<div style="margin-top: 4px; position: relative;"> <b>Allow Redirect:</b> <?php echo $item['recip_required'] ? 'Yes' : 'No'; ?> <span style="left: 225px; position: absolute;"><b>Recip Required:</b> <?php echo $item['recip_required'] ? 'Yes' : 'No'; ?> </span> </div> <?php foreach ($GLOBALS['_user_fields_'] as $field) { if (!IsEmptyString($item[$field['name']])) { ?> <div style="margin-top: 4px;"><b><?php echo StringChopTooltip(htmlspecialchars($field['label']), 25); ?> :</b> <?php echo $item[$field['name']]; ?> </div> <?php } } ?> </div> </td> <td style="text-align: right;" class="last" valign="top">
function SetMessageType() { if (!IsEmptyString($this->html_body)) { $this->type = 'alt'; } else { $this->type = 'plain'; } }
/** * Process link edits */ function lxEditedLink() { global $json, $DB; VerifyPrivileges(P_LINK_MODIFY, TRUE); if (!is_array($_REQUEST['link_id'])) { $_REQUEST['link_id'] = array($_REQUEST['link_id']); } foreach ($_REQUEST['link_id'] as $link_id) { $link = $DB->Row('SELECT * FROM `lx_links` WHERE `link_id`=?', array($link_id)); if ($link['is_edited']) { if ($_REQUEST['w'] == 'approve') { $edit = unserialize(base64_decode($link['edit_data'])); if (!IsEmptyString($edit['password'])) { $edit['password'] = sha1($edit['password']); } else { $edit['password'] = $link['password']; } // Update link data $DB->Update('UPDATE `lx_links` SET ' . '`site_url`=?, ' . '`recip_url`=?, ' . '`title`=?, ' . '`description`=?, ' . '`name`=?, ' . '`email`=?, ' . '`submit_ip`=?, ' . '`keywords`=?, ' . '`date_modified`=?, ' . '`password`=?, ' . '`is_edited`=?, ' . '`edit_data`=? ' . 'WHERE `link_id`=?', array($edit['site_url'], $edit['recip_url'], $edit['title'], $edit['description'], $edit['name'], $edit['email'], $edit['submit_ip'], $edit['keywords'], MYSQL_NOW, $edit['password'], 0, null, $link_id)); // Update user defined fields UserDefinedUpdate('lx_link_fields', 'lx_link_field_defs', 'link_id', $link_id, $edit, FALSE); } else { $DB->Update('UPDATE lx_links SET is_edited=?,edit_data=? WHERE link_id=?', array(0, null, $link_id)); } } } echo $json->encode(array('status' => JSON_SUCCESS)); }
</div> <div class="fieldgroup"> <label>End Date:</label> <input type="text" size="20" name="partner[<?php echo $item['username']; ?> ][date_end]" value="" class="calendarSelectDate"> </div> <?php $fields =& GetUserPartnerFields($item); foreach ($fields as $field) { ArrayHSC($field); AdminFormField($field); if ($field['request_only'] && IsEmptyString($field['value'])) { continue; } ?> <div class="fieldgroup"> <?php if ($field['request_only']) { ?> <label for="<?php echo $field['name']; ?> " class="lesspad"><?php echo $field['label']; ?> :</label>
function tlxAccountAdd() { global $C, $DB, $L, $IMAGE_EXTENSIONS, $t; unset($_REQUEST['banner_url_local']); // Get domain $parsed_url = parse_url($_REQUEST['site_url']); $_REQUEST['domain'] = preg_replace('~^www\\.~', '', $parsed_url['host']); $v = new Validator(); // Get selected category (if any) and set variables if (isset($_REQUEST['category_id'])) { $category = $DB->Row('SELECT * FROM `tlx_categories` WHERE `category_id`=? AND `hidden`=0', array($_REQUEST['category_id'])); if ($category) { $C['min_desc_length'] = $category['desc_min_length']; $C['max_desc_length'] = $category['desc_max_length']; $C['min_title_length'] = $category['title_min_length']; $C['max_title_length'] = $category['title_max_length']; $C['banner_max_width'] = $category['banner_max_width']; $C['banner_max_height'] = $category['banner_max_height']; $C['banner_max_bytes'] = $category['banner_max_bytes']; $C['allow_redirect'] = $category['allow_redirect']; } else { $v->SetError($L['INVALID_CATEGORY']); } } // See if username is taken if ($DB->Count('SELECT COUNT(*) FROM `tlx_accounts` WHERE `username`=?', array($_REQUEST['username'])) > 0) { $v->SetError($L['USERNAME_TAKEN']); } // Check for duplicate account information if ($DB->Count('SELECT COUNT(*) FROM `tlx_accounts` WHERE `site_url`=? OR `email`=? OR `domain`=?', array($_REQUEST['site_url'], $_REQUEST['email'], $_REQUEST['domain'])) > 0) { $v->SetError($L['EXISTING_ACCOUNT']); } $v->Register($_REQUEST['username'], V_LENGTH, $L['USERNAME_LENGTH'], '4,32'); $v->Register($_REQUEST['username'], V_ALPHANUM, $L['INVALID_USERNAME']); $v->Register($_REQUEST['password'], V_LENGTH, $L['PASSWORD_LENGTH'], '4,9999'); $v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']); $v->Register($_REQUEST['site_url'], V_URL, sprintf($L['INVALID_URL'], $L['SITE_URL'])); $v->Register($_REQUEST['password'], V_NOT_EQUALS, $L['USERNAME_IS_PASSWORD'], $_REQUEST['username']); $v->Register($_REQUEST['password'], V_EQUALS, $L['PASSWORDS_DONT_MATCH'], $_REQUEST['confirm_password']); if (!IsEmptyString($_REQUEST['banner_url'])) { $v->Register($_REQUEST['banner_url'], V_URL, sprintf($L['INVALID_URL'], $L['BANNER_URL'])); } // Format keywords and check number if ($C['allow_keywords']) { $_REQUEST['keywords'] = FormatSpaceSeparated($_REQUEST['keywords']); $keywords = explode(' ', $_REQUEST['keywords']); $v->Register(count($keywords), V_LESS_EQ, sprintf($L['MAXIMUM_KEYWORDS'], $C['max_keywords']), $C['max_keywords']); } else { $_REQUEST['keywords'] = null; } // Verify captcha code if ($C['account_add_captcha']) { VerifyCaptcha($v); } // Initial validation if (!