function writeBuffer($filename, $buffer) { $ret = TRUE; if (!is_dir(dirname($filename))) { $mask = umask(0); if (!mkdir(dirname($filename), 0777)) { // TODO: send error to admin here //trigger_error("Unable to create the compiled template cache: " . dirname($filename), E_USER_WARNING); $ret = FALSE; } __chmod(dirname($filename), 0777); umask($mask); } if (!is_writable(dirname($filename))) { __chmod(dirname($filename), 0777); // means that the chmod function is not working. if (!is_writable(dirname($filename))) { // TODO: send error to admin here //trigger_error("Unable to write to the compiled template cache: " . dirname($filename), E_USER_WARNING); $ret = FALSE; } } __chmod($filename, 0777); $fp = @fopen($filename, "w"); if (!$fp) { //trigger_error("Unable to write to the compiled template: $filename", E_USER_ERROR); // TODO: send error to admin $ret = FALSE; } else { fwrite($fp, $buffer); fclose($fp); __chmod($filename, 0777); } //return $ret; }
function execute(&$request) { $config =& new FATemplate(FA_FORCE | FA_NOCACHE); $config->setVar('db_driver', $request['db_info']['driver']); $config->setVar('db_database', $request['db_info']['database']); $config->setVar('db_directory', ''); $config->setVar('db_server', $request['db_info']['server']); $config->setVar('db_user', $request['db_info']['user']); $config->setVar('db_pass', $request['db_info']['pass']); $config->setVar('use_ftp', $request['ftp_info']['use']); $config->setVar('ftp_user', $request['ftp_info']['name']); $config->setVar('ftp_pass', $request['ftp_info']['pass']); $buffer = $config->run(dirname(__FILE__) . '/templates/config.php'); __chmod(INCLUDE_BASE_DIR . '/k4bb/config.php', 0755, $request['ftp_info']['name'], $request['ftp_info']['pass']); $config->writeBuffer(INCLUDE_BASE_DIR . '/k4bb/config.php', '<?php' . FA_NL . $buffer . FA_NL . '?>'); $sqldata =& new FATemplate(FA_FORCE | FA_NOCACHE); $sqldata->setVarArray($_POST); $buffer = file_get_contents($request['schema']); $queries = explode(';', $buffer); foreach ($queries as $query) { if (trim($query)) { $request['dba']->executeUpdate(trim($query)); } } $buffer = $sqldata->run(dirname(__FILE__) . '/schema/k4.data.schema'); $queries = explode(FA_NL, $buffer); foreach ($queries as $query) { if ($query) { $request['dba']->executeUpdate($query); } } $template = $request['template']; $template->render(INSTALLER_BASE_DIR . '/templates/success.html'); }
/** * Create a styleset in a file */ function create_styleset(&$request, $styleset, $default_styleset) { if (!file_exists(BB_BASE_DIR . '/tmp/stylesets/' . preg_replace("~\\s~i", '_', $styleset) . '.css')) { $query = $request['dba']->prepareStatement("SELECT c.name as name, c.properties as properties FROM " . K4CSS . " c LEFT JOIN " . K4STYLES . " s ON s.id = c.style_id WHERE s.name = ? ORDER BY c.name ASC"); $css = "/* k4 Bulletin Board " . VERSION . " CSS Generated Style Set :: " . $styleset . " */\n\n"; /* Set the user's styleset to the query */ $query->setString(1, $styleset); /* Get the result */ $result = $query->executeQuery(); /* If this styleset doesn't exist, use the default one instead */ if ($result->numrows() == 0) { $styleset = $default_styleset; /* Set the user's styleset to the query */ $query->setString(1, $default_styleset); /* Get the result */ $result = $query->executeQuery(); } /* Loop through the result iterator */ while ($result->next()) { $temp = $result->current(); $css .= "\t\t" . $temp['name'] . " { " . $temp['properties'] . " }\n"; } $result->free(); /* Create a cached file for the CSS info */ $handle = @fopen(BB_BASE_DIR . '/tmp/stylesets/' . preg_replace("~\\s~i", '_', $styleset) . '.css', "w"); @__chmod(BB_BASE_DIR . '/tmp/stylesets/' . preg_replace("~\\s~i", '_', $styleset) . '.css', 0777); @fwrite($handle, $css); @fclose($handle); } $which_styleset = ''; if (file_exists(BB_BASE_DIR . '/tmp/stylesets/' . $styleset . '.css')) { $which_styleset = $styleset; } else { if (file_exists(BB_BASE_DIR . '/tmp/stylesets/' . $default_styleset . '.css')) { $which_styleset = $default_styleset; } else { trigger_error('Could not retrieve the default style set.', E_USER_ERROR); } } }
/** * stupdily persistent function to chmod a file * @param string filename The absolute path to the file * @param int mode The file permissions mode */ function __chmod($filename, $mode) { global $_CONFIG; @chmod($filename, $mode); // do we need to chmod the directory? if (!is_writeable(dirname($filename)) && !is_dir($filename)) { __chmod(dirname($filename), $mode); } // does the file exist? if (file_exists($filename)) { if ($_CONFIG['ftp']['use_ftp']) { // try to connect $conn = ftp_connect($_SERVER['SERVER_ADDR']); if (is_resource($conn)) { // log in to ftp if (@ftp_login($conn, $_CONFIG['ftp']['username'], $_CONFIG['ftp']['password'])) { if (phpversion() < 5) { // this should always fail, but try anyway if (!@ftp_site($conn, 'CHMOD 0777 ' . $filename)) { if (!@ftp_site($conn, 'CHMOD 0777 ' . get_ftp_root($conn, dirname($filename)) . basename($filename))) { @chmod($filename, $mode); } } } else { @ftp_chmod($conn, $mode, $filename); } @ftp_close($conn); } else { @chmod($filename, $mode); } } else { @chmod($filename, $mode); } } else { @chmod($filename, $mode); } } }
