/** * Browser detection * returns whether or not the visiting browser is the one specified [part of kleeja style system] * i.e. is_browser('ie6') -> true or false * i.e. is_browser('ie, opera') -> true or false */ function is_browser($b) { //is there , which mean -OR- if (strpos($b, ',') !== false) { $e = explode(',', $b); foreach ($e as $n) { if (is_browser(trim($n))) { return true; } } return false; } //if no agent, let's take the worst case $u_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars((string) strtolower($_SERVER['HTTP_USER_AGENT'])) : (function_exists('getenv') ? getenv('HTTP_USER_AGENT') : ''); $t = trim(preg_replace('/[0-9.]/', '', $b)); $r = trim(preg_replace('/[a-z]/', '', $b)); $return = false; switch ($t) { case 'ie': $return = strpos($u_agent, trim('msie ' . $r)) !== false ? true : false; break; case 'firefox': $return = strpos(str_replace('/', ' ', $u_agent), trim('firefox ' . $r)) !== false ? true : false; break; case 'safari': $return = strpos($u_agent, trim('safari/' . $r)) !== false ? true : false; break; case 'chrome': $return = strpos($u_agent, trim('chrome ' . $r)) !== false ? true : false; break; case 'flock': $return = strpos($u_agent, trim('flock ' . $r)) !== false ? true : false; break; case 'opera': $return = strpos($u_agent, trim('opera ' . $r)) !== false ? true : false; break; case 'konqueror': $return = strpos($u_agent, trim('konqueror/' . $r)) !== false ? true : false; break; case 'mozilla': $return = strpos($u_agent, trim('gecko/' . $r)) !== false ? true : false; break; case 'webkit': $return = strpos($u_agent, trim('applewebkit/' . $r)) !== false ? true : false; break; /** * Mobile Phones are so popular those days, so we have to support them ... * This is still in our test lab. * @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones **/ /** * Mobile Phones are so popular those days, so we have to support them ... * This is still in our test lab. * @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones **/ case 'mobile': $mobile_agents = array('iPhone;', 'iPod;', 'iPad;', 'BlackBerry', 'Android', 'HTC', 'IEMobile', 'LG/', 'LG-', 'LGE-', 'MOT-', 'Nokia', 'SymbianOS', 'nokia_', 'PalmSource', 'webOS', 'SAMSUNG-', 'SEC-SGHU', 'SonyEricsson'); $return = false; foreach ($mobile_agents as $agent) { if (strpos($u_agent, $agent) !== false) { $return = true; break; } } break; } ($hook = kleeja_run_hook('is_browser_func')) ? eval($hook) : null; //run hook return $return; }
if ($config['siteclose'] == '1' && !user_can('enter_acp') && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { //if download, images ? if (defined('IN_DOWNLOAD') && (isset($_GET['img']) || isset($_GET['thmb']) || isset($_GET['thmbf']) || isset($_GET['imgf']))) { @$SQL->close(); $fullname = "images/site_closed.jpg"; $filesize = filesize($fullname); header("Content-length: {$filesize}"); header("Content-type: image/jpg"); readfile($fullname); exit; } // Send a 503 HTTP response code to prevent search bots from indexing the maintenace message header('HTTP/1.1 503 Service Temporarily Unavailable'); kleeja_info($config['closemsg'], $lang['SITE_CLOSED']); } //exceed total size if ($stat_sizes >= $config['total_size'] * 1048576 && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { // Send a 503 HTTP response code to prevent search bots from indexing the maintenace message header('HTTP/1.1 503 Service Temporarily Unavailable'); kleeja_info($lang['SIZES_EXCCEDED'], $lang['STOP_FOR_SIZE']); } kleeja_detecting_bots(); //check for page numbr if (empty($perpage) || intval($perpage) == 0) { $perpage = 14; } //captch file $captcha_file_path = $config['siteurl'] . 'ucp.php?go=captcha'; ($hook = kleeja_run_hook('end_common')) ? eval($hook) : null; //run hook #<-- EOF
function kleeja_check_user() { global $config, $SQL, $dbprefix, $userinfo; ($hook = kleeja_run_hook('kleeja_check_user_func_usr_class')) ? eval($hook) : null; //run hook #to make sure $userinfo = array('id' => -1, 'group_id' => 2); //if login up if ($this->kleeja_get_cookie('ulogu')) { $user_data = false; list($user_id, $hashed_password, $expire_at, $hashed_expire, $group_id, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2)); //if not expire if ($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at) && $expire_at > time()) { /* For better performance we will take the risks */ /* !defined('IN_DOWNLOAD') */ //exit(print_r( @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2)))); if (user_can('enter_acp', $group_id)) { $user_data = $this->data($user_id, $hashed_password, true, $expire_at); } else { if (!empty($u_info)) { $userinfo = unserialize(kleeja_base64_decode($u_info)); $userinfo['group_id'] = $group_id; $userinfo['password'] = $hashed_password; define('USER_ID', $userinfo['id']); define('GROUP_ID', $userinfo['group_id']); define('USER_NAME', $userinfo['name']); define('USER_MAIL', $userinfo['mail']); define('LAST_VISIT', $userinfo['last_visit']); $user_data = true; } } } if ($user_data == false) { $this->logout(); } else { return $user_data; } } else { #guest define('USER_ID', $userinfo['id']); define('GROUP_ID', $userinfo['group_id']); } return false; //nothing }