$v->Validate()) { return $v->ValidationError('tlxShAccountAdd', TRUE); } // Check if the site URL is working $http = new Http(); if ($http->Get($_REQUEST['site_url'], $C['allow_redirect'])) { $_REQUEST['html'] = $http->body; $_REQUEST['headers'] = $http->raw_response_headers; } else { $v->SetError(sprintf($L['BROKEN_URL'], $_REQUEST['site_url'], $http->errstr)); } // Check the blacklist $blacklisted = CheckBlacklistAccount($_REQUEST); if ($blacklisted !== FALSE) { $v->SetError(sprintf($blacklisted[0]['reason'] ? $L['BLACKLISTED_REASON'] : $L['BLACKLISTED'], $blacklisted[0]['match'], $blacklisted[0]['reason'])); } // Check site title and description length $v->Register($_REQUEST['title'], V_LENGTH, sprintf($L['TITLE_LENGTH'], $C['min_title_length'], $C['max_title_length']), "{$C['min_title_length']},{$C['max_title_length']}"); $v->Register($_REQUEST['description'], V_LENGTH, sprintf($L['DESCRIPTION_LENGTH'], $C['min_desc_length'], $C['max_desc_length']), "{$C['min_desc_length']},{$C['max_desc_length']}"); // Validation of user defined fields $fields =& GetUserAccountFields(); foreach ($fields as $field) { if ($field['on_create']) { if ($field['required_create']) { $v->Register($_REQUEST[$field['name']], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $field['label'])); } if (!IsEmptyString($_REQUEST[$field['name']]) && $field['validation']) { $v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']); } } } // Download banner to check size $banner_file = null; if (!IsEmptyString($_REQUEST['banner_url']) && ($C['download_banners'] || $C['host_banners'])) { $http = new Http(); if ($http->Get($_REQUEST['banner_url'], TRUE, $_REQUEST['site_url'])) { $banner_file = SafeFilename("{$C['banner_dir']}/{$_REQUEST['username']}.jpg", FALSE); FileWrite($banner_file, $http->body); $banner_info = @getimagesize($banner_file); if ($banner_info !== FALSE) { $_REQUEST['banner_width'] = $banner_info[0]; $_REQUEST['banner_height'] = $banner_info[1]; if (filesize($banner_file) > $C['banner_max_bytes']) { $v->SetError(sprintf($L['BAD_BANNER_BYTES'], $C['banner_max_bytes'])); } if ($C['host_banners']) { if (isset($IMAGE_EXTENSIONS[$banner_info[2]])) { $banner_ext = strtolower($IMAGE_EXTENSIONS[$banner_info[2]]); if ($banner_ext != 'jpg') { $new_file = preg_replace('~\\.jpg$~', ".{$banner_ext}", $banner_file); rename($banner_file, $new_file); $banner_file = $new_file; } $_REQUEST['banner_url_local'] = "{$C['banner_url']}/{$_REQUEST['username']}.{$banner_ext}"; } else { $v->SetError($L['BAD_BANNER_IMAGE']); } } else { @unlink($banner_file); $banner_file = null; } } else { $v->SetError($L['BAD_BANNER_IMAGE']); } } else { $v->SetError(sprintf($L['BROKEN_URL'], $_REQUEST['banner_url'], $http->errstr)); } } // Check banner dimensions if ($_REQUEST['banner_width'] > $C['banner_max_width'] || $_REQUEST['banner_height'] > $C['banner_max_height']) { $v->SetError(sprintf($L['BAD_BANNER_SIZE'], $C['banner_max_width'], $C['banner_max_height'])); } // Force banner dimensions if ($C['banner_force_size']) { $_REQUEST['banner_width'] = $C['banner_max_width']; $_REQUEST['banner_height'] = $C['banner_max_height']; } if (!$v->Validate()) { if (!empty($banner_file)) { @unlink($banner_file); } return $v->ValidationError('tlxShAccountAdd', TRUE); } $_REQUEST['status'] = STATUS_ACTIVE; $email_template = 'email-account-added.tpl'; if ($C['confirm_accounts']) { $_REQUEST['status'] = STATUS_UNCONFIRMED; $email_template = 'email-account-confirm.tpl'; $confirm_id = md5(uniqid(rand(), true)); $t->assign('confirm_url', "{$C['install_url']}/accounts.php?r=confirm&id={$confirm_id}"); $DB->Update('INSERT INTO `tlx_account_confirms` VALUES (?,?,?)', array($_REQUEST['username'], $confirm_id, MYSQL_NOW)); } else { if ($C['review_new_accounts']) { $_REQUEST['status'] = STATUS_PENDING; $email_template = 'email-account-pending.tpl'; } } // Add account information $DB->Update('INSERT INTO `tlx_accounts` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array($_REQUEST['username'], $_REQUEST['email'], $_REQUEST['site_url'], $_REQUEST['domain'], $_REQUEST['banner_url'], $_REQUEST['banner_url_local'], $_REQUEST['banner_height'], $_REQUEST['banner_width'], $_REQUEST['title'], $_REQUEST['description'], $_REQUEST['keywords'], MYSQL_NOW, $_REQUEST['status'] == STATUS_ACTIVE ? MYSQL_NOW : null, MYSQL_NOW, sha1($_REQUEST['password']), $C['return_percent'], $_REQUEST['status'], 