function cs_installerror($old_query = '') { global $cs_db, $cs_lang, $account; $cs_lang = cs_translate('install'); $error = empty($cs_db['last_error']) ? 'Unknown' : $cs_db['last_error']; $msg = 'Error: ' . $error . cs_html_br(2) . 'Query: ' . $old_query . cs_html_br(4); $msg .= cs_link($cs_lang['remove_and_again'], 'install', 'sql', 'lang=' . $account['users_lang'] . '&uninstall=1'); die(cs_error_internal('sql', $msg)); }
} elseif (!empty($_POST['del'])) { $data['if']['no_thumb'] = TRUE; } } } if (isset($_POST['submit_1'])) { $post_count = count($_POST); $post_count = $post_count - '1'; $cs_gallery_pic['folders_id'] = empty($_POST['folders_name']) ? $_POST['folders_id'] : make_folders_create('gallery', $_POST['folders_name']); $cs_gallery_option = cs_sql_option(__FILE__, 'gallery'); $img_max['thumbs'] = $cs_gallery_option['thumbs']; for ($run = 0; $run < $post_count; $run++) { if (!empty($_POST['status_' . $run])) { $name = $_POST['name_' . $run]; if (!extension_loaded('gd')) { die(cs_error_internal(0, 'GD extension not installed.')); } if (cs_resample('uploads/gallery/pics/' . $name, 'uploads/gallery/thumbs/' . 'Thumb_' . $name, $img_max['thumbs'], $img_max['thumbs'])) { $where = "gallery_name = '" . cs_sql_escape($name) . "'"; $search = cs_sql_count(__FILE__, 'gallery', $where); if (empty($search)) { $cs_gallery_pic['users_id'] = $account['users_id']; $cs_gallery_pic['gallery_name'] = $name; $cs_gallery_pic['gallery_status'] = isset($_POST['gallery_status']) ? $_POST['gallery_status'] : 0; $cs_gallery_pic['gallery_access'] = isset($_POST['gallery_access']) ? $_POST['gallery_access'] : 0; $cs_gallery_pic['gallery_watermark'] = $_POST['gallery_watermark']; if (!empty($_POST['gallery_watermark'])) { $watermark_pos = $_POST['watermark_pos']; $watermark_trans = $_POST['gallery_watermark_trans']; $cs_gallery_pic['gallery_watermark_pos'] = $watermark_pos . '|--@--|' . $watermark_trans; }
global $cs_main, $account; if (!empty($_REQUEST['pic']) or !empty($_REQUEST['thumb'])) { $options = cs_sql_option(__FILE__, 'gallery'); if (!empty($_REQUEST['pic'])) { $where = $_REQUEST['pic']; } elseif (!empty($_REQUEST['thumb'])) { $where = $_REQUEST['thumb']; } $from = 'gallery'; $select = 'gallery_watermark, gallery_watermark_pos, gallery_name, gallery_time, '; $select .= 'gallery_count, gallery_count_downloads, gallery_access'; $where = "gallery_id = '" . cs_sql_escape($where) . "'"; $cs_gallery = cs_sql_select(__FILE__, $from, $select, $where); $gallery_loop = count($cs_gallery); if ($account['access_gallery'] < $cs_gallery['gallery_access']) { die(cs_error_internal(0, 'Access denied')); } $position = $cs_gallery['gallery_watermark_pos']; $temp_pos = empty($position) ? array(0, 1) : explode("|--@--|", $position); $position = $temp_pos[0]; $transparenz = $temp_pos[1]; $name = $cs_gallery['gallery_name']; $gallery_time = $cs_gallery['gallery_time']; $gallery_count = $cs_gallery['gallery_count']; $gallery_count_downloads = $cs_gallery['gallery_count_downloads']; if (!empty($_REQUEST['pic'])) { $gallery_count = $gallery_count + 1; $gallery_cells = array('gallery_count'); $gallery_save = array($gallery_count); cs_sql_update(__FILE__, 'gallery', $gallery_cells, $gallery_save, $_REQUEST['pic']); }
