//show cached temaplte process ...
//that came from plugins or return backup or even if style folder
//is not writable
case 'cached':
$cached_file = PATH . 'cache/styles_cached.php';
//delete cached styles
if (isset($_GET['del'])) {
delete_cache('styles_cached');
$text = $lang['CACHED_STYLES_DELETED'];
$stylee = 'admin_info';
} elseif (!file_exists($cached_file)) {
$text = $lang['NO_CACHED_STYLES'];
$stylee = 'admin_info';
} else {
$content = file_get_contents($cached_file);
$content = kleeja_base64_decode($content);
$content = unserialize($content);
ob_start();
foreach ($content as $template_name => $do) {
echo '<strong>' . $lang['OPEN'] . '</strong> : <br /> ' . (substr($template_name, 0, 6) == 'admin_' ? $STYLE_PATH_ADMIN : $STYLE_PATH) . $template_name . '<br />';
switch (trim($do['action'])) {
case 'replace_with':
echo '<strong> ' . $lang['SEARCH_FOR'] . '<strong> : <br />';
//if it's to code
if (strpos($do['find'], '(.*?)') !== false) {
$do['find'] = explode('(.*?)', $do['find']);
echo '<textarea style="direction:ltr;width:90%">' . trim(htmlspecialchars($do['find'][0])) . '</textarea> <br />';
echo '<strong> ' . $lang['REPLACE_TO_REACH'] . '<strong> : <br />';
echo '<textarea style="direction:ltr;width:90%">' . trim(htmlspecialchars($do['find'][1])) . '</textarea> <br />';
} else {
if (trim($do['find']) == '') {
function kleeja_check_user()
{
global $config, $SQL, $dbprefix;
($hook = kleeja_run_hook('kleeja_check_user_func_usr_class')) ? eval($hook) : null;
//run hook
//if login up
if ($this->kleeja_get_cookie('ulogu')) {
$user_data = false;
list($user_id, $hashed_password, $expire_at, $hashed_expire, $adm_or_not, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2));
//if not expire
if ($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at) && $expire_at > time()) {
/* For better performance we will take the risks */
/*
!defined('IN_DOWNLOAD')
*/
if ((int) $adm_or_not == 1) {
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
} else {
if (!empty($u_info)) {
$uu_info = unserialize(kleeja_base64_decode($u_info));
define('USER_ID', $uu_info['id']);
define('USER_NAME', $uu_info['name']);
define('USER_MAIL', $uu_info['mail']);
define('USER_ADMIN', '0');
define('LAST_VISIT', $uu_info['last_visit']);
$user_data = true;
}
}
}
if ($user_data == false) {
$this->logout();
} else {
return $user_data;
}
}
return false;
//nothing
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && defined('STOP_CSRF')) {
$t_reff = explode('/', $_SERVER['HTTP_REFERER']);
$t_host = explode('/', $_SERVER['HTTP_HOST']);
if ($t_reff[2] != $t_host[0]) {
$usrcp->logout_cp();
if (isset($_GET['_ajax_'])) {
//echo_ajax(999, '');
}
redirect($config['siteurl']);
$SQL->close();
exit;
}
}
$gt = kleeja_filesize(PATH . 'includes/st' . 'yl' . 'e.php');
if (!empty($gt) && $gt != 10235) {
exit(kleeja_base64_decode('V2hlcmUgVGhlIENvcHlyaWdodHMgOikgLi4u'));
}
!defined('LAST_VISIT') ? define('LAST_VISIT', time() - 3600 * 12) : '';
//last visit
$last_visit = defined('LAST_VISIT') && preg_match('/[0-9]{10}/', LAST_VISIT) ? kleeja_date(LAST_VISIT) : false;
//path of admin extensions
$path_adm = PATH . 'includes/adm';
//exception extentions
$ext_expt = array();
$ext_expt[] = 'start';
$ext_expt[] = 'php_info';
$ext_expt[] = 'b_lgoutcp';
$ext_expt[] = 'i_exts';
//confirm msgs
$ext_confirm = array();
//$ext_confirm[] = 'repair';
kleeja_admin_info($lang['PLUGIN_DELETED'], false, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&' . $current_smt);
}
//if there is a zip?
$text = sprintf($lang['PLUGIN_DELETED_ZIPPED'], '<a target="_blank" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&do_plg=' . $plg->plg_id . '&m=6&fn=' . $plg->zipped_files . '&smt=' . $current_smt . '">', '</a>');
$text .= '<br /><br /><a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&smt=' . $current_smt . '">' . $lang['GO_BACK_BROWSER'] . '</a>';
kleeja_admin_info($text, false, '', true, false);
}
break;
case '4':
//plugin instructions
$query = array('SELECT' => 'p.plg_name, p.plg_ver, p.plg_instructions', 'FROM' => "{$dbprefix}plugins p", 'WHERE' => "p.plg_id=" . $plg_id);
$result = $SQL->fetch_array($SQL->build($query));
if (empty($result)) {
redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php'));
}
$info = unserialize(kleeja_base64_decode($result['plg_instructions']));
$info = isset($info[$config['language']]) ? $info[$config['language']] : $info['en'];
kleeja_admin_info('<h3>' . $result['plg_name'] . ' ' . $result['plg_ver'] . ' : </h3>' . $info . '<br /><a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&smt=' . $current_smt . '">' . $lang['GO_BACK_BROWSER'] . '</a>');
break;
//downaloding zipped changes ..
//downaloding zipped changes ..
case 6:
if (!isset($_GET['fn'])) {
kleeja_admin_err($lang['ERROR']);
}
$_f = preg_replace('![^a-z0-9]!', '', $_GET['fn']);
$name = 'changes_of_' . $_f . '.zip';
if (!file_exists(PATH . 'cache/' . $name)) {
kleeja_admin_err($lang['ERROR']);
}
if (is_browser('mozilla')) {
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_username = false)
{
global $lang, $config, $usrcp, $userinfo;
global $script_path, $script_api_key, $script_cp1256;
//URL must be begin with http://
if (empty($script_path) || $script_path[0] != 'h') {
big_error('Forum URL must be begin with http://', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'API'));
}
//api key is the key to make the query between the remote script and kleeja more secure !
//this must be changed in the real use
if (empty($script_api_key)) {
big_error('api key', 'To connect to the remote script you have to write the API key ...');
}
$pass = empty($script_cp1256) || !$script_cp1256 ? $pass : $usrcp->kleeja_utf8($pass, false);
$name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false);
/*
@see file : docs/kleeja_(vb,mysmartbb,phpbb)_api.txt
*/
$api_http_query = 'api_key=' . kleeja_base64_encode($script_api_key) . '&' . ($hashed ? 'userid' : 'username') . '=' . urlencode($name) . '&pass='******'&return_username=1' : '';
//get it
$remote_data = fetch_remote_file($script_path . '?' . $api_http_query);
//no responde
//empty or can not connect
if ($remote_data == false || empty($remote_data)) {
return false;
}
//see kleeja_api.php file
//split the data , the first one is always 0 or 1
//0 : error
//1: ok
$user_info = explode('%|%', kleeja_base64_decode($remote_data));
//omg, it's 0 , 0 : error, lets die here
if ((int) $user_info[0] == 0) {
return false;
}
//
//if we want username only we have to return it quickly and die here
//
if ($return_username) {
return empty($script_cp1256) || !$script_cp1256 ? $user_info[1] : $usrcp->kleeja_utf8($user_info[1]);
}
//
//when loggin to admin, we just want a check, no data setup ..
//
if (!$loginadm) {
define('USER_ID', $user_info[1]);
define('GROUP_ID', 3);
define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $user_info[2] : $usrcp->kleeja_utf8($user_info[2]));
define('USER_MAIL', $user_info[3]);
define('USER_ADMIN', (int) $user_info[5] == 1 ? 1 : 0);
}
//user ifo
//and this must be filled with user data comming from url
$userinfo = array();
$userinfo['group_id'] = GROUP_ID;
$user_y = kleeja_base64_encode(serialize(array('id' => USER_ID, 'name' => USER_NAME, 'mail' => USER_MAIL, 'last_visit' => time())));
//add cookies
if (!$loginadm) {
$usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($user_info[1] . '|' . $user_info[4] . '|' . $expire . '|' . sha1(md5($config['h_key'] . $user_info[4]) . $expire) . '|' . GROUP_ID . '|' . $user_y), $expire);
}
//no need after now
unset($pass);
//yes ! he is a real user
return true;
}
//begin default files page
//
$query = array('SELECT' => 'COUNT(f.id) AS total_files', 'FROM' => "{$dbprefix}files f", 'ORDER BY' => 'f.id ');
#if user system is default, we use users table
if ((int) $config['user_system'] == 1) {
$query['JOINS'] = array(array('LEFT JOIN' => "{$dbprefix}users u", 'ON' => 'u.id=f.user'));
}
//posts search ..
if (isset($_POST['search_file'])) {
redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&search=' . kleeja_base64_encode(serialize($_POST)));
$SQL->close();
exit;
} else {
if (isset($_GET['search'])) {
$deletelink = basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&deletefiles=' . $SQL->escape($_GET['search']);
$search = unserialize(kleeja_base64_decode($_GET['search']));
$search['filename'] = !isset($search['filename']) ? '' : $search['filename'];
$search['username'] = !isset($search['username']) ? '' : $search['username'];
$search['than'] = !isset($search['than']) ? 1 : $search['than'];
$search['size'] = !isset($search['size']) ? '' : $search['size'];
$search['ups'] = !isset($search['ups']) ? '' : $search['ups'];
$search['uthan'] = !isset($search['uthan']) ? 1 : $search['uthan'];
$search['rep'] = !isset($search['rep']) ? '' : $search['rep'];
$search['rthan'] = !isset($search['rthan']) ? 1 : $search['rthan'];
$search['lastdown'] = !isset($search['lastdown']) ? '' : $search['lastdown'];
$search['ext'] = !isset($search['ext']) ? '' : $search['ext'];
$search['user_ip'] = !isset($search['user_ip']) ? '' : $search['user_ip'];
$file_namee = $search['filename'] != '' ? 'AND f.real_filename LIKE \'%' . $SQL->escape($search['filename']) . '%\' ' : '';
$usernamee = $search['username'] != '' ? 'AND u.name LIKE \'%' . $SQL->escape($search['username']) . '%\'' : '';
$size_than = ' f.size ' . ($search['than'] != 1 ? '<=' : '>=') . intval($search['size']) * 1024 . ' ';
$ups_than = $search['ups'] != '' ? 'AND f.uploads ' . ($search['uthan'] != 1 ? '<' : '>') . intval($search['ups']) . ' ' : '';
function kleeja_check_user()
{
global $config, $SQL, $dbprefix, $userinfo;
($hook = kleeja_run_hook('kleeja_check_user_func_usr_class')) ? eval($hook) : null;
//run hook
#to make sure
$userinfo = array('id' => -1, 'group_id' => 2);
//if login up
if ($this->kleeja_get_cookie('ulogu')) {
$user_data = false;
list($user_id, $hashed_password, $expire_at, $hashed_expire, $group_id, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2));
//if not expire
if ($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at) && $expire_at > time()) {
/* For better performance we will take the risks */
/*
!defined('IN_DOWNLOAD')
*/
//exit(print_r( @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2))));
if (user_can('enter_acp', $group_id)) {
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
} else {
if (!empty($u_info)) {
$userinfo = unserialize(kleeja_base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
define('USER_ID', $userinfo['id']);
define('GROUP_ID', $userinfo['group_id']);
define('USER_NAME', $userinfo['name']);
define('USER_MAIL', $userinfo['mail']);
define('LAST_VISIT', $userinfo['last_visit']);
$user_data = true;
}
}
}
if ($user_data == false) {
$this->logout();
} else {
return $user_data;
}
} else {
#guest
define('USER_ID', $userinfo['id']);
define('GROUP_ID', $userinfo['group_id']);
}
return false;
//nothing
}
kleeja_admin_err($errs);
}
}
}
//
//begin of default users page
//
$query = array('SELECT' => 'COUNT(id) AS total_users', 'FROM' => "{$dbprefix}users", 'ORDER BY' => 'id ASC');
//posts search ..
if (isset($_POST['search_user'])) {
redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&search=' . kleeja_base64_encode(serialize($_POST)));
$SQL->close();
exit;
} else {
if (isset($_GET['search'])) {
$search = kleeja_base64_decode($_GET['search']);
$search = unserialize($search);
$usernamee = $search['username'] != '' ? 'AND name LIKE \'%' . $SQL->escape($search['username']) . '%\' ' : '';
$usermailee = $search['usermail'] != '' ? 'AND mail LIKE \'%' . $SQL->escape($search['usermail']) . '%\' ' : '';
$is_search = true;
$isn_search = false;
$query['WHERE'] = "name != '' {$usernamee} {$usermailee}";
} else {
if (isset($_GET['admin'])) {
$admin = (int) $_GET['admin'] == 1 ? "AND admin = 1 " : '';
$is_search = true;
$isn_search = false;
$is_asearch = true;
$query['WHERE'] = "name != '' {$admin}";
}
}
/**
* delete any content from any template , this will used in plugins
* used in unistall tag at plugin xml file
*
* todo : use file handler, require ftp info at uninstalling
*/
function delete_ch_tpl($template_name, $delete_txt = array())
{
global $dbprefix, $lang, $config, $STYLE_PATH_ADMIN, $STYLE_PATH, $THIS_STYLE_PATH;
if (is_array($template_name)) {
foreach ($template_name as $tn) {
$this->delete_ch_tpl($tn, $delete_txt);
}
return;
}
$style_path = substr($template_name, 0, 6) == 'admin_' ? $STYLE_PATH_ADMIN : $THIS_STYLE_PATH;
$is_admin_template = substr($template_name, 0, 6) == 'admin_' ? true : false;
//if template not found and default style is there and not admin tpl
$template_path = $style_path . $template_name . '.html';
if (!file_exists($template_path)) {
if ($config['style'] != 'default' && !$is_admin_template) {
$template_path_alternative = str_replace('/' . $config['style'] . '/', '/default/', $template_path);
if (file_exists($template_path_alternative)) {
$template_path = $template_path_alternative;
}
}
}
if (file_exists($template_path)) {
$d_contents = file_get_contents($template_path);
} else {
$d_contents = '';
}
include_once "s_strings.php";
$finder = new sa_srch();
$finder->find_word = $delete_txt;
$finder->another_word = '<!-- deleted ' . md5(implode(null, $delete_txt)) . ' -->';
$finder->text = trim($d_contents);
$finder->do_search(2);
$cached_instructions = array();
if ($d_contents != '' && md5($finder->text) != md5($d_contents) && is_writable($style_path)) {
//update
$this->f->_write($style_path . $template_name . '.html', $finder->text);
//delete cache ..
delete_cache('tpl_' . $template_name);
} else {
$cached_instructions[$template_name] = array('action' => 'replace_with', 'find' => $finder->find_word[0] . '(.*?)' . $finder->find_word[1], 'action_text' => $finder->another_word);
}
//add cached instuctions to cache if there
if (sizeof($cached_instructions) > 0) {
//fix
if (file_exists(PATH . 'cache/styles_cached.php')) {
$cached_content = file_get_contents(PATH . 'cache/styles_cached.php');
$cached_content = kleeja_base64_decode($cached_content);
$cached_content = unserialize($cached_content);
$cached_instructions += $cached_content;
}
$filename = @fopen(PATH . 'cache/styles_cached.php', 'w');
fwrite($filename, kleeja_base64_encode(serialize($cached_instructions)));
fclose($filename);
}
if ($this->f_method === 'zfile') {
if ($this->f->check()) {
$this->zipped_files = $this->f->push($plugin_name);
}
}
return true;
}
echo "\t" . '<options>' . "\n";
while ($config = $SQL->fetch_array($queryconfig)) {
echo "\t\t" . '<option name="' . $config['name'] . '" value="' . $config['value'] . '" order="' . $config['display_order'] . '" menu="' . $config['type'] . '"><![CDATA[' . clean_xml_cdata($config['option']) . ']]></option>' . "\n";
}
echo "\t" . '</options>' . "\n";
}
$queryhooks = $SQL->build(array('SELECT' => '*', 'FROM' => "{$dbprefix}hooks", 'WHERE' => "plg_id=" . $plg_id));
if ($SQL->num_rows($queryhooks) > 0) {
echo "\t" . '<hooks>' . "\n";
while ($hook = $SQL->fetch_array($queryhooks)) {
echo "\t\t" . '<hook name="' . $hook['hook_name'] . '"><![CDATA[' . clean_xml_cdata($hook['hook_content']) . ']]></hook>' . "\n";
}
echo "\t" . '</hooks>' . "\n";
}
if (!empty($row['plg_files'])) {
$nfiles = unserialize(kleeja_base64_decode($row['plg_files']));
echo "\t" . '<files>' . "\n";
foreach ($nfiles as $f) {
if ($f[0] == '/') {
$f = substr($f, 1);
}
echo "\t\t" . '<file path="' . $f . '"><![CDATA[' . kleeja_base64_encode(@file_get_contents(PATH . $f)) . ']]></file>' . "\n";
}
echo "\t" . '</files>' . "\n";
}
echo '</kleeja>';
exit;
} else {
kleeja_admin_err($lang['ERROR']);
}
break;
