$str .= "\n1"; $str .= "\n" . htmlentities(stripslashes($_POST['topicName'])) . "\nfalse\nfalse"; file_put_contents("db/Topics/" . $total . "/topic.dat", $str); $str = $_GET['forumId']; $str .= "~" . $total; $str .= "~0"; $str .= "~" . $_SESSION['user']->getUserId(); $str .= "~" . date("G:i:s, j M Y"); $postString = stripslashes($_POST['message']); $postString = str_replace("\n", "", $postString); $postString = str_replace("\r\n", "", $postString); $postString = str_replace("\r", "", $postString); preg_match_all("/<img.*? \\/>/", $postString, $matches); foreach ($matches[0] as $match) { $url = substr(substr(strstr($match, 'src="'), 5), 0, strpos(substr(strstr($match, 'src="'), 5), '"')); if (@urlfilesize($url, "kb") <= 200) { $imgDimensions = @getimagesize($url); if ($imgDimensions[0] > 600 || $imgDimensions[1] > 600 || $imgDimensions == false) { $postString = str_replace($match, "", $postString); } } else { $postString = str_replace($match, "", $postString); } } $postString = strip_tags($postString, '<p><br><b><i><u><strong><em><li><ul><ol><img><table><tr><td><hr><font><span><sub><sup><tbody><blockquote>'); $str .= "~" . $postString; file_put_contents("db/Topics/" . $total . "/posts.dat", $str . "\n"); //********************* $fileC = file("db/Users/" . $_SESSION['user']->getUserId() . ".dat", FILE_IGNORE_NEW_LINES); $fileC[3] = trim($fileC[3]) + 1; $fileC[4] = trim($fileC[4]) + 1;
if (@urlfilesize($url, "kb") <= 200) { $imgDimensions = @getimagesize($url); if ($imgDimensions[0] > 600 || $imgDimensions[1] > 600 || $imgDimensions == false) { $sigStr = str_replace($match, "", $sigStr); } } else { $sigStr = str_replace($match, "", $sigStr); } } $sigStr = strip_tags($sigStr, '<p><br><b><i><u><strong><em><li><ul><ol><img><table><tr><td><hr><font><span><sub><sup><tbody><blockquote>'); if ($_POST['hideEmail'] == 'yes') { $hideEmail = 1; } else { $hideEmail = 0; } if (@urlfilesize($_POST['avatar'], "kb") <= 100) { $imgDimensions = @getimagesize($_POST['avatar']); if ($imgDimensions[0] <= 70 && $imgDimensions[1] <= 70 && $imgDimensions != false) { $img = $_POST['avatar']; } else { $img = ""; } } else { $img = ""; } $newUserStr = $_SESSION['user']->getUserId() . "\n" . trim(stripslashes($_POST['password'])) . "\nfalse\n" . $_SESSION['user']->getNoTopics() . "\n" . $_SESSION['user']->getNoPosts() . "\n" . $_SESSION['user']->getJoinDate() . "\n" . $_SESSION['user']->getLevel() . "\n" . $sigStr . "\n" . trim(stripslashes($_POST['email'])) . "\n" . $hideEmail . "\n" . $img; file_put_contents("db/Users/" . $_SESSION['user']->getUserId() . ".dat", $newUserStr); $temp = new User($newUserStr); $_SESSION['loggedIn'] = true; $_SESSION['user'] = $temp; header("location: editUser.php?userId=" . $_SESSION['user']->getUserId());
/** * download the file * * @param STRING $file - file path eg /var/www/j30/media/com_quick2cart/qtc_pack.zip * @param STRING $filename_direct - for direct download it will be file path like http:// * localhost/j30/media/com_quick2cart/qtc_pack.zip -- for FUTURE SCOPE * @param STRING $extern - for direct download it will be file path like http:// * @param STRING $exitHere - for direct download it will be file path like http:// * * @return html */ public function download($file, $filename_direct = '', $extern = '', $exitHere = 1) { $productHelper = new productHelper(); global $jlistConfig, $mainframe; $app = JFactory::getApplication(); $view_types = array(); // ALLOWED FILE EXTENTION $view_types = explode(',', $jlistConfig['file.types.view']); clearstatcache(); // Existiert file - wenn nicht error if (!$extern) { if (!file_exists($file)) { return 2; } else { $len = filesize($file); } } else { $len = urlfilesize($file); } // If url go to other website - open it in a new browser window /* if ($extern_site){ echo "<script>document.location.href='$file';</script>\n"; exit; }*/ // If set the option for direct link to the file // If (0 || !$jlistConfig['use.php.script.for.download']){ if (0) { if (empty($filename_direct)) { $app->redirect($file); } else { $app->redirect($filename_direct); } } else { $filename = basename($file); $file_extension = strtolower(substr(strrchr($filename, "."), 1)); $ctype = $productHelper->datei_mime($file_extension); ob_end_clean(); // Needed for MS IE - otherwise content disposition is not used? if (ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } header("Cache-Control: public, must-revalidate"); header('Cache-Control: pre-check=0, post-check=0, max-age=0'); header("Expires: 0"); header("Content-Description: File Transfer"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Content-Type: " . $ctype); header("Content-Length: " . (string) $len); // If valid extention // If (!in_array($file_extension, $view_types)){ header('Content-Disposition: attachment; filename="' . $filename . '"'); /* } else { view file in browser header('Content-Disposition: inline; filename="'.$filename.'"'); }*/ header("Content-Transfer-Encoding: binary\n"); // redirect to category when it is set the time /* if (intval($jlistConfig['redirect.after.download']) > 0){ header( "refresh:".$jlistConfig['redirect.after.download']."; url=".$redirect_to ); }*/ // set_time_limit doesn't work in safe mode if (!ini_get('safe_mode')) { @set_time_limit(0); } @readfile($file); } if ($exitHere == 1) { exit; } }