$LOGGED_IN = false; if (isset($_SESSION['btUsername']) and isset($_SESSION['btPassword'])) { $memberObj = new Member($mysqli); if ($memberObj->select($_SESSION['btUsername'])) { if ($memberObj->authorizeLogin($_SESSION['btPassword'])) { $LOGGED_IN = true; } } } $downloadCatObj = new DownloadCategory($mysqli); $downloadObj = new Download($mysqli); $blnShowDownload = false; if ($downloadObj->select($_GET['dID'])) { $downloadInfo = $downloadObj->get_info_filtered(); $downloadCatObj->select($downloadInfo['downloadcategory_id']); $accessType = $downloadCatObj->get_info("accesstype"); if ($accessType == 1 && $LOGGED_IN) { $blnShowDownload = true; } elseif ($accessType == 0) { $blnShowDownload = true; } $fileContents1 = file_get_contents($downloadInfo['splitfile1']); $fileContents2 = file_get_contents($downloadInfo['splitfile2']); if ($blnShowDownload && $fileContents1 !== false && $fileContents2 !== false) { header("Content-Description: File Transfer"); header("Content-Length: " . $downloadInfo['filesize'] . ";"); header("Content-disposition: attachment; filename=" . $downloadInfo['filename']); header("Content-type: " . $downloadInfo['mimetype']); echo $fileContents1 . $fileContents2; } }
function checkForAttachments() { global $formObj, $mysqli, $blnCheckForumAttachments, $prevFolder; $returnVal = false; if ($blnCheckForumAttachments) { $attachmentObj = new Download($mysqli); $downloadCatObj = new DownloadCategory($mysqli); $downloadCatObj->selectBySpecialKey("forumattachments"); $forumAttachmentCatID = $downloadCatObj->get_info("downloadcategory_id"); $arrDownloadID = array(); $arrDLColumns = array("downloadcategory_id", "member_id", "dateuploaded", "filename", "mimetype", "filesize", "splitfile1", "splitfile2"); for ($i = 1; $i <= $_POST['numofattachments']; $i++) { $tempPostName = "forumattachment_" . $i; if ($_FILES[$tempPostName]['name'] != "" && $attachmentObj->uploadFile($_FILES[$tempPostName], $prevFolder . "downloads/files/forumattachment/", $forumAttachmentCatID)) { $splitFiles = $attachmentObj->getSplitNames(); $fileSize = $attachmentObj->getFileSize(); $mimeType = $attachmentObj->getMIMEType(); $arrDLValues = array($forumAttachmentCatID, $memberInfo['member_id'], time(), $_FILES[$tempPostName]['name'], $mimeType, $fileSize, "downloads/files/forumattachment/" . $splitFiles[0], "downloads/files/forumattachment/" . $splitFiles[1]); if ($attachmentObj->addNew($arrDLColumns, $arrDLValues)) { $arrDownloadID[] = $attachmentObj->get_info("download_id"); } } elseif ($_FILES[$tempPostName]['name'] != "") { $countErrors++; $dispError .= " <b>·</b> Unable to upload attachment #" . $i . ": " . $_FILES[$tempPostName]['name'] . ".<br>"; } } $returnVal = $arrDownloadID; } return $returnVal; }
<?php if (!defined("SHOW_FORUMPOST")) { exit; } $posterMemberObj = new Member($mysqli); $posterRankObj = new Rank($mysqli); $downloadCatObj = new DownloadCategory($mysqli); $attachmentObj = new Download($mysqli); $consoleObj = new ConsoleOption($mysqli); $topicObj = new Basic($mysqli, "forum_topic", "forumtopic_id"); $intManagePostsCID = $consoleObj->findConsoleIDByName("Manage Forum Posts"); $intPostTopicCID = $consoleObj->findConsoleIDByName("Post Topic"); $downloadCatObj->selectBySpecialKey("forumattachments"); $blnShowAttachments = false; if (LOGGED_IN == true && $downloadCatObj->get_info("accesstype") == 1 || $downloadCatObj->get_info("accesstype") == 0) { $blnShowAttachments = true; } $postInfo = $this->get_info_filtered(); $topicInfo = $this->getTopicInfo(); $topicObj->select($postInfo['forumtopic_id']); $topicInfo['forumboard_id'] = $topicObj->get_info("forumboard_id"); $posterMemberObj->select($postInfo['member_id']); $postMemberInfo = $posterMemberObj->get_info_filtered(); $postMessage = $this->arrObjInfo['message']; $postMessage = str_replace("<?", "<?", $postMessage); $postMessage = str_replace("?