Example #1
0
<?php

require_once 'utils.php';
require_once 'dbo.php';
require_once 'xhtml.php';
global $TMP_DIR;
global $DATA_DIR;
global $LSP_URL;
if (!SESSION_EMPTY()) {
    if (POST_EMPTY('ok') && POST_EMPTY('addfinalok')) {
        display_warning('Do not submit offending, pornographic, racist or violent content.', array('<a href="">Add File</a>'));
        echo '<div class="col-md-9">';
        $form = new form($LSP_URL . '?content=add', 'Add File', 'fa-upload');
        ?>
		<label for="filename">File to add</label>
		<div class="form-group">
		<span class="pull-left btn btn-default btn-file">
			<span class="fa fa-folder-open"></span>&nbsp;Select file<input type="file" name="filename" />
		</span><strong><span class="text-center"><pre class="text-warning" id="file-selected">No file selected</pre></span></strong>
		<small>Maximum file size: 1 MB</small>
		</div>
		<div class="form-group">
		<input type="checkbox" id="nocopyright" name="nocopyright" />
		<label for="nocopyright">Does not violate any existing copyright, law or trademark</label>
		</div>
		<button type="submit" name="ok" value="OK" class="btn btn-primary"><span class="fa fa-upload"></span>&nbsp;Upload</button>
		<a href="<?php 
        echo $LSP_URL;
        ?>
" class="btn btn-warning"><span class="fa fa-close"></span>&nbsp;Cancel</a>
		<?php
Example #2
0
<?php

require_once 'utils.php';
require_once 'dbo.php';
require_once 'xhtml.php';
global $LSP_URL;
if (!SESSION_EMPTY() && (get_user_id(SESSION()) == get_file_owner(GET('file')) || is_admin(get_user_id(SESSION())))) {
    if (GET('confirmation') == "true") {
        if (delete_file(GET('file'))) {
            display_success('File deleted successfully', array('Delete'));
        } else {
            display_error('Sorry, file ' . GET('file') . ' could not be deleted', array('Delete'));
        }
        get_latest();
    } else {
        display_warning('This will delete all comments and ratings.', array('Delete', get_file_url()));
        echo '<div class="col-md-9">';
        $form = new form(null, 'Confirm Delete', 'fa-trash');
        ?>
		<p class="lead">Confirm deletion of <strong><?php 
        echo get_file_name(GET('file'));
        ?>
</strong>?</p>
		<div class="form-group">
		<a class="btn btn-danger" href="<?php 
        echo "{$LSP_URL}?content=delete&confirmation=true&file=" . GET('file');
        ?>
">
		<span class="fa fa-check"></span>&nbsp;Delete</a>
		<a class="btn btn-warning" href="<?php 
        echo "{$LSP_URL}?action=show&file=" . GET('file');
Example #3
0
function show_file($file_id, $user, $success = null)
{
    global $LSP_URL, $DATA_DIR;
    $dbh =& get_db();
    $stmt = $dbh->prepare('SELECT licenses.name AS license, size, realname, filename, users.login, ' . 'categories.name AS category, subcategories.name AS subcategory,' . 'insert_date, update_date, description, downloads, files.id FROM files ' . 'INNER JOIN categories ON categories.id=files.category ' . 'INNER JOIN subcategories ON subcategories.id=files.subcategory ' . 'INNER JOIN users ON users.id=files.user_id ' . 'INNER JOIN licenses ON licenses.id=files.license_id ' . 'WHERE files.id=:file_id');
    $stmt->bindParam(':file_id', $file_id);
    $found = false;
    if ($stmt->execute()) {
        while ($object = $stmt->fetch(PDO::FETCH_ASSOC)) {
            $title = array($object['category'], $object['subcategory'], get_file_url($file_id));
            if ($success == null) {
                echo '<div class="col-md-9">';
                create_title($title);
            } else {
                if ($success === true) {
                    display_success("Updated successfully", $title);
                    echo '<div class="col-md-9">';
                } else {
                    if ($success === false) {
                        display_error("Update failed.", $title);
                        echo '<div class="col-md-9">';
                    } else {
                        display_success("{$success}", $title);
                    }
