echo 'fail'; } $id = (int) $id; if ($pctype == 'topic') { $tablename = GetTopcitable($id); } elseif ($pctype == 'postcate') { $tablename = GetPcatetable($id); } $path = $db->get_value("SELECT {$fieldname} FROM {$tablename} WHERE tid=" . pwEscape($tid)); if (strpos($path, '..') !== false) { return false; } $lastpos = strrpos($path, '/') + 1; $s_path = substr($path, 0, $lastpos) . 's_' . substr($path, $lastpos); if (!file_exists("{$attachpath}/{$path}")) { if (pwFtpNew($ftp, $db_ifftp)) { $ftp->delete($path); $ftp->delete($s_path); pwFtpClose($ftp); } } else { P_unlink("{$attachdir}/{$path}"); if (file_exists("{$attachdir}/{$s_path}")) { P_unlink("{$attachdir}/{$s_path}"); } } $db->update("UPDATE {$tablename} SET {$fieldname}='' WHERE tid=" . pwEscape($tid)); echo 'success'; ajax_footer(); } elseif ($action == 'poplogin') { InitGP(array('tid', 'page', 'toread', 'fpage', 'anchor'));
function &getFtpObj() { if (!is_object($GLOBALS['ftp'])) { require_once R_P . 'require/functions.php'; pwFtpNew($GLOBALS['ftp'], true); } return $GLOBALS['ftp']; }
function movetoftp($srcfile, $dstfile) { global $ftp; if (pwFtpNew($ftp, true) && $ftp->upload($srcfile, $dstfile)) { P_unlink($srcfile); return true; } return false; }
function UploadFile($uid, $uptype = 'all', $thumbs = null) { //fix by noizy global $ifupload, $db_attachnum, $db_uploadfiletype, $action, $replacedb, $winddb, $_G, $tdtime, $timestamp, $fid, $db_attachdir, $attachdir, $db_watermark, $db_waterwidth, $db_waterheight, $db_ifgif, $db_waterimg, $db_waterpos, $db_watertext, $db_waterfont, $db_watercolor, $db_waterpct, $db_jpgquality, $db_ifathumb, $db_iffthumb, $db_athumbsize, $db_fthumbsize, $db_ifftp, $atc_attachment_name, $attach_ext, $savedir, $forumset; $uploaddb = array(); foreach ($_FILES as $key => $value) { if (if_uploaded_file($value['tmp_name'])) { list($t, $i) = explode('_', $key); $i = (int) $i; $atc_attachment = $value['tmp_name']; $atc_attachment_name = S::escapeChar($value['name']); $atc_attachment_size = $value['size']; $attach_ext = strtolower(substr(strrchr($atc_attachment_name, '.'), 1)); if (empty($attach_ext) || !isset($db_uploadfiletype[$attach_ext])) { uploadmsg($uptype, 'upload_type_error'); } if ((int) $atc_attachment_size < 1) { uploadmsg($uptype, 'upload_size_0'); } if ($db_uploadfiletype[$attach_ext] && $atc_attachment_size > $db_uploadfiletype[$attach_ext] * 1024) { uploadmsg($uptype, 'upload_size_error'); } if ($uptype == 'face') { $ifreplace = 0; $db_attachdir = 1; $db_ifathumb = $db_iffthumb; $db_athumbsize = $db_fthumbsize; $savedir = $thumbdir = ''; $tmpname = $uptype . "_{$uid}.{$attach_ext}"; $savedir = 'upload/' . str_pad(substr($uid, -2), 2, '0', STR_PAD_LEFT); $fileuplodeurl = $thumbdir = "{$savedir}/{$uid}.{$attach_ext}"; } elseif ($uptype == 'cnlogo') { $ifreplace = $db_ifathumb = 0; $db_attachdir = 1; $savedir = 'cn_img'; $tmpname = $uptype . "_{$uid}.{$attach_ext}"; $fileuplodeurl = "{$savedir}/colony_{$uid}.