0, 0, 0, $_REQUEST['category_id'], null, null, 0, 0, 0, null, null)); // Create stats tracking data $stats_data = array_merge(array($_REQUEST['username']), array_fill(0, 127, 0)); $DB->Update('INSERT INTO `tlx_account_hourly_stats` VALUES (' . CreateBindList($stats_data) . ')', $stats_data); // Insert user defined database fields $query_data = CreateUserInsert('tlx_account_fields', $_REQUEST); $DB->Update('INSERT INTO `tlx_account_fields` VALUES (' . $query_data['bind_list'] . ')', $query_data['binds']); // Assign template values $_REQUEST['category'] = $category['name']; $t->assign_by_ref('account', $_REQUEST); $t->assign_by_ref('user_fields', $fields); $t->assign('tracking_url', $C['tracking_mode'] == 'unique_link' ? "{$C['in_url']}?id={$_REQUEST['username']}" : $C['in_url']); // Send e-mail to account submitter if ($C['confirm_accounts'] || $C['email_new_accounts']) { SendMail($_REQUEST['email'], $email_template, $t); } // Send e-mail to administrators $administrators =& $DB->FetchAll('SELECT * FROM `tlx_administrators`'); foreach ($administrators as $administrator) { if ($administrator['notifications'] & E_ACCOUNT_ADDED) { SendMail($administrator['email'], 'email-admin-account-added.tpl', $t); } } // Display confirmation page $t->display('accounts-added.tpl'); }
function txBlacklistAdd() { global $DB, $C; VerifyAdministrator(); $v = new Validator(); $v->Register($_REQUEST['value'], V_EMPTY, 'The Value(s) field must be filled in'); if (!$v->Validate()) { return $v->ValidationError('txShBlacklistAdd'); } UnixFormat($_REQUEST['value']); $added = 0; foreach (explode("\n", $_REQUEST['value']) as $value) { list($value, $reason) = explode('|', $value); if (IsEmptyString($value)) { continue; } if (!$reason) { $reason = $_REQUEST['reason']; } // Add blacklist item data to the database $DB->Update('INSERT INTO `tx_blacklist` VALUES (?,?,?,?,?)', array(NULL, $_REQUEST['type'], intval($_REQUEST['regex']), $value, $reason)); $added++; } $GLOBALS['message'] = 'New blacklist item' . ($added == 1 ? '' : 's') . ' successfully added'; $GLOBALS['added'] = true; UnsetArray($_REQUEST); txShBlacklistAdd(); }
function txSendPasswordReset() { global $DB, $C, $t, $L, $domain; $v = new Validator(); $v->Register($_REQUEST['email'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['EMAIL'])); if (!IsEmptyString($_REQUEST['email'])) { $partner = $DB->Row('SELECT * FROM `tx_partners` WHERE `email`=?', array($_REQUEST['email'])); if (!$partner) { $v->SetError($L['NO_MATCHING_EMAIL']); } else { if ($partner['status'] == 'suspended') { $v->SetError($L['ACCOUNT_SUSPENDED']); } else { if ($partner['status'] != 'active') { $v->SetError($L['ACCOUNT_PENDING']); } } } } if (!$v->Validate()) { return $v->ValidationError('txShPasswordReset', TRUE); } $confirm_id = md5(uniqid(rand(), TRUE)); $DB->Update('DELETE FROM `tx_partner_confirms` WHERE `username`=?', array($partner['username'])); $DB->Update('INSERT INTO `tx_partner_confirms` VALUES (?,?,?)', array($partner['username'], $confirm_id, MYSQL_NOW)); $t->assign_by_ref('partner', $partner); $t->assign('confirm_id', $confirm_id); SendMail($partner['email'], $domain['template_prefix'] . 'email-partner-reset-confirm.tpl', $t); $t->display($domain['template_prefix'] . 'partner-reset-confirm.tpl'); }
function txGalleryBlacklist() { global $DB, $json, $C; VerifyPrivileges(P_GALLERY_REMOVE, TRUE); $result = GetWhichGalleries(); $amount = $DB->NumRows($result); while ($gallery = $DB->NextRow($result)) { DeleteGallery($gallery['gallery_id'], $gallery); } $DB->Free($result); $values = array('bl_domainip' => 'domain_ip', 'bl_submitip' => 'submit_ip', 'bl_dns' => 'dns', 'bl_url' => 'url', 'bl_email' => 'email'); foreach ($values as $field => $type) { if (IsEmptyString($_REQUEST[$field])) { continue; } if ($DB->Count('SELECT COUNT(*) FROM `tx_blacklist` WHERE `type`=? AND `value`=?', array($type, $_REQUEST[$field])) < 1) { $DB->Update('INSERT INTO `tx_blacklist` VALUES (?,?,?,?,?)', array(null, $type, 0, $_REQUEST[$field], $_REQUEST['bl_reason'])); } } echo $json->encode(array('status' => JSON_SUCCESS, 'message' => "{$amount} galler" . ($amount == 1 ? 'y has' : 'ies have') . " been blacklisted and deleted")); }
function RestoreThumbnails($filename) { global $DB, $C; $fd = fopen($filename, 'r'); if ($fd) { while (!feof($fd)) { list($file, $thumb_data) = explode('|', trim(fgets($fd))); if (IsEmptyString($file)) { continue; } FileWrite("{$C['preview_dir']}/{$file}", base64_decode($thumb_data)); } fclose($fd); @chmod($filename, 0666); } }
