 

  411. 		// We need the post_id's, because we want to query the Attachment Table

    412. 

  412. 		$sql = 'SELECT user_id

    413. 

  413. 			FROM ' . USERS_TABLE . "

    414. 

  414. 			WHERE username LIKE '$search_author'";

    415. 

  415. 

    416. 

  416. 		if (!($result = $db->sql_query($sql)))

    417. 

  417. 		{

    418. 

  418. 			message_die(GENERAL_ERROR, 'Couldn\'t obtain list of matching users (searching for: ' . $search_author . ')', '', __LINE__, __FILE__, $sql);

    419. 

  419. 		}

    420. 

  420. 

    421. 

  421. 		$matching_userids = '';

    422. 

  422. 		if ($row = $db->sql_fetchrow($result))

    423. 

  423. 		{

    424. 

  424. 			do

    425. 

  425. 			{

    426. 

  426. 				$matching_userids .= (($matching_userids != '') ? ', ' : '') . intval($row['user_id']);

    427. 

  427. 			}

    428. 

  428. 			while ($row = $db->sql_fetchrow($result));

    429. 

  429. 			

    430. 

  430. 			$db->sql_freeresult($result);

    431. 

  431. 		}

    432. 

  432. 		else

    433. 

  433. 		{

    434. 

  434. 			message_die(GENERAL_MESSAGE, $lang['No_attach_search_match']);

    435. 

  435. 		}

    436. 

  436. 

    437. 

  437. 		$where_sql[] = ' (t.user_id_1 IN (' . $matching_userids . ')) ';

    438. 

  438. 	}

    439. 

  439. 

    440. 

  440. 	// Search Keyword

    441. 

  441. 	if ($search_keyword_fname != '')

    442. 

  442. 	{

    443. 

  443. 		$match_word = str_replace('*', '%', $search_keyword_fname);

    444. 

  444. 		$where_sql[] = " (a.real_filename LIKE '" . attach_mod_sql_escape($match_word) . "') ";

    445. 

  445. 	}

    446. 

  446. 

    447. 

  447. 	if ($search_keyword_comment != '')

    448. 

  448. 	{

    449. 

  449. 		$match_word = str_replace('*', '%', $search_keyword_comment);

    450. 

  450. 		$where_sql[] = " (a.comment LIKE '" . attach_mod_sql_escape($match_word) . "') ";

    451. 

  451. 	}

    452. 

  452. 

    453. 

  453. 	// Search Download Count

    454. 

  454. 	if ($search_count_smaller != '' || $search_count_greater != '')

    455. 

  455. 	{

    456. 

  456. 		if ($search_count_smaller != '')

    457. 

  457. 		{

    458. 

  458. 			$where_sql[] = ' (a.download_count < ' . (int) $search_count_smaller . ') ';

    459. 

  459. 		}

    460. 

  460. 		else if ($search_count_greater != '')

    461. 

  461. 		{

    462. 

  462. 			$where_sql[] = ' (a.download_count > ' . (int) $search_count_greater . ') ';

    463. 

  463. 		}

    464. 

  464. 	}

    465. 

  465. 

    466. 

  466. 	// Search Filesize

    467. 

  467. 	if ($search_size_smaller != '' || $search_size_greater != '')

    468. 

  468. 	{

    469. 

  469. 		if ($search_size_smaller != '')

    470. 

  470. 		{

    471. 

  471. 			$where_sql[] = ' (a.filesize < ' . (int) $search_size_smaller . ') ';

    472. 

  472. 		}

    473. 

  473. 		else if ($search_size_greater != '')

    474. 

  474. 		{

    475. 

  475. 			$where_sql[] = ' (a.filesize > ' . (int) $search_size_greater . ') ';

    476. 

  476. 		}

    477. 

  477. 	}

    478. 

  478. 

    479. 

  479. 	// Search Attachment Time

    480. 

  480. 	if ($search_days_greater != '')

    481. 

  481. 	{

    482. 

  482. 		$where_sql[] = ' (a.filetime < ' . ( time() - ((int) $search_days_greater * 86400)) . ') ';

    483. 

  483. 	}

    484. 

  484. 

    485. 

  485. 	// Search Forum

    486. 

  486. 	if ($search_forum)

    487. 

  487. 	{

    488. 

  488. 		$where_sql[] = ' (p.forum_id = ' . intval($search_forum) . ') ';

    489. 

  489. 	}

    490. 

  490. 	

    491. 

  491. 	// Search Cat... nope... sorry :(

    492. 

  492. 

    493. 

  493. 	$sql = 'SELECT a.*, t.post_id, p.post_time, p.topic_id

    494. 

  494. 		FROM ' . ATTACHMENTS_TABLE . ' t, ' . ATTACHMENTS_DESC_TABLE . ' a, ' . POSTS_TABLE . ' p WHERE ';

    495. 

  495. 	

    496. 

  496. 	if (sizeof($where_sql) > 0)

    497. 

  497. 	{

    498. 

  498. 		$sql .= implode('AND', $where_sql) . ' AND ';

    499. 

  499. 	}

    500. 

  500. 

    501. 

  501. 	$sql .= 't.post_id = p.post_id AND a.attach_id = t.attach_id ';

    502. 

  502. 	

    503. 

  503. 	$total_rows_sql = $sql;

    504. 

  504. 

    505. 

  505. 	$sql .= $order_by; 

    506. 

  506. 

    507. 

  507. 	if (!($result = $db->sql_query($sql)))

    508. 

  508. 	{

    509. 

  509. 		message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql);

    510. 

  510. 	}

    511. 

  511. 

    512. 

  512. 	$attachments = $db->sql_fetchrowset($result);

    513. 

  513. 	$num_attach = $db->sql_numrows($result);

    514. 

  514. 	$db->sql_freeresult($result);

    515. 

  515. 

    516. 

  516. 	if ($num_attach == 0)

    517. 

  517. 	{

    518. 

  518. 		message_die(GENERAL_MESSAGE, $lang['No_attach_search_match']);

    519. 

  519. 	}

    520. 

  520. 

    521. 

  521. 	if (!($result = $db->sql_query($total_rows_sql)))

    522. 

  522. 	{

    523. 

  523. 		message_die(GENERAL_ERROR, 'Could not query attachments', '', __LINE__, __FILE__, $sql);

    524. 

  524. 	}

    525. 

  525. 

    526. 

  526. 	$total_rows = $db->sql_numrows($result);

    527. 

  527. 	$db->sql_freeresult($result);

    528. 

  528. 

    529. 

  529. 	return $attachments;

    530. 

  530. }

    531. 

  531. 

    532. 

  532. /**

    533. 

  533. * perform LIMIT statement on arrays

    534. 

  534. */

    535. 

  535. function limit_array($array, $start, $pagelimit)

    536. 

  536. {

    537. 

  537. 	// array from start - start+pagelimit

    538. 

  538. 	$limit = (sizeof($array) < ($start + $pagelimit)) ? sizeof($array) : $start + $pagelimit;

    539. 

  539. 

    540. 

  540. 	$limit_array = array();

    541. 

  541. 

    542. 

  542. 	for ($i = $start; $i < $limit; $i++)

    543. 

  543. 	{

    544. 

  544. 		$limit_array[] = $array[$i];

    545. 

  545. 	}

    546. 

  546. 

    547. 

  547. 	return $limit_array;

    548. 

  548. }

    549. 

  549. 

    550. 

  550. ?>
    551.