}
else
{
$extension = strtolower(file_extension($attachmentinfo['filename']));
}
if ($vbulletin->options['attachfile'])
{
require_once(DIR . '/includes/functions_file.php');
if ($vbulletin->GPC['thumb'])
{
$attachpath = fetch_attachment_path($attachmentinfo['uploader'], $attachmentinfo['filedataid'], true);
}
else
{
$attachpath = fetch_attachment_path($attachmentinfo['uploader'], $attachmentinfo['filedataid']);
}
if ($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])
{
if (!($fp = fopen($attachpath, 'rb')))
{
exit;
}
}
else if (!($fp = @fopen($attachpath, 'rb')))
{
$filedata = base64_decode('R0lGODlhAQABAIAAAMDAwAAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==');
$filesize = strlen($filedata);
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); // always modified
$xml->close_group();
}
$xml->print_xml();
exit;
}
if ($attachmentinfo['extension']) {
$extension = strtolower($attachmentinfo['extension']);
} else {
$extension = strtolower(file_extension($attachmentinfo['filename']));
}
if ($vbulletin->options['attachfile']) {
require_once DIR . '/includes/functions_file.php';
if ($vbulletin->GPC['thumb']) {
$attachpath = fetch_attachment_path($attachmentinfo['userid'], $attachmentinfo['attachmentid'], true);
} else {
$attachpath = fetch_attachment_path($attachmentinfo['userid'], $attachmentinfo['attachmentid']);
}
if ($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) {
if (!($fp = fopen($attachpath, 'rb'))) {
exit;
}
} else {
if (!($fp = @fopen($attachpath, 'rb'))) {
$filedata = base64_decode('R0lGODlhAQABAIAAAMDAwAAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==');
$filesize = strlen($filedata);
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
// Date in the past
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
// always modified
header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
}
unset($attachdata);
$filepath = fetch_attachment_path($attachment['userid'], $attachment['filedataid']);
if (!is_readable($filepath) or @filesize($filepath) == 0) {
$vbulletin->GPC['attacherrorcount']++;
}
$vbulletin->options['attachfile'] = ATTACH_AS_DB;
} else {
// Converting FROM fs TO mysql
$path = fetch_attachment_path($attachment['userid'], $attachment['filedataid']);
$thumbnail_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], true);
$temp = $vbulletin->options['attachfile'];
$vbulletin->options['attachfile'] = ATTACH_AS_DB;
if ($filedata = @file_get_contents($path)) {
$thumbnail_filedata = @file_get_contents($thumbnail_path);
$attachdata =& datamanager_init('Filedata', $vbulletin, ERRTYPE_SILENT, 'attachment');
$attachdata->set_existing($attachment);
$attachdata->setr('filedata', $filedata);
$attachdata->setr('thumbnail', $thumbnail_filedata);
if (!($result = $attachdata->save())) {
if (empty($attachdata->errors[0])) {
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
{
if ($vbulletin->options['safeupload'])
{
$filename = $vbulletin->options['tmppath'] . '/' . md5(uniqid(microtime()) . $vbulletin->userinfo['userid']);
}
else
{
$filename = tempnam(ini_get('upload_tmp_dir'), 'vbthumb');
}
$filenum = fopen($filename, 'wb');
fwrite($filenum, $attachment['filedata']);
fclose($filenum);
}
else
{
$filename = fetch_attachment_path($attachment['userid'], $attachment['filedataid']);
}
echo construct_phrase($vbphrase['processing_x'], "$vbphrase[attachment] : $attachment[filedataid] ($attachment[extension])");
#construct_link_code($attachment['attachmentid'], "../attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid=$attachment[attachmentid]&d=$attachment[dateline]", 1);# . " ($vbphrase[post] : " .