function ConvertData() { global $C, $DB, $from_shell; $errors = array(); if (!is_dir($_REQUEST['directory'])) { $errors[] = "The directory " . htmlspecialchars($_REQUEST['directory']) . " does not exist on your server"; return DisplayMain($errors); } if (!is_file("{$_REQUEST['directory']}/arphp.php")) { $errors[] = "The arphp.php file could not be found in the " . htmlspecialchars($_REQUEST['directory']) . " directory"; return DisplayMain($errors); } if (!is_readable("{$_REQUEST['directory']}/arphp.php")) { $errors[] = "The arphp.php file in the " . htmlspecialchars($_REQUEST['directory']) . " directory could not be opened for reading"; return DisplayMain($errors); } // Check version $version_file_contents = file_get_contents("{$_REQUEST['directory']}/common.php"); if (preg_match('~\\$VERSION\\s+=\\s+\'(.*?)\'~', $version_file_contents, $matches)) { list($a, $b, $c) = explode('.', $matches[1]); if ($a < 3) { $errors[] = "Your AutoRank PHP installation is outdated; please upgrade to the 3.0.x series"; return DisplayMain($errors); } } else { $errors[] = "Unable to extract version information from arphp.php; your version of AutoRank PHP is likely too old"; return DisplayMain($errors); } // Extract variables $mysql_file_contents = file_get_contents("{$_REQUEST['directory']}/data/variables"); if ($mysql_file_contents === FALSE) { $errors[] = "Unable to read contents of the variables file"; return DisplayMain($errors); } $vars = array(); if (preg_match_all('~^\\$([a-z0-9_]+)\\s+=\\s+\'(.*?)\';$~msi', $mysql_file_contents, $matches, PREG_SET_ORDER)) { foreach ($matches as $match) { $vars[$match[1]] = $match[2]; } } if (!isset($vars['USERNAME']) || !isset($vars['DATABASE']) || !isset($vars['HOSTNAME'])) { $errors[] = "Unable to extract MySQL database information from the variables file"; return DisplayMain($errors); } $CONVERTDB = new DB($vars['HOSTNAME'], $vars['USERNAME'], $vars['PASSWORD'], $vars['DATABASE']); $CONVERTDB->Connect(); $CONVERTDB->Update('SET `wait_timeout`=86400'); if (!$from_shell) { echo "<pre>"; } // // Copy banners FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Copying member account banners...\n"); echo "Copying member account banners...\n"; flush(); $banners =& DirRead($vars['BANNER_DIR'], '\\.(png|jpg|gif|bmp)$'); foreach ($banners as $banner) { @copy("{$vars['BANNER_DIR']}/{$banner}", "{$C['banner_dir']}/{$banner}"); @chmod("{$C['banner_dir']}/{$banner}", 0666); } // // Dump categories FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting categories...\n"); echo "Converting categories...\n"; flush(); $categories = array(); $category_ids = array(); $DB->Update('DELETE FROM `tlx_categories`'); $DB->Update('ALTER TABLE `tlx_categories` AUTO_INCREMENT=0'); foreach (explode(',', $vars['CATEGORIES']) as $category) { $DB->Update('INSERT INTO `tlx_categories` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array(null, $category, 0, $vars['FORWARD_URL'], null, $vars['BANNER_WIDTH'], $vars['BANNER_HEIGHT'], $vars['BANNER_SIZE'], intval($vars['O_FORCE_DIMS']), intval($vars['O_CHECK_DIMS']), intval($vars['O_SERVE_BANNERS']), 1, 1, $vars['MAX_TITLE'], 1, $vars['MAX_DESC'], intval($vars['O_REQ_RECIP']))); $category_ids[$category] = $DB->InsertID(); } // // Import icons FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting account icons...\n"); echo "Converting account icons...\n"; flush(); $DB->Update('DELETE FROM `tlx_icons`'); $DB->Update('ALTER TABLE `tlx_icons` AUTO_INCREMENT=0'); IniParse("{$_REQUEST['directory']}/data/icons", TRUE, $icons_ini); $icons = array(); foreach ($icons_ini as $key => $value) { $DB->Update('INSERT INTO `tlx_icons` VALUES (?,?,?)', array(null, $key, trim($value))); $icons[$key] = $DB->InsertID(); } // // Import user defined fields FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting user defined database fields...\n"); echo "Converting user defined database fields...\n"; flush(); $DB->Update('DELETE FROM `tlx_account_field_defs`'); $DB->Update('ALTER TABLE `tlx_account_field_defs` AUTO_INCREMENT=0'); $DB->Update('DROP TABLE IF EXISTS `tlx_account_fields`'); $DB->Update('CREATE TABLE `tlx_account_fields` (`username` CHAR(32) NOT NULL PRIMARY KEY)'); for ($i = 1; $i <= 3; $i++) { if (!IsEmptyString($vars["NAME_FIELD_{$i}"])) { $DB->Update('INSERT INTO `tlx_account_field_defs` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)', array(null, "user_field_{$i}", $vars["NAME_FIELD_{$i}"], FT_TEXT, null, null, 0, null, null, 1, intval($vars["O_REQ_FIELD_{$i}"]), 1, intval($vars["O_REQ_FIELD_{$i}"]))); $DB->Update("ALTER TABLE `tlx_account_fields` ADD COLUMN # TEXT", array("user_field_{$i}")); } } // // Dump account data FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting account data...\n"); echo "Converting account data...\n"; flush(); $DB->Update('DELETE FROM `tlx_accounts`'); $DB->Update('DELETE FROM `tlx_account_hourly_stats`'); $DB->Update('DELETE FROM `tlx_account_daily_stats`'); $DB->Update('DELETE FROM `tlx_account_country_stats`'); $DB->Update('DELETE FROM `tlx_account_referrer_stats`'); $DB->Update('DELETE FROM `tlx_account_icons`'); $DB->Update('DELETE FROM `tlx_account_comments`'); $DB->Update('DELETE FROM `tlx_account_ranks`'); $result = $CONVERTDB->Query('SELECT * FROM `arphp_Accounts`'); while ($account = $CONVERTDB->NextRow($result)) { $parsed_url = parse_url($account['Site_URL']); $account['Domain'] = preg_replace('~^www\\.