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_cp1256, $script_srv, $script_db, $script_user, $script_pass, $script_prefix, $script_db_charset; if (isset($script_path)) { //check for last slash if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get some useful data from vb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { require_once PATH . $script_path . SCRIPT_CONFIG_PATH; // //get config from config file // $forum_srv = $config['MasterServer']['servername']; $forum_db = $config['Database']['dbname']; $forum_user = $config['MasterServer']['username']; $forum_pass = $config['MasterServer']['password']; $forum_prefix = $config['Database']['tableprefix']; if ($config['MasterServer']['port'] != 3306) { $forum_srv .= ':' . $config['MasterServer']['port']; } //some people change their db charset if (isset($config['Mysqli']['charset'])) { $forum_db_charset = $config['Mysqli']['charset']; } } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'Vbulletin')); } } else { // //custom config data // $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; //some people change their db charset if (isset($script_db_charset)) { $forum_db_charset = $script_db_charset; } } if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } $SQLVB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); if (isset($forum_db_charset)) { //config $SQLVB->set_names($forum_db_charset); } else { $SQLVB->set_names('latin1'); } unset($forum_pass); // We do not need this any longer $pass = empty($script_cp1256) || !$script_cp1256 ? $pass : $usrcp->kleeja_utf8($pass, false); $name = empty($script_cp1256) || !$script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false); $query_salt = array('SELECT' => $hashed ? '*' : 'salt', 'FROM' => "`{$forum_prefix}user`"); $query_salt['WHERE'] = $hashed ? "userid=" . intval($name) . " AND password='******' AND usergroupid != '8'" : "username='******' AND usergroupid != '8'"; //if return only name let's ignore the obove if ($return_name) { $query_salt['SELECT'] = "username"; $query_salt['WHERE'] = "userid=" . intval($name); } ($hook = kleeja_run_hook('qr_select_usrdata_vb_usr_class')) ? eval($hook) : null; //run hook $result_salt = $SQLVB->build($query_salt); if ($SQLVB->num_rows($result_salt) > 0) { while ($row1 = $SQLVB->fetch_array($result_salt)) { if ($return_name) { return empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username']); } if (!$hashed) { $pass = md5(md5($pass) . $row1['salt']); // without normal md5 $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}user`", 'WHERE' => "username='******' AND password='******' AND usergroupid != '8'"); $result = $SQLVB->build($query); if ($SQLVB->num_rows($result) != 0) { while ($row = $SQLVB->fetch_array($result)) { if (!$loginadm) { define('USER_ID', $row['userid']); define('GROUP_ID', $row['usergroupid'] == 6 ? 1 : 3); define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row['username'] : $usrcp->kleeja_utf8($row['username'])); define('USER_MAIL', $row['email']); define('USER_ADMIN', $row['usergroupid'] == 6 ? 1 : 0); } //define('LAST_VISIT',$row['last_visit']); $userinfo = $row; $userinfo['group_id'] = $row['usergroupid'] == 6 ? 1 : 3; $user_y = kleeja_base64_encode(serialize(array('id' => $row['userid'], 'name' => USER_NAME, 'mail' => $row['email'], 'last_visit' => time()))); $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire); if (!$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['userid'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . ($row['usergroupid'] == 6 ? 1 : 3) . '|' . $user_y), $expire); } ($hook = kleeja_run_hook('qr_while_usrdata_vb_usr_class')) ? eval($hook) : null; //run hook } $SQLVB->freeresult($result); } else { $SQLVB->close(); return false; } } else { if (!$loginadm) { define('USER_ID', $row1['userid']); define('USER_NAME', empty($script_cp1256) || !$script_cp1256 ? $row1['username'] : $usrcp->kleeja_utf8($row1['username'])); define('USER_MAIL', $row1['email']); define('USER_ADMIN', $row1['usergroupid'] == 6 ? 1 : 0); define('GROUP_ID', $row1['usergroupid'] == 6 ? 1 : 3); $userinfo = $row1; $userinfo['group_id'] = $row1['usergroupid'] == 6 ? 1 : 3; } } } #whil1 $SQLVB->freeresult($result_salt); unset($pass); $SQLVB->close(); return true; } else { $SQLVB->close(); return false; } }
