function cs_installerror($old_query = '')
{
global $cs_db, $cs_lang, $account;
$cs_lang = cs_translate('install');
$error = empty($cs_db['last_error']) ? 'Unknown' : $cs_db['last_error'];
$msg = 'Error: ' . $error . cs_html_br(2) . 'Query: ' . $old_query . cs_html_br(4);
$msg .= cs_link($cs_lang['remove_and_again'], 'install', 'sql', 'lang=' . $account['users_lang'] . '&uninstall=1');
die(cs_error_internal('sql', $msg));
}
} elseif (!empty($_POST['del'])) {
$data['if']['no_thumb'] = TRUE;
}
}
}
if (isset($_POST['submit_1'])) {
$post_count = count($_POST);
$post_count = $post_count - '1';
$cs_gallery_pic['folders_id'] = empty($_POST['folders_name']) ? $_POST['folders_id'] : make_folders_create('gallery', $_POST['folders_name']);
$cs_gallery_option = cs_sql_option(__FILE__, 'gallery');
$img_max['thumbs'] = $cs_gallery_option['thumbs'];
for ($run = 0; $run < $post_count; $run++) {
if (!empty($_POST['status_' . $run])) {
$name = $_POST['name_' . $run];
if (!extension_loaded('gd')) {
die(cs_error_internal(0, 'GD extension not installed.'));
}
if (cs_resample('uploads/gallery/pics/' . $name, 'uploads/gallery/thumbs/' . 'Thumb_' . $name, $img_max['thumbs'], $img_max['thumbs'])) {
$where = "gallery_name = '" . cs_sql_escape($name) . "'";
$search = cs_sql_count(__FILE__, 'gallery', $where);
if (empty($search)) {
$cs_gallery_pic['users_id'] = $account['users_id'];
$cs_gallery_pic['gallery_name'] = $name;
$cs_gallery_pic['gallery_status'] = isset($_POST['gallery_status']) ? $_POST['gallery_status'] : 0;
$cs_gallery_pic['gallery_access'] = isset($_POST['gallery_access']) ? $_POST['gallery_access'] : 0;
$cs_gallery_pic['gallery_watermark'] = $_POST['gallery_watermark'];
if (!empty($_POST['gallery_watermark'])) {
$watermark_pos = $_POST['watermark_pos'];
$watermark_trans = $_POST['gallery_watermark_trans'];
$cs_gallery_pic['gallery_watermark_pos'] = $watermark_pos . '|--@--|' . $watermark_trans;
}
global $cs_main, $account;
if (!empty($_REQUEST['pic']) or !empty($_REQUEST['thumb'])) {
$options = cs_sql_option(__FILE__, 'gallery');
if (!empty($_REQUEST['pic'])) {
$where = $_REQUEST['pic'];
} elseif (!empty($_REQUEST['thumb'])) {
$where = $_REQUEST['thumb'];
}
$from = 'gallery';
$select = 'gallery_watermark, gallery_watermark_pos, gallery_name, gallery_time, ';
$select .= 'gallery_count, gallery_count_downloads, gallery_access';
$where = "gallery_id = '" . cs_sql_escape($where) . "'";
$cs_gallery = cs_sql_select(__FILE__, $from, $select, $where);
$gallery_loop = count($cs_gallery);
if ($account['access_gallery'] < $cs_gallery['gallery_access']) {
die(cs_error_internal(0, 'Access denied'));
}
$position = $cs_gallery['gallery_watermark_pos'];
$temp_pos = empty($position) ? array(0, 1) : explode("|--@--|", $position);
$position = $temp_pos[0];
$transparenz = $temp_pos[1];
$name = $cs_gallery['gallery_name'];
$gallery_time = $cs_gallery['gallery_time'];
$gallery_count = $cs_gallery['gallery_count'];
$gallery_count_downloads = $cs_gallery['gallery_count_downloads'];
if (!empty($_REQUEST['pic'])) {
$gallery_count = $gallery_count + 1;
$gallery_cells = array('gallery_count');
$gallery_save = array($gallery_count);
cs_sql_update(__FILE__, 'gallery', $gallery_cells, $gallery_save, $_REQUEST['pic']);
}
function cs_init($predefined)
{
@error_reporting(E_ALL | E_STRICT);
@set_error_handler("php_error");
@ini_set('short_open_tag', 'off');
@ini_set('arg_separator.output', '&');
@ini_set('session.use_trans_sid', '0');
