Example #1
0
     $search_by = Filter::input('sby', 'get');
     $html .= View::ShowStaticPage('user_find.html', $st_subdir . 'user/');
     if ($search_by and $input and (preg_match("/^[a-zA-Z0-9_-]+\$/", $input) or preg_match("/[0-9.]+\$/", $input) or preg_match("/[0-9]+\$/", $input))) {
         $controlManager = new ControlManager(false, 'index.php?mode=control&do=search&sby=' . $search_by . '&input=' . $input . '&');
         $html .= $controlManager->ShowUserListing($curlist, $search_by, $input);
     }
     $do = false;
     break;
 case 'ipbans':
     $timeout = Filter::input('timeout', 'post', 'int');
     if ($timeout) {
         sqlConfigSet('next-reg-time', $timeout);
         sqlConfigSet('email-verification', (int) Filter::input('emailver', 'post', 'bool'));
         $info .= lng('OPTIONS_COMPLETE');
     } elseif (POSTGood('def_skin_male') or POSTGood('def_skin_female')) {
         $female = POSTGood('def_skin_female') ? true : false;
         $tmp_dir = MCRAFT . 'tmp/';
         $default_skin = $tmp_dir . 'default_skins/Char' . ($female ? '_female' : '') . '.png';
         $default_skin_md5 = $tmp_dir . 'default_skins/md5' . ($female ? '_female' : '') . '.md5';
         $way_buffer_mini = $tmp_dir . 'skin_buffer/default/Char_Mini' . ($female ? '_female' : '') . '.png';
         $way_buffer = $tmp_dir . 'skin_buffer/default/Char' . ($female ? '_female' : '') . '.png';
         $new_file_info = POSTSafeMove($female ? 'def_skin_female' : 'def_skin_male', $tmp_dir);
         loadTool('skin.class.php');
         if ($new_file_info and SkinViewer2D::isValidSkin($tmp_dir . $new_file_info['tmp_name']) and rename($tmp_dir . $new_file_info['tmp_name'], $default_skin)) {
             chmod($default_skin, 0644);
             $info .= lng('SKIN_CHANGED') . ' (' . (!$female ? lng('MALE') : lng('FEMALE')) . ') <br/>';
             if (file_exists($default_skin_md5)) {
                 unlink($default_skin_md5);
             }
             if (file_exists($way_buffer_mini)) {
                 unlink($way_buffer_mini);
 public function Create($post_name, $gender = 2, $max_size = 20, $max_ratio = 1, $del_blist = false, $method = 'post')
 {
     $max_size = (int) $max_size;
     $max_ratio = (int) $max_ratio;
     $gender = (int) $gender;
     if ($gender > 2 or $gender < 0) {
         $gender = 2;
     }
     if ($method == 'post') {
         if (!POSTGood($post_name)) {
             return 1;
         }
         $new_file_info = POSTSafeMove($post_name, $this->base_dir);
         if (!$new_file_info) {
             return 2;
         }
         $size_mb = $new_file_info['size_mb'];
         $way = $this->base_dir . $new_file_info['tmp_name'];
     } else {
         if (!file_exists($post_name)) {
             return 1;
         }
         $size_mb = round(filesize($post_name) / 1024 / 1024, 2);
         $way = $post_name;
     }
     $hash = md5_file($way);
     if ($del_blist) {
         BD("DELETE FROM {$this->db_bad_skins} WHERE hash='" . $hash . "'");
     }
     $result = BD("SELECT `id`, 'good_skin' AS `type` FROM `{$this->db}` WHERE hash='" . $hash . "' UNION SELECT `id`, 'bad_skin' AS `type` FROM {$this->db_bad_skins} WHERE `hash`='" . $hash . "'");
     if (mysql_num_rows($result)) {
         $line = mysql_fetch_array($result);
         unlink($way);
         if ($line['type'] == 'bad_skin') {
             return 3;
         } else {
             return $line['id'] * -1;
         }
     }
     if ($max_size < $size_mb * 1024) {
         unlink($way);
         return 4;
     }
     $new_file_ratio = skinGenerator2D::isValidSkin($way);
     if (!$new_file_ratio or $new_file_ratio > $max_ratio) {
         unlink($way);
         return 5;
     }