>", "?>", $postMessage); $postMessage = str_replace("<script", "<script", $postMessage); $postMessage = str_replace("</script>", "</script>", $postMessage); $dispPostedOn = ""; if (time() - $postInfo['dateposted'] > 60 * 60 * 24) {
$lastPostInfo = $boardObj->objPost->get_info_filtered(); $EXTERNAL_JAVASCRIPT .= "<script type='text/javascript' src='" . $MAIN_ROOT . "js/ace/src-min-noconflict/ace.js' charset='utf-8'></script>"; define("RESIZE_FORUM_IMAGES", true); include "forum_image_resize.php"; // Start Page $PAGE_NAME = $postInfo['title'] . " - " . $boardInfo['name'] . " - "; // Quick Reply $quickReplyForm = new Form(); $btThemeObj->addHeadItem("richtext-js", $quickReplyForm->getRichtextboxJSFile()); include $prevFolder . "themes/" . $THEME . "/_header.php"; // Check Private Forum if ($websiteInfo['privateforum'] == 1 && !constant("LOGGED_IN")) { die("<script type='text/javascript'>window.location = '" . $MAIN_ROOT . "login.php';</script>"); } $blnShowAttachments = false; if (constant('LOGGED_IN') == true && $downloadCatObj->get_info("accesstype") == 1 || $downloadCatObj->get_info("accesstype") == 0) { $blnShowAttachments = true; } $memberInfo = array(); $LOGGED_IN = false; $NUM_PER_PAGE = $websiteInfo['forum_postsperpage']; if ($member->select($_SESSION['btUsername']) && $member->authorizeLogin($_SESSION['btPassword'])) { $memberInfo = $member->get_info_filtered(); $LOGGED_IN = true; $NUM_PER_PAGE = $memberInfo['postsperpage']; if (!$member->hasSeenTopic($topicInfo['forumtopic_id']) && $lastPostInfo['dateposted'] + 60 * 60 * 24 * 7 > time()) { $mysqli->query("INSERT INTO " . $dbprefix . "forum_topicseen (member_id, forumtopic_id) VALUES ('" . $memberInfo['member_id'] . "', '" . $topicInfo['forumtopic_id'] . "')"); } } if ($NUM_PER_PAGE == 0) { $NUM_PER_PAGE = 25;
} elseif ($_POST['catorder'] == "first") { // "(no other categories)" selected, check to see if there are actually no other categories $result = $mysqli->query("SELECT * FROM " . $dbprefix . "downloadcategory"); $num_rows = $result->num_rows; if ($num_rows > 1) { $countErrors++; $dispError .= " <b>·</b> You selected an invalid category order. (category)<br>"; } else { $intNewOrderSpot = 1; } } else { if ($_POST['beforeafter'] != "before" and $_POST['beforeafter'] != "after") { $countErrors++; $dispError .= " <b>·</b> You selected an invalid category order. (before/after)<br>"; } else { $catOrderOrderNum = $downloadCatObj->get_info("ordernum"); $addTo = -1; if ($_POST['beforeafter'] == "before") { $addTo = 1; } $checkOrderNum = $catOrderOrderNum + $addTo; if ($checkOrderNum != $downloadCatInfo['ordernum']) { $intNewOrderSpot = $downloadCatObj->makeRoom($_POST['beforeafter']); } } } if ($countErrors == 0) { $updateColumns = array("name", "accesstype"); $updateValues = array($_POST['catname'], $_POST['accesstype']); if ($intNewOrderSpot != "") { $resortOrder = true;