/** * rss download * * @param $saveDir * @param $filterFile * @param $historyFile * @param $url * @param $username * @return mixed */ function _rss($saveDir, $filterFile, $historyFile, $url, $username = "") { global $cfg; // set user if (!empty($username)) { // check first if (IsUser($username)) { $cfg["user"] = $username; } else { $this->_outputError("username " . $username . " is no valid user.\n"); return false; } } // process Feed require_once "inc/classes/Rssd.php"; return Rssd::processFeed($saveDir, $filterFile, $historyFile, $url); }
function resetOwner($file) { global $cfg, $db; include_once "AliasFile.php"; // log entry has expired so we must renew it $rtnValue = ""; $alias = getAliasName($file) . ".stat"; if (file_exists($cfg["torrent_file_path"] . $alias)) { $af = AliasFile::getAliasFileInstance($cfg["torrent_file_path"] . $alias, $torrentowner, $cfg); if (IsUser($af->torrentowner)) { // We have an owner! $rtnValue = $af->torrentowner; } else { // no owner found, so the super admin will now own it $rtnValue = GetSuperAdmin(); } $host_resolved = gethostbyaddr($cfg['ip']); $create_time = time(); $rec = array('user_id' => $rtnValue, 'file' => $file, 'action' => $cfg["constants"]["reset_owner"], 'ip' => $cfg['ip'], 'ip_resolved' => $host_resolved, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'time' => $create_time); $sTable = 'tf_log'; $sql = $db->GetInsertSql($sTable, $rec); // add record to the log $result = $db->Execute($sql); showError($db, $sql); } return $rtnValue; }
// read and display all messages in a list. $inx = 0; $sql = "SELECT mid, from_user, message, IsNew, ip, time, force_read FROM tf_messages WHERE to_user="******"user"]) . " ORDER BY time"; $result = $db->Execute($sql); if ($db->ErrorNo() != 0) { dbError($sql); } $message_list = array(); while (list($mid, $from_user, $message, $new, $ip, $time, $force_read) = $result->FetchRow()) { $mail_image = $new == 1 ? "themes/" . $cfg['theme'] . "/images/new_message.gif" : "themes/" . $cfg['theme'] . "/images/old_message.gif"; $display_message = check_html($message, "nohtml"); if (strlen($display_message) >= 40) { $display_message = substr($display_message, 0, 39) . "..."; } // No, let them reply or delete it array_push($message_list, array('mid' => $mid, 'mail_image' => $mail_image, 'from_user' => $from_user, 'display_message' => $display_message, 'date2' => date($cfg['_DATETIMEFORMAT'], $time), 'force_read' => $force_read, 'IsUser2' => IsUser($from_user) ? 1 : 0)); $inx++; } if ($inx == 0) { $tmpl->setvar('no_inx', 1); $tmpl->setvar('_NORECORDSFOUND', $cfg['_NORECORDSFOUND']); } else { $tmpl->setvar('no_inx', 0); $tmpl->setloop('message_list', $message_list); } $tmpl->setvar('_SENDMESSAGETO', $cfg['_SENDMESSAGETO']); $tmpl->setvar('_COMPOSE', $cfg['_COMPOSE']); $tmpl->setvar('_CHOOSEAUSER', $cfg['_CHOOSEAUSER']); $userList = array(); for ($inx = 0; $inx < sizeof($cfg['users']); $inx++) { array_push($userList, array('user' => htmlentities($cfg['users'][$inx], ENT_QUOTES)));
<?php require_once 'core/config.php'; if (!IsUser()) { header("Location: login"); } if (DatoUser($_SESSION['id'], "rango") < 2) { header("Location: index.php"); } if ($_POST['Ccon']) { if (configval(1) != $_POST['logo'] && $_POST['logo'] != "") { $Q1 = "UPDATE config SET value='" . $_POST['logo'] . "' WHERE id='1'"; mysql_query($Q1); echo "Logo actualizado"; } if (configval(2) != $_POST['dirraiz'] && $_POST['dirraiz'] != "") { $Q2 = "UPDATE config SET value='" . $_POST['dirraiz'] . "' WHERE id='2'"; mysql_query($Q2); echo "Direcotio Raiz actualizado"; } if (configval(3) != $_POST['nsitio'] && $_POST['nsitio'] != "") { $Q3 = "UPDATE config SET value='" . $_POST['nsitio'] . "' WHERE id='3'"; mysql_query($Q3); echo "Nombre del sitio actualizado"; } if (configval(4) != $_POST['tef']) { $Q4 = "UPDATE config SET value='" . $_POST['tef'] . "' WHERE id='4'"; mysql_query($Q4); echo "Titulo enlace footer Actualizado"; } if (configval(5) != $_POST['ef']) {