~i', '', $parsed_url['host']); $account['Banner_URL'] = str_replace($vars['BANNER_URL'], $C['banner_url'], $account['Banner_URL']); $DB->Update('INSERT INTO `tlx_accounts` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array($account['Username'], $account['Email'], $account['Site_URL'], $account['Domain'], $account['Banner_URL'], $account['Banner_URL'], $account['Banner_Height'], $account['Banner_Width'], $account['Title'], $account['Description'], null, date(DF_DATETIME, $account['Signup']), date(DF_DATETIME, $account['Signup']), null, sha1($account['Password']), $C['return_percent'], STATUS_ACTIVE, intval($account['Locked']), intval($account['Suspended']), 0, $category_ids[$account['Category']], 0, 0, $account['Num_Ratings'], $account['Rating_Total'], $account['Inactive'], null, $account['Comments'])); $stats = array_merge(array($account['Username']), array_fill(0, 127, 0)); $DB->Update('INSERT INTO `tlx_account_hourly_stats` VALUES (' . CreateBindList($stats) . ')', $stats); $account_info = array('username' => $account['Username'], 'user_field_1' => $account['Field_1'], 'user_field_2' => $account['Field_2'], 'user_field_3' => $account['Field_3']); $insert = CreateUserInsert('tlx_account_fields', $account_info); $DB->Update('INSERT INTO `tlx_account_fields` VALUES (' . $insert['bind_list'] . ')', $insert['binds']); foreach (explode(',', $account['Icons']) as $icon_id) { if (isset($icons[$icon_id])) { $DB->Update('INSERT INTO `tlx_account_icons` VALUES (?,?)', array($account['Username'], $icons[$icon_id])); } } } $CONVERTDB->Free($result); // // Dump account comments FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting account comments...\n"); echo "Converting account comments...\n"; flush(); $DB->Update('DELETE FROM `tlx_account_comments`'); $result = $CONVERTDB->Query('SELECT * FROM `arphp_Comments`'); while ($comment = $CONVERTDB->NextRow($result)) { $DB->Update('INSERT INTO `tlx_account_comments` VALUES (?,?,?,?,?,?,?,?)', array(null, $comment['Username'], date(DF_DATETIME, $comment['Timestamp']), $comment['IP'], $comment['Name'], $comment['Email'], strtolower($comment['Status']), $comment['Comment'])); } $CONVERTDB->Free($result); // // Dump ranking page data FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "Converting ranking pages...\n"); echo "Converting ranking pages...\n"; flush(); $build_order = 1; $DB->Update('DELETE FROM `tlx_pages`'); $DB->Update('ALTER TABLE `tlx_pages` AUTO_INCREMENT=0'); $result = $CONVERTDB->Query('SELECT * FROM `arphp_Pages`'); while ($page = $CONVERTDB->NextRow($result)) { $template = file_get_contents("{$_REQUEST['directory']}/data/pages/{$page['Identifier']}"); $template = ConvertTemplate($template); $compiled = ''; $DB->Update('INSERT INTO `tlx_pages` VALUES (?,?,?,?,?,?,?)', array(null, "tlx_pages/{$page['Identifier']}.html", $page['category'] == 'Mixed' ? null : $category_ids[$page['category']], $build_order++, null, $template, $compiled)); } $CONVERTDB->Free($result); FileAppend("{$GLOBALS['BASE_DIR']}/data/convert.log", "\nData conversion complete!"); echo "\nData conversion complete!\n"; if (!$from_shell) { echo "</pre>"; } $CONVERTDB->Disconnect(); }
function &GenerateQuery() { global $DB, $configuration; $s = new SelectBuilder('*', 'tx_galleries'); $s->AddWhere('allow_scan', ST_MATCHES, 1); if (count($configuration['status']) > 0 && count($configuration['status']) < 5) { $s->AddWhere('status', ST_IN, join(',', array_keys($configuration['status']))); } if (count($configuration['type']) == 1) { $keys = array_keys($configuration['type']); $s->AddWhere('type', ST_MATCHES, $keys[0]); } if (count($configuration['format']) == 1) { $keys = array_keys($configuration['format']); $s->AddWhere('format', ST_MATCHES, $keys[0]); } if (is_numeric($configuration['id_start']) && is_numeric($configuration['id_end'])) { $s->AddWhere('gallery_id', ST_BETWEEN, "{$configuration['id_start']},{$configuration['id_end']}"); } if (preg_match(RE_DATETIME, $configuration['date_added_start']) && preg_match(RE_DATETIME, $configuration['date_added_end'])) { $s->AddWhere('date_added', ST_BETWEEN, "{$configuration['date_added_start']},{$configuration['date_added_end']}"); } if (preg_match(RE_DATETIME, $configuration['date_approved_start']) && preg_match(RE_DATETIME, $configuration['date_approved_end'])) { $s->AddWhere('date_approved', ST_BETWEEN, "{$configuration['date_approved_start']},{$configuration['date_approved_end']}"); } if (preg_match(RE_DATETIME, $configuration['date_scanned_start']) && preg_match(RE_DATETIME, $configuration['date_scanned_end'])) { $s->AddWhere('date_scanned', ST_BETWEEN, "{$configuration['date_scanned_start']},{$configuration['date_scanned_end']}"); } // Only galleries submitted by partners if ($configuration['only_parter']) { $s->AddWhere('partner', ST_NOT_EMPTY); } // Only galleries that currently have a zero thumbnail count if ($configuration['only_zerothumb']) { $s->AddWhere('thumbnails', ST_MATCHES, 0); } // Only galleries that have not yet been scanned if ($configuration['only_notscanned']) { $s->AddWhere('date_scanned', ST_NULL); } // Specific categories selected if (!IsEmptyString($configuration['categories'][0])) { $tags = array(); foreach ($configuration['categories'] as $category_id) { $tags[] = $DB->Count('SELECT `tag` FROM `tx_categories` WHERE `category_id`=?', array($category_id)); } if (count($tags)) { $s->AddFulltextWhere('categories', join(' ', $tags)); } } // Specific sponsors selected if (!IsEmptyString($configuration['sponsors'][0])) { $s->AddWhere('sponsor_id', ST_IN, join(',', array_unique($configuration['sponsors']))); } // Only galleries that do not currently have a preview thumbnail if ($configuration['only_nothumb']) { $s->AddWhere('has_preview', ST_MATCHES, 0); } return $s; }
function ProcessRating(&$account) { global $C, $DB, $L, $t; $bad_rating = FALSE; $referrer = $_SERVER['HTTP_REFERER']; $parsed_referrer = parse_url($_SERVER['HTTP_REFERER']); if (IsEmptyString($referrer) || $referrer == '-' || strpos($C['install_url'], $parsed_referrer['host']) === FALSE && strpos($parsed_referrer['host'], $account['domain']) === FALSE) { $bad_rating = TRUE; } $ratings = array(); if ($_COOKIE['toplistx_ratings']) { $ratings = unserialize($_COOKIE['toplistx_ratings']); if ($ratings[$account['username']]) { $bad_rating = TRUE; } $ratings[$account['username']] = TRUE; } $long_ip = sprintf('%u', ip2long($_SERVER['REMOTE_ADDR'])); if (!$bad_rating && $DB->Count('SELECT COUNT(*) FROM `tlx_ip_log_ratings` WHERE `username`=? AND `ip_address`=?', array($account['username'], $long_ip))) { $bad_rating = TRUE; } // Update rating information if (!$bad_rating) { $DB->Update('INSERT INTO `tlx_ip_log_ratings` VALUES (?,?,?,?)', array($account['username'], $long_ip, 1, MYSQL_NOW)); $DB->Update('UPDATE `tlx_accounts` SET `ratings`=`ratings`+1,`ratings_total`=`ratings_total`+? WHERE `username`=?', array($_REQUEST['rating'], $_REQUEST['id'])); } setcookie('toplistx_ratings', serialize($ratings), time() + 604800, '/', $C['cookie_domain']); }
function GeneratePathData(&$category, &$parent) { $data = unserialize($parent['path_parts']); if ($data === FALSE) { $data = array(); } // Format the new category name for use in a URL if (!IsEmptyString($category['url_name'])) { $name = $category['url_name']; } else { $name = $category['name']; $name = preg_replace('~/+~', '/', $name); // Remove double (or more) slashes $name = preg_replace('~^/|/$~', '', $name); // Remove trailing and leading slashes $name = preg_replace('/[~`!@#\\$%^&\\*\\(\\)\\-{}\\[\\]\\|\\\\"\'\\?>< \\t\\r\\n\\.\\+]/', '_', $name); // Add underscores $name = preg_replace('~_+~', '_', $name); // Remove double (or more) underscores $name = preg_replace('~_$~', '', $name); // Remove ending underscore } // Generate the new URL path if (empty($parent['path'])) { $category['path'] = $name; } else { $category['path'] = "{$parent['path']}/{$name}"; } $data[] = array('name' => $category['name'], 'category_id' => $category['category_id'], 'path' => $category['path']); // Serialize the data $path = array('serialized' => serialize($data), 'hash' => md5($category['path']), 'path' => $category['path']); return $path; }
function CommandLineRestore($filename) { global $C, $DB; if (IsEmptyString($filename)) { trigger_error('A filename must be supplied', E_USER_ERROR); } $filename = "{$GLOBALS['BASE_DIR']}/data/" . basename($filename); if (!$C['safe_mode'] && $C['mysql']) { $command = "{$C['mysql']} " . "-u" . escapeshellarg($C['db_username']) . " " . "-p" . escapeshellarg($C['db_password']) . " " . "-h" . escapeshellarg($C['db_hostname']) . " " . "-f " . escapeshellarg($C['db_name']) . " " . " <{$filename} >/dev/null 2>&1"; shell_exec($command); } else { DoRestore($filename); } }
