function init($dir = null) { if ($dir != null) { $this->setdir($dir); } $this->group('settings'); $this->group('global'); $this->group('modules'); $this->group('custom'); @ini_set('default_charset', ''); if (!headers_sent()) { viscacha_header('Content-type: text/html; charset=' . $this->phrase('charset')); } global $slog; if (isset($slog) && is_object($slog) && method_exists($slog, 'setlang')) { $slog->setlang($this->phrase('fallback_no_username'), $this->phrase('timezone_summer')); } global $config, $breadcrumb; if (isset($breadcrumb)) { $isforum = array('addreply', 'attachments', 'edit', 'forum', 'manageforum', 'managetopic', 'misc', 'newtopic', 'pdf', 'search', 'showforum', 'showtopic'); if ($config['indexpage'] != 'forum' && in_array(SCRIPTNAME, $isforum)) { $breadcrumb->Add($this->phrase('forumname'), iif(SCRIPTNAME != 'forum', 'forum.php')); } } }
function Out($skip = 1) { global $breadcrumb, $config, $mymodules; $this->sid = SID2URL; $Contents = ob_get_contents(); ob_end_clean(); $Contents = $this->AddSid($Contents); if (isset($mymodules)) { extract($mymodules->load('docout_parse', get_defined_vars()), EXTR_SKIP); } if ($this->enc != FALSE && $skip == 1 && $this->cfg == 1) { viscacha_header("Content-Encoding: " . $this->enc); print "‹"; $Size = strlen($Contents); $Crc = crc32($Contents); $Contents = gzcompress($Contents, $this->level); $Contents = substr($Contents, 0, strlen($Contents) - 4); print $Contents; print pack('V', $Crc); print pack('V', $Size); exit; } else { print $Contents; exit; } }
function get_image() { $mime = get_mimetype($this->path); viscacha_header('Content-Type: ' . $mime['mime']); readfile($this->path); exit; }
function initAdmin($dir = null) { if ($dir != null) { $this->setdir($dir); } $this->group('settings'); $this->group('admin/global'); $this->group('modules'); $this->group('custom'); @ini_set('default_charset', ''); if (!headers_sent()) { viscacha_header('Content-type: text/html; charset=' . $this->phrase('charset')); } }
function initAdmin($dir = null) { global $admconfig, $my; if (!empty($my->settings['default_language'])) { $dir = $my->settings['default_language']; } elseif (is_id($admconfig['default_language'])) { $dir = $admconfig['default_language']; } if ($dir != null) { $this->setdir($dir); } $this->group('settings'); $this->group('admin/global'); $this->group('modules'); $this->group('custom'); @ini_set('default_charset', ''); if (!headers_sent()) { viscacha_header('Content-type: text/html; charset=' . $this->charset()); } }
function Out($skip = 1) { global $breadcrumb, $config, $plugins; $this->sid = SID2URL; $Contents = ob_get_contents(); ob_end_clean(); $Contents = $this->AddSid($Contents); ($code = $plugins->load('docout_parse')) ? eval($code) : null; if ($this->enc != FALSE && $skip == 1 && $this->cfg == 1) { viscacha_header("Content-Encoding: " . $this->enc); print "‹"; $Size = strlen($Contents); $Crc = crc32($Contents); $Contents = gzcompress($Contents, $this->level); $Contents = substr($Contents, 0, strlen($Contents) - 4); print $Contents; print pack('V', $Crc); print pack('V', $Size); } else { print $Contents; } }
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ error_reporting(E_ALL); define('SCRIPTNAME', 'ajax'); define('VISCACHA_CORE', '1'); define('TEMPSHOWLOG', 1); include "data/config.inc.php"; include "classes/function.viscacha_frontend.php"; $my->p = $slog->Permissions(); $action = $gpc->get('action', str); viscacha_header("Content-type: text/plain"); send_nocache_header(); ($code = $plugins->load('ajax_start')) ? eval($code) : null; // Schliesst oder oeffnet einen Beitrag mittels AJAX if ($action == 'openclosethread') { $result = $db->query("SELECT status, board FROM {$db->pre}topics WHERE id = '{$_GET['id']}'", __LINE__, __FILE__); $row = $db->fetch_assoc($result); $my->p = $slog->Permissions($row['board']); $my->mp = $slog->ModPermissions($row['board']); $request = 1; if ($my->p['admin'] == 1 || $my->p['gmod'] == 1 || $my->mp[0] == 1) { if ($row['status'] == 0) { $db->query("UPDATE {$db->pre}topics SET status = '1' WHERE id = '{$_GET['id']}'", __LINE__, __FILE__); if ($db->affected_rows() == 1) { $request = 3; }
