// Using an pre-PHP 5.1 version?
if (@version_compare(PHP_VERSION, '5.1') == -1) {
require_once $sourcedir . '/Subs-Compat.php';
}
// If $maintenance is set specifically to 2, then we're upgrading or something.
if (!empty($maintenance) && $maintenance == 2) {
db_fatal_error();
}
// Create a variable to store some SMF specific functions in.
$smcFunc = array();
// Initate the database connection and define some database functions to use.
loadDatabase();
// Load the settings from the settings table, and perform operations like optimizing.
reloadSettings();
// Clean the request variables, add slashes, etc.
cleanRequest();
$context = array();
// Seed the random generator.
if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69) {
smf_seed_generator();
}
// Before we get carried away, are we doing a scheduled task? If so save CPU cycles by jumping out!
if (isset($_GET['scheduled'])) {
require_once $sourcedir . '/ScheduledTasks.php';
AutoTask();
}
// Check if compressed output is enabled, supported, and not already being done.
if (!empty($modSettings['enableCompressedOutput']) && !headers_sent()) {
// If zlib is being used, turn off output compression.
if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler' || @version_compare(PHP_VERSION, '4.2.0') == -1) {
$modSettings['enableCompressedOutput'] = '0';
/**
* Load all essential data and connect to the DB as this is pre SSI.php
*/
function loadEssentialData()
{
global $db_server, $db_user, $db_passwd, $db_name, $db_connection, $db_prefix, $db_character_set, $db_type, $db_port, $modSettings;
// Do the non-SSI stuff...
@set_magic_quotes_runtime(0);
error_reporting(E_ALL);
if (!defined('ELK')) {
define('ELK', 1);
}
// Start the session.
if (ini_get('session.save_handler') == 'user') {
@ini_set('session.save_handler', 'files');
}
@session_start();
// Initialize everything...
initialize_inputs();
// Get the database going!
if (empty($db_type)) {
$db_type = 'mysql';
}
if (file_exists(SOURCEDIR . '/database/Database.subs.php')) {
require_once SOURCEDIR . '/database/Database.subs.php';
// Make the connection...
$db_connection = elk_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'port' => $db_port), $db_type);
// Oh dear god!!
if ($db_connection === null) {
die('Unable to connect to database - please check username and password are correct in Settings.php');
}
$db = database();
if ($db_type == 'mysql' && isset($db_character_set) && preg_match('~^\\w+$~', $db_character_set) === 1) {
$db->query('', '
SET NAMES ' . $db_character_set, array('db_error_skip' => true));
}
// Load the modSettings data...
$request = $db->query('', '
SELECT variable, value
FROM {db_prefix}settings', array('db_error_skip' => true));
$modSettings = array();
while ($row = $db->fetch_assoc($request)) {
$modSettings[$row['variable']] = $row['value'];
}
$db->free_result($request);
} else {
return throw_error('Cannot find ' . SOURCEDIR . '/database/Database.subs.php. Please check you have uploaded all source files and have the correct paths set.');
}
// If they don't have the file, they're going to get a warning anyway so we won't need to clean request vars.
if (file_exists(SOURCEDIR . '/QueryString.php')) {
require_once SUBSDIR . '/Util.class.php';
require_once SOURCEDIR . '/Subs.php';
require_once SOURCEDIR . '/QueryString.php';
cleanRequest();
}
// Set a session life limit for the admin
if (isset($modSettings['admin_session_lifetime'])) {
$modSettings['admin_session_lifetime'] = 5;
}
if (!isset($_GET['substep'])) {
$_GET['substep'] = 0;
}
}
<?php
require_once '_init.php';
$emailQueueId = cleanRequest('id');
if (!$emailQueueId) {
die("REQUEST = NULL");
} else {
$mail_queue = new Mail_Queue($container_options, $mail_options);
$contanier = new Mail_Queue_Container_db($container_options);
if ($contanier->getMailById($emailQueueId)) {
$mail_queue->deleteMail($emailQueueId);
}
header("Location: ../index.php");
}
function loadEssentialData()
{
global $db_server, $db_user, $db_passwd, $db_name, $db_connection, $db_prefix, $db_character_set, $db_type;
global $modSettings, $sourcedir, $smcFunc, $upcontext;
// Do the non-SSI stuff...
