// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../../../lib-common.php'; require_once '../../auth.inc.php'; require_once $_CONF['path'] . 'plugins/downloads/include/functions.php'; if (!SEC_hasRights('downloads.edit')) { $display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $display = DLM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally access the downloads temporary file."); COM_output($display); exit; } COM_setArgNames(array('id')); $lid = addslashes(COM_applyFilter(COM_getArgument('id'))); $result = DB_query("SELECT url, date FROM {$_TABLES['downloadsubmission']} WHERE lid='{$lid}'"); list($url, $date) = DB_fetchArray($result); $filepath = $_DLM_CONF['path_filestore'] . 'tmp' . date('YmdHis', $date) . DLM_createSafeFileName($url); if (file_exists($filepath)) { header('Content-Disposition: attachment; filename="' . $url . '"'); header('Content-Type: application/octet-stream'); header('Content-Description: File Transfer'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($filepath)); ob_clean(); flush(); @readfile($filepath); }
function dlformat(&$T, &$A, $isListing = false, $cid = ROOTID) { global $_CONF, $_TABLES, $LANG01, $_DLM_CONF, $LANG_DLM, $mytree; $A['rating'] = number_format($A['rating'], 2); $A['title'] = DLM_htmlspecialchars($A['title']); $A['project'] = DLM_htmlspecialchars($A['project']); $A['url'] = DLM_htmlspecialchars($A['url']); $A['homepage'] = DLM_htmlspecialchars($A['homepage']); $A['version'] = DLM_htmlspecialchars($A['version']); $A['size'] = DLM_htmlspecialchars($A['size']); $A['md5'] = DLM_htmlspecialchars($A['md5']); $A['logourl'] = DLM_htmlspecialchars($A['logourl']); $A['postmode'] = DLM_htmlspecialchars($A['postmode']); $A['tags'] = DLM_htmlspecialchars($A['tags']); $A['datetime'] = strftime($_DLM_CONF['date_format'], $A['date']); if (version_compare(VERSION, '2.1.0') >= 0) { require_once $_CONF['path_system'] . 'classes/gltext.class.php'; $A['description'] = GLText::getDisplayText($A['description'], $A['postmode'], 2); $A['detail'] = GLText::getDisplayText($A['detail'], $A['postmode'], 2); } else { require_once $_CONF['path'] . 'plugins/downloads/include/gltext.class.php'; $gltext = new GLPText(); $A['description'] = $gltext->getDisplayText($A['description'], $A['postmode']); $A['detail'] = $gltext->getDisplayText($A['detail'], $A['postmode']); } $filedetail_url = COM_buildURL($_CONF['site_url'] . '/downloads/index.php?id=' . $A['lid']); $visitfile_url = COM_buildURL($_CONF['site_url'] . '/downloads/visit.php?id=' . $A['lid']); if ($isListing && !empty($A['detail'])) { $A['description'] .= '<p class="download-break">' . COM_createLink($LANG_DLM['more'], $filedetail_url) . '</p>'; } $result = DB_query("SELECT username, fullname, photo " . "FROM {$_TABLES['users']} " . "WHERE uid = {$A['owner_id']}"); $B = DB_fetchArray($result); $submitter_name = COM_getDisplayName($A['owner_id'], $B['username'], $B['fullname']); if (empty($submitter_name)) { $submitter_name = $LANG_DLM['unknown_uid']; } else { $submitter_name = COM_createLink($submitter_name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['owner_id']); } $path = $mytree->getNicePathFromId($A['cid'], 'title', $_CONF['site_url'] . '/downloads/index.php'); $temp = $mytree->getSepalator(); $path = substr($path, 0, strlen($path) - strlen($temp)); $path = str_replace($temp, ' <img src="' . $_CONF['site_url'] . '/downloads/images/arrow.gif" alt="arrow"' . XHTML . '> ', $path); $tags = '-'; if (!empty($A['tags'])) { $tags = getTagList($A['tags']); if (empty($tags)) { $tags = '-'; } } $notags = $tags == '-' ? 