function cs_init($predefined) { @error_reporting(E_ALL | E_STRICT); @set_error_handler("php_error"); @ini_set('short_open_tag', 'off'); @ini_set('arg_separator.output', '&'); @ini_set('session.use_trans_sid', '0'); @ini_set('session.use_cookies', '1'); @ini_set('session.use_only_cookies', '1'); @ini_set('display_errors', 'on'); $phpversion = phpversion(); if (version_compare($phpversion, '5.1', '>=')) { @date_default_timezone_set('Europe/Berlin'); } global $account, $com_lang, $cs_db, $cs_logs, $cs_main, $cs_micro, $cs_template; $cs_micro = explode(' ', microtime()); # starting parsetime $cs_logs = array('php_errors' => '', 'errors' => '', 'sql' => '', 'queries' => 0, 'warnings' => 1, 'dir' => 'uploads/logs'); $cs_main['cellspacing'] = 1; $cs_main['def_lang'] = empty($cs_main['def_lang']) ? 'English' : $cs_main['def_lang']; $cs_main['def_theme'] = empty($cs_main['def_theme']) ? 'base' : $cs_main['def_theme']; $cs_main['xsrf_protection'] = true; $cs_main['zlib'] = true; require_once 'system/core/servervars.php'; $cs_main['ajaxrequest'] = isset($_REQUEST['xhr']) ? true : false; require_once 'system/core/tools.php'; require_once 'system/core/abcode.php'; require_once 'system/core/templates.php'; require_once 'system/core/gd.php'; require_once 'system/core/cachegen.php'; $cs_main['cache_mode'] = 'file'; if (version_compare($phpversion, '5.0', '<')) { require_once 'mods/clansphere/fallback.php'; } if ($cs_main['php_self']['basename'] == 'install.php') { $account = array('users_id' => 0, 'access_clansphere' => 0, 'access_errors' => 2, 'access_install' => 5); } else { file_exists('setup.php') ? require_once 'setup.php' : die(cs_error_internal('setup', '<a href="' . $cs_main['php_self']['dirname'] . 'install.php">Installation</a>')); } if (!in_array($cs_main['cache_mode'], array('file', 'none')) and !extension_loaded($cs_main['cache_mode'])) { $cs_main['cache_mode'] = 'file'; } require_once 'system/cache/' . $cs_main['cache_mode'] . '.php'; if (empty($cs_main['charset'])) { $cs_main['charset'] = 'UTF-8'; die(cs_error_internal(0, 'No charset information found in setup.php')); } # backfall if json extension is not available if (!extension_loaded('json')) { require_once 'system/output/json.php'; } require_once 'system/output/xhtml_10.php'; # add old xhtml functions if needed if (!empty($cs_main['xhtml_old'])) { require_once 'system/output/xhtml_10_old.php'; } if (!empty($predefined['init_sql'])) { require_once 'system/database/' . $cs_db['type'] . '.php'; $cs_db['con'] = cs_sql_connect($cs_db); unset($cs_db['pwd'], $cs_db['user']); $cs_options = cs_sql_option(__FILE__, 'clansphere'); $cs_options['unicode'] = extension_loaded('unicode') ? 1 : 0; if (!isset($cs_options['cache_unicode']) or $cs_options['cache_unicode'] != $cs_options['unicode']) { cs_cache_clear(); } } else { $cs_options = array(); } $cs_main = array_merge($cs_main, $cs_options, $predefined); if (empty($cs_main['def_path'])) { $cs_main['def_path'] = getcwd(); } # process mod and action data $cs_main = cs_content_prepare($cs_main); if (!empty($predefined['init_sql'])) { require_once 'system/core/account.php'; $cs_main['def_theme'] = empty($account['users_theme']) ? $cs_main['def_theme'] : $account['users_theme']; } # determine users language $account['users_lang'] = cs_content_lang(); if (!empty($predefined['init_sql'])) { # check for deprecated runstartup behavior if (!empty($cs_main['runstartup'])) { cs_tasks('system/runstartup'); } # fetch startup files $startup = cs_cache_load('startup'); # fallback to create startup files overview if ($startup == false) { $startup = cs_cache_dirs('mods', $account['users_lang'], 1); } # execute startup files if (is_array($startup)) { foreach ($startup as $mod) { $file = $cs_main['def_path'] . '/mods/' . $mod . '/startup.php'; file_exists($file) ? include_once $file : cs_error($file, 'cs_init - Startup file not found'); } } } # search for possible mod and action errors $cs_main = cs_content_check($cs_main); $cs_main['template'] = empty($cs_main['def_tpl']) ? 