{$attach_ext}"; $thumbdir = ''; } elseif ($uptype == 'forumlogo') { $ifreplace = 0; $db_attachdir = 1; $db_ifathumb = 0; $tmpname = $uptype . "_{$uid}.{$attach_ext}"; $savedir = 'forumlogo'; $fileuplodeurl = "{$savedir}/{$fid}.{$attach_ext}"; } elseif ($uptype == 'photo') { if ($t == 'replace') { $ifreplace = 1; $fileuplodeurl = $replacedb[$i]; $tmpurl = strrchr($fileuplodeurl, '/'); $fileuplodename = $tmpurl ? substr($tmpurl, 1) : $fileuplodeurl; $tmpname = $uptype . "_{$fileuplodename}"; } else { $ifreplace = 0; $uid .= substr(md5($timestamp . $i . randstr(8)), 10, 15); $tmpname = $uptype . "_{$uid}.{$attach_ext}"; $fileuplodeurl = $fileuplodename = "{$uid}.{$attach_ext}"; $db_ifathumb = 1; if ($db_attachdir) { $savedir = 'photo/'; if ($db_attachdir == 2) { $savedir .= 'Day_' . date('ymd'); } elseif ($db_attachdir == 3) { $savedir .= "Cyid_{$GLOBALS['cyid']}"; } else { $savedir .= 'Mon_' . date('ym'); } $fileuplodeurl = $savedir . '/' . $fileuplodeurl; } } $thumbdir = str_replace($fileuplodename, 's_' . $fileuplodename, $fileuplodeurl); } else { if ($action == 'modify' && $t == 'replace' && isset($replacedb[$i])) { $ifreplace = 1; $fileuplodeurl = $replacedb[$i]['attachurl']; $tmpurl = strrchr($fileuplodeurl, '/'); $tmpname = $uptype . '_' . ($tmpurl ? substr($tmpurl, 1) : $fileuplodeurl); } else { $ifreplace = 0; $attach_ext = preg_replace('/(php|asp|jsp|cgi|fcgi|exe|pl|phtml|dll|asa|com|scr|inf)/i', "scp_\\1", $attach_ext); $winddb['uploadtime'] = $timestamp; $winddb['uploadnum']++; $prename = substr(md5($timestamp . $i . randstr(8)), 10, 15); $tmpname = $uptype . "_{$prename}.{$attach_ext}"; $fileuplodeurl = $fid . "_{$uid}_{$prename}.{$attach_ext}"; if ($db_attachdir) { if ($db_attachdir == 2) { $savedir = "Type_{$attach_ext}"; } elseif ($db_attachdir == 3) { $savedir = 'Mon_' . date('ym'); } elseif ($db_attachdir == 4) { $savedir = 'Day_' . date('ymd'); } else { $savedir = "Fid_{$fid}"; } $fileuplodeurl = $savedir . '/' . $fileuplodeurl; } } $thumbdir = "thumb/{$fileuplodeurl}"; } $havefile = $ifthumb = 0; if ($db_ifftp || file_exists("{$attachdir}/{$fileuplodeurl}")) { $havefile = 1; $source = D_P . "data/tmp/{$tmpname}"; } else { $source = "{$attachdir}/{$fileuplodeurl}"; } if (!postupload($atc_attachment, $source)) { uploadmsg($uptype, 'upload_error'); } if ($uptype == 'face') { $max_source = $attachdir . "/upload/tmp/max_{$tmpname}"; if (!copy($source, $max_source)) { uploadmsg($uptype, 'upload_error'); } /* if (!postupload($atc_attachment,$max_source)) { uploadmsg($uptype,'upload_error'); } */ } $ifupload = 3; $type = 'zip'; $img_size[0] = $img_size[1] = 0; $size = ceil(filesize($source) / 1024); if (in_array($attach_ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'swf'))) { require_once R_P . 'require/imgfunc.php'; if (!