function ftp_act($p, $f, $res) { $res = ajxg($res); if (!is_file($f)) { $ret = 'not exists'; } elseif (!auth(7)) { $ret = 'no'; } else { switch ($p) { case 'rename': $fc = $p; $ret = 'renamed as ' . $res; break; case 'delete': $fc = 'unlink'; $ret = 'was deleted'; $res = ''; break; case 'copy': $fc = $p; $ret = 'copied at ' . $res; break; case 'infos': $ret = 'infos: ' . fsize($f) . ' ' . ftime($f); break; } } if ($fc) { $ok = call_user_func($fc, $f, $res); } if ($fc && !$ok) { return btn('txtyl', 'error'); } return btn('txtyl', $ret); }
function getFileSize($file) { $size = filesize($file); if ($size < 0) { $size = fsize($file); } return $size; }
function build_page(&$admin, &$database) { global $HEADING, $TEXT, $MENU, $MESSAGE; // Include the functions file include_once get_include(LEPTON_PATH . '/framework/summary.functions.php'); include_once get_include(ADMIN_PATH . '/media/function.inc.php'); $memory_limit = ini_get('memory_limit'); $post_max_size = ini_get('post_max_size'); $upload_max_filesize = ini_get('upload_max_filesize'); $maxUploadFiles = 12; $request = $_SERVER['REQUEST_METHOD']; $allowed_img_types = 'jpg|png|gif|tif'; $actions = isset($_POST['action']) ? trim(stripslashes($admin->get_post('action'))) : 'show'; $actions = isset($_POST['media_reload']) && $_POST['media_reload'] == true ? 'media_reload' : $actions; $actions = isset($_POST['cancel']) ? 'show' : $actions; // Get home folder not to show $home_folders = get_home_folders(); $currentHome = $admin->get_home_folder(); $pathsettings = get_media_settings(); // Get the user specified dir parent_path if ($request == 'GET' && isset($_REQUEST)) { $directory = rawurldecode(trim(stripslashes($admin->get_get('dir')))); } elseif (isset($_POST['current_select'])) { $directory = str_replace(MEDIA_DIRECTORY, '', rawurldecode(trim(stripslashes($admin->get_post('current_select'))))); } elseif (isset($_POST['current_dir'])) { $directory = rawurldecode(trim(stripslashes($admin->get_post('current_dir')))); } //$directory = is_null($directory) ? $currentHome : $directory; // $directory is not always null ... 8-/ $directory = is_null($directory) || empty($directory) ? $currentHome : $directory; $directory = $directory == '/' || $directory == '\\' ? '' : $directory; $target = $current_dir = $directory; $backlink = 'index.php?dir=' . $directory; $FILE = array(); $dirs = array(); $skip = LEPTON_PATH; directory_list(LEPTON_PATH . MEDIA_DIRECTORY, false, 0, $dirs, $skip); // dirs with readWrite access $dirs_rw = media_dirs_rw($admin); array_walk($dirs_rw, 'remove_path', LEPTON_PATH); if ($admin->get_user_id() == 1) { $id = array_unshift($dirs_rw, MEDIA_DIRECTORY); } // Define absolute path to WB media directory (using Unix path seperator) $mediaPath = str_replace('\\', '/', LEPTON_PATH . MEDIA_DIRECTORY); /* comment out to show only Home Folder till yet not build in overall $acess_denied = (($currentHome != '') && (strpos($mediaPath.$directory, $currentHome))) ? false : true; */ // sytem_admin if not superadmin, no homefolder, groupmember 1 $system_admin = $admin->ami_group_member('1') == true || $admin->get_user_id() == 1; $group_admin = empty($currentHome) == true && $admin->ami_group_member('1') == true; //$full_home_folder_access = $directory == '' || in_array(MEDIA_DIRECTORY.