function SetupQualifier() { global $configuration, $DB; $qualifier = ''; $wheres = array(); // Scan only links with a specific status if (is_array($configuration['status'])) { $wheres[] = "status IN ('" . join("','", array_keys($configuration['status'])) . "')"; } // Scan only links of a specific type if (is_array($configuration['type'])) { $wheres[] = "type IN ('" . join("','", array_keys($configuration['type'])) . "')"; } // Configure date added range to scan if (!IsEmptyString($configuration['date_added_start']) && !IsEmptyString($configuration['date_added_end'])) { $wheres[] = "date_added BETWEEN '{$configuration['date_added_start']}' AND '{$configuration['date_added_end']}'"; } // Configure date modified range to scan if (!IsEmptyString($configuration['date_modified_start']) && !IsEmptyString($configuration['date_modified_end'])) { $wheres[] = "date_modified BETWEEN '{$configuration['date_modified_start']}' AND '{$configuration['date_modified_end']}'"; } // Configure date scanned range to scan if (!IsEmptyString($configuration['date_scanned_start']) && !IsEmptyString($configuration['date_scanned_end'])) { $wheres[] = "date_scanned BETWEEN '{$configuration['date_scanned_start']}' AND '{$configuration['date_scanned_end']}'"; } // Configure categories to scan if (!empty($configuration['category_id'])) { $categories = array($configuration['category_id'] => 1); foreach (explode(',', $configuration['category_id']) as $category_id) { GetAllChildren($category_id, $categories); } $wheres[] = "category_id IN (" . join(',', array_keys($categories)) . ")"; } if (count($wheres) > 0) { $qualifier = "WHERE " . join(' AND ', $wheres); } return $qualifier; }
function &GenerateQuery() { global $DB, $configuration; $s = new SelectBuilder('*', 'tlx_accounts'); if (count($configuration['status']) > 0 && count($configuration['status']) < 5) { $s->AddWhere('status', ST_IN, join(',', array_keys($configuration['status']))); } if (preg_match(RE_DATETIME, $configuration['date_added_start']) && preg_match(RE_DATETIME, $configuration['date_added_end'])) { $s->AddWhere('date_added', ST_BETWEEN, "{$configuration['date_added_start']},{$configuration['date_added_end']}"); } if (preg_match(RE_DATETIME, $configuration['date_scanned_start']) && preg_match(RE_DATETIME, $configuration['date_scanned_end'])) { $s->AddWhere('date_scanned', ST_BETWEEN, "{$configuration['date_scanned_start']},{$configuration['date_scanned_end']}"); } // Specific categories selected if (!IsEmptyString($configuration['categories'][0])) { $s->AddWhere('category_id', ST_IN, join(',', $configuration['categories'])); } return $s; }
function lxAddCategory() { global $DB, $C; VerifyPrivileges(P_CATEGORY_ADD); $validator = new Validator(); $validator->Register($_REQUEST['name'], V_EMPTY, 'The category name must be filled in'); $validator->Register($_REQUEST['name'], V_REGEX, 'The category name cannot contain a / or _ character', '/^[^\\/_]*$/'); $validator->Register($_REQUEST['name'], V_NOT_REGEX, 'The category name cannot contain a :: character sequence', '/::/'); $validator->Register($_REQUEST['parent_id'], V_EMPTY, 'You must select a parent category'); if ($_REQUEST['template']) { $validator->Register($_REQUEST['template'], V_REGEX, 'The template name can only contain letters, numbers, periods and underscores', '/^[a-z0-9\\.\\-_]+$/'); $validator->Register($_REQUEST['template'], V_REGEX, 'The template must have a .tpl file extension', '/\\.tpl$/'); } UnixFormat($_REQUEST['name']); UnixFormat($_REQUEST['url_name']); $names = explode("\n", trim($_REQUEST['name'])); $url_names = array(); if (!IsEmptyString($_REQUEST['url_name'])) { $url_names = explode("\n", trim($_REQUEST['url_name'])); } if (count($url_names) > 0 && count($url_names) != count($names)) { $validator->SetError('You must enter the same number of category names as URL names'); } foreach ($names as $name) { $name = trim($name); if (is_numeric($name)) { $validator->Register(TRUE, V_FALSE, "Category names cannot be all numeric ({$name})"); } } foreach ($url_names as $url_name) { $validator->Register($url_name, V_REGEX, 'The URL name can only contain English letters, numbers, dashes, and underscores', '/^[a-z0-9\\-_]+$/i'); } $parent = $_REQUEST['parent_id'] == 0 ? $GLOBALS['ROOT_CATEGORY'] : $DB->Row('SELECT * FROM `lx_categories` WHERE `category_id`=?', array($_REQUEST['parent_id'])); foreach ($names as $i => $name) { if (IsEmptyString($name)) { continue; } if (!empty($url_names[$i]) && $DB->Count('SELECT COUNT(*) FROM `lx_categories` WHERE `name`=? AND `parent_id`=?', array($name, $url_names[$i], $_REQUEST['parent_id']))) { $validator->SetError("A category with the name '{$name}' or URL name '{$url_names[$i]} already exists"); } else { if ($DB->Count('SELECT COUNT(*) FROM `lx_categories` WHERE `name`=? AND `parent_id`=?', array($name, $_REQUEST['parent_id']))) { $validator->SetError("A category with the name '{$name}' already exists"); } } } if (!$validator->Validate()) { $GLOBALS['errstr'] = join('<br />', $validator->GetErrors()); lxShAddCategory(); return; } foreach ($names as $i => $name) { $name = trim($name); if (IsEmptyString($name)) { continue; } if ($_REQUEST['crosslink_id'] == '') { $_REQUEST['crosslink_id'] = null; } NullIfEmpty($url_names[$i]); $DB->Update('INSERT INTO lx_categories VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array(NULL, $name, $url_names[$i], $_REQUEST['description'], $_REQUEST['meta_description'], $_REQUEST['meta_keywords'], $_REQUEST['parent_id'], '', '', '', $_REQUEST['template'], $_REQUEST['crosslink_id'], $_REQUEST['related_ids'], 0, 0, $_REQUEST['status'], intval($_REQUEST['hidden']))); $category_id = $DB->InsertID(); $category = $DB->Row('SELECT * FROM lx_categories WHERE category_id=?', array($category_id)); $path = GeneratePathData($category, $parent); $DB->Update('UPDATE lx_categories SET ' . 