@ini_set('session.use_cookies', '1');
@ini_set('session.use_only_cookies', '1');
@ini_set('display_errors', 'on');
$phpversion = phpversion();
if (version_compare($phpversion, '5.1', '>=')) {
@date_default_timezone_set('Europe/Berlin');
}
global $account, $com_lang, $cs_db, $cs_logs, $cs_main, $cs_micro, $cs_template;
$cs_micro = explode(' ', microtime());
# starting parsetime
$cs_logs = array('php_errors' => '', 'errors' => '', 'sql' => '', 'queries' => 0, 'warnings' => 1, 'dir' => 'uploads/logs');
$cs_main['cellspacing'] = 1;
$cs_main['def_lang'] = empty($cs_main['def_lang']) ? 'English' : $cs_main['def_lang'];
$cs_main['def_theme'] = empty($cs_main['def_theme']) ? 'base' : $cs_main['def_theme'];
$cs_main['xsrf_protection'] = true;
$cs_main['zlib'] = true;
require_once 'system/core/servervars.php';
$cs_main['ajaxrequest'] = isset($_REQUEST['xhr']) ? true : false;
require_once 'system/core/tools.php';
require_once 'system/core/abcode.php';
require_once 'system/core/templates.php';
require_once 'system/core/gd.php';
require_once 'system/core/cachegen.php';
$cs_main['cache_mode'] = 'file';
if (version_compare($phpversion, '5.0', '<')) {
require_once 'mods/clansphere/fallback.php';
}
if ($cs_main['php_self']['basename'] == 'install.php') {
$account = array('users_id' => 0, 'access_clansphere' => 0, 'access_errors' => 2, 'access_install' => 5);
} else {
file_exists('setup.php') ? require_once 'setup.php' : die(cs_error_internal('setup', '<a href="' . $cs_main['php_self']['dirname'] . 'install.php">Installation</a>'));
}
if (!in_array($cs_main['cache_mode'], array('file', 'none')) and !extension_loaded($cs_main['cache_mode'])) {
$cs_main['cache_mode'] = 'file';
}
require_once 'system/cache/' . $cs_main['cache_mode'] . '.php';
if (empty($cs_main['charset'])) {
$cs_main['charset'] = 'UTF-8';
die(cs_error_internal(0, 'No charset information found in setup.php'));
}
# backfall if json extension is not available
if (!extension_loaded('json')) {
require_once 'system/output/json.php';
}
require_once 'system/output/xhtml_10.php';
# add old xhtml functions if needed
if (!empty($cs_main['xhtml_old'])) {
require_once 'system/output/xhtml_10_old.php';
}
if (!empty($predefined['init_sql'])) {
require_once 'system/database/' . $cs_db['type'] . '.php';
$cs_db['con'] = cs_sql_connect($cs_db);
unset($cs_db['pwd'], $cs_db['user']);
$cs_options = cs_sql_option(__FILE__, 'clansphere');
$cs_options['unicode'] = extension_loaded('unicode') ? 1 : 0;
if (!isset($cs_options['cache_unicode']) or $cs_options['cache_unicode'] != $cs_options['unicode']) {
cs_cache_clear();
}
} else {
$cs_options = array();
}
$cs_main = array_merge($cs_main, $cs_options, $predefined);
if (empty($cs_main['def_path'])) {
$cs_main['def_path'] = getcwd();
}
# process mod and action data
$cs_main = cs_content_prepare($cs_main);
if (!empty($predefined['init_sql'])) {
require_once 'system/core/account.php';
$cs_main['def_theme'] = empty($account['users_theme']) ? $cs_main['def_theme'] : $account['users_theme'];
}
# determine users language
$account['users_lang'] = cs_content_lang();
if (!empty($predefined['init_sql'])) {
# check for deprecated runstartup behavior
if (!empty($cs_main['runstartup'])) {
cs_tasks('system/runstartup');
}
# fetch startup files
$startup = cs_cache_load('startup');
# fallback to create startup files overview
if ($startup == false) {
$startup = cs_cache_dirs('mods', $account['users_lang'], 1);
}