<?php include_once "core/config.php"; if (IsUser()) { session_destroy(); } header("Location: " . configval(2));
/** * reset Owner * * @param $transfer * @return string */ function resetOwner($transfer) { global $cfg, $db, $transfers; // log entry has expired so we must renew it $rtnValue = "n/a"; if (file_exists($cfg["transfer_file_path"] . $transfer . ".stat")) { $sf = new StatFile($transfer); if (IsUser($sf->transferowner)) { $rtnValue = $sf->transferowner; } else { $rtnValue = GetSuperAdmin(); } /* no owner found, so the super admin will now own it */ // add entry to the log $sql = "INSERT INTO tf_log (user_id,file,action,ip,ip_resolved,user_agent,time)" . " VALUES (" . $db->qstr($rtnValue) . "," . $db->qstr($transfer) . "," . $db->qstr($cfg["constants"]["reset_owner"]) . "," . $db->qstr($cfg['ip']) . "," . $db->qstr($cfg['ip_resolved']) . "," . $db->qstr($cfg['user_agent']) . "," . $db->qstr(time()) . ")"; $result = $db->Execute($sql); if ($db->ErrorNo() != 0) { dbError($sql); } } $transfers['owner'][$transfer] = $rtnValue; return $rtnValue; }
function displayUserSection() { global $cfg, $db; echo "<table width=\"760\" border=1 bordercolor=\"" . $cfg["table_admin_border"] . "\" cellpadding=\"2\" cellspacing=\"0\" bgcolor=\"" . $cfg["table_data_bg"] . "\">"; echo "<tr><td colspan=6 bgcolor=\"" . $cfg["table_header_bg"] . "\" background=\"themes/" . $cfg["theme"] . "/images/bar.gif\"><img src=\"images/user_group.gif\" width=17 height=14 border=0> <font class=\"title\">" . _USERDETAILS . "</font></div></td></tr>"; echo "<tr>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\" width=\"15%\"><div align=center class=\"title\">" . _USER . "</div></td>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\" width=\"6%\"><div align=center class=\"title\">" . _HITS . "</div></td>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\"><div align=center class=\"title\">" . _UPLOADACTIVITY . " (" . $cfg["days_to_keep"] . " " . _DAYS . ")</div></td>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\" width=\"6%\"><div align=center class=\"title\">" . _JOINED . "</div></td>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\" width=\"15%\"><div align=center class=\"title\">" . _LASTVISIT . "</div></td>"; echo "<td bgcolor=\"" . $cfg["table_header_bg"] . "\" width=\"8%\"><div align=center class=\"title\">" . _ADMIN . "</div></td>"; echo "</tr>"; $total_activity = GetActivityCount(); $sql = "SELECT user_id, hits, last_visit, time_created, user_level FROM tf_users ORDER BY user_id"; $result = $db->Execute($sql); while (list($user_id, $hits, $last_visit, $time_created, $user_level) = $result->FetchRow()) { $user_activity = GetActivityCount($user_id); if ($user_activity == 0) { $user_percent = 0; } else { $user_percent = number_format($user_activity / $total_activity * 100); } $user_icon = "images/user_offline.gif"; if (IsOnline($user_id)) { $user_icon = "images/user.gif"; } echo "<tr>"; if (IsUser($user_id)) { echo "<td><a href=\"message.php?to_user="******"\"><img src=\"" . $user_icon . "\" width=17 height=14 title=\"" . _SENDMESSAGETO . " " . $user_id . "\" border=0 align=\"bottom\">" . $user_id . "</a></td>"; } else { echo "<td><img src=\"" . $user_icon . "\" width=17 height=14 title=\"n/a\" border=0 align=\"bottom\">" . $user_id . "</td>"; } echo "<td><div class=\"tiny\" align=\"right\">" . $hits . "</div></td>"; echo "<td><div align=center>"; ?> <table width="310" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="200"> <table width="200" border="0" cellpadding="0" cellspacing="0"> <tr> <td background="themes/<?php echo $cfg["theme"]; ?> /images/proglass.gif" width="<?php echo $user_percent * 2; ?