     BD("INSERT INTO `{$this->db}` (hash, fsize, ratio, gender) VALUES ('" . $hash . "','" . $size_mb . "','" . $new_file_ratio . "', '" . $gender . "')");
     $this->id = mysql_insert_id();
     $new_name = 'sp_nc' . $this->id . '.png';
     $new_way = $this->base_dir . $new_name;
     BD("UPDATE `{$this->db}` SET `fname` = '" . $new_name . "' WHERE `id`='" . $this->id . "'");
     if (file_exists($new_way)) {
         unlink($new_way);
     }
     if (rename($way, $new_way)) {
         chmod($new_way, 0777);
     } else {
         unlink($way);
         BD("DELETE FROM `{$this->db}` WHERE `id`='" . $this->id . "'");
         return 6;
     }
     $preview = skinGenerator2D::savePreview($this->base_dir . 'preview/' . $new_name, $new_way, false, false, 160);
     if (!$preview) {
         unlink($new_way);
         BD("DELETE FROM `{$this->db}` WHERE `id`='" . $this->id . "'");
         return 7;
     } else {
         imagedestroy($preview);
     }
     BD("LOCK TABLES `{$this->db_ratio}` WRITE;");
     BD("INSERT INTO `{$this->db_ratio}` (ratio) VALUES ('" . (int) $new_file_ratio . "') ON DUPLICATE KEY UPDATE `num`= num + 1;");
     BD("UNLOCK TABLES;");
     $this->name = '';
     $this->fname = $new_name;
     $this->fsize = $size_mb;
     $this->dislikes = 0;
     $this->likes = 0;
     $this->ratio = $new_file_ratio;
     $this->gender = $gender;
     $this->downloads = 0;
     return 0;
 }
Example #3
0
 public static function TInstall($post_name)
 {
     if (!POSTGood($post_name, array('zip'))) {
         return 1;
     }
     $tmp_base_dir = MCRAFT . self::tmp_dir;
     $new_file_info = POSTSafeMove($post_name, $tmp_base_dir);
     if (!$new_file_info) {
         return 2;
     }
     $way = $tmp_base_dir . $new_file_info['tmp_name'];
     $zip = new ZipArchive();
     if ($zip->open($way) === false) {
         unlink($way);
         return 3;
     }
     $theme_info = $zip->getFromName(self::sign_file);
     if ($theme_info === false) {
         self::EndZipWorkAndDel($zip, $way);
         return 4;
     }
     $theme_info = self::GetThemeInfo(false, $theme_info);
     if ($theme_info === false or empty($theme_info['name'])) {
         unlink($way);
         return 5;
     }
     $theme_ver = empty($theme_info['work_with']) ? false : explode(',', $theme_info['work_with']);
     if ($theme_ver !== false and !in_array(MCR, $theme_ver)) {
         return 9;
     }
     $theme_dir = self::GetThemeDir($theme_info['id']);
     if (!is_dir($theme_dir)) {
         if (mkdir($theme_dir, 0766, true) === false) {
             self::EndZipWorkAndDel($zip, $way);
             return 7;
         }
     } else {
         self::deleteDir($theme_dir);
     }
     if ($zip->extractTo($theme_dir) === false) {
         self::EndZipWorkAndDel($zip, $way);
         return 8;
     }
     self::EndZipWorkAndDel($zip, $way);
     return $theme_info;
 }
 public function Create($post_name, $gender = 2, $max_size = 20, $max_scale = 1, $del_blist = false, $method = 'post')
 {
     global $user;
     $max_size = (int) $max_size;
     $max_scale = (int) $max_scale;
     $gender = (int) $gender;
     if ($gender > 2 or $gender < 0) {
         $gender = 2;
     }
     if (!empty($user) and $user->Exist()) {
         $user_id = $user->id();
     } else {
         $user_id = 0;
     }
     if ($method == 'post') {
         if (!POSTGood($post_name)) {
             return 1;
         }
         $new_file_info = POSTSafeMove($post_name, $this->base_dir);
         if (!$new_file_info) {
             return 2;
         }
         $size_mb = $new_file_info['size_mb'];
         $way = $this->base_dir . $new_file_info['tmp_name'];
     } else {
         if (!file_exists($post_name)) {
             return 1;
         }
         $size_mb = round(filesize($post_name) / 1024 / 1024, 2);
         $way = $post_name;