# execute startup files
if (is_array($startup)) {
foreach ($startup as $mod) {
$file = $cs_main['def_path'] . '/mods/' . $mod . '/startup.php';
file_exists($file) ? include_once $file : cs_error($file, 'cs_init - Startup file not found');
}
}
}
# search for possible mod and action errors
$cs_main = cs_content_check($cs_main);
$cs_main['template'] = empty($cs_main['def_tpl']) ? 'clansphere' : $cs_main['def_tpl'];
$cs_template = cs_template_info($cs_main['template']);
if (!empty($_GET['template']) and preg_match("=^[_a-z0-9-]+\$=i", $_GET['template'])) {
$cs_main['template'] = $_GET['template'];
}
if (!empty($predefined['init_tpl'])) {
if ($cs_main['ajaxrequest'] === true) {
echo cs_ajaxwrap();
} else {
echo cs_template($cs_micro, $cs_main['tpl_file']);
}
}
}
function cs_template($cs_micro, $tpl_file = 'index.htm')
{
global $account, $cs_logs, $cs_main;
if ((empty($cs_main['public']) or $tpl_file == 'admin.htm' and $account['access_clansphere'] < 3) and $account['access_clansphere'] < $cs_main['maintenance_access']) {
$cs_main['show'] = 'mods/users/login.php';
$tpl_file = 'login.htm';
$cs_main['ajax'] = 0;
}
if (!empty($account['users_tpl'])) {
$cs_main['template'] = $account['users_tpl'];
}
if (!empty($_GET['template'])) {
$cs_main['template'] = str_replace(array('.', '/'), '', $_GET['template']);
}
if (!empty($_SESSION['tpl_preview'])) {
$cs_main['template'] = str_replace(array('.', '/'), '', $_SESSION['tpl_preview']);
}
if ($tpl_file == 'error.htm') {
$cs_main['template'] = 'install';
}
if ($cs_main['template'] != $cs_main['def_tpl'] and !is_dir('templates/' . $cs_main['template'])) {
$cs_main['template'] = $cs_main['def_tpl'];
}
$tpl_path = $cs_main['def_path'] . '/templates/' . $cs_main['template'] . '/' . $tpl_file;
if (!file_exists($tpl_path)) {
cs_error($tpl_path, 'cs_template - Template file not found');
$msg = 'Template file not found: ' . $tpl_file;
if ($tpl_file != 'error.htm') {
die(cs_error_internal('tpl', $msg));
} else {
die($msg);
}
}
# Initalize array of upcoming additions and get show content
$replace = array('func:body_add' => '');
$replace['func:show'] = '<div id="csp_content">' . cs_contentload($cs_main['show']) . '</div>';
if (isset($cs_main['ajax']) and $cs_main['ajax'] == 2 or !empty($account['users_ajax']) and !empty($account['access_ajax'])) {
$replace['func:body_add'] = ' onload="Clansphere.initialize(' . $cs_main['mod_rewrite'] . ',\'' . $_SERVER['SCRIPT_NAME'] . '\',' . $cs_main['ajax_reload'] * 1000 . ')"';
}
# Provide the def_title and a title with more information
$replace['func:title_website'] = htmlentities($cs_main['def_title'], ENT_QUOTES, $cs_main['charset']);
$replace['func:title'] = cs_title();
# Fetch template file and parse exploded contents
$template = cs_cache_template($tpl_file);
$template = cs_tokenizer_parse($template);
# Add scriptload to replaces
global $cs_main;
$replace['func:stylesheet'] = empty($cs_main['scriptload']['stylesheet']) ? '' : $cs_main['scriptload']['stylesheet'];
$replace['func:javascript'] = empty($cs_main['scriptload']['javascript']) ? '' : $cs_main['scriptload']['javascript'];
# Prepare debug and log data
$debug = '';
$logsql = '';
if (!empty($cs_main['developer']) or $account['access_clansphere'] > 4) {
$cs_logs['php_errors'] = nl2br($cs_logs['php_errors']);
$cs_logs['errors'] = nl2br($cs_logs['errors']);
$logsql = cs_log_format('sql');
} else {
$cs_logs['php_errors'] = '';
$cs_logs['errors'] = 'Developer mode is turned off';
}
if (!empty($cs_main['debug'])) {
