function download() { $this->error = false; define('HTTP_EOL', "\r\n"); if (!empty($this->remote_file)) { $this->file_name = ''; $info = parse_url($this->remote_file); $fileop = new fileop(); $header = 'GET ' . $info['path']; if (isset($info['query'])) { $header .= '?' . $info['query']; } $header .= ' HTTP/1.0' . HTTP_EOL; $header .= 'Host: ' . $info['host'] . HTTP_EOL; $header .= 'Connection: close' . HTTP_EOL . HTTP_EOL; $socket = fsockopen($info['host'], 80, $errno, $errstr, 30); if ($socket) { fputs($socket, $header); } $reply = ''; $headerdone = false; while (!feof($socket)) { $line = fgets($socket); if (strcmp($line, HTTP_EOL) == 0) { // read the header $headerdone = true; } elseif (!$headerdone) { if (empty($this->file_name)) { if (preg_match('/Content\\-Disposition: attachment; filename="(.+)"/', $line, $m)) { $this->file_name = $m[1]; } elseif (preg_match('/Content\\-Type: application\\/octet\\-stream; name="(.+)"/', $line, $m)) { $this->file_name = $m[1]; } elseif (preg_match('/Content\\-Type: application\\/octetstream; name="(.+)"/', $line, $m)) { $this->file_name = $m[1]; } } } elseif ($headerdone) { // header has been read. now read the contents $reply .= $line; } } fclose($socket); if (!empty($reply) && !empty($this->file_name)) { $fileop->file_put_contents(_BASEPATH_ . '/tmp/' . $this->file_name, $reply); if ($this->verify()) { $fileop->rename(_BASEPATH_ . '/tmp/' . $this->file_name, _BASEPATH_ . '/tmp/packages/' . $this->file_name); } } else { $this->error = true; $this->error_text = 'Unable to download package.'; } } else { $this->error = true; $this->error_text = 'Invalid package selected for download.'; } return !$this->error; }
function on_before_delete_blog_post() { global $dbtable_prefix, $post_ids; require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $query = "SELECT `post_id`,`fk_blog_id`,`fk_user_id`,UNIX_TIMESTAMP(`date_posted`) as `date_posted` FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $blog_ids = array(); $user_ids = array(); $dates = array(); while ($rsrow = mysql_fetch_assoc($res)) { if (isset($blog_ids[$rsrow['fk_blog_id']])) { --$blog_ids[$rsrow['fk_blog_id']]; } else { $blog_ids[$rsrow['fk_blog_id']] = -1; } if (isset($user_ids[$rsrow['fk_user_id']])) { --$user_ids[$rsrow['fk_user_id']]; } else { $user_ids[$rsrow['fk_user_id']] = -1; } $dates[$rsrow['fk_blog_id']][] = $rsrow['date_posted']; } foreach ($blog_ids as $bid => $num) { // blog stats $bid = (string) $bid; $query = "UPDATE `{$dbtable_prefix}user_blogs` SET `stat_posts`=`stat_posts`+{$num} WHERE `blog_id`={$bid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } // blog_archive $blog_archive = array(); if (is_file(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php')) { include _CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php'; } for ($i = 0; isset($dates[$bid][$i]); ++$i) { $year = (int) date('Y', $dates[$bid][$i]); $month = (int) date('m', $dates[$bid][$i]); if (isset($blog_archive[$year][$month])) { --$blog_archive[$year][$month]; } if (empty($blog_archive[$year][$month])) { unset($blog_archive[$year][$month]); } } krsort($blog_archive, SORT_NUMERIC); $towrite = '<?php $blog_archive=' . var_export($blog_archive, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php', $towrite); } foreach ($user_ids as $uid => $num) { update_stats($uid, 'blog_posts', $num); add_member_score($uid, 'del_blog', -$num); // -$num because $num is already negative. } }
function gen_blogposts_cache() { global $dbtable_prefix; $dirname = dirname(__FILE__); $temp = array(); if ($dirname[0] == '/') { // unixes here $temp = explode('/', $dirname); } else { // windows here $temp = explode('\\', $dirname); } $interval = (int) $temp[count($temp) - 1]; // that's how often we're executed ;) $short_blog_chars = 400; $config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog'); require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $post_ids = array(); $query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($blog = mysql_fetch_assoc($res)) { $post_ids[] = $blog['post_id']; $blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT])); $blog['post_content'] = remove_banned_words($blog['post_content']); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); } if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) { $blog['photo'] = 'no_photo.gif'; } else { $blog['has_photo'] = true; } if (empty($blog['fk_user_id'])) { unset($blog['fk_user_id']); } $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite); $blog['post_content'] = $post_content_short; $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite); } return true; }
private function make_directory_writable($path) { // provides fileop class. require_once AWPCP_DIR . '/fileop.class.php'; $previous_umask = umask(0); $fileop = new fileop(); if (!$fileop->set_permission($path, $this->get_default_directory_mode())) { $message = __('There was a problem trying to make directory <directory-name> writable.', 'AWPCP'); $message = str_replace('<directory-name>', awpcp_utf8_basename($path), $message); throw new AWPCP_Exception($message); } umask($previous_umask); return $path; }
