<?php include "../../include.php"; $return = ' <table width="100%" cellpadding="3" cellspacing="1" border="1"> <tr class="helptext" bgcolor="#CCCCCC"> <td>Due Date</td> <td>Funder / Award</td> <td>Report</td> <td>Staff</td> <td>Status</td> </tr>'; $result = db_query("SELECT\n\t\t\tan.awardID, \n\t\t\tan.activityTitle,\n\t\t\tan.activityText,\n\t\t\tan.activityDate,\n\t\t\tu.lastname,\n\t\t\ta.awardTitle,\n\t\t\tf.name,\n\t\t\tf.funderID\n\t\tFROM funders_activity an\n\t\tINNER JOIN users u ON an.activityAssignedTo = u.id\n\t\tINNER JOIN funders_awards a ON an.awardID = a.awardID\n\t\tINNER JOIN funders f ON a.funderID = f.funderID\n\t\tWHERE an.isReport = 1 AND an.isComplete = 0\n\t\tORDER BY activityDate"); while ($r = db_fetch($result)) { $date = $r["activityDate"] ? date("M j, Y", strtotime($r["activityDate"])) : "N/A"; $return .= '<tr class="helptext'; if ($r["statusDesc"] == "Overdue") { $return .= '-b'; } $return .= '" bgcolor="#FFFFFF" valign="top"> <td><nobr>' . $date . '</nobr></td> <td><a href="http://' . $_josh["request"]["host"] . '/programs/resources_funder_view.php?id=' . $r["funderID"] . '">' . $r["name"] . '</a> /<br><a href="http://' . $_josh["request"]["host"] . '/programs/resources_award_view.php?id=' . $r["awardID"] . '">' . $r["awardTitle"] . '</a></td> <td>' . $r["activityTitle"] . '</td> <td>' . $r["lastname"] . '</td> <td>' . $r["activityText"] . '</td> </tr>'; } $return .= '</table>'; file_download($return, "Report Due Dates - " . date("m/d/y"), "xls");
<?php include "../include.php"; $d = db_grab("SELECT \r\n\t\td.title,\r\n\t\td.extension, \r\n\t\td.content \r\n\tFROM helpdesk_tickets_attachments d \r\n\tWHERE d.id = " . $_GET["id"]); //db_query("INSERT INTO docs_views ( documentID, user_id, viewedOn ) VALUES ( {$_GET["id"]}, {$_SESSION["user_id"]}, GETDATE() )"); file_download($d["content"], $d["title"], $d["extension"]);
foreach ($messages as $pm) { // turn all single \n into \r\n $pm['message'] = preg_replace("/(\r\n|\r|\n)/s", "\r\n", $pm['message']); $pm['message'] = fetch_censored_text($pm['message']); ($hook = vBulletinHook::fetch_hook('private_downloadpm_bit')) ? eval($hook) : false; $txt .= "================================================================================\r\n"; $txt .= "{$vbphrase['dump_from']} :\t{$pm['fromuser']}\r\n"; $txt .= "{$vbphrase['dump_to']} :\t" . fetch_touser_string($pm) . "\r\n"; $txt .= "{$vbphrase['date']} :\t" . vbdate('Y-m-d H:i', $pm['datestamp'], false, false) . "\r\n"; $txt .= "{$vbphrase['title']} :\t" . unhtmlspecialchars($pm['title']) . "\r\n"; $txt .= "--------------------------------------------------------------------------------\r\n"; $txt .= "{$pm['message']}\r\n\r\n"; } } // download the file file_download($txt, str_replace(array('\\', '/'), '-', "{$vbphrase['dump_privatemessages']}-" . $vbulletin->userinfo['username'] . "-" . vbdate($vbulletin->options['dateformat'], TIMENOW) . '.txt'), 'text/plain'); break; // ***************************** // unknown download format // ***************************** // unknown download format default: eval(standard_error(fetch_error('invalidid', $vbphrase['file_type'], $vbulletin->options['contactuslink']))); break; } } // ############################### start insert pm ############################### // either insert a pm into the database, or process the preview and fall back to newpm if ($_POST['do'] == 'insertpm') { $vbulletin->input->clean_array_gpc('p', array('wysiwyg' => TYPE_BOOL, 'title' => TYPE_NOHTML, 'message' => TYPE_STR, 'parseurl' => TYPE_BOOL, 'savecopy' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'receipt' => TYPE_BOOL, 'preview' => TYPE_STR, 'recipients' => TYPE_STR, 'bccrecipients' => TYPE_STR, 'iconid' => TYPE_UINT, 'forward' => TYPE_BOOL, 'folderid' => TYPE_INT, 'sendanyway' => TYPE_BOOL)); if ($permissions['pmquota'] < 1) {
