function display_attach_box_limits() { global $folder, $attach_config, $board_config, $template, $lang, $userdata, $db; $this->get_quota_limits($userdata); if (intval($attach_config['pm_filesize_limit']) == 0) { $pm_filesize_limit = intval($attach_config['attachment_quota']); } else { $pm_filesize_limit = intval($attach_config['pm_filesize_limit']); } $pm_filesize_total = get_total_attach_pm_filesize('to_user', $userdata['user_id']); $attach_limit_pct = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * 100) : 0; $attach_limit_img_length = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * $board_config['privmsg_graphic_length']) : 0; if ($attach_limit_pct > 100) { $attach_limit_img_length = $board_config['privmsg_graphic_length']; } $attach_limit_remain = $pm_filesize_limit > 0 ? $pm_filesize_limit - $pm_filesize_total : 100; $l_box_size_status = sprintf($lang['Attachbox_limit'], $attach_limit_pct); $template->assign_vars(array('ATTACHBOX_LIMIT_IMG_WIDTH' => $attach_limit_img_length, 'ATTACHBOX_LIMIT_PERCENT' => $attach_limit_pct, 'ATTACH_BOX_SIZE_STATUS' => $l_box_size_status)); }
/** * Upload an Attachment to Filespace (intern) */ function upload_attachment() { global $HTTP_POST_FILES, $db, $HTTP_POST_VARS, $error, $error_msg, $lang, $attach_config, $userdata, $upload_dir, $forum_id; $this->post_attach = $this->filename != '' ? TRUE : FALSE; if ($this->post_attach) { $r_file = trim(basename(htmlspecialchars($this->filename))); $file = $HTTP_POST_FILES['fileupload']['tmp_name']; $this->type = $HTTP_POST_FILES['fileupload']['type']; if (isset($HTTP_POST_FILES['fileupload']['size']) && $HTTP_POST_FILES['fileupload']['size'] == 0) { message_die(GENERAL_ERROR, 'Tried to upload empty file'); } // Opera add the name to the mime type $this->type = strstr($this->type, '; name') ? str_replace(strstr($this->type, '; name'), '', $this->type) : $this->type; $this->type = strtolower($this->type); $this->extension = strtolower(get_extension($this->filename)); $this->filesize = @filesize($file); $this->filesize = intval($this->filesize); $sql = 'SELECT g.allow_group, g.max_filesize, g.cat_id, g.forum_permissions FROM ' . EXTENSION_GROUPS_TABLE . ' g, ' . EXTENSIONS_TABLE . " e\n\t\t\t\tWHERE g.group_id = e.group_id\n\t\t\t\t\tAND e.extension = '" . attach_mod_sql_escape($this->extension) . "'\n\t\t\t\tLIMIT 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query Extensions.', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $allowed_filesize = $row['max_filesize'] ? $row['max_filesize'] : $attach_config['max_filesize']; $cat_id = intval($row['cat_id']); $auth_cache = trim($row['forum_permissions']); // check Filename if (preg_match("#[\\/:*?\"<>|]#i", $this->filename)) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Invalid_filename'], $this->filename); } // check php upload-size if (!$error && $file == 'none') { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $ini_val = phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var'; $max_size = @$ini_val('upload_max_filesize'); if ($max_size == '') { $error_msg .= $lang['Attachment_php_size_na']; } else { $error_msg .= sprintf($lang['Attachment_php_size_overrun'], $max_size); } } // Check Extension if (!$error && intval($row['allow_group']) == 0) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Disallowed_extension'], $this->extension); } // Check Forum Permissions if (!$error && $this->page != PAGE_PRIVMSGS && $userdata['user_level'] != ADMIN && !is_forum_authed($auth_cache, $forum_id) && trim($auth_cache) != '') { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Disallowed_extension_within_forum'], $this->extension); } // Upload File $this->thumbnail = 0; if (!$error) { // Prepare Values $this->filetime = time(); $this->filename = $r_file; // physical filename $this->attach_filename = strtolower($this->filename); // To re-add cryptic filenames, change this variable to true $cryptic = false; if (!