function download()
{
$this->error = false;
define('HTTP_EOL', "\r\n");
if (!empty($this->remote_file)) {
$this->file_name = '';
$info = parse_url($this->remote_file);
$fileop = new fileop();
$header = 'GET ' . $info['path'];
if (isset($info['query'])) {
$header .= '?' . $info['query'];
}
$header .= ' HTTP/1.0' . HTTP_EOL;
$header .= 'Host: ' . $info['host'] . HTTP_EOL;
$header .= 'Connection: close' . HTTP_EOL . HTTP_EOL;
$socket = fsockopen($info['host'], 80, $errno, $errstr, 30);
if ($socket) {
fputs($socket, $header);
}
$reply = '';
$headerdone = false;
while (!feof($socket)) {
$line = fgets($socket);
if (strcmp($line, HTTP_EOL) == 0) {
// read the header
$headerdone = true;
} elseif (!$headerdone) {
if (empty($this->file_name)) {
if (preg_match('/Content\\-Disposition: attachment; filename="(.+)"/', $line, $m)) {
$this->file_name = $m[1];
} elseif (preg_match('/Content\\-Type: application\\/octet\\-stream; name="(.+)"/', $line, $m)) {
$this->file_name = $m[1];
} elseif (preg_match('/Content\\-Type: application\\/octetstream; name="(.+)"/', $line, $m)) {
$this->file_name = $m[1];
}
}
} elseif ($headerdone) {
// header has been read. now read the contents
$reply .= $line;
}
}
fclose($socket);
if (!empty($reply) && !empty($this->file_name)) {
$fileop->file_put_contents(_BASEPATH_ . '/tmp/' . $this->file_name, $reply);
if ($this->verify()) {
$fileop->rename(_BASEPATH_ . '/tmp/' . $this->file_name, _BASEPATH_ . '/tmp/packages/' . $this->file_name);
}
} else {
$this->error = true;
$this->error_text = 'Unable to download package.';
}
} else {
$this->error = true;
$this->error_text = 'Invalid package selected for download.';
}
return !$this->error;
}
function on_before_delete_blog_post()
{
global $dbtable_prefix, $post_ids;
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$query = "SELECT `post_id`,`fk_blog_id`,`fk_user_id`,UNIX_TIMESTAMP(`date_posted`) as `date_posted` FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$blog_ids = array();
$user_ids = array();
$dates = array();
while ($rsrow = mysql_fetch_assoc($res)) {
if (isset($blog_ids[$rsrow['fk_blog_id']])) {
--$blog_ids[$rsrow['fk_blog_id']];
} else {
$blog_ids[$rsrow['fk_blog_id']] = -1;
}
if (isset($user_ids[$rsrow['fk_user_id']])) {
--$user_ids[$rsrow['fk_user_id']];
} else {
$user_ids[$rsrow['fk_user_id']] = -1;
}
$dates[$rsrow['fk_blog_id']][] = $rsrow['date_posted'];
}
foreach ($blog_ids as $bid => $num) {
// blog stats
$bid = (string) $bid;
$query = "UPDATE `{$dbtable_prefix}user_blogs` SET `stat_posts`=`stat_posts`+{$num} WHERE `blog_id`={$bid}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
// blog_archive
$blog_archive = array();
if (is_file(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php')) {
include _CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php';
}
for ($i = 0; isset($dates[$bid][$i]); ++$i) {
$year = (int) date('Y', $dates[$bid][$i]);
$month = (int) date('m', $dates[$bid][$i]);
if (isset($blog_archive[$year][$month])) {
--$blog_archive[$year][$month];
}
if (empty($blog_archive[$year][$month])) {
unset($blog_archive[$year][$month]);
}
}
krsort($blog_archive, SORT_NUMERIC);
$towrite = '<?php $blog_archive=' . var_export($blog_archive, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php', $towrite);
}
foreach ($user_ids as $uid => $num) {
update_stats($uid, 'blog_posts', $num);
add_member_score($uid, 'del_blog', -$num);
// -$num because $num is already negative.
}
}
function gen_blogposts_cache()
{
global $dbtable_prefix;
$dirname = dirname(__FILE__);
$temp = array();
if ($dirname[0] == '/') {
// unixes here
$temp = explode('/', $dirname);
} else {
// windows here
$temp = explode('\\', $dirname);
}
$interval = (int) $temp[count($temp) - 1];
// that's how often we're executed ;)
$short_blog_chars = 400;
$config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog');
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$post_ids = array();
$query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($blog = mysql_fetch_assoc($res)) {
$post_ids[] = $blog['post_id'];
$blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT]));
$blog['post_content'] = remove_banned_words($blog['post_content']);
$post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' '));
$post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
$blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_blogs'])) {
$blog['post_content'] = bbcode2html($blog['post_content']);
$post_content_short = bbcode2html($post_content_short);
}
if (!empty($config['use_smilies'])) {
$blog['post_content'] = text2smilies($blog['post_content']);
$post_content_short = text2smilies($post_content_short);
}
if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) {
$blog['photo'] = 'no_photo.gif';
} else {
$blog['has_photo'] = true;
}
if (empty($blog['fk_user_id'])) {
unset($blog['fk_user_id']);
}
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite);
$blog['post_content'] = $post_content_short;
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite);
}
return true;
}
private function make_directory_writable($path)
{
// provides fileop class.