     }
     $hash = md5_file($way);
     if ($del_blist) {
         getDB()->ask("DELETE FROM `{$this->db_bad_skins}` WHERE hash='{$hash}'");
     }
     $line = getDB()->fetchRow("SELECT `id`, 'good_skin' AS `type` FROM `{$this->db}` " . "WHERE hash='{$hash}' UNION SELECT `id`, 'bad_skin' " . "AS `type` FROM `{$this->db_bad_skins}` WHERE `hash`='{$hash}'");
     if ($line) {
         unlink($way);
         if ($line['type'] == 'bad_skin') {
             return 3;
         } else {
             return $line['id'] * -1;
         }
     }
     if ($max_size < $size_mb * 1024) {
         unlink($way);
         return 4;
     }
     $new_file_scale = SkinViewer2D::isValidSkin($way);
     if (!$new_file_scale or $new_file_scale['scale'] > $max_scale) {
         unlink($way);
         return 5;
     }
     $new_file_scale = (int) $new_file_scale['scale'];
     getDB()->ask("INSERT INTO `{$this->db}` (hash, fsize, ratio, gender, user_id) VALUES ('" . $hash . "','" . $size_mb . "','" . $new_file_scale . "', '" . $gender . "', '" . $user_id . "')");
     $this->id = getDB()->lastInsertId();
     $new_name = 'sp_nc' . $this->id . '.png';
     $new_way = $this->base_dir . $new_name;
     getDB()->ask("UPDATE `{$this->db}` SET `fname` = '" . $new_name . "' WHERE `id`='" . $this->id . "'");
     if (file_exists($new_way)) {
         unlink($new_way);
     }
     if (rename($way, $new_way)) {
         chmod($new_way, 0777);
     } else {
         unlink($way);
         getDB()->ask("DELETE FROM `{$this->db}` WHERE `id`='" . $this->id . "'");
         return 6;
     }
     $preview = SkinViewer2D::savePreview($this->base_dir . 'preview/' . $new_name, $new_way, false, false, 160);
     if (!$preview) {
         unlink($new_way);
         getDB()->ask("DELETE FROM `{$this->db}` WHERE `id`='" . $this->id . "'");
         return 7;
     } else {
         imagedestroy($preview);
     }
     getDB()->ask("LOCK TABLES `{$this->db_ratio}` WRITE;");
     getDB()->ask("INSERT INTO `{$this->db_ratio}` (ratio) VALUES ('{$new_file_scale}') " . "ON DUPLICATE KEY UPDATE `num`= num + 1;");
     getDB()->ask("UNLOCK TABLES;");
     $this->name = '';
     $this->fname = $new_name;
     $this->fsize = $size_mb;
     $this->dislikes = 0;
     $this->likes = 0;
     $this->ratio = $new_file_scale;
     $this->gender = $gender;
     $this->downloads = 0;
     $this->user_id = $user_id;
     return 0;
 }
Example #5
0
function POSTSafeMove($post_name, $tmp_dir = false)
{
    if (!POSTGood($post_name, false)) {
        return false;
    }
    if (!$tmp_dir) {
        $tmp_dir = MCRAFT . 'tmp/';
    }
    if (!is_dir($tmp_dir)) {
        $back = umask(0);
        mkdir($tmp_dir, 0775, true);
        umask($back);
    }
    $tmp_file = tmp_name($tmp_dir);
    if (!move_uploaded_file($_FILES[$post_name]['tmp_name'], $tmp_dir . $tmp_file)) {
        vtxtlog('[POSTSafeMove] --> "' . $tmp_dir . '" <-- ' . lng('WRITE_FAIL'));
        return false;
    }
    return array('tmp_name' => $tmp_file, 'name' => $_FILES[$post_name]['name'], 'size_mb' => round($_FILES[$post_name]['size'] / 1024 / 1024, 2));
}
Example #6
0
 public function Create($post_name, $user_id, $id_word = null, $id_rewrite = false)
 {
     $user_id = (int) $user_id;
     if (!POSTGood($post_name, self::$formats)) {
         return 1;
     }
     if ($id_word and !preg_match("/^[a-zA-Z0-9._-]+\$/", $id_word)) {
         return 3;
     }
     $new_file_info = POSTSafeMove($post_name, $this->base_dir);
     if (!$new_file_info) {
         return 2;
     }
     $way = $this->base_dir . $new_file_info['tmp_name'];
     $hash = md5_file($this->base_dir . $new_file_info['tmp_name']);
     $sql_part = $id_word ? " OR `id_word`=:id_word" : '';
     $data = $id_word ? array('id_word' => $id_word) : false;