function kleeja_check_captcha() { $return = false; if (!empty($_SESSION['klj_sec_code']) && !empty($_POST['kleeja_code_answer'])) { if ($_SESSION['klj_sec_code'] == $_POST['kleeja_code_answer']) { $_SESSION['klj_sec_code'] = ''; $return = true; } } ($hook = kleeja_run_hook('kleeja_check_captcha_func')) ? eval($hook) : null; //run hook return $return; }
function kleeja_check_user() { global $config, $SQL, $dbprefix; ($hook = kleeja_run_hook('kleeja_check_user_func_usr_class')) ? eval($hook) : null; //run hook //if login up if ($this->kleeja_get_cookie('ulogu')) { $user_data = false; list($user_id, $hashed_password, $expire_at, $hashed_expire, $adm_or_not, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2)); //if not expire if ($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at) && $expire_at > time()) { /* For better performance we will take the risks */ /* !defined('IN_DOWNLOAD') */ if ((int) $adm_or_not == 1) { $user_data = $this->data($user_id, $hashed_password, true, $expire_at); } else { if (!empty($u_info)) { $uu_info = unserialize(kleeja_base64_decode($u_info)); define('USER_ID', $uu_info['id']); define('USER_NAME', $uu_info['name']); define('USER_MAIL', $uu_info['mail']); define('USER_ADMIN', '0'); define('LAST_VISIT', $uu_info['last_visit']); $user_data = true; } } } if ($user_data == false) { $this->logout(); } else { return $user_data; } } return false; //nothing }
/** * get the *right* now number of the given stat fro stats table */ function get_actual_stats($name) { global $dbprefix, $SQL; $query = array('SELECT' => 's.' . $name, 'FROM' => "{$dbprefix}stats s"); $result = $SQL->build($query); $v = $SQL->fetch($result); ($hook = kleeja_run_hook('get_actual_stats_func')) ? eval($hook) : null; //run hook $SQL->freeresult($result); return $v[$name]; }
/** * Show error of a critical problem * * @param string $error_title Title of the error page * @param string $msg_text Text of the error message * @param bool $error [optional] if false, error will be shown as inforamtion message * @return viod */ function big_error($error_title, $msg_text, $error = true) { global $SQL, $plugin; ($hook = kleeja_run_hook('big_error_func')) ? eval($hook) : null; //run hook echo '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">' . "\n"; echo '<head>' . "\n"; echo '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />' . "\n"; echo '<title>' . htmlspecialchars($error_title) . '</title>' . "\n"; echo '<style type="text/css">' . "\n\t"; echo '* { margin: 0; padding: 0; }' . "\n\t"; echo '.error {color: #333;background:#ffebe8;float:left;width:73%;text-align:left;margin-top:10px;border: 1px solid #dd3c10;} .info {color: #333;background:#fff9d7;border: 1px solid #e2c822;}' . "\n\t"; echo '.error,.info {padding: 10px;font-family:"lucida grande", tahoma, verdana, arial, sans-serif;font-size: 12px;}' . "\n"; echo '</style>' . "\n"; echo '</head>' . "\n"; echo '<body>' . "\n\t"; echo '<div class="' . ($error ? 'error' : 'info') . '">' . "\n"; echo "\n\t\t<h2>Kleeja " . ($error ? 'error' : 'information message') . " : </h2><br />" . "\n"; echo "\n\t\t<strong> [ " . $error_title . ' ] </strong><br /><br />' . "\n\t\t" . $msg_text . "\n\t"; echo "\n\t\t" . '<br /><br /><small>Visit <a href="http://www.kleeja.com/" title="kleeja">Kleeja</a> Website for more details.</small>' . "\n\t"; echo '</div>' . "\n"; echo '</body>' . "\n"; echo '</html>'; #at end, close sql connections & etc garbage_collection(); exit; }
/** * Insert the file data to the database */ public function add_to_database($filname, $folder, $size, $ext, $real_filename = '', $delete_code = '') { global $SQL, $dbprefix, $config, $lang, $user; $is_img = in_array($ext, array('png', 'gif', 'jpg', 'jpeg')) ? true : false; $query = array('INSERT' => 'name, size, time, folder, type, user, code_del, user_ip, real_filename, id_form', 'INTO' => "{$dbprefix}files", 'VALUES' => "'" . $SQL->escape($filname) . "', " . intval($size) . ", " . time() . ", '" . $SQL->escape($folder) . "'," . "'" . $SQL->escape($ext) . "', " . intval($user->data['id']) . ", '" . $SQL->escape($delete_code) . "', '" . $SQL->escape($user->data['ip']) . "'," . "'" . $SQL->escape($real_filename) . "', '" . $SQL->escape($config['id_form']) . "'"); ($hook = kleeja_run_hook('add_to_database_qr_uploading_cls')) ? eval($hook) : null; //run hook # do the query $SQL->build($query); # inset id so it can be used in url like in do.php?id={id_for_url} $insert_id = $SQL->id(); #failed if (!$insert_id) { return false; } # update Kleeja stats $update_query = array('UPDATE' => "{$dbprefix}stats", 'SET' => ($is_img ? "imgs=imgs+1" : "files=files+1") . ",sizes=sizes+" . $size . ""); ($hook = kleeja_run_hook('add_to_database_qr2_uploading_cls')) ? eval($hook) : null; //run hook $SQL->build($update_query); return $insert_id; }