$data = array('data');
$data['data']['log_sql'] = $logsql;
$data['data']['php_errors'] = $cs_logs['php_errors'];
$data['data']['csp_errors'] = $cs_logs['errors'];
$debug = cs_subtemplate(__FILE__, $data, 'clansphere', 'debug');
}
$replace['func:queries'] = $cs_logs['queries'];
$replace['func:errors'] = $cs_logs['php_errors'] . $cs_logs['errors'];
$replace['func:sql'] = $logsql;
$replace['func:debug'] = $debug;
$replace['func:parse'] = cs_parsetime($cs_micro);
$replace['func:memory'] = function_exists('memory_get_usage') ? cs_filesize(memory_get_usage()) : '-';
if (function_exists('memory_get_peak_usage')) {
$replace['func:memory'] .= ' [peak ' . cs_filesize(memory_get_peak_usage()) . ']';
}
# Assemble content parts
$result = '';
foreach ($template as $num => $content) {
if (array_key_exists($content, $replace)) {
$result .= $replace[$content];
} else {
$result .= $content;
}
}
# Enable zlib output compression if possible
if (!empty($cs_main['zlib']) and extension_loaded('zlib')) {
ob_start('ob_gzhandler');
}
# Send content type header with charset
header('Content-type: text/html; charset=' . $cs_main['charset']);
return $result;
}
if (!empty($forbidden)) {
die(cs_error_internal(0, 'Permission denied. Reason: ' . $forbidden));
}
$com_cells = array('boardfiles_downloaded');
$com_save = array(1 + $cs_thread_file['boardfiles_downloaded']);
cs_sql_update(__FILE__, 'boardfiles', $com_cells, $com_save, $cs_thread_file['boardfiles_id']);
$file = $cs_thread_file['boardfiles_name'];
$extension = strlen(strrchr($file, "."));
$name = strlen($file);
$ext = substr($file, $name - $extension + 1, $name);
if (!empty($id)) {
$file_path = "../../uploads/board/files/" . $cs_thread_file['boardfiles_id'] . '.' . $ext;
} else {
$file_path = "../../uploads/board/files/" . $cs_thread_file['boardfiles_name'];
}
if (!is_file($file_path)) {
die(cs_error_internal(0, 'File not found'));
}
if ($ext == 'jpg' or $ext == 'JPG' or $ext == 'jpeg' or $ext == 'JPEG' or $ext == 'gif' or $ext == 'GIF' or $ext == 'bmp' or $ext == 'BMP' or $ext == 'png' or $ext == 'PNG') {
echo "<img src='{$file_path}' alt='{$file}'></img>";
} else {
# disable browser / proxy caching
header("Cache-Control: max-age=0, no-cache, no-store, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
$varMimeTypes = array('doc' => 'application/msword', 'pdf' => 'application/pdf', 'zip' => 'application/zip', 'txt' => 'text/plain', 'sql' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html');
header("Content-Description: File Transfer");
header("Content-Type: " . $varMimeTypes[$ext]);
header("Content-Disposition: attachment; filename=\"" . $cs_thread_file['boardfiles_name'] . "\";");
header("Content-Transfer-Encoding: binary");
@readfile($file_path);
}
<?php
// ClanSphere 2010 - www.clansphere.net
// $Id$
// This file makes it possible to see an error page on too old php versions
// Template caching requires str_ireplace, so fake it with str_replace
if (!function_exists('str_ireplace')) {
function str_ireplace($search, $replace, $subject, $count = 0)
{
return str_replace($search, $replace, $subject);
}
}
// IP detection needs stripos, so fake it with strpos
if (!function_exists('stripos')) {
function stripos($haystack, $needle, $offset = 0)
{
return strpos(strtolower($haystack), strtolower($needle), $offset);
}
}
// Throw internal error page
die(cs_error_internal('cs_init', 'PHP Version 5.0 or newer is required, but found ' . $phpversion));
