print ' <label for="hide_internal" class="clickable_option">' . $lang_stat_details_php['hide_internal_referers'] . '</label>' . "\n"; print ' </td>' . $line_break; print ' <td class="tablef">' . $line_break; print ' ' . $lang_stat_details_php['date_display'] . $line_break; print ' <select name="date_display" size="1" onchange="sendForm();">' . $line_break; print ' <option value="0" ' . $date_display_0_selected . '>' . $line_break; print ' ' . strftime($album_date_fmt, localised_timestamp(time())) . $line_break; print ' </option>' . $line_break; print ' <option value="1" ' . $date_display_1_selected . '>' . $line_break; print ' ' . strftime($lastcom_date_fmt, localised_timestamp(time())) . $line_break; print ' </option>' . $line_break; print ' <option value="2" ' . $date_display_2_selected . '>' . $line_break; print ' ' . strftime($log_date_fmt, localised_timestamp(time())) . $line_break; print ' </option>' . $line_break; print ' <option value="3" ' . $date_display_3_selected . '>' . $line_break; print ' ' . strftime('%Y-%m-%d %H:%M:%S', localised_timestamp(time())) . $line_break; print ' </option>' . $line_break; print ' </select>' . $line_break; print ' </td>' . $line_break; print ' <td class="tablef">' . $line_break; print ' <input type="submit" name="go" value="' . $lang_stat_details_php['submit'] . '" class="button" />' . $line_break; print ' </td>' . $line_break; print ' </tr>' . $line_break; print ' </table>' . $line_break; print ' </td>' . $line_break; print ' </tr>' . $line_break; endtable(); print '</form>' . $line_break; } // admin is logged in end echo <<<EOT
function getCurrentYearView() { $d = getdate(localised_timestamp()); return $this->getYearView($d["year"]); }
/** * localised_date() * * Display a localised date * * @param integer $timestamp * @param $datefmt * @return **/ function localised_date($timestamp = -1, $datefmt) { global $lang_month, $lang_day_of_week, $CONFIG; $timestamp = localised_timestamp($timestamp); $date = ereg_replace('%[aA]', $lang_day_of_week[(int) strftime('%w', $timestamp)], $datefmt); $date = ereg_replace('%[bB]', $lang_month[(int) strftime('%m', $timestamp) - 1], $date); return strftime($date, $timestamp); }
function photo_shop_fetch_user($oid) { global $CONFIG, $udb_var; $sql = "SELECT s.*, u.{$udb_var['field']['username']}, u.{$udb_var['field']['email']} FROM {$CONFIG['TABLE_SHOP']} AS s LEFT JOIN {$udb_var['usertable']} as u ON u.{$udb_var['field']['user_id']} = s.uid WHERE oid=" . $oid . " AND cd=1 LIMIT 1"; $result = cpg_db_query($sql, $this->link_id); return $result; } } $cpg_udb = new photo_shop_udb(); $oid = isset($_REQUEST['oid']) ? $_REQUEST['oid'] : null; if (!$oid) { //display a list of all orders //before we display the order list, we check for to delete download dirs if ($CONFIG['photo_shop_del_download_dir'] > 0) { //it's set $time = localised_timestamp() - $CONFIG['photo_shop_del_download_dir'] * 3600; $result = cpg_db_query("SELECT oid, uid FROM {$CONFIG['TABLE_SHOP']} WHERE dtime < '{$time}' AND dtime > '0'"); if (mysql_num_rows($result) > 0) { $rowset = cpg_db_fetch_rowset($result); foreach ($rowset as $value) { if ($value['oid'] && $value['uid']) { photo_shop_dir_springbreak($value['uid'], $value['oid']); } } } } // Get total active count $result = cpg_db_query("SELECT count(DISTINCT oid) FROM {$CONFIG['TABLE_SHOP']} WHERE aktive='1'"); list($tot_box[1]) = @mysql_fetch_array($result); mysql_free_result($result); // Get total archive count
</table> </td> </tr> EOT; // display table footer with options $hide_internal_selected = $hide_internal == '1' ? 'checked="checked"' : ''; $date_display_0_selected = $date_display == '0' ? 'selected="selected"' : ''; $date_display_1_selected = $date_display == '1' ? 'selected="selected"' : ''; $date_display_2_selected = $date_display == '2' ? 'selected="selected"' : ''; $date_display_3_selected = $date_display == '3' ? 'selected="selected"' : ''; $date_display_4_selected = $date_display == '4' ? 'selected="selected"' : ''; $localized_time[0] = strftime($album_date_fmt, localised_timestamp(time())); $localized_time[1] = strftime($lastcom_date_fmt, localised_timestamp(time())); $localized_time[2] = strftime($log_date_fmt, localised_timestamp(time())); $localized_time[3] = strftime('%Y-%m-%d %H:%M:%S', localised_timestamp(time())); $localized_time[4] = strftime('%Y-%m-%d', localised_timestamp(time())); foreach ($amount_allowed as $key) { } print <<<EOT <tr> <td class="tablef" align="center" valign="top"> EOT; if ($type == 'vote') { print ' <input type="checkbox" name="checkAll2" onClick="selectAll(this,\'del\');" class="checkbox" title="' . $lang_common['check_uncheck_all'] . '" />' . $line_break; } print <<<EOT </td> <td colspan="{$tableColumns}"> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <td class="tablef">