$directory, $dirs_rw) || $group_admin ; /* * If HOME_FOLDERS are not active the user have access to all media files, * otherwise check if the shown folders in list are within the personal folder * and grant desired rights only for this folders (upload, create directory a.s.o.) */ $full_home_folder_access = !HOME_FOLDERS ? true : empty($_SESSION['HOME_FOLDER']) || in_array(MEDIA_DIRECTORY . $directory, $dirs_rw) || $group_admin; if (strstr($current_dir, '..')) { // target_path contains ../ $admin->print_error($MESSAGE['MEDIA_TARGET_DOT_DOT_SLASH'], $backlink); } // Build canonicalized absolute path from user input and check if path exists (False if not) $userPath = str_replace('\\', '/', realpath($mediaPath . $directory)); // Ensure that the user specified path is located inside WB media folder if ($userPath == false || strpos($userPath, $mediaPath) !== 0) { // User defined path is invalid or is located outside the WB media directory $admin->print_error($MESSAGE['MEDIA_DIR_ACCESS_DENIED'], $backlink); } if (!is_writeable($mediaPath . $directory)) { $admin->print_error($MESSAGE['GENERIC_BAD_PERMISSIONS'], $backlink); } $tpl = new Template(THEME_PATH . '/templates', 'keep'); // false | true $tpl->debug = false; $file_array = array('page' => 'media.htt', 'browse' => 'media_browse.htt', 'rename' => 'media_rename.htt', 'settings' => 'setparameter.htt'); $tpl->set_file($file_array); $tpl->set_block('page', 'main_block', 'main'); // BEGIN left side always with main_block and the dropdown list may later as dirtree // First insert language text and messages $tpl->set_var(array('TEXT_RELOAD' => $TEXT['RELOAD'], 'TEXT_TARGET_FOLDER' => $TEXT['TARGET_FOLDER'], 'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'], 'TEXT_NAME' => $TEXT['TITLE'], 'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'], 'TEXT_UNZIP_FILE' => $TEXT['UNZIP_FILE'], 'TEXT_DELETE_ZIP' => $TEXT['DELETE_ZIP'], 'TEXT_OVERWRITE_EXISTING' => $TEXT['OVERWRITE_EXISTING'], 'TEXT_FILES' => $TEXT['FILES'])); $tpl->set_var(array('USER_ID' => $admin->is_authenticated() ? $admin->get_user_id() : '', 'ADMIN_URL' => ADMIN_URL, 'LEPTON_URL' => LEPTON_URL, 'LEPTON_PATH' => LEPTON_PATH, 'THEME_URL' => THEME_URL)); // && (($admin->ami_group_member('1') != true) || ($admin->get_user_id() != 1)) // set optionen media_settings_block $tpl->set_block('main_block', 'media_settings_block', 'media_settings'); // Only show admin the settings link if ($pathsettings['global']['admin_only'] == true) { if ($system_admin != true) { $tpl->set_var('DISPLAY_SETTINGS', 'hide'); $tpl->set_block('media_settings', ''); } else { $tpl->parse('media_settings', 'media_settings_block', true); } } else { $tpl->parse('media_settings', 'media_settings_block', true); } // set optionen media_upload_block $tpl->set_var(array('CHANGE_SETTINGS' => $TEXT['MODIFY_SETTINGS'], 'HEADING_BROWSE_MEDIA' => $HEADING['BROWSE_MEDIA'], 'HEADING_MEDIA' => $MENU['MEDIA'] . ' ' . $TEXT['FOLDERS'], 'HEADING_CREATE_FOLDER' => $HEADING['CREATE_FOLDER'], 'HEADING_UPLOAD_FILES' => $HEADING['UPLOAD_FILES'], 'OPTIONS' => $TEXT['OPTION'], 'SETTINGS_URL' => $_SERVER['SCRIPT_NAME'])); $tpl->set_var(array('HOME_DIRECTORY' => $currentHome, 'MEDIA_DIRECTORY' => MEDIA_DIRECTORY, 'CURRENT_DIR' => $directory)); // create dropdownlist dir_list_block $tpl->set_block('main_block', 'dir_list_block', 'dir_list'); // select the correct directory list $use_dirs = !HOME_FOLDERS ? $dirs : empty($_SESSION['HOME_FOLDER']) ? $dirs : $dirs_rw; if (count($use_dirs) > 0) { foreach ($use_dirs as $name) { // prevent duplicate entries - default directory is also set by template! if ($name == MEDIA_DIRECTORY . $currentHome) { continue; } $tpl->set_var(array('MEDIA_NAME' => $name, 'SELECTED' => MEDIA_DIRECTORY . $directory == $name ? ' selected="selected"' : '')); $tpl->parse('dir_list', 'dir_list_block', true); } } else { $tpl->set_var('dir_list', ''); } // Insert permissions values, hide for some actions // workout action should show default blocks switch ($actions) { // all others remove from left side case 'none': case 'show': case 'media_reload': case 'media_create': case 'media_upload': case 'media_delete': case 'save_media_rename': $tpl->set_block('main_block', 'media_create_block', 'media_create'); if ($admin->get_permission('media_create') != true || $full_home_folder_access == false) { $tpl->set_var('DISPLAY_CREATE', 'hide'); $tpl->set_block('media_create', ''); } else { $tpl->set_var(array('DISPLAY_CREATE' => '', 'MAX_UPLOADS' => $maxUploadFiles, 'ALLOW_EXTS' => RENAME_FILES_ON_UPLOAD)); $tpl->parse('media_create', 'media_create_block', true); } $tpl->set_block('main_block', 'input_upload_block', 'input_upload'); for ($x = 0; $x <= $maxUploadFiles; $x++) { $tpl->parse('input_upload', 'input_upload_block', true); } $tpl->set_block('main_block', 'media_upload_block', 'media_upload'); if ($admin->get_permission('media_upload') != true || $full_home_folder_access == false) { $tpl->set_var('DISPLAY_UPLOAD', 'hide'); $tpl->set_block('media_upload', ''); } else { $tpl->set_var(array('DISPLAY_UPLOAD' => '')); $tpl->parse('media_upload', 'media_upload_block', true); } break; default: // all the other action has to hide the blocks $tpl->set_block('main_block', 'media_create_block', 'media_create'); $tpl->set_var('DISPLAY_CREATE', 'hide'); $tpl->parse('media_create', ''); $tpl->set_block('main_block', 'media_upload_block', 'media_upload'); $tpl->set_var('DISPLAY_UPLOAD', 'hide'); $tpl->parse('media_upload', ''); break; } // END workout main_wrapper // Now prepare and parse values for the wrapper template show modus switch ($actions) { case 'none': case 'show': case 'media_reload': case 'media_create': case 'media_upload': case 'media_delete': case 'save_media_rename': $tpl->loadfile('browse'); $tpl->set_block('main_block', 'main_wrapper_block', 'browse'); // Workout the parent dir link PARENT_PATH //$parent_path = !empty($directory) ? dirname($directory) : $directory; if (!empty($directory)) { if (HOME_FOLDERS && !empty($_SESSION['HOME_FOLDER'])) { $parent_path = $_SESSION['HOME_FOLDER']; } else { $parent_path = dirname($directory); } } else { $parent_path = $directory; } // $parent_dir_link = ADMIN_URL.'/media/index.php?dir='.$directory.'&up=1'; $parent_dir_link = 1; // Workout if the up arrow should be shown $display_up_arrow = ''; // $display_up_arrow = (($directory == '') || ($directory == $currentHome)) ? 'hide' : ''; // Insert header info values main_wrapper_block $tpl->set_var(array('THEME_URL' => THEME_URL, 'ROOT_DIRECTORY' => MEDIA_DIRECTORY, 'MEDIA_DIRECTORY' => MEDIA_DIRECTORY, 'CURRENT_PATH' => $directory, 'PARENT_DIR_LINK' => $parent_dir_link, 'PARENT_PATH' => $parent_path)); $tpl->set_block('browse', 'up_link_block', 'up_link'); if (!empty($directory) && $directory != $parent_path) { // show only if parent <> directory $tpl->set_var(array('PARENT_DIR_LINK' => $parent_dir_link, 'TEXT_UP' => $TEXT['UP'], 'DISPLAY_UP_ARROW' => '')); $tpl->parse('up_link', 'up_link_block', true); } else { $tpl->set_block('up_link', ''); $tpl->set_var(array('UP_LINK_COL' => ' display_up_arrow', 'TEXT_UP' => $TEXT['UP'], 'DISPLAY_UP_ARROW' => ' display_up_arrow')); } // now set the dirs and files file_list_block and permissions $tpl->set_block('browse', 'file_list_block', 'file_list'); $tpl->set_block('file_list', 'media_rename_block', 