} } } } } foreach ($types as $typekey => $type) { $options .= $type; foreach ($optionss as $key => $option) { if ($option['type'] == $typekey) { $options .= $option['option']; } } } //after submit if (isset($_POST['submit'])) { ($hook = kleeja_run_hook('after_submit_adm_config')) ? eval($hook) : null; //run hook //empty .. /* if (empty($_POST['sitename']) || empty($_POST['siteurl']) || empty($_POST['foldername']) || empty($_POST['filesnum'])) { $text = $lang['EMPTY_FIELDS']; $stylee = "admin_err"; } elseif (!is_numeric($_POST['filesnum']) || !is_numeric($_POST['sec_down'])) { $text = $lang['NUMFIELD_S']; $stylee = "admin_err"; } else {
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix; //check for last slash / if (isset($script_path)) { if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get some useful data from phbb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { include PATH . $script_path . SCRIPT_CONFIG_PATH; $forum_srv = $dbhost; $forum_db = $dbname; $forum_user = $dbuser; $forum_pass = $dbpasswd; $forum_prefix = $table_prefix; if (empty($dbhost)) { $forum_srv = 'localhost'; } if (!empty($dbport)) { $forum_srv .= ':' . $dbport; } } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'phpBB3')); } } else { $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; } //if no variables of db if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } //conecting ... $SQLBB = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); $SQLBB->set_names('utf8'); unset($forum_pass); // We do not need this any longer //get utf tools global $phpbb_root_path, $phpEx; $phpbb_root_path = PATH . $script_path . '/'; $phpEx = 'php'; define('IN_PHPBB', true); include_once PATH . $script_path . '/includes/utf/utf_tools.' . $phpEx; $row_leve = 'user_type'; $admin_level = 3; $query2 = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}users`"); $query2['WHERE'] = $hashed ? "user_id=" . intval($name) . " AND user_password='******' " : "username_clean='" . $SQLBB->real_escape(utf8_clean_string($name)) . "'"; if ($return_name) { $query2['SELECT'] = "username"; $query2['WHERE'] = "user_id=" . intval($name); } $query = ''; if (!$hashed) { $result2 = $SQLBB->build($query2); while ($row = $SQLBB->fetch_array($result2)) { $SQLBB->freeresult($result2); if ($return_name) { return $row['username']; } else { if (phpbb_check_hash($pass, $row['user_password'])) { $query = $query2; } } } } else { $query = $query2; } if (empty($query)) { $SQLBB->close(); return false; } ($hook = kleeja_run_hook('qr_select_usrdata_phpbb_usr_class')) ? eval($hook) : null; //run hook $result = $SQLBB->build($query); if ($SQLBB->num_rows($result) != 0) { while ($row = $SQLBB->fetch_array($result)) { if ($SQLBB->num_rows($SQLBB->query("SELECT ban_userid FROM `{$forum_prefix}banlist` WHERE ban_userid=" . intval($row['user_id']))) == 0) { if (!$loginadm) { define('USER_ID', $row['user_id']); define('GROUP_ID', $row[$row_leve] == $admin_level ? '1' : '3'); define('USER_NAME', $row['username']); define('USER_MAIL', $row['user_email']); if ($row[$row_leve] == $admin_level) { define('USER_ADMIN', true); } } $userinfo = $row; $userinfo['group_id'] = $row[$row_leve] == $admin_level ? '1' : '3'; $user_y = kleeja_base64_encode(serialize(array('id' => $row['user_id'], 'name' => $row['username'], 'mail' => $row['user_email'], 'last_visit' => time()))); if (!$hashed && !$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['user_id'] . '|' . $row['user_password'] . '|' . $expire . '|' . sha1(md5($config['h_key'] . $row['user_password']) . $expire) . '|' . ($row[$row_leve] == $admin_level ? '1' : '3') . '|' . $user_y), $expire); } ($hook = kleeja_run_hook('qr_while_usrdata_phpbb_usr_class')) ? eval($hook) : null; //run hook } else { //he is banned from phpBB $SQLBB->freeresult($result); unset($pass); $SQLBB->close(); return false; } } $SQLBB->freeresult($result); unset($pass); $SQLBB->close(); return true; } else { $SQLBB->freeresult($result); $SQLBB->close(); return false; } //dont know why they come here ! return false; }
unset($newpass); } } ($hook = kleeja_run_hook('end_get_pass')) ? eval($hook) : null; //run hook break; // //add your own code here // // //add your own code here // default: ($hook = kleeja_run_hook('default_usrcp_page')) ? eval($hook) : null; //run hook kleeja_err($lang['ERROR_NAVIGATATION']); break; } #end switch ($hook = kleeja_run_hook('end_usrcp_page')) ? eval($hook) : null; //run hook // //show style ... // $titlee = empty($titlee) ? $lang['USERS_SYSTEM'] : $titlee; $stylee = empty($stylee) ? 'info' : $stylee; //header Saaheader($titlee); echo $tpl->display($stylee); //footer Saafooter();
function kleeja_auth_login($name, $pass, $hashed = false, $expire, $loginadm = false, $return_name = false) { global $lang, $config, $usrcp, $userinfo; global $script_path, $script_encoding, $script_srv, $script_db, $script_user, $script_pass, $script_prefix; if (isset($script_path)) { //check for last slash / if (isset($script_path[strlen($script_path)]) && $script_path[strlen($script_path)] == '/') { $script_path = substr($script_path, 0, strlen($script_path)); } //get database data from mysmartbb config file if (file_exists(PATH . $script_path . SCRIPT_CONFIG_PATH)) { require_once PATH . $script_path . SCRIPT_CONFIG_PATH; $forum_srv = $config['db']['server']; $forum_db = $config['db']['name']; $forum_user = $config['db']['username']; $forum_pass = $config['db']['password']; $forum_prefix = $config['db']['prefix']; } else { big_error('Forum path is not correct', sprintf($lang['SCRIPT_AUTH_PATH_WRONG'], 'MySmartBB')); } } else { $forum_srv = $script_srv; $forum_db = $script_db; $forum_user = $script_user; $forum_pass = $script_pass; $forum_prefix = $script_prefix; } if (empty($forum_srv) || empty($forum_user) || empty($forum_db)) { return; } $SQLMS = new SSQL($forum_srv, $forum_user, $forum_pass, $forum_db, true); $SQLVB->set_names('latin1'); $pass = $usrcp->kleeja_utf8($pass, false); $name = $usrcp->kleeja_utf8($name, false); $query = array('SELECT' => '*', 'FROM' => "`{$forum_prefix}member`"); $query['WHERE'] = $hashed ? "id=" . intval($name) . " AND password='******'" : "username='******' AND password='******'"; //if return only name let's ignore the obove if ($return_name) { $query_salt['SELECT'] = "username"; $query_salt['WHERE'] = "id=" . intval($name); } ($hook = kleeja_run_hook('qr_select_usrdata_mysbb_usr_class')) ? eval($hook) : null; //run hook $result = $SQLMS->build($query); if ($SQLMS->num_rows($result) != 0) { while ($row = $SQLMS->fetch_array($result)) { if ($return_name) { return $row['username']; } if (!$loginadm) { define('USER_ID', $row['id']); define('GROUP_ID', $row['usergroup'] == 1 ? 1 : 3); define('USER_NAME', $usrcp->kleeja_utf8($row['username'])); define('USER_MAIL', $row['email']); define('USER_ADMIN', $row['usergroup'] == 1 ? 1 : 0); } $userinfo = $row; $userinfo['group_id'] = GROUP_ID; $user_y = kleeja_base64_encode(serialize(array('id' => $row['id'], 'name' => $usrcp->kleeja_utf8($row['username']), 'mail' => $row['email'], 'last_visit' => time()))); $hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire); if (!$hashed && !$loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . GROUP_ID . '|' . $user_y), $expire); } ($hook = kleeja_run_hook('qr_while_usrdata_mysbb_usr_class')) ? eval($hook) : null; //run hook } $SQLMS->freeresult($result); unset($pass); $SQLMS->close(); return true; } else { $SQLMS->close(); return false; } }
function kleeja_check_captcha() { global $config; if ((int) $config['enable_captcha'] == 0) { return true; } $return = false; if (!empty($_SESSION['klj_sec_code']) && !empty($_POST['kleeja_code_answer'])) { if ($_SESSION['klj_sec_code'] == trim($_POST['kleeja_code_answer'])) { unset($_SESSION['klj_sec_code']); $return = true; } } ($hook = kleeja_run_hook('kleeja_check_captcha_func')) ? eval($hook) : null; //run hook return $return; }
header("Content-Range: bytes {$first}-{$last}/{$size}"); header("Content-Type: {$mime_type}"); fseek($pfile, $first); kleeja_buffere_range($pfile, $last - $first + 1, $chunksize); } } else { header("Content-Length: " . $size); header("Content-Type: {$mime_type}"); if (!$size) { while (!feof($pfile)) { echo fread($pfile, $chunksize); @ob_flush(); } } else { kleeja_buffere_range($pfile, $size, $chunksize); } } flush(); fclose($pfile); $SQL->close(); exit; // done } else { ($hook = kleeja_run_hook('err_navig_download_page')) ? eval($hook) : null; //run hook kleeja_err($lang['ERROR_NAVIGATATION']); } } ($hook = kleeja_run_hook('end_download_page')) ? eval($hook) : null; //run hook #<-- EOF
function helper_watermark($name, $ext) { ($hook = kleeja_run_hook('helper_watermark_func')) ? eval($hook) : null; //run hook #is this file really exsits ? if (!file_exists($name)) { return; } $src_logo = $logo_path = false; if (file_exists(dirname(__FILE__) . '/../../images/watermark.png')) { $logo_path = dirname(__FILE__) . '/../../images/watermark.png'; $src_logo = imagecreatefrompng($logo_path); } elseif (file_exists(dirname(__FILE__) . '/../../images/watermark.gif')) { $logo_path = dirname(__FILE__) . '/../../images/watermark.gif'; $src_logo = imagecreatefromgif($logo_path); } #no watermark pic if (!$src_logo) { return; } #if there is imagick lib, then we should use it if (function_exists('phpversion') && phpversion('imagick')) { helper_watermark_imagick($name, $ext, $logo_path); return; } #now, lets work and detect our image extension if (strpos($ext, 'jp') !== false) { $src_img = @imagecreatefromjpeg($name); } elseif (strpos($ext, 'png') !== false) { $src_img = @imagecreatefrompng($name); } elseif (strpos($ext, 'gif') !== false) { return; $src_img = @imagecreatefromgif($name); } elseif (strpos($ext, 'bmp') !== false) { if (!defined('BMP_CLASS_INCLUDED')) { include dirname(__FILE__) . '/BMP.php'; define('BMP_CLASS_INCLUDED', true); } $src_img = imagecreatefrombmp($name); } else { return; } #detect width, height for the image $bwidth = @imageSX($src_img); $bheight = @imageSY($src_img); #detect width, height for the watermark image $lwidth = @imageSX($src_logo); $lheight = @imageSY($src_logo); if ($bwidth > $lwidth + 5 && $bheight > $lheight + 5) { #where exaxtly do we have to make the watermark .. $src_x = $bwidth - ($lwidth + 5); $src_y = $bheight - ($lheight + 5); #make it now, watermark it @ImageAlphaBlending($src_img, true); @ImageCopy($src_img, $src_logo, $src_x, $src_y, 0, 0, $lwidth, $lheight); if (strpos($ext, 'jp') !== false) { @imagejpeg($src_img, $name); } elseif (strpos($ext, 'png') !== false) { @imagepng($src_img, $name); } elseif (strpos($ext, 'gif') !== false) { @imagegif($src_img, $name); } elseif (strpos($ext, 'bmp') !== false) { @imagebmp($src_img, $name); } } else { #image is not big enough to watermark it return false; } }
if (is_browser('ie6') && !is_browser('ie8, ie7')) { $ADM_NOTIFICATIONS[] = array('id' => 'IE6', 'msg_type' => 'error', 'title' => $lang['NOTE'], 'msg' => $lang['ADMIN_USING_IE6']); } //if upgrading from 1rc6 to 1.0, some files must be deleted ! if (file_exists(PATH . 'includes/adm/files.php') || file_exists(PATH . 'admin.php')) { $ADM_NOTIFICATIONS[] = array('id' => 'old_files', 'msg_type' => 'info', 'title' => $lang['NOTE'], 'msg' => $lang['ADM_UNWANTED_FILES']); } //if html url is enabled but .htaccess is not available in the root dir ! if (!file_exists(PATH . '.htaccess') && (int) $config['mod_writer'] == 1) { $ADM_NOTIFICATIONS[] = array('id' => 'htmlurlshtaccess', 'msg_type' => 'info', 'title' => $lang['NOTE'], 'msg' => $lang['HTML_URLS_ENABLED_NO_HTCC']); } //updating $v = @unserialize($config['new_version']); if (version_compare(strtolower(KLEEJA_VERSION), strtolower($v['version_number']), '<')) { $ADM_NOTIFICATIONS[] = array('id' => 'up_ver_klj', 'msg_type' => 'error', 'title' => $lang['R_CHECK_UPDATE'], 'msg' => sprintf($lang['UPDATE_NOW_S'], KLEEJA_VERSION, $v['version_number']) . '<br />' . '<a href="http://www.kleeja.com/">www.kleeja.com</a>'); ($hook = kleeja_run_hook('admin_update_now')) ? eval($hook) : null; //run hook } //check upload_max_filesize if (isset($u_exts) && isset($g_exts) && is_array($u_exts) && !is_array($g_exts)) { $u_e_s = array_values($u_exts); $g_e_s = array_values($g_exts); asort($u_e_s); asort($g_e_s); if (strpos($upload_max_filesize, 'M') !== false) { $upload_max_filesize_s = (int) trim(str_replace('M', '', $upload_max_filesize)) * 1048576; } else { if (strpos($upload_max_filesize, 'G') !== false) { $upload_max_filesize_s = (int) trim(str_replace('G', '', $upload_max_filesize)) * 1073741824; } }
/** * to prevent flooding at uploading */ function user_is_flooding($user_id = '-1') { global $SQL, $dbprefix, $config; $return = 'empty'; ($hook = kleeja_run_hook('user_is_flooding_func')) ? eval($hook) : null; //run if ($return != 'empty') { return $return; } //if the value is zero (means that the function is disabled) then return false immediately if ($user_id == '-1' && $config['guestsectoupload'] == 0 || $user_id != '-1' && $config['usersectoupload'] == 0) { return false; } //In my point of view I see 30 seconds is not bad rate to stop flooding .. //even though this minimum rate sometime isn't enough to protect Kleeja from flooding attacks $time = time() - ($user_id == '-1' ? $config['guestsectoupload'] : $config['usersectoupload']); $query = array('SELECT' => 'f.time', 'FROM' => "{$dbprefix}files f", 'WHERE' => 'f.time >= ' . $time . ' AND f.user_ip = \'' . $SQL->escape(get_ip()) . '\''); if ($SQL->num_rows($SQL->build($query))) { return true; } return false; }
#to attach kleeja version in the menu start item $assigned_klj_ver = preg_replace('!#([a-z0-9]+)!', '', KLEEJA_VERSION); //get it if (file_exists($path_adm . '/' . $go_to . '.php')) { ($hook = kleeja_run_hook("require_admin_page_begin_{$go_to}")) ? eval($hook) : null; //run hook include_once $path_adm . '/' . $go_to . '.php'; ($hook = kleeja_run_hook("require_admin_page_end_{$go_to}")) ? eval($hook) : null; //run hook } else { if (isset($_GET['_ajax_'])) { echo_ajax(888, 'Error while loading : ' . $go_to); } big_error('In Loading !', 'Error while loading : ' . $go_to); } ($hook = kleeja_run_hook('end_admin_page')) ? eval($hook) : null; //run hook //no style defined if (empty($stylee)) { $text = $lang['NO_TPL_SHOOSED']; $stylee = 'admin_info'; } $go_menu_html = ''; if (isset($go_menu)) { foreach ($go_menu as $m => $d) { $go_menu_html .= '<li class="' . ($d['current'] ? 'active' : '') . '" id="c_' . $d['goto'] . '"><a href="' . $d['link'] . '" onclick="javascript:get_kleeja_link(\'' . $d['link'] . '\', \'#content\', {\'current_id\':\'c_' . $d['goto'] . '\', \'current_class\':\'active\'' . ($d['confirm'] ? ', \'confirm\':true' : '') . '}); return false;">' . $d['name'] . '</a></li>'; } } //header if (!isset($_GET['_ajax_'])) { echo $tpl->display("admin_header");