require_once AWPCP_DIR . '/fileop.class.php';
$previous_umask = umask(0);
$fileop = new fileop();
if (!$fileop->set_permission($path, $this->get_default_directory_mode())) {
$message = __('There was a problem trying to make directory <directory-name> writable.', 'AWPCP');
$message = str_replace('<directory-name>', awpcp_utf8_basename($path), $message);
throw new AWPCP_Exception($message);
}
umask($previous_umask);
return $path;
}
function awpcp_setup_uploads_dir()
{
global $wpcontentdir;
$permissions = awpcp_directory_permissions();
$upload_dir_name = get_awpcp_option('uploadfoldername', 'uploads');
$upload_dir = $wpcontentdir . '/' . $upload_dir_name . '/';
// Required to set permission on main upload directory
require_once AWPCP_DIR . '/fileop.class.php';
$fileop = new fileop();
$owner = fileowner($wpcontentdir);
if (!is_dir($upload_dir) && is_writable($wpcontentdir)) {
umask(0);
mkdir($upload_dir, $permissions);
chown($upload_dir, $owner);
}
$fileop->set_permission($upload_dir, $permissions);
$images_dir = $upload_dir . 'awpcp/';
$thumbs_dir = $upload_dir . 'awpcp/thumbs/';
if (!is_dir($images_dir) && is_writable($upload_dir)) {
umask(0);
@mkdir($images_dir, $permissions);
@chown($images_dir, $owner);
}
if (!is_dir($thumbs_dir) && is_writable($upload_dir)) {
umask(0);
@mkdir($thumbs_dir, $permissions);
@chown($thumbs_dir, $owner);
}
$fileop->set_permission($images_dir, $permissions);
$fileop->set_permission($thumbs_dir, $permissions);
return array($images_dir, $thumbs_dir);
}
function upd_latest_comm_widg()
{
global $dbtable_prefix, $comment_ids, $comment_type;
if ($comment_type == 'blog') {
$max_title_length = 40;
$config = get_site_option(array('items', 'enabled'), 'latest_blog_comments');
if (!empty($config['enabled'])) {
$query = "SELECT a.`comment_id`,a.`fk_user_id`,c.`alt_url` as `profile_url`,a.`_user`,b.`post_id`,b.`title`,b.`alt_url` as `post_url` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` c ON a.`fk_user_id`=c.`fk_user_id`,`{$dbtable_prefix}blog_posts` b WHERE a.`fk_parent_id`=b.`post_id` AND a.`status`=" . STAT_APPROVED . " AND b.`is_public`=1 AND b.`status`=" . STAT_APPROVED . " ORDER BY a.`date_posted` DESC LIMIT " . $config['items'];
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$loop = array();
$i = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
if (empty($rsrow['profile_url'])) {
if (!empty($rsrow['fk_user_id'])) {
$loop[$i]['profile_url'] = _BASEURL_ . '/profile.php?uid=' . $rsrow['fk_user_id'];
}
} else {
$loop[$i]['profile_url'] = $rsrow['profile_url'];
}
if (empty($rsrow['post_url'])) {
$loop[$i]['post_url'] = _BASEURL_ . '/blog_post_view.php?pid=' . $rsrow['post_id'] . '#comm' . $rsrow['comment_id'];
} else {
$loop[$i]['post_url'] = $rsrow['post_url'] . '#comm' . $rsrow['comment_id'];
}
$loop[$i]['user'] = $rsrow['_user'];
if (strlen($rsrow['title']) > $max_title_length) {
$rsrow['title'] = substr($rsrow['title'], 0, $max_title_length) . '...';
}
$loop[$i]['title'] = sanitize_and_format($rsrow['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
++$i;
}
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$towrite = '<?php $latest_comments=' . var_export($loop, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/widgets/latest_blog_comments/comments.inc.php', $towrite);
}
}
}
function gen_comment_feeds()
{
global $dbtable_prefix;
require_once _BASEPATH_ . '/includes/access_levels.inc.php';
$short_blog_chars = 400;
if (allow_at_level('read_blogs')) {
// if non-members are allowed to read blogs...