($img_size = GetImgSize($source, $attach_ext))) { P_unlink($source); uploadmsg($uptype, 'upload_content_error'); } $ifupload = 1; $img_size[0] = $img_size['width']; $img_size[1] = $img_size['height']; unset($img_size['width'], $img_size['height']); $type = 'img'; if ($attach_ext == 'swf') { $type = 'zip'; } elseif ($db_ifathumb) { $thumburl = $havefile ? D_P . "data/tmp/thumb_{$tmpname}" : "{$attachdir}/{$thumbdir}"; list($db_thumbw, $db_thumbh) = explode("\t", $db_athumbsize); list($cenTer, $sameFile) = explode("\t", $thumbs); createFolder(dirname($thumburl)); if ($thumbsize = MakeThumb($source, $thumburl, $db_thumbw, $db_thumbh, $cenTer, $sameFile)) { $img_size[0] = $thumbsize[0]; $img_size[1] = $thumbsize[1]; $source != $thumburl && ($ifthumb = 1); } } if ($uptype == 'all' && $db_watermark && $forumset['watermark'] && $img_size[2] < '4' && $img_size[0] > $db_waterwidth && $img_size[1] > $db_waterheight && function_exists('imagecreatefromgif') && function_exists('imagealphablending') && ($attach_ext != 'gif' || function_exists('imagegif') && ($db_ifgif == 2 || $db_ifgif == 1 && (PHP_VERSION > '4.4.2' && PHP_VERSION < '5' || PHP_VERSION > '5.1.4'))) && ($db_waterimg && function_exists('imagecopymerge') || !$db_waterimg && function_exists('imagettfbbox'))) { ImgWaterMark($source, $db_waterpos, $db_waterimg, $db_watertext, $db_waterfont, $db_watercolor, $db_waterpct, $db_jpgquality); if ($ifthumb == 1) { ImgWaterMark($thumburl, $db_waterpos, $db_waterimg, $db_watertext, $db_waterfont, $db_watercolor, $db_waterpct, $db_jpgquality); } } } elseif ($attach_ext == 'txt') { if (preg_match('/(onload|submit|post|form)/i', readover($source))) { P_unlink($source); uploadmsg($uptype, 'upload_content_error'); } $ifupload = 2; $type = 'txt'; } require_once R_P . 'require/functions.php'; if (pwFtpNew($GLOBALS['ftp'], $db_ifftp) && $GLOBALS['ftp']->upload($source, $fileuplodeurl)) { P_unlink($source); P_unlink("{$attachdir}/{$fileuplodeurl}"); if ($ifthumb == 1) { $GLOBALS['ftp']->mkdir("thumb/{$savedir}"); $GLOBALS['ftp']->upload($thumburl, $thumbdir) && P_unlink($thumburl); } } elseif ($havefile) { P_unlink("{$attachdir}/{$fileuplodeurl}"); @rename($source, "{$attachdir}/{$fileuplodeurl}"); if ($ifthumb == 1) { P_unlink("{$attachdir}/{$thumbdir}"); @rename($thumburl, "{$attachdir}/{$thumbdir}"); } } $uploaddb[] = array('id' => $i, 'ifreplace' => $ifreplace, 'name' => $atc_attachment_name, 'size' => $size, 'type' => $type, 'attachurl' => $fileuplodeurl, 'ifthumb' => $ifthumb, 'img_w' => $img_size[0], 'img_h' => $img_size[1], 'tmpname' => $tmpname); } } return $uploaddb; }
function pwDelatt($path, $ifftp) { if (strpos($path, '..') !== false) { return false; } if (!file_exists("{$GLOBALS['attachdir']}/{$path}")) { if (pwFtpNew($GLOBALS['ftp'], $ifftp)) { $GLOBALS['ftp']->delete($path); $GLOBALS['ftp']->delete('thumb/' . $path); } } else { P_unlink("{$GLOBALS['attachdir']}/{$path}"); if (file_exists("{$GLOBALS['attachdir']}/thumb/{$path}")) { P_unlink("{$GLOBALS['attachdir']}/thumb/{$path}"); } } return true; }