'media_rename'); $tpl->set_block('file_list', 'media_delete_block', 'media_delete'); // get dirs and files in currentDir $FILE = scan_current_dir(LEPTON_PATH . MEDIA_DIRECTORY . '/' . $directory); $temp_id = 0; $line = $row_id = 1; if (count($FILE['path']) > 0) { foreach ($FILE['path'] as $name) { $temp_id++; $link_name = str_replace(' ', '%20', $name); $tpl->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $temp_id, 'LINK' => 'index.php?dir=' . $directory . '/' . $link_name, 'LINK_RELATION' => '', 'ROW_ID' => $line++ & 1, 'FT_ICON' => THEME_URL . '/images/folder_16.png', 'FILETYPE_ICON' => THEME_URL . '/images/folder_16.png', 'FILETYPE' => 'dir', 'FILENAME' => '/' . addslashes($name), 'LINK_TARGET' => '_self', 'ENABLE_OVERLIB' => '', 'EXTENSION' => '', 'MOUSEOVER' => '', 'CLASS_PREVIEW' => '', 'IMAGEDETAIL' => '', 'DISPLAY_ICON' => '', 'SIZE' => '', 'DATE' => '', 'PREVIEW' => '', 'LINK_PATH' => $directory . '/' . $link_name, 'MEDIA_PATH' => MEDIA_DIRECTORY)); $tpl->parse('file_list', 'file_list_block', true); } } // now set the files file_list_block and permissions if (count($FILE['filename']) > 0) { // convert to correct searchpattern $allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD); foreach ($FILE['filename'] as $name) { $preview = 'preview'; if (!preg_match("/\\." . $allowed_file_types . "\$/i", $name)) { $preview = ''; continue; } $temp_id++; $overlib = preg_match("/\\." . $allowed_img_types . "\$/i", $name) ? ' overlib' : ''; if ($preview) { $filetype = get_filetype(LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name); $size = filesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name); $bytes = byte_convert($size); $fdate = filemtime(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name); $date = date(DATE_FORMAT . ' ' . TIME_FORMAT, $fdate); $filetypeicon = get_filetype_icon(LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name); $tooltip = ''; $imgdetail = $bytes; $icon = THEME_URL . '/images/files/unknown.png'; if (!$pathsettings['global']['show_thumbs']) { $info = @getimagesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name); if ($info[0]) { $imgdetail = fsize(filesize(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name)) . '<br /> ' . $info[0] . ' x ' . $info[1] . ' px'; $icon = 'thumb.php?t=1&img=' . $directory . '/' . $name; $tooltip = ShowTip('thumb.php?t=2&img=' . $directory . '/' . $name, $allowed_img_types); } else { $icon = THEME_URL . '/images/files/' . $filetypeicon . '.png'; } } else { $filetypeicon = get_filetype_icon(LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $name); $icon = THEME_URL . '/images/files/' . $filetypeicon . '.png'; } $tpl->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $temp_id, 'LINK' => LEPTON_URL . MEDIA_DIRECTORY . $directory . '/' . $name, 'LINK_RELATION' => '', 'ROW_ID' => $line++ & 1, 'FT_ICON' => $icon, 'FILETYPE_ICON' => THEME_URL . '/images/files/' . $filetypeicon . '.png', 'FILENAME' => addslashes($name), 'LINK_TARGET' => '_top', 'ENABLE_OVERLIB' => $overlib, 'FILETYPE' => 'file', 'EXTENSION' => $filetype, 'MOUSEOVER' => $tooltip, 'CLASS_PREVIEW' => '', 'IMAGEDETAIL' => $imgdetail, 'DISPLAY_ICON' => '', 'SIZE' => $bytes, 'DATE' => $date, 'PREVIEW' => $preview)); $tpl->parse('file_list', 'file_list_block', true); } } } $tpl->set_var(array('TEXT_CURRENT_FOLDER' => $TEXT['CURRENT_FOLDER'], 'TEXT_RELOAD' => $TEXT['RELOAD'], 'TEXT_RENAME' => $TEXT['RENAME'], 'TEXT_DELETE' => $TEXT['DELETE'], 'TEXT_SIZE' => $TEXT['SIZE'], 'TEXT_DATE' => $TEXT['DATE'], 