require_once _BASEPATH_ . '/includes/classes/rss_writer.class.php';
$rss_writer_object = new rss_writer_class();
$rss_writer_object->specification = '1.0';
$rss_writer_object->about = _BASEURL_ . '/rss/latest-comments.xml';
// $rss_writer_object->rssnamespaces['dc']='http://purl.org/dc/elements/1.1/';
$properties = array();
$properties['description'] = 'Latest blog comments on ' . _SITENAME_;
$properties['link'] = _BASEURL_;
$properties['title'] = 'Latest Blog Comments';
// $properties['dc:date']=mktime(gmdate('H'),gmdate('i'),gmdate('s'),gmdate('m'),gmdate('d'),gmdate('Y'));
$rss_writer_object->addchannel($properties);
$query = "SELECT a.`comment_id`,a.`fk_user_id`,c.`alt_url` as `profile_url`,a.`_user`,a.`comment`,b.`post_id`,b.`title`,b.`alt_url` as `post_url` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` c ON a.`fk_user_id`=c.`fk_user_id`,`{$dbtable_prefix}blog_posts` b WHERE a.`fk_parent_id`=b.`post_id` AND a.`status`=" . STAT_APPROVED . " AND b.`is_public`=1 AND b.`status`=" . STAT_APPROVED . " ORDER BY a.`date_posted` DESC LIMIT 10";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
$properties = array();
if (strlen($rsrow['comment']) < $short_blog_chars) {
$properties['description'] = $rsrow['comment'];
} else {
$properties['description'] = substr($rsrow['comment'], 0, strrpos(substr($rsrow['comment'], 0, $short_blog_chars), ' '));
}
$properties['description'] = sanitize_and_format($properties['description'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
if (empty($rsrow['post_url'])) {
$properties['link'] = _BASEURL_ . '/blog_post_view.php?pid=' . $rsrow['post_id'] . '#comm' . $rsrow['comment_id'];
} else {
$properties['link'] = $rsrow['post_url'] . '#comm' . $rsrow['comment_id'];
}
$rsrow['title'] = sanitize_and_format($rsrow['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
$properties['title'] = sprintf('%1$s on "%2$s"', $rsrow['_user'], $rsrow['title']);
// $properties['dc:date']=$rsrow['date_posted'];
$rss_writer_object->additem($properties);
}
if ($rss_writer_object->writerss($towrite)) {
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/rss/latest-comments.xml', $towrite);
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $rss_writer_object->error;
}
}
return true;
}
function on_after_approve_blog_post()
{
global $dbtable_prefix, $post_ids;
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$query = "SELECT `post_id`,`fk_blog_id`,`fk_user_id` FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "') AND `processed`=0";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$post_ids = array();
// yup
$blog_ids = array();
$user_ids = array();
while ($rsrow = mysql_fetch_assoc($res)) {
$post_ids[] = $rsrow['post_id'];
// get only the not processed ones
if (!isset($blog_ids[$rsrow['fk_blog_id']])) {
$blog_ids[$rsrow['fk_blog_id']] = 1;
} else {
++$blog_ids[$rsrow['fk_blog_id']];
}
if (!isset($user_ids[$rsrow['fk_user_id']])) {
$user_ids[$rsrow['fk_user_id']] = 1;
} else {
++$user_ids[$rsrow['fk_user_id']];
}
}
$year = (int) date('Y');
$month = (int) date('m');
foreach ($blog_ids as $bid => $num) {
// blog stats
$bid = (string) $bid;
$query = "UPDATE `{$dbtable_prefix}user_blogs` SET `stat_posts`=`stat_posts`+{$num} WHERE `blog_id`={$bid}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
// blog_archive
$blog_archive = array();
if (is_file(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php')) {
include _CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php';
}
if (isset($blog_archive[$year][$month])) {
$blog_archive[$year][$month] += $num;
} else {
$blog_archive[$year][$month] = $num;
}
krsort($blog_archive, SORT_NUMERIC);
$towrite = '<?php $blog_archive=' . var_export($blog_archive, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php', $towrite);
}
foreach ($user_ids as $uid => $num) {
update_stats($uid, 'blog_posts', $num);
add_member_score($uid, 'add_blog', $num);
}
if (!empty($post_ids)) {
$query = "UPDATE `{$dbtable_prefix}blog_posts` SET `processed`=1 WHERE `post_id` IN ('" . join("','", $post_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
}
$rss_writer_object->addchannel($properties);
$query = "SELECT `news_title`,`news_body`,UNIX_TIMESTAMP(`date_posted`) as `date_posted` FROM `{$dbtable_prefix}site_news` ORDER BY `news_id` DESC";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
$properties = array();
$properties['description'] = $rsrow['news_body'];
$properties['link'] = '';
$properties['title'] = $rsrow['news_title'];
$properties['dc:date'] = $rsrow['date_posted'];
$rss_writer_object->additem($properties);
}
if ($rss_writer_object->writerss($towrite)) {
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/rss/site_news.xml', $towrite);
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $rss_writer_object->error;
}
} else {
$nextpage = 'admin/site_news_addedit.php';
// you must re-read all textareas from $_POST like this:
// $input['x']=addslashes_mq($_POST['x']);
$input['news_body'] = addslashes_mq($_POST['news_body']);
$input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH);
$topass['input'] = $input;
}
}
$qs = '';
$qs_sep = '';
$error = false;
$topass = array();
$cid = isset($_GET['cid']) ? (int) $_GET['cid'] : 0;
if (!empty($cid)) {
$query = "SELECT `config_value`,`option_type`,`fk_module_code` FROM `{$dbtable_prefix}site_options3` WHERE `config_id`={$cid}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$rsrow = mysql_fetch_assoc($res);