$cryptic) { $this->attach_filename = html_entity_decode(trim(stripslashes($this->attach_filename))); $this->attach_filename = delete_extension($this->attach_filename); $this->attach_filename = str_replace(array(' ', '-'), array('_', '_'), $this->attach_filename); $this->attach_filename = str_replace('__', '_', $this->attach_filename); $this->attach_filename = str_replace(array(',', '.', '!', '?', 'ü', 'Ü', 'ö', 'Ö', 'ä', 'Ä', ';', ':', '@', "'", '"', '&'), array('', '', '', '', 'ue', 'ue', 'oe', 'oe', 'ae', 'ae', '', '', '', '', '', 'and'), $this->attach_filename); $this->attach_filename = str_replace(array('$', 'ß', '>', '<', '§', '%', '=', '/', '(', ')', '#', '*', '+', "\\", '{', '}', '[', ']'), array('dollar', 'ss', 'greater', 'lower', 'paragraph', 'percent', 'equal', '', '', '', '', '', '', '', '', '', '', ''), $this->attach_filename); // Remove non-latin characters $this->attach_filename = preg_replace("/([ÂÃ])([€-¿])/e", "chr(ord('\\1')<<6&0xC0|ord('\\2')&0x3F)", $this->attach_filename); $this->attach_filename = rawurlencode($this->attach_filename); $this->attach_filename = preg_replace("/(%[0-9A-F]{1,2})/i", '', $this->attach_filename); $this->attach_filename = trim($this->attach_filename); $new_filename = $this->attach_filename; if (!$new_filename) { $u_id = intval($userdata['user_id']) == ANONYMOUS ? 0 : intval($userdata['user_id']); $new_filename = $u_id . '_' . $this->filetime . '.' . $this->extension; } do { $this->attach_filename = $new_filename . '_' . substr(rand(), 0, 3) . '.' . $this->extension; } while (physical_filename_already_stored($this->attach_filename)); unset($new_filename); } else { $u_id = intval($userdata['user_id']) == ANONYMOUS ? 0 : intval($userdata['user_id']); $this->attach_filename = $u_id . '_' . $this->filetime . '.' . $this->extension; } // Do we have to create a thumbnail ? if ($cat_id == IMAGE_CAT && intval($attach_config['img_create_thumbnail'])) { $this->thumbnail = 1; } } if ($error) { $this->post_attach = FALSE; return; } // Upload Attachment if (!$error) { if (!intval($attach_config['allow_ftp_upload'])) { // Descide the Upload method $ini_val = phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var'; $safe_mode = @$ini_val('safe_mode'); if (@$ini_val('open_basedir')) { if (@phpversion() < '4.0.3') { $upload_mode = 'copy'; } else { $upload_mode = 'move'; } } else { if (@$ini_val('safe_mode')) { $upload_mode = 'move'; } else { $upload_mode = 'copy'; } } } else { $upload_mode = 'ftp'; } // Ok, upload the Attachment if (!$error) { $this->move_uploaded_attachment($upload_mode, $file); } } // Now, check filesize parameters if (!$error) { if ($upload_mode != 'ftp' && !$this->filesize) { $this->filesize = intval(@filesize($upload_dir . '/' . $this->attach_filename)); } } // Check Image Size, if it's an image if (!$error && $userdata['user_level'] != ADMIN && $cat_id == IMAGE_CAT) { list($width, $height) = image_getdimension($upload_dir . '/' . $this->attach_filename); if ($width != 0 && $height != 0 && intval($attach_config['img_max_width']) != 0 && intval($attach_config['img_max_height']) != 0) { if ($width > intval($attach_config['img_max_width']) || $height > intval($attach_config['img_max_height'])) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Error_imagesize'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height'])); } } } // check Filesize if (!