function awpcp_setup_uploads_dir() { global $wpcontentdir; $permissions = awpcp_directory_permissions(); $upload_dir_name = get_awpcp_option('uploadfoldername', 'uploads'); $upload_dir = $wpcontentdir . '/' . $upload_dir_name . '/'; // Required to set permission on main upload directory require_once AWPCP_DIR . '/fileop.class.php'; $fileop = new fileop(); $owner = fileowner($wpcontentdir); if (!is_dir($upload_dir) && is_writable($wpcontentdir)) { umask(0); mkdir($upload_dir, $permissions); chown($upload_dir, $owner); } $fileop->set_permission($upload_dir, $permissions); $images_dir = $upload_dir . 'awpcp/'; $thumbs_dir = $upload_dir . 'awpcp/thumbs/'; if (!is_dir($images_dir) && is_writable($upload_dir)) { umask(0); @mkdir($images_dir, $permissions); @chown($images_dir, $owner); } if (!is_dir($thumbs_dir) && is_writable($upload_dir)) { umask(0); @mkdir($thumbs_dir, $permissions); @chown($thumbs_dir, $owner); } $fileop->set_permission($images_dir, $permissions); $fileop->set_permission($thumbs_dir, $permissions); return array($images_dir, $thumbs_dir); }
function upd_latest_comm_widg() { global $dbtable_prefix, $comment_ids, $comment_type; if ($comment_type == 'blog') { $max_title_length = 40; $config = get_site_option(array('items', 'enabled'), 'latest_blog_comments'); if (!empty($config['enabled'])) { $query = "SELECT a.`comment_id`,a.`fk_user_id`,c.`alt_url` as `profile_url`,a.`_user`,b.`post_id`,b.`title`,b.`alt_url` as `post_url` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` c ON a.`fk_user_id`=c.`fk_user_id`,`{$dbtable_prefix}blog_posts` b WHERE a.`fk_parent_id`=b.`post_id` AND a.`status`=" . STAT_APPROVED . " AND b.`is_public`=1 AND b.`status`=" . STAT_APPROVED . " ORDER BY a.`date_posted` DESC LIMIT " . $config['items']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $loop = array(); $i = 0; while ($rsrow = mysql_fetch_assoc($res)) { if (empty($rsrow['profile_url'])) { if (!empty($rsrow['fk_user_id'])) { $loop[$i]['profile_url'] = _BASEURL_ . '/profile.php?uid=' . $rsrow['fk_user_id']; } } else { $loop[$i]['profile_url'] = $rsrow['profile_url']; } if (empty($rsrow['post_url'])) { $loop[$i]['post_url'] = _BASEURL_ . '/blog_post_view.php?pid=' . $rsrow['post_id'] . '#comm' . $rsrow['comment_id']; } else { $loop[$i]['post_url'] = $rsrow['post_url'] . '#comm' . $rsrow['comment_id']; } $loop[$i]['user'] = $rsrow['_user']; if (strlen($rsrow['title']) > $max_title_length) { $rsrow['title'] = substr($rsrow['title'], 0, $max_title_length) . '...'; } $loop[$i]['title'] = sanitize_and_format($rsrow['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); ++$i; } require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $towrite = '<?php $latest_comments=' . var_export($loop, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/widgets/latest_blog_comments/comments.inc.php', $towrite); } } }
function gen_comment_feeds() { global $dbtable_prefix; require_once _BASEPATH_ . '/includes/access_levels.inc.php'; $short_blog_chars = 400; if (allow_at_level('read_blogs')) { // if non-members are allowed to read blogs... require_once _BASEPATH_ . '/includes/classes/rss_writer.class.php'; $rss_writer_object = new rss_writer_class(); $rss_writer_object->specification = '1.0'; $rss_writer_object->about = _BASEURL_ . '/rss/latest-comments.xml'; // $rss_writer_object->rssnamespaces['dc']='http://purl.org/dc/elements/1.1/'; $properties = array(); $properties['description'] = 'Latest blog comments on ' . _SITENAME_; $properties['link'] = _BASEURL_; $properties['title'] = 'Latest Blog Comments'; // $properties['dc:date']=mktime(gmdate('H'),gmdate('i'),gmdate('s'),gmdate('m'),gmdate('d'),gmdate('Y')); $rss_writer_object->addchannel($properties); $query = "SELECT a.`comment_id`,a.`fk_user_id`,c.`alt_url` as `profile_url`,a.`_user`,a.`comment`,b.`post_id`,b.`title`,b.`alt_url` as `post_url` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` c ON a.`fk_user_id`=c.`fk_user_id`,`{$dbtable_prefix}blog_posts` b WHERE a.`fk_parent_id`=b.`post_id` AND a.`status`=" . STAT_APPROVED . " AND b.`is_public`=1 AND b.`status`=" . STAT_APPROVED . " ORDER BY a.`date_posted` DESC LIMIT 10"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { $properties = array(); if (strlen($rsrow['comment']) < $short_blog_chars) { $properties['description'] = $rsrow['comment']; } else { $properties['description'] = substr($rsrow['comment'], 0, strrpos(substr($rsrow['comment'], 0, $short_blog_chars), ' ')); } $properties['description'] = sanitize_and_format($properties['description'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (empty($rsrow['post_url'])) { $properties['link'] = _BASEURL_ . '/blog_post_view.php?pid=' . $rsrow['post_id'] . '#comm' . $rsrow['comment_id']; } else { $properties['link'] = $rsrow['post_url'] . '#comm' . $rsrow['comment_id']; } $rsrow['title'] = sanitize_and_format($rsrow['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); $properties['title'] = sprintf('%1$s on "%2$s"', $rsrow['_user'], $rsrow['title']); // $properties['dc:date']=$rsrow['date_posted']; $rss_writer_object->additem($properties); } if ($rss_writer_object->writerss($towrite)) { require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/rss/latest-comments.xml', $towrite); } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $rss_writer_object->error; } } return true; }
