function ftp_act($p, $f, $res)
{
$res = ajxg($res);
if (!is_file($f)) {
$ret = 'not exists';
} elseif (!auth(7)) {
$ret = 'no';
} else {
switch ($p) {
case 'rename':
$fc = $p;
$ret = 'renamed as ' . $res;
break;
case 'delete':
$fc = 'unlink';
$ret = 'was deleted';
$res = '';
break;
case 'copy':
$fc = $p;
$ret = 'copied at ' . $res;
break;
case 'infos':
$ret = 'infos: ' . fsize($f) . ' ' . ftime($f);
break;
}
}
if ($fc) {
$ok = call_user_func($fc, $f, $res);
}
if ($fc && !$ok) {
return btn('txtyl', 'error');
}
return btn('txtyl', $ret);
}
function getFileSize($file)
{
$size = filesize($file);
if ($size < 0) {
$size = fsize($file);
}
return $size;
}
function build_page(&$admin, &$database)
{
global $HEADING, $TEXT, $MENU, $MESSAGE;
// Include the functions file
include_once get_include(LEPTON_PATH . '/framework/summary.functions.php');
include_once get_include(ADMIN_PATH . '/media/function.inc.php');
$memory_limit = ini_get('memory_limit');
$post_max_size = ini_get('post_max_size');
$upload_max_filesize = ini_get('upload_max_filesize');
$maxUploadFiles = 12;
$request = $_SERVER['REQUEST_METHOD'];
$allowed_img_types = 'jpg|png|gif|tif';
$actions = isset($_POST['action']) ? trim(stripslashes($admin->get_post('action'))) : 'show';
$actions = isset($_POST['media_reload']) && $_POST['media_reload'] == true ? 'media_reload' : $actions;
$actions = isset($_POST['cancel']) ? 'show' : $actions;
// Get home folder not to show
$home_folders = get_home_folders();
$currentHome = $admin->get_home_folder();
$pathsettings = get_media_settings();
// Get the user specified dir parent_path
if ($request == 'GET' && isset($_REQUEST)) {
$directory = rawurldecode(trim(stripslashes($admin->get_get('dir'))));
} elseif (isset($_POST['current_select'])) {
$directory = str_replace(MEDIA_DIRECTORY, '', rawurldecode(trim(stripslashes($admin->get_post('current_select')))));
} elseif (isset($_POST['current_dir'])) {
$directory = rawurldecode(trim(stripslashes($admin->get_post('current_dir'))));
}
//$directory = is_null($directory) ? $currentHome : $directory;
// $directory is not always null ... 8-/
$directory = is_null($directory) || empty($directory) ? $currentHome : $directory;
$directory = $directory == '/' || $directory == '\\' ? '' : $directory;
$target = $current_dir = $directory;
$backlink = 'index.php?dir=' . $directory;
$FILE = array();
$dirs = array();
$skip = LEPTON_PATH;
directory_list(LEPTON_PATH . MEDIA_DIRECTORY, false, 0, $dirs, $skip);
// dirs with readWrite access
$dirs_rw = media_dirs_rw($admin);
array_walk($dirs_rw, 'remove_path', LEPTON_PATH);
if ($admin->get_user_id() == 1) {
$id = array_unshift($dirs_rw, MEDIA_DIRECTORY);
}
// Define absolute path to WB media directory (using Unix path seperator)
$mediaPath = str_replace('\\', '/', LEPTON_PATH . MEDIA_DIRECTORY);
/* comment out to show only Home Folder till yet not build in overall
$acess_denied = (($currentHome != '') && (strpos($mediaPath.$directory, $currentHome))) ? false : true;
*/
// sytem_admin if not superadmin, no homefolder, groupmember 1
$system_admin = $admin->ami_group_member('1') == true || $admin->get_user_id() == 1;
$group_admin = empty($currentHome) == true && $admin->ami_group_member('1') == true;
//$full_home_folder_access = $directory == '' || in_array(MEDIA_DIRECTORY.$directory, $dirs_rw) || $group_admin ;
/*
* If HOME_FOLDERS are not active the user have access to all media files,
* otherwise check if the shown folders in list are within the personal folder
* and grant desired rights only for this folders (upload, create directory a.s.o.)
*/
$full_home_folder_access = !HOME_FOLDERS ? true : empty($_SESSION['HOME_FOLDER']) || in_array(MEDIA_DIRECTORY . $directory, $dirs_rw) || $group_admin;
if (strstr($current_dir, '..')) {
// target_path contains ../
$admin->print_error($MESSAGE['MEDIA_TARGET_DOT_DOT_SLASH'], $backlink);
}
// Build canonicalized absolute path from user input and check if path exists (False if not)
$userPath = str_replace('\\', '/', realpath($mediaPath . $directory));
// Ensure that the user specified path is located inside WB media folder
if ($userPath == false || strpos($userPath, $mediaPath) !== 0) {
// User defined path is invalid or is located outside the WB media directory
$admin->print_error($MESSAGE['MEDIA_DIR_ACCESS_DENIED'], $backlink);
}
if (!is_writeable($mediaPath . $directory)) {
$admin->print_error($MESSAGE['GENERIC_BAD_PERMISSIONS'], $backlink);
}
$tpl = new Template(THEME_PATH . '/templates', 'keep');
// false | true
$tpl->debug = false;
$file_array = array('page' => 'media.htt', 'browse' => 'media_browse.htt', 'rename' => 'media_rename.htt', 'settings' => 'setparameter.htt');
$tpl->set_file($file_array);
$tpl->set_block('page', 'main_block', 'main');
// BEGIN left side always with main_block and the dropdown list may later as dirtree
// First insert language text and messages
$tpl->set_var(array('TEXT_RELOAD' => $TEXT['RELOAD'], 'TEXT_TARGET_FOLDER' => $TEXT['TARGET_FOLDER'], 'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'], 'TEXT_NAME' => $TEXT['TITLE'], 'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'], 'TEXT_UNZIP_FILE' => $TEXT['UNZIP_FILE'], 'TEXT_DELETE_ZIP' => $TEXT['DELETE_ZIP'], 'TEXT_OVERWRITE_EXISTING' => $TEXT['OVERWRITE_EXISTING'], 'TEXT_FILES' => $TEXT['FILES']));
$tpl->set_var(array('USER_ID' => $admin->is_authenticated() ? $admin->get_user_id() : '', 'ADMIN_URL' => ADMIN_URL, 'LEPTON_URL' => LEPTON_URL, 'LEPTON_PATH' => LEPTON_PATH, 'THEME_URL' => THEME_URL));
// && (($admin->ami_group_member('1') != true) || ($admin->get_user_id() != 1))
// set optionen media_settings_block
$tpl->set_block('main_block', 'media_settings_block', 'media_settings');
// Only show admin the settings link
if ($pathsettings['global']['admin_only'] == true) {
if ($system_admin != true) {
$tpl->set_var('DISPLAY_SETTINGS', 'hide');
$tpl->set_block('media_settings', '');
} else {
$tpl->parse('media_settings', 'media_settings_block', true);
}
} else {
$tpl->parse('media_settings', 'media_settings_block', true);
}
// set optionen media_upload_block
$tpl->set_var(array('CHANGE_SETTINGS' => $TEXT['MODIFY_SETTINGS'], 'HEADING_BROWSE_MEDIA' => $HEADING['BROWSE_MEDIA'], 'HEADING_MEDIA' => $MENU['MEDIA'] . ' ' . $TEXT['FOLDERS'], 'HEADING_CREATE_FOLDER' => $HEADING['CREATE_FOLDER'], 'HEADING_UPLOAD_FILES' => $HEADING['UPLOAD_FILES'], 'OPTIONS' => $TEXT['OPTION'], 'SETTINGS_URL' => $_SERVER['SCRIPT_NAME']));
$tpl->set_var(array('HOME_DIRECTORY' => $currentHome, 'MEDIA_DIRECTORY' => MEDIA_DIRECTORY, 'CURRENT_DIR' => $directory));
// create dropdownlist dir_list_block
$tpl->set_block('main_block', 'dir_list_block', 'dir_list');
// select the correct directory list
$use_dirs = !HOME_FOLDERS ? $dirs : empty($_SESSION['HOME_FOLDER']) ? $dirs : $dirs_rw;
if (count($use_dirs) > 0) {
foreach ($use_dirs as $name) {
// prevent duplicate entries - default directory is also set by template!