'dlm_notags' : ''; $T->set_var('lang_category', $LANG_DLM['category']); $T->set_var('category_path', $path); $T->set_var('lang_tags', $LANG_DLM['tags']); $T->set_var('tags', $tags); $T->set_var('notags', $notags); $T->set_var('lang_submitter', $LANG_DLM['submitter']); $T->set_var('submitter_name', $submitter_name); $T->set_var('lid', $A['lid']); $T->set_var('cid', $A['cid']); $T->set_var('lang_dlnow', $LANG_DLM['dlnow']); $T->set_var('dtitle', $A['title']); $T->set_var('filedetail_url', $filedetail_url); $T->set_var('visitfile_url', $visitfile_url); $T->set_var('listing_cid', $cid); $T->set_var('lang_download_button', $LANG_DLM['download_button']); $startdate = time() - 60 * 60 * 24 * 7; if ($startdate < $A['date']) { $image_new = COM_createImage($_CONF['site_url'] . '/downloads/images/newred.gif', $LANG_DLM['newthisweek']); $newdownload = '<span class="badgenew">NEW</span>'; } $T->set_var('image_newdownload', $image_new); // Image (New) $T->set_var('newdownload', $newdownload); // Badge (New) if ($A['hits'] >= $_DLM_CONF['download_popular']) { $image_pop = COM_createImage($_CONF['site_url'] . '/downloads/images/pop.gif', $LANG_DLM['popular']); $popdownload = '<span class="badgepop">POP</span>'; } $T->set_var('image_popular', $image_pop); // Image (Pop) $T->set_var('popdownload', $popdownload); // Badge (Pop) // category image $cat_title = DLM_htmlspecialchars($A['cat_title']); if ($_DLM_CONF['download_useshots'] && !empty($A['imgurl'])) { $imgurl = $_DLM_CONF['snapcat_url'] . '/' . DLM_htmlspecialchars($A['imgurl']); } else { $imgurl = $_CONF['site_url'] . '/downloads/images/download.png'; } $category_image = COM_createImage($imgurl, $cat_title, array('width' => $_DLM_CONF['download_shotwidth'])); $T->set_var('category_image', $category_image); $T->set_var('download_title', $LANG_DLM['click2dl'] . ': ' . $A['url']); $T->set_var('url', $A['url']); $T->set_var('file_description', $A['description']); $T->set_var('file_detail', $A['detail']); $T->set_var('rating', $A['rating']); if ($A['rating'] != "0" || $A['rating'] != "0.00") { $votestring = sprintf($LANG_DLM['numvotes'], $A['votes']); } $T->set_var('votestring', $votestring); if (!empty($A['mg_autotag'])) { // use the mediagallery autotag as a snapshot. $mg_autotag = str_replace(array('[', ']'), '', $A['mg_autotag']); $mg_autotag = '[' . $mg_autotag . ' width:' . $_DLM_CONF['max_tnimage_width'] . ' height:' . $_DLM_CONF['max_tnimage_height'] . ' align:left]'; $T->set_var('mg_autotag', PLG_replaceTags($mg_autotag, 'mediagallery')); $T->set_var('snapshot', ''); $T->set_var('snaplinkicon', ''); } elseif (!empty($A['logourl'])) { $safename = DLM_createSafeFileName($A['logourl']); $imgpath = $_DLM_CONF['path_tnstore'] . $safename; $imgpath = DLM_modTNPath($imgpath); $tnimgurl = $_DLM_CONF['tnstore_url'] . '/' . $safename; $tnimgurl = substr($tnimgurl, 0, -3) . substr($imgpath, -3); // align the extension $sizeattributes = DLM_getImgSizeAttr($imgpath); $T->set_var('snapshot_url', $_DLM_CONF['snapstore_url'] . '/' . $safename); $T->set_var('thumbnail_url', $tnimgurl); $T->set_var('snapshot_sizeattr', $sizeattributes); $T->set_var('lang_click2see', $LANG_DLM['click2see']); $T->set_var('show_snapshoticon', ''); $T->set_var('show_snapshoticon_na', 'none'); $T->set_var('mg_autotag', ''); if ($_DLM_CONF['show_tn_image']) { $T->parse('snapshot', 'tsnapshot'); } else { $T->parse('snaplinkicon', 'tsnaplinkicon'); } } else { $tnimgurl = $_CONF['site_url'] . '/downloads/images/blank.png'; $T->set_var('thumbnail_url', $tnimgurl); $T->set_var('snapshot_url', $_CONF['site_url'] . '/downloads/index.php'); $T->set_var('snapshot_sizeattr', 'width="200" height="200" '); $T->set_var('show_snapshoticon', 'none'); $T->set_var('show_snapshoticon_na', ''); $T->parse('snapshot', 