> "><img src="images/blank.gif" width="1" height="12" border="0"></td> <td background="themes/<?php echo $cfg["theme"]; ?> /images/noglass.gif" width="<?php echo 200 - $user_percent * 2; ?> "><img src="images/blank.gif" width="1" height="12" border="0"></td> </tr> </table> </td> <td align="right" width="40"><div class="tiny" align="right"><?php echo $user_activity; ?> </div></td> <td align="right" width="40"><div class="tiny" align="right"><?php echo $user_percent; ?> %</div></td> <td align="right"><a href="admin.php?op=showUserActivity&user_id=<?php echo $user_id; ?> "><img src="images/properties.png" width="18" height="13" title="<?php echo $user_id . "'s " . _USERSACTIVITY; ?> " border="0"></a></td> </tr> </table> <?php echo "</td>"; echo "<td><div class=\"tiny\" align=\"center\">" . date(_DATEFORMAT, $time_created) . "</div></td>"; echo "<td><div class=\"tiny\" align=\"center\">" . date(_DATETIMEFORMAT, $last_visit) . "</div></td>"; echo "<td><div align=\"right\" class=\"tiny\">"; $user_image = "images/user.gif"; $type_user = _NORMALUSER; if ($user_level == 1) { $user_image = "images/admin_user.gif"; $type_user = _ADMINISTRATOR; } if ($user_level == 2) { $user_image = "images/superadmin.gif"; $type_user = _SUPERADMIN; } if ($user_level <= 1 || IsSuperAdmin()) { echo "<a href=\"admin.php?op=editUser&user_id=" . $user_id . "\"><img src=\"images/edit.png\" width=12 height=13 title=\"" . _EDIT . " " . $user_id . "\" border=0></a>"; } echo "<img src=\"" . $user_image . "\" title=\"" . $user_id . " - " . $type_user . "\">"; if ($user_level <= 1) { echo "<a href=\"admin.php?op=deleteUser&user_id=" . $user_id . "\"><img src=\"images/delete_on.gif\" border=0 width=16 height=16 title=\"" . _DELETE . " " . $user_id . "\" onclick=\"return ConfirmDeleteUser('" . $user_id . "')\"></a>"; } else { echo "<img src=\"images/delete_off.gif\" width=16 height=16 title=\"n/a\">"; } echo "</div></td>"; echo "</tr>"; } echo "</table>"; ?> <script language="JavaScript"> function ConfirmDeleteUser(user) { return confirm("<?php echo _WARNING . ": " . _ABOUTTODELETE; ?> : " + user) } </script> <?php }
if (strlen($display_message) >= 40) { // needs to be trimmed $display_message = substr($display_message, 0, 39); $display_message .= "..."; } $link = $_SERVER['PHP_SELF'] . "?mid=" . $mid; echo "<tr><td> <a href=\"" . $link . "\"><img src=\"" . $mail_image . "\" width=14 height=11 title=\"\" border=0 align=\"absmiddle\"></a> <a href=\"" . $link . "\">" . $from_user . "</a></td>"; echo "<td><a href=\"" . $link . "\">" . $display_message . "</a></td>"; echo "<td align=\"center\"><a href=\"" . $link . "\">" . date(_DATETIMEFORMAT, $time) . "</a></td>"; echo "<td align=\"right\">"; // Is this a force_read from an admin? if ($force_read == 1) { // Yes, then don't let them delete the message yet echo "<img src=\"images/delete_off.gif\" width=16 height=16 title=\"\" border=0>"; } else { // No, let them reply or delete it if (IsUser($from_user)) { echo "<a href=\"message.php?to_user="******"&rmid=" . $mid . "\"><img src=\"images/reply.gif\" width=16 height=16 title=\"" . _REPLY . "\" border=0></a>"; } echo "<a href=\"" . $_SERVER['PHP_SELF'] . "?delete=" . $mid . "\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\"" . _DELETE . "\" border=0></a></td></tr>"; } $inx++; } // End While echo "</table>"; if ($inx == 0) { echo "<div align=\"center\"><strong>-- " . _NORECORDSFOUND . " --</strong></div>"; } } // end the else DisplayFoot();
/** * check the username * * @param $username string * @return boolean true or string with error-message */ function checkUsername($username) { global $cfg; if (isset($username) && $username != "") { return IsUser($username) ? $username . " " . $cfg['_HASBEENUSED'] : true; } else { return $cfg['_USERIDREQUIRED']; } }