if ($name == MEDIA_DIRECTORY . $currentHome) {
continue;
}
$tpl->set_var(array('MEDIA_NAME' => $name, 'SELECTED' => MEDIA_DIRECTORY . $directory == $name ? ' selected="selected"' : ''));
$tpl->parse('dir_list', 'dir_list_block', true);
}
} else {
$tpl->set_var('dir_list', '');
}
// Insert permissions values, hide for some actions
// workout action should show default blocks
switch ($actions) {
// all others remove from left side
case 'none':
case 'show':
case 'media_reload':
case 'media_create':
case 'media_upload':
case 'media_delete':
case 'save_media_rename':
$tpl->set_block('main_block', 'media_create_block', 'media_create');
if ($admin->get_permission('media_create') != true || $full_home_folder_access == false) {
$tpl->set_var('DISPLAY_CREATE', 'hide');
$tpl->set_block('media_create', '');
} else {
$tpl->set_var(array('DISPLAY_CREATE' => '', 'MAX_UPLOADS' => $maxUploadFiles, 'ALLOW_EXTS' => RENAME_FILES_ON_UPLOAD));
$tpl->parse('media_create', 'media_create_block', true);
}
$tpl->set_block('main_block', 'input_upload_block', 'input_upload');
for ($x = 0; $x <= $maxUploadFiles; $x++) {
$tpl->parse('input_upload', 'input_upload_block', true);
}
$tpl->set_block('main_block', 'media_upload_block', 'media_upload');
if ($admin->get_permission('media_upload') != true || $full_home_folder_access == false) {
$tpl->set_var('DISPLAY_UPLOAD', 'hide');
$tpl->set_block('media_upload', '');
} else {
$tpl->set_var(array('DISPLAY_UPLOAD' => ''));
$tpl->parse('media_upload', 'media_upload_block', true);
}
break;
default:
// all the other action has to hide the blocks
$tpl->set_block('main_block', 'media_create_block', 'media_create');
$tpl->set_var('DISPLAY_CREATE', 'hide');
$tpl->parse('media_create', '');
$tpl->set_block('main_block', 'media_upload_block', 'media_upload');
$tpl->set_var('DISPLAY_UPLOAD', 'hide');
$tpl->parse('media_upload', '');
break;
}
// END workout main_wrapper
// Now prepare and parse values for the wrapper template show modus
switch ($actions) {
case 'none':
case 'show':
case 'media_reload':
case 'media_create':
case 'media_upload':
case 'media_delete':
case 'save_media_rename':
$tpl->loadfile('browse');
$tpl->set_block('main_block', 'main_wrapper_block', 'browse');
// Workout the parent dir link PARENT_PATH
//$parent_path = !empty($directory) ? dirname($directory) : $directory;
if (!empty($directory)) {
if (HOME_FOLDERS && !empty($_SESSION['HOME_FOLDER'])) {
$parent_path = $_SESSION['HOME_FOLDER'];
} else {
$parent_path = dirname($directory);
}
} else {
$parent_path = $directory;
}
// $parent_dir_link = ADMIN_URL.'/media/index.php?dir='.$directory.'&up=1';
$parent_dir_link = 1;
// Workout if the up arrow should be shown
$display_up_arrow = '';
// $display_up_arrow = (($directory == '') || ($directory == $currentHome)) ? 'hide' : '';
// Insert header info values main_wrapper_block
$tpl->set_var(array('THEME_URL' => THEME_URL, 'ROOT_DIRECTORY' => MEDIA_DIRECTORY, 'MEDIA_DIRECTORY' => MEDIA_DIRECTORY, 'CURRENT_PATH' => $directory, 'PARENT_DIR_LINK' => $parent_dir_link, 'PARENT_PATH' => $parent_path));
$tpl->set_block('browse', 'up_link_block', 'up_link');
if (!empty($directory) && $directory != $parent_path) {
// show only if parent <> directory
$tpl->set_var(array('PARENT_DIR_LINK' => $parent_dir_link, 'TEXT_UP' => $TEXT['UP'], 'DISPLAY_UP_ARROW' => ''));
$tpl->parse('up_link', 'up_link_block', true);
} else {
$tpl->set_block('up_link', '');
$tpl->set_var(array('UP_LINK_COL' => ' display_up_arrow', 'TEXT_UP' => $TEXT['UP'], 'DISPLAY_UP_ARROW' => ' display_up_arrow'));
}
// now set the dirs and files file_list_block and permissions
$tpl->set_block('browse', 'file_list_block', 'file_list');
$tpl->set_block('file_list', 'media_rename_block', 'media_rename');
$tpl->set_block('file_list', 'media_delete_block', 'media_delete');
// get dirs and files in currentDir
$FILE = scan_current_dir(LEPTON_PATH . MEDIA_DIRECTORY . '/' . $directory);
$temp_id = 0;
$line = $row_id = 1;
if (count($FILE['path']) > 0) {
foreach ($FILE['path'] as $name) {
$temp_id++;
$link_name = str_replace(' ', '%20', $name);
$tpl->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $temp_id, 'LINK' => 'index.php?dir=' . $directory . '/' . $link_name, 'LINK_RELATION' => '', 'ROW_ID' => $line++ & 1, 'FT_ICON' => THEME_URL . '/images/folder_16.png', 'FILETYPE_ICON' => THEME_URL . '/images/folder_16.png', 'FILETYPE' => 'dir', 'FILENAME' => '/' . addslashes($name), 'LINK_TARGET' => '_self', 'ENABLE_OVERLIB' => '', 'EXTENSION' => '', 'MOUSEOVER' => '', 'CLASS_PREVIEW' => '', 'IMAGEDETAIL' => '', 'DISPLAY_ICON' => '', 'SIZE' => '', 'DATE' => '', 'PREVIEW' => '', 'LINK_PATH' => $directory . '/' . $link_name, 'MEDIA_PATH' => MEDIA_DIRECTORY));
$tpl->parse('file_list', 'file_list_block', true);
}
}
// now set the files file_list_block and permissions
if (count($FILE['filename']) > 0) {
// convert to correct searchpattern
$allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD);
foreach ($FILE['filename'] as $name) {
$preview = 'preview';
if (!preg_match("/\\." . $allowed_file_types . "\$/i", $name)) {
$preview = '';
continue;
}
$temp_id++;
$overlib = preg_match("/\\." . $allowed_img_types . "\$/i", $name) ? ' overlib' : '';
if ($preview) {
$filetype = get_filetype(LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name);
$size = filesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name);
$bytes = byte_convert($size);
$fdate = filemtime(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name);
$date = date(DATE_FORMAT . ' ' . TIME_FORMAT, $fdate);
$filetypeicon = get_filetype_icon(LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name);
$tooltip = '';
$imgdetail = $bytes;
$icon = THEME_URL . '/images/files/unknown.png';
if (!$pathsettings['global']['show_thumbs']) {
$info = @getimagesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name);
if ($info[0]) {
$imgdetail = fsize(filesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name)) . '<br /> ' . $info[0] . ' x ' . $info[1] . ' px';
$icon = 'thumb.php?t=1&img=' . $directory . '/' . $name;
$tooltip = ShowTip('thumb.php?t=2&img=' . $directory . '/' . $name, $allowed_img_types);
} else {
$icon = THEME_URL . '/images/files/' . $filetypeicon . '.png';
}
} else {
$filetypeicon = get_filetype_icon(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name);
$icon = THEME_URL . '/images/files/' . $filetypeicon . '.png';
}
$tpl->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $temp_id, 'LINK' => LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name, 'LINK_RELATION' => '', 'ROW_ID' => $line++ & 1, 'FT_ICON' => $icon, 'FILETYPE_ICON' => THEME_URL . '/images/files/' . $filetypeicon . '.png', 'FILENAME' => addslashes($name), 'LINK_TARGET' => '_top', 'ENABLE_OVERLIB' => $overlib, 'FILETYPE' => 'file', 'EXTENSION' => $filetype, 'MOUSEOVER' => $tooltip, 'CLASS_PREVIEW' => '', 'IMAGEDETAIL' => $imgdetail, 'DISPLAY_ICON' => '', 'SIZE' => $bytes, 'DATE' => $date, 'PREVIEW' => $preview));
$tpl->parse('file_list', 'file_list_block', true);
}
}
}
$tpl->set_var(array('TEXT_CURRENT_FOLDER' => $TEXT['CURRENT_FOLDER'], 'TEXT_RELOAD' => $TEXT['RELOAD'], 'TEXT_RENAME' => $TEXT['RENAME'], 'TEXT_DELETE' => $TEXT['DELETE'], 'TEXT_SIZE' => $TEXT['SIZE'], 'TEXT_DATE' => $TEXT['DATE'], 'TEXT_NAME' => $TEXT['NAME'], 'TEXT_TYPE' => $TEXT['TYPE'], 'MEDIA_BROWSE' => '', 'NONE_FOUND' => $MESSAGE['MEDIA_NONE_FOUND'], 'CHANGE_SETTINGS' => $TEXT['MODIFY_SETTINGS'], 'CONFIRM_DELETE' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE']), 'CONFIRM_DELETE_FILE' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE_FILE']), 'CONFIRM_DELETE_DIR' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE_DIR'])));
// If no files are in the media folder say so
if ($temp_id == 0) {
$tpl->set_var('DISPLAY_LIST_TABLE', ' hide');
$tpl->set_var('DISPLAY_NONE_FOUND', ' center');
$tpl->set_var("file_list_block", "<tr><td></td></tr>");
$tpl->parse('file_list', 'file_list_block', true);
} else {
$tpl->set_var('DISPLAY_LIST_TABLE', '');
$tpl->set_var('DISPLAY_NONE_FOUND', ' hide');
}
$tpl->set_block('file_list', 'media_rename_block', 'media_rename');
$tpl->set_block('file_list', 'media_delete_block', 'media_delete');
// Insert permissions values
if ($admin->get_permission('media_rename') != true || $full_home_folder_access == false) {
$tpl->set_var('DISPLAY_RENAME', 'hide');
$tpl->set_var('RENHAME_CONTENT', '');
$tpl->parse('media_rename', '');
} else {
$tpl->set_var('RENHAME_CONTENT', '');
$tpl->parse('media_rename', 'media_rename_block', true);
}
if ($admin->get_permission('media_delete') != true || $full_home_folder_access == false) {
$tpl->set_var('DISPLAY_DELETE', 'hide');
$tpl->set_var('DELETE_CONTENT', '');
$tpl->parse('media_delete', '');
} else {
$tpl->set_var('DELETE_CONTENT', '');
$tpl->parse('media_delete', 'media_delete_block', true);
}
break;
}
// begin with save modus actions
switch ($actions) {
// save actions
case 'save_media_settings':
if (($x = save_media_settings($pathsettings)) == 0) {
$admin->print_error($MESSAGE['SETTINGS_UNABLE_WRITE_CONFIG'], $backlink);
} else {
$admin->print_success($MESSAGE['SETTINGS_SAVED'], $backlink);
}
break;
case 'save_media_rename':
$ext = trim(stripslashes($admin->get_post('extension')));
$ext = empty($ext) ? '' : '.' . $ext;
$old_file = media_filename(trim(stripslashes($admin->get_post('old_name')))) . $ext;
$rename_file = media_filename(trim(stripslashes($admin->get_post('name')))) . $ext;
$type = trim(stripslashes($admin->get_post('filetype')));
// perhaps change dots in underscore by tpye = directory
$rename_file = trim($rename_file, '.');
$old_file = LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $old_file;
$rename_file = LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $rename_file;
if ($type == 'dir') {
$rename_file = str_replace('.', '_', $rename_file);
} elseif (!preg_match("/\\." . $allowed_file_types . "\$/i", $rename_file)) {
$admin->print_error($TEXT['EXTENSION'] . ': ' . $MESSAGE['GENERIC_INVALID'], $backlink);
}
if (rename($old_file, $rename_file)) {
$admin->print_success($MESSAGE['MEDIA_RENAMED'], $backlink);
} else {
$admin->print_error($MESSAGE['MEDIA_CANNOT_RENAME'], $backlink);
}
break;
}
// mask input modus
switch ($actions) {
case 'media_rename':
clearstatcache();
$rename_file = media_filename(trim(stripslashes($admin->get_post('filename'))));
$ext = trim(stripslashes($admin->get_post('fileext')));
$type = trim(stripslashes($admin->get_post('filetype')));
$rename_file = basename($rename_file);
$tpl->loadfile('rename');
$tpl->set_block('main_block', 'main_wrapper_block', 'rename');
// false | true
$tpl->debug = false;
$tpl->set_var(array('THEME_URL' => THEME_URL, 'TEXT_CURRENT_FOLDER' => $TEXT['CURRENT_FOLDER'], 'FILENAME' => $rename_file, 'BASENAME' => trim(str_replace($ext, '', basename($rename_file)), '.'), 'ROOT_DIRECTORY' => MEDIA_DIRECTORY, 'DISPLAY_UP_ARROW' => ' display_up_arrow', 'CURRENT_PATH' => $directory, 'DIR' => $directory, 'FILE_TYPE' => $type, 'EXTENSION' => '.' . ltrim($ext, '.'), 'FILE_EXT' => ltrim($ext, '.'), 'TEXT_OVERWRITE_EXIST' => $TEXT['OVERWRITE_EXISTING'], 'TEXT_TO' => '', 'MEDIA_BROWSE' => '', 'TEXT_RENAME' => $TEXT['RENAME'], 'TEXT_CANCEL' => $TEXT['CANCEL']));
$tpl->parse('rename', 'main_wrapper_block', true);
break;
case 'media_settings':
// load template language file
$lang = THEME_PATH . '/languages/' . LANGUAGE . '.php';
include_once !file_exists($lang) ? THEME_PATH . '/languages/EN.php' : $lang;
$tpl->loadfile('settings');
$tpl->set_block('main_block', 'main_wrapper_block', 'settings');
// false | true
$tpl->debug = false;