#construct_link_code($attachment['postid'], "../showthread.php?" . $vbulletin->session->vars['sessionurl'] . "p=$attachment[postid]", 1) . " )") . ' ';
if (!is_readable($filename) OR !@filesize($filename))
{
echo '<b>' . $vbphrase['error_attachment_missing'] . '</b><br />';
continue;
}
$labelimage = ($vbulletin->options['attachthumbs'] == 3 OR $vbulletin->options['attachthumbs'] == 4);
$drawborder = ($vbulletin->options['attachthumbs'] == 2 OR $vbulletin->options['attachthumbs'] == 4);
$thumbnail = $image->fetch_thumbnail($attachment['filename'], $filename, $vbulletin->options['attachthumbssize'], $vbulletin->options['attachthumbssize'], $vbulletin->GPC['quality'], $labelimage, $drawborder);
require_once './global.php';
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
$vbulletin->input->clean_array_gpc('r', array('fid' => TYPE_UINT, 'uid' => TYPE_UINT));
if (!$vbulletin->GPC['uid'] or !$vbulletin->GPC['fid'] or $vbulletin->GPC['uid'] != $vbulletin->userinfo['userid'] and !can_moderate() or !($filedatainfo = $db->query_first_slave("\r\n\t\tSELECT\r\n\t\t\tfd.filedataid, fd.thumbnail_dateline AS dateline, fd.thumbnail_filesize AS filesize, fd.extension, fd.userid, fd.thumbnail AS filedata, fd.refcount,\r\n\t\t\tat.mimetype\r\n\t\tFROM " . TABLE_PREFIX . "attachmentcategoryuser AS acu\r\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (acu.filedataid = fd.filedataid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS at ON (at.extension = fd.extension)\r\n\t\tWHERE\r\n\t\t\tacu.filedataid = {$vbulletin->GPC['fid']}\r\n\t\t\t\tAND\r\n\t\t\tacu.userid = {$vbulletin->GPC['uid']}\r\n\t\tLIMIT 1\r\n\t"))) {
eval(standard_error(fetch_error('invalidid', 'filedata', $vbulletin->options['contactuslink'])));
}
if ($filedatainfo['extension']) {
$extension = strtolower($filedatainfo['extension']);
} else {
$extension = strtolower(file_extension($filedatainfo['filename']));
}
if ($vbulletin->options['attachfile']) {
require_once DIR . '/includes/functions_file.php';
$filepath = fetch_attachment_path($filedatainfo['userid'], $filedatainfo['filedataid'], true);
if (!($fp = @fopen($filepath, 'rb'))) {
// replace this with a ? type image
echo fetch_blank_image();
exit;
}
} else {
if (!$filedatainfo['filedata']) {
// replace this with a ? type image
echo fetch_blank_image();
exit;
}
}
// send jpeg header for PDF, BMP, TIF, TIFF, and PSD thumbnails as they are jpegs
if (in_array($extension, array('bmp', 'tif', 'tiff', 'psd', 'pdf'))) {
$filedatainfo['filename'] = preg_replace('#.(bmp|tiff?|psd|pdf)$#i', '.jpg', $filedatainfo['filename']);
require_once DIR . '/includes/class_dbalter.php';
$db_alter = new vB_Database_Alter_MySQL($db);
$continue = $db_alter->fetch_table_info('blog_attachment');
if (!$continue) {
define('CP_REDIRECT', 'blog_admin.php');
print_stop_message('updated_blog_attachments_successfully');
}
$finishat = $vbulletin->GPC['startat'] + $vbulletin->GPC['perpage'];
echo '<p>' . $vbphrase['updating_blog_attachments'] . '</p>';
$attachments = $db->query_read("\r\n\t\tSELECT ba.*, bt.pagetext, bt.blogtextid\r\n\t\tFROM " . TABLE_PREFIX . "blog_attachment AS ba\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (ba.blogid = blog.blogid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog_text AS bt ON (blog.firstblogtextid = bt.blogtextid)\r\n\t\tWHERE\r\n\t\t\tba.attachmentid >= " . $vbulletin->GPC['startat'] . "\r\n\t\tORDER BY ba.attachmentid\r\n\t\tLIMIT " . $vbulletin->GPC['perpage']);
while ($attachment = $db->fetch_array($attachments)) {
echo construct_phrase($vbphrase['processing_x'], $attachment['attachmentid']) . "<br />\n";
vbflush();
if ($vbulletin->options['blogattachfile']) {
$attachthumbpath = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], true, $vbulletin->options['blogattachpath']);
$attachpath = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], false, $vbulletin->options['blogattachpath']);
$thumbnail = @file_get_contents($attachthumbpath);
$filedata = @file_get_contents($attachpath);
} else {
$thumbnail =& $attachment['thumbnail'];
$filedata =& $attachment['filedata'];
}
require_once DIR . '/includes/class_bootstrap_framework.php';
require_once DIR . '/vb/types.php';
vB_Bootstrap_Framework::init();
$dataman =& datamanager_init('AttachmentFiledata', $vbulletin, ERRTYPE_STANDARD, 'attachment');
$dataman->set('contenttypeid', vB_Types::instance()->getContentTypeID('vBBlog_BlogEntry'));
$dataman->set('contentid', $attachment['blogid']);
$dataman->set('userid', $attachment['userid']);
$dataman->set('filename', $attachment['filename']);
$dataman->set('dateline', $attachment['dateline']);
if ($userid === null) {
$userid = $attachment['userid'];
}
if ($vbulletin->GPC['attachtype'] == ATTACH_AS_FILES_NEW) {
$path = $vboptions['attachpath'] . '/' . implode('/', preg_split('//', $attachment['userid'], -1, PREG_SPLIT_NO_EMPTY));
} else {
$path = $vboptions['attachpath'] . '/' . $attachment['userid'];
}
if (file_exists($path . '/' . $attachment['filedataid'] . '.attach')) {
@unlink($path . '/' . $attachment['filedataid'] . '.attach');