foreach ($projects as $p) { $file .= '<td>'; if (isset($totals[$p])) { $counter += round($totals[$p] / $e["total"] * 100, 2); $file .= round($totals[$p] / $e["total"] * 100, 2) . "%"; //$total = round($rh["total"] / $rh["totaltotal"] * 100, 2); //} else { //$file .= "-"; } $file .= '</td>'; } $file .= '<td align="right">' . $counter . '</td></tr>'; } $file .= '</table>'; //die($file); file_download($file, $reportname, "xls"); } echo drawTop(); ?> <table class="left" cellspacing="1"> <?php echo drawHeaderRow("Percentages Report (without Vacation)", 2); ?> <form method="post" action="<?php echo $_josh["request"]["path_query"]; ?> "> <tr> <td class="left">Start Date</td> <td><?php echo draw_form_select_month("start", "1/2005", false, false, "field", false, true);
function fetch_illegal_usernames($download = false) { global $vbulletin, $upgradecore_phrases; $users = $vbulletin->db->query_read("\n\t\tSELECT userid, username FROM user\n\t\tWHERE username LIKE('%;%')\n\t"); if ($vbulletin->db->num_rows($users)) { $illegals = array(); while ($user = $vbulletin->db->fetch_array($users)) { $user['uusername'] = unhtmlspecialchars($user['username']); if (strpos($user['uusername'], ';') !== false) { $illegals["{$user['userid']}"] = $user['uusername']; } } if (empty($illegals)) { return false; } else { if ($download) { $txt = "{$upgradecore_phrases['semicolons_file_intro']}\r\n"; foreach ($illegals as $userid => $username) { $txt .= "--------------------------------------------------------------------------------\r\n"; $txt .= $username; $padlength = 70 - strlen($username) - strlen("{$userid}"); for ($i = 0; $i < $padlength; $i++) { $txt .= ' '; } $txt .= "(userid: {$userid})\r\n"; } $txt .= '--------------------------------------------------------------------------------'; require_once DIR . '/includes/functions_file.php'; file_download($txt, $upgradecore_phrases['illegal_user_names'], 'text/plain'); } else { return $illegals; } } } else { return false; } }
case 'database': case 'security': if ($vbulletin->GPC['filename'] = trim($vbulletin->options["errorlog{$type}"])) { $vbulletin->GPC['filename'] = $vbulletin->GPC['filename'] . iif($date, $date) . '.log'; if (file_exists($vbulletin->GPC['filename'])) { if ($vbulletin->GPC['delete']) { if (can_access_logs($vbulletin->config['SpecialUsers']['canpruneadminlog'], 0, '<p>' . $vbphrase['log_file_deletion_restricted'] . '</p>')) { if (@unlink($vbulletin->GPC['filename'])) { print_stop_message('deleted_file_successfully'); } else { print_stop_message('unable_to_delete_file'); } } } else { require_once DIR . '/includes/functions_file.php'; file_download(implode('', file($vbulletin->GPC['filename'])), substr($vbulletin->GPC['filename'], strrpos($vbulletin->GPC['filename'], '/') + 1), 'baa'); } } else { print_stop_message('invalid_file_specified'); } } } $_REQUEST['do'] = 'logfiles'; } // ############################################################################# print_cp_header($vbphrase['control_panel_log']); // ############################################################################# if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'choose'; } // ###################### Start view db error log #######################
/** * Метод, предназначенный для скачивания прикреплённых к сообщению файлов * * @param file $file */ function contactAttachmentGet($file) { $file_ex = get_mime_type($file); header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Cache-Control: private', false); header('Content-Type: ' . $file_ex); header('Content-Disposition: attachment; filename=' . $file); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . @filesize(BASE_DIR . '/attachments/' . $file)); @set_time_limit(0); if (false === file_download(BASE_DIR . '/attachments/' . $file)) { die('File not found.'); } }
<?php include_once "download_function.php"; if (isset($_GET['file_path']) && $_GET['file_path'] != '') { $path = $_GET['file_path']; $name = $_GET['file_name']; file_download($path, $name = ''); exit; }