/** * Insert the file data to database, also make other things like, * thumb, watermark and etc.. */ function saveit($filname, $folderee, $sizeee, $typeee, $real_filename = '') { global $SQL, $dbprefix, $config, $lang; #sometime cant see file after uploading.. but .. @chmod($folderee . '/' . $filname, 0644); #file data, filter them $name = (string) $SQL->escape($filname); $size = (int) $sizeee; $type = (string) strtolower($SQL->escape($typeee)); $folder = (string) $SQL->escape($folderee); $timeww = (int) time(); $user = (int) $this->id_user; $code_del = (string) md5($name . uniqid()); $ip = (string) $SQL->escape(get_ip()); $realf = (string) $SQL->escape($real_filename); $id_form = (string) $SQL->escape($config['id_form']); $is_img = in_array($type, array('png', 'gif', 'jpg', 'jpeg', 'bmp')) ? true : false; # insertion query $insert_query = array('INSERT' => 'name ,size ,time ,folder ,type,user,code_del,user_ip, real_filename, id_form', 'INTO' => "{$dbprefix}files", 'VALUES' => "'{$name}', '{$size}', '{$timeww}', '{$folder}','{$type}', '{$user}', '{$code_del}', '{$ip}', '{$realf}', '{$id_form}'"); ($hook = kleeja_run_hook('qr_insert_new_file_kljuploader')) ? eval($hook) : null; //run hook # do the query $SQL->build($insert_query); # orginal name of file to use it in the file url $this->name_for_url = $name; # inset id so it can be used in url like in do.php?id={id_for_url} $this->id_for_url = $SQL->insert_id(); # update Kleeja stats $update_query = array('UPDATE' => "{$dbprefix}stats", 'SET' => ($is_img ? "imgs=imgs+1" : "files=files+1") . ",sizes=sizes+" . $size . ""); ($hook = kleeja_run_hook('qr_update_no_files_kljuploader')) ? eval($hook) : null; //run hook $SQL->build($update_query); # inforamation of file, used for generating a url boxes $file_info = array('::ID::' => $this->id_for_url, '::NAME::' => $this->name_for_url, '::DIR::' => $folderee, '::FNAME::' => $realf); # show del code link box $extra_del = ''; if ($config['del_url_file']) { $extra_del = get_up_tpl_box('del_file_code', array('b_title' => $lang['URL_F_DEL'], 'b_code_link' => kleeja_get_link('del', array('::CODE::' => $code_del)))); } //show imgs if ($is_img) { $img_html_result = ''; # get default thumb dimensions $thmb_dim_w = $thmb_dim_h = 150; if (strpos($config['thmb_dims'], '*') !== false) { list($thmb_dim_w, $thmb_dim_h) = array_map('trim', explode('*', $config['thmb_dims'])); } # generate thumb now helper_thumb($folderee . '/' . $filname, strtolower($this->typet), $folderee . '/thumbs/' . $filname, $thmb_dim_w, $thmb_dim_h); if ($config['thumbs_imgs'] != 0 && in_array(strtolower($this->typet), array('png', 'jpg', 'jpeg', 'gif', 'bmp'))) { $img_html_result .= get_up_tpl_box('image_thumb', array('b_title' => $lang['URL_F_THMB'], 'b_url_link' => kleeja_get_link('image', $file_info), 'b_img_link' => kleeja_get_link('thumb', $file_info))); } # watermark on image if ($config['write_imgs'] != 0 && in_array(strtolower($this->typet), array('gif', 'png', 'jpg', 'jpeg', 'bmp'))) { helper_watermark($folderee . "/" . $filname, strtolower($this->typet)); } #then show, image box $img_html_result .= get_up_tpl_box('image', array('b_title' => $lang['URL_F_IMG'], 'b_bbc_title' => $lang['URL_F_BBC'], 'b_url_link' => kleeja_get_link('image', $file_info))); #add del link box to the result if there is any $img_html_result .= $extra_del; ($hook = kleeja_run_hook('saveit_func_img_res_kljuploader')) ? eval($hook) : null; //run hook $this->total++; #show success message $this->messages[] = array($lang['IMG_DOWNLAODED'] . '<br />' . $img_html_result, 'index_info'); } else { #then show other files $else_html_result = get_up_tpl_box('file', array('b_title' => $lang['URL_F_FILE'], 'b_bbc_title' => $lang['URL_F_BBC'], 'b_url_link' => kleeja_get_link('file', $file_info))); #add del link box to the result if there is any $else_html_result .= $extra_del; ($hook = kleeja_run_hook('saveit_func_else_res_kljuploader')) ? eval($hook) : null; //run hook $this->total++; #show success message $this->messages[] = array($lang['FILE_DOWNLAODED'] . '<br />' . $else_html_result, 'index_info'); } ($hook = kleeja_run_hook('saveit_func_kljuploader')) ? eval($hook) : null; //run hook # clear some variables from memory unset($filename, $folderee, $sizeee, $typeee); }
//some variables must be destroyed here unset($online_names, $timeout, $timeout2); /** * Wanna increase your onlines counter ..you can from next line * but you must know this is illegal ... */ $allnumbers = $usersnum + $visitornum; //check & update most ever users and vistors was online if (empty($config['most_user_online_ever']) || trim($config['most_user_online_ever']) == '') { $most_online = $allnumbers; $on_muoe = time(); } else { list($most_online, $on_muoe) = @explode($config['most_user_online_ever']); } if ((int) $most_online < $allnumbers || (empty($config['most_user_online_ever']) || trim($config['most_user_online_ever']) == '')) { update_config('most_user_online_ever', $allnumbers . ':' . time()); } $on_muoe = date('d-m-Y h:i a', $on_muoe); ($hook = kleeja_run_hook('if_online_index_page')) ? eval($hook) : null; //run hook } #allow_online ($hook = kleeja_run_hook('end_index_page')) ? eval($hook) : null; //run hook //header Saaheader(); //index echo $tpl->display("index_body"); //footer Saafooter(); //<-- EOF
} //there is cleaning files process now if ((int) $config['klj_clean_files_from'] > 0) { $ADM_NOTIFICATIONS[] = array('id' => 'klj_clean_files', 'msg_type' => 'info', 'title' => '', 'msg' => $lang['T_CLEANING_FILES_NOW']); } //if dev stage $sql_debug = false; if (defined('DEV_STAGE')) { $sql_debug_c = ''; if (file_exists(PATH . 'cache/kleeja_log.log')) { $sql_debug_c = file_get_contents(PATH . 'cache/kleeja_log.log'); } preg_match_all("/\\[([^\\]]+)\\]([^\\[]+)\\[time : ([^\\]]+)\\]/", $sql_debug_c, $matches, PREG_SET_ORDER); $sql_debug = array(); $r = 0; $color1 = $c = 'green'; $color2 = 'blue'; foreach ($matches as $v) { $c = $v[1] == 'Closing connection' ? $c == $color1 ? $color2 : $color1 : $c; $r++; $sql_debug[] = array('type' => $v[1], 'content' => $v[2], 'time' => $v[3], 'colored' => $c); if ($r > 50 && $v[1] == 'Connected') { break; } } unset($sql_debug_c); } //is there copyrights for translator ? $translator_copyrights = isset($lang['S_TRANSLATED_BY']) ? $lang['S_TRANSLATED_BY'] : false; ($hook = kleeja_run_hook('default_admin_page')) ? eval($hook) : null; //run hook
$cache->save('data_ban', $banss); } // //get rules data from stats table ... // if (!($ruless = $cache->get('data_rules'))) { $query = array('SELECT' => 's.rules', 'FROM' => "{$dbprefix}stats s"); ($hook = kleeja_run_hook('qr_select_rules_cache')) ? eval($hook) : null; //run hook $result = $SQL->build($query); $row = $SQL->fetch_array($result); $ruless = $row['rules']; $SQL->freeresult($result); $cache->save('data_rules', $ruless); } // //get ex-header-footer data from stats table ... // if (!($extras = $cache->get('data_extra'))) { $query = array('SELECT' => 's.ex_header, s.ex_footer', 'FROM' => "{$dbprefix}stats s"); ($hook = kleeja_run_hook('qr_select_extra_cache')) ? eval($hook) : null; //run hook $result = $SQL->build($query); $row = $SQL->fetch_array($result); $extras = array('header' => $row['ex_header'], 'footer' => $row['ex_footer']); $SQL->freeresult($result); $cache->save('data_extra', $extras); } // ummm, does this usefull here ($hook = kleeja_run_hook('in_cache_page')) ? eval($hook) : null; //run hook
#unset _ajax so page will refresh to get all the html with all new language variables unset($_GET['_ajax_']); #msg, done kleeja_admin_info($lang['CONFIGS_UPDATED'] . ', ' . $lang['LANGUAGE'] . ':' . $got_lang . ' - ' . $lang['FOR'] . ':' . $group_name, true, '', true, basename(ADMIN_PATH) . '?cp=start'); } $group_name = str_replace(array('{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'), array($lang['ADMINS'], $lang['USERS'], $lang['GUESTS']), $d_groups[$req_group]['data']['group_name']); $gdata = $d_groups[$req_group]['data']; $query = array('SELECT' => 'c.name, c.option', 'FROM' => "{$dbprefix}config c", 'WHERE' => "c.type='groups'", 'ORDER BY' => 'c.display_order ASC'); $result = $SQL->build($query); $data = array(); $cdata = $d_groups[$req_group]['configs']; $STAMP_IMG_URL = file_exists(PATH . 'images/watermark.gif') ? PATH . 'images/watermark.gif' : PATH . 'images/watermark.png'; while ($row = $SQL->fetch_array($result)) { #submit, why here ? dont ask me just accept it as it. if (isset($_POST['editdata'])) { ($hook = kleeja_run_hook('after_submit_adm_users_groupdata')) ? eval($hook) : null; //run hook $new[$row['name']] = isset($_POST[$row['name']]) ? $_POST[$row['name']] : $row['value']; $update_query = array('UPDATE' => "{$dbprefix}groups_data", 'SET' => "value='" . $SQL->escape($new[$row['name']]) . "'", 'WHERE' => "name='" . $row['name'] . "' AND group_id=" . $req_group); $SQL->build($update_query); continue; } if ($row['name'] == 'language') { //get languages if ($dh = @opendir(PATH . 'lang')) { while (($file = readdir($dh)) !== false) { if (strpos($file, '.') === false && $file != '..' && $file != '.') { $lngfiles .= '<option ' . ($d_groups[$req_group]['configs']['language'] == $file ? 'selected="selected"' : '') . ' value="' . $file . '">' . $file . '</option>' . "\n"; } } @closedir($dh);