function on_after_approve_blog_post() { global $dbtable_prefix, $post_ids; require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $query = "SELECT `post_id`,`fk_blog_id`,`fk_user_id` FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "') AND `processed`=0"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $post_ids = array(); // yup $blog_ids = array(); $user_ids = array(); while ($rsrow = mysql_fetch_assoc($res)) { $post_ids[] = $rsrow['post_id']; // get only the not processed ones if (!isset($blog_ids[$rsrow['fk_blog_id']])) { $blog_ids[$rsrow['fk_blog_id']] = 1; } else { ++$blog_ids[$rsrow['fk_blog_id']]; } if (!isset($user_ids[$rsrow['fk_user_id']])) { $user_ids[$rsrow['fk_user_id']] = 1; } else { ++$user_ids[$rsrow['fk_user_id']]; } } $year = (int) date('Y'); $month = (int) date('m'); foreach ($blog_ids as $bid => $num) { // blog stats $bid = (string) $bid; $query = "UPDATE `{$dbtable_prefix}user_blogs` SET `stat_posts`=`stat_posts`+{$num} WHERE `blog_id`={$bid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } // blog_archive $blog_archive = array(); if (is_file(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php')) { include _CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php'; } if (isset($blog_archive[$year][$month])) { $blog_archive[$year][$month] += $num; } else { $blog_archive[$year][$month] = $num; } krsort($blog_archive, SORT_NUMERIC); $towrite = '<?php $blog_archive=' . var_export($blog_archive, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/' . $bid[0] . '/' . $bid . '/blog_archive.inc.php', $towrite); } foreach ($user_ids as $uid => $num) { update_stats($uid, 'blog_posts', $num); add_member_score($uid, 'add_blog', $num); } if (!empty($post_ids)) { $query = "UPDATE `{$dbtable_prefix}blog_posts` SET `processed`=1 WHERE `post_id` IN ('" . join("','", $post_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } }
$rss_writer_object->addchannel($properties); $query = "SELECT `news_title`,`news_body`,UNIX_TIMESTAMP(`date_posted`) as `date_posted` FROM `{$dbtable_prefix}site_news` ORDER BY `news_id` DESC"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { $properties = array(); $properties['description'] = $rsrow['news_body']; $properties['link'] = ''; $properties['title'] = $rsrow['news_title']; $properties['dc:date'] = $rsrow['date_posted']; $rss_writer_object->additem($properties); } if ($rss_writer_object->writerss($towrite)) { require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/rss/site_news.xml', $towrite); } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $rss_writer_object->error; } } else { $nextpage = 'admin/site_news_addedit.php'; // you must re-read all textareas from $_POST like this: // $input['x']=addslashes_mq($_POST['x']); $input['news_body'] = addslashes_mq($_POST['news_body']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input; } }
$qs = ''; $qs_sep = ''; $error = false; $topass = array(); $cid = isset($_GET['cid']) ? (int) $_GET['cid'] : 0; if (!empty($cid)) { $query = "SELECT `config_value`,`option_type`,`fk_module_code` FROM `{$dbtable_prefix}site_options3` WHERE `config_id`={$cid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $rsrow = mysql_fetch_assoc($res); $qs .= $qs_sep . 'module_code=' . $rsrow['fk_module_code']; $qs_sep = '&'; if ($rsrow['option_type'] == FIELD_FILE) { $f = new fileop(); if (!is_file($rsrow['config_value']) || $f->delete($rsrow['config_value'])) { $query = "UPDATE `{$dbtable_prefix}site_options3` SET `config_value`='' WHERE `config_id`={$cid}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'File removed'; } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = 'Unable to remove the file. Permission issues?'; } } else { $error = true; $topass['message']['type'] = MESSAGE_ERROR;
trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id_other` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "SELECT `photo_id`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $photo_ids = array(); for ($i = 0; $i < mysql_num_rows($res); ++$i) { $photo = mysql_result($res, $i, 1); $photo_ids[] = mysql_result($res, $i, 0); $fileop->delete(_PHOTOPATH_ . '/t1/' . $photo); $fileop->delete(_PHOTOPATH_ . '/t2/' . $photo); $fileop->delete(_PHOTOPATH_ . '/' . $photo); } $query = "DELETE FROM `{$dbtable_prefix}user_photos` WHERE `photo_id` IN ('" . join("','", $photo_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id` IN ('" . join("','", $photo_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR);