/** * Remove attachments */ function remove_attachments(&$request, $post, $update = TRUE) { $attachments = $request['dba']->executeQuery("SELECT * FROM " . K4ATTACHMENTS . " WHERE post_id = " . intval($post['post_id']) . ($post['post_id'] > 0 ? " AND user_id=" . intval($request['user']->get('id')) : "")); $upload_dir = BB_BASE_DIR . '/tmp/upload/attachments/'; // change the upload director if we need to if ($request['user']->isMember()) { $upload_dir = BB_BASE_DIR . '/tmp/upload/attachments/' . $request['user']->get('id') . '/'; } __chmod($upload_dir, 0777); if ($attachments->numrows() > 0) { while ($attachments->next()) { $attachment = $attachments->current(); if (file_exists($upload_dir . $attachment['file_name'])) { __chmod($upload_dir . $attachment['file_name'], 0777); @unlink($upload_dir . $attachment['file_name']); } } } $num_files = $attachments->numrows(); // fix the attachment counts for topics/replies if ($update && $post['post_id'] > 0) { $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET total_attachments=total_attachments-" . $num_files . ", attachments=attachments-" . $num_files . " WHERE post_id=" . intval($post['row_type'] & REPLY ? $post['parent_id'] : $post['post_id'])); if ($post['row_type'] & REPLY) { $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET attachments=attachments-" . $num_files . " WHERE post_id=" . intval($post['post_id'])); } } // delete them $request['dba']->executeUpdate("DELETE FROM " . K4ATTACHMENTS . " WHERE post_id = " . intval($post['post_id']) . ($post['post_id'] > 0 ? " AND user_id=" . intval($request['user']->get('id')) : "")); }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { /* Error checking on the fields */ if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTGROUPNAME'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['nicename']) || $_REQUEST['nicename'] == '') { //$action = new K4InformationAction(new K4LanguageElement('L_INSERTGROUPNICENAME'), 'content', TRUE); //return $action->execute($request); // makes it not require the nice name $_REQUEST['nicename'] = ''; } $g = $request['dba']->getRow("SELECT * FROM " . K4USERGROUPS . " WHERE name = '" . $request['dba']->quote($_REQUEST['name']) . "'"); if (is_array($g) && !empty($g)) { $action = new K4InformationAction(new K4LanguageElement('L_GROUPNAMEEXISTS'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['description']) || $_REQUEST['description'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTGROUPDESC'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['mod_name']) || $_REQUEST['mod_name'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTMODNAME'), 'content', TRUE); return $action->execute($request); } $moderator = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE name = '" . $request['dba']->quote($_REQUEST['mod_name']) . "'"); if (!is_array($moderator) || empty($moderator)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDMODNAME'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['color']) || $_REQUEST['color'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTGROUPCOLOR'), 'content', TRUE); return $action->execute($request); } $filename = ''; if (isset($_FILES['avatar_upload']) && is_array($_FILES['avatar_upload'])) { $filename = $_FILES['avatar_upload']['tmp_name']; } if (isset($_REQUEST['avatar_browse']) && $_REQUEST['avatar_browse'] != '') { $filename = $_REQUEST['avatar_browse']; } if ($filename != '') { $file_ext = explode(".", $filename); $exts = array('gif', 'jpg', 'jpeg', 'bmp', 'png', 'tiff'); if (count($file_ext) >= 2) { $file_ext = $file_ext[count($file_ext) - 1]; if (!in_array(strtolower($file_ext), $exts)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDAVATAREXT'), 'content', TRUE); return $action->execute($request); } } else { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDAVATAREXT'), 'content', TRUE); return $action->execute($request); } } /* Build the queries */ $insert_a = $request['dba']->prepareStatement("INSERT INTO " . K4USERGROUPS . " (name,nicename,description,mod_name,mod_id,created,min_perm,max_perm,display_legend,color,avatar) VALUES (?,?,?,?,?,?,?,?,?,?,?)"); $update_a = $request['dba']->prepareStatement("UPDATE " . K4USERS . " SET usergroups=?,perms=? WHERE id=?"); /* Set the query values */ $insert_a->setString(1, $_REQUEST['name']); $insert_a->setString(2, $_REQUEST['nicename']); $insert_a->setString(3, $_REQUEST['description']); $insert_a->setString(4, $moderator['name']); $insert_a->setInt(5, $moderator['id']); $insert_a->setInt(6, time()); $insert_a->setInt(7, $_REQUEST['min_perm']); $insert_a->setInt(8, $_REQUEST['max_perm']); $insert_a->setInt(9, $_REQUEST['display_legend']); $insert_a->setString(10, $_REQUEST['color']); $insert_a->setString(11, $filename); /* Add the category to the info table */ $insert_a->executeUpdate(); $group_id = $request['dba']->getInsertId(K4USERGROUPS, 'id'); $usergroups = $moderator['usergroups'] != '' ? explode('|', $moderator['usergroups']) : array(); if (is_array($usergroups)) { $usergroups[] = $group_id; } else { $usergroups = array($group_id); } $update_a->setString(1, implode('|', $usergroups)); $update_a->setInt(2, iif(intval($_REQUEST['min_perm']) > $moderator['perms'], $_REQUEST['min_perm'], $moderator['perms'])); $update_a->setInt(3, $moderator['id']); /* Update the user's information */ $update_a->executeUpdate(); if (isset($_FILES['avatar_upload']) && is_array($_FILES['avatar_upload'])) { $dir = BB_BASE_DIR . '/tmp/upload/group_avatars'; __chmod($dir, 0777); @move_uploaded_file($_FILES['avatar_upload']['tmp_name'], $dir . '/' . $filename); } reset_cache('usergroups'); k4_bread_crumbs($request['template'], $request['dba'], 'L_USERGROUPS'); $request['template']->setVar('users_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/users.html'); $action = new K4InformationAction(new K4LanguageElement('L_ADDEDUSERGROUP', $_REQUEST['name']), 'content', FALSE, 'admin.php?act=usergroups', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_EMOTCIONDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $icon = $request['dba']->getRow("SELECT * FROM " . K4EMOTICONS . " WHERE id = " . intval($_REQUEST['id'])); if (!is_array($icon) || empty($icon)) { $action = new K4InformationAction(new K4LanguageElement('L_EMOTICONDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Remove the icon from the db */ $request['dba']->executeUpdate("DELETE FROM " . K4EMOTICONS . " WHERE id = " . intval($icon['id'])); /* Remove the actual icon */ $dir = BB_BASE_DIR . '/tmp/upload/emoticons'; __chmod($dir); @unlink($dir . '/' . $icon['image']); k4_bread_crumbs($request['template'], $request['dba'], 'L_EMOTICONS'); $request['template']->setVar('posts_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/posts.html'); $action = new K4InformationAction(new K4LanguageElement('L_REMOVEDPOSTICON'), 'content', TRUE, 'admin.php?act=posticons', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function resize($file_name, $file_type, $curr_width, $curr_height, $max_width, $max_height, $return_contents = FALSE) { $mime_type = get_mimetype($file_name); $mime_type = $file_type != $mime_type ? $file_type : $mime_type; // do we have the right functions installed? if (!function_exists('imagecreate') || !function_exists('imagecopyresampled')) { return FALSE; } // use a bit of cross-multiplication to get the new image sizes if ($curr_height >= $curr_width) { $new_height = intval($max_height); $new_width = ceil($curr_width / $curr_height * $max_width); } else { $new_width = intval($max_width); $new_height = ceil($curr_height / $curr_width * $max_height); } // this will end up being the quality for the jpg images $third_param = FALSE; // get our old image switch (strtolower($file_type)) { case 'gif': $image = @imagecreatefromgif($file_name); break; case 'jpg': case 'jpeg': $file_type = 'jpeg'; $image = @imagecreatefromjpeg($file_name); $third_param = 90; // quality break; case 'png': $image = @imagecreatefrompng($file_name); break; case 'wbmp': case 'bmp': $file_type = 'wbmp'; $image = @imagecreatefromwbmp($file_name); break; } // do we have the image? if (!$image) { return FALSE; } // see what color type we can use to create the new image // either palette or true color $create_fn = function_exists('imagecreatetruecolor') ? 'imagecreatetruecolor' : 'imagecreate'; // create the new image $new_id = $create_fn($new_width, $new_height); $new_image = imagecopyresampled($new_id, $image, 0, 0, 0, 0, $new_width, $new_height, $curr_width, $curr_height); // start output buffering ob_start(); // output the image $create_image = 'image' . $file_type; $create_image($new_id, FALSE, $third_param); // get the contents of the image $contents = ob_get_contents(); $file_size = ob_get_length(); // end output buffering ob_end_clean(); // clear up memory imagedestroy($image); imagedestroy($new_id); // should we return that data already? if ($return_contents) { return array('x' => $new_width, 'y' => $new_height, 'mimetype' => $mime_type, 'size' => $file_size, 'contents' => $contents); } // save the image __chmod($file_name, 0777); if (!is_writeable($file_name)) { return FALSE; } $fp = @fopen($file_name, 'w'); if (!$fp) { return FALSE; } if (fwrite($fp, $contents) === FALSE) { return FALSE; } fclose($fp); // we're done! return TRUE; }