$qs .= $qs_sep . 'module_code=' . $rsrow['fk_module_code'];
$qs_sep = '&';
if ($rsrow['option_type'] == FIELD_FILE) {
$f = new fileop();
if (!is_file($rsrow['config_value']) || $f->delete($rsrow['config_value'])) {
$query = "UPDATE `{$dbtable_prefix}site_options3` SET `config_value`='' WHERE `config_id`={$cid}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'File removed';
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'Unable to remove the file. Permission issues?';
}
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id_other` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "SELECT `photo_id`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$photo_ids = array();
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
$photo = mysql_result($res, $i, 1);
$photo_ids[] = mysql_result($res, $i, 0);
$fileop->delete(_PHOTOPATH_ . '/t1/' . $photo);
$fileop->delete(_PHOTOPATH_ . '/t2/' . $photo);
$fileop->delete(_PHOTOPATH_ . '/' . $photo);
}
$query = "DELETE FROM `{$dbtable_prefix}user_photos` WHERE `photo_id` IN ('" . join("','", $photo_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id` IN ('" . join("','", $photo_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
function regenerate_langstrings_array($skin_module_code = '')
{
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
global $dbtable_prefix;
$fileop = new fileop();
if (empty($skin_module_code)) {
$query = "SELECT a.`module_code`,b.`config_value` as `skin_dir` FROM `{$dbtable_prefix}modules` a,`{$dbtable_prefix}site_options3` b WHERE a.`module_type`=" . MODULE_SKIN . " AND a.`module_code`=b.`fk_module_code` AND b.`config_option`='skin_dir'";
} else {
$query = "SELECT `fk_module_code` as `module_code`,`config_value` as `skin_dir` FROM `{$dbtable_prefix}site_options3` WHERE `config_option`='skin_dir' AND `fk_module_code`='{$skin_module_code}'";
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$skins = array();
while ($rsrow = mysql_fetch_assoc($res)) {
$skins[] = $rsrow;
}
for ($i = 0; isset($skins[$i]); ++$i) {
$towrite = array();
$towrite[''][] = '<?php';
$query = "SELECT b.`codes` FROM `{$dbtable_prefix}site_options3` a,`{$dbtable_prefix}locales` b WHERE a.`config_option`='fk_locale_id' AND a.`config_value`=b.`locale_id` AND a.`fk_module_code`='" . $skins[$i]['module_code'] . "'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$temp = mysql_result($res, 0, 0);
$towrite[''][] = "setlocale(LC_TIME,array('" . str_replace(',', "','", $temp) . "'));";
}
$query = "SELECT a.`lk_id`,a.`alt_id_text`,b.`lang_value`,a.`lk_use`,a.`save_file` FROM `{$dbtable_prefix}lang_keys` a LEFT JOIN `{$dbtable_prefix}lang_strings` b ON (a.`lk_id`=b.`fk_lk_id` AND b.`skin`='" . $skins[$i]['module_code'] . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
if ($rsrow['lk_use'] != LK_FIELD) {
$rsrow['lang_value'] = addcslashes($rsrow['lang_value'], "'\\");
} else {
// field related strings cannot contain html code
$rsrow['lang_value'] = sanitize_and_format($rsrow['lang_value'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT]);
}
if (!empty($rsrow['alt_id_text'])) {
$rsrow['lk_id'] = "'" . $rsrow['alt_id_text'] . "'";
}
if (!isset($towrite[$rsrow['save_file']])) {
$towrite[$rsrow['save_file']][] = '<?php';
}
$towrite[$rsrow['save_file']][] = "\$GLOBALS['_lang'][" . $rsrow['lk_id'] . "]='" . $rsrow['lang_value'] . "';";
}
foreach ($towrite as $file => $arr) {
if (empty($file)) {
$file = 'global.inc.php';
}
$temp = join("\n", $arr);
$fileop->file_put_contents(_BASEPATH_ . '/skins_site/' . $skins[$i]['skin_dir'] . '/lang/' . $file, $temp);
}
}
}
function regenerate_ban_array()
{
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
global $dbtable_prefix;
$query = "SELECT `ban_type`,`what` FROM `{$dbtable_prefix}site_bans` GROUP BY `what`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$_bans = array();
while ($rsrow = mysql_fetch_row($res)) {
$_bans[$rsrow[0]][] = $rsrow[1];
}
$towrite = "<?php\n";
if (!empty($_bans[_PUNISH_BANIP_])) {
$towrite .= '$_bans[_PUNISH_BANIP_]=array(\'' . join("','", $_bans[_PUNISH_BANIP_]) . "');\n";
}
if (!empty($_bans[_PUNISH_BANUSER_])) {
$towrite .= '$_bans[_PUNISH_BANUSER_]=array(\'' . join("','", $_bans[_PUNISH_BANUSER_]) . "');\n";
}
if (!empty($_bans[_PUNISH_BANEMAIL_])) {
$towrite .= '$_bans[_PUNISH_BANEMAIL_]=array(\'' . join("','", $_bans[_PUNISH_BANEMAIL_]) . "');\n";
}
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/includes/site_bans.inc.php', $towrite);
}
if (is_file(_BASEPATH_ . '/events/processors/photo_delete.php')) {
include_once _BASEPATH_ . '/skins_site/' . $def_skin . '/lang/photos.inc.php';
include_once _BASEPATH_ . '/events/processors/photo_delete.php';
if (isset($_on_before_delete)) {
$GLOBALS['photo_ids'] = array($photo_id);
for ($i = 0; isset($_on_before_delete[$i]); ++$i) {
call_user_func($_on_before_delete[$i]);
}
}
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!empty($input['photo'])) {
require_once '../../includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->delete(_PHOTOPATH_ . '/t1/' . $input['photo']);
$fileop->delete(_PHOTOPATH_ . '/t2/' . $input['photo']);
$fileop->delete(_PHOTOPATH_ . '/' . $input['photo']);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id`={$photo_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
// what to do with the cache for the deleted comments or photo page? clear_cache($photo_id) ????