include 'admin/designs.php'; } elseif ($action == 'packages') { include 'admin/packages.php'; } elseif ($action == 'profilefield') { include 'admin/profilefield.php'; } elseif ($action == 'posts') { include 'admin/posts.php'; } elseif ($action == 'logout') { $slog->sid_logout(); echo head(); ok('admin.php', $lang->phrase('admin_successfully_logged_off')); } elseif ($action == 'locate') { $url = $gpc->get('url', none); if (!empty($url)) { $db->close(); viscacha_header('Location: ' . $url); exit; } else { echo head(); if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], 'action=locate') === false) { $url = htmlspecialchars($_SERVER['HTTP_REFERER']); } else { $url = 'javascript:history.back(-1);'; } error($url, $lang->phrase('admin_choose_valid_location_option')); } } else { if (strlen($action) == 0) { include 'admin/frames.php'; } else { $error = true;
} $db->query('UPDATE ' . $db->pre . 'menu SET active = "' . $pos . '" WHERE id = ' . $id); $plug = $gpc->get('plug', int); if ($plug > 0) { $result = $db->query("SELECT position FROM {$db->pre}plugins WHERE id = '{$plug}'"); if ($db->num_rows($result) > 0) { $module_sql = ", module = '{$plug}'"; $row = $db->fetch_assoc($result); $filesystem->unlink('cache/modules/' . $plugins->_group($row['position']) . '.php'); // Do not do that anymore, because it may be required // $db->query("UPDATE {$db->pre}plugins SET active = '{$pos}' WHERE id = '{$plug}' LIMIT 1"); } } $delobj = $scache->load('modules_navigation'); $delobj->delete(); viscacha_header('Location: admin.php?action=cms&job=nav'); } elseif ($job == 'nav_addplugin') { echo head(); $id = $gpc->get('id', int); $sort = $db->query("SELECT id, name, position FROM {$db->pre}menu WHERE sub = '0' ORDER BY position, ordering, id"); $plugs = $db->query("SELECT id, name FROM {$db->pre}plugins WHERE position = 'navigation' ORDER BY ordering"); $groups = $db->query("SELECT id, name FROM {$db->pre}groups"); $pos = parseNavPosSetting(); ?> <form name="form" method="post" action="admin.php?action=cms&job=nav_addplugin2"> <table class="border" border="0" cellspacing="0" cellpadding="4" align="center"> <tr> <td class="obox" colspan="2"><?php echo $lang->phrase('admin_cms_nav_add_plugin'); ?> </td>
echo foot(); } elseif ($job == "captcha_noises_delete") { echo head(); $delete = $gpc->get('delete', arr_str); $deleted = 0; foreach ($delete as $filename) { $filesystem->unlink('classes/graphic/noises/' . $filename . '.jpg'); if (!file_exists('classes/graphic/noises/' . $filename . '.jpg')) { $deleted++; } } ok('admin.php?action=misc&job=captcha_noises', $deleted . ' Background pictures have been deleted.'); } elseif ($job == "captcha_noises_view") { $file = $gpc->get('file', str); viscacha_header('Content-Type: image/jpeg'); viscacha_header('Content-Disposition: inline; filename="' . $file . '.jpg"'); readfile('classes/graphic/noises/' . $file . '.jpg'); } elseif ($job == "captcha_noises") { $fonts = array(); $dir = 'classes/graphic/noises/'; if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if (get_extension($file) == 'jpg') { $fonts[] = $dir . $file; } } closedir($dh); } echo head(); ?> <form action="admin.php?action=misc&job=captcha_noises_delete" name="form2" method="post">
error($inserterrors, 'attachments.php?type=' . $_GET['type'] . '&id=' . $_GET['id'] . SID2URL_x); } if ($_GET['type'] == 'edit' && ($my->mp[0] == 1 || $upinfo['name'] == $my->id)) { $upper = $upinfo['name']; $tid = $upinfo['id']; } else { $upper = $my->id; $tid = 0; } if (count($insertuploads) > 0 && count($insertuploads) <= $config['tpcmaxuploads']) { foreach ($insertuploads as $up) { $up = trim($up); $db->query("INSERT INTO {$db->pre}uploads (file,tid,mid,topic_id) VALUES ('{$up}','{$tid}','{$upper}','{$upinfo['topic_id']}')", __LINE__, __FILE__); } } viscacha_header('Location: attachments.php?type=' . $_GET['type'] . '&id=' . $_GET['id'] . SID2URL_JS_x); } } else { echo $tpl->parse("popup/header"); $filetypes = implode($lang->phrase('listspacer'), explode('|', $config['tpcfiletypes'])); $filesize = formatFilesize($config['tpcfilesize']); if ($_GET['type'] == 'edit' && ($my->mp[0] == 1 || $upinfo['name'] == $my->id)) { $result = $db->query('SELECT id, file FROM ' . $db->pre . 