$admin_only = isset($pathsettings['global']['admin_only']) && $pathsettings['global']['admin_only'] == true ? ' checked="checked"' : '';
$show_thumbs = isset($pathsettings['global']['show_thumbs']) && $pathsettings['global']['show_thumbs'] == true ? ' checked="checked"' : '';
$tpl->set_var(array('TEXT_HEADER' => $TEXT['TEXT_HEADER'], 'SAVE_TEXT' => $TEXT['SAVE'], 'CANCEL' => $TEXT['CANCEL'], 'RESET' => $TEXT['RESET'], 'NO_SHOW_THUMBS' => $TEXT['NO_SHOW_THUMBS'], 'MEDIA_BROWSE' => '', 'ADMIN_ONLY' => $TEXT['ADMIN_ONLY'], 'SETTINGS' => $TEXT['SETTINGS'], 'CURRENT_PATH' => $directory, 'ADMIN_URL' => ADMIN_URL, 'WIDTH' => $TEXT['WIDTH'], 'HEIGHT' => $TEXT['HEIGHT'], 'ADMIN_ONLY_SELECTED' => $admin_only, 'NO_SHOW_THUMBS_SELECTED' => $show_thumbs, 'NONE_FOUND' => '', 'DISPLAY_NONE' => ''));
// Get dirs in currentDir
$dirs = array();
$skip = LEPTON_PATH;
directory_list(LEPTON_PATH . MEDIA_DIRECTORY, false, 0, $dirs, $skip);
$line = $row_id = 1;
$tpl->set_block('settings', 'dir_settings_block', 'dir_settings');
if (isset($dirs)) {
$good_dirs = 0;
$dir_filter = MEDIA_DIRECTORY . $directory;
$parent = substr_count($dir_filter, '/') + 1;
$dir_filter = str_replace(array('/', ' '), '_', $dir_filter);
foreach ($dirs as $name) {
$relative = $name;
// str_replace(LEPTON_PATH, '', $name);
$subparent = substr_count($relative, '/') + 1;
$safepath = str_replace(array('/', ' '), '_', $relative);
$continue = strlen(str_replace($safepath, '', $dir_filter));
// if( (substr_count($safepath,$dir_filter) == 0) || ( $dir_filter == $safepath ) )
if ($parent != $subparent - 1 || substr_count($safepath, $dir_filter) == 0 || $dir_filter == $safepath) {
continue;
}
$good_dirs++;
$cur_width = $cur_height = '';
if (isset($pathsettings[$safepath]['width'])) {
$cur_width = $pathsettings[$safepath]['width'];
}
if (isset($pathsettings[$safepath]['height'])) {
$cur_height = $pathsettings[$safepath]['height'];
}
$cur_width = $cur_width != 0 ? (int) $cur_width : '-';
$cur_height = $cur_height != 0 ? (int) $cur_height : '-';
$tpl->set_var(array('PATH_NAME' => basename($relative), 'FIELD_NAME' => $safepath, 'CUR_WIDTH' => $cur_width, 'CUR_HEIGHT' => $cur_height, 'ROW_ID' => $line++ & 1));
$tpl->parse('dir_settings', 'dir_settings_block', true);
}
if ($good_dirs == 0) {
$tpl->set_var(array('PATH_NAME' => '', 'FIELD_NAME' => '', 'CUR_WIDTH' => '', 'CUR_HEIGHT' => '', 'ROW_ID' => '', 'DISPLAY_NONE' => ' hide'));
$tpl->parse('dir_settings', 'dir_settings_block', true);
$tpl->set_var('NONE_FOUND', $MESSAGE['MEDIA_NONE_FOUND']);
$tpl->parse('settings', 'dir_settings_block', true);
}
} else {
$tpl->set_var('NONE_FOUND', $MESSAGE['MEDIA_NONE_FOUND']);
$tpl->parse('settings', 'dir_settings_block', true);
}
break;
}
// normal actions
switch ($actions) {
case 'media_upload':
$target_path = str_replace('\\', '/', LEPTON_PATH . MEDIA_DIRECTORY . $directory);
// Create relative path of the new dir name
$resizepath = MEDIA_DIRECTORY . $directory;
$resizepath = str_replace(array('/', ' '), '_', $resizepath);
// Find out whether we should replace files or give an error
$overwrite = $admin->get_post('overwrite') != '' ? true : false;
// convert to correct searchpattern
$allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD);
$good_uploads = 0;
// If the user chose to unzip the first file, unzip into the current folder
if (isset($_POST['unzip']) && $_POST['unzip'] == true) {
// include_once(get_include('thumb.php'));
if (isset($_FILES['upload']['error'][0]) && $_FILES['upload']['error'][0] == UPLOAD_ERR_OK) {
$src_file = isset($_FILES['upload']['name'][0]) ? $_FILES['upload']['name'][0] : null;
if ($src_file && preg_match('/\\.zip$/i', $src_file)) {
/*
* Callback function to skip files not in white-list
*/
function pclzipCheckValidFile($p_event, &$p_header)
{
// return 1;
$allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD);
$info = pathinfo($p_header['filename']);
$ext = isset($info['extension']) ? $info['extension'] : '';
$dots = substr($info['basename'], 0, 1) == '.' || substr($info['basename'], -1, 1) == '.';
if (preg_match('/' . $allowed_file_types . '$/i', $ext) && $dots != '.') {
// ----- allowed file types are extracted
return 1;
} else {
// ----- all other files are skiped
return 0;
}
}
/* ********************************* */
require_once get_include(LEPTON_PATH . '/modules/lib_lepton/pclzip/pclzip.lib.php');
$archive = new PclZip($_FILES['upload']['tmp_name'][0]);
$list = $archive->extract(PCLZIP_OPT_PATH, $target_path, PCLZIP_CB_PRE_EXTRACT, 'pclzipCheckValidFile');
$good_uploads = sizeof($list);
if ($archive->error_code != 0) {
$admin->print_error('UNABLE TO UNZIP FILE' . ' :: ' . $archive->errorInfo(true), $backlink);
}
}
}
} else {
// proceed normal multi-upload
$file_count = sizeof($_FILES['upload']['error']);
for ($x = 0; $x < $file_count; $x++) {
// If file was upload to tmp
if (isset($_FILES['upload']['name'][$x])) {
// Remove bad characters
$filename = media_filename($_FILES['upload']['name'][$x]);
// Check if there is still a filename left and allowed filetyp
if ($filename != '' && preg_match("/\\." . $allowed_file_types . "\$/i", $filename)) {
// Move to relative path (in media folder)
if (file_exists($target_path . '/' . $filename) && $overwrite === true) {
if (move_uploaded_file($_FILES['upload']['tmp_name'][$x], $target_path . '/' . $filename)) {
$good_uploads++;
// Chmod the uploaded file
change_mode($target_path . '/' . $filename, 'file');
}
} elseif (!file_exists($target_path . '/' . $filename)) {
if (move_uploaded_file($_FILES['upload']['tmp_name'][$x], $target_path . '/' . $filename)) {
$good_uploads++;
// Chmod the uploaded file
change_mode($target_path . '/' . $filename);
}
}
if (file_exists($target_path . '/' . $filename) && preg_match("/\\." . $allowed_img_types . "\$/i", $filename)) {
if (isset($pathsettings[$resizepath])) {
include_once get_include(ADMIN_PATH . '/media/resize_img.php');
if ($pathsettings[$resizepath]['width'] || $pathsettings[$resizepath]['height']) {
$rimg = new RESIZEIMAGE($target_path . '/' . $filename);
$rimg->resize_limitwh($pathsettings[$resizepath]['width'], $pathsettings[$resizepath]['height'], $target_path . '/' . $filename);
$rimg->close();
}
}
}
// store file name of first file for possible unzip action
if ($x == 1) {
$filename1 = $target_path . '/' . $filename;
}
}
}
}
}
if (isset($_POST['delzip'])) {
if (file_exists($filename1)) {
unlink($filename1);
}
}
if ($good_uploads == 1) {
$admin->print_success($good_uploads . ' ' . $MESSAGE['MEDIA_SINGLE_UPLOADED'], $backlink);
} else {
$admin->print_success($good_uploads . ' ' . $MESSAGE['MEDIA_UPLOADED'], $backlink);
}
break;
case 'media_create':
// $directory = rawurldecode(trim(stripslashes($admin->get_post('current_dir'))));
// Remove bad characters from user folder name
$target = $admin->get_post('target') != null ? media_filename(trim(stripslashes($admin->get_post('target')))) : $current_dir;
$userPath = LEPTON_PATH . MEDIA_DIRECTORY;
$err_msg = array();
if ($target == null || $target == $current_dir) {
$err_msg[] = $MESSAGE['MEDIA_BLANK_NAME'];
} else {
// Try and make the dir
$target = trim($target, '.');
$dirname = $userPath . $current_dir . '/' . $target;
if (file_exists($dirname)) {
$err_msg[] = $MESSAGE['MEDIA_DIR_EXISTS'];
} else {
if (make_dir($dirname)) {
change_mode($dirname);
if (is_writable($dirname)) {
// Create default "index.php" file
$rel_pages_dir = str_replace(LEPTON_PATH . MEDIA_DIRECTORY, '', dirname($dirname));
$step_back = str_repeat('../', substr_count($rel_pages_dir, '/') + 1);
$content = '<?php' . "\n";
$content .= '// This file is generated by LEPTON Ver.' . VERSION . ';' . "\n";
$content .= "\t" . 'header(\'Location: ' . $step_back . 'index.php\');' . "\n";
$content .= '?>';
$filename = $dirname . '/index.php';
// write content into file
$handle = fopen($filename, 'w');
fwrite($handle, $content);
fclose($handle);
change_mode($filename, 'file');
} else {
$err_msg[] = $MESSAGE['GENERIC_BAD_PERMISSIONS'];
}
} else {
$err_msg[] = $MESSAGE['GENERIC_BAD_PERMISSIONS'];
}
}
}
if (sizeof($err_msg) > 0) {
$admin->print_error(implode('<br />', $err_msg));
} else {
$admin->print_success($MESSAGE['MEDIA_DIR_MADE'], $backlink);
}
break;
case 'media_delete':
$filetype = isset($_POST['filetype']) ? trim(stripslashes($admin->get_post('filetype'))) : '';
$filename = isset($_POST['filename']) ? trim(stripslashes($admin->get_post('filename'))) : '';
$relative_path = LEPTON_PATH . MEDIA_DIRECTORY . $directory;
// Find out whether its a file or folder
if ($filetype == 'dir') {
// Try and delete the directory
if (rm_full_dir($relative_path . '/' . $filename)) {
$admin->print_success($MESSAGE['MEDIA_DELETED_DIR'], $backlink);
} else {
$admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_DIR'], $backlink);
}
} elseif ($filetype == 'file') {
// Try and delete the file
if (unlink($relative_path . '/' . $filename)) {
$admin->print_success($MESSAGE['MEDIA_DELETED_FILE'], $backlink);
} else {
$admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_FILE'], $backlink);
}
} else {
$admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_FILE'], $backlink);
}
break;
}
// Parse template for preferences form
$tpl->parse('main', 'main_wrapper_block', false);
$tpl->parse('main', 'main_block', false);
$output = $tpl->finish($tpl->parse('output', 'page'));
return $output;
}
function validateMessage($message, $image, $type, $value, $privacy)
{
// If message is longer than admitted
if (strlen($message) > $this->message_length) {
$error = array('message_too_long', $this->message_length);
}
// Define the switch variable
$x = 0;
if ($image['name'][0]) {
// Set the variable value to 1 if at least one image name exists
$x = 1;
}
if ($x == 1) {
// If the user selects more images than allowed
if (count($image['name']) > $this->max_images) {
$error = array('too_many_images', count($image['name']), $this->max_images);
} else {
// Define the array which holds the value names
$value = array();
$tmp_value = array();
foreach ($image['error'] as $key => $error) {
$allowedExt = explode(',', $this->image_format);
$ext = pathinfo($image['name'][$key], PATHINFO_EXTENSION);
if (!empty($image['size'][$key]) && $image['size'][$key] > $this->max_size) {
$error = array('file_too_big', fsize($this->max_size), $image['name'][$key]);
// Error Code #004
break;
} elseif (!empty($ext) && !in_array(strtolower($ext), $allowedExt)) {
$error = array('format_not_exist', $this->image_format, $image['name'][$key]);
// Error Code #005
break;
} else {
if (isset($image['name'][$key]) && $image['name'][$key] !== '' && $image['size'][$key] > 0) {
$rand = mt_rand();
$tmp_name = $image['tmp_name'][$key];
$name = pathinfo($image['name'][$key], PATHINFO_FILENAME);
$fullname = $image['name'][$key];
$size = $image['size'][$key];
$ext = pathinfo($image['name'][$key], PATHINFO_EXTENSION);
// $finalName = str_replace(',', '', $rand.'.'.$this->db->real_escape_string($name).'.'.$this->db->real_escape_string($ext));
$finalName = mt_rand() . '_' . mt_rand() . '_' . mt_rand() . '.' . $this->db->real_escape_string($ext);
// Define the type for picture
$type = 'picture';
// Store the values into arrays
$tmp_value[] = $tmp_name;
$value[] = $finalName;
}
}
}
if (empty($error)) {
foreach ($value as $key => $finalName) {
move_uploaded_file($tmp_value[$key], '../uploads/media/' . $finalName);
}
}
// Implode the values
$value = implode(',', $value);
}
} else {
// Allowed types of evenets
$allowedType = array('map', 'game', 'video', 'food', 'visited', 'movie', 'music');
// If the user doesn't select any event, at all.