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'Photo deleted.';
}
if (!empty($return)) {
$nextpage = _BASEURL_ . '/admin/' . $return;
} else {
function finish()
{
global $dbtable_prefix;
$query = "SELECT max(`sort`)+1 FROM `{$dbtable_prefix}modules`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$sort = mysql_result($res, 0, 0);
$query = "INSERT IGNORE INTO `{$dbtable_prefix}modules` SET `module_code`='" . $this->module_code . "',`module_name`='" . $this->module_name . "',`module_type`='" . $this->module_type . "',`version`='" . $this->version . "',`sort`='{$sort}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!mysql_affected_rows()) {
// if the insert failed then this is was just an update and the new version should have been set with change-version in one
// of the requires
}
if (!empty($_SESSION[_LICENSE_KEY_]['admin']['install_options'])) {
$query = "INSERT IGNORE INTO `{$dbtable_prefix}site_options3` (`config_option`,`config_value`,`config_diz`,`option_type`,`choices`,`fk_module_code`,`per_user`) VALUES ";
foreach ($_SESSION[_LICENSE_KEY_]['admin']['install_options'] as $v) {
$query = "INSERT IGNORE INTO `{$dbtable_prefix}site_options3` SET `fk_module_code`='" . $this->module_code . "'";
foreach ($v as $vk => $vv) {
$query .= ",`{$vk}`='" . sanitize_and_format($vv, TYPE_STRING, FORMAT_ADDSLASH) . "'";
}
@mysql_query($query);
}
unset($_SESSION[_LICENSE_KEY_]['admin']['install_options']);
}
$fileop = new fileop();
$fileop->delete($this->package_path);
}
public function uninstall()
{
global $wpdb, $awpcp_plugin_path, $table_prefix, $awpcp;
// Remove the upload folders with uploaded images
$dirname = AWPCPUPLOADDIR;
if (file_exists($dirname)) {
require_once $awpcp_plugin_path . '/fileop.class.php';
$fileop = new fileop();
$fileop->delete($dirname);
}
// Delete the classifieds page(s)
$pages = awpcp_pages();
foreach ($pages as $page => $data) {
wp_delete_post(awpcp_get_page_id_by_ref($page), true);
}
// Drop the tables
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADFEES);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADPHOTOS);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADS);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADSETTINGS);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_AD_META);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_AD_REGIONS);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_CATEGORIES);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_CREDIT_PLANS);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_MEDIA);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_PAGES);
$wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_PAYMENTS);
// TODO: implement uninstall methods in other modules
$tables = array($wpdb->prefix . 'awpcp_comments');
foreach ($tables as $table) {
$wpdb->query("DROP TABLE IF EXISTS " . $table);
}
// remove AWPCP options from options table
array_map('delete_option', array('awpcp-pending-manual-upgrade', 'awpcp_installationcomplete', 'awpcp_pagename_warning', 'widget_awpcplatestads', 'awpcp_db_version', $awpcp->settings->setting_name));
// delete payment transactions
$sql = 'SELECT option_name FROM ' . $wpdb->options . ' ';
$sql .= "WHERE option_name LIKE 'awpcp-payment-transaction-%%'";
array_map('delete_option', $wpdb->get_col($sql));
// remove widgets
unregister_widget("AWPCP_LatestAdsWidget");
unregister_widget('AWPCP_RandomAdWidget');
unregister_widget('AWPCP_Search_Widget');
// Clear the ad expiration schedule
wp_clear_scheduled_hook('doadexpirations_hook');
wp_clear_scheduled_hook('doadcleanup_hook');
wp_clear_scheduled_hook('awpcp_ad_renewal_email_hook');
wp_clear_scheduled_hook('awpcp-clean-up-payment-transactions');
// TODO: use deactivate_plugins function
// http://core.trac.wordpress.org/browser/branches/3.2/wp-admin/includes/plugin.php#L548
$current = get_option('active_plugins');
$thepluginfile = sprintf("%s/awpcp.php", trim(AWPCP_BASENAME, '/'));
array_splice($current, array_search($thepluginfile, $current), 1);
update_option('active_plugins', $current);
do_action('deactivate_' . $thepluginfile);
}
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
if (!empty($_POST['return'])) {
$input['return'] = sanitize_and_format_gpc($_POST, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
$nextpage = $input['return'];
}
// check for input errors
if (empty($input['blog_name'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][13];
}
if (!$error) {
$input['blog_name'] = remove_banned_words($input['blog_name']);
$input['blog_diz'] = remove_banned_words($input['blog_diz']);
require _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$towrite = array();
// what to write in the cache file
if (!empty($input['blog_id'])) {
foreach ($input as $k => $v) {
$towrite[$k] = sanitize_and_format_gpc($_POST, $k, TYPE_STRING, $__field2format[TEXT_GPC2DISPLAY], '');
}
$query = "UPDATE IGNORE `{$dbtable_prefix}user_blogs` SET ";
foreach ($user_blogs_default['defaults'] as $k => $v) {
if (isset($input[$k])) {
$query .= "`{$k}`='" . $input[$k] . "',";
}
}
$query = substr($query, 0, -1);
$query .= " WHERE `blog_id`=" . $input['blog_id'] . " AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'";
if (isset($_on_before_update)) {
<?php
require_once dirname(__FILE__) . '/../../includes/common.inc.php';