function regenerate_langstrings_array($skin_module_code = '') { require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; global $dbtable_prefix; $fileop = new fileop(); if (empty($skin_module_code)) { $query = "SELECT a.`module_code`,b.`config_value` as `skin_dir` FROM `{$dbtable_prefix}modules` a,`{$dbtable_prefix}site_options3` b WHERE a.`module_type`=" . MODULE_SKIN . " AND a.`module_code`=b.`fk_module_code` AND b.`config_option`='skin_dir'"; } else { $query = "SELECT `fk_module_code` as `module_code`,`config_value` as `skin_dir` FROM `{$dbtable_prefix}site_options3` WHERE `config_option`='skin_dir' AND `fk_module_code`='{$skin_module_code}'"; } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $skins = array(); while ($rsrow = mysql_fetch_assoc($res)) { $skins[] = $rsrow; } for ($i = 0; isset($skins[$i]); ++$i) { $towrite = array(); $towrite[''][] = '<?php'; $query = "SELECT b.`codes` FROM `{$dbtable_prefix}site_options3` a,`{$dbtable_prefix}locales` b WHERE a.`config_option`='fk_locale_id' AND a.`config_value`=b.`locale_id` AND a.`fk_module_code`='" . $skins[$i]['module_code'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $temp = mysql_result($res, 0, 0); $towrite[''][] = "setlocale(LC_TIME,array('" . str_replace(',', "','", $temp) . "'));"; } $query = "SELECT a.`lk_id`,a.`alt_id_text`,b.`lang_value`,a.`lk_use`,a.`save_file` FROM `{$dbtable_prefix}lang_keys` a LEFT JOIN `{$dbtable_prefix}lang_strings` b ON (a.`lk_id`=b.`fk_lk_id` AND b.`skin`='" . $skins[$i]['module_code'] . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { if ($rsrow['lk_use'] != LK_FIELD) { $rsrow['lang_value'] = addcslashes($rsrow['lang_value'], "'\\"); } else { // field related strings cannot contain html code $rsrow['lang_value'] = sanitize_and_format($rsrow['lang_value'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT]); } if (!empty($rsrow['alt_id_text'])) { $rsrow['lk_id'] = "'" . $rsrow['alt_id_text'] . "'"; } if (!isset($towrite[$rsrow['save_file']])) { $towrite[$rsrow['save_file']][] = '<?php'; } $towrite[$rsrow['save_file']][] = "\$GLOBALS['_lang'][" . $rsrow['lk_id'] . "]='" . $rsrow['lang_value'] . "';"; } foreach ($towrite as $file => $arr) { if (empty($file)) { $file = 'global.inc.php'; } $temp = join("\n", $arr); $fileop->file_put_contents(_BASEPATH_ . '/skins_site/' . $skins[$i]['skin_dir'] . '/lang/' . $file, $temp); } } }
function regenerate_ban_array() { require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; global $dbtable_prefix; $query = "SELECT `ban_type`,`what` FROM `{$dbtable_prefix}site_bans` GROUP BY `what`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $_bans = array(); while ($rsrow = mysql_fetch_row($res)) { $_bans[$rsrow[0]][] = $rsrow[1]; } $towrite = "<?php\n"; if (!empty($_bans[_PUNISH_BANIP_])) { $towrite .= '$_bans[_PUNISH_BANIP_]=array(\'' . join("','", $_bans[_PUNISH_BANIP_]) . "');\n"; } if (!empty($_bans[_PUNISH_BANUSER_])) { $towrite .= '$_bans[_PUNISH_BANUSER_]=array(\'' . join("','", $_bans[_PUNISH_BANUSER_]) . "');\n"; } if (!empty($_bans[_PUNISH_BANEMAIL_])) { $towrite .= '$_bans[_PUNISH_BANEMAIL_]=array(\'' . join("','", $_bans[_PUNISH_BANEMAIL_]) . "');\n"; } $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/includes/site_bans.inc.php', $towrite); }
if (is_file(_BASEPATH_ . '/events/processors/photo_delete.php')) { include_once _BASEPATH_ . '/skins_site/' . $def_skin . '/lang/photos.inc.php'; include_once _BASEPATH_ . '/events/processors/photo_delete.php'; if (isset($_on_before_delete)) { $GLOBALS['photo_ids'] = array($photo_id); for ($i = 0; isset($_on_before_delete[$i]); ++$i) { call_user_func($_on_before_delete[$i]); } } } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (!empty($input['photo'])) { require_once '../../includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->delete(_PHOTOPATH_ . '/t1/' . $input['photo']); $fileop->delete(_PHOTOPATH_ . '/t2/' . $input['photo']); $fileop->delete(_PHOTOPATH_ . '/' . $input['photo']); } $query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id`={$photo_id}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } // what to do with the cache for the deleted comments or photo page? clear_cache($photo_id) ???? $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'Photo deleted.'; } if (!empty($return)) { $nextpage = _BASEURL_ . '/admin/' . $return; } else {
function finish() { global $dbtable_prefix; $query = "SELECT max(`sort`)+1 FROM `{$dbtable_prefix}modules`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $sort = mysql_result($res, 0, 0); $query = "INSERT IGNORE INTO `{$dbtable_prefix}modules` SET `module_code`='" . $this->module_code . "',`module_name`='" . $this->module_name . "',`module_type`='" . $this->module_type . "',`version`='" . $this->version . "',`sort`='{$sort}'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (!mysql_affected_rows()) { // if the insert failed then this is was just an update and the new version should have been set with change-version in one // of the requires } if (!empty($_SESSION[_LICENSE_KEY_]['admin']['install_options'])) { $query = "INSERT IGNORE INTO `{$dbtable_prefix}site_options3` (`config_option`,`config_value`,`config_diz`,`option_type`,`choices`,`fk_module_code`,`per_user`) VALUES "; foreach ($_SESSION[_LICENSE_KEY_]['admin']['install_options'] as $v) { $query = "INSERT IGNORE INTO `{$dbtable_prefix}site_options3` SET `fk_module_code`='" . $this->module_code . "'"; foreach ($v as $vk => $vv) { $query .= ",`{$vk}`='" . sanitize_and_format($vv, TYPE_STRING, FORMAT_ADDSLASH) . "'"; } @mysql_query($query); } unset($_SESSION[_LICENSE_KEY_]['admin']['install_options']); } $fileop = new fileop(); $fileop->delete($this->package_path); }