'uploads WHERE mid = "' . $upinfo['name'] . '" AND tid = "' . $upinfo['id'] . '"', __LINE__, __FILE__); } else { $result = $db->query('SELECT id, file FROM ' . $db->pre . 'uploads WHERE mid = "' . $my->id . '" AND topic_id = "' . $upinfo['id'] . '" AND tid = "0"', __LINE__, __FILE__); } $free = $config['tpcmaxuploads'] - $db->num_rows($result); if ($free < 1) { $free = 0; } $uploads = array();
} elseif ($job == 'cat_move' || $job == 'forum_move') { $id = $gpc->get('id', int); $move = $gpc->get('move', int); if (!is_id($id)) { echo head(); error('admin.php?action=forums&job=manage', 'Forum or Category was not found on account of an invalid ID.'); } $table = iif($job == 'cat_move', "{$db->pre}categories", "{$db->pre}forums"); $cache = iif($job == 'cat_move', "categories", "cat_bid"); $op = iif($move == 1, "+", "-"); $db->query("UPDATE {$table} SET position = position{$op}1 WHERE id = '{$id}' LIMIT 1", __LINE__, __FILE__); $delobj = $scache->load('forumtree'); $delobj->delete(); $delobj = $scache->load($cache); $delobj->delete(); viscacha_header('Location: admin.php?action=forums&job=manage'); } elseif ($job == 'rights') { echo head(); $id = $gpc->get('id', int); if ($id == 0) { error('admin.pgp?action=forums&job=manage', 'Forum not found'); } $result = $db->query("SELECT f.*, g.name, g.title, g.guest, g.core FROM {$db->pre}fgroups AS f LEFT JOIN {$db->pre}groups AS g ON g.id = f.gid WHERE f.bid = '{$id}' ORDER BY f.gid", __LINE__, __FILE__); $cache = array(); $colspan = count($glk_forums) + 2; ?> <form name="form" method="post" action="admin.php?action=forums&job=rights_delete&id=<?php echo $id; ?> "> <table class="border">
} ?> <tr> <td class="ubox" colspan="2" align="center"><input type="submit" name="Submit" value="<?php echo $lang->phrase('admin_lang_form_save'); ?> " /></td> </tr> </table> </form> <?php echo foot(); } elseif ($job == 'phrase_add2') { echo head(); $varname = $gpc->get('varname', none); $text = $gpc->get('text', none); $file = base64_decode($gpc->get('file', none)); $language = $gpc->get('langt', none); $c = new manageconfig(); foreach ($language as $id => $t) { if (empty($t)) { $t = $text; } $c->getdata("language/{$id}/{$file}", 'lang'); $c->updateconfig($varname, str, $t); $c->savedata(); } ok('admin.php?action=language&job=phrase_file&file=' . urlencode(base64_encode($file))); } else { viscacha_header('Location: admin.php?action=language&job=manage'); }
error('admin.php?action=groups&job=add', 'Die Gruppe konnte nicht eingefügt werden!'); } } elseif ($job == 'delete') { $del = $gpc->get('delete', arr_int); $edit = $gpc->get('edit', int); if (isset($_POST['submit_delete']) && count($del) > 0) { $db->query("DELETE FROM {$db->pre}groups WHERE id IN (" . implode(',', $del) . ")"); $anz = $db->affected_rows(); $scache = new scache('group_status'); $scache->deletedata(); echo head(); ok('admin.php?action=groups&job=manage', $anz . ' Einträge gelöscht'); } elseif (isset($_POST['submit_edit']) && $edit > 0) { viscacha_header('Location: admin.php?action=groups&job=edit&id=' . $edit); } else { viscacha_header('Location: admin.php?action=groups&job=manage'); } } elseif ($job == 'edit') { $id = $gpc->get('id', int); echo head(); $result = $db->query("SELECT * FROM {$db->pre}groups WHERE id = '{$id}' LIMIT 1", __LINE__, __FILE__); if ($db->num_rows($result) != 1) { error('admin.php?action=groups&job=manage', 'Keine gültige ID angegeben'); } $data = $db->fetch_assoc($result); ?> <form name="form" method="post" action="admin.php?action=groups&job=edit2&id=<?php echo $id; ?> "> <table class="border">