require_once dirname(__FILE__) . '/../../includes/classes/phemplate.class.php';
require_once dirname(__FILE__) . '/../../includes/user_functions.inc.php';
require_once dirname(__FILE__) . '/../../includes/classes/fileop.class.php';
$short_blog_chars = 1000;
$config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog');
$fileop = new fileop();
$blog_details = array();
$blog_archive = array();
$query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,UNIX_TIMESTAMP(a.`last_changed`) as `last_changed`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED;
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($blog = mysql_fetch_assoc($res)) {
$last_approved = $blog['last_changed'];
unset($blog['last_changed']);
$blog['fk_blog_id'] = (string) $blog['fk_blog_id'];
$blog['title'] = sanitize_and_format($blog['title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' '));
$post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_blogs'])) {
$blog['post_content'] = bbcode2html($blog['post_content']);
$post_content_short = bbcode2html($post_content_short);
}
if (!empty($config['use_smilies'])) {
$blog['post_content'] = text2smilies($blog['post_content']);
$post_content_short = text2smilies($post_content_short);
}
if (!empty($_SESSION['install']['phpbin'])) {
$output['phpbin'] = $_SESSION['install']['phpbin'];
} else {
$output['nophpbin'] = true;
$output['phpbin'] = '/path/to/php';
}
$output['basepath'] = _BASEPATH_;
$output['baseurl'] = _BASEURL_;
$tplvars = array();
$tplvars['page_title'] = 'Etano Install Process';
$tplvars['css'] = 'finish.css';
$tplvars['page'] = 'finish';
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
$tpl->process('content', 'content', TPL_OPTIONAL);
$tpl->set_file('frame', 'frame.html');
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
$message['type'] = !isset($message['type']) || $message['type'] == MESSAGE_ERROR ? 'message_error' : 'message_info';
if (is_array($message['text'])) {
$message['text'] = join('<br>', $message['text']);
}
$tpl->set_var('message', $message);
}
$tpl->set_var('tplvars', $tplvars);
$fileop = new fileop();
$fileop->delete(_BASEPATH_ . '/install');
echo $tpl->process('frame', 'frame', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE);
if (isset($_SESSION['topass'])) {
unset($_SESSION['topass']);
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}modules` WHERE `module_code`='{$module_code}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}lang_strings` WHERE `skin`='{$module_code}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!empty($config['is_default'])) {
$query = "SELECT `module_code` FROM `{$dbtable_prefix}modules` WHERE `module_type`=" . MODULE_SKIN . " LIMIT 1";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$module_code = mysql_result($res, 0, 0);
set_site_option('is_default', $module_code, 1);
}
}
require_once '../../includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->delete(_BASEPATH_ . '/skins_site/' . $config['skin_dir']);
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'Skin deleted.';
} else {
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'You can\'t delete the last skin of the site!';
}
redirect2page('admin/site_skins.php', $topass, $qs);
$qs_sep = '';
$topass = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$input = array();
$input['file'] = str_replace('..', '', preg_replace('~[^a-zA-Z0-9\\._/-]~', '', sanitize_and_format_gpc($_POST, 'file', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '')));
$input['file_content'] = preg_replace('/\\r/m', '', sanitize_and_format_gpc($_POST, 'file_content', TYPE_STRING, FORMAT_STRIP_MQ));
if (strtolower(substr(strrchr($input['file'], '.'), 1)) == 'html') {
$input['file_content'] = preg_replace('/\\n/m', "\r\n", $input['file_content']);
}
if (!empty($input['file']) && $input['file'][0] == '/') {
$input['file'] = substr($input['file'], 1);
}
if (empty($input['file'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'No file selected';
}
if (!$error) {
require_once '../../includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/' . $input['file'], $input['file_content']);
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'File saved successfully';
$temp = str_replace(strrchr($input['file'], '/'), '', $input['file']);
if ($temp != $input['file']) {
$qs .= $qs_sep . 'path=' . urlencode($temp);
$qs_sep = '&';
}
}
}
redirect2page('admin/file_browser.php', $topass, $qs);
function delete_members()
{
global $dbtable_prefix;
/* del=1 removes the user and all generated content
del=2 removes the user but keeps the generated content */
$query = "SELECT `del`,`fk_user_id` FROM `{$dbtable_prefix}user_profiles` WHERE `del`<>0";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$uids[1] = array();
$uids[2] = array();
while ($rsrow = mysql_fetch_assoc($res)) {
$uids[$rsrow['del']][] = $rsrow['fk_user_id'];
}
$all_uids = array_merge($uids[1], $uids[2]);
// actions to do for all deleted members
if (!empty($all_uids)) {