'clansphere' : $cs_main['def_tpl']; $cs_template = cs_template_info($cs_main['template']); if (!empty($_GET['template']) and preg_match("=^[_a-z0-9-]+\$=i", $_GET['template'])) { $cs_main['template'] = $_GET['template']; } if (!empty($predefined['init_tpl'])) { if ($cs_main['ajaxrequest'] === true) { echo cs_ajaxwrap(); } else { echo cs_template($cs_micro, $cs_main['tpl_file']); } } }
function cs_template($cs_micro, $tpl_file = 'index.htm') { global $account, $cs_logs, $cs_main; if ((empty($cs_main['public']) or $tpl_file == 'admin.htm' and $account['access_clansphere'] < 3) and $account['access_clansphere'] < $cs_main['maintenance_access']) { $cs_main['show'] = 'mods/users/login.php'; $tpl_file = 'login.htm'; $cs_main['ajax'] = 0; } if (!empty($account['users_tpl'])) { $cs_main['template'] = $account['users_tpl']; } if (!empty($_GET['template'])) { $cs_main['template'] = str_replace(array('.', '/'), '', $_GET['template']); } if (!empty($_SESSION['tpl_preview'])) { $cs_main['template'] = str_replace(array('.', '/'), '', $_SESSION['tpl_preview']); } if ($tpl_file == 'error.htm') { $cs_main['template'] = 'install'; } if ($cs_main['template'] != $cs_main['def_tpl'] and !is_dir('templates/' . $cs_main['template'])) { $cs_main['template'] = $cs_main['def_tpl']; } $tpl_path = $cs_main['def_path'] . '/templates/' . $cs_main['template'] . '/' . $tpl_file; if (!file_exists($tpl_path)) { cs_error($tpl_path, 'cs_template - Template file not found'); $msg = 'Template file not found: ' . $tpl_file; if ($tpl_file != 'error.htm') { die(cs_error_internal('tpl', $msg)); } else { die($msg); } } # Initalize array of upcoming additions and get show content $replace = array('func:body_add' => ''); $replace['func:show'] = '<div id="csp_content">' . cs_contentload($cs_main['show']) . '</div>'; if (isset($cs_main['ajax']) and $cs_main['ajax'] == 2 or !empty($account['users_ajax']) and !empty($account['access_ajax'])) { $replace['func:body_add'] = ' onload="Clansphere.initialize(' . $cs_main['mod_rewrite'] . ',\'' . $_SERVER['SCRIPT_NAME'] . '\',' . $cs_main['ajax_reload'] * 1000 . ')"'; } # Provide the def_title and a title with more information $replace['func:title_website'] = htmlentities($cs_main['def_title'], ENT_QUOTES, $cs_main['charset']); $replace['func:title'] = cs_title(); # Fetch template file and parse exploded contents $template = cs_cache_template($tpl_file); $template = cs_tokenizer_parse($template); # Add scriptload to replaces global $cs_main; $replace['func:stylesheet'] = empty($cs_main['scriptload']['stylesheet']) ? '' : $cs_main['scriptload']['stylesheet']; $replace['func:javascript'] = empty($cs_main['scriptload']['javascript']) ? '' : $cs_main['scriptload']['javascript']; # Prepare debug and log data $debug = ''; $logsql = ''; if (!empty($cs_main['developer']) or $account['access_clansphere'] > 4) { $cs_logs['php_errors'] = nl2br($cs_logs['php_errors']); $cs_logs['errors'] = nl2br($cs_logs['errors']); $logsql = cs_log_format('sql'); } else { $cs_logs['php_errors'] = ''; $cs_logs['errors'] = 'Developer mode is turned off'; } if (!empty($cs_main['debug'])) { $data = array('data'); $data['data']['log_sql'] = $logsql; $data['data']['php_errors'] = $cs_logs['php_errors']; $data['data']['csp_errors'] = $cs_logs['errors']; $debug = cs_subtemplate(__FILE__, $data, 'clansphere', 'debug'); } $replace['func:queries'] = $cs_logs['queries']; $replace['func:errors'] = $cs_logs['php_errors'] . $cs_logs['errors']; $replace['func:sql'] = $logsql; $replace['func:debug'] = $debug; $replace['func:parse'] = cs_parsetime($cs_micro); $replace['func:memory'] = function_exists('memory_get_usage') ? cs_filesize(memory_get_usage()) : '-'; if (function_exists('memory_get_peak_usage')) { $replace['func:memory'] .= ' [peak ' . cs_filesize(memory_get_peak_usage()) . ']'; } # Assemble content parts $result = ''; foreach ($template as $num => $content) { if (array_key_exists($content, $replace)) { $result .= $replace[$content]; } else { $result .= $content; } } # Enable zlib output compression if possible if (!empty($cs_main['zlib']) and extension_loaded('zlib')) { ob_start('ob_gzhandler'); } # Send content type header with charset header('Content-type: text/html; charset=' . $cs_main['charset']); return $result; }
if (!empty($forbidden)) { die(cs_error_internal(0, 'Permission denied. Reason: ' . $forbidden)); } $com_cells = array('boardfiles_downloaded'); $com_save = array(1 + $cs_thread_file['boardfiles_downloaded']); cs_sql_update(__FILE__, 'boardfiles', $com_cells, $com_save, $cs_thread_file['boardfiles_id']); $file = $cs_thread_file['boardfiles_name']; $extension = strlen(strrchr($file, ".")); $name = strlen($file); $ext = substr($file, $name - $extension + 1, $name); if (!empty($id)) { $file_path = "../../uploads/board/files/" . $cs_thread_file['boardfiles_id'] . '.' . $ext; } else { $file_path = "../../uploads/board/files/" . $cs_thread_file['boardfiles_name']; } if (!is_file($file_path)) { die(cs_error_internal(0, 'File not found')); } if ($ext == 'jpg' or $ext == 'JPG' or $ext == 'jpeg' or $ext == 'JPEG' or $ext == 'gif' or $ext == 'GIF' or $ext == 'bmp' or $ext == 'BMP' or $ext == 'png' or $ext == 'PNG') { echo "<img src='{$file_path}' alt='{$file}'></img>"; } else { # disable browser / proxy caching header("Cache-Control: max-age=0, no-cache, no-store, must-revalidate"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); $varMimeTypes = array('doc' => 'application/msword', 'pdf' => 'application/pdf', 'zip' => 'application/zip', 'txt' => 'text/plain', 'sql' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html'); header("Content-Description: File Transfer"); header("Content-Type: " . $varMimeTypes[$ext]); header("Content-Disposition: attachment; filename=\"" . $cs_thread_file['boardfiles_name'] . "\";"); header("Content-Transfer-Encoding: binary"); @readfile($file_path); }
<?php // ClanSphere 2010 - www.clansphere.net // $Id$ // This file makes it possible to see an error page on too old php versions // Template caching requires str_ireplace, so fake it with str_replace if (!function_exists('str_ireplace')) { function str_ireplace($search, $replace, $subject, $count = 0) { return str_replace($search, $replace, $subject); } } // IP detection needs stripos, so fake it with strpos if (!function_exists('stripos')) { function stripos($haystack, $needle, $offset = 0) { return strpos(strtolower($haystack), strtolower($needle), $offset); } } // Throw internal error page die(cs_error_internal('cs_init', 'PHP Version 5.0 or newer is required, but found ' . $phpversion));