/** * @since 1.4 * @access private */ function _redirect($filename, $op = true) { if ($op) { $a = 'inline'; } else { $a = 'attachment'; } viscacha_header("Content-Type: " . $this->contentType . "; charset=" . $this->encoding); viscacha_header("Content-Disposition: " . $a . "; filename=" . basename($filename)); readfile($filename, "r"); die; }
function sid_new($fromload = FALSE) { global $config, $db, $gpc; if (!$fromload) { $load = $db->query('SELECT mid FROM ' . $db->pre . 'session WHERE mid = "' . $this->cookiedata[0] . '" LIMIT 1', __LINE__, __FILE__); if ($db->num_rows($load) == 1) { $my = $this->sid_load(TRUE); return $my; } } $result = $db->query('SELECT * FROM ' . $db->pre . 'user WHERE id = "' . $this->cookiedata[0] . '" AND pw = "' . $this->cookiedata[1] . '" LIMIT 1', __LINE__, __FILE__); $my = $gpc->prepare($db->fetch_object($result)); if ($db->num_rows($result) == 1 && $my->confirm == '11') { $id =& $my->id; $lastvisit =& $my->lastvisit; $my->clv = $my->lastvisit; $my->vlogin = TRUE; makecookie($config['cookie_prefix'] . '_vdata', $my->id . "|" . $my->pw); } else { $id = 0; $lastvisit = $this->cookielastvisit; $my->clv = $this->cookielastvisit; $my->vlogin = FALSE; makecookie($config['cookie_prefix'] . '_vdata', "|"); } makecookie($config['cookie_prefix'] . '_vlastvisit', $lastvisit); $this->sid = $this->construct_sid(); $my->sid =& $this->sid; $my->mark = serialize(array()); $my->pwfaccess = serialize(array()); $my->settings = serialize(array()); $action = $gpc->get('action', str); $qid = $gpc->get('id', int); $db->query("INSERT INTO {$db->pre}session \n\t(sid, mid, wiw_script, wiw_action, wiw_id, active, ip, remoteaddr, lastvisit, mark, pwfaccess, settings) VALUES\n\t('{$this->sid}', '{$id}','" . SCRIPTNAME . "','" . $action . "','" . $qid . "','" . time() . "','{$this->ip}','" . $gpc->save_str(htmlspecialchars($_SERVER['HTTP_USER_AGENT'])) . "','{$lastvisit}','{$my->mark}','{$my->pwfaccess}','{$my->settings}')", __LINE__, __FILE__); if (!$this->cookies && !$this->querysid) { $arr = parse_url($_SERVER['REQUEST_URI']); if (empty($arr['query'])) { $url = $_SERVER['REQUEST_URI'] . '?s=' . $this->sid; } else { $url = $_SERVER['REQUEST_URI'] . '&s=' . $this->sid; } viscacha_header('Location: ' . $url); } return $my; }
$data['buttonimage'] = ''; } else { $ext = get_extension($data['buttonimage']); if (!in_array($ext, $imagetype_extension)) { $data['buttonimage'] = ''; } else { $data['button'] = base64_encode($button); } } } else { $data['buttonimage'] = ''; } $content = serialize($data); viscacha_header('Content-Type: text/plain'); viscacha_header('Content-Length: ' . strlen($content)); viscacha_header('Content-Disposition: attachment; filename="' . $data['bbcodetag'] . '.bbc"'); print $content; } elseif ($job == 'custombb_import') { echo head(); $file = $gpc->get('file', str); ?> <form name="form2" method="post" enctype="multipart/form-data" action="admin.php?action=bbcodes&job=custombb_import2"> <table class="border" cellpadding="4" cellspacing="0" border="0"> <tr><td class="obox" colspan="2"><?php echo $lang->phrase('admin_bbc_import_design'); ?> </td></tr> <tr><td class="mbox"><?php echo $lang->phrase('admin_bbc_either_upload'); ?> <br /><span class="stext"><?php
} ok('admin.php?action=designs&job=images', $lang->phrase('admin_design_images_successfully_imported')); } elseif ($job == 'images_export') { $id = $gpc->get('id', int); $file = 'images' . $id . '.zip'; $dir = "images/{$id}/"; $tempdir = "temp/"; require_once 'classes/class.zip.php'; $archive = new PclZip($tempdir . $file); $v_list = $archive->create($dir, PCLZIP_OPT_REMOVE_PATH, $dir); if ($v_list == 0) { echo head(); unset($archive); if ($del > 0) { $filesystem->unlink($tempdir . $file); } error('admin.php?action=designs&job=images', $archive->errorInfo(true)); } else { viscacha_header('Content-Type: application/zip'); viscacha_header('Content-Disposition: attachment; filename="' . $file . '"'); viscacha_header('Content-Length: ' . filesize($tempdir . $file)); readfile($tempdir . $file); unset($archive); if ($del > 0) { $filesystem->unlink($tempdir . $file); } $filesystem->unlink($tempdir . $file); } } else { viscacha_header('Location: admin.php?action=designs&job=design&interface=1'); }