public function uninstall() { global $wpdb, $awpcp_plugin_path, $table_prefix, $awpcp; // Remove the upload folders with uploaded images $dirname = AWPCPUPLOADDIR; if (file_exists($dirname)) { require_once $awpcp_plugin_path . '/fileop.class.php'; $fileop = new fileop(); $fileop->delete($dirname); } // Delete the classifieds page(s) $pages = awpcp_pages(); foreach ($pages as $page => $data) { wp_delete_post(awpcp_get_page_id_by_ref($page), true); } // Drop the tables $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADFEES); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADPHOTOS); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADS); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_ADSETTINGS); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_AD_META); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_AD_REGIONS); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_CATEGORIES); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_CREDIT_PLANS); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_MEDIA); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_PAGES); $wpdb->query("DROP TABLE IF EXISTS " . AWPCP_TABLE_PAYMENTS); // TODO: implement uninstall methods in other modules $tables = array($wpdb->prefix . 'awpcp_comments'); foreach ($tables as $table) { $wpdb->query("DROP TABLE IF EXISTS " . $table); } // remove AWPCP options from options table array_map('delete_option', array('awpcp-pending-manual-upgrade', 'awpcp_installationcomplete', 'awpcp_pagename_warning', 'widget_awpcplatestads', 'awpcp_db_version', $awpcp->settings->setting_name)); // delete payment transactions $sql = 'SELECT option_name FROM ' . $wpdb->options . ' '; $sql .= "WHERE option_name LIKE 'awpcp-payment-transaction-%%'"; array_map('delete_option', $wpdb->get_col($sql)); // remove widgets unregister_widget("AWPCP_LatestAdsWidget"); unregister_widget('AWPCP_RandomAdWidget'); unregister_widget('AWPCP_Search_Widget'); // Clear the ad expiration schedule wp_clear_scheduled_hook('doadexpirations_hook'); wp_clear_scheduled_hook('doadcleanup_hook'); wp_clear_scheduled_hook('awpcp_ad_renewal_email_hook'); wp_clear_scheduled_hook('awpcp-clean-up-payment-transactions'); // TODO: use deactivate_plugins function // http://core.trac.wordpress.org/browser/branches/3.2/wp-admin/includes/plugin.php#L548 $current = get_option('active_plugins'); $thepluginfile = sprintf("%s/awpcp.php", trim(AWPCP_BASENAME, '/')); array_splice($current, array_search($thepluginfile, $current), 1); update_option('active_plugins', $current); do_action('deactivate_' . $thepluginfile); }
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id']; if (!empty($_POST['return'])) { $input['return'] = sanitize_and_format_gpc($_POST, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, ''); $nextpage = $input['return']; } // check for input errors if (empty($input['blog_name'])) { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $GLOBALS['_lang'][13]; } if (!$error) { $input['blog_name'] = remove_banned_words($input['blog_name']); $input['blog_diz'] = remove_banned_words($input['blog_diz']); require _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $towrite = array(); // what to write in the cache file if (!empty($input['blog_id'])) { foreach ($input as $k => $v) { $towrite[$k] = sanitize_and_format_gpc($_POST, $k, TYPE_STRING, $__field2format[TEXT_GPC2DISPLAY], ''); } $query = "UPDATE IGNORE `{$dbtable_prefix}user_blogs` SET "; foreach ($user_blogs_default['defaults'] as $k => $v) { if (isset($input[$k])) { $query .= "`{$k}`='" . $input[$k] . "',"; } } $query = substr($query, 0, -1); $query .= " WHERE `blog_id`=" . $input['blog_id'] . " AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'"; if (isset($_on_before_update)) {
<?php require_once dirname(__FILE__) . '/../../includes/common.inc.php'; require_once dirname(__FILE__) . '/../../includes/classes/phemplate.class.php'; require_once dirname(__FILE__) . '/../../includes/user_functions.inc.php'; require_once dirname(__FILE__) . '/../../includes/classes/fileop.class.php'; $short_blog_chars = 1000; $config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog'); $fileop = new fileop(); $blog_details = array(); $blog_archive = array(); $query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,UNIX_TIMESTAMP(a.`last_changed`) as `last_changed`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($blog = mysql_fetch_assoc($res)) { $last_approved = $blog['last_changed']; unset($blog['last_changed']); $blog['fk_blog_id'] = (string) $blog['fk_blog_id']; $blog['title'] = sanitize_and_format($blog['title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); }