if (empty($type)) {
// Empty the type & value
$type = '';
$value = '';
} else {
// Verify if the event exist
if (in_array($type, $allowedType)) {
if ($type == 'video') {
if (substr($value, 0, 20) == "https://youtube.com/" || substr($value, 0, 24) == "https://www.youtube.com/" || substr($value, 0, 16) == "www.youtube.com/" || substr($value, 0, 12) == "youtube.com/" || substr($value, 0, 19) == "http://youtube.com/" || substr($value, 0, 23) == "http://www.youtube.com/" || substr($value, 0, 16) == "http://youtu.be/") {
parse_str(parse_url($value, PHP_URL_QUERY), $my_array_of_vars);
if (substr($value, 0, 16) == 'http://youtu.be/') {
$value = str_replace('http://youtu.be/', 'yt:', $value);
} else {
$value = 'yt:' . $my_array_of_vars['v'];
}
} elseif (substr($value, 0, 17) == "http://vimeo.com/" || substr($value, 0, 21) == "http://www.vimeo.com/" || substr($value, 0, 18) == "https://vimeo.com/" || substr($value, 0, 22) == "https://www.vimeo.com/" || substr($value, 0, 14) == "www.vimeo.com/" || substr($value, 0, 10) == "vimeo.com/") {
$value = 'vm:' . (int) substr(parse_url($value, PHP_URL_PATH), 1);
}
} elseif ($type == 'music') {
if (substr($value, 0, 23) == "https://soundcloud.com/" || substr($value, 0, 27) == "https://www.soundcloud.com/" || substr($value, 0, 22) == "http://soundcloud.com/" || substr($value, 0, 22) == "http://www.soundcloud.com/" || substr($value, 0, 15) == "soundcloud.com/" || substr($value, 0, 19) == "www.soundcloud.com/") {
$value = 'sc:' . parse_url($value, PHP_URL_PATH);
}
}
} else {
$error = array('event_not_exist');
// Error Code #002
}
}
}
// Allowed types of privacy
$allowedPrivacy = array(0, 1);
if (!in_array($privacy, $allowedPrivacy)) {
$error = array('privacy_no_exist');
// Error Code #003
}
# #001 - The message is empty
# #002 - The event does not exist
# #003 - The privacy value is not valid
# #004 - The selected file is too big
# #005 - The selected file's format is invalid
if ($error) {
// Return an error
return array('1', $error);
} else {
// Escape thge message and trim it to remove any extra white spaces or consecutive new lines
$message = $this->db->real_escape_string(htmlspecialchars(trim(nl2clean($message))));
// Match the hashtags
preg_match_all('/(#\\w+)/u', str_replace(array('\\r', '\\n'), ' ', $message), $matchedHashtags);
// For each hashtag, strip the '#' tag and add a comma after it
if (!empty($matchedHashtags[0])) {
foreach ($matchedHashtags[0] as $match) {
$hashtag .= str_replace('#', '', $match) . ',';
}
}
// Create the query
// Add the insert message
$query = sprintf("INSERT INTO `messages` (`uid`, `message`, `tag`, `type`, `value`, `time`, `public`) VALUES ('%s', '%s', '%s', '%s', '%s', CURRENT_TIMESTAMP, '%s')", $this->db->real_escape_string($this->id), $message, $hashtag, $this->db->real_escape_string($type), $this->db->real_escape_string(strip_tags($value)), $this->db->real_escape_string($privacy));
return array('0', $query);
}
}
function fsize($file)
{
$size = 0;
$range = array(' B', ' Ko', ' Mo', ' Go');
if (is_dir($file)) {
if ($dh = opendir($file)) {
while (($filecnt = readdir($dh)) !== false) {
if ($filecnt == "." || $filecnt == "..") {
continue;
}
if (is_dir($file . "/" . $filecnt)) {
$size += fsize($file . "/" . $filecnt);
} else {
$size += filesize($file . "/" . $filecnt);
}
echo "\n{$file}/{$filecnt}";
}
closedir($dh);
} else {
return false;
}
} else {
$size = filesize($file);
}
for ($i = 0; $size >= 1024 && $i < count($range); $i++) {
$size /= 1024;
}
return round($size, 2) . $range[$i];
}
color: <? echo $a_menu; ?>;
}
a.menustyle:visited {
color: <? echo $a_menu; ?>;
}
a.menustyle:hover {
color: <? echo $a_menu_hover; ?>;
}
a.menustyle:active {
color: <? echo $a_menu_hover; ?>;
}
/*=========================================================*/
.normallink {
font-family: Arial,Helvetica,sans-serif;
font-size: <? fsize() ?>;
text-decoration: none;
}
a.normallink:link {
color: <? echo $a_normal; ?>;
}
a.normallink:visited {
color: <? echo $a_normal; ?>;
}
a.normallink:hover {
color: <? echo $a_normal_hover; ?>;
}
a.normallink:active {
color: <? echo $a_normal_hover; ?>;
}
$filetypeicon = get_filetype_icon(WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name);
$filetype = get_filetype(WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name);
if (in_array($filetype, $filepreview)) {
$preview = 'preview';
} else {
$preview = '';
}
$temp_id++;
$imgdetail = '';
// $icon = THEME_URL.'/images/blank_16.gif';
$icon = '';
$tooltip = '';
if (!$pathsettings['global']['show_thumbs']) {
$info = getimagesize(WB_PATH . MEDIA_DIRECTORY . $directory . '/' . $name);
if ($info[0]) {
$imgdetail = fsize(filesize(WB_PATH . MEDIA_DIRECTORY . $directory . '/' . $name)) . '<br /> ' . $info[0] . ' x ' . $info[1] . ' px';
$icon = 'thumb.php?t=1&img=' . $directory . '/' . $name;
$tooltip = ShowTip('thumb.php?t=2&img=' . $directory . '/' . $name);
}
}
$filetype_url = THEME_URL . '/images/files/' . $filetypeicon . '.png';
$template->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $admin->getIDKEY($temp_id), 'LINK' => WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name, 'LINK_TARGET' => '_blank', 'ROW_BG_COLOR' => $row_bg_color, 'FT_ICON' => empty($icon) ? $filetype_url : $icon, 'FILETYPE_ICON' => $filetype_url, 'MOUSEOVER' => $tooltip, 'IMAGEDETAIL' => $imgdetail, 'SIZE' => $bytes, 'DATE' => $date, 'PREVIEW' => $preview, 'IMAGE_TITLE' => $name, 'IMAGE_EXIST' => 'blank_16.gif'));
$template->parse('list', 'list_block', true);
// Code to alternate row colors
if ($row_bg_color == 'FFF') {
$row_bg_color = 'ECF1F3';
} else {
$row_bg_color = 'FFF';
}
}
}
function PageMain()
{
global $TMPL, $LNG, $CONF, $db, $loggedIn, $settings;
if (!$settings['paypalapp']) {
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) {
$verify = $loggedIn->verify();
if (empty($verify['username'])) {
// If fake cookies are set, or they are set wrong, delete everything and redirect to home-page
$loggedIn->logOut();
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
}
// Start the music feed
$feed = new feed();
$feed->db = $db;
$feed->url = $CONF['url'];
$feed->user = $verify;
$feed->id = $verify['idu'];
$feed->username = $verify['username'];
$proAccount = $feed->getProStatus($feed->id, 0);
$TMPL_old = $TMPL;
$TMPL = array();
// Get the PayPal settings
$PayPalMode = $settings['paypalsand'] ? '.sandbox' : '';
// Decide whether whether the request is for sandbox or live
$PayPalCurrencyCode = $settings['currency'];
// Paypal Currency Code
$PayPalReturnURL = $CONF['url'] . '/index.php?a=pro&type=successful';
//Point to process.php page
$PayPalCancelURL = $CONF['url'] . '/index.php?a=pro&type=canceled';
// Canceling URL if user clicks cancel
$paypal = new paypalApi();
$paypal->username = $settings['paypaluser'];
// PayPal API Username
$paypal->password = $settings['paypalpass'];
// Paypal API password
$paypal->signature = $settings['paypalsign'];
// Paypal API Signature
$skin = new skin('pro/gopro');
$rows = '';
// If the user is logged-in
if ($feed->id) {
if (isset($_POST['plan']) && !$proAccount) {
$ItemName = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
//Item Name
$ItemPrice = $_POST["plan"] == 1 ? $settings['proyear'] : $settings['promonth'];
//Item Price
$ItemNumber = $_POST["plan"] == 1 ? md5(1) : md5(0);
//Item Number
$ItemDesc = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
//Item Number
$ItemQty = 1;
// Item Quantity
$ItemTotalPrice = $ItemPrice * $ItemQty;
//(Item Price x Quantity = Total) Get total amount of product;
// Parameters for SetExpressCheckout, which will be sent to PayPal
$params = array('METHOD' => 'SetExpressCheckout', 'RETURNURL' => $PayPalReturnURL, 'CANCELURL' => $PayPalCancelURL, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'SALE', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'NOSHIPPING' => 0, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly', 'LOCALECODE' => 'US', 'LOGOIMG' => $CONF['url'] . '/' . $CONF['theme_url'] . '/images/logo_black.png', 'CARTBORDERCOLOR' => 'FFFFFF', 'ALLOWNOTE' => 0);
// Store the selected plan
$_SESSION['SelectedPlan'] = $_POST['plan'];
$_SESSION['ItemName'] = $ItemName;
//Item Name
$_SESSION['ItemPrice'] = $ItemPrice;
//Item Price
$_SESSION['ItemNumber'] = $ItemNumber;
//Item Number
$_SESSION['ItemDesc'] = $ItemDesc;
//Item Number
$_SESSION['ItemQty'] = $ItemQty;
// Item Quantity
$_SESSION['ItemTotalPrice'] = $ItemTotalPrice;
//(Item Price x Quantity = Total) Get total amount of product;
// Execute SetExpressCheckOut method to create the payment token and PayerID
$paypalResponse = $paypal->post('SetExpressCheckout', $params, $PayPalMode);
//Respond according to message we receive from Paypal
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
// Generat the PayPal payment url with the response Token
$paypalurl = 'https://www' . $PayPalMode . '.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $paypalResponse["TOKEN"] . '';
// Redirect to PayPal payment page
header('Location: ' . $paypalurl);
} else {
// If the payment is not successful
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} elseif ($_GET['type'] == 'canceled' && !$proAccount) {
// If the payment has been canceled
$TMPL['error'] = notificationBox('error', $LNG['payment_error_1']);
} elseif ($_GET['type'] == 'successful' && !$proAccount) {
$skin = new skin('pro/gopro');
$rows = '';
// If the token and PayerID has been returned by the Return URL
if (isset($_GET["token"]) && isset($_GET["PayerID"])) {
$token = $_GET["token"];
$payer_id = $_GET["PayerID"];
// Get the selected plan
$ItemName = $_SESSION['ItemName'];
//Item Name
$ItemPrice = $_SESSION['ItemPrice'];
//Item Price
$ItemNumber = $_SESSION['ItemNumber'];
//Item Number
$ItemDesc = $_SESSION['ItemDesc'];
//Item Number
$ItemQty = $_SESSION['ItemQty'];
// Item Quantity
$ItemTotalPrice = $_SESSION['ItemTotalPrice'];
$params = array('TOKEN' => $token, 'PAYERID' => $payer_id, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'Sale', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly');
// Execute DoExpressCheckoutPayment to receive the payment from the user
$paypalResponse = $paypal->post('DoExpressCheckoutPayment', $params, $PayPalMode);
// Check if the payment was successful
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
// Verify if the payment is Completed
if ($paypalResponse["PAYMENTINFO_0_PAYMENTSTATUS"] == 'Completed') {
// Execute GetExpressCheckoutDetails to retrieve the transaction details
$params = array('TOKEN' => $token);
$paypalResponse = $paypal->post('GetExpressCheckoutDetails', $params, $PayPalMode);
// If the GetExpressCheckoutDetails was successful
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
$date = date("Y-m-d H:m:s", strtotime($_SESSION['SelectedPlan'] == 1 ? "+1 year" : "+1 month"));
$stmt = $db->prepare(sprintf("INSERT INTO `payments`\n\t\t\t\t\t\t\t\t(`by`, `payer_id`, `payer_first_name`, `payer_last_name`, `payer_email`, `payer_country`, `txn_id`, `amount`, `currency`, `type`, `status`, `valid`, `time`) VALUES \n\t\t\t\t\t\t\t\t('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s', '%s', '%s', '%s')", $db->real_escape_string($feed->id), $db->real_escape_string($paypalResponse['PAYERID']), $db->real_escape_string($paypalResponse['FIRSTNAME']), $db->real_escape_string($paypalResponse['LASTNAME']), $db->real_escape_string($paypalResponse['EMAIL']), $db->real_escape_string($paypalResponse['SHIPTOCOUNTRYNAME']), $db->real_escape_string($paypalResponse['PAYMENTREQUEST_0_TRANSACTIONID']), $db->real_escape_string($paypalResponse['AMT']), $settings['currency'], $_SESSION['SelectedPlan'], 1, $date, date("Y-m-d H:m:s")));
// Execute the statement
$stmt->execute();
// Check the affected rows
$affected = $stmt->affected_rows;
// Close the statement
$stmt->close();
// If the pro status has been added
if ($affected) {
// Set the pro account to valid
$proAccount = 2;
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
}
}
if ($proAccount) {
$skin = new skin('pro/successful');
$rows = '';
$transaction = $feed->getProStatus($feed->id, 2);
// If the proAccount was just created
if ($proAccount == 2) {
$TMPL['pro_title'] = $LNG['congratulations'] . '!';
$TMPL['pro_title_desc'] = $LNG['go_pro_congrats'];
} else {
$TMPL['pro_title'] = $LNG['pro_plan'];
$TMPL['pro_title_desc'] = $LNG['account_status'];
}
// Explode the date to display in a custom format
$valid = explode('-', $transaction['valid']);
$TMPL['validuntil'] = $valid[0] . '-' . $valid[1] . '-' . substr($valid[2], 0, 2);
// Decide the plan type
$TMPL['plan'] = $transaction['amount'] == $settings['proyear'] ? $LNG['yearly'] : $LNG['monthly'];
// Days left of pro Plan
$TMPL['daysleft'] = floor((strtotime($transaction['valid']) - strtotime(date("Y-m-d H:i:s"))) / (60 * 60 * 24)) . ' ' . $LNG['days_left'];
// The Amount paid for the pro plan
$TMPL['amount'] = $transaction['amount'] . ' ' . $settings['currency'];
}
$TMPL['go_pro_action'] = 'formSubmit(\'gopro-form\')';
} else {
$TMPL['go_pro_action'] = 'connect_modal()';
}
$TMPL['history'] = $feed->proAccountHistory(null, 1, 1);
$TMPL['protracksize'] = fsize($settings['protracksize']);
$TMPL['protracktotal'] = fsize($settings['protracktotal']);
$TMPL['tracksize'] = fsize($settings['tracksize']);
$TMPL['tracksizetotal'] = fsize($settings['tracksizetotal']);
$TMPL['promonth'] = $settings['promonth'];
$TMPL['proyear'] = $settings['proyear'];
$TMPL['currency'] = $settings['currency'];
$rows = $skin->make();
$TMPL = $TMPL_old;
unset($TMPL_old);
$TMPL['rows'] = $rows;
if (isset($_GET['logout']) == 1) {
$loggedIn->logOut();
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
$TMPL['url'] = $CONF['url'];
$TMPL['title'] = $LNG['go_pro'] . ' - ' . $settings['title'];
$TMPL['meta_description'] = $settings['title'] . ' ' . $LNG['go_pro'] . ' - ' . $LNG['go_pro_desc'];
$skin = new skin('pro/content');
return $skin->make();
}
function sidebarStatistics($id = null, $type = null, $extra = null)
{
// Type 0: Return statistics for your own tracks that have been played by other users
// Type 1: Return statistics for track page
global $LNG;
if ($type == 1) {
$query = $this->db->query(sprintf("SELECT (SELECT count(`track`) FROM `views` WHERE `track` = '%s') as total, (SELECT count(`track`) FROM `views` WHERE `track` = '%s' AND CURDATE() = date(`time`)) as today, (SELECT count(`track`) FROM `views` WHERE `track` = '%s' AND CURDATE()-1 = date(`time`)) as yesterday", $this->db->real_escape_string($id), $this->db->real_escape_string($id), $this->db->real_escape_string($id)));
} elseif ($type == 2) {
$query = $this->db->query(sprintf("SELECT (SELECT count(`id`) FROM `tracks` WHERE `uid` = '%s') as tracks_total, (SELECT SUM(`size`) FROM `tracks` WHERE `uid` = %s) as upload_size", $this->db->real_escape_string($this->id), $this->db->real_escape_string($this->id), $this->db->real_escape_string($id)));
} else {
if (!$this->trackList) {
return;
}
$query = $this->db->query(sprintf("SELECT (SELECT count(`track`) FROM `views` WHERE `track` IN (%s)) as total, (SELECT count(`track`) FROM `views` WHERE `track` IN (%s) AND CURDATE() = date(`time`)) as today, (SELECT count(`track`) FROM `views` WHERE `track` IN (%s) AND CURDATE()-1 = date(`time`)) as yesterday", $this->trackList, $this->trackList, $this->trackList));
}
$result = $query->fetch_assoc();
$output = '<div class="sidebar-container widget-statistics"><div class="sidebar-content"><div class="sidebar-header">' . (!$type ? '<a href="' . $this->url . '/index.php?a=stats" rel="loadpage">' . $LNG['statistics'] . '</a>' : ($extra ? $LNG['statistics'] . ' <div class="sidebar-header-extra"><a href="' . $this->url . '/index.php?a=track&id=' . $_GET['id'] . '&type=stats" rel="loadpage">' . $LNG['view_more'] . '</a></div>' : $LNG['statistics'])) . '</div><div class="sidebar-stats-container">';
if ($type == 2) {
// Percentage for the stats bar
$percentage = $result['upload_size'] / $this->track_size_total * 100;
$output .= '
<div class="sidebar-stats-box">' . $LNG['tracks_uploaded'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['tracks_total'] . '</div>
<div class="sidebar-stats-box">' . $LNG['total_space'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . fsize($this->track_size_total) . '</div>
<div class="divider sidebar-stats-divider"></div>
<div class="sidebar-stats-box">' . $LNG['used_space'] . '</div><div class="sidebar-stats-box sidebar-stats-box-right">' . $LNG['free_space'] . '</div>
<div class="sidebar-stats-bar"><div class="sidebar-stats-bar-percentage" style="width: ' . $percentage . '%"></div></div>
<div class="sidebar-stats-box">' . fsize($result['upload_size']) . '</div><div class="sidebar-stats-box sidebar-stats-box-right">' . fsize($this->track_size_total - $result['upload_size']) . '</div>';
} else {
$output .= '
<div class="sidebar-stats-box">' . $LNG['plays_today'] . '</div><div class="sidebar-stats-box sidebar-text-right sidebar-stats-today">' . $result['today'] . '</div>
<div class="sidebar-stats-box">' . $LNG['plays_yesterday'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['yesterday'] . '</div>
<div class="sidebar-stats-box">' . $LNG['plays_total'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['total'] . '</div>';
}
$output .= '</div></div></div>';
return $output;
}
$userfiles[$i]['tmp_name'] = $_FILES['userfile']['tmp_name'][$i];
$userfiles[$i]['error'] = $_FILES['userfile']['error'][$i];
$name = $_FILES['userfile']['name'][$i];
if ($modx->config['clean_uploaded_filename']) {
$nameparts = explode('.', $name);
$nameparts = array_map(array($modx, 'stripAlias'), $nameparts);
$name = implode('.', $nameparts);
}
$userfiles[$i]['name'] = $name;
$userfiles[$i]['type'] = $_FILES['userfile']['type'][$i];
}
}
foreach ((array) $userfiles as $userfile) {
// this seems to be an upload action.
printf("<p>" . $_lang['files_uploading'] . "</p>", $userfile['name'], substr($startpath, $len, strlen($startpath)));
echo $userfile['error'] == 0 ? "<p>" . $_lang['files_file_type'] . $userfile['type'] . ", " . fsize($userfile['tmp_name']) . '</p>' : '';
$userfilename = $userfile['tmp_name'];
if (is_uploaded_file($userfilename)) {
// file is uploaded file, process it!