if (empty($board) || !isset($fc[$board])) { error($lang->phrase('query_string_error')); } $row = $fc[$board]; if ($row['opt'] == 'pw') { $my->p = $slog->Permissions($board); if ($row['optvalue'] == $_POST['pw']) { $my->pwfaccess[$board] = $row['optvalue']; ok($lang->phrase('goboardpw_success'), 'showforum.php?id=' . $board); } else { error($lang->phrase('goboardpw_wrong_password')); } } else { $slog->updatelogged(); $db->close(); viscacha_header('Location: showforum.php?id=' . $board . SID2URL_JS_x); exit; } } elseif ($_GET['action'] == "report_post" || $_GET['action'] == "report_post2") { ($code = $plugins->load('showtopic_topic_query')) ? eval($code) : null; $result = $db->query("SELECT r.id, r.report, r.topic_id, r.tstart, r.topic AS title, t.topic, t.status, t.board, t.prefix FROM {$db->pre}replies AS r LEFT JOIN {$db->pre}topics AS t ON r.topic_id = t.id WHERE r.id = '{$_GET['id']}' LIMIT 1", __LINE__, __FILE__); $info = $gpc->prepare($db->fetch_assoc($result)); $my->p = $slog->Permissions($info['board']); $error = array(); if ($db->num_rows($result) < 1) { $error[] = $lang->phrase('query_string_error'); } if ($my->p['forum'] == 0) { $error[] = $lang->phrase('not_allowed'); } if (count($error) > 0) {
} } elseif ($_GET['action'] == "about2") { if ($my->p['useabout'] == 0) { errorLogin($lang->phrase('not_allowed'), "editprofile.php"); } $error = array(); if (strxlen($_POST['about']) > $config['maxaboutlength']) { $error[] = $lang->phrase('about_too_long'); } ($code = $plugins->load('editprofile_about2_start')) ? eval($code) : null; if (count($error) > 0 || !empty($_POST['Preview'])) { $fid = save_error_data($_POST['about']); if (!empty($_POST['Preview'])) { $slog->updatelogged(); $db->close(); viscacha_header("Location: editprofile.php?action=about&job=preview&fid=" . $fid . SID2URL_JS_x); exit; } else { error($error, "editprofile.php?action=about&fid=" . $fid . SID2URL_x); } } else { ($code = $plugins->load('editprofile_about2_query')) ? eval($code) : null; $db->query("UPDATE {$db->pre}user SET about = '{$_POST['about']}' WHERE id = '{$my->id}'"); ok($lang->phrase('data_success'), "editprofile.php?action=about" . SID2URL_x); } } elseif ($_GET['action'] == "about") { if ($my->p['useabout'] == 0) { errorLogin($lang->phrase('not_allowed'), "editprofile.php"); } $breadcrumb->Add($lang->phrase('editprofile_about')); echo $tpl->parse("header");
$d = $gpc->get('id', str); $key = $gpc->get('key', int); if ($key == 3 || $key == 4) { $data = file('data/feedcreator.inc.php'); $n = array(); foreach ($data as $r) { $row = explode('|', $r); $row = array_map('trim', $row); if (strtoupper($row[0]) == strtoupper($d)) { $row[$key] = invert($row[$key]); } $n[] = implode('|', $row); } $filesystem->file_put_contents('data/feedcreator.inc.php', implode("\n", $n)); } viscacha_header('Location: admin.php?action=misc&job=feedcreator'); } elseif ($job == 'feedcreator_add') { echo head(); $name = $gpc->get('name', str); $class = $gpc->get('class', str); $active = $gpc->get('active', str); $dl = $gpc->get('dl', str); $dir = realpath('./classes/feedcreator/'); $inserterrors = array(); require "classes/class.upload.php"; $my_uploader = new uploader(); $my_uploader->max_filesize(200 * 1024); if ($my_uploader->upload('upload', array('.php'))) { if (strlen($my_uploader->return_error()) > 0) { array_push($inserterrors, $my_uploader->return_error()); }