if (!empty($_SESSION['install']['phpbin'])) { $output['phpbin'] = $_SESSION['install']['phpbin']; } else { $output['nophpbin'] = true; $output['phpbin'] = '/path/to/php'; } $output['basepath'] = _BASEPATH_; $output['baseurl'] = _BASEURL_; $tplvars = array(); $tplvars['page_title'] = 'Etano Install Process'; $tplvars['css'] = 'finish.css'; $tplvars['page'] = 'finish'; $tpl->set_var('output', $output); $tpl->set_var('tplvars', $tplvars); $tpl->process('content', 'content', TPL_OPTIONAL); $tpl->set_file('frame', 'frame.html'); $message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array())); if (!empty($message)) { $message['type'] = !isset($message['type']) || $message['type'] == MESSAGE_ERROR ? 'message_error' : 'message_info'; if (is_array($message['text'])) { $message['text'] = join('<br>', $message['text']); } $tpl->set_var('message', $message); } $tpl->set_var('tplvars', $tplvars); $fileop = new fileop(); $fileop->delete(_BASEPATH_ . '/install'); echo $tpl->process('frame', 'frame', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE); if (isset($_SESSION['topass'])) { unset($_SESSION['topass']); }
if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}modules` WHERE `module_code`='{$module_code}'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}lang_strings` WHERE `skin`='{$module_code}'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (!empty($config['is_default'])) { $query = "SELECT `module_code` FROM `{$dbtable_prefix}modules` WHERE `module_type`=" . MODULE_SKIN . " LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $module_code = mysql_result($res, 0, 0); set_site_option('is_default', $module_code, 1); } } require_once '../../includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->delete(_BASEPATH_ . '/skins_site/' . $config['skin_dir']); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'Skin deleted.'; } else { $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = 'You can\'t delete the last skin of the site!'; } redirect2page('admin/site_skins.php', $topass, $qs);
$qs_sep = ''; $topass = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $input = array(); $input['file'] = str_replace('..', '', preg_replace('~[^a-zA-Z0-9\\._/-]~', '', sanitize_and_format_gpc($_POST, 'file', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''))); $input['file_content'] = preg_replace('/\\r/m', '', sanitize_and_format_gpc($_POST, 'file_content', TYPE_STRING, FORMAT_STRIP_MQ)); if (strtolower(substr(strrchr($input['file'], '.'), 1)) == 'html') { $input['file_content'] = preg_replace('/\\n/m', "\r\n", $input['file_content']); } if (!empty($input['file']) && $input['file'][0] == '/') { $input['file'] = substr($input['file'], 1); } if (empty($input['file'])) { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = 'No file selected'; } if (!$error) { require_once '../../includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/' . $input['file'], $input['file_content']); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'File saved successfully'; $temp = str_replace(strrchr($input['file'], '/'), '', $input['file']); if ($temp != $input['file']) { $qs .= $qs_sep . 'path=' . urlencode($temp); $qs_sep = '&'; } } } redirect2page('admin/file_browser.php', $topass, $qs);
function delete_members() { global $dbtable_prefix; /* del=1 removes the user and all generated content del=2 removes the user but keeps the generated content */ $query = "SELECT `del`,`fk_user_id` FROM `{$dbtable_prefix}user_profiles` WHERE `del`<>0"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $uids[1] = array(); $uids[2] = array(); while ($rsrow = mysql_fetch_assoc($res)) { $uids[$rsrow['del']][] = $rsrow['fk_user_id']; } $all_uids = array_merge($uids[1], $uids[2]); // actions to do for all deleted members if (!empty($all_uids)) { $query = "DELETE FROM `{$dbtable_prefix}online` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}message_filters` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}payments` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_parent_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}queue_message` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_folders` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_mtpls` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_networks` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_outbox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_profiles` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_searches` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_settings2` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_spambox` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "') OR `fk_user_id_other` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_stats` WHERE `fk_user_id` IN ('" . join("','", $all_uids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } // actions to do for members to be totally removed if (!empty($uids[1])) { $query = "SELECT `blog_id` FROM `{$dbtable_prefix}user_blogs` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $blog_ids = array(); for ($i = 0; $i < mysql_num_rows($res); ++$i) { $blog_ids[] = mysql_result($res, $i, 0); } if (!empty($blog_ids)) { $query = "SELECT `post_id` FROM `{$dbtable_prefix}blog_posts` WHERE `fk_blog_id` IN ('" . join("','", $blog_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $post_ids = array(); for ($i = 0; $i < mysql_num_rows($res); ++$i) { $post_ids[] = mysql_result($res, $i, 0); } if (!empty($post_ids)) { $query = "DELETE FROM `{$dbtable_prefix}comments_blog` WHERE `fk_parent_id` IN ('" . join("','", $post_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}blog_posts` WHERE `post_id` IN ('" . join("','", $post_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } $query = "DELETE FROM `{$dbtable_prefix}user_blogs` WHERE `blog_id` IN ('" . join("','", $blog_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } $query = "DELETE FROM `{$dbtable_prefix}comments_blog` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id_other` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_profile` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "SELECT `photo_id`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $photo_ids = array(); for ($i = 0; $i < mysql_num_rows($res); ++$i) { $photo = mysql_result($res, $i, 1); $photo_ids[] = mysql_result($res, $i, 0); $fileop->delete(_PHOTOPATH_ . '/t1/' . $photo); $fileop->delete(_PHOTOPATH_ . '/t2/' . $photo); $fileop->delete(_PHOTOPATH_ . '/' . $photo); } $query = "DELETE FROM `{$dbtable_prefix}user_photos` WHERE `photo_id` IN ('" . join("','", $photo_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_parent_id` IN ('" . join("','", $photo_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "DELETE FROM `{$dbtable_prefix}comments_photo` WHERE `fk_user_id` IN ('" . join("','", $uids[1]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } if (!empty($uids[2])) { $query = "UPDATE `{$dbtable_prefix}user_blogs` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}blog_posts` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}comments_blog` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}comments_profile` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}user_inbox` SET `fk_user_id_other`=0 WHERE `fk_user_id_other` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}user_photos` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $query = "UPDATE `{$dbtable_prefix}comments_photo` SET `fk_user_id`=0 WHERE `fk_user_id` IN ('" . join("','", $uids[2]) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } return true; }
******************************************************************************/ require_once '../../includes/common.inc.php'; require_once '../../includes/admin_functions.inc.php'; allow_dept(DEPT_ADMIN); $error = false; $qs = ''; $qs_sep = ''; $topass = array(); $word_id = isset($_GET['word_id']) ? (int) $_GET['word_id'] : 0; $query = "DELETE FROM `{$dbtable_prefix}banned_words` WHERE `word_id`={$word_id}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (!$error) { // save in file require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $query = "SELECT `word` FROM `{$dbtable_prefix}banned_words`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $towrite = array(); for ($i = 0; $i < mysql_num_rows($res); ++$i) { $towrite[] = mysql_result($res, $i, 0); } $towrite = '<?php $_banned_words=' . var_export($towrite, true) . ';'; $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/includes/banned_words.inc.php', $towrite); } $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'Word deleted.'; redirect2page('admin/banned_words.php', $topass, $qs);
$qs_sep = ''; $topass = array(); $nextpage = 'my_photos.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $input = array(); // get the input we need and sanitize it $input['is_private'] = sanitize_and_format_gpc($_POST, 'is_private', TYPE_INT, 0, 0); $config = get_site_option(array('round_corners', 'watermark_text', 'watermark_text_color', 'watermark_image', 't1_width', 't2_width', 'pic_width', 'manual_photo_approval', 'min_size', 'max_size'), 'core_photo'); $config['padding_type'] = PAD_NONE; $config_t1 = $config; $config_t1['padding_type'] = PAD_2SIDES; $config_t2 = $config; $config_t2['padding_type'] = PAD_1SIDE; unset($config_t1['watermark_text'], $config_t1['watermark_image'], $config['round_corners']); $curtime = time(); $fileop = new fileop(); if (!isset($_FILES) || empty($_FILES)) { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = $GLOBALS['_lang'][93]; } if (!$error) { $photos_remaining = get_user_settings($_SESSION[_LICENSE_KEY_]['user']['user_id'], 'core_photo', 'max_user_photos'); if ($photos_remaining > 0 || $photos_remaining == -1) { $filename = $_SESSION[_LICENSE_KEY_]['user']['user_id'] . '_1' . $curtime; $input['file1'] = upload_file(_BASEPATH_ . '/tmp', 'file1', $filename); mt_srand(make_seed()); if (!empty($input['file1'])) { if (!empty($config['min_size']) && filesize(_BASEPATH_ . '/tmp/' . $input['file1']) < $config['min_size']) { $input['file1'] = ''; $error = true;
$Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require_once '../includes/common.inc.php'; require_once '../includes/admin_functions.inc.php'; require_once '../includes/classes/zip.class.php'; require_once '../includes/classes/fileop.class.php'; require_once '../includes/classes/etano_package.class.php'; allow_dept(DEPT_ADMIN); $tpl = new phemplate('skin/', 'remove_nonjs'); $output = array(); $fileop = new fileop(); $zipfile = new zipfile(); $query = "SELECT `module_code`,`module_name`,`module_type`,`version` FROM `{$dbtable_prefix}modules` ORDER BY `module_type`,`sort`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $installed = array(); $mcodes = array(); $accepted_module_types2 = $accepted_module_types; $accepted_module_types2[MODULE_REGULAR] = 'Core'; while ($rsrow = mysql_fetch_assoc($res)) { $rsrow['module_name'] = sanitize_and_format($rsrow['module_name'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); $rsrow['module_type'] = $accepted_module_types2[$rsrow['module_type']]; $installed[] = $rsrow; $mcodes[$rsrow['module_code']] = $rsrow['version']; }
if (isset($_POST['levels'][$levels[$l]][$memberships[$m]])) { $new_levels[$levels[$l]] += $memberships[$m]; } } } // save in db foreach ($new_levels as $k => $v) { $query = "UPDATE `{$dbtable_prefix}access_levels` SET `level`='{$v}' WHERE `level_id`={$k}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } // save in file require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; require_once _BASEPATH_ . '/includes/access_levels.inc.php'; $query = "SELECT `level_code`,`level` FROM `{$dbtable_prefix}access_levels`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $towrite = "<?php\n\$GLOBALS['_access_level']=array('auth'=>65534,'all'=>65535"; while ($rsrow = mysql_fetch_row($res)) { $towrite .= ",'" . $rsrow[0] . "'=>" . $rsrow[1]; } $towrite .= ");\n"; $towrite .= '$GLOBALS[\'_allow_na\']=' . var_export($GLOBALS['_allow_na'], true) . ";\n"; $fileop = new fileop(); $fileop->file_put_contents(_BASEPATH_ . '/includes/access_levels.inc.php', $towrite); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = 'Access levels changed.'; } redirect2page('admin/access_levels.php', $topass, $qs);
} if (!$error) { $input['fileop_mode'] = $_SESSION['install']['write']; $input['license_key'] = strtoupper(gen_pass(22)); $input['license_key_md5'] = md5($input['license_key']); $tpl = new phemplate('../skin/', 'remove_nonjs'); $tpl->set_file('content', 'defines.inc.php'); $tpl->set_var('input', $input); $towrite = $tpl->process('content', 'content', TPL_FINISH); define('_BASEPATH_', $input['basepath']); define('_FILEOP_MODE_', $input['fileop_mode']); define('_FTPHOST_', $input['ftphost']); define('_FTPPATH_', $input['ftppath']); define('_FTPUSER_', $input['ftpuser']); define('_FTPPASS_', $input['ftppass']); require_once '../../includes/classes/fileop.class.php'; $fileop = new fileop(); $fileop->delete($input['basepath'] . '/includes/defines.inc.php'); $fileop->file_put_contents($input['basepath'] . '/includes/defines.inc.php', $towrite); $_SESSION['install']['input'] = $input; } else { $nextpage = 'install/step2.php'; // you must re-read all textareas from $_POST like this: // $input['x']=addslashes_mq($_POST['x']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input; } } $my_url = str_replace('/install/processors/write_defines.php', '', $_SERVER['PHP_SELF']); define('_BASEURL_', (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $my_url); redirect2page($nextpage, $topass, $qs);
Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require_once '../includes/common.inc.php'; db_connect(_DBHOST_, _DBUSER_, _DBPASS_, _DBNAME_); require_once '../includes/admin_functions.inc.php'; require_once '../includes/classes/fileop.class.php'; require_once '../includes/classes/etano_package.class.php'; allow_dept(DEPT_ADMIN); set_time_limit(0); ignore_user_abort(true); $error = false; $tpl = new phemplate('skin/', 'remove_nonjs'); $output = array(); $fileop = new fileop(); $file = sanitize_and_format_gpc($_GET, 'f', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, ''); if (substr($file, 0, 7) == 'http://') { // save it in tmp/packages and rename $file to filename.zip require_once '../includes/classes/package_downloader.class.php'; $p = new package_downloader($file); if ($p->download()) { $file = $p->file_name; } else { $file = ''; $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $p->error_text; } } $install_index = 0;
case FIELD_TEXTFIELD: $input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); break; case FIELD_INT: $input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_INT, 0, 0); break; case FIELD_TEXTAREA: $input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_STRING, $__field2format[FIELD_TEXTAREA], ''); break; case FIELD_SELECT: $input[$rsrow['fk_module_code']][$rsrow['config_option']] = sanitize_and_format_gpc($_POST, $rsrow['fk_module_code'] . '_' . $rsrow['config_option'], TYPE_INT, 0, 0); break; case FIELD_FILE: if (!empty($_FILES[$rsrow['fk_module_code'] . '_' . $rsrow['config_option']]['tmp_name'])) { if ($temp = upload_file(_BASEPATH_ . '/tmp', $rsrow['fk_module_code'] . '_' . $rsrow['config_option'])) { $f = new fileop(); if ($f->rename(_BASEPATH_ . '/tmp/' . $temp, _BASEPATH_ . $rsrow['choices'] . '/' . $temp)) { $input[$rsrow['fk_module_code']][$rsrow['config_option']] = _BASEPATH_ . $rsrow['choices'] . '/' . $temp; } else { $error = true; } } else { $error = true; } } break; } } if (!$error) { foreach ($input as $module_code => $v) { foreach ($v as $config_option => $config_value) {