function bh_setview($username, $filepath, $view)
{
# Get our prefs for this dir, if we have any
$filepathrows = select_bhdb("usersviews", array("username" => $username, "filepath" => $filepath), 1);
if (empty($filepathrows)) {
insert_bhdb("usersviews", array("username" => $username, "filepath" => $filepath, "view" => $view), "");
} else {
update_bhdb("usersviews", array("view" => $view), array("username" => $username, "filepath" => $filepath));
}
}
function bh_filelink_add($filepath, $expires, $username, $email, $notify = 0)
{
# Unnecesarily compicated random code generator
$filecoderows = array(1, 2, 3);
while (!empty($filecoderows)) {
srand(microtime() * rand() * 10002348);
$filecode = md5(rand(4, 917529843)) . md5(rand(rand(0, 184284), rand(38792423, 23847924)));
$filecoderows = select_bhdb("filecodes", array("filecode" => $filecode), "");
}
insert_bhdb("filecodes", array("filecode" => $filecode, "filepath" => $filepath, "expires" => $expires, "username" => $username, "email" => $email, "notify" => $notify));
return $filecode;
}
function bh_changeconfig($variable, $value)
{
global $bhconfig;
# See if it's already in the db.
$rows = select_bhdb("config", array("variable" => $variable), 1);
# If it is...
if (!empty($rows)) {
# Update it
update_bhdb("config", array("value" => addslashes($value)), array("variable" => $variable));
} else {
# Add it
insert_bhdb("config", array("variable" => $variable, "value" => addslashes($value)));
}
}
function bh_session_create($username)
{
global $dbconfig, $bhconfig;
# Create the session id
srand(microtime() * microtime());
$sessionid = md5(rand(1, 9999999) . rand(1, 9999999) . rand(1, 9999999) . rand(1, 9999999));
$oldprefix = $dbconfig['prefix'];
$olddb = $dbconfig['db'];
$dbconfig['prefix'] = $bhconfig['phpbb_prefix'];
$dbconfig['db'] = $bhconfig['phpbb_db'];
# Get the user id for the username
$userrows = select_bhdb("users", array("username" => $username), 1);
foreach ($userrows as $userrow) {
$userid = $userrow['user_id'];
}
# Insert session row
insert_bhdb("sessions", array("session_id" => $sessionid, "session_user_id" => $user_id, "session_start" => time(), "session_time" => time(), "session_ip" => encode_ip($_SERVER['REMOTE_ADDR']), "session_page" => "0", "session_logged_in" => "1"));
$dbconfig['prefix'] = $oldprefix;
$dbconfig['db'] = $olddb;
return array("username" => $username);
}
$filecoderows = select_bhdb("filecodes", "", "");
$userrows = select_bhdb("users", "", "");
# Remove old tables
drop_bhdb("filecodes");
drop_bhdb("users");
$insttables['filecodes'] = array("filecode" => array("type" => "varchar"), "filepath" => array("type" => "text"), "expires" => array("type" => "varchar"), "username" => array("type" => "varchar"), "email" => array("type" => "text"), "notify" => array("type" => "varchar"));
$insttables['log'] = array("entryid" => array("type" => "varchar"), "time" => array("type" => "varchar"), "username" => array("type" => "varchar"), "ip" => array("type" => "varchar"), "type" => array("type" => "varchar"), "page" => array("type" => "text"), "filepath" => array("type" => "text"), "data" => array("type" => "text"));
$insttables['users'] = array("username" => array("type" => "varchar"), "password" => array("type" => "varchar"), "homedir" => array("type" => "text"), "type" => array("type" => "varchar"), "disabled" => array("type" => "varchar"), "quota" => array("type" => "varchar"));
$insttables['filecodereminders'] = array("filecode" => array("type" => "varchar"), "remindat" => array("type" => "varchar"));
$insttables['satellitetransfers'] = array("transferid" => array("type" => "varchar"), "file" => array("type" => "text"), "offset" => array("type" => "varchar"), "length" => array("type" => "varchar"));
# Add them
foreach ($insttables as $tablename => $tablecontent) {
$result = create_bhdb($tablename, $tablecontent);
if ($result === FALSE) {
$errors[] = $dbmoderror;
}
}
# Correct them & add
foreach ($filecoderows as $key => $filecoderow) {
$filecoderow['notify'] = 0;
insert_bhdb("filecodes", $filecoderow);
}
foreach ($userrows as $key => $userrow) {
$userrow['disabled'] = 0;
insert_bhdb("users", $userrow);
}
insert_bhdb("adminmodulesmenu", array("module" => "return", "menu" => "page", "status" => "1", "menuorder" => "90"));
insert_bhdb("modulesusertype", array("module" => "admin", "usertype" => "admin", "status" => "1"));
insert_bhdb("modulesmenu", array("module" => "admin", "menu" => "page", "status" => "1", "menuorder" => "90"));
insert_bhdb("adminmodulesmenu", array("module" => "groups", "menu" => "page", "status" => "1", "menuorder" => "4"));
function bh_bandwidth($username, $type, $bytes)
{
# Was going to make it do cumulative records, but per-date is probably better, as we can see for periods of time, i.e. days of week, hours, etc., should someone want that.
# Create new record
insert_bhdb("bandwidth", array("username" => $username, "time" => time(), "type" => $type, "bytes" => $bytes));
}
function bh_updatemoduledb()
{
global $bhconfig;
# Open modules folder
$handle = opendir($bhconfig['bhfilepath'] . "/modules/");
# Go through and see if modules are in db.
while (false !== ($file = readdir($handle))) {
if (!preg_match("/^\\.{1,2}\$/", $file)) {
$filerow = select_bhdb("modules", array("file" => $file), "");
if (empty($filerow)) {
# Open file and check through for name etc.
$filearray = file($bhconfig['bhfilepath'] . "/modules/" . $file);
$nameline = preg_grep("/^#name.*\$/", $filearray);
$name = substr(current($nameline), 6);
$descline = preg_grep("/^#description.*\$/", $filearray);
$desc = substr(current($descline), 13);
$authline = preg_grep("/^#author.*\$/", $filearray);
$auth = substr(current($authline), 8);
insert_bhdb("modules", array("module" => str_replace(".inc.php", "", $file), "file" => $file, "name" => $name, "author" => $auth, "description" => $desc));
}
}
}
}
} elseif (!empty($_POST['reset_email'])) {
# See if the email exists
$email = $_POST['reset_email'];
$userirows = select_bhdb("userinfo", array("itemcontent" => $email, "itemname" => "email"), "");
if (empty($userirows)) {
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:recover_password'];
$layoutobj->content1 = "<br><br>" . $bhlang['error:email_doesnt_exist'];
$layoutobj->display();
} else {
# Insert a password reset request row for that username
$username = $userirows[0]['username'];
$resetid = md5(time() . rand(1, 99999) . rand(54, time()));
insert_bhdb("passwordresets", array("username" => $username, "resetid" => $resetid, "time" => time()));
# Get their email address
$emailaddr = $userirows[0]['itemcontent'];
# Email them about it with the validation link
$emailobj = new bhemail($emailaddr);
$emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:passreset_u_request']);
$emailobj->message = str_replace("#LINK#", bh_get_weburi() . "/index.php?page=passreset&doresetid={$resetid}&username={$username}", str_replace("#USERNAME#", $username, $bhlang['email:passreset_u_request']));
$emailaway = $emailobj->send();
if ($emailaway == false) {
# Open layout object
$layoutobj = new bhlayout("generic");
# Send the file listing to the layout, along with directory name
$layoutobj->title = $bhlang['title:signup'];
$layoutobj->content1 = "<br><br>" . $bhlang['error:email_error'];
$layoutobj->display();
} else {
*/
#name Registrations List
#author Andrew Godwin
#description Displays a list of pending registrations with an approval system.
#iscore 1
if (!empty($_GET['action'])) {
if ($_GET['action'] == "accept") {
$regrows = select_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']), "");
if (empty($regrows)) {
log_bh($bhlang['error:registration_doesnt_exist'], "BH_ERROR");
} else {
# Add a user row
insert_bhdb("users", array("username" => $regrows[0]['username'], "password" => $regrows[0]['password'], "type" => "normal", "homedir" => "/" . $regrows[0]['username']));
# Add that extra info we got
insert_bhdb("userinfo", array("username" => $regrows[0]['username'], "itemname" => "fullname", "itemcontent" => $regrows[0]['fullname']));
insert_bhdb("userinfo", array("username" => $regrows[0]['username'], "itemname" => "email", "itemcontent" => $regrows[0]['email']));
# Delete the reg row
delete_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']));
# Email the user
$emailobj = new bhemail($regrows[0]['email']);
$emailobj->subject = str_replace("#SITENAME#", $bhconfig['sitename'], $bhlang['emailsubject:registration_accepted']);
$emailobj->message = str_replace("#USERNAME#", $regrows[0]['username'], $bhlang['email:registration_accepted']);
$emailaway = $emailobj->send();
# All done. Say so.
bh_log(str_replace("#USER#", $_GET['username'], $bhlang['notice:#USER#_accepted']), "BH_NOTICE");
}
}
if ($_GET['action'] == "reject") {
$regrows = select_bhdb("registrations", array("regid" => $_GET['regid'], "username" => $_GET['username']), "");
if (empty($regrows)) {
log_bh($bhlang['error:registration_doesnt_exist'], "BH_ERROR");
function set_grouprights($group, $status, $recursion = 1)
{
if ($this->is_dir() && $recursion == 1) {
$this->loadfile();
foreach ($this->filecontents as $file2set) {
$file2setobj = new bhfile($file2set['filepath']);
$file2setobj->set_grouprights($group, $status);
}
}
if ($status >= 0) {
$grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), "");
if (!empty($grouprows)) {
update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath));
} else {
insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status));
}
} else {
delete_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath));
}
}
function set_grouprights($group, $status)
{
$grouprows = select_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath), "");
if (!empty($grouprows)) {
update_bhdb("aclgroups", array("status" => $status), array("group" => $group, "filepath" => $this->filepath));
} else {
insert_bhdb("aclgroups", array("group" => $group, "filepath" => $this->filepath, "status" => $status));
}
}
} else {
# They've been bad.
bh_log($bhlang['error:passwords_dont_match'], "BH_ERROR");
}
} else {
# Tell them what they did wrong
bh_log($bhlang['error:old_password_invalid'], "BH_ERROR");
}
}
# See if there's an incoming profile change request
if (!empty($_POST['changeprofile'])) {
# Go through the options and add/update them
foreach ($_POST['changeprofile'] as $option => $value) {
$optionrows = select_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option), "");
if (empty($optionrows)) {
insert_bhdb("userinfo", array("username" => $bhsession['username'], "itemname" => $option, "itemcontent" => $value));
} else {
update_bhdb("userinfo", array("itemcontent" => $value), array("username" => $bhsession['username'], "itemname" => $option));
}
}
# Say it's updated
bh_log($bhlang['notice:profile_saved'], "BH_NOTICE");
}
# Get user profile info
$profilerows = select_bhdb("userinfo", array("username" => $bhsession['username']), "");
$profile = array();
foreach ($profilerows as $profilerow) {
$profile[$profilerow['itemname']] = $profilerow['itemcontent'];
}
# Open layout object
$layoutobj = new bhlayout("options");
} else {
$quota = round($signup['quota'] * 1024 * 1024);
}
if ($signup['homedir'] == "/") {
$homedir = "/";
} else {
$homedir = "/" . $signup['username'];
}
# Yippee. Add them.
insert_bhdb("users", array("username" => $signup['username'], "password" => md5($signup['pass1']), "type" => $signup['type'], "homedir" => $homedir, "quota" => $quota));
# Add that extra info we got
insert_bhdb("userinfo", array("username" => $signup['username'], "itemname" => "fullname", "itemcontent" => $signup['fullname']));
insert_bhdb("userinfo", array("username" => $signup['username'], "itemname" => "email", "itemcontent" => $signup['email']));
# Add any group associations.
if (!empty($signup['groups'])) {
$groups = explode(",", $signup['groups']);
foreach ($groups as $group) {
$group = trim($group);
insert_bhdb("groups", array("username" => $signup['username'], "group" => $group, "status" => "1"));
}
}
bh_log($bhlang['notice:user_added'], BH_NOTICE);
# Redirect to user list
require "modules/users.inc.php";
}
}
} else {
$layout = new bhadminlayout("adduserform");
$layout->title = $bhlang['title:add_user'];
$layout->display();
}
# FileLink/FileMail functions
# File array
$file = file($_GET['file']) or die("I'm sorry. That isn't a valid file.");
# Loooop through
foreach ($file as $num => $line) {
if (substr($line, 0, 1) == "#" || substr($line, 0, 1) == ";" || trim($line) == "") {
} else {
$linearray = explode(",", $line);
if (empty($linearray[0])) {
die("No username provided! Line " . ($num + 1));
} elseif (empty($linearray[1])) {
die("No password provided! Line " . ($num + 1));
} elseif (empty($linearray[2])) {
die("No email provided! Line " . ($num + 1));
} else {
$userrows = select_bhdb("users", array("username" => $linearray[0]), "");
if (empty($userrows)) {
if (empty($linearray[4])) {
$linearray[4] = "normal";
}
bh_adduser($linearray[0], $linearray[1], bh_fpclean("/" . $linearray[0]), $linearray[4]);
insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "fullname", "itemcontent" => empty($linearray[3])));
insert_bhdb("userinfo", array("username" => $linearray[0], "itemname" => "email", "itemcontent" => empty($linearray[2])));
echo "User " . $linearray[0] . " added! <br>\n\r";
} else {
echo "User " . $linearray[0] . " exists, not added. <br>\n\r";
}
}
}
}
echo $num + 1 . " lines processed. Finished.";
if (empty($_POST['group'])) {
$_POST['group'] = array();
}
if (empty($_GET['group'])) {
$_GET['group'] = array();
}
$group = array_merge($_POST['group'], $_GET['group']);
if ($group['action'] == "add") {
$grouprows = select_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']), "");
if (empty($grouprows)) {
$userrows = select_bhdb("users", array("username" => $group['username']), "");
if (empty($userrows)) {
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_error($bhlang['error:user_does_not_exist']);
} else {
insert_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']));
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_notice($bhlang['notice:user_added_to_group']);
}
} else {
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_error($bhlang['error:user_is_in_group']);
}
}
if ($group['action'] == "remove") {
delete_bhdb("groupusers", array("username" => $group['username'], "group" => $group['group']));
bh_add_logvars(array("username" => $group['username'], "group" => $group['group']));
bh_add_notice($bhlang['notice:user_removed_from_group']);
}
$usersbygroup = bh_usersbygroup();
$layout->content1 = $usersbygroup;
insert_bhdb("modulesusertype", array("module" => "delete", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "addfolder", "usertype" => "-guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "viewfile", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "viewfolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "upload", "usertype" => "-guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "choosefolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "upload", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "edit", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "htmledit", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "copy", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "sharing", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "signup", "usertype" => "guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "editdesc", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "passreset", "usertype" => "guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "options", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "options", "usertype" => "-guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "deletefolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "copyfolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "sharingfolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "returntofolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "admin", "usertype" => "admin", "status" => "1"));
# USERS (GUEST USER)
insert_bhdb("users", array("username" => "guest", "password" => "", "homedir" => "/", "type" => "guest"));
insert_bhdb("aclpublic", array("filepath" => "/", "status" => "1"));
# 27/7/05: filelink
insert_bhdb("modulesaccesslevel", array("module" => "filelink", "accesslevel" => "3", "status" => "1"));
insert_bhdb("modulesfiletype", array("module" => "filelink", "filetype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "filelink", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "filelink", "usertype" => "-guest", "status" => "1"));
insert_bhdb("adminmodulesmenu", array("module" => "filelinks", "menu" => "page", "status" => "1", "menuorder" => "6"));
$layoutobj = new bhlayout("popup_upload");
$layoutobj->display();
} elseif ($uploadrows[0]['status'] = "finished") {
# Echo window closing script
$str = "<html>\n<head>\n</head>\n<body>\n<script>self.close();</script>\n</body>\n</html>";
echo $str;
# Remove entry in DB
delete_bhdb("uploads", array("sessionid" => session_id()));
} else {
bh_log("Fatal error in upload notification system", "BH_ERROR");
}
} elseif (count($fupload) > 0) {
# Notify the popup to close
$uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1);
if (empty($uploadrows)) {
insert_bhdb("uploads", array("sessionid" => session_id(), "status" => "finished"));
} else {
update_bhdb("uploads", array("status" => "finished"), array("sessionid" => session_id()));
}
# Calculate used bandwidth
foreach ($fupload as $fileinfo) {
bh_bandwidth($bhsession['username'], "up", $fileinfo['size']);
}
# Check they can write to the destination directory
if (bh_checkrights($infolder, $bhsession['username']) >= 2) {
foreach ($fupload as $fileinfo) {
# If it's a valid upload...
if (empty($fileinfo['name']) !== TRUE) {
# Check the file actually exists.
if (file_exists($fileinfo['tempname'])) {
# Create thing of banned exts
insert_bhdb("modulesdirectory", array("module" => "sharingfolder", "status" => "1"));
insert_bhdb("adminmodulesmenu", array("module" => "registrations", "menu" => "page", "status" => "1", "menuorder" => "4"));
insert_bhdb("adminmodulesmenu", array("module" => "appearance", "menu" => "page", "status" => "1", "menuorder" => "5"));
insert_bhdb("modulesmenu", array("module" => "passreset", "menu" => "page", "status" => "1", "menuorder" => "8"));
insert_bhdb("modulesmenu", array("module" => "options", "menu" => "page", "status" => "1", "menuorder" => "50"));
insert_bhdb("modulesusertype", array("module" => "passreset", "usertype" => "guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "options", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "options", "usertype" => "-guest", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "deletefolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "copyfolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "sharingfolder", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "returntofolder", "usertype" => "*", "status" => "1"));
insert_bhdb("aclpublic", array("filepath" => "/", "status" => "1"));
# 27/7/05: filelink
insert_bhdb("modulesaccesslevel", array("module" => "filelink", "accesslevel" => "3", "status" => "1"));
insert_bhdb("modulesfiletype", array("module" => "filelink", "filetype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "filelink", "usertype" => "*", "status" => "1"));
insert_bhdb("modulesusertype", array("module" => "filelink", "usertype" => "-guest", "status" => "1"));
insert_bhdb("adminmodulesmenu", array("module" => "filelinks", "menu" => "page", "status" => "1", "menuorder" => "6"));
bh_changeconfig("signupmoderation", "1");
bh_changeconfig("profileoptions", "fullname,email");
bh_changeconfig("maxexpires", "60");
bh_changeconfig("lang", "en");
bh_changeconfig("authmodule", "bytehoard.inc.php");
bh_changeconfig("filesystemmodule", "filesystem");
# Correct them & add
foreach ($filecoderows as $key => $filecoderow) {
$filecoderow['username'] = "******";
$filecoderow['email'] = "(none - from 2.1.a)";
insert_bhdb("filecodes", $filecoderow);
}