$error && $allowed_filesize != 0 && $this->filesize > $allowed_filesize && $userdata['user_level'] != ADMIN) { $size_lang = $allowed_filesize >= 1048576 ? $lang['MB'] : ($allowed_filesize >= 1024 ? $lang['KB'] : $lang['Bytes']); if ($allowed_filesize >= 1048576) { $allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100; } else { if ($allowed_filesize >= 1024) { $allowed_filesize = round($allowed_filesize / 1024 * 100) / 100; } } $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Attachment_too_big'], $allowed_filesize, $size_lang); } // Check our complete quota if ($attach_config['attachment_quota']) { $sql = 'SELECT sum(filesize) as total FROM ' . ATTACHMENTS_DESC_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $total_filesize = $row['total']; if ($total_filesize + $this->filesize > $attach_config['attachment_quota']) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= $lang['Attach_quota_reached']; } } $this->get_quota_limits($userdata); // Check our user quota if ($this->page != PAGE_PRIVMSGS) { if ($attach_config['upload_filesize_limit']) { $sql = 'SELECT attach_id FROM ' . ATTACHMENTS_TABLE . ' WHERE user_id_1 = ' . (int) $userdata['user_id'] . ' AND privmsgs_id = 0 GROUP BY attach_id'; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql); } $attach_ids = $db->sql_fetchrowset($result); $num_attach_ids = $db->sql_numrows($result); $db->sql_freeresult($result); $attach_id = array(); for ($i = 0; $i < $num_attach_ids; $i++) { $attach_id[] = intval($attach_ids[$i]['attach_id']); } if ($num_attach_ids > 0) { // Now get the total filesize $sql = 'SELECT sum(filesize) as total FROM ' . ATTACHMENTS_DESC_TABLE . ' WHERE attach_id IN (' . implode(', ', $attach_id) . ')'; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $total_filesize = $row['total']; } else { $total_filesize = 0; } if ($total_filesize + $this->filesize > $attach_config['upload_filesize_limit']) { $upload_filesize_limit = $attach_config['upload_filesize_limit']; $size_lang = $upload_filesize_limit >= 1048576 ? $lang['MB'] : ($upload_filesize_limit >= 1024 ? $lang['KB'] : $lang['Bytes']); if ($upload_filesize_limit >= 1048576) { $upload_filesize_limit = round($upload_filesize_limit / 1048576 * 100) / 100; } else { if ($upload_filesize_limit >= 1024) { $upload_filesize_limit = round($upload_filesize_limit / 1024 * 100) / 100; } } $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['User_upload_quota_reached'], $upload_filesize_limit, $size_lang); } } } // If we are at Private Messaging, check our PM Quota if ($this->page == PAGE_PRIVMSGS) { if ($attach_config['pm_filesize_limit']) { $total_filesize = get_total_attach_pm_filesize('from_user', $userdata['user_id']); if ($total_filesize + $this->filesize > $attach_config['pm_filesize_limit']) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= $lang['Attach_quota_sender_pm_reached']; } } $to_user = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; // Check Receivers PM Quota if (!empty($to_user) && $userdata['user_level'] != ADMIN) { $u_data = get_userdata($to_user, true); $user_id = (int) $u_data['user_id']; $this->get_quota_limits($u_data, $user_id); if ($attach_config['pm_filesize_limit']) { $total_filesize = get_total_attach_pm_filesize('to_user', $user_id); if ($total_filesize + $this->filesize > $attach_config['pm_filesize_limit']) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Attach_quota_receiver_pm_reached'], $to_user); } } } } if ($error) { unlink_attach($this->attach_filename); unlink_attach($this->attach_filename, MODE_THUMBNAIL); $this->post_attach = FALSE; } } }
function display_attach_box_limits() { global $folder, $attach_config, $ft_cfg, $template, $lang, $userdata; if (!$attach_config['allow_pm_attach'] && $userdata['user_level'] != ADMIN) { return; } $this->get_quota_limits($userdata); $pm_filesize_limit = !$attach_config['pm_filesize_limit'] ? $attach_config['attachment_quota'] : $attach_config['pm_filesize_limit']; $pm_filesize_total = get_total_attach_pm_filesize('to_user', $userdata['user_id']); $attach_limit_pct = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * 100) : 0; $attach_limit_img_length = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * $ft_cfg['privmsg_graphic_length']) : 0; if ($attach_limit_pct > 100) { $attach_limit_img_length = $ft_cfg['privmsg_graphic_length']; } $attach_limit_remain = $pm_filesize_limit > 0 ? $pm_filesize_limit - $pm_filesize_total : 100; $l_box_size_status = sprintf($lang['Attachbox_limit'], $attach_limit_pct); $template->assign_vars(array('ATTACHBOX_LIMIT_IMG_WIDTH' => $attach_limit_img_length, 'ATTACHBOX_LIMIT_PERCENT' => $attach_limit_pct, 'ATTACH_BOX_SIZE_STATUS' => $l_box_size_status)); }