'TEXT_NAME' => $TEXT['NAME'], 'TEXT_TYPE' => $TEXT['TYPE'], 'MEDIA_BROWSE' => '', 'NONE_FOUND' => $MESSAGE['MEDIA_NONE_FOUND'], 'CHANGE_SETTINGS' => $TEXT['MODIFY_SETTINGS'], 'CONFIRM_DELETE' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE']), 'CONFIRM_DELETE_FILE' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE_FILE']), 'CONFIRM_DELETE_DIR' => js_alert_encode($MESSAGE['MEDIA_CONFIRM_DELETE_DIR']))); // If no files are in the media folder say so if ($temp_id == 0) { $tpl->set_var('DISPLAY_LIST_TABLE', ' hide'); $tpl->set_var('DISPLAY_NONE_FOUND', ' center'); $tpl->set_var("file_list_block", "<tr><td></td></tr>"); $tpl->parse('file_list', 'file_list_block', true); } else { $tpl->set_var('DISPLAY_LIST_TABLE', ''); $tpl->set_var('DISPLAY_NONE_FOUND', ' hide'); } $tpl->set_block('file_list', 'media_rename_block', 'media_rename'); $tpl->set_block('file_list', 'media_delete_block', 'media_delete'); // Insert permissions values if ($admin->get_permission('media_rename') != true || $full_home_folder_access == false) { $tpl->set_var('DISPLAY_RENAME', 'hide'); $tpl->set_var('RENHAME_CONTENT', ''); $tpl->parse('media_rename', ''); } else { $tpl->set_var('RENHAME_CONTENT', ''); $tpl->parse('media_rename', 'media_rename_block', true); } if ($admin->get_permission('media_delete') != true || $full_home_folder_access == false) { $tpl->set_var('DISPLAY_DELETE', 'hide'); $tpl->set_var('DELETE_CONTENT', ''); $tpl->parse('media_delete', ''); } else { $tpl->set_var('DELETE_CONTENT', ''); $tpl->parse('media_delete', 'media_delete_block', true); } break; } // begin with save modus actions switch ($actions) { // save actions case 'save_media_settings': if (($x = save_media_settings($pathsettings)) == 0) { $admin->print_error($MESSAGE['SETTINGS_UNABLE_WRITE_CONFIG'], $backlink); } else { $admin->print_success($MESSAGE['SETTINGS_SAVED'], $backlink); } break; case 'save_media_rename': $ext = trim(stripslashes($admin->get_post('extension'))); $ext = empty($ext) ? '' : '.' . $ext; $old_file = media_filename(trim(stripslashes($admin->get_post('old_name')))) . $ext; $rename_file = media_filename(trim(stripslashes($admin->get_post('name')))) . $ext; $type = trim(stripslashes($admin->get_post('filetype'))); // perhaps change dots in underscore by tpye = directory $rename_file = trim($rename_file, '.'); $old_file = LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $old_file; $rename_file = LEPTON_PATH . MEDIA_DIRECTORY . $directory . '/' . $rename_file; if ($type == 'dir') { $rename_file = str_replace('.', '_', $rename_file); } elseif (!preg_match("/\\." . $allowed_file_types . "\$/i", $rename_file)) { $admin->print_error($TEXT['EXTENSION'] . ': ' . $MESSAGE['GENERIC_INVALID'], $backlink); } if (rename($old_file, $rename_file)) { $admin->print_success($MESSAGE['MEDIA_RENAMED'], $backlink); } else { $admin->print_error($MESSAGE['MEDIA_CANNOT_RENAME'], $backlink); } break; } // mask input modus switch ($actions) { case 'media_rename': clearstatcache(); $rename_file = media_filename(trim(stripslashes($admin->get_post('filename')))); $ext = trim(stripslashes($admin->get_post('fileext'))); $type = trim(stripslashes($admin->get_post('filetype'))); $rename_file = basename($rename_file); $tpl->loadfile('rename'); $tpl->set_block('main_block', 'main_wrapper_block', 'rename'); // false | true $tpl->debug = false; $tpl->set_var(array('THEME_URL' => THEME_URL, 'TEXT_CURRENT_FOLDER' => $TEXT['CURRENT_FOLDER'], 'FILENAME' => $rename_file, 'BASENAME' => trim(str_replace($ext, '', basename($rename_file)), '.'), