header("HTTP/1.0 403"); i18n('ERROR_UPLOAD'); die; } foreach ($errors as $msg) { $error = $msg . '<br />'; } } } } // if creating new folder if (isset($_GET['newfolder']) && $allowcreatefolder) { check_for_csrf("createfolder"); $newfolder = $_GET['newfolder']; // check for invalid chars $cleanname = clean_url(to7bit(strippath($newfolder), "UTF-8")); $cleanname = basename($cleanname); if (file_exists($path . $cleanname) || $cleanname == '') { $error = i18n_r('ERROR_FOLDER_EXISTS'); } else { if (getDef('GSCHMOD')) { $chmod_value = GSCHMOD; } else { $chmod_value = 0755; } if (create_dir($path . $cleanname, $chmod_value)) { //create folder for thumbnails $thumbFolder = GSTHUMBNAILPATH . $subFolder . $cleanname; if (!file_exists($thumbFolder)) { create_dir($thumbFolder, $chmod_value); }
* Displays information on the passed image * * @package GetSimple * @subpackage Images */ // Setup inclusions $load['plugin'] = true; // Include common.php include 'inc/common.php'; // Variable Settings login_cookie_check(); $subPath = isset($_GET['path']) ? $_GET['path'] : ""; if ($subPath != '') { $subPath = tsl($subPath); } $src = strippath($_GET['i']); $thumb_folder = GSTHUMBNAILPATH . $subPath; $src_folder = '../data/uploads/'; $thumb_folder_rel = '../data/thumbs/' . $subPath; if (!is_file($src_folder . $subPath . $src)) { redirect("upload.php"); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { require_once 'inc/imagemanipulation.php'; $objImage = new ImageManipulation($src_folder . $subPath . $src); if ($objImage->imageok) { $objImage->setCrop($_POST['x'], $_POST['y'], $_POST['w'], $_POST['h']); //$objImage->show(); $objImage->save($thumb_folder . 'thumbnail.' . $src); $success = i18n_r('THUMB_SAVED'); } else {
* * @package GetSimple * @subpackage Theme */ # setup inclusions $load['plugin'] = true; include 'inc/common.php'; login_cookie_check(); # variable settings $theme_options = ''; $template_file = ''; $template = $TEMPLATE; $theme_templates = ''; # were changes submitted? if (isset($_GET['t'])) { $_GET['t'] = strippath($_GET['t']); if ($_GET['t'] && is_dir(GSTHEMESPATH . $_GET['t'] . '/')) { $template = $_GET['t']; } } if (isset($_GET['f'])) { if (is_file(GSTHEMESPATH . $template . '/' . $_GET['f'])) { $template_file = $_GET['f']; } } if (isset($_POST['themesave'])) { $themesave = var_in($_POST['themesave']); if ($themesave == "default") { setcookie('gs_editor_theme', '', time() - 3600); } else { setcookie('gs_editor_theme', $themesave);
include 'inc/common.php'; // Variable settings login_cookie_check(); $theme_options = ''; $TEMPLATE_FILE = ''; $template = ''; $theme_templates = ''; // Were changes submitted? if (isset($_GET['t'])) { $_GET['t'] = strippath($_GET['t']); if ($_GET['t'] && is_dir($relative . 'theme/' . $_GET['t'] . '/')) { $TEMPLATE = $_GET['t']; } } if (isset($_GET['f'])) { $_GET['f'] = strippath($_GET['f']); if ($_GET['f'] && is_file($relative . 'theme/' . $TEMPLATE . '/' . $_GET['f'])) { $TEMPLATE_FILE = $_GET['f']; } } // Save? if (isset($_POST['submitsave'])) { $nonce = $_POST['nonce']; if (!check_nonce($nonce, "save")) { die("CSRF detected!"); } $SavedFile = $_POST['edited_file']; $FileContents = stripslashes(htmlspecialchars_decode($_POST['content'], ENT_QUOTES)); $fh = fopen($relative . 'theme/' . $SavedFile, 'w') or die("can't open file"); fwrite($fh, $FileContents); fclose($fh);
/**************************************************** * * @File: log.php * @Package: GetSimple * @Action: Displays the log file passed to it * *****************************************************/ // Setup inclusions $load['plugin'] = true; // Relative $relative = '../'; // Include common.php include 'inc/common.php'; // Variable Settings login_cookie_check(); $log_name = strippath(@$_GET['log']); $log_path = GSDATAOTHERPATH . 'logs/'; $log_file = $log_path . $log_name; if (!is_file($log_file)) { $log_name = ''; $log_data = false; } if (@$_GET['action'] == 'delete' && strlen($log_name) > 0) { $nonce = $_GET['nonce']; if (!check_nonce($nonce, "delete")) { die("CSRF detected!"); } unlink($log_file); exec_action('logfile_delete'); header('Location: support.php?success=Log ' . $log_name . $i18n['MSG_HAS_BEEN_CLR']); exit;