/** * Display the Attach Limit Box (move it to displaying.php ?) */ function display_attach_box_limits() { global $folder, $attach_config, $board_config, $template, $lang, $userdata, $db; // Begin PNphpBB2 Module global $phpbb_theme; // End PNphpBB2 Module if (!$attach_config['allow_pm_attach'] && $userdata['user_level'] != ADMIN) { return; } $this->get_quota_limits($userdata); $pm_filesize_limit = !$attach_config['pm_filesize_limit'] ? $attach_config['attachment_quota'] : $attach_config['pm_filesize_limit']; $pm_filesize_total = get_total_attach_pm_filesize('to_user', (int) $userdata['user_id']); $attach_limit_pct = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * 100) : 0; $attach_limit_img_length = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * $board_config['privmsg_graphic_length']) : 0; if ($attach_limit_pct > 100) { $attach_limit_img_length = $board_config['privmsg_graphic_length']; } $attach_limit_remain = $pm_filesize_limit > 0 ? $pm_filesize_limit - $pm_filesize_total : 100; $l_box_size_status = sprintf($lang['Attachbox_limit'], $attach_limit_pct); // Begin PNphpBB2 Module $template->set_filenames(array('attachsize' => 'privmsgs_attach_size_box.tpl')); display_compile_cache_clear($template->files['attachsize'], 'attachsize'); // End PNphpBB2 Module $template->assign_vars(array('ATTACHBOX_LIMIT_IMG_WIDTH' => $attach_limit_img_length, 'ATTACHBOX_LIMIT_PERCENT' => $attach_limit_pct, 'ATTACH_BOX_SIZE_STATUS' => $l_box_size_status, 'T_TD_COLOR2' => '#' . $phpbb_theme['td_color2'])); // Begin PNphpBB2 Module $template->assign_var_from_handle('PM_ATTACH_LIMIT', 'attachsize'); // End PNphpBB2 Module }
function upload_attachment() { global $HTTP_POST_FILES, $db, $HTTP_POST_VARS, $error, $error_msg, $lang, $attach_config, $userdata, $upload_dir, $forum_id; $this->post_attach = $this->filename != '' ? TRUE : FALSE; if ($this->post_attach) { $r_file = trim($this->filename); $file = $HTTP_POST_FILES['fileupload']['tmp_name']; $this->type = $HTTP_POST_FILES['fileupload']['type']; // Opera add the name to the mime type $this->type = strstr($this->type, '; name') ? str_replace(strstr($this->type, '; name'), '', $this->type) : $this->type; $this->extension = get_extension($this->filename); $this->filesize = @filesize($file); $this->filesize = intval($this->filesize); $sql = "SELECT g.allow_group, g.max_filesize, g.cat_id, g.forum_permissions\n FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e\n WHERE (g.group_id = e.group_id) AND (e.extension = '" . $this->extension . "')\n LIMIT 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query Extensions.', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $allowed_filesize = intval($row['max_filesize']) != 0 ? intval($row['max_filesize']) : intval($attach_config['max_filesize']); $cat_id = intval($row['cat_id']); $auth_cache = trim($row['forum_permissions']); // // check Filename // if (preg_match("/[\\/:*?\"<>|]/i", $this->filename)) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Invalid_filename'], $this->filename); } // // check php upload-size // if (!$error && $file == 'none') { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $ini_val = phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var'; $max_size = @$ini_val('upload_max_filesize'); if ($max_size == '') { $error_msg .= $lang['Attachment_php_size_na']; } else { $error_msg .= sprintf($lang['Attachment_php_size_overrun'], $max_size); } } // // Check Extension // if (!$error && intval($row['allow_group']) == 0) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Disallowed_extension'], $this->extension); } // // Check Forum Permissions // if (!$error && $this->page != PAGE_PRIVMSGS && $userdata['user_level'] != ADMIN && (!is_forum_authed($auth_cache, $forum_id) && trim($auth_cache) != '')) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Disallowed_extension_within_forum'], $this->extension); } // // Check Image Size, if it's an image // if (!$error && $userdata['user_level'] != ADMIN && $cat_id == IMAGE_CAT) { list($width, $height) = image_getdimension($file); if ($width != 0 && $height != 0 && intval($attach_config['img_max_width']) != 0 && intval($attach_config['img_max_height']) != 0) { if ($width > intval($attach_config['img_max_width']) || $height > intval($attach_config['img_max_height'])) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Error_imagesize'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height'])); } } } // // check Filesize // if (!$error && $allowed_filesize != 0 && $this->filesize > $allowed_filesize && $userdata['user_level'] != ADMIN) { $size_lang = $allowed_filesize >= 1048576 ? $lang['MB'] : ($allowed_filesize >= 1024 ? $lang['KB'] : $lang['Bytes']); if ($allowed_filesize >= 1048576) { $allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100; } else { if ($allowed_filesize >= 1024) { $allowed_filesize = round($allowed_filesize / 1024 * 100) / 100; } } $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Attachment_too_big'], $allowed_filesize, $size_lang); } // // Check our complete quota // if (intval($attach_config['attachment_quota']) != 0) { $sql = 'SELECT sum(filesize) as total FROM ' . ATTACHMENTS_DESC_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $total_filesize = $row['total']; if ($total_filesize + $this->filesize > intval($attach_config['attachment_quota'])) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= $lang['Attach_quota_reached']; } } $this->get_quota_limits($userdata); // // Check our user quota // if ($this->page != PAGE_PRIVMSGS) { if (intval($attach_config['upload_filesize_limit']) != 0) { $sql = "SELECT attach_id\n FROM " . ATTACHMENTS_TABLE . "\n WHERE (user_id_1 = " . $userdata['user_id'] . ") AND (privmsgs_id = 0)\n GROUP BY attach_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql); } $attach_ids = $db->sql_fetchrowset($result); $num_attach_ids = $db->sql_numrows($result); $attach_id = array(); for ($i = 0; $i < $num_attach_ids; $i++) { $attach_id[] = intval($attach_ids[$i]['attach_id']); } if ($num_attach_ids > 0) { // // Now get the total filesize // $sql = "SELECT sum(filesize) as total\n FROM " . ATTACHMENTS_DESC_TABLE . "\n WHERE attach_id IN (" . implode(', ', $attach_id) . ")"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $total_filesize = $row['total']; } else { $total_filesize = 0; } if ($total_filesize + $this->filesize > intval($attach_config['upload_filesize_limit'])) { $upload_filesize_limit = intval($attach_config['upload_filesize_limit']); $size_lang = $upload_filesize_limit >= 1048576 ? $lang['MB'] : ($upload_filesize_limit >= 1024 ? $lang['KB'] : $lang['Bytes']); if ($upload_filesize_limit >= 1048576) { $upload_filesize_limit = round($upload_filesize_limit / 1048576 * 100) / 100; } else { if ($upload_filesize_limit >= 1024) { $upload_filesize_limit = round($upload_filesize_limit / 1024 * 100) / 100; } } $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['User_upload_quota_reached'], $upload_filesize_limit, $size_lang); } } } // // If we are at Private Messaging, check our PM Quota // if ($this->page == PAGE_PRIVMSGS) { $to_user = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; if (intval($attach_config['pm_filesize_limit']) != 0) { $total_filesize = get_total_attach_pm_filesize('from_user', $userdata['user_id']); if ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= $lang['Attach_quota_sender_pm_reached']; } } // // Check