static function getBannedType()
{
$userIP = getUsersIPAddress();
$db = Database::getDatabase(true);
$row = $db->getRow('SELECT banType FROM banned_ips WHERE ipAddress = ' . $db->quote($userIP));
if (!is_array($row)) {
return false;
}
return $row['banType'];
}
static function create($username, $password, $email, $title, $firstname, $lastname, $accType = 'user')
{
$dbInsert = new DBObject("users", array("username", "password", "email", "title", "firstname", "lastname", "datecreated", "createdip", "status", "level", "paymentTracker"));
$dbInsert->username = $username;
$dbInsert->password = MD5($password);
$dbInsert->email = $email;
$dbInsert->title = $title;
$dbInsert->firstname = $firstname;
$dbInsert->lastname = $lastname;
$dbInsert->datecreated = sqlDateTime();
$dbInsert->createdip = getUsersIPAddress();
$dbInsert->status = 'active';
$dbInsert->level = 'free user';
$dbInsert->paymentTracker = MD5(time() . $username);
if ($dbInsert->insert()) {
return $dbInsert;
}
return false;
}
require_once 'includes/master.inc.php';
// setup page
define("PAGE_NAME", t("report_abuse_page_name", "Report Abuse"));
define("PAGE_DESCRIPTION", t("report_abuse_meta_description", "Report Abuse or Copyright Infringement"));
define("PAGE_KEYWORDS", t("report_abuse_meta_keywords", "report, abuse, copyright, infringement, file, hosting"));
// send report if submitted
if ((int) $_REQUEST['submitme']) {
if (!strlen(trim($_REQUEST['fileDetails']))) {
setError(t("report_abuse_error_no_content", "Please enter the details of the reported file."));
} else {
$subject = "New abuse report on " . SITE_CONFIG_SITE_NAME;
$plainMsg = "There is a new abuse report on " . SITE_CONFIG_SITE_NAME . " with the following details:\n\n";
$plainMsg .= "***************************************\n";
$plainMsg .= trim($_REQUEST['fileDetails']) . "\n";
$plainMsg .= "***************************************\n";
$plainMsg .= "Submitted IP: " . getUsersIPAddress() . "\n";
$plainMsg .= "***************************************\n\n";
$plainMsg .= "Please login via " . WEB_ROOT . "/admin/ to investigate further.";
send_html_mail(SITE_CONFIG_REPORT_ABUSE_EMAIL, $subject, str_replace("\n", "<br/>", $plainMsg), SITE_CONFIG_REPORT_ABUSE_EMAIL, $plainMsg);
redirect(WEB_ROOT);
}
}
require_once '_header.php';
?>
<div class="contentPageWrapper">
<?php
if (isErrors()) {
echo outputErrors();
}
private function handle_file_upload($uploaded_file, $name, $size, $type, $error)
{
$fileUpload = new stdClass();
$fileUpload->name = basename(stripslashes($name));
$fileUpload->size = intval($size);
$fileUpload->type = $type;
$fileUpload->error = null;
$extension = end(explode(".", $fileUpload->name));
$fileUpload->error = $this->has_error($uploaded_file, $fileUpload, $error);
if (!$fileUpload->error) {
if (strlen(trim($fileUpload->name)) == 0) {
$fileUpload->error = 'Filename not found.';
}
} elseif (intval($size) == 0) {
$fileUpload->error = 'File received has zero size.';
} elseif (intval($size) > $this->options['max_file_size']) {
$fileUpload->error = 'File received is larger than permitted.';
}
if (!$fileUpload->error && $fileUpload->name) {
if ($fileUpload->name[0] === '.') {
$fileUpload->name = substr($fileUpload->name, 1);
}
$newFilename = MD5(microtime());
// figure out upload type
$file_size = 0;
// select server from pool
$uploadServerId = getAvailableServerId();
$db = Database::getDatabase(true);
$uploadServerDetails = $db->getRow('SELECT * FROM file_server WHERE id = ' . $db->quote($uploadServerId));
// override storage path
if (strlen($uploadServerDetails['storagePath'])) {
$this->options['upload_dir'] = $uploadServerDetails['storagePath'];
if (substr($this->options['upload_dir'], strlen($this->options['upload_dir']) - 1, 1) == '/') {
$this->options['upload_dir'] = substr($this->options['upload_dir'], 0, strlen($this->options['upload_dir']) - 1);
}
$this->options['upload_dir'] .= '/';
}
// move remotely via ftp
if ($uploadServerDetails['serverType'] == 'remote') {
// connect ftp
$conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30);
if ($conn_id === false) {
$fileUpload->error = 'Could not connect to file server ' . $uploadServerDetails['ipAddress'];
}
// authenticate
if (!$fileUpload->error) {
$login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']);
if ($login_result === false) {
$fileUpload->error = 'Could not authenticate with file server ' . $uploadServerDetails['ipAddress'];
}
}
// create the upload folder
if (!$fileUpload->error) {
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
if (!ftp_mkdir($conn_id, $uploadPathDir)) {
// Error reporting removed for now as it causes issues with existing folders. Need to add a check in before here
// to see if the folder exists, then create if not.
