function GetUploadedFileContents($name)
{
return myfile_get_contents($_FILES[$name]['tmp_name']);
}
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $conn;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
//include("include/".$table."_variables.php");
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
header("Location: login.php");
return;
}
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$rs = db_query($sql, $conn);
if ($forPDF) {
if ($rs && ($data = db_fetch_array($rs))) {
return $data[$field];
}
} else {
if (!$rs || !($data = db_fetch_array($rs))) {
return DisplayNoImage();
}
if (postvalue('src') == 1 && strlen($data[$field]) > 51200) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = db_stripslashesbinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = db_stripslashesbinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
<?php
require_once "include/phpfunctions.php";
header("Content-Type: text/css");
$file = getQueryString();
$ext = substr($file, strrpos($file, '.') + 1);
if ($ext != "css" || strpos($file, '..') !== false) {
exit;
}
$css = myfile_get_contents(getabspath($file), "r");
$css = preg_replace(array("/ :not\\(.*?\\)/", "/ :first-child/", "/ :last-child/", "/ :nth-last-child\\(.*?\\)/"), " *", $css);
$css = preg_replace(array("/:not\\(.*?\\)/", "/:first-child/", "/:last-child/", "/:nth-last-child\\(.*?\\)/"), "", $css);
echo $css;
function set_template($template)
{
// read template file
$templatesPath = "templates/";
if (isMobile()) {
$templatesPath = "mobile/";
}
if (file_exists(getabspath($templatesPath . $template))) {
$this->template = myfile_get_contents(getabspath($templatesPath . $template));
}
if (isMobile() && $this->template == '') {
$templatesPath = "templates/";
$this->template = myfile_get_contents(getabspath($templatesPath . $template));
}
$this->template_file = basename($template, ".htm");
}
if ($isDBFile && $value || $fsFileName != "") {
if (!$isDBFile) {
if (!$pSet->isAbsolute($field) || $iconShowed) {
$fsFileName = getabspath($fsFileName);
}
if (!myfile_exists($fsFileName)) {
$fsFileName = getabspath("images/no_image.gif");
$fsize = filesize($fsFileName);
$ftype = "image/gif";
}
}
if ($isPDF) {
if ($isDBFile) {
$file = $value;
} else {
$file = myfile_get_contents($fsFileName);
}
return;
}
if (postvalue('norange') == 1) {
header('Accept-Ranges: none');
header("Cache-Control: private");
header("Content-Type: " . $ftype);
printDispositionHeader($fileName);
header('Access-Control-Allow-Methods: HEAD, GET, POST');
SendContentLength($fsize);
if ($_SERVER['REQUEST_METHOD'] == 'HEAD') {
exit;
}
if ($isDBFile) {
echoBinary($value);
/**
* @intellisense
*/
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
global $cman;
if (!$forPDF) {
$table = postvalue("table");
$strTableName = GetTableByShort($table);
$settings = new ProjectSettings($strTableName);
if (!checkTableName($table)) {
return '';
}
@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
$field = postvalue("field");
if (!$settings->checkFieldPermissions($field)) {
return DisplayNoImage();
}
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = postvalue("key" . ($ind + 1));
}
} else {
$table = @$params["table"];
$strTableName = GetTableByShort($table);
if (!checkTableName($table)) {
exit(0);
}
$settings = new ProjectSettings($strTableName);
$field = @$params["field"];
// construct sql
$keysArr = $settings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind => $k) {
$keys[$k] = @$params["key" . ($ind + 1)];
}
}
$connection = $cman->byTable($strTableName);
if (!$gQuery->HasGroupBy()) {
// Do not select any fields except current (image) field.
// If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
// Just don't do anything in that case.
$gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
}
$where = KeyWhere($keys);
$sql = $gQuery->gSQLWhere($where);
$data = $connection->query($sql)->fetchAssoc();
if ($forPDF) {
if ($data) {
return $data[$field];
}
} else {
if (!$data) {
return DisplayNoImage();
}
if (postvalue('src') == 1) {
$value = myfile_get_contents('images/icons/jpg.png');
} else {
$value = $connection->stripSlashesBinary($data[$field]);
}
if (!$value) {
if (postvalue("alt")) {
$value = $connection->stripSlashesBinary($data[postvalue("alt")]);
if (!$value) {
return DisplayNoImage();
}
} else {
return DisplayNoImage();
}
}
$itype = SupposeImageType($value);
if (!$itype) {
return DisplayFile();
}
if (!isset($pdf)) {
header("Content-Type: " . $itype);
header("Cache-Control: private");
SendContentLength(strlen_bin($value));
}
echoBinary($value);
return '';
}
}
function _serImport($fileName, $replaceConstantName, $autoIncrementId = false)
{
$pointer = 0;
$str = myfile_get_contents($fileName);
$str = trim($str);
$str = str_replace("DBPRFX_", DB_PRFX, $str);
$tableName = "";
$strlen = strlen($str);
while (($sqlInsret = _getNextSqlInsertStatement($str, $pointer, $strlen)) != null) {
if (isset($sqlInsret["Error"])) {
return false;
}
if ($replaceConstantName) {
db_query(_serReplaceConstantName($sqlInsret["statement"]));
} else {
db_query($sqlInsret["statement"]);
}
}
return true;
}
function load_template($template)
{
// read template file
$templatesPath = "templates/";
if (isMobile()) {
$templatesPath = "mobile/";
}
$this->template = myfile_get_contents(getabspath($templatesPath . $template));
$this->template_file = basename($template, ".htm");
$this->prepareContainers();
}
}
$yuiComponents[] = substr($yuiFile, $start, $end - $start);
}
}
$library = myfile_get_contents(getabspath("include/yui/yui.lib"), "r");
} else {
// css
foreach ($yuiFiles as $yuiFile) {
$start = strpos($yuiFile, "/build/");
if ($start === FALSE) {
die('<!-- Unable to determine module name! ' . $yuiFile . ' -->');
}
$start += strlen("/build/");
$yuiComponents[] = substr($yuiFile, $start);
}
$library = myfile_get_contents(getabspath("include/yui/yuicss.lib"), "r");
}
header("Cache-Control: max-age=315360000");
header("Expires: Thu, 29 Oct 2020 20:00:00 GMT");
header("Content-Type: " . $contentType);
foreach ($yuiComponents as $y) {
$start = strpos($library, "begincombofile " . $y);
if ($start === FALSE) {
die("Unknown file " . $y);
}
$start += strlen("begincombofile " . $y);
$end = strpos($library, "endcombofile", $start);
if ($end === FALSE) {
die("Unknown file " . $y);
}
echo substr($library, $start, $end - $start);
function GetClassName($fileName)
{
$strContent = myfile_get_contents($fileName);
$_match = array();
$strContent = substr($strContent, strpos($strContent, '@connect_module_class_name'), 100);
if (preg_match("|\\@connect_module_class_name[\t ]+([0-9a-z_]*)|mi", $strContent, $_match)) {
return $_match[1];
} else {
return false;
}
}