'tsnapshot'); $T->set_var('snaplinkicon', ''); $T->set_var('mg_autotag', ''); } $T->set_var('lang_version', $LANG_DLM['ver']); $T->set_var('lang_rating', $LANG_DLM['ratingc']); $T->set_var('lang_submitdate', $LANG_DLM['submitdate']); $T->set_var('lang_size', $LANG_DLM['size']); $T->set_var('datetime', $A['datetime']); $T->set_var('version', $A['version']); // Check if restricted access has been enabled for download report to admin's only if ($A['hits'] > 0 && DLM_hasAccess_history()) { $T->set_var('begin_dlreport_link', '<a href="' . COM_buildURL($_CONF['site_url'] . '/downloads/history.php?lid=' . $A['lid']) . '">'); $T->set_var('end_dlreport_link', '</a>'); } else { $T->set_var('begin_dlreport_link', ''); $T->set_var('end_dlreport_link', ''); } $T->set_var('download_times', sprintf($LANG_DLM['dltimes'], $A['hits'])); $T->set_var('download_count', $A['hits']); $T->set_var('lang_popularity', $LANG_DLM['popularity']); $T->set_var('lang_filesize', $LANG_DLM['filesize']); $T->set_var('file_size', DLM_PrettySize($A['size'])); $T->set_var('homepage_url', $A['homepage']); $T->set_var('homepage_link', '-'); if (!empty($A['homepage'])) { $T->set_var('homepage_link', COM_makeClickableLinks($A['homepage'])); } $T->set_var('lang_homepage', $LANG_DLM['homepage']); $T->set_var('lang_download', $LANG_DLM['download']); $T->set_var('lang_filelink', $LANG_DLM['filelink']); $T->set_var('lang_permalink', $LANG_DLM['permalink']); $T->set_var('lang_ratethisfile', $LANG_DLM['ratethisfile']); $T->set_var('lang_edit', $LANG_DLM['edit']); $T->set_var('show_editlink', $_DLM_CONF['has_edit_rights'] ? '' : 'none'); $T->set_var('lang_md5_checksum', $LANG_DLM['md5_checksum']); $T->set_var('md5_checksum', $A['md5']); if ($A['commentcode'] == 0) { $commentCount = DB_count($_TABLES['comments'], 'sid', addslashes($A['lid'])); $recentPostMessage = $LANG_DLM['commentswanted']; if ($commentCount > 0) { $result4 = DB_query("SELECT cid, UNIX_TIMESTAMP(date) AS day, username " . "FROM {$_TABLES['comments']}, {$_TABLES['users']} " . "WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid " . "AND sid = '" . addslashes($A['lid']) . "' " . "ORDER BY date DESC LIMIT 1"); $C = DB_fetchArray($result4); $recentPostMessage = $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . $C['username']; $comment_link = COM_createLink($commentCount . ' ' . $LANG01[3], $filedetail_url, array('title' => $recentPostMessage)); } else { $A['title'] = str_replace(''', "'", $A['title']); $A['title'] = str_replace('&', '&', $A['title']); $url = $_CONF['site_url'] . '/comment.php?type=downloads&sid=' . $A['lid'] . '&title=' . rawurlencode($A['title']); $comment_link = COM_createLink($LANG_DLM['entercomment'], $url, array('title' => $recentPostMessage)); } $T->set_var('comment_link', $comment_link); $T->set_var('show_comments', ''); } else { $T->set_var('show_comments', 'none'); } }
function DLM_convertData() { global $_PLUGINS, $_DLM_CONF, $_GROUPS, $_CONF, $_TABLES, $_USER, $_FM_TABLES, $_FM_CONF, $_LANG_CONV, $_SUCCESS; $retval = ''; if (is_readable($_FM_CONF['filemgmt_FileStore'])) { $retval .= '<p>' . $_LANG_CONV['readable_fm_file_dir'] . $_FM_CONF['filemgmt_FileStore'] . '</p>' . LB; } else { $retval .= '<p>' . $_LANG_CONV['unreadable_fm_file_dir'] . $_FM_CONF['filemgmt_FileStore'] . '</p>' . LB; $_SUCCESS = false; return $retval; } if (is_writeable($_DLM_CONF['path_filestore'])) { $retval .= '<p>' . $_LANG_CONV['writeable_dm_file_dir'] . $_DLM_CONF['path_filestore'] . '</p>' . LB; } else { $retval .