/** * localised_date() * * Display a localised date * * @param integer $timestamp * @param $datefmt * @return **/ function localised_date($timestamp, $datefmt) { global $lang_month, $lang_day_of_week; $timestamp = localised_timestamp($timestamp); $date = str_replace(array('%a', '%A'), $lang_day_of_week[(int) strftime('%w', $timestamp)], $datefmt); $date = str_replace(array('%b', '%B'), $lang_month[(int) strftime('%m', $timestamp) - 1], $date); return strftime($date, $timestamp); }
*/ $CPG_REFERER = $superCage->get->getRaw('referer'); } /** * CPGPluginAPI::action('page_start',null) * * Executes page_start action on all plugins * * @param null * @return N/A **/ CPGPluginAPI::action('page_start', null); // load the main template load_template(); // Remove expired bans $now = date('Y-m-d H:i:s', localised_timestamp()); $CONFIG['template_loaded'] = true; cpg_db_query("DELETE FROM {$CONFIG['TABLE_BANNED']} WHERE expiry < '{$now}'"); // Check if the user is banned $user_id = USER_ID; $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_BANNED']} WHERE (ip_addr='{$raw_ip}' OR ip_addr='{$hdr_ip}' OR user_id={$user_id}) AND brute_force=0"); if (mysql_num_rows($result)) { pageheader($lang_common['error']); msg_box($lang_common['information'], $lang_errors['banned']); pagefooter(); exit; } mysql_free_result($result); // Retrieve the "private" album set if (!GALLERY_ADMIN_MODE && $CONFIG['allow_private_albums']) { get_private_album_set();
function photoshop_add_data($shop_data, $order_id, &$free_item) { global $CONFIG, $SHOP_CONFIG, $cd_price, $cd_counter, $discount_calc, $shipping_price_calc; $otime = localised_timestamp(); $picture_total = 0; foreach ($shop_data as $key => $item_id) { $pid = $item_id['pid']; $amount = $item_id['amount']; $size2 = $SHOP_CONFIG[$item_id['id']]['size']; if ($item_id['id'] == "CD") { $size = "CD"; $price = $cd_price[1]; $free_order = false; // this is not a free order // without paid status $sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}')"; } else { $size = $SHOP_CONFIG[$item_id['id']]['name']; $price = $SHOP_CONFIG[$item_id['id']]['price']; //price override $results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_SHOP_PRICES']} WHERE aid={$item_id['aid']}"); while ($temp_data = mysql_fetch_array($results)) { if ($temp_data['gid'] == $SHOP_CONFIG[$item_id['id']]['id']) { $price = $temp_data['price']; } } mysql_free_result($results); //here we check if the price is set to -1 (that's a free item, and we set price for display reasons back to 0.00) //do the same in cart and calc total an in function item_price, pricelist, photoshop_add_data if ($price == -1) { $price = "0.00"; if (!isset($free_order)) { $free_order = true; } //this is a free order, only set if there hasn't been a paid item before $free_item = true; // always set // add status paid to sql $sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`, `status`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}', '2')"; } else { // without status set to paod -> no free item $sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}')"; $free_order = false; //this is not a free order } $picture_total = $picture_total + $price * $amount; } //add single item $results = cpg_db_query($sql); } //add order total if ($free_order === true) { //this is a free order, the total order is set paid $sql2 = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `cd`, `quantity`, `price`, `otime`, `status`) VALUES ('{$order_id}', '" . USER_ID . "', '1', '" . ($cd_counter['cd'] + $cd_counter['photo']) . "', '" . ($picture_total + $cd_price[1] + $shipping_price_calc - $discount_calc) . "', '{$otime}', '2')"; } else { $sql2 = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `cd`, `quantity`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '1', '" . ($cd_counter['cd'] + $cd_counter['photo']) . "', '" . ($picture_total + $cd_price[1] + $shipping_price_calc - $discount_calc) . "', '{$otime}')"; } $results2 = cpg_db_query($sql2); return $results2; }