*******************************************************************************/ // prevent direct invocation if (!isset($cfg['user']) || isset($_REQUEST['cfg'])) { @ob_end_clean(); @header("location: ../../../index.php"); exit; } /******************************************************************************/ $user_id = tfb_getRequestVar('user_id'); $org_user_id = tfb_getRequestVar('org_user_id'); $pass1 = tfb_getRequestVar('pass1'); $userType = tfb_getRequestVar('userType'); $hideOffline = tfb_getRequestVar('hideOffline'); $user_id = strtolower($user_id); if (!(IsUser($user_id) && $user_id != $org_user_id)) { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline); AuditAction($cfg["constants"]["admin"], $cfg['_EDITUSER'] . ": " . $user_id); @header("location: admin.php"); exit; } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.updateUser.tmpl"); // set vars $tmpl->setvar('user_id', $user_id); $tmpl->setvar('org_user_id', $org_user_id);
/** * sets vars for the user section */ function tmplSetUserSection() { global $cfg, $db, $tmpl; // xfer-prepare $tmpl->setvar('enable_xfer', $cfg["enable_xfer"]); if ($cfg['enable_xfer'] == 1) { $tmpl->setvar('userSection_colspan', 8); // getTransferListArray to update xfer-stats // xfer-init if ($cfg['xfer_realtime'] == 0) { $cfg['xfer_realtime'] = 1; // set xfer-newday Xfer::setNewday(); } @getTransferListArray(); } else { $tmpl->setvar('userSection_colspan', 7); } // activity-prepare $total_activity = GetActivityCount(); $sql = "SELECT user_id, hits, last_visit, time_created, user_level, state FROM tf_users ORDER BY user_id"; $result = $db->Execute($sql); if ($db->ErrorNo() != 0) { dbError($sql); } // user-details $user_details_list = array(); while (list($user_id, $hits, $last_visit, $time_created, $user_level, $user_state) = $result->FetchRow()) { // disk-usage $disk_usage = "0"; $tDir = $cfg["path"] . $user_id . "/"; if (is_dir($tDir)) { switch ($cfg["_OS"]) { case 1: //Linux $dudir = shell_exec($cfg['bin_du'] . " -sk -h -D " . tfb_shellencode($tDir)); break; case 2: //BSD $dudir = shell_exec($cfg['bin_du'] . " -sk -h -L " . tfb_shellencode($tDir)); break; } $dusize = explode("\t", $dudir); $disk_usage = array_shift($dusize); } // xfer-usage $xfer_usage = $cfg['enable_xfer'] == 1 ? Xfer::getUsage($user_id) : 0; // activity $user_activity = GetActivityCount($user_id); $user_percent = $user_activity == 0 ? 0 : number_format($user_activity / $total_activity * 100); // online $user_icon = "themes/" . $cfg['theme'] . "/images/user_offline.gif"; if (IsOnline($user_id)) { $user_icon = "themes/" . $cfg['theme'] . "/images/user.gif"; } // level $user_image = "themes/" . $cfg['theme'] . "/images/user.gif"; $type_user = $cfg['_NORMALUSER']; if ($user_level == 1) { $user_image = "themes/" . $cfg['theme'] . "/images/admin_user.gif"; $type_user = $cfg['_ADMINISTRATOR']; } if ($user_level == 2) { $user_image = "themes/" . $cfg['theme'] . "/images/superadmin.gif"; $type_user = $cfg['_SUPERADMIN']; } $is_superadmin = $user_level <= 1 || IsSuperAdmin() ? 1 : 0; // add to list array_push($user_details_list, array('is_user' => IsUser($user_id), 'user_id' => $user_id, 'user_icon' => $user_icon, 'hits' => $hits, 'disk_usage' => $disk_usage, 'xfer_usage' => $xfer_usage, 'user_percent' => $user_percent, 'user_percent2' => $user_percent * 2, 'user_percent3' => 200 - $user_percent * 2, 'time_created' => date($cfg['_DATEFORMAT'], $time_created), 'last_visit' => date($cfg['_DATETIMEFORMAT'], $last_visit), 'user_image' => $user_image, 'type_user' => $type_user, 'user_level' => $user_level, 'user_state' => $user_state, 'is_superadmin' => $is_superadmin)); } // set vars $tmpl->setvar('_USERDETAILS', $cfg['_USERDETAILS']); $tmpl->setvar('_USER', $cfg['_USER']); $tmpl->setvar('_HITS', $cfg['_HITS']); $tmpl->setvar('_UPLOADACTIVITY', $cfg['_UPLOADACTIVITY']); $tmpl->setvar('_JOINED', $cfg['_JOINED']); $tmpl->setvar('_LASTVISIT', $cfg['_LASTVISIT']); $tmpl->setvar('_ADMIN', $cfg['_ADMIN']); $tmpl->setvar('_DAYS', $cfg['_DAYS']); $tmpl->setvar('_SENDMESSAGETO', $cfg['_SENDMESSAGETO']); $tmpl->setvar('_WARNING', $cfg['_WARNING']); $tmpl->setvar('_ABOUTTODELETE', $cfg['_ABOUTTODELETE']); $tmpl->setvar('_USERSACTIVITY', $cfg['_USERSACTIVITY']); $tmpl->setvar('_EDIT', $cfg['_EDIT']); $tmpl->setvar('_DELETE', $cfg['_DELETE']); $tmpl->setvar('table_admin_border', $cfg["table_admin_border"]); $tmpl->setvar('days_to_keep', $cfg["days_to_keep"]); $tmpl->setloop('user_details_list', $user_details_list); }
exit; } /******************************************************************************/ $user_id = tfb_getRequestVar('user_id'); $org_user_id = tfb_getRequestVar('org_user_id'); $email_address = tfb_getRequestVar('email_address'); $pass1 = tfb_getRequestVar('pass1'); $pass2 = tfb_getRequestVar('pass2'); $userType = tfb_getRequestVar('userType'); $hideOffline = tfb_getRequestVar('hideOffline'); $user_id = strtolower($user_id); $email_address = strtolower($email_address); // check password $passwordCheck = $pass1 != '' && $pass2 != '' ? checkPassword($pass1, $pass2) : true; // update user if (!empty($user_id) && ($passwordCheck === true && IsUser($user_id) || $user_id == $org_user_id && IsUser($org_user_id))) { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline, $email_address); AuditAction($cfg["constants"]["admin"], $cfg['_EDITUSER'] . ": " . $user_id); @header("location: admin.php?op=editUser&user_id=" . urlencode($user_id)); exit; } else { AuditAction($cfg["constants"]["error"], $cfg['_EDITUSER'] . ": uname to edit " . $user_id); } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.updateUser.tmpl"); // set vars
@ob_end_clean(); @header("location: ../../../index.php"); exit; } /******************************************************************************/ $user_id = tfb_getRequestVar('user_id'); $org_user_id = tfb_getRequestVar('org_user_id'); $pass1 = tfb_getRequestVar('pass1'); $pass2 = tfb_getRequestVar('pass2'); $userType = tfb_getRequestVar('userType'); $hideOffline = tfb_getRequestVar('hideOffline'); $user_id = strtolower($user_id); // check password $passwordCheck = $pass1 != '' && $pass2 != '' ? checkPassword($pass1, $pass2) : true; // update user if (IsUser($org_user_id) && !IsUser($user_id) && $user_id != '' && $user_id != $org_user_id && $passwordCheck === true) { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline); AuditAction($cfg["constants"]["admin"], $cfg['_EDITUSER'] . ": " . $user_id); @header("location: admin.php"); exit; } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.updateUser.tmpl"); // set vars $tmpl->setvar('user_id', $user_id); $tmpl->setvar('org_user_id', $org_user_id);
To read the license please visit http://www.gnu.org/copyleft/gpl.html *******************************************************************************/ // prevent direct invocation if (!isset($cfg['user']) || isset($_REQUEST['cfg'])) { @ob_end_clean(); @header("location: ../../../index.php"); exit; } /******************************************************************************/ $newUser = tfb_getRequestVar('newUser'); $pass1 = tfb_getRequestVar('pass1'); $userType = tfb_getRequestVar('userType'); // new user ? $newUser = strtolower($newUser); if (!IsUser($newUser)) { addNewUser($newUser, $pass1, $userType); AuditAction($cfg["constants"]["admin"], $cfg['_NEWUSER'] . ": " . $newUser); @header("location: admin.php?op=showUsers"); exit; } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.addUser.tmpl"); // set vars $tmpl->setvar('newUser', $newUser); // $tmpl->setvar('_TRYDIFFERENTUSERID', $cfg['_TRYDIFFERENTUSERID']); $tmpl->setvar('_HASBEENUSED', $cfg['_HASBEENUSED']); // tmplSetTitleBar("Administration - Add User"); tmplSetAdminMenu();