'path=?, ' . 'path_parts=?, ' . 'path_hash=? ' . 'WHERE category_id=?', array($path['path'], $path['serialized'], $path['hash'], $category_id)); } UpdateSubcategoryCount($parent['category_id']); $GLOBALS['message'] = 'New category successfully added'; $GLOBALS['added'] = true; // Ask user to create custom template file if it does not exist if ($_REQUEST['template'] && !file_exists("{$GLOBALS['BASE_DIR']}/templates/{$_REQUEST['template']}")) { $GLOBALS['message'] .= "<br />Please create the template file {$_REQUEST['template']} in the templates directory and set it's permissions to 666"; } UnsetArray($_REQUEST); lxShAddCategory(); }
function HandlePreviewThumb(&$v, &$format, &$annotation) { global $L, $C, $domain; list($width, $height) = explode('x', $format['preview_size']); $imagefile = "{$GLOBALS['BASE_DIR']}/cache/" . md5(uniqid(rand(), true)) . ".jpg"; $i = GetImager(); switch ($_REQUEST['preview']) { // Automatically crop and resize case 'automatic': $referrer_url = $_REQUEST['scan']['end_url']; $preview_url = $_REQUEST['scan']['preview']; if (!IsEmptyString($preview_url)) { $http = new Http(); if ($http->Get($preview_url, TRUE, $referrer_url)) { FileWrite($imagefile, $http->body); $i->ResizeAuto($imagefile, $format['preview_size'], $annotation, $C['landscape_bias'], $C['portrait_bias']); } else { $v->SetError(sprintf($L['PREVIEW_DOWNLOAD_FAILED'], $http->errstr)); } } else { $v->SetError($L['NO_THUMBS_FOR_PREVIEW']); } break; // Handle uploaded image // Handle uploaded image case 'upload': if (is_uploaded_file($_FILES['upload']['tmp_name'])) { move_uploaded_file($_FILES['upload']['tmp_name'], $imagefile); @chmod($imagefile, 0666); $image = @getimagesize($imagefile); if ($image !== FALSE && $image[2] == IMAGETYPE_JPEG) { // Image is properly sized if ($image[0] == $width && $image[1] == $height) { if ($C['have_imager']) { $i->Annotate($imagefile, $annotation); } } else { if ($C['have_imager'] && $C['handle_bad_size'] == 'crop') { $i->ResizeAuto($imagefile, $format['preview_size'], $annotation, $C['landscape_bias'], $C['portrait_bias']); } else { @unlink($imagefile); $v->SetError(sprintf($L['INVALID_IMAGE_SIZE'], $width, $height)); } } } else { @unlink($imagefile); $v->SetError($L['INVALID_IMAGE']); } } else { $v->SetError($L['INVALID_UPLOAD']); } break; // Cropping an image // Cropping an image case 'crop': if (IsEmptyString($_REQUEST['scan']['preview'])) { $v->SetError($L['NO_THUMBS_FOR_PREVIEW']); } $imagefile = null; break; // Cropping or no image provided // Cropping or no image provided default: $imagefile = null; break; } return $imagefile; }
function GetWhichAccounts($update = FALSE) { global $DB; $result = null; $req = $_REQUEST; if (IsEmptyString($_REQUEST['which'])) { parse_str($_REQUEST['results'], $req); } switch ($req['which']) { case 'specific': $result = $DB->Query('SELECT * FROM `tlx_accounts` WHERE `username`=?', array($req['username'])); break; case 'matching': // TODO break; case 'all': $result = $DB->Query('SELECT * FROM `tlx_accounts`'); break; default: if ($update) { $update->AddWhere('username', ST_IN, join(',', $req['username'])); $result = $update; } else { $bind_list = CreateBindList($req['username']); $result = $DB->Query('SELECT * FROM `tlx_accounts` WHERE `username` IN (' . $bind_list . ')', $req['username']); } break; } return $result; }
function NullIfEmpty(&$string) { if (IsEmptyString($string)) { $string = null; } }
} break; case '--process-clicklog': ProcessClickLog(); break; case '--backup': $args = ParseCommandLine(); if (IsEmptyString($args['sql-file'])) { echo "ERROR: You must specify at least a SQL data backup filename when using the --backup function\n" . "Example:\n" . "{$_SERVER['_']} {$path}/{$GLOBALS['argv'][0]} --backup --sql-file=sql-backup.txt --thumbs-file=thumbs-backup.txt --archive-file=backup.tar.gz\n"; break; } DoDatabaseBackup($args, TRUE); break; case '--restore': $args = ParseCommandLine(); if (IsEmptyString($args['sql-file'])) { echo "ERROR: You must specify at least a SQL data backup filename when using the --restore function\n" . "Example:\n" . "{$_SERVER['_']} {$path}/{$GLOBALS['argv'][0]} --restore --sql-file=sql-backup.txt --thumbs-file=thumbs-backup.txt\n"; break; } DoDatabaseRestore($args, TRUE); break; case '--export': DoGalleryExport(null, TRUE); break; case '--optimize': OptimizeDatabase(); break; case '--daily-partner': DailyPartnerMaintenance(); break; case '--cleanup':