if (!in_array(getExtension($userfile['name']), $uploadablefiles)) {
echo '<p><span class="warning">' . $_lang['files_filetype_notok'] . '</span></p>';
} else {
if (@move_uploaded_file($userfile['tmp_name'], $_POST['path'] . '/' . $userfile['name'])) {
// Ryan: Repair broken permissions issue with file manager
if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
@chmod($_POST['path'] . "/" . $userfile['name'], $new_file_permissions);
}
// Ryan: End
echo '<p><span class="success">' . $_lang['files_upload_ok'] . '</span></p>';
// invoke OnFileManagerUpload event
$modx->invokeEvent('OnFileManagerUpload', array('filepath' => $_POST['path'], 'filename' => $userfile['name']));
function msql_adm($msql = '')
{
//echo br();
$root = sesm('root', 'msql/');
$auth = $_SESSION['auth'];
$ath = 6;
//auth_level_mini
$wsz = define_s('wsz', 700);
$msql = $msql ? $msql : $_GET['msql'];
$_SESSION['page'] = $_GET['page'] ? $_GET['page'] : 1;
#boot
if ($msql && $msql != '=') {
$url = sesm('url', '/msql/');
$ra = msql_boot($msql);
$_SESSION['msql_boot'] = $ra;
list($bases, $base, $dirs, $dir, $prefixes, $prefix, $files, $table, $version, $folder, $node) = $ra;
//build url
$murl = sesm('murl', murl($base, $dir, $prefix, $table, $version));
//b/d/p_t_v
$basename = $root . $folder . $node;
$is_file = is_file($basename . '.php');
$lk = sesm('lk', $url . $folder . $node . gpage());
$folder = $root . $folder;
//conformity
msql_adm_head($lk, $base, $prefix, $table, $version);
}
$def = ajx($_POST['def'] ? $_POST['def'] : $_GET['def'], 1);
if ($_GET['see']) {
$ret[] = verbose($ra, 'dirs');
}
//auth
if ($base == 'users' && $prefix == $_SESSION['USE']) {
$_SESSION['ex_atz'] = 1;
}
if ($auth >= $ath && $_SESSION['ex_atz'] or $auth >= 6) {
$authorized = true;
}
$lkb = $lk . '&';
#load
//reqp('msql'); $msq=new msql($base,$node); if($is_file)$defs=$msq->load();
if (get('repair')) {
msql_repair($folder, $node);
}
//old
if ($is_file) {
$defs = read_vars($folder, $node, $defsb);
}
//if(!$defs)$ret[]=verbose($ra,'');
if ($defs['_menus_']) {
$defsb['_menus_'] = $defs['_menus_'];
}
//save
if ($def && !$defs[$def]) {
$_POST['add'] = $def;
}
if (($_POST['def'] or $_POST['add']) && $authorized) {
list($defs, $def) = save_defs($folder, $node, $defs, $def, $base);
}
//savb
if ($_GET['sav']) {
save_vars($folder, $node . '_sav', $defs, 1);
}
//create
if ($_GET['create'] && $authorized) {
$prefix = normaliz_c($_POST['prfx']);
$table = normaliz_c($_POST['hbname']);
if ($_POST['hbnb'] && $_POST['hbnb'] != 'version') {
$version = $_POST['hbnb'];
}
if (!$_POST['hbnb']) {
$version = '';
}
if (is_numeric($_POST['nbc'])) {
$defsb['_menus_'] = '';
$nbc = $_POST['nbc'];
$nbc = $nbc > 1 ? $nbc : 1;
for ($i = 1; $i <= $nbc; $i++) {
$defsb['_menus_'][] = 'col_' . $i;
}
} elseif ($defs['_menus_']) {
$defsb['_menus_'] = $defs['_menus_'];
} else {
$defsb['_menus_'] = array('');
}
$node = mnod($prefix, $table, $version);
if ($folder && $prefix) {
read_vars($folder, $node, $defsb);
}
relod(sesm('url') . murl_build('', '', $prefix, $table, $version));
}
#modifs
//save_modif
$do = find_command();
if ($do && $auth >= $ath) {
$defs = msql_modifs($defs, $defsb, $folder, $prefix . '_' . $table, $node, $basename, $do);
}
#render
$lh = sesmk('msqlang');
#-menus
if (!$_GET['def']) {
$ret['menus'] = msql_menus($ra);
}
//auth(3) &&
if (!$_GET['def']) {
//called
#-files
//add
if (auth(4)) {
$ret['fls'] = lkc('txtblc', $lkb . 'new==', pictxt('add', $lh[9][0])) . ' ';
}
if ($table && $authorized && $prefix && $is_file) {
//$defs &&
$ret['fls'] .= lkc('txtx', $lkb . 'sav==', $lh[2][0]) . ' ';
if (is_file($basename . '_sav.php')) {
$ret['fls'] .= lkc('txtx', $lkb . 'restore==', $lh[3][0]) . ' ';
}
$ret['fls'] .= lj_goto('import_defs', 5);
//$ret['fls'].=lj_goto('import_old','');
$ret['fls'] .= lj_goto('import_keys', 17);
$ret['fls'] .= lj_goto('merge_defs', 6);
$ret['fls'] .= lj_goto('append_update', 7);
$ret['fls'] .= lj_goto('append_values', 8);
} else {
$ret['fls'] .= $bckp;
}
if ($files[$prefix] && ($auth > $ath or $prefix == $_SESSION['USE'])) {
if ($auth >= $ath && $table && $prefix && $is_file) {
$ret['fls'] .= lkc('txtx', $lkb . 'del_table==', $lh[10][0]) . ' ';
$ret['fls'] .= ljb('txtblc', 'delfile', $lkb . 'del_file==', $lh[11][0]) . ' ';
//$ret['fls'].=lkc('txtyl',$lkb.'del_file==',$lh[11][0]).' ';
if (!$defs or isset($defs[0])) {
$ret['fls'] .= lkc('txtyl', $lkb . 'repair==', $lh[12][0]) . ' ';
}
}
}
if ($ret['fls']) {
$ret['fls'] .= br();
}
//$ret['fls']=divc('menu',$ret['fls']);
//new
if ($_GET['new']) {
$ret['fls'] .= newbase($base, $prefix, $table, $version);
}
#-util
if ($table && $authorized && $prefix && $is_file) {
$ret['utl'] .= lkc('txtblc', $lkb . 'def=_menus_', $lh[1][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'reset_menus==', $lh[22][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'del_menus==', $lh[23][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'add_keys==', $lh[24][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'del_keys==', $lh[25][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'def=_menus_&add_col==', $lh[14][0]) . ' ';
$ret['utl'] .= lj_goto('del_col', 15);
if ($is_file) {
$ret['utl'] .= lkc('txtx" title="' . $lh[13][1], $lkb . 'repair_cols==', $lh[13][0]) . br();
}
if ($base != 'system' && is_file(sesm('root') . 'system/' . $node . '.php')) {
$ret['utl'] .= lkc('txtblc', $lkb . 'update==', $lh[26][0]) . ' ';
}
$ret['utl'] .= lj_goto('sort_table', 19);
if ($table != 'restrictions' && $table != 'params') {
$ret['utl'] .= lkc('txtx', $lkb . 'reorder==', $lh[20][0]) . ' ';
}
$ret['utl'] .= lj_goto('permut', 21);
$ret['utl'] .= lkc('txtx', $lkb . 'edit_conn==', $lh[16][0]) . ' ';
$ret['utl'] .= lkc('txtx" title="' . $lh[6][1], $lkb . 'inject_defs==', $lh[18][0]) . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'edit_csv==', 'csv') . ' ';
$ret['utl'] .= lkc('txtx', $lkb . 'json==', 'json') . ' ';
if (auth(6)) {
$ret['utl'] .= lkc('txtx', $lkb . 'export_mysql==', 'sql') . ' ';
}
if (auth(6)) {
$ret['utl'] .= lkc('txtx', $lkb . 'create_mysql==', 'create mysql') . ' ';
}
$ret['utl'] .= lj('txtx', 'popup_msql___lang_helps_msql', '?');
}
#-fieldset
if ($ret['fls'] . $ret['utl']) {
$ret['utils'] = divc('menu', $ret['fls'] . $ret['utl']);
}
$ret['fls'] = $ret['utl'] = '';
//if($ret['nfo'])$ret['nfo'].=br();
}
//called
#-infos
if ($table && $is_file) {
$ret['nfo'] = lkc('popsav', $lk, $murl) . ' ';
$wurl = $_SERVER['HTTP_HOST'] . '/msql/' . $murl;
$ret['nfo'] .= lj('popbt', 'popup_text___' . ajx($wurl) . '_weburl_console', pictit('link', 'web url'));
$wcon = '[' . $murl . $kdef . ($def ? ':' . $def : '') . ':microsql]';
$ret['nfo'] .= lj('popbt', 'popup_text___' . ajx($wcon) . '_connector_console', pictit('conn', 'connector'));
$ret['nfo'] .= lkt('popbt', '/plug/microxml.php?table=' . $murl, pictit('rss', 'xml')) . ' - ';
$ret['nfo'] .= btn('txtsmall2', count($defs) . ' ' . plurial(count($defs), 116)) . ' - ';
if ($is_file) {
$ret['nfo'] .= btn('txtsmall2', fsize($basename . '.php')) . ' - ';
}
$ret['nfo'] .= btn('txtsmall2', ftime($basename . '.php')) . ' ';
$ret['nfo'] .= msq_search($murl);
}
if ($ret['nfo']) {
$ret['nfo'] = divc('menu', $ret['nfo']);
}
//entries
//if($defs)$ret['edt'].=slctmenuder($defs,$def?$def:'_menus_');
//add
if ($is_file && $authorized && !$_GET['called'] && $defs && !$_GET['def']) {
$ret['edt'] .= divc('menu', f_inp_add($defs, $defsb, $def)) . br();
}
//edit
//echo verbose($ra,'');
if ($def && $defs[$def]) {
$ret['edt'] .= f_inp_m($defs, $defsb['_menus_'], $def);
}
//edit_conn
if ($_GET['edit_conn'] == '=') {
if ($defs) {
foreach ($defs as $k => $v) {
$v = str_replace(array('|', '¬'), array(':BAR:', ':LINE:'), $v);
$edittable .= implode('|', $v) . '¬' . "\n";
}
}
//(!is_numeric($k)?$k.'|':'')
$ret[] = divc('', 'paste a table as created by transductor from html table :: use "|" for cells and "¬" for lines of cells') . form($lkb . 'def=' . $def, txarea('import_conn', $edittable, 60, 14) . br() . checkbox('aid', 'ok', 'auto_increment', '1') . input2('submit', 'save', 'import', 'txtbox')) . hr() . br();
}
//array
if ($_GET['inject_defs'] == '=') {
$datas = str_replace(array('<' . '?php', '?' . '>'), '', read_file($basename . '.php'));
$ret[] = divc('', 'paste $r[1]=array(1,2,3)') . form($lkb, txarea('inject_defs', $datas, 60, 14) . br() . input2('submit', 'replace', 'replace', 'txtbox') . input2('submit', 'inject', 'inject', 'txtbox') . checkbox('mono', '1', 'key=>value', '') . checkbox('sql', '1', 'mysql', '')) . hr() . br();
}
//export_mysql
if ($_GET['create_mysql'] == '=' && auth(6)) {
$ok = plugin_func('mysql', 'import_msql', $defs, $node);
$ret[] = divc('txtalert', 'create table ' . $node . ': ' . $ok);
}
if ($_GET['export_mysql'] == '=' && auth(6)) {
$ret[] = txarea('', mysqlrb($defs), 60, 40);
}
//csv
if ($_GET['edit_csv'] == '=') {
foreach ($defs as $k => $v) {
if ($v) {
$edittable .= $k . ':' . (is_array($v) ? implode(',', $v) : htmlentities($v)) . "\n";
}
}
$ret[] = divc('', 'paste csv using "," for cells and lines for rows') . form($lkb . 'def=' . $def, txarea('edit_csv', $edittable, 60, 14) . br() . checkbox('aid', 'ok', 'auto_increment', '1') . input2('submit', 'save', 'import', 'txtbox')) . hr() . br();
}
//csv
if ($_GET['json'] == '=') {
foreach ($defs as $k => $v) {
if ($v) {
$edittable .= '"' . $k . '":' . (is_array($v) ? '["' . implode('","', $v) . '"]' : '"' . htmlentities($v[0])) . '",';
}
}
$ret[] = txarea('edit_csv', '{' . $edittable, 60, 14) . '}' . br();
}
//see_table
if ($defs && !$_GET['def']) {
// && (!$def or $_POST['save'])//called
$out = divd('editmsql', draw_table($defs, $murl, ''));
$ret[] = $out . br();
} else {
$ret[] = divd('editmsql', '');
}
if ($auth > 6) {
$ret[] = lkc('txtx', $lkb . 'backup_msql==', 'backup') . ' ';
}
if ($_GET['backup_msql']) {
$ret[] = backup_msql();
}
return divd('content', implode('', $ret));
}
$form_field .= ' size="' . $cnt_form["fields"][$key]['size'] . '"';
}
if ($cnt_form["fields"][$key]['max']) {
$form_field .= ' maxlength="' . $cnt_form["fields"][$key]['max'] . '"';
} elseif (!empty($cnt_form['upload_value']['maxlength'])) {
$form_field .= ' maxlength="' . $cnt_form['upload_value']['maxlength'] . '"';
}
if ($cnt_form["fields"][$key]['class']) {
$form_field .= ' class="' . $cnt_form["fields"][$key]['class'] . '"';
}
if ($cnt_form["fields"][$key]['style']) {
$form_field .= ' style="' . $cnt_form["fields"][$key]['style'] . '"';
}
$form_field .= ' title="';
if ($cnt_form['upload_value']['maxlength']) {
$form_field .= 'max. ' . fsize($cnt_form['upload_value']['maxlength'], ' ', 1);
}
$form_field .= '" />';
unset($cnt_form['upload_value']);
// enable enctype attribute
$cnt_form['is_enctype'] = true;
break;
case 'submit':
/*
* Submit
*/
if (strpos(strtolower($cnt_form["fields"][$key]['value']), 'src=') === false) {
$form_field .= '<input type="submit" name="' . $form_name . '" id="' . $form_name . '" ';
if ($cnt_form["fields"][$key]['value'] != '') {
$form_field .= 'value="' . html_specialchars($cnt_form["fields"][$key]['value']) . '"';
}
function get_dir($path, $max_depth = '', $l = 0, $total = '')
{
if (!is_dir($path)) {
echo "\nInvalid Path\n";
return;
}
echo "<table border='0' cellpadding='5' cellspacing='0'>";
$path = substr($path, -1) != "/" ? $path . "/" : $path;
if (!$l) {
echo "\n<tr><td colspan='4'>Contents of directory {$path} :</td></tr>\n";
echo "\n<tr><td>Permissions</td><td>File Size</td><td>File Name</td><td> </td></tr>\n";
$total = 0;
}
if ($max_depth === '' || $max_depth > $l && is_int($max_depth)) {
$test_depth = true;
} else {
$test_depth = false;
}
$pre = "";
$c = $l;
while ($c--) {
$pre .= "\t";
}
$dir = opendir($path);
while ($f = readdir($dir)) {
if ($f == "." || $f == "..") {
continue;
}
$file = $path . $f;
$size = "";
if (is_file($file) || !is_dir($file)) {
$s = filesize($file);
$total += $s;
$size = "[ " . fsize($s) . " ]";
} else {
$f .= "/";
}
while (strlen($size) < 16) {
$size = " " . $size;
}
// echo "\n".get_permissions(fileperms($file)).$size.$pre."\t".$f;
// echo "\n<tr><td>".get_permissions(fileperms($file))."</td><td>".$size.$pre."</td><td>".$f."</td><td><a href=\"upld1/download.php?name=$f&mode=view\">View</a> <a href=\"upld1/download.php?name=$f\">Download</a> <a href=\"$me?mode=delete&name=$f\" onclick=\"return delete_confirm();\">Delete</a></td></tr>";
echo "\n<tr><td>" . get_permissions(fileperms($file)) . "</td><td>" . $size . $pre . "</td><td>" . $f . "</td><td>";
switch ($f) {
case 'download.php':
case 'dl.php':
case 'index.php':
echo " </td></tr>";
break;
default:
echo "<a href=\"{$urlpath}/dl.php?name={$f}&mode=view\">View</a> <a href=\"{$urlpath}/dl.php?name={$f}\">Download</a> <a href=\"{$me}?mode=delete&name={$f}\" onclick=\"return delete_confirm();\">Delete</a></td></tr>";
break;
}
if (is_dir($file) && $test_depth) {
$total = get_dir($file, $max_depth, $l + 1, $total);
}
}
if (!$l) {
echo "\n<tr><td colspan='4'>Total size: " . fsize($total) . "</td></tr></table>";
}
return $total;
}
plugins: {
streaming: {
url: 'flowplayer/flowplayer.pseudostreaming-3.2.7.swf'
},
audio: {
url: 'flowplayer/flowplayer.audio-3.2.2.swf'
}
}
});
</script>
<br /><br />
<a href="<?php
echo urlenc($rootdir . $file);
?>
" style="color:#555;">原始檔案下載(<?php
echo fsize(ufilesize($rootdir . $_GET['file']));
?>
)</a>
</center>
</body>
</html>
<?php
} else {
$job = array('base' => $_GET['base'], 'file' => $file);
$gmc = new Gearmanclient();
$gmc->addServer();
$gmc->doBackground("webnautilus", serialize($job));
?>
<html>
<head>
<meta http-equiv="refresh" content="10" />
<?php
$svr = $_SERVER["PATH_TRANSLATED"];
$path_parts = pathinfo($svr);
$str_current_path = $path_parts["dirname"];
$mydir = $str_current_path . "\\admin\\csv\\Integration_guide.zip";
$ret_val = fsize($mydir);
print $ret_val;
function fsize($file)
{
$a = array("B", "KB", "MB", "GB", "TB", "PB");
$pos = 0;
$size = filesize($file);
print $size . "<br>";
while ($size >= 1024) {
$size /= 1024;
$pos++;
}
return round($size, 2) . " " . $a[$pos];
}
exit;
function delete($file)
{
if (file_exists($file)) {
chmod($file, 0777);
if (is_dir($file)) {
$handle = opendir($file);
while ($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
delete($file . "/" . $filename);
}
function func_send_documents($zipfile, $str_company_name, $other_email, $str_failure_companies, $i_max_file_size_MB, $error_msg)
{
$arr_result = array(2);
$zip_file_name = func_replace_invalid_literals($str_company_name);
$filename = "csv/" . $zip_file_name . "_document.zip";
$fd = fopen($filename, "wb");
$out = fwrite($fd, $zipfile->file());
fclose($fd);
$file_size = fsize($filename);
//print($file_size."<br>");
if ($file_size < $i_max_file_size_MB) {
$mailbody = "<html><head></head><body>";
$mailbody .= "Application / Documents for " . $str_company_name . " are being attached herewith.";
$mailbody .= "</body></html>";
$mail_response = "";
$arrFiles = array($filename);
$arrFileNames = array("application_document.zip");
if ($other_email != "") {
//print("$str_company_name<br>");
if (!sendMail($_SESSION['gw_emails_sales'], "Application/Documents", $mailbody, $other_email, $arrFiles, $arrFileNames)) {
//print("failure: $str_company_name<br>");
$str_failure_companies .= "<br> {$str_company_name}";
} else {
//print("success: $str_company_name<br>");
}
}
} else {
$error_msg .= "<br> {$str_company_name}";
}
delete($filename);
$arr_result[0] = $str_failure_companies;
$arr_result[1] = $error_msg;
return $arr_result;
}
/**
* Return file size if the file exists.
*
* @since 1.0.2
*/
public function length() {
if($this->exists())
return fsize($this->path);
throw new Exception('File ' . $this->getName() . ' does not exist.');
}
function showdir($df)
{
$df = str_replace("//", "/", $df);
$dirs = array();
$files = array();
if ($dir = opendir($df)) {
while (($file = readdir($dir)) !== false) {
if ($file == "." || $file == "..") {
continue;
}
if (is_dir("{$df}/{$file}")) {
$dirs[] = $file;
} else {
$files[] = $file;
}
}
}
closedir($dir);
sort($dirs);
sort($files);
echo <<<EOF
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
EOF;
for ($i = 0; $i < count($dirs); $i++) {
$perm = perms("{$df}/{$dirs[$i]}");
echo <<<EOF
<tr height="1">
<td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="{$PHP_SELF}?d={$df}/{$dirs[$i]}&show"><img HSPACE=3 border=0 src={$PHP_SELF}?imgname=dir></a></span></td>
<td width="241" bgcolor="#FFFFF0"><a href="{$PHP_SELF}?d={$df}/{$dirs[$i]}&show">{$dirs[$i]}</a></td>
<td width="100" align="center" bgcolor="#FFFFFF"><a href="{$PHP_SELF}?deldir={$df}/{$dirs[$i]}/">Удалить</a></td>
<td width="51" align="center" bgcolor="#EFFFFF"><span class="style8"><center>Каталог</center></span></td>
<td width="113" align="center" bgcolor="#FFFFF0">{$perm}</td>
</tr>
EOF;
}
for ($i = 0; $i < count($files); $i++) {
$attr = "";
if (!($fi = @fopen("{$df}/{$files[$i]}", "r+"))) {
$attr = " ONLY_READ ";
$read = " href=\"{$PHP_SELF}?edit={$df}/{$files[$i]}&readonly\"";
$write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\"";
} else {
fclose($fi);
}
if (!($fi = @fopen("{$df}/{$files[$i]}", "r"))) {
$attr = " Can't_READ ";
$read = "";
$write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\"";
} else {
fclose($fi);
}
if ($attr == "") {
$attr = " READ/WRITE ";
$read = " href=\"{$PHP_SELF}?edit={$df}/{$files[$i]}\"";
$write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\"";
}
$perm = perms("{$df}/{$files[$i]}");
$it = "file";
switch (ext($files[$i])) {
case ".txt":
$it = "txt";
break;
case ".php":
$it = "txt";
break;
case ".htm":
$it = "txt";
break;
case ".log":
$it = "txt";
break;
case ".pl":
$it = "txt";
break;
case ".asm":
$it = "txt";
break;
case ".bat":
$it = "txt";
break;
case ".bash_profile":
$it = "txt";
break;
case ".bash_history":
$it = "txt";
break;
case ".ini":
$it = "txt";
break;
case ".php3":
$it = "txt";
break;
case ".html":
$it = "txt";
break;
case ".cgi":
$it = "txt";
break;
case ".inc":
$it = "txt";
break;
case ".c":
$it = "txt";
break;
case ".cpp":
$it = "txt";
break;
}
$fsize = fsize("{$df}/{$files[$i]}");
echo <<<EOF
<tr height="1">
<td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="{$PHP_SELF}?downloadfile={$df}/{$files[$i]}"><img HSPACE=3 border=0 src={$PHP_SELF}?imgname={$it}></a></span></td>
<td width="241" bgcolor="#00FFFF"><a{$read}>{$files[$i]} </a> ({$fsize})</td>
<td width="100" align="center" bgcolor="#FFFFFF"><a href="{$PHP_SELF}?rename=1&filetorename={$files[$i]}&d={$df}&diz">ren</a>/<a{$write}>del</a>/<a href="{$PHP_SELF}?downloadfile={$df}/{$files[$i]}">get</a>/<a href="{$PHP_SELF}?mailfile={$df}/{$files[$i]}">mail</a></td>
<td width="51" align="center" bgcolor="#FFEFEF"><span class="style8"><center>{$attr}</center></span></td>