$result = $db->query("\n\tSELECT r.topic_id\n\tFROM {$db->pre}replies AS r {$having}\n\tWHERE {$sql_where}\n\tGROUP BY r.topic_id\n\tLIMIT {$config['maxsearchresults']}\n\t", __LINE__, __FILE__); $searchresult = array(); while ($row = $db->fetch_assoc($result)) { $searchresult[] = $row['topic_id']; } if (count($searchresult) > 0) { $data = array('ids' => $searchresult, 'ignored' => $ignored, 'used' => $used); $vals = array('search', 'name', 'boards', 'opt_0', 'opt_1', 'opt_2', 'temp', 'temp2', 'sort', 'order'); foreach ($vals as $v) { $data[$v] = $_POST[$v]; } $fid = md5(microtime()); file_put_contents('cache/search/' . $fid . '.inc.php', serialize($data)); $slog->updatelogged(); $db->close(); viscacha_header('Location: search.php?action=result&fid=' . $fid . SID2URL_JS_x); exit; } else { error($lang->phrase('search_nothingfound'), 'search.php' . SID2URL_1); } } elseif ($_GET['action'] == "result") { $file = 'cache/search/' . $_GET['fid'] . '.inc.php'; if (!file_exists($file)) { error($lang->phrase('search_doesntexist'), 'search.php' . SID2URL_1); } $data = file_get_contents($file); $data = unserialize($data); $ignored = array(); foreach ($data['ignored'] as $row) { $row = trim($row); if (!empty($row)) {
} $db->close(); viscacha_header('Location: showtopic.php?id=' . $info['id'] . '&page=' . $pgs . $qUrl . SID2URL_JS_x . '#p' . $mylast[1]); exit; } elseif ($_GET['action'] == 'jumpto') { $result = $db->query('SELECT date, id FROM ' . $db->pre . 'replies WHERE topic_id = "' . $info['id'] . '" AND id="' . $gpc->get('topic_id', int) . '" ORDER BY date DESC LIMIT 1'); $mylast = $db->fetch_num($result); $result = $db->query('SELECT COUNT(*) AS count FROM ' . $db->pre . 'replies WHERE topic_id = "' . $info['id'] . '" AND date > "' . $mylast[0] . '"', __LINE__, __FILE__); $new = $db->fetch_assoc($result); $tp = $info['posts'] + 1 - $new['count']; $pgs = ceil($tp / $last['topiczahl']); if ($pgs < 1) { $pgs = 1; } $db->close(); viscacha_header('Location: showtopic.php?id=' . $info['id'] . '&page=' . $pgs . $qUrl . SID2URL_JS_x . '#p' . $mylast[1]); exit; } ($code = $plugins->load('showtopic_redirect')) ? eval($code) : null; $prefix = ''; if ($info['prefix'] > 0) { $prefix_obj = $scache->load('prefix'); $prefix_arr = $prefix_obj->get($info['board']); if (isset($prefix_arr[$info['prefix']])) { $prefix = $prefix_arr[$info['prefix']]['value']; $prefix = $lang->phrase('showtopic_prefix_title'); } } $topforums = get_headboards($fc, $last, TRUE); $breadcrumb->Add($last['name'], "showforum.php?id=" . $last['id'] . SID2URL_x); $breadcrumb->Add($prefix . $info['topic']);
/** * Sends a http status code to the client. * * Aditional header data can be send depending on the code number given in the first parameter. * Only some error codes support this and each error code has its own additional header data. * Supported additional headers: * - 301/302/307 => Location: Specify a new location (url) * - 401 => WWW-Authenticate: Specify a page name * - 503 => Retry-after: Specify the time the page is unavailable * * @param int $code Error Code Number * @param mixed $additional Additional Header data (depends in error code number) * @return boolean */ function sendStatusCode($code, $additional = null) { $status = array(100 => 'Continue', 101 => 'Switching Protocols', 200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content', 300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Moved Temporarily', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect', 400 => 'Bad Request', 401 => 'Authorization Required', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Time-Out', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Large', 415 => 'Unsupported Media Type', 416 => 'Request Rang Not Satisfiable', 417 => 'Expectation Failed', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Temporarily Unavailable', 504 => 'Gateway Time-Out', 505 => 'HTTP Version not supported'); if (isset($status[$code])) { viscacha_header("HTTP 1.1 {$code} {$status[$code]}"); viscacha_header("Status: {$code} {$status[$code]}"); // Additional headers if ($additional != null) { switch ($code) { case '301': case '302': case '307': viscacha_header("Location: {$additional}"); break; case '401': viscacha_header('WWW-Authenticate: Basic Realm="' . $additional . '"'); break; case '503': viscacha_header("Retry-After: {$additional}"); break; } } return true; } else { return false; } }