= '<p>' . $_LANG_CONV['unwriteable_dm_file_dir'] . $_DLM_CONF['path_filestore'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $sql = "SELECT COUNT(*) FROM {$_TABLES['downloadcategories']}"; list($count) = DB_fetchArray(DB_query($sql)); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $retval .= '<p>' . $_LANG_CONV['num_dm_cat_data'] . $count . '</p>' . LB; if ($count > 0) { $retval .= '<p>' . $_LANG_CONV['del_dm_cat_data'] . '</p>' . LB; DB_query("DELETE FROM {$_TABLES['downloadcategories']}"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT COUNT(*) FROM {$_TABLES['downloads']}"; list($count) = DB_fetchArray(DB_query($sql)); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $retval .= '<p>' . $_LANG_CONV['num_dm_info_data'] . $count . '</p>' . LB; if ($count > 0) { $retval .= '<p>' . $_LANG_CONV['del_dm_info_data'] . '</p>' . LB; DB_query("DELETE FROM {$_TABLES['downloads']}"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT COUNT(*) FROM {$_TABLES['downloadvotes']}"; list($count) = DB_fetchArray(DB_query($sql)); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $retval .= '<p>' . $_LANG_CONV['num_dm_vote_data'] . $count . '</p>' . LB; if ($count > 0) { $retval .= '<p>' . $_LANG_CONV['del_dm_vote_data'] . '</p>' . LB; DB_query("DELETE FROM {$_TABLES['downloadvotes']}"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT COUNT(*) FROM {$_TABLES['downloadhistories']}"; list($count) = DB_fetchArray(DB_query($sql)); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $retval .= '<p>' . $_LANG_CONV['num_dm_history_data'] . $count . '</p>' . LB; if ($count > 0) { $retval .= '<p>' . $_LANG_CONV['del_dm_history_data'] . '</p>' . LB; DB_query("DELETE FROM {$_TABLES['downloadhistories']}"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT COUNT(*) FROM {$_TABLES['downloadsubmission']}"; list($count) = DB_fetchArray(DB_query($sql)); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $retval .= '<p>' . $_LANG_CONV['num_dm_submission_data'] . $count . '</p>' . LB; if ($count > 0) { $retval .= '<p>' . $_LANG_CONV['del_dm_submission_data'] . '</p>' . LB; DB_query("DELETE FROM {$_TABLES['downloadsubmission']}"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } if (!$_SUCCESS) { return $retval; } $owner_id = $_USER['uid']; if (isset($_GROUPS['Downloads Admin'])) { $group_id = $_GROUPS['Downloads Admin']; } else { $group_id = SEC_getFeatureGroup('downloads.edit'); } SEC_setDefaultPermissions($P, $_DLM_CONF['default_permissions']); foreach ($P as $key => $val) { ${$key} = $val; } $sql = "SELECT * FROM {$_FM_TABLES['filemgmt_cat']}"; $result = DB_query($sql); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } $corder = 0; while ($A = DB_fetchArray($result)) { foreach ($A as $key => $val) { ${$key} = $val; } if ($pid == 0) { $pid = ROOTID; } $corder += 10; $is_enabled = 1; if (!empty($imgurl)) { $imgurl = rawurldecode($imgurl); $catimg_src = $_FM_CONF['filemgmt_SnapCat'] . $imgurl; if (!is_readable($catimg_src)) { $retval .= '<p>' . $_LANG_CONV['unable_to_read_catimg'] . $catimg_src . '</p>' . LB; $_SUCCESS = false; return $retval; } $catimg_dest = $_DLM_CONF['path_snapcat'] . DLM_createSafeFileName(DLM_createCatImgFilename($imgurl)); $_SUCCESS = DLM_copyFile_fm2dm($catimg_src, $catimg_dest); if (!$_SUCCESS) { $retval .= '<p>' . $_LANG_CONV['unable_to_conv_catimg'] . $catimg_src . '</p>' . LB; return $retval; } } DB_query("INSERT INTO {$_TABLES['downloadcategories']} " . "(cid, pid, title, imgurl, corder, is_enabled, owner_id, group_id, " . "perm_owner, perm_group, perm_members, perm_anon) " . "VALUES ('{$cid}', '{$pid}', '{$title}', '{$imgurl}', {$corder}, {$is_enabled}, {$owner_id}, {$group_id}, " . "{$perm_owner}, {$perm_group}, {$perm_members}, {$perm_anon})"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT * FROM {$_FM_TABLES['filemgmt_filedetail']}"; $result = DB_query($sql); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } while ($A = DB_fetchArray($result)) { foreach ($A as $key => $val) { ${$key} = $val; } $project = ''; $description = ''; $detail = ''; $postmode = 'plaintext'; $commentcode = $comments == 1 ? 