Receivers PM Quota // if (!empty($to_user) && $userdata['user_level'] != ADMIN) { $sql = "SELECT user_id\n FROM " . USERS_TABLE . "\n WHERE username = '******'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query userdata', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $user_id = intval($row['user_id']); $u_data = get_userdata($user_id); $this->get_quota_limits($u_data, $user_id); if (intval($attach_config['pm_filesize_limit']) != 0) { $total_filesize = get_total_attach_pm_filesize('to_user', $user_id); if ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) { $error = TRUE; if (!empty($error_msg)) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Attach_quota_receiver_pm_reached'], $to_user); } } } } $this->thumbnail = 0; if (!$error) { // // Prepare Values // $this->filetime = time(); $this->filename = stripslashes($r_file); $this->attach_filename = strtolower($this->filename); // To re-add cryptic filenames, change this variable to true $cryptic = false; if (!$cryptic) { $this->attach_filename = str_replace(' ', '_', $this->attach_filename); $this->attach_filename = rawurlencode($this->attach_filename); $this->attach_filename = preg_replace("/%(\\w{2})/", "_", $this->attach_filename); if (physical_filename_already_stored($this->attach_filename)) { $this->attach_filename = delete_extension($this->attach_filename); $this->attach_filename = $this->attach_filename . '_' . substr(rand(), 0, 3) . '.' . $this->extension; } } else { $u_id = intval($userdata['user_id']) == ANONYMOUS ? 0 : intval($userdata['user_id']); $this->attach_filename = $u_id . '_' . $this->filetime . '.' . $this->extension; } $this->filename = str_replace("'", "\\'", $this->filename); // // Do we have to create a thumbnail ? // if ($cat_id == IMAGE_CAT && intval($attach_config['img_create_thumbnail'])) { $this->thumbnail = 1; } } // // Upload Attachment // if (!$error) { if (!intval($attach_config['allow_ftp_upload'])) { // // Descide the Upload method // $ini_val = phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var'; $safe_mode = @$ini_val('safe_mode'); if (@$ini_val('open_basedir')) { if (@phpversion() < '4.0.3') { $upload_mode = 'copy'; } else { $upload_mode = 'move'; } } else { if (@$ini_val('safe_mode')) { $upload_mode = 'move'; } else { $upload_mode = 'copy'; } } } else { $upload_mode = 'ftp'; } // // Ok, upload the Attachment // if (!$error) { $this->move_uploaded_attachment($upload_mode, $file); } } if ($error) { $this->post_attach = FALSE; } } }
/** * Display the Attach Limit Box (move it to displaying.php ?) */ function display_attach_box_limits() { global $folder, $config, $template, $user, $lang, $db; if (!$config['allow_pm_attach'] && $user->data['user_level'] != ADMIN) { return; } $this->get_quota_limits($user->data); $pm_filesize_limit = !$config['pm_filesize_limit'] ? $config['attachment_quota'] : $config['pm_filesize_limit']; $pm_filesize_total = get_total_attach_pm_filesize('to_user', (int) $user->data['user_id']); $attach_limit_pct = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * 100) : 0; $attach_limit_img_length = $pm_filesize_limit > 0 ? round($pm_filesize_total / $pm_filesize_limit * $config['privmsg_graphic_length']) : 0; if ($attach_limit_pct > 100) { $attach_limit_img_length = $config['privmsg_graphic_length']; } $attach_limit_remain = $pm_filesize_limit > 0 ? $pm_filesize_limit - $pm_filesize_total : 100; if ($attach_limit_pct <= 30) { $bar_colour = 'green'; } elseif ($attach_limit_pct > 30 && $attach_limit_pct <= 70) { $bar_colour = 'blue'; } elseif ($attach_limit_pct > 70) { $bar_colour = 'red'; } $l_box_size_status = sprintf($lang['Attachbox_limit'], $attach_limit_pct); $template->assign_vars(array('ATTACHBOX_LIMIT_IMG_WIDTH' => $attach_limit_img_length, 'ATTACHBOX_LIMIT_PERCENT' => $attach_limit_pct, 'BAR_COLOR2' => $bar_colour, 'ATTACH_BOX_SIZE_STATUS' => $l_box_size_status)); }