if ($v_list == 0) { $error = true; break; } } } } if ($error) { echo head(); unset($archive); $filesystem->unlink($tempdir . $file); error('admin.php?action=cms&job=com', $archive->errorInfo(true)); } else { viscacha_header('Content-Type: application/zip'); viscacha_header('Content-Disposition: attachment; filename="' . $file . '"'); viscacha_header('Content-Length: ' . filesize($tempdir . $file)); readfile($tempdir . $file); unset($archive); $filesystem->unlink($tempdir . $file); } } elseif ($job == 'com_delete') { echo head(); $id = $gpc->get('id', int); ?> <table class='border' border='0' cellspacing='0' cellpadding='4' align='center'> <tr><td class='obox'>Delete Component</td></tr> <tr><td class='mbox'> <p align="center">Do you really want to delete this component?</p> <p align="center"> <a href="admin.php?action=cms&job=com_delete2&id=<?php echo $id;
$data = array('topic' => $_POST['topic'], 'comment' => $_POST['comment'], 'dosmileys' => $_POST['dosmileys'], 'dowords' => $_POST['dowords'], 'id' => $_POST['id'], 'digest' => $digest, 'guest' => 0, 'human' => $human); if (!$my->vlogin) { if ($config['guest_email_optional'] == 0 && empty($_POST['email'])) { $data['email'] = ''; } else { $data['email'] = $_POST['email']; } $data['guest'] = 1; $data['name'] = $_POST['name']; } ($code = $plugins->load('addreply_save_errordata')) ? eval($code) : null; $fid = save_error_data($data); if (!empty($_POST['Preview'])) { $slog->updatelogged(); $db->close(); viscacha_header("Location: addreply.php?action=preview&id={$_POST['id']}&fid=" . $fid . SID2URL_JS_x); exit; } else { error($error, "addreply.php?id={$_POST['id']}&fid=" . $fid . SID2URL_x); } } else { set_flood(); if ($my->vlogin) { $guest = 0; } else { $guest = 1; } $date = time(); ($code = $plugins->load('addreply_save_queries')) ? eval($code) : null; $db->query("\n\t\tUPDATE {$db->pre}topics\n\t\tSET last_name = '" . $pnameid . "', last = '" . $date . "', posts = posts+1\n\t\tWHERE id = '{$_POST['id']}'\n\t\t", __LINE__, __FILE__); $db->query("\n\t\tINSERT INTO {$db->pre}replies (board,topic,topic_id,name,comment,dosmileys,dowords,email,date,ip,guest)\n\t\tVALUES ('{$info['board']}','{$_POST['topic']}','{$_POST['id']}','{$pnameid}','{$_POST['comment']}','{$_POST['dosmileys']}','{$_POST['dowords']}','{$_POST['email']}','{$date}','{$my->ip}','{$guest}')\n\t\t", __LINE__, __FILE__);
} } elseif ($job == 'plugins_active') { $id = $gpc->get('id', int); $result = $db->query('SELECT id, active, required, position FROM ' . $db->pre . 'plugins WHERE id = "' . $id . '"', __LINE__, __FILE__); $row = $db->fetch_assoc($result); if ($db->num_rows($result) == 0) { echo head(); error('admin.php?action=packages&job=plugins', $lang->phrase('admin_packages_err_specified_id_is_not_correct')); } elseif ($row['required'] == 1) { echo head(); error('admin.php?action=packages&job=plugins', $lang->phrase('admin_packages_err_this_plugin_is_required_you_cannot_change_the_status')); } else { $active = $row['active'] == 1 ? 0 : 1; $db->query('UPDATE ' . $db->pre . 'plugins SET active = "' . $active . '" WHERE id = "' . $id . '"', __LINE__, __FILE__); $filesystem->unlink('cache/modules/' . $plugins->_group($row['position']) . '.php'); viscacha_header('Location: admin.php?action=packages&job=plugins'); } } elseif ($job == 'plugins_delete') { echo head(); $id = $gpc->get('id', int); $result = $db->query("SELECT id, required FROM {$db->pre}plugins WHERE id = '{$id}' LIMIT 1", __LINE__, __FILE__); $row = $db->fetch_assoc($result); if ($db->num_rows($result) == 0) { error('admin.php?action=packages&job=plugins', $lang->phrase('admin_packages_err_specified_plugin_not_found')); } elseif ($row['required'] == 1) { error('admin.php?action=packages&job=plugins', $lang->phrase('admin_packages_err_specified_plugin_is_required_by_a_package_and_cannot_be_deleted')); } else { ?> <table class="border" border="0" cellspacing="0" cellpadding="4" align="center"> <tr><td class="obox"><?php echo $lang->phrase('admin_packages_delete_head_delete_package');