0 : -1; $is_released = $status; $is_listing = $status; $createddate = date('Y-m-d H:i:s', $date); $owner_id = $submitter; $secret_id = md5(uniqid()); $mg_autotag = ''; $tags = ''; $url = rawurldecode($url); $src_url = $_FM_CONF['filemgmt_FileStore'] . $url; if (!is_readable($src_url)) { $retval .= '<p>' . $_LANG_CONV['unable_to_read_dlfile'] . $src_url . '</p>' . LB; $_SUCCESS = false; return $retval; } $size = filesize($src_url); $md5 = md5_file($src_url); $dest_url = $_DLM_CONF['path_filestore'] . DLM_createSafeFileName($url, $secret_id); $_SUCCESS = DLM_copyFile_fm2dm($src_url, $dest_url); if (!$_SUCCESS) { $retval .= '<p>' . $_LANG_CONV['unable_to_conv_dlfile'] . $src_url . '</p>' . LB; return $retval; } if (!empty($logourl)) { $logourl = rawurldecode($logourl); $snap_src = $_FM_CONF['filemgmt_SnapStore'] . $logourl; if (!is_readable($snap_src)) { $retval .= '<p>' . $_LANG_CONV['unable_to_read_snapimg'] . $snap_src . '</p>' . LB; $_SUCCESS = false; return $retval; } $logourl = DLM_createSnapFilename($logourl, $_TABLES['downloads'], 'logourl'); $snap_dest = $_DLM_CONF['path_snapstore'] . DLM_createSafeFileName($logourl); $_SUCCESS = DLM_copyFile_fm2dm($snap_src, $snap_dest); if (!$_SUCCESS) { $retval .= '<p>' . $_LANG_CONV['unable_to_conv_snapimg'] . $snap_src . '</p>' . LB; return $retval; } $_SUCCESS = DLM_makeThumbnail(DLM_createSafeFileName($logourl)); if (!$_SUCCESS) { $retval .= '<p>' . $_LANG_CONV['unable_to_make_tn'] . $snap_src . '</p>' . LB; return $retval; } } DB_query("INSERT INTO {$_TABLES['downloads']} " . "(lid, cid, title, url, homepage, version, size, secret_id, md5, " . "project, description, detail, postmode, logourl, mg_autotag, tags, " . "date, hits, rating, votes, commentcode, is_released, is_listing, createddate, owner_id" . ") " . "VALUES ('{$lid}', '{$cid}', '{$title}', '{$url}', '{$homepage}', '{$version}', '{$size}', '{$secret_id}', '{$md5}', " . "'{$project}', '{$description}', '{$detail}', '{$postmode}', '{$logourl}', '{$mg_autotag}', '{$tags}', " . "{$date}, {$hits}, {$rating}, {$votes}, '{$commentcode}', {$is_released}, {$is_listing}, '{$createddate}', '{$owner_id}'" . ")"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT * FROM {$_FM_TABLES['filemgmt_filedesc']}"; $result = DB_query($sql); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } while ($A = DB_fetchArray($result)) { foreach ($A as $key => $val) { ${$key} = $val; } $description = addslashes(stripslashes($description)); $descri = ''; $detail = ''; // Search break page position $breakPosition = strpos($description, "\r\n\r\n"); if ($breakPosition > 0 and $breakPosition < strlen($description)) { $descri = substr($description, 0, $breakPosition); $detail = substr($description, $breakPosition + 4, strlen($description) - $breakPosition - 4); } else { $breakPosition = strpos($description, "\n\n"); if ($breakPosition > 0 and $breakPosition < strlen($description)) { $descri = substr($description, 0, $breakPosition); $detail = substr($description, $breakPosition + 2, strlen($description) - $breakPosition - 2); } else { $breakPosition = strpos($description, "\r\r"); if ($breakPosition > 0 and $breakPosition < strlen($description)) { $descri = substr($description, 0, $breakPosition); $detail = substr($description, $breakPosition + 2, strlen($description) - $breakPosition - 2); } else { $descri = $description; } } } DB_query("UPDATE {$_TABLES['downloads']} " . "SET description='{$descri}', detail='{$detail}' " . "WHERE lid='{$lid}'"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT * FROM {$_FM_TABLES['filemgmt_votedata']}"; $result = DB_query($sql); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } while ($A = DB_fetchArray($result)) { foreach ($A as $key => $val) { ${$key} = $val; } DB_query("INSERT INTO {$_TABLES['downloadvotes']} " . "(ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp) " . "VALUES ('{$ratingid}', '{$lid}', '{$ratinguser}', '{$rating}', '{$ratinghostname}', '{$ratingtimestamp}')"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } $sql = "SELECT * FROM {$_FM_TABLES['filemgmt_history']}"; $result = DB_query($sql); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } while ($A = DB_fetchArray($result)) { foreach ($A as $key => $val) { ${$key} = $val; } DB_query("INSERT INTO {$_TABLES['downloadhistories']} " . "(uid, lid, remote_ip, date) " . "VALUES ('{$uid}', '{$lid}', '{$remote_ip}', '{$date}')"); if (DB_error()) { $retval .= '<p>' . $_LANG_CONV['db_error'] . '</p>' . LB; $_SUCCESS = false; return $retval; } } return $retval; }
function submitNewDownload(&$A) { global $_CONF, $_TABLES, $_DLM_CONF; $this->_initVars(); $this->_loadFromArgs($A); $this->_secret_id = $this->_createSecretID(); $this->_url = $_FILES['newfile']['name']; // $this->_logourl = $_FILES['newfileshot']['name']; if (empty($this->_lid)) { $this->_lid = $this->_old_lid; } // Validate the input values -----------------------> if (empty($this->_title)) { $this->_errno[] = '1101'; } if (empty($this->_url)) { $this->_errno[] = '1102'; } else { if ($this->_lid != $this->_old_lid) { $count = DB_count($_TABLES['downloads'], 'lid', addslashes($this->_lid)); if ($count > 0) { $this->_errno[] = '1202'; } } } if (empty($this->_description)) { $this->_errno[] = '1103'; } if (!empty($this->_errno)) { $this->_retry = true; $this->_reedit('showEditor', array($this->_editor_mode)); } // Validate the input values -----------------------< if (empty($this->_cid)) { $this->_cid = ROOTID; } $success = false; if (!SEC_hasRights('downloads.submit')) { // Upload New file if (!empty($this->_url)) { $tmpfilename = 'tmp' . date('YmdHis', $this->_date) . DLM_createSafeFileName($this->_url); $success = DLM_uploadNewFile($_FILES['newfile'], $_DLM_CONF['path_filestore'], $tmpfilename); if ($success) { $this->_size = filesize($_DLM_CONF['path_filestore'] . $tmpfilename); $this->_md5 = md5_file($_DLM_CONF['path_filestore'] . $tmpfilename); } } // Upload New file snapshot image if ($success && !empty($_FILES['newfileshot']['name'])) { $this->_logourl = $_FILES['newfileshot']['name']; $tmpshotname = 'tmp' . date('YmdHis', $this->_date) . DLM_createSafeFileName($this->_logourl); $success = DLM_uploadNewFile($_FILES['newfileshot'], $_DLM_CONF['path_snapstore'], $tmpshotname); } $mode = 'submission'; } else { // Upload New file if (!empty($this->_url)) { $safename = DLM_createSafeFileName($this->_url, $this->_secret_id); $success = DLM_uploadNewFile($_FILES['newfile'], $_DLM_CONF['path_filestore'], $safename); if ($success) { $this->_size = filesize($_DLM_CONF['path_filestore'] . $safename); $this->_md5 = md5_file($_DLM_CONF['path_filestore'] . $safename); } } // Upload New file snapshot image if ($success) { $this->_uploadSnapImage(); DLM_makeThumbnail(DLM_createSafeFileName($this->_logourl)); } $mode = ''; } if ($success) { $this->_addToDatabase($mode); $msg = $_DLM_CONF['download_emailoption'] ? 109 : 115; echo PLG_afterSaveSwitch('home', '', 'downloads', $msg); } else { echo PLG_afterSaveSwitch('home', '', 'downloads', 108); } exit; }