} } } $qn = ""; if (isset($_GET['q'])) { $qn = $_GET['q']; } if (strlen($qn) > 0) { if (isset($_GET['file'])) { if ($_GET['file'] == "hisfunctionxmlexport") { $u->build(); $q = new hf_id_user(); $q->get_from_hashrange($u->id_user, $qn); $q->build(); $hf_name = $q->name; $chars = ' !@#$%^&*()_+-=[]{}\\|;\':"<>?,./;'; for ($i = 0; $i < strlen($chars) - 2; $i++) { $char = substr($chars, $i, 1); $hf_name = str_replace($char, "_", $hf_name); } //$hf_name = urlencode($hf_name); $hf_name = "" . $hf_name . ".hf.xml"; $export = $q->toxml(true); $export = $q->toxml(true); file_download($hf_name, $export); exit; } } } // end if exit;
<?php include "../../include.php"; //download if (url_action("delete")) { db_query("UPDATE policy_docs SET is_active = 0, deleted_date = GETDATE(), deleted_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["id"]); url_drop("id, action"); } elseif (url_id()) { $d = db_grab("SELECT d.name, t.extension, d.content FROM policy_docs d JOIN docs_types t ON d.type_id = t.id WHERE d.id = " . $_GET["id"]); //db_query("INSERT INTO docs_views ( documentID, user_id, viewedOn ) VALUES ( {$_GET["id"]}, {$_SESSION["user_id"]}, GETDATE() )"); file_download($d["content"], $d["name"], $d["extension"]); } //get nav options $options = array(); $categories = db_query("SELECT id, description FROM policy_categories ORDER BY description"); while ($c = db_fetch($categories)) { if (!isset($_GET["category"])) { url_query_add(array("category" => $c["id"])); } $options[str_replace(url_base(), "", url_query_add(array("category" => $c["id"]), false))] = $c["description"]; } echo drawTop(); echo drawNavigationRow($options, "areas", true); ?> <table class="left"> <?php if ($page['is_admin']) { echo drawheaderRow("", 4, "add", "edit/"); } else { echo drawheaderRow("", 3); }
} else { $set = 'fns'; $path = Path::theme($file, $set); } } if (!$path) { header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found'); header('Status: 404 Not Found'); exit; } else { $ext = false; $dyn = preg_match('/\\?/', $path); if (!$dyn) { preg_match('/.*\\.(.*)$/', '.' . $path, $match); $ext = mb_strtolower($match[1]); $file_types_user = array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'rtf' => 'text/rtf', 'png' => 'image/png', 'mht' => 'application/msword', 'doc' => 'application/msword', 'docx' => 'application/msword', 'avi' => 'video/x-msvideo', 'xls' => 'application/msexcel', 'tpl' => 'text/html', 'html' => 'text/html', 'txt' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'css' => 'text/css', 'js' => 'application/javascript', 'json' => 'application/json', 'xml' => 'application/xml', 'swf' => 'application/x-shockwave-flash', 'flv' => 'video/x-flv', 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'bmp' => 'image/bmp', 'ico' => 'image/vnd.microsoft.icon', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml', 'zip' => 'application/zip', 'rar' => 'application/x-rar-compressed', 'exe' => 'application/x-msdownload', 'msi' => 'application/x-msdownload', 'cab' => 'application/vnd.ms-cab-compressed', 'mp3' => 'audio/mpeg', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', 'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', 'doc' => 'application/msword', 'docx' => 'application/msword', 'rtf' => 'application/rtf', 'xls' => 'application/vnd.ms-excel', 'xlsx' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', 'odt' => 'application/vnd.oasis.opendocument.text', 'ods' => 'application/vnd.oasis.opendocument.spreadsheet'); $file_types_admin = array('php' => 'text/html'); } if (!$dyn && $ext && $file_types_user[$ext]) { //header( "Content-type: ".$file_types[$ext] ) ; //header( "Last-Modified: ".gmdate("D, d M Y H:i:s",filemtime($path))." GMT" ); file_download($path, $file_types_user[$ext]); } else { Access::admin(true); if (!$dyn && $ext && $file_types_admin[$ext]) { file_download($path, $file_types_admin[$ext]); } else { die('Исключение'); } } }