     $line = getDB()->fetchRow("SELECT `id` FROM `{$this->db}` " . "WHERE `hash`='" . $hash . "'" . $sql_part, $data, 'num');
     if ($line) {
         $file_similar = new File($line[0]);
         $similar_info = $file_similar->getInfo();
         if ($similar_info['hash'] == $hash) {
             if (file_exists($way)) {
                 unlink($way);
             }
             $this->id = $similar_info['id'];
             $this->user_id = $similar_info['user_id'];
             $this->id_word = $similar_info['id_word'];
             $this->name = $similar_info['name'];
             $this->size = $similar_info['size'];
             $this->hash = $similar_info['hash'];
             $this->downloads = $similar_info['downloads'];
             $this->way = $file_similar->getWay();
             return 7;
         } else {
             if (!$id_rewrite) {
                 if (file_exists($way)) {
                     unlink($way);
                 }
                 return 4;
             } else {
                 if (!$file_similar->Delete()) {
                     return 6;
                 }
                 unset($file_similar);
             }
         }
     }
     $sql = "INSERT INTO {$this->db} (id_word, user_id, way, name, size, hash) " . "VALUES (:id_word, :user_id, :fway, :fname, :fsize, '{$hash}')";
     $result = getDB()->ask($sql, array('id_word' => $id_word ? $id_word : '', 'user_id' => $user_id, 'fway' => $new_file_info['tmp_name'], 'fname' => $new_file_info['name'], 'fsize' => $new_file_info['size_mb']));
     if ($result) {
         $this->id = getDB()->lastInsertId();
         $this->user_id = $user_id;
         $this->id_word = $id_word ? $id_word : '';
         $this->way = $way;
         $this->name = $new_file_info['name'];
         $this->size = $new_file_info['size_mb'];
         $this->hash = $hash;
         $this->downloads = 0;
     } else {
         if (file_exists($way)) {
             unlink($way);
         }
         return 5;
     }
     return 0;
 }
Example #7
0
 public function changeVisual($post_name, $type = 'skin')
 {
     global $bd_users;
     if (!$this->id or !$this->getPermission($type == 'skin' ? 'change_skin' : 'change_cloak')) {
         return 1605;
     }
     if (!POSTGood($post_name)) {
         return 1604;
     }
     $tmp_dir = MCRAFT . 'tmp/';
     $new_file_info = POSTSafeMove($post_name, $tmp_dir);
     if (!$new_file_info) {
         return 1610;
     }
     $way = $tmp_dir . $new_file_info['tmp_name'];
     if ((int) $this->getPermission('max_fsize') < $new_file_info['size_mb'] * 1024) {
         unlink($way);
         return 1601;
     }
     loadTool('skin.class.php');
     $newImgInfo = $type == 'skin' ? SkinViewer2D::isValidSkin($way) : SkinViewer2D::isValidCloak($way);
     if (!$newImgInfo['scale'] or $newImgInfo['scale'] > (int) $this->getPermission('max_ratio')) {
         unlink($way);
         return 1602;
     }
     $type == 'skin' ? $this->deleteSkin() : $this->deleteCloak();
     $new_way = $type == 'skin' ? $this->getSkinFName() : $this->getCloakFName();
     if (rename($way, $new_way)) {
         chmod($new_way, 0644);
     } else {
         unlink($way);
         vtxtlog('[Ошибка модуля загрузки] Ошибка копирования [' . $way . '] в [' . $new_way . '] . Проверьте доступ на ЧТЕНИЕ \\ ЗАПИСЬ соответствующих папок.');
         return 1611;
     }
     if ($type == 'skin') {
         if (!strcmp($this->defaultSkinMD5(), md5_file($this->getSkinFName()))) {
             $this->defaultSkinTrigger(true);
         } else {
             $this->defaultSkinTrigger(false);
         }
     }
     $this->deleteBuffer();
     getDB()->ask("UPDATE `{$this->db}` SET `undress_times`=`undress_times`+1 " . "WHERE `{$bd_users['id']}`='{$this->id}'");
     return 1;
 }