$query = "DELETE FROM `{$dbtable_prefix}online` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}message_filters` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}payments` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_parent_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}queue_message` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_folders` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_mtpls` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_networks` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_outbox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_profiles` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_searches` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_settings2` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_spambox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_stats` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
// actions to do for members to be totally removed
if (!empty($uids[1])) {
$query = "SELECT `blog_id` FROM `{$dbtable_prefix}user_blogs` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$blog_ids = array();
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
$blog_ids[] = mysql_result($res, $i, 0);
}
if (!empty($blog_ids)) {
$query = "SELECT `post_id` FROM `{$dbtable_prefix}blog_posts` WHERE `fk_blog_id` IN ('" . join("','", $blog_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$post_ids = array();
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
$post_ids[] = mysql_result($res, $i, 0);
}
if (!empty($post_ids)) {
$query = "DELETE FROM `{$dbtable_prefix}comments_blog` WHERE `fk_parent_id` IN ('" . join("','", $post_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
$query = "DELETE FROM `{$dbtable_prefix}user_blogs` WHERE `blog_id` IN ('" . join("','", $blog_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
$query = "DELETE FROM `{$dbtable_prefix}comments_blog` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id_other` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "SELECT `photo_id`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$photo_ids = array();
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
$photo = mysql_result($res, $i, 1);
$photo_ids[] = mysql_result($res, $i, 0);
$fileop->delete(_PHOTOPATH_ . '/t1/' . $photo);
$fileop->delete(_PHOTOPATH_ . '/t2/' . $photo);
$fileop->delete(_PHOTOPATH_ . '/' . $photo);
}
$query = "DELETE FROM `{$dbtable_prefix}user_photos` WHERE `photo_id` IN ('" . join("','", $photo_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id` IN ('" . join("','", $photo_ids) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
if (!empty($uids[2])) {
$query = "UPDATE `{$dbtable_prefix}user_blogs` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}blog_posts` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}comments_blog` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}comments_profile` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}user_inbox` SET `fk_user_id_other`=0 WHERE `fk_user_id_other` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}user_photos` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "UPDATE `{$dbtable_prefix}comments_photo` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
return true;
}
******************************************************************************/
require_once '../../includes/common.inc.php';
require_once '../../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$error = false;
$qs = '';
$qs_sep = '';
$topass = array();
$word_id = isset($_GET['word_id']) ? (int) $_GET['word_id'] : 0;
$query = "DELETE FROM `{$dbtable_prefix}banned_words` WHERE `word_id`={$word_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!$error) {
// save in file
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$query = "SELECT `word` FROM `{$dbtable_prefix}banned_words`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$towrite = array();
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
$towrite[] = mysql_result($res, $i, 0);
}
$towrite = '<?php $_banned_words=' . var_export($towrite, true) . ';';
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/includes/banned_words.inc.php', $towrite);
}
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'Word deleted.';
redirect2page('admin/banned_words.php', $topass, $qs);
$qs_sep = '';
$topass = array();
$nextpage = 'my_photos.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$input = array();
// get the input we need and sanitize it
$input['is_private'] = sanitize_and_format_gpc($_POST, 'is_private', TYPE_INT, 0, 0);
$config = get_site_option(array('round_corners', 'watermark_text', 'watermark_text_color', 'watermark_image', 't1_width', 't2_width', 'pic_width', 'manual_photo_approval', 'min_size', 'max_size'), 'core_photo');
$config['padding_type'] = PAD_NONE;
$config_t1 = $config;
$config_t1['padding_type'] = PAD_2SIDES;
$config_t2 = $config;
$config_t2['padding_type'] = PAD_1SIDE;
unset($config_t1['watermark_text'], $config_t1['watermark_image'], $config['round_corners']);
$curtime = time();
$fileop = new fileop();
if (!isset($_FILES) || empty($_FILES)) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'][] = $GLOBALS['_lang'][93];
}
if (!$error) {
$photos_remaining = get_user_settings($_SESSION[_LICENSE_KEY_]['user']['user_id'], 'core_photo', 'max_user_photos');
if ($photos_remaining > 0 || $photos_remaining == -1) {
$filename = $_SESSION[_LICENSE_KEY_]['user']['user_id'] . '_1' . $curtime;
$input['file1'] = upload_file(_BASEPATH_ . '/tmp', 'file1', $filename);
mt_srand(make_seed());
if (!empty($input['file1'])) {
if (!empty($config['min_size']) && filesize(_BASEPATH_ . '/tmp/' . $input['file1']) < $config['min_size']) {