$error[] = $lang->phrase('edit_reason_too_short'); } if (!isset($prefix[$_POST['opt_0']]) && $last['prefix'] == 1) { $error[] = $lang->phrase('prefix_not_optional'); } ($code = $plugins->load('edit_save_errorhandling')) ? eval($code) : null; BBProfile($bbcode); $_POST['topic'] = $bbcode->parseTitle($_POST['topic']); if (count($error) > 0 || !empty($_POST['Preview'])) { $data = array('topic' => $_POST['topic'], 'comment' => $_POST['comment'], 'prefix' => $_POST['opt_0'], 'dosmileys' => $_POST['dosmileys'], 'dowords' => $_POST['dowords'], 'about' => $_POST['about']); ($code = $plugins->load('edit_save_errordata')) ? eval($code) : null; $fid = save_error_data($data); if (!empty($_POST['Preview'])) { $slog->updatelogged(); $db->close(); viscacha_header("Location: edit.php?action=preview&id={$info['id']}&fid=" . $fid . SID2URL_JS_x); exit; } else { error($error, "edit.php?id={$info['id']}&fid=" . $fid . SID2URL_x); } } else { $info['edit'] .= $my->name . "\t" . time() . "\t" . $_POST['about'] . "\t" . $my->ip . "\n"; ($code = $plugins->load('edit_save_queries')) ? eval($code) : null; $db->query("\n\t\t\t\tUPDATE {$db->pre}replies \n\t\t\t\tSET edit = '{$info['edit']}', topic = '{$_POST['topic']}', comment = '{$_POST['comment']}', dosmileys = '{$_POST['dosmileys']}', dowords = '{$_POST['dowords']}' \n\t\t\t\tWHERE id = '{$_GET['id']}'\n\t\t\t\t", __LINE__, __FILE__); if ($info['tstart'] == '1') { $db->query("\n\t\t\t\t\tUPDATE {$db->pre}topics \n\t\t\t\t\tSET prefix = '{$_POST['opt_0']}', topic = '{$_POST['topic']}' \n\t\t\t\t\tWHERE id = '{$info['topic_id']}'\n\t\t\t\t\t", __LINE__, __FILE__); } ok($lang->phrase('data_success'), 'showtopic.php?action=jumpto&id=' . $info['topic_id'] . '&topic_id=' . $info['id']); } } } else {
} else { error('admin.php?action=db&job=restore', 'Can not read information. This file is maybe damaged.'); } } error('admin.php?action=db&job=restore'); } elseif ($job == 'download') { $dir = "./admin/backup/"; $file = $gpc->get('file', none); $ext = get_extension($file); if (($ext == 'zip' || $ext == 'sql') && file_exists($dir . $file)) { if ($ext == 'sql') { viscacha_header('Content-Type: text/plain'); } else { viscacha_header('Content-Type: application/zip'); } viscacha_header('Content-Disposition: attachment; filename="' . $file . '"'); readfile($dir . $file); } else { echo head(); error('admin.php?action=db&job=restore', 'File not found'); } } elseif ($job == 'status') { echo head(); $table = $gpc->get('table', str); $status = $gpc->get('status', int); $result = $db->list_tables(); if (!empty($table)) { $result11 = $db->query('SHOW TABLE STATUS FROM ' . $db->database . ' LIKE "' . $table . '"', __LINE__, __FILE__); $result12 = $db->query('DESCRIBE ' . $table); ?> <table class="border">
} } elseif ($_GET['action'] == "download_code") { if (strlen($_GET['fid']) != 32) { error($lang->phrase('query_string_error')); } $scache->loadClass('UniversalCodeCache'); $cache = new UniversalCodeCache(); if (!$cache->setHash($_GET['fid'])) { error($lang->phrase('no_upload_found')); } $sourcecode = $cache->get(); $slog->updatelogged(); $db->close(); viscacha_header('Content-Type: text/plain'); viscacha_header('Content-Length: ' . strlen($sourcecode['source'])); viscacha_header('Content-Disposition: attachment; filename="' . gmdate('d-m-Y_H-i', times()) . '.txt"'); echo $sourcecode['source']; exit; } elseif ($_GET['action'] == "report_post" || $_GET['action'] == "report_post2") { ($code = $plugins->load('showtopic_topic_query')) ? eval($code) : null; $result = $db->query("SELECT r.id, r.report, r.topic_id, r.tstart, r.topic AS title, t.topic, t.status, t.board, t.prefix FROM {$db->pre}replies AS r LEFT JOIN {$db->pre}topics AS t ON r.topic_id = t.id WHERE r.id = '{$_GET['id']}' LIMIT 1", __LINE__, __FILE__); $info = $gpc->prepare($db->fetch_assoc($result)); $my->p = $slog->Permissions($info['board']); $error = array(); if ($db->num_rows($result) < 1) { $error[] = $lang->phrase('query_string_error'); } if ($my->p['forum'] == 0) { $error[] = $lang->phrase('not_allowed'); } if (count($error) > 0) {