//header("Content-Description: File Transfer"); //Use the switch-generated Content-Type header("Content-Type: {$ctype}"); header('Content-Transfer-Encoding: Binary'); //Force the download header("Accept-Ranges: bytes"); header("Content-Length: {$download_size}"); //header('Content-Disposition: attachment; filename="'.$filename.'";'); // suman header('Content-Disposition: attachment; filename="' . $name . '";'); /* ///////////////////////////// header("Pragma: public"); // required header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private",false); // required for certain browsers header("Content-Type: $ctype"); // change, added quotes to allow spaces in filenames, by Rajkumar Singh header("Content-Disposition: attachment; filename=\"".basename($name)."\";" ); header("Content-Transfer-Encoding: binary"); header("Content-Length: ".filesize($name)); //////////////////////////// */ //ob_end_clean(); readfile($file); } if (isset($_GET['filepath']) && $_GET['filepath'] != '') { include_once 'config.php'; $path = '../image/' . $_GET['filepath']; $nameexp = explode('/', $_GET['filepath']); $name = $nameexp[1]; file_download($path, $name); exit; }
array_push($fields, $name->name . "|||" . db_field_type($result, $i)); } $return = ' <table border="1"> <tr bgcolor="#fffceo">'; foreach ($fields as $field) { list($name, $datatype) = explode("|||", $field); $return .= ' <td><b>' . trim(str_replace("_", " ", $name)) . '</b></td> '; } $return .= '</tr>'; while ($r = db_fetch($result)) { $return .= '<tr>'; reset($fields); foreach ($fields as $field) { list($name, $datatype) = explode("|||", $field); if ($datatype == "datetime") { $r[$name] = format_date_excel($r[$name]); } $return .= '<td>' . $r[$name] . '</td>'; } $return .= '</tr>'; $num_rows++; } $return .= '</table>'; //save exec info db_switch($_josh["db"]["database"]); db_query("INSERT INTO queries_executions ( \n\t\t\t\tqueryID, \n\t\t\t\tuserID, \n\t\t\t\texecutedOn, \n\t\t\t\tnum_rows, \n\t\t\t\tnum_columns\n\t\t\t) VALUES (\n\t\t\t\t{$_GET["id"]},\n\t\t\t\t{$_SESSION["user_id"]},\n\t\t\t\tGETDATE(),\n\t\t\t\t{$num_rows},\n\t\t\t\t{$num_columns}\n\t\t\t)"); file_download($return, $filename, "xls");
$return .= '<td>' . date("M, Y", strToTime($r["awardStartDate"])) . ' - ' . date("M, Y", strToTime($r["awardEndDate"])) . '</td>'; } else { $return .= '<td>'; if ($r["pastActivityTitle"]) { $return .= $r["pastActivityTitle"] . ' (' . format_date($r["pastActivityDate"]) . ')'; } $return .= '</td>'; } $return .= '<td>'; if ($r["activityTitle"]) { $return .= $r["activityTitle"] . ' (' . format_date($r["activityDate"]) . ')'; } $return .= '</td> <td align="right">$' . number_format($r["awardAmount"]) . '</td> <td>' . $r["last_name"] . '</td> </tr>'; } $result = db_query("SELECT\n\t\t\t\t\t\tf.funderID,\n\t\t\t\t\t\tf.name,\n\t\t\t\t\t\ta.awardID,\n\t\t\t\t\t\ta.awardTitle,\n\t\t\t\t\t\tp.programDesc\n\t\t\t\t\tFROM funders_awards a \n\t\t\t\t\tINNER JOIN funders f ON f.funderID = a.funderID\n\t\t\t\t\tINNER JOIN funders_programs p ON a.awardProgramID = p.programID\n\t\t\t\t\tWHERE a.awardStatusID = " . $rs["awardStatusID"] . " AND a.awardProgramID2 = " . $rp["programID"]); while ($r = db_fetch($result)) { $return .= ' <tr bgcolor="#FFFFFF" class="helptext"> <td><a href="http://' . $_josh["request"]["host"] . '/funders/funder_view.php?id=' . $r["funderID"] . '">' . $r["name"] . '</a></td> <td><a href="http://' . $_josh["request"]["host"] . '/funders/award_view.php?id=' . $r["awardID"] . '">' . $r["awardTitle"] . '</a></td> <td colspan="4">(See <i>' . $r["programDesc"] . '</i>)</td> </tr>'; } } } $return .= '</table>'; file_download($return, "Big List - " . date("m/d/y"), "xls");