}
$thumbnail_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], vB_Api_Filedata::SIZE_THUMB);
$icon_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], vB_Api_Filedata::SIZE_ICON);
$small_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], vB_Api_Filedata::SIZE_SMALL);
$medium_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], vB_Api_Filedata::SIZE_MEDIUM);
$large_path = fetch_attachment_path($attachment['userid'], $attachment['filedataid'], vB_Api_Filedata::SIZE_LARGE);
if (file_exists($thumbnail_path)) {
@unlink($thumbnail_path);
}
if (file_exists($icon_path)) {
@unlink($icon_path);
}
if ($small_path) {
@unlink($small_path);
}
if (file_exists($medium_path)) {
@unlink($medium_path);
}
if (file_exists($large_path)) {
@unlink($large_path);
}
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
}
unset($attachdata);
$filepath = fetch_attachment_path($attachment['userid'], $attachment['attachmentid']);
if (!is_readable($filepath) or @filesize($filepath) == 0) {
$vbulletin->GPC['attacherrorcount']++;
}
$vbulletin->options['attachfile'] = ATTACH_AS_DB;
} else {
// Converting FROM fs TO mysql
$path = fetch_attachment_path($attachment['userid'], $attachment['attachmentid']);
$thumbnail_path = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], true);
$temp = $vbulletin->options['attachfile'];
$vbulletin->options['attachfile'] = ATTACH_AS_DB;
if ($filedata = @file_get_contents($path)) {
$thumbnail_filedata = @file_get_contents($thumbnail_path);
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_SILENT);
$attachdata->set_existing($attachment);
$attachdata->setr('filedata', $filedata);
$attachdata->setr('thumbnail', $thumbnail_filedata);
if (!($result = $attachdata->save())) {
if (empty($attachdata->errors[0])) {
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
}
}
}
// need to read filedata in chunks and update in chunks!
$attachments = $db->query_read_slave("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE postid IN (" . implode(', ', $postarray) . ")");
while ($attachment = $db->fetch_array($attachments)) {
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_ARRAY);
$attachdata->setr('userid', $attachment['userid']);
$attachdata->setr('dateline', $attachment['dateline']);
$attachdata->setr('thumbnail_dateline', $attachment['thumbnail_dateline']);
$attachdata->setr('filename', $attachment['filename']);
$attachdata->setr('postid', $postassoc["{$attachment['postid']}"]);
$attachdata->setr('visible', $attachment['visible']);
if ($vbulletin->options['attachfile']) {
$attachdata->set('filedata', @file_get_contents(fetch_attachment_path($attachment['userid'], $attachment['attachmentid'])));
$attachdata->set('thumbnail', @file_get_contents(fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], true)));
} else {
$attachdata->setr('filedata', $attachment['filedata']);
$attachdata->setr('thumbnail', $attachment['thumbnail']);
}
$attachdata->save();
unset($attachdata);
}
// Duplicate word entries in the postindex
if (!empty($dupeposts) and $vbulletin->options['copypostindex'] and !$vbulletin->options['fulltextsearch']) {
$hash = $destthreadinfo['threadid'] . '_' . $vbulletin->userinfo['userid'];
$db->query_write("CREATE TABLE IF NOT EXISTS " . TABLE_PREFIX . "postindex_temp{$hash} (\n\t\t\twordid INT UNSIGNED NOT NULL DEFAULT '0',\n\t\t\tpostid INT UNSIGNED NOT NULL DEFAULT '0',\n\t\t\tintitle SMALLINT UNSIGNED NOT NULL DEFAULT '0',\n\t\t\tscore SMALLINT UNSIGNED NOT NULL DEFAULT '0'\n\t\t)");
// indexes left off intentionally
$postcase = '';
foreach ($dupeposts as $oldid => $newid) {
$postcase .= "WHEN {$oldid} THEN {$newid}\n";
// Update Read Announcements
$insertsql = array();
$announcements = $db->query_read("\n\t\tSELECT announcementid\n\t\tFROM " . TABLE_PREFIX . "announcementread\n\t\tWHERE userid = {$sourceinfo['userid']}\n\t");
while ($announcement = $db->fetch_array($announcements)) {
$insertsql[] = "({$destinfo['userid']}, {$announcement['announcementid']})";
}
if (!empty($insertsql)) {
$db->query_write("\n\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t(userid, announcementid)\n\t\t\tVALUES\n\t\t\t\t" . implode(', ', $insertsql) . "\n\t\t");
}
// Update Attachments
if ($vbulletin->options['attachfile']) {
$attachments = $db->query_read("\n\t\t\tSELECT attachmentid, userid, filename, filesize, filehash\n\t\t\tFROM " . TABLE_PREFIX . "attachment\n\t\t\tWHERE userid = {$sourceinfo['userid']}\n\t\t");
require_once DIR . '/includes/functions_file.php';
while ($attachment = $db->fetch_array($attachments)) {
$sourcefile = fetch_attachment_path($sourceinfo['userid'], $attachment['attachmentid']);
$sourcethumb = fetch_attachment_path($sourceinfo['userid'], $attachment['attachmentid'], true);
$attach =& datamanager_init('Attachment', $vbulletin, ERRTYPE_SILENT);
$attach->set_existing($attachment);
$attach->set('userid', $destinfo['userid']);
$attach->set('filedata', @file_get_contents($sourcefile));
$attach->set('thumbnail', @file_get_contents($sourcethumb));
$attach->save();
unset($attach);
// CHEATER!