<td width="113" align="center" bgcolor="#FFFFF9">{$perm}</td>
</tr>
EOF;
}
echo "</table>";
if (count($dirs) == 0 && count($files) == 0) {
echo <<<EOF
<table width="505" height="24" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
<tr>
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">Папка пуста</td>
</tr>
</table>
EOF;
}
}
function renderdir($rootdir, $dir)
{
global $ignore;
$ret = '';
$r = $fnlist = $dirlist = array();
$r['index'] = null;
if (($dir = safepath($rootdir, $dir)) === false) {
redirect('index.php');
}
$r['dir'] = $dir;
$list = (array) uscandir(pathjoin($rootdir, $dir));
if ($list === false) {
redirect('index.php?base=' . $_GET['base']);
}
foreach ($list as $e) {
if ($e == '.' || $e == '..' || in_array(strtolower($e), $ignore)) {
continue;
}
if (uis_dir(pathjoin($rootdir, $dir, $e))) {
$dirlist[] = $e;
} else {
$fnlist[] = $e;
}
}
$index_file = tryindex($fnlist, $dir);
if (!empty($index_file)) {
$r['index'] = pathjoin($rootdir, $dir, $index_file);
}
natsort($dirlist);
natsort($fnlist);
foreach ($dirlist as $e) {
$cfg = loadcfg(pathjoin($rootdir, $dir, $e));
if (isset($cfg['index'])) {
$idx = pathjoin($dir, $e, upath($cfg['index']));
$ahref = urlenc(pathjoin($rootdir, $idx));
$img = 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode($idx);
} else {
$ahref = 'index.php?base=' . $_GET['base'] . '&dir=' . urlencode(pathjoin($dir, $e));
$img = 'images/dir.gif';
}
if (isset($cfg['icon'])) {
$img = 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e, upath($cfg['icon'])));
}
$ret .= mkitem($e, $e, $e, '<a href="' . $ahref . '"' . ($cfg['target'] == '_blank' ? ' target="_blank"' : '') . '>', $img, istoday(pathjoin($rootdir, $dir, $e)), ($dz = udirsize(pathjoin($rootdir, $dir, $e))) > 0 ? '<br /><a name="pack" style="visibility: hidden; float:right;" href="pack.php?base=' . $_GET['base'] . '&dir=' . urlencode(pathjoin($dir, $e)) . '"><img alt="Download" title="Download - ' . fsize($dz) . '" src="images/pack.gif" /></a>' : '');
}
foreach ($fnlist as $e) {
if (isvideo($e) || isaudio($e)) {
$ahref = '<a href="flowplayer.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">';
} elseif (isimage($e)) {
$ahref = '<a href="image.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">';
} elseif (isweb($e)) {
$ahref = '<a href="' . urlenc(pathjoin($rootdir, $dir, $e)) . '">';
} elseif (isdocument($e)) {
$ahref = '<a href="document.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">';
} elseif (iscode($e)) {
$ahref = '<a href="code.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">';
} else {
$ahref = '<a href="' . urlenc(pathjoin($rootdir, $dir, $e)) . '">';
}
# echo $dir.$e."\t".urlencode($dir.$e)."\n";
$ret .= mkitem($e, $e, $e . ' - (' . fsize(ufilesize(pathjoin($rootdir, $dir, $e))) . ')', $ahref, 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)), istoday(pathjoin($rootdir, $dir, $e)), null);
}
$r['html'] = $ret;
return $r;
}
function fsizelong($zahl, $spacer = ' ')
{
return fsize($zahl, $spacer, 1);
}
if ($newDir != "") {
// get the path passed as a hidden form field
$path = $_POST['path'];
// only make a directory if it can be populated
if ((@ini_set("file_uploads", 1) === true || ini_get("file_uploads") == 1) && is_writable($path)) {
// create the new directory and assign it full read + write permissions
mkdir($path . "/" . $newDir, 0777);
}
}
}
if (isset($_FILES['userfile']['tmp_name']) && $_POST['newDir'] == "") {
// <!-- END: create new directory feature added 2006-10-19 by RAD -->
// if(isset($_FILES['userfile']['tmp_name'])) { // old code replaced by new code above RAD
// this seems to be an upload action.
printf($_lang['files_uploading'], $_FILES['userfile']['name'], substr($startpath, $len, strlen($startpath)));
echo $_FILES['userfile']['error'] == 0 ? $_lang['files_file_type'] . $_FILES['userfile']['type'] . ", " . fsize($_FILES['userfile']['tmp_name']) . "<br />" : "";
$userfile = $_FILES['userfile']['tmp_name'];
if (is_uploaded_file($userfile)) {
// file is uploaded file, process it!
if (!in_array(getExtension($_FILES['userfile']['name']), $uploadablefiles)) {
echo "<br /><span class='warning'>" . $_lang['files_filetype_notok'] . "</span><br />";
} else {
if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $_POST['path'] . "/" . $_FILES['userfile']['name'])) {
@chmod($_POST['path'] . "/" . $_FILES['userfile']['name'], 0644);
echo "<br /><span class='success'>" . $_lang['files_upload_ok'] . "</span><br />";
} else {
echo "<br /><span class='warning'>" . $_lang['files_upload_copy_failed'] . "</span> Possible permission problems - the directory you want to upload to needs to be set to 0777 permissions.<br />";
}
}
} else {
echo "<br /><span class='warning'><b>" . $_lang['files_upload_error'] . ":</b> ";
} elseif ($ekstensi == 'pdf') {
echo "<td rowspan='5'><img src='images/pdf.png'></td>";
} elseif ($ekstensi == 'ppt') {
echo "<td rowspan='5'><img src='images/ppt.png'></td>";
} elseif ($ekstensi == 'pptx') {
echo "<td rowspan='5'><img src='images/pptx.png'></td>";
} elseif ($ekstensi == 'docx') {
echo "<td rowspan='5'><img src='images/doc.png'></td>";
}
} else {
echo "<td rowspan='5'><img src='images/kosong.png'></td>";
}
echo "<td>Judul</td><td>: {$r['judul']}</td></tr>\n <tr><td>Nama File</td><td>: {$r['nama_file']}</td></tr>\n <tr><td>Ukuran</td>";
if (!empty($r[nama_file])) {
$file = "files_materi/{$r['nama_file']}";
echo "<td>: " . fsize($file) . "</td></tr>";
} else {
echo "<td>: </td></tr>";
}
echo "<tr><td>Tanggal Posting</td><td>: {$r['tgl_posting']}</td></tr>\n <tr><td colspan=2><input type=button class='tombol' value='Download File'\n onclick=\"window.location.href='downlot.php?file={$r['nama_file']}';\">\n <b class='judul'>Di download : {$r['hits']} kali</b></td></tr>";
$no++;
}
echo "</table>";
$jmldata = mysql_num_rows(mysql_query("SELECT * FROM file_materi WHERE id_matapelajaran = '{$_GET['id']}'"));
$jmlhalaman = $p->jumlahHalaman($jmldata, $batas);
$linkHalaman = $p->navHalaman($_GET[halaman], $jmlhalaman);
echo "<div id=paging>{$linkHalaman}</div><br>";
echo "<p class='garisbawah'></p><input type=button class='tombol' value='Kembali'\n onclick=self.history.back()>";
} else {
echo "<script>window.alert('Tidak ada file materi di mata pelajaran ini?');\n window.location=(href='media.php?module=materi')</script>";
}
</head>
<body>
<?php
if (is_dir($_SERVER["DOCUMENT_ROOT"] . $_GET["folder"])) {
if ($dh = opendir($_SERVER["DOCUMENT_ROOT"] . $_GET["folder"])) {
while (($file = readdir($dh)) !== false) {
if ($file != "." && $file != ".." && !ereg("^\\.", $file) && !is_dir($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file)) {
?>
<div>
<?php
echo $file;
?>
-
<?php
echo fsize($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file);
?>
-
<?php
echo date("d/m/Y h:i:s", filectime($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file));
?>
-
<a href="javascript:deleteFile('<?php
echo urlencode($file);
?>
')">supprimer</a>
<hr size="1"/>
</div>
<?php
function finder_data($r, $p, $rb)
{
if (!$r) {
return array(array('f' => 'empty'));
}
if ($p) {
$p .= '/';
}
//ksort($r);
foreach ($r as $k => $v) {
$rc = '';
$rc['id'] = normalize($p . $k);
$rc['pid'] = normalize($p);
if (!is_numeric($k) or is_array($v)) {
$rc['r'] = 1;
$rc['f'] = $k;
$nf = count($v);
$nbd = 0;
if (is_array($v)) {
foreach ($v as $ka => $va) {
if (!is_numeric($ka)) {
$nbd++;
}
}
}
$rc['nbd'] = $nbd;
$rc['opt'] = btn('txtsmall2', '(' . $nf . ')');
//nbof(,51)
$rc['typ'] = 'folder';
$rc['j'] = ajx($p . $k) . '_';
} else {
if ($rb[0] == 'shared') {
$url = $v;
$f = strpos($v, '/') !== false ? strrchr_b($v, '/') : $v;
} else {
$url = $p . $v;
$f = $v;
}
$fb = fi_droot() . $url;
$xt = xtb($f);
$rc['url'] = $rc['url'] = $url;
$rc['prop'] = strprm($p);
if ($rb[1] == 'distant') {
$rc['dist'] = 1;
} else {
$rc['opt'] = btn('txtsmall2', fsize($fb)) . ' ';
$rc['date'] = btn('txtsmall2', ftime($fb, 'ymd')) . ' ';
}
$rc['xt'] = $xt;
$rc['r'] = 0;
$rc['j'] = ajx($url) . '_';
$rc['f'] = $f;
if ($rb[0] == 'shared') {
$rc['prop'] = btn('txtsmall', strprm($v)) . ' ';
}
if (is_file($fb) && $xt) {
if (strpos('.jpg.png.gif', $xt) !== false && $rb[6] != 'pictos' && substr(fi_droot(), 0, 4) != 'http') {
//set as mini
$rc['img'] = make_thumb_c($fb, '48/48');
} else {
$rc['typ'] = $xt;
}
}
if ($rb[3] == 'icon') {
if ($xt) {
list($fd, $fl) = split_one('/', $url, 1);
if ($xt == '.svg') {
$fsvg = substr($url, 0, -4);
$rc['conn'] = '[' . $fsvg . '§24:svg]';
$rc['img'] = svg($fsvg . '§24');
} elseif (strpos('.jpg.png.gif', $xt) !== false) {
$rc['conn'] = '[' . substr($fl, 0, -4) . '§' . $fd . ':icon]';
}
}
}
if ($rb[3] == 'disk') {
$rc['conn'] = '[' . $url . ']';
}
}
$ret[] = $rc;
}
return $ret;
}
?>
<tr>
<td class="text-center" data-title="Image"><img src="../images/<?php
echo $p->filename;
?>
" class="img-thumbnail" style="width:100px;height:100px;"></td>
<td class="text-center" data-title="File Name"><?php
echo $p->filename;
?>
</td>
<td class="text-center" data-title="Type"><?php
echo $p->type;
?>
</td>
<td class="text-center" data-title="Type"><?php
echo fsize($p->size);
?>
</td>
<td class="text-center" data-title="Caption"><?php
echo $p->caption;
?>
</td>
<td class="text-center" data-title="Uploaded On"><?php
echo $p->created_at;
?>
</td>
<td class="text-center" data-title="Last Edited"><?php
echo $p->updated_at;
?>
</td>
<td class="text-center" data-title="Edit">