function photo_shop_ipn_download($uid, $oid, $mail_admin = false, $overwrite_dir = false) { global $CONFIG, $ERROR, $lang_photoshop_htaccess, $lang_photoshop_ipn_email_user, $lang_photoshop_index, $lang_photoshop_ipn, $template_index_html; //now create a download directory //first test if dir 'albums/downloads exists' if (!is_dir($CONFIG['fullpath'] . 'downloads')) { $cpg_umask = umask(0); @mkdir($CONFIG['fullpath'] . 'downloads', octdec($CONFIG['default_dir_mode'])); umask($cpg_umask); unset($cpg_umask); } //then create the dir for the user user-id_order-id //but first do some checks - safe mode enabled? downloads dir exists - if not create if (!defined('SILLY_SAFE_MODE')) { $filepath = 'downloads/' . $uid . '_' . $oid; $dest_dir = $CONFIG['fullpath'] . $filepath; if (!is_dir($dest_dir)) { mkdir($dest_dir, octdec($CONFIG['default_dir_mode'])); if (!is_dir($dest_dir)) { //couldn't create dir $ERROR = $lang_photoshop_ipn['ipn_download_err_mkdir']; return false; } //redundant but... hmmm @chmod($dest_dir, octdec($CONFIG['default_dir_mode'])); //silence the output in case chmod is disabled } elseif (!$overwrite_dir) { //directory exists return false; } $dest_dir .= '/'; $filepath .= '/'; //create random password... we use the users username for the htpasswd $clear_txt_password = photo_shop_gen_passwd(8); //$CTP = &$clear_txt_password; //if server os is windows, then we have to use plain passwords, *nix we need to crypt //so do the OS check now and then use wither crypted or plain pwd $htpasswd_path = getcwd() . '/' . $dest_dir; if (eregi("win", $_ENV['OS'])) { //win $password = $clear_txt_password; } else { //*nix)) $password = crypt($clear_txt_password, base64_encode($clear_txt_password)); } $user_info = photoshop_user_details($uid); // grab user_info, now we have username and his email addy (for now we use the name for the htpasswd) $order_hash = md5($uid . $oid . $password . $user_info['user_email']); //update shop table with hash $results = cpg_db_query("UPDATE {$CONFIG['TABLE_SHOP']} SET order_md5_id='{$order_hash}' WHERE oid='{$oid}' AND cd='1'"); //placeholder <-> path $template_vars = array('{HTPASSWD_PATH}' => $htpasswd_path . '.htpasswd'); $htaccess = strtr($lang_photoshop_htaccess, $template_vars); //get the filenames //query the path.filename of the order -> used to create the index.php in the downloads folder. When called that file will copy (resize) the images into the download dir //that way we reduce heat (timeouts) on the IPN script $sql = 'SELECT s.size2, p.filepath, p.filename, p.filesize, p.pwidth, p.pheight, p.title FROM ' . $CONFIG['TABLE_PICTURES'] . ' as p LEFT JOIN ' . $CONFIG['TABLE_SHOP'] . ' as s ON p.pid=s.pid WHERE oid=' . $oid . ' AND cd<>1'; $result = cpg_db_query($sql); $row = cpg_db_fetch_rowset($result); mysql_free_result($result); //write htpasswd $fp = fopen($dest_dir . '.htpasswd', 'w'); fwrite($fp, $user_info['user_name'] . ':' . $password); fclose($fp); //write htaccess $fp = fopen($dest_dir . '.htaccess', 'w'); fwrite($fp, $htaccess); fclose($fp); //write an index.html $fp = fopen($dest_dir . 'index.html', 'w'); fwrite($fp, " "); fclose($fp); //check if all worked if (is_file($dest_dir . 'index.html') && is_file($dest_dir . '.htpasswd') && is_file($dest_dir . '.htaccess')) { //when the files have been created and verified it's a good time to add the timestamp for automatic deletion of the folder after its lifespan $time = localised_timestamp(); $results = cpg_db_query("UPDATE {$CONFIG['TABLE_SHOP']} SET dtime='{$time}' WHERE oid='{$oid}' AND cd='1'"); //send user the password photo_shop_send_password($lang_photoshop_ipn_email_user, $lang_photoshop_ipn['ipn_email_user_subject'], $clear_txt_password, $user_info['user_name'], $user_info['user_email'], $order_hash); if ($mail_admin) { photo_shop_send_password($lang_photoshop_ipn_email_user, "{$lang_photoshop_ipn['ipn_email_admin_subject']} {$oid}", $clear_txt_password, $user_info['user_name'], 'admin', $order_hash); } $ERROR = $lang_photoshop_ipn['ipn_download_ok']; return true; } else { $ERROR = $lang_photoshop_ipn['ipn_download_err_noindex']; return false; } } else { //email admin safe mode restrictions and die $ERROR = $lang_photoshop_ipn['ipn_download_err_safemode']; return false; } }