} foreach ($contacts as $email => $name) { $output .= $name . '<' . $email . '>' . PHP_EOL; } $output .= PHP_EOL; } $transports = ''; $x = 0; foreach ($config['alert']['transports'] as $name => $v) { if ($config['alert']['transports'][$name] === true) { $transports .= 'Transport: ' . $name . PHP_EOL; $x++; } } if (!empty($transports)) { $output .= 'Found ' . $x . ' transports to send alerts to.' . PHP_EOL; $output .= $transports; } break; default: echo 'You must specify a valid type'; exit; } // ---- Output ---- if ($_GET['format'] == 'text') { header("Content-type: text/plain"); header('X-Accel-Buffering: no'); echo $output; } elseif ($_GET['format'] == 'download') { file_download($filename, $output); }
include "../../include.php"; $return = '<table width="100%" border="1"> <tr bgcolor="#EEEEEE"> <td>Funder</td> <td>Award</td> <td>Status</td> <td>Amount</td> <td>Type</td> <td>Program</td> <td>Start</td> <td>End</td> <td>Contact</td> </tr>'; $result = db_query("select\n\t\t\t\t\t\t\ta.funderID,\n\t\t\t\t\t\t\tf.name,\n\t\t\t\t\t\t\ta.awardID,\n\t\t\t\t\t\t\ta.awardTitle,\n\t\t\t\t\t\t\ts.awardStatusDesc,\n\t\t\t\t\t\t\ta.awardAmount,\n\t\t\t\t\t\t\tat.awardTypeDesc,\n\t\t\t\t\t\t\tp.programDesc,\n\t\t\t\t\t\t\ta.awardStartDate,\n\t\t\t\t\t\t\ta.awardEndDate,\n\t\t\t\t\t\t\tISNULL(u.nickname, u.firstname) + ' ' + u.lastname contact\n\t\t\t\t\t\t\tFROM funders_awards a\n\t\t\t\t\t\t\tLEFT JOIN funders f on f.funderID = a.funderID\n\t\t\t\t\t\t\tLEFT JOIN funders_awards_types at on a.awardTypeID = at.awardTypeID\n\t\t\t\t\t\t\tLEFT JOIN funders_programs p on a.awardprogramID = p.programID\n\t\t\t\t\t\t\tLEFT JOIN funders_awards_statuses s on a.awardStatusID = s.awardStatusID\n\t\t\t\t\t\t\tLEFT JOIN users u ON u.id = a.staffID"); while ($r = db_fetch($result)) { $return .= ' <tr bgcolor="#FFFFFF" valign="top"> <td><a href="http://' . $_josh["request"]["host"] . '/funders/funder_view.php?id=' . $r["funderID"] . '">' . $r["name"] . '</a></td> <td><a href="http://' . $_josh["request"]["host"] . '/funders/award_view.php?id=' . $r["awardID"] . '">' . $r["awardTitle"] . '</a></td> <td>' . $r["awardStatusDesc"] . '</td> <td>' . number_format($r["awardAmount"]) . '</td> <td>' . $r["awardTypeDesc"] . '</td> <td>' . $r["programDesc"] . '</td> <td>' . format_date_excel($r["awardStartDate"]) . '</td> <td>' . format_date_excel($r["awardEndDate"]) . '</td> <td>' . $r["contact"] . '</td> </tr>'; } $return .= '</table>'; file_download($return, "All Awards - " . date("m/d/y"), "xls");
$xml->add_tag('title', $title['text'], $title_attributes); $text_attributes = array('date' => $text['dateline'], 'username' => $text['username'], 'version' => htmlspecialchars_uni($text['version'])); $xml->add_tag('text', $text['text'], $text_attributes); $xml->close_group(); } else { $xml->add_tag('helptopic', '', $attr); } } $xml->close_group(); } $xml->close_group(); $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n"; $doc .= $xml->output(); $xml = null; require_once DIR . '/includes/functions_file.php'; file_download($doc, 'vbulletin-adminhelp.xml', 'text/xml'); } // ######################################################################### print_cp_header($vbphrase['admin_help']); if ($vbulletin->debug) { print_form_header('', '', 0, 1, 'notaform'); print_table_header($vbphrase['admin_help_manager']); print_description_row(construct_link_code($vbphrase['add_new_topic'], "help.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit") . construct_link_code($vbphrase['edit_topics'], "help.php?" . $vbulletin->session->vars['sessionurl'] . "do=manage") . construct_link_code($vbphrase['download_upload_adminhelp'], "help.php?" . $vbulletin->session->vars['sessionurl'] . "do=files"), 0, 2, '', 'center'); print_table_footer(); } // ############################### start do upload help XML ############## if ($_REQUEST['do'] == 'doimport') { $vbulletin->input->clean_array_gpc('p', array('serverfile' => TYPE_STR)); $vbulletin->input->clean_array_gpc('f', array('helpfile' => TYPE_FILE)); // got an uploaded file? if (file_exists($vbulletin->GPC['helpfile']['tmp_name'])) {