@unlink($sourcefile);
@unlink($sourcethumb);
}
} else {
$db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "attachment\n\t\t\tSET userid = {$destinfo['userid']}\n\t\t\tWHERE userid = {$sourceinfo['userid']}\n\t\t");
}
// Update Posts
public function delete($doquery = true)
{
if (!$this->pre_delete($doquery) or empty($this->lists['filedataids'])) {
return $false;
}
if (!empty($this->lists['filedataids'])) {
$this->registry->db->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "filedata\n\t\t\t\tWHERE filedataid IN (" . implode(", ", array_keys($this->lists['filedataids'])) . ")\n\t\t\t");
$this->registry->db->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "attachmentcategoryuser\n\t\t\t\tWHERE filedataid IN (" . implode(", ", array_keys($this->lists['filedataids'])) . ")\n\t\t\t");
if ($this->storage == 'fs') {
require_once DIR . '/includes/functions_file.php';
foreach ($this->lists['filedataids'] as $filedataid => $userid) {
@unlink(fetch_attachment_path($userid, $filedataid));
@unlink(fetch_attachment_path($userid, $filedataid, true));
}
}
// unset filedataids so that the post_delete function doesn't bother calculating refcount for the records that we just removed
unset($this->lists['filedataids']);
}
if (!empty($this->lists['attachmentids'])) {
$this->registry->db->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "attachment\n\t\t\t\tWHERE attachmentid IN (" . implode(", ", $this->lists['attachmentids']) . ")\n\t\t\t");
}
$this->post_delete();
return true;
}
/**
* Verify that user's attach path exists, create if it doesn't
*
* @param int userid
*/
function verify_attachment_path($userid)
{
// Allow userid to be 0 since vB2 allowed guests to post attachments
$userid = intval($userid);
$path = fetch_attachment_path($userid);
if (vbmkdir($path)) {
return $path;
} else {
return false;
}
}
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
}
unset($attachdata);
$filepath = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], false, $vbulletin->options['pt_attachpath']);
if (!is_readable($filepath) or @filesize($filepath) == 0) {
$vbulletin->GPC['attacherrorcount']++;
}
$vbulletin->options['pt_attachfile'] = ATTACH_AS_DB;
} else {
// Converting FROM fs TO mysql
$path = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], false, $vbulletin->options['pt_attachpath']);
$thumbnail_path = fetch_attachment_path($attachment['userid'], $attachment['attachmentid'], true, $vbulletin->options['pt_attachpath']);
$temp = $vbulletin->options['pt_attachfile'];
$vbulletin->options['pt_attachfile'] = ATTACH_AS_DB;
if ($filedata = @file_get_contents($path)) {
$thumbnail_filedata = @file_get_contents($thumbnail_path);
$attachdata =& vB_DataManager_Attachment_Pt::fetch_library($vbulletin, ERRTYPE_SILENT);
$attachdata->set_existing($attachment);
$attachdata->setr('filedata', $filedata);
$attachdata->setr('thumbnail', $thumbnail_filedata);
if (!($result = $attachdata->save())) {
if (empty($attachdata->errors[0])) {
$attacherror = fetch_error('upload_file_failed');
// change this error
} else {
$attacherror =& $attachdata->errors[0];
}
/**
* Verify that user's attach path exists, create if it doesn't
*
* @param int userid
*/
function verify_attachment_path($userid)
{
if (!$userid) {
return false;
}
$path = fetch_attachment_path($userid, 0, false, $this->registry->options['pt_attachpath']);
if (vbmkdir($path)) {
return $path;
} else {
return false;
}
}