@set_magic_quotes_runtime(0);
error_reporting(E_ALL);
define('SMF', 1);
// Start the session.
if (@ini_get('session.save_handler') == 'user') {
@ini_set('session.save_handler', 'files');
}
@session_start();
if (empty($smcFunc)) {
$smcFunc = array();
}
// Initialize everything...
initialize_inputs();
// Get the database going!
if (empty($db_type)) {
$db_type = 'mysql';
}
if (file_exists($sourcedir . '/lib/Subs-Db-' . $db_type . '.php')) {
require_once $sourcedir . '/lib/Subs-Db-' . $db_type . '.php';
// Make the connection...
$db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, array('non_fatal' => true));
// Oh dear god!!
if ($db_connection === null) {
die('Unable to connect to database - please check username and password are correct in Settings.php');
}
if ($db_type == 'mysql' && isset($db_character_set) && preg_match('~^\\w+$~', $db_character_set) === 1) {
$smcFunc['db_query']('', '
SET NAMES ' . $db_character_set, array('db_error_skip' => true));
}
// Load the modSettings data...
$request = $smcFunc['db_query']('', '
SELECT variable, value
FROM {db_prefix}settings', array('db_error_skip' => true));
$modSettings = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$modSettings[$row['variable']] = $row['value'];
}
$smcFunc['db_free_result']($request);
} else {
return throw_error('Cannot find ' . $sourcedir . '/lib/Subs-Db-' . $db_type . '.php' . '. Please check you have uploaded all source files and have the correct paths set.');
}
// If they don't have the file, they're going to get a warning anyway so we won't need to clean request vars.
if (file_exists($sourcedir . '/QueryString.php')) {
require_once $sourcedir . '/QueryString.php';
cleanRequest();
}
if (!isset($_GET['substep'])) {
$_GET['substep'] = 0;
}
}
<?php
require_once '_init.php';
$userId = cleanRequest('userId');
$emailId = cleanRequest('emailId');
if (!$userId && !$emailId) {
die("REQUEST = NULL");
} else {
$mail = new ManageMailQueue($container_options, $mail_options);
$mail->extractDataFromUserId($userId);
$mail->addByEmailId($emailId);
header("Location: ../index.php");
}
<?php
require_once '_init.php';
$emailQueueId = cleanRequest('id');
$emailQueueType = cleanRequest('type', '%s');
if (!$emailQueueId && !$emailQueueType) {
die("REQUEST = NULL");
} else {
$mq = a("select * from mail_queue where id = " . $emailQueueId);
if ($emailQueueType == 'sent') {
$sql[] = "insert into mail_queue set id = ''";
foreach ($mq as $k => $v) {
if ($k != 'id') {
if ($k == 'sent_time') {
$sql[] = $k . " = NULL";
} elseif ($k == 'try_sent') {
$sql[] = $k . " = '0'";
} elseif ($k == 'log') {
$sql[] = $k . " = ''";
} else {
$sql[] = $k . " = '" . $v . "'";
}
}
}
$duplicateQueueRow = sq(join(", ", $sql));
$updateSeq = sq("update mail_queue_seq set id = id+1");
}
if ($emailQueueType == 'bounced') {
$result = sq("update mail_queue set sent_time = null, try_sent = 0 where id = " . $mq['id']);
}
header("Location: ../index.php");
function tt_clean_request()
{
foreach (array_merge(array_keys($_POST), array_keys($_GET), array_keys($_FILES)) as $key) {
if (is_numeric($key)) {
if (isset($_POST[$key])) {
unset($_POST[$key]);
}
if (isset($_GET[$key])) {
unset($_GET[$key]);
}
if (isset($_FILES[$key])) {
unset($_FILES[$key]);
}
}
}
cleanRequest();
}
function initialize_inputs()
{
global $sourcedir;
// Turn off magic quotes runtime, enable error reporting, and define SMF.