                }
            }
            echo '<table class="table table-striped">';
            show_basic_file_info($object, false);
            // Bump the download button under details block
            $url = htmlentities('download_file.php?file=' . $object['id'] . '&name=' . $object['filename']);
            echo '<tr><td><strong>Name:</strong>&nbsp;' . $object['filename'];
            if (is_image($url)) {
                echo '<br><br><a href="' . $url . '"><img class="thumbnail" src="' . scale_image($DATA_DIR . $file_id, 300, parse_extension($url)) . '" alt=""></a>';
            }
            echo '</td><td class="lsp-file-info">';
            echo '<a href="' . $url . '" id="downloadbtn" class="lsp-dl-btn btn btn-primary">';
            echo '<span class="fa fa-download lsp-download"></span>&nbsp;Download</a>';
            echo '</td></tr>';
            echo '<tr><td colspan="2"><div class="well"><strong>Description:</strong><p>';
            echo $object['description'] != '' ? parse_links(newline_to_br($object['description'], true)) : 'No description available.';
            echo '</p></div></td></tr>';
            echo '<tr><td colspan="2">';
            echo '<nav id="lspnav" class="navbar navbar-default"><ul class="nav navbar-nav">';
            $can_edit = $object['login'] == $user || is_admin(get_user_id($user));
            $can_rate = !SESSION_EMPTY();
            $rate_self = $object['login'] == $user;
            global $LSP_URL;
            create_toolbar_item('Comment', "{$LSP_URL}?comment=add&file={$file_id}", 'fa-comment', $can_rate);
            create_toolbar_item('Edit', "{$LSP_URL}?content=update&file={$file_id}", 'fa-pencil', $can_edit);
            create_toolbar_item('Delete', "{$LSP_URL}?content=delete&file={$file_id}", 'fa-trash', $can_edit);
            $star_url = $LSP_URL . '?' . file_show_query_string() . '&rate=';
            create_toolbar_item(get_stars($file_id, $star_url, $rate_self ? false : $can_rate), '', null, $can_rate, $rate_self);
            echo '</ul></nav>';
            echo '<strong>Comments:</strong>';
            echo '</td></tr>';
            get_comments($file_id);
            echo '</table></div>';
            $found = true;
            break;
        }
    }
    if (!$found) {
        display_error('Invalid file: "' . sanitize($file_id) . '"');
    }
    $stmt = null;
    $dbh = null;
}
Example #4
0
function login()
{
    if (SESSION_EMPTY() && GET('action') == 'login') {
        if (password_match(POST('password'), POST('login'))) {
            $_SESSION["remote_user"] = POST('login');
            $_GET["action"] = POST('oldaction');
            set_get_post('category');
            set_get_post('subcategory');
            return true;
        }
    }
    return false;
}
Example #5
0
echo SESSION_EMPTY() ? '' : ' <span class="badge pull-right">' . $shield . SESSION() . '</span>';
// Show auth-fail alert in title for smaller screens
echo $auth_failure ? '&nbsp;<span class="pull-right fa fa-exclamation-circle text-danger"></span>' : '';
?>
</a>
		</h3></div>
		<div id="login-collapse" class="panel-collapse collapse in">
		<div id="login-div" class="panel-body overflow-hidden">
			<?php 
if ($auth_failure) {
    echo '<span class="text-danger"><strong>Authentication failure.</strong></span><br />';
}
/*
 * Hide or show the Login Dialog/My Account Panel
 */
if (SESSION_EMPTY()) {
    ?>
				<form action="<?php 
    echo $LSP_URL;
    ?>
?action=login" method="post" role="form">
				<div class="form-group">
				<label for="login">User Name</label>
				<input type="text" id="login" name="login" class="form-control textin" maxlength="16" placeholder="username" />
				</div>
				<div class="form-group">
				<label for="password">Password</label>
				<input type="password" id="password" name="password" class="form-control textin" maxlength="20" placeholder="password"/>
				</div>
				<button type="submit" name="ok" class="btn btn-primary textin"><span class="fa fa-check"></span>&nbsp;Login</button>
				</form>