<?php include '../include.php'; url_query_require(); $d = db_grab('SELECT d.title, t.extension, d.content FROM docs d JOIN docs_types t ON d.type_id = t.id WHERE d.id = ' . $_GET['id']); db_query('INSERT INTO docs_views ( documentID, userID, viewedOn ) VALUES ( ' . $_GET['id'] . ', ' . user() . ', ' . db_date() . ' )'); file_download($d['content'], $d['title'], $d['extension']);
if (in_array($table, $allow_tables)) { try { $stmt = $pdo->query("SELECT * FROM {$table}"); // Получаем имена столбцов $keys_stmt = $pdo->query("SHOW COLUMNS FROM {$table}"); } catch (PDOException $e) { die("Ошибка выполенения запроса: " . $e->getMessage()); } } else { die("Неверно указана таблица"); } $data = $stmt->fetchAll(PDO::FETCH_ASSOC); $keys = $keys_stmt->fetchAll(PDO::FETCH_ASSOC); unset($pdo); $keys_array = array(); foreach ($keys as $key) { $keys_array[] = $key['Field']; } switch ($format) { case 'csv': $filename = create_csv($data, $keys_array, $filepath); break; case 'json': $filename = create_json($data, $filepath); break; case 'xml': $filename = create_xml($data, $keys_array, $filepath, $table); break; } file_download($filepath);
<?php include "../../include.php"; $d = db_grab("SELECT \n\t\tn.headline, \n\t\tt.extension, \n\t\tn.content \n\tFROM news_stories n\n\tJOIN docs_types t ON n.filetypeid = t.id\n\tWHERE n.id = " . $_GET["id"]); file_download($d["content"], $d["headline"], $d["extension"]);
function file_download_list($atts) { global $thisfile; extract(lAtts(array('form' => 'files', 'sort' => 'filename', 'label' => '', 'break' => br, 'limit' => '10', 'wraptag' => '', 'category' => '', 'class' => __FUNCTION__), $atts)); $qparts = array($category ? "category='{$category}'" : '1', "order by", $sort, $limit ? "limit {$limit}" : ''); $rs = safe_rows_start("*", "txp_file", join(' ', $qparts)); if ($rs) { if ($label) { $outlist[] = $label; } while ($a = nextRow($rs)) { $thisfile = fileDownloadFetchInfo("id='{$a['id']}'"); $outlist[] = file_download(array('id' => $a['id'], 'filename' => $a['filename'], 'form' => $form)); } if (!empty($outlist)) { if ($wraptag == 'ul' or $wraptag == 'ol') { return doWrap($outlist, $wraptag, $break, $class); } return $wraptag ? tag(join($break, $outlist), $wraptag) : join(n, $outlist); } } return ''; }
public function fileDownload() { file_download($this->path); }
require_once DIR . '/includes/class_xml.php'; $xml = new vB_XML_Builder($vbulletin); $xml->add_group("AME3"); foreach ($data as $key => $value) { $xml->add_group("def"); foreach ($value as $columnname => $columnvalue) { $xml->add_tag($columnname, $columnvalue); } $xml->close_group(); } $xml->close_group(); // ############## Finish up $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n" . $xml->output(); unset($xml); require_once DIR . '/includes/functions_file.php'; file_download($doc, "AME.xml", 'text/xml'); exit; } else { die("Data export size is empty!"); } } /** * Show options for importing */ if ($do == "import") { ?> <script type="text/javascript"> <!-- function js_confirm_upload(tform, filefield) {
<table width="100%" border="1" style="font-family:verdana; font-size:11px; padding:1px; border:1px solid #cccccc;"> <tr height="24" valign="bottom" style="background-color:#eeeecc; font-weight:bold;"> <td>Funder</td> <td>Project</td> <td align="right">Amount</td> <td>Status</td> <td>Next Steps</td> <td>Lead Contact</td> <td>Corporation</td> </tr>'; $result = db_query("SELECT\n\t\ta.awardID,\n\t\tf.name funder,\t\n\t\ta.awardTitle award,\n\t\ta.awardAmount amount,\n\t\tt.awardStatusDesc status,\n\t\t(SELECT TOP 1 c.activityTitle FROM funders_activity c WHERE c.awardID = a.awardID AND c.isComplete = 0 AND c.isActionItem = 1 ORDER BY activityDate ASC) nextsteps,\n\t\tISNULL(u.nickname, u.firstname) + ' ' + u.lastname contact\n\tFROM funders_awards a\n\tJOIN funders f ON a.funderID = f.funderID\n\tJOIN funders_awards_statuses t ON a.awardStatusID = t.awardStatusID\n\tJOIN users u ON a.staffID = u.id\n\tWHERE ((a.awardStatusID = 1) OR (a.awardStatusID = 2) OR (a.awardStatusID = 5))\n\tORDER BY funder, award"); while ($r = db_fetch($result)) { //$date = ($r["activityDate"]) ? date("M j, Y", strtotime($r["activityDate"])) : "N/A"; $return .