======================================================================*/
// Bootstrap
require_once 'boot.php';
// Required includes
require_once BH_INCLUDE_PATH . 'attachments.inc.php';
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'forum.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'image.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
// End Required includes
if (!session::logged_in()) {
exit;
}
if (!($attachment_dir = attachments_check_dir())) {
header_status(500, 'Internal Server Error');
exit;
}
$valid = true;
$error = null;
$attachment_details = null;
$content = null;
$file_type = null;
$temp_file = null;
$file_size = null;
$file_name = null;
$content_type = 'text/html; charset=UTF-8';
$file_hash = md5(uniqid(mt_rand()));
$max_user_attachment_space = forum_get_setting('attachments_max_user_space', 'is_numeric', 1048576);
$free_upload_space = attachments_get_free_user_space($_SESSION['UID']);
echo "<div class=\"post_to\">", gettext("To"), ":", light_form_input_text("to_logon", isset($to_logon) ? htmlentities_array($to_logon) : "", 30, null, null, gettext("Leave blank for all")), "</div>";
echo "<div class=\"post_content\">", gettext("Content"), ":", light_form_textarea("content", htmlentities_array(strip_paragraphs($content)), 10, 50, null, 'textarea'), "</div>";
echo "<div class=\"post_buttons\">";
echo light_form_submit("post", gettext("Post"));
echo light_form_submit("preview", gettext("Preview"));
if (isset($return_msg)) {
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$return_msg}\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
} else {
if (isset($tid) && is_numeric($tid) && isset($reply_to_pid) && is_numeric($reply_to_pid)) {
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$reply_to_pid}\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
} else {
echo "<a href=\"lthread_list.php?webtag={$webtag}\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
}
}
echo "</div>";
if (attachments_check_dir() && (session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $fid) || $new_thread)) {
echo "<div class=\"attachments post_attachments\">", gettext('Attachments'), ":\n";
echo " ", attachments_form($_SESSION['UID'], $attachments), "\n";
echo "</div>\n";
}
echo "</div>";
echo "</div>";
echo "</form>\n";
if (!$new_thread && $reply_to_pid > 0) {
echo "<h3>", gettext("In reply to"), ":</h3>\n";
if ($thread_data['POLL_FLAG'] == 'Y' && $reply_message['PID'] == 1) {
light_poll_display($tid, $thread_data['LENGTH'], $thread_data['FID'], $thread_data['CLOSED'], false, true);
} else {
light_message_display($tid, $reply_message, $thread_data['LENGTH'], $reply_to_pid, $thread_data['FID'], false, false, false, false, true);
}
}
echo "<div class=\"post_inner\">\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
light_html_display_error_array($error_msg_array);
}
echo "<div class=\"post_thread_title\">", gettext("Subject"), ":", light_form_input_text("t_subject", isset($t_subject) ? htmlentities_array($t_subject) : "", 30, 64), "</div>\n";
echo "<div class=\"post_to\">", gettext("To"), ":\n";
echo "<div class=\"recipients\">\n";
if (isset($message_data['RECIPIENTS']) && sizeof($message_data['RECIPIENTS']) > 0) {
foreach ($message_data['RECIPIENTS'] as $recipient) {
echo word_filter_add_ob_tags(format_user_name($recipient['LOGON'], $recipient['NICKNAME']), true), "\n";
}
} else {
echo gettext('Unknown User');
}
echo "</div>\n";
echo "</div>\n";
echo "<div class=\"post_content\">", light_form_textarea("t_content", htmlentities_array(strip_paragraphs($t_content)), 10, 50, null, 'textarea'), "</div>\n";
echo "<div class=\"post_buttons\">";
echo light_form_submit("apply", gettext("Apply"));
echo light_form_submit("preview", gettext("Preview"));
echo light_form_submit("cancel", gettext("Cancel"));
echo "</div>";
if (attachments_check_dir()) {
echo "<div class=\"attachments post_attachments\">", gettext('Attachments'), ":\n";
echo " ", attachments_form($_SESSION['UID'], $attachments), "\n";
echo "</div>\n";
}
echo "</div>";
echo "</div>";
echo "</form>\n";
light_html_draw_bottom();
function pm_export_attachments($message_array, ZipArchive $zip)
{
if (!is_array($message_array)) {
return false;
}
if (!($attachment_dir = attachments_check_dir())) {
return false;
}
$attachments_added_success = false;
$zip->addEmptyDir("attachments");
foreach ($message_array as $message) {
if (($attachments_array = attachments_get($message['FROM_UID'], $message['ATTACHMENTS'])) !== false) {
foreach ($attachments_array as $attachment) {
if (@file_exists("{$attachment_dir}/{$attachment['hash']}")) {
$attachments_added_success = true;
$zip->addFile("{$attachment_dir}/{$attachment['hash']}", "attachments/{$attachment['filename']}");
}
}
}
}
if ($attachments_added_success == true && ($attach_img = html_style_image('attach', true))) {
$zip->addFile($attach_img, $attach_img);
}
return true;
}
function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true)
{
if (!is_array($attachment)) {
return false;
}
if (!is_bool($show_thumbs)) {
$show_thumbs = true;
}
if (!is_bool($limit_filename)) {
$limit_filename = false;
}
if (!is_bool($local_path)) {
$local_path = false;
}
if (!is_bool($img_tag)) {
$img_tag = true;
}
if (!($attachment_dir = attachments_check_dir())) {
return false;
}
if (!isset($attachment['hash'])) {
return false;
}
if (!isset($attachment['filename'])) {
return false;
}
if (!isset($attachment['downloads'])) {
return false;
}
if (!is_md5($attachment['hash'])) {
return false;
}
$thumbnail_max_size = 100;
$webtag = get_webtag();
forum_check_webtag_available($webtag);
if (isset($_SESSION['SHOW_THUMBS']) && is_numeric($_SESSION['SHOW_THUMBS'])) {
$user_show_thumbs = $_SESSION['SHOW_THUMBS'];
} else {
$user_show_thumbs = 100;
}
if ($show_thumbs && forum_get_setting('attachment_thumbnails', 'Y') && ($user_show_thumbs > 0 || !session::logged_in())) {
$thumbnail_size = array(1 => 50, 2 => 100, 3 => 150);
$thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100;
} else {
$show_thumbs = false;
}
if ($local_path) {
$attachment_href = "attachments/{$attachment['filename']}";
} else {
$attachment_href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}";
$attachment_href .= "&filename={$attachment['filename']}";
}
if ($img_tag) {
$title_array = array();
if (mb_strlen($attachment['filename']) > 16 && $limit_filename) {
$title_array[] = sprintf(gettext("Filename: %s"), $attachment['filename']);
$attachment['filename'] = format_file_name($attachment['filename']);
}
if (isset($attachment['filesize']) && is_numeric($attachment['filesize']) && $attachment['filesize'] > 0) {
$title_array[] = sprintf(gettext("Size: %s"), format_file_size($attachment['filesize']));
}
if ($attachment['downloads'] == 1) {
$title_array[] = gettext("Downloaded: 1 time");
} else {
$title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']);
}
if (isset($attachment['width'], $attachment['height'])) {
$title_array[] = sprintf(gettext("Dimensions %dx%dpx"), $attachment['width'], $attachment['height']);
}
$title = implode(", ", $title_array);
if ($show_thumbs && isset($attachment['thumbnail']) && $attachment['thumbnail'] == 'Y') {
$thumbnail_width = 150;
$thumbnail_height = 150;
while ($thumbnail_width > $thumbnail_max_size) {
$thumbnail_width--;
$thumbnail_height--;
}
$attachment_link = "<a href=\"{$attachment_href}\" target=\"_blank\"><span class=\"attachment_thumb\" ";
$attachment_link .= "style=\"background-image: url('{$attachment_href}&thumb=1'); ";
$attachment_link .= "width: {$thumbnail_width}px; height: {$thumbnail_height}px\" ";
$attachment_link .= "title=\"{$title}\"></span></a>";
} else {
$attachment_link = html_style_image('attach', gettext("Attachment"));
$attachment_link .= "<a href=\"{$attachment_href}\" title=\"{$title}\" ";
$attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>";
}
return $attachment_link;
}
return $attachment_href;
}
function pm_export_attachments($aid, $from_uid, &$zip_file)
{
if (!md5($aid)) {
return false;
}
if (!is_numeric($from_uid)) {
return false;
}
if (!is_object($zip_file)) {
return false;
}
$attachments_added_success = false;
if (!($attachment_dir = attachments_check_dir())) {
return false;
}
$attachments_array = array();
$image_attachments_array = array();
if (!attachments_get($from_uid, $aid, $attachments_array, $image_attachments_array)) {
return false;
}
if (is_array($attachments_array) && sizeof($attachments_array) > 0) {
foreach ($attachments_array as $attachment) {
if (@file_exists("{$attachment_dir}/{$attachment['hash']}")) {
$attachments_added_success = true;
$attachment_content = implode("", file("{$attachment_dir}/{$attachment['hash']}"));
$zip_file->add_file($attachment_content, "attachments/{$attachment['filename']}");
}
}
}
if (is_array($image_attachments_array) && sizeof($image_attachments_array) > 0) {
foreach ($image_attachments_array as $attachment) {
if (@file_exists("{$attachment_dir}/{$attachment['hash']}")) {
$attachments_added_success = true;
$attachment_content = implode("", file("{$attachment_dir}/{$attachment['hash']}"));
$zip_file->add_file($attachment_content, "attachments/{$attachment['filename']}");
if (@file_exists("{$attachment_dir}/{$attachment['hash']}.thumb")) {
$attachment_content = implode("", file("{$attachment_dir}/{$attachment['hash']}.thumb"));
$zip_file->add_file($attachment_content, "attachments/{$attachment['filename']}.thumb");
}
}
}
}
if ($attachments_added_success == true && ($attach_img = html_style_image('attach.png', true))) {
$attach_img_contents = implode("", file($attach_img));
$zip_file->add_file($attach_img_contents, $attach_img);
}
return true;
}
echo " </table>\n";
echo " </td>\n";
echo " <td align=\"left\" valign=\"top\" width=\"740\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <h2>", gettext("Message"), "</h2>\n";
echo " ", form_textarea("t_content", htmlentities_array(emoticons_apply($t_content)), 22, 100, 'tabindex="1"', 'post_content editor focus'), "\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo form_submit('apply', gettext("Apply"), "tabindex=\"2\""), "\n";
echo form_submit("preview", gettext("Preview"), "tabindex=\"3\""), "\n";
echo "<a href=\"discussion.php?webtag={$webtag}&msg={$return_msg}\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
if (attachments_check_dir() && session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $t_fid)) {
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"messagefoot\" width=\"722\" cellspacing=\"0\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\">", gettext("Attachments"), "</td>\n";
if (($page_prefs & POST_ATTACHMENT_DISPLAY) > 0) {
echo " <td class=\"subhead\" align=\"right\">", form_submit_image('hide', 'attachment_toggle', 'hide', null, 'button_image toggle_button'), " </td>\n";
} else {
echo " <td class=\"subhead\" align=\"right\">", form_submit_image('show', 'attachment_toggle', 'show', null, 'button_image toggle_button'), " </td>\n";
}
function user_prefs_filter_attachments($image_attachments_array, $max_width, $max_height)
{
$attachments_array_filtered = array('' => ' ');
if (!($attachment_dir = attachments_check_dir())) {
return array();
}
if (!is_array($image_attachments_array) || sizeof($image_attachments_array) == 0) {
return $attachments_array_filtered;
}
foreach ($image_attachments_array as $hash => $attachment_details) {
if (!($image_info = @getimagesize("{$attachment_dir}/{$hash}"))) {
continue;
}
if ($image_info[0] > $max_width || $image_info[1] > $max_height) {
continue;
}
$attachments_array_filtered[$attachment_details['aid']] = $attachment_details['filename'];
}
return $attachments_array_filtered;
}
function admin_get_users_attachments($uid, &$user_attachments, &$user_image_attachments, $hash_array = false)
{
$user_attachments = array();
$user_image_attachments = array();
if (!($db = db::get())) {
return false;
}
if (!is_numeric($uid)) {
return false;
}
if (!is_array($hash_array)) {
$hash_array = false;
}
if (!($attachment_dir = attachments_check_dir())) {
return false;
}
if (is_array($hash_array)) {
$hash_list = implode("', '", array_filter($hash_array, 'is_md5'));
$sql = "SELECT PAF.AID, PAF.HASH, PAF.FILENAME, PAF.MIMETYPE, PAF.DOWNLOADS, ";
$sql .= "FORUMS.WEBTAG, FORUMS.FID FROM POST_ATTACHMENT_FILES PAF ";
$sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
$sql .= "LEFT JOIN FORUMS FORUMS ON (PAI.FID = FORUMS.FID) ";
$sql .= "WHERE PAF.UID = '{$uid}' AND PAF.HASH IN ('{$hash_list}') ";
$sql .= "ORDER BY FORUMS.FID DESC, PAF.FILENAME";
} else {
$sql = "SELECT PAF.AID, PAF.HASH, PAF.FILENAME, PAF.MIMETYPE, PAF.DOWNLOADS, ";
$sql .= "FORUMS.WEBTAG, FORUMS.FID FROM POST_ATTACHMENT_FILES PAF ";
$sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
$sql .= "LEFT JOIN FORUMS FORUMS ON (PAI.FID = FORUMS.FID) ";
$sql .= "WHERE PAF.UID = '{$uid}' ORDER BY FORUMS.FID DESC, PAF.FILENAME";
}
if (!($result = $db->query($sql))) {
return false;
}
while (($attachment = $result->fetch_assoc()) !== null) {
if (@file_exists("{$attachment_dir}/{$attachment['HASH']}")) {
if (@file_exists("{$attachment_dir}/{$attachment['HASH']}.thumb")) {
$filesize = filesize("{$attachment_dir}/{$attachment['HASH']}");
$filesize += filesize("{$attachment_dir}/{$attachment['HASH']}.thumb");
$user_image_attachments[] = array("filename" => rawurldecode($attachment['FILENAME']), "filesize" => $filesize, "aid" => $attachment['AID'], "hash" => $attachment['HASH'], "mimetype" => $attachment['MIMETYPE'], "downloads" => $attachment['DOWNLOADS'], "forum_fid" => is_numeric($attachment['FID']) ? $attachment['FID'] : 0, "forum_webtag" => $attachment['WEBTAG']);
} else {
$user_attachments[] = array("filename" => rawurldecode($attachment['FILENAME']), "filesize" => filesize("{$attachment_dir}/{$attachment['HASH']}"), "aid" => $attachment['AID'], "hash" => $attachment['HASH'], "mimetype" => $attachment['MIMETYPE'], "downloads" => $attachment['DOWNLOADS'], "forum_fid" => is_numeric($attachment['FID']) ? $attachment['FID'] : 0, "forum_webtag" => $attachment['WEBTAG']);
}
}
}
return sizeof($user_attachments) > 0 || sizeof($user_image_attachments) > 0;
}
/**
* @return array|bool
*/
function stats_get_most_downloaded_attachment()
{
if (!($db = db::get())) {
return false;
}
if (!($table_prefix = get_table_prefix())) {
return false;
}
if (!($attachment_dir = attachments_check_dir())) {
return false;
}
if (!($forum_fid = get_forum_fid())) {
return false;
}
$sql = "SELECT PAI.TID, PAI.PID, PAF.AID, PAF.HASH, PAF.FILENAME, ";
$sql .= "PAF.MIMETYPE, PAF.DOWNLOADS FROM POST_ATTACHMENT_FILES PAF ";
$sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
$sql .= "WHERE PAI.FID = '{$forum_fid}' ";
$sql .= "ORDER BY PAF.DOWNLOADS DESC ";
if (!($result = $db->query($sql))) {
return false;
}
while (($attachment_data = $result->fetch_assoc()) !== null) {
if (@file_exists("{$attachment_dir}/{$attachment_data['HASH']}")) {
if (@file_exists("{$attachment_dir}/{$attachment_data['HASH']}.thumb")) {
$filesize = filesize("{$attachment_dir}/{$attachment_data['HASH']}");
$filesize += filesize("{$attachment_dir}/{$attachment_data['HASH']}.thumb");
return array("msg" => sprintf("%s.%s", $attachment_data['TID'], $attachment_data['PID']), "filename" => rawurldecode($attachment_data['FILENAME']), "filesize" => $filesize, "aid" => $attachment_data['AID'], "hash" => $attachment_data['HASH'], "mimetype" => $attachment_data['MIMETYPE'], "downloads" => $attachment_data['DOWNLOADS']);
} else {
return array("msg" => sprintf("%s.%s", $attachment_data['TID'], $attachment_data['PID']), "filename" => rawurldecode($attachment_data['FILENAME']), "filesize" => filesize("{$attachment_dir}/{$attachment_data['HASH']}"), "aid" => $attachment_data['AID'], "hash" => $attachment_data['HASH'], "mimetype" => $attachment_data['MIMETYPE'], "downloads" => $attachment_data['DOWNLOADS']);
}
}
}
return false;
}