@set_magic_quotes_runtime(0);
error_reporting(E_ALL);
define('SMF', 1);
umask(0);
// Fun. Low PHP version...
if (!isset($_GET)) {
$GLOBALS['_GET']['step'] = 0;
return;
}
ob_start();
if (@ini_get('session.save_handler') == 'user') {
@ini_set('session.save_handler', 'files');
}
@session_start();
// Better to upgrade cleanly and fall apart than to screw everything up if things take too long.
ignore_user_abort(true);
// If they don't have the file, they're going to get a warning anyway so we won't need to clean request vars.
if (file_exists($sourcedir . '/QueryString.php')) {
require_once $sourcedir . '/QueryString.php';
$GLOBALS['func'] = array('htmlspecialchars' => 'htmlspecialchars', 'htmltrim' => create_function('$string', '
return preg_replace(\'~^([ \\t\\n\\r\\x0B\\x00\\xA0]| )+|([ \\t\\n\\r\\x0B\\x00\\xA0]| )+$~\', \'\', $string);'));
cleanRequest();
}
// This is really quite simple; if ?delete is on the URL, delete the upgrader...
if (isset($_GET['delete'])) {
@unlink(__FILE__);
// And the extra little files ;).
@unlink(dirname(__FILE__) . '/upgrade_1-0.sql');
@unlink(dirname(__FILE__) . '/upgrade_1-1.sql');
@unlink(dirname(__FILE__) . '/webinstall.php');
header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.gif');
exit;
}
// Something is causing this to happen, and it's annoying. Stop it.
$temp = 'upgrade_php?step';
while (strlen($temp) > 4) {
if (isset($_GET[$temp])) {
unset($_GET[$temp]);
}
$temp = substr($temp, 1);
}
// Force a step, defaulting to 0.
$_GET['step'] = (int) @$_GET['step'];
$_GET['substep'] = (int) @$_GET['substep'];
}
<?php
// INCLUDE GENERAL CONFIG
require_once 'admin/config/general/config.php';
// INCLUDE ALL
if ($_SERVER['SERVER_ADDR'] == '127.0.0.1') {
require_once $_SERVER['DOCUMENT_ROOT'] . $config['localCorePath'] . 'includes/include.AllBackEnd.php';
} else {
require_once $_SERVER['DOCUMENT_ROOT'] . $config['root'] . 'admin/includes/include.AllBackEnd.php';
}
$id = cleanRequest("id");
$words = cleanRequest("words", "%s");
if ($id) {
$producto = a("select * from productos where id = " . $id);
if (!$producto) {
header("Location: productos.php");
}
} else {
header("Location: productos.php");
}
$bodyCls = "productos";
$sectionName = $producto['nombre'];
$descriptionById = $producto['nombre'];
$keywordsById = $producto['nombre'];
$titleById = "Productos ยป " . $producto['nombre'];
require_once "includes/head.php";
require_once "includes/top.php";
?>
<div id="main">
<?php
// INCLUDE GENERAL CONFIG
require_once 'admin/config/general/config.php';
// INCLUDE ALL
if ($_SERVER['SERVER_ADDR'] == '127.0.0.1') {
require_once $_SERVER['DOCUMENT_ROOT'] . $config['localCorePath'] . 'includes/include.AllBackEnd.php';
} else {
require_once $_SERVER['DOCUMENT_ROOT'] . $config['root'] . 'admin/includes/include.AllBackEnd.php';
}
$id = cleanRequest("id");
if ($id) {
$noticia = a("select *, DATE_FORMAT(date,'%d-%m-%Y') as df from noticias where id = " . $id);
if (!$noticia) {
header("Location: noticias.php");
}
} else {
header("Location: noticias.php");
}
$bodyCls = "noticias";
$sectionName = $noticia['titulo'];
$descriptionById = $noticia['titulo'];
$keywordsById = $noticia['titulo'];
$titleById = $noticia['titulo'];
require_once "includes/head.php";
require_once "includes/top.php";
?>
<div id="main">
<div class="wrapper">