= ' <tr height="18"> <td>' . $r["funder"] . '</td> <td><a href="http://' . $_josh["request"]["host"] . '/funders/award_view.php?id=' . $r["awardID"] . '">' . $r["award"] . '</a></a></td> <td align="right">'; if ($r["amount"]) { $return .= "\$" . number_format($r["amount"]); } $return .= '</td> <td>' . $r["status"] . '</td> <td>' . $r["nextsteps"] . '</td> <td>' . $r["contact"] . '</td> <td></td> </tr>'; } $return .= '</table>'; file_download($return, "Funders and Prospects " . date("m/d/y"), "xls");
require_once DIR . '/includes/class_xml.php'; $xml = new vB_XML_Builder($vbulletin); $xml->add_group('style', array('name' => $vbulletin->GPC['title'], 'vbversion' => $full_product_info[$vbulletin->GPC['product']]['version'], 'product' => $vbulletin->GPC['product'], 'type' => iif($vbulletin->GPC['dostyleid'] == -1, 'master', 'custom'))); foreach ($templates as $group => $grouptemplates) { $xml->add_group('templategroup', array('name' => iif(isset($only["{$group}"]), $only["{$group}"], $group))); foreach ($grouptemplates as $template) { $xml->add_tag('template', $template['template'], array('name' => htmlspecialchars($template['title']), 'templatetype' => $template['templatetype'], 'date' => $template['dateline'], 'username' => $template['username'], 'version' => htmlspecialchars_uni($template['version'])), true); } $xml->close_group(); } $xml->close_group(); $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n"; $doc .= $xml->output(); $xml = null; require_once DIR . '/includes/functions_file.php'; file_download($doc, $vbulletin->GPC['filename'], 'text/xml'); } // ############################################################################# // upload style if ($_POST['do'] == 'upload') { $vbulletin->input->clean_array_gpc('p', array('overwritestyleid' => TYPE_INT, 'serverfile' => TYPE_STR, 'parentid' => TYPE_INT, 'title' => TYPE_STR, 'anyversion' => TYPE_BOOL, 'displayorder' => TYPE_INT, 'userselect' => TYPE_BOOL)); $vbulletin->input->clean_array_gpc('f', array('stylefile' => TYPE_FILE)); // got an uploaded file? if (file_exists($vbulletin->GPC['stylefile']['tmp_name'])) { $xml = file_read($vbulletin->GPC['stylefile']['tmp_name']); } else { if (file_exists($vbulletin->GPC['serverfile'])) { $xml = file_read($vbulletin->GPC['serverfile']); } else { print_stop_message('no_file_uploaded_and_no_local_file_found'); }
$xml->add_group('settings', array('product' => $product)); $sets = $db->query_read("\n\t\tSELECT varname, value\n\t\tFROM " . TABLE_PREFIX . "setting\n\t\tWHERE (product = '" . $db->escape_string($product) . "'" . iif($product == 'vbulletin', " OR product = ''") . ")\n\t\t" . ($vbulletin->GPC['blacklist'] ? "AND blacklist = 0" : "") . "\n\t\tORDER BY displayorder\n\t"); while ($set = $db->fetch_array($sets)) { $arr = array('varname' => $set['varname']); $xml->add_group('setting', $arr); if ($set['value'] != '') { $xml->add_tag('value', $set['value']); } $xml->close_group(); } $xml->close_group(); $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n"; $doc .= $xml->output(); $xml = null; require_once DIR . '/includes/functions_file.php'; file_download($doc, 'vbulletin-settings.xml', 'text/xml'); } // ############################################################################# // ajax setting value validation if ($_POST['do'] == 'validate') { $vbulletin->input->clean_array_gpc('p', array('varname' => TYPE_STR, 'setting' => TYPE_ARRAY)); $varname = convert_urlencoded_unicode($vbulletin->GPC['varname']); $value = convert_urlencoded_unicode($vbulletin->GPC['setting']["{$varname}"]); require_once DIR . '/includes/class_xml.php'; $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml'); $xml->add_group('setting'); $xml->add_tag('varname', $varname); if ($setting = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "setting WHERE varname = '" . $db->escape_string($varname) . "'")) { $raw_value = $value; $value = validate_setting_value($value, $setting['datatype']); $valid = exec_setting_validation_code($setting['varname'], $value, $setting['validationcode'], $raw_value);