// $fileUpload->error = 'There was a problem creating the storage folder on '.$uploadServerDetails['ipAddress'];
}
}
// upload via ftp
if (!$fileUpload->error) {
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
// initiate ftp
$ret = ftp_nb_put($conn_id, $file_path, $uploaded_file, FTP_BINARY, FTP_AUTORESUME);
while ($ret == FTP_MOREDATA) {
// continue uploading
$ret = ftp_nb_continue($conn_id);
}
if ($ret != FTP_FINISHED) {
$fileUpload->error = 'There was a problem uploading the file to ' . $uploadServerDetails['ipAddress'];
} else {
$file_size = filesize($uploaded_file);
@unlink($uploaded_file);
}
}
}
// close ftp connection
ftp_close($conn_id);
} else {
// create the upload folder
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
@mkdir($uploadPathDir);
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
move_uploaded_file($uploaded_file, $file_path);
}
$file_size = filesize($file_path);
}
// check filesize uploaded matches tmp uploaded
if ($file_size === $fileUpload->size) {
$fileUpload->url = $this->options['upload_url'] . rawurlencode($fileUpload->name);
// insert into the db
$fileUpload->size = $file_size;
$fileUpload->delete_url = '~d?' . $this->options['delete_hash'];
$fileUpload->info_url = '~i?' . $this->options['delete_hash'];
$fileUpload->delete_type = 'DELETE';
// create delete hash, make sure it's unique
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
while ($existingFile != false) {
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
}
// store in db
$db = Database::getDatabase(true);
$dbInsert = new DBObject("file", array("originalFilename", "shortUrl", "fileType", "extension", "fileSize", "localFilePath", "userId", "totalDownload", "uploadedIP", "uploadedDate", "statusId", "deleteHash", "serverId"));
$dbInsert->originalFilename = $fileUpload->name;
$dbInsert->shortUrl = 'temp';
$dbInsert->fileType = $fileUpload->type;
$dbInsert->extension = $extension;
$dbInsert->fileSize = $fileUpload->size;
$dbInsert->localFilePath = substr($file_path, strlen($this->options['upload_dir']), 99999);
// add user id if user is logged in
$dbInsert->userId = NULL;
$Auth = Auth::getAuth();
if ($Auth->loggedIn()) {
$dbInsert->userId = (int) $Auth->id;
}
$dbInsert->totalDownload = 0;
$dbInsert->uploadedIP = getUsersIPAddress();
$dbInsert->uploadedDate = sqlDateTime();
$dbInsert->statusId = 1;
$dbInsert->deleteHash = $deleteHash;
$dbInsert->serverId = $uploadServerId;
if (!$dbInsert->insert()) {
$fileUpload->error = 'abort';
}
// create short url
$tracker = 1;
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
while ($fileTmp) {
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
$tracker++;
}
// update short url
file::updateShortUrl($dbInsert->id, $shortUrl);
// update fileUpload with file location
$file = file::loadByShortUrl($shortUrl);
$fileUpload->url = $file->getFullShortUrl();
$fileUpload->delete_url = $file->getDeleteUrl();
$fileUpload->info_url = $file->getInfoUrl();
$fileUpload->stats_url = $file->getStatisticsUrl();
$fileUpload->short_url = $shortUrl;
} else {
if ($this->options['discard_aborted_uploads']) {
//@TODO - made ftp compatible
@unlink($file_path);
@unlink($uploaded_file);
if (!isset($fileUpload->error)) {
$fileUpload->error = 'maxFileSize';
}
}
}
}
return $fileUpload;
}
<?php
// checked whether user is logged in
if ($Auth->loggedIn()) {
// load recent from account
$files = file::loadAllRecentByAccount($Auth->id, true);
} else {
// load recent from IP
$files = file::loadAllRecentByIp(getUsersIPAddress(), true);
}
?>
<div class="rightContentWrapper ui-corner-all">
<div class="rightContent">
<div id="pageHeader">
<h2><?php
echo t("your_recent_files", "Your Files");
?>
<?php
echo COUNT($files) ? '(' . COUNT($files) . ')' : '';
?>
</h2>
</div>
<p>
<?php
// load all urls for current user
if (COUNT($files)) {
$tracker = 0;
foreach ($files as $url) {
$class = 'divOdd';
if ($tracker % 2 == 1) {