$input['file1'] = '';
$error = true;
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/classes/zip.class.php';
require_once '../includes/classes/fileop.class.php';
require_once '../includes/classes/etano_package.class.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = array();
$fileop = new fileop();
$zipfile = new zipfile();
$query = "SELECT `module_code`,`module_name`,`module_type`,`version` FROM `{$dbtable_prefix}modules` ORDER BY `module_type`,`sort`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$installed = array();
$mcodes = array();
$accepted_module_types2 = $accepted_module_types;
$accepted_module_types2[MODULE_REGULAR] = 'Core';
while ($rsrow = mysql_fetch_assoc($res)) {
$rsrow['module_name'] = sanitize_and_format($rsrow['module_name'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$rsrow['module_type'] = $accepted_module_types2[$rsrow['module_type']];
$installed[] = $rsrow;
$mcodes[$rsrow['module_code']] = $rsrow['version'];
}
if (isset($_POST['levels'][$levels[$l]][$memberships[$m]])) {
$new_levels[$levels[$l]] += $memberships[$m];
}
}
}
// save in db
foreach ($new_levels as $k => $v) {
$query = "UPDATE `{$dbtable_prefix}access_levels` SET `level`='{$v}' WHERE `level_id`={$k}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
// save in file
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
require_once _BASEPATH_ . '/includes/access_levels.inc.php';
$query = "SELECT `level_code`,`level` FROM `{$dbtable_prefix}access_levels`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$towrite = "<?php\n\$GLOBALS['_access_level']=array('auth'=>65534,'all'=>65535";
while ($rsrow = mysql_fetch_row($res)) {
$towrite .= ",'" . $rsrow[0] . "'=>" . $rsrow[1];
}
$towrite .= ");\n";
$towrite .= '$GLOBALS[\'_allow_na\']=' . var_export($GLOBALS['_allow_na'], true) . ";\n";
$fileop = new fileop();
$fileop->file_put_contents(_BASEPATH_ . '/includes/access_levels.inc.php', $towrite);
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = 'Access levels changed.';
}
redirect2page('admin/access_levels.php', $topass, $qs);
}
if (!$error) {
$input['fileop_mode'] = $_SESSION['install']['write'];
$input['license_key'] = strtoupper(gen_pass(22));
$input['license_key_md5'] = md5($input['license_key']);
$tpl = new phemplate('../skin/', 'remove_nonjs');
$tpl->set_file('content', 'defines.inc.php');
$tpl->set_var('input', $input);
$towrite = $tpl->process('content', 'content', TPL_FINISH);
define('_BASEPATH_', $input['basepath']);
define('_FILEOP_MODE_', $input['fileop_mode']);
define('_FTPHOST_', $input['ftphost']);
define('_FTPPATH_', $input['ftppath']);
define('_FTPUSER_', $input['ftpuser']);
define('_FTPPASS_', $input['ftppass']);
require_once '../../includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->delete($input['basepath'] . '/includes/defines.inc.php');
$fileop->file_put_contents($input['basepath'] . '/includes/defines.inc.php', $towrite);
$_SESSION['install']['input'] = $input;
} else {
$nextpage = 'install/step2.php';
// you must re-read all textareas from $_POST like this:
// $input['x']=addslashes_mq($_POST['x']);
$input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH);
$topass['input'] = $input;
}
}
$my_url = str_replace('/install/processors/write_defines.php', '', $_SERVER['PHP_SELF']);
define('_BASEURL_', (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $my_url);
redirect2page($nextpage, $topass, $qs);
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
db_connect(_DBHOST_, _DBUSER_, _DBPASS_, _DBNAME_);
require_once '../includes/admin_functions.inc.php';
require_once '../includes/classes/fileop.class.php';
require_once '../includes/classes/etano_package.class.php';
allow_dept(DEPT_ADMIN);
set_time_limit(0);
ignore_user_abort(true);
$error = false;
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = array();
$fileop = new fileop();
$file = sanitize_and_format_gpc($_GET, 'f', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
if (substr($file, 0, 7) == 'http://') {
// save it in tmp/packages and rename $file to filename.zip
require_once '../includes/classes/package_downloader.class.php';
$p = new package_downloader($file);
if ($p->download()) {
$file = $p->file_name;
} else {
$file = '';
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $p->error_text;
}
}
$install_index = 0;
case FIELD_TEXTFIELD:
$input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
break;
case FIELD_INT:
$input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_INT, 0, 0);
break;
case FIELD_TEXTAREA:
$input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_STRING, $__field2format[FIELD_TEXTAREA], '');
break;
case FIELD_SELECT:
$input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_INT, 0, 0);
break;
case FIELD_FILE:
if (!empty($_FILES[$rsrow['fk_module_code'] . '_' . $rsrow['config_option']]['tmp_name'])) {
if ($temp = upload_file(_BASEPATH_ . '/tmp', $rsrow['fk_module_code'] . '_' . $rsrow['config_option'])) {
$f = new fileop();
if ($f->rename(_BASEPATH_ . '/tmp/' . $temp, _BASEPATH_ . $rsrow['choices'] . '/' . $temp)) {
$input[$rsrow['fk_module_code']][$rsrow['config_option']] = _BASEPATH_ . $rsrow['choices'] . '/' . $temp;
} else {
$error = true;
}
} else {
$error = true;
}
}
break;
}
}
if (!$error) {
foreach ($input as $module_code => $v) {
foreach ($v as $config_option => $config_value) {