$minutes = array(); } $xml->add_group('cron', array('varname' => $cron['varname'], 'active' => $cron['active'], 'loglevel' => $cron['loglevel'])); $xml->add_tag('filename', $cron['filename']); $xml->add_tag('scheduling', '', array('weekday' => $cron['weekday'], 'day' => $cron['day'], 'hour' => $cron['hour'], 'minute' => implode(',', $minutes))); $xml->close_group(); } $xml->close_group(); $db->free_result($cron_results); // ############## FAQ entries $faq_results = $db->query_read("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "faq\r\n\t\tWHERE product = '" . $db->escape_string($vbulletin->GPC['productid']) . "'\r\n\t\t\tAND volatile = 1\r\n\t\tORDER BY faqname\r\n\t"); $xml->add_group('faqentries'); while ($faq = $db->fetch_array($faq_results)) { $xml->add_tag('faq', '', array('faqname' => $faq['faqname'], 'faqparent' => $faq['faqparent'], 'displayorder' => $faq['displayorder'])); } $xml->close_group(); $db->free_result($faq_results); // ############## Finish up $xml->close_group(); $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n" . $xml->output(); unset($xml); require_once DIR . '/includes/functions_file.php'; file_download($doc, "product-" . $vbulletin->GPC['productid'] . '.xml', 'text/xml'); } print_cp_footer(); /*======================================================================*\ || #################################################################### || # Downloaded: 23:48, Wed Mar 24th 2010 || # CVS: $RCSfile$ - $Revision: 34205 $ || #################################################################### \*======================================================================*/
<WorksheetOptions xmlns="urn:schemas-microsoft-com:office:excel"> <Print> <ValidPrinterInfo/> <HorizontalResolution>600</HorizontalResolution> <VerticalResolution>600</VerticalResolution> </Print> <Selected/> <FreezePanes/> <FrozenNoSplit/> <SplitHorizontal>1</SplitHorizontal> <TopRowBottomPane>1</TopRowBottomPane> <ActivePane>2</ActivePane> <Panes> <Pane> <Number>3</Number> <ActiveCol>1</ActiveCol> </Pane> <Pane> <Number>2</Number> <ActiveRow>16</ActiveRow> <ActiveCol>5</ActiveCol> </Pane> </Panes> <ProtectObjects>False</ProtectObjects> <ProtectScenarios>False</ProtectScenarios> </WorksheetOptions> </Worksheet> </Workbook>'; //die($return); file_download($return, "contact export", "xls");
function file_pass($filename) { //is this strictly necessary? what's this for? global $_josh; $content = file_get($filename); //die($filename); $nameparts = explode($_josh["folder"], $filename); $filenameparts = explode(".", $nameparts[count($nameparts) - 1]); $extension = array_pop($filenameparts); $filename = implode(".", $filenameparts); return file_download($content, $filename, $extension); }
file before allowing it to be downloaded. */ // check general authentication mode if (!abet_is_authenticated()) { http_response_code(UNAUTHORIZED); header('Content-Type: text/html'); echo "<h1>Access to the specified object is unauthorized.</h1>"; exit; } // check for correct GET variables if (!array_key_exists('id', $_GET)) { http_response_code(BAD_REQUEST); header('Content-Type: text/html'); echo "<h1>Bad request: try again..."; exit; } // check access to specific file resource if (!abet_is_admin_authenticated() && !abet_is_observer() && !check_general_content_item_access($_SESSION['id'], $_GET['id'], 'file_upload', $found)) { header('Content-Type: text/html'); if ($found) { http_response_code(UNAUTHORIZED); echo "<h1>Access to the specified object is unauthorized or it has been removed.</h1>"; } else { http_response_code(NOT_FOUND); echo "<h1>The specified object was not found. It's possible it was removed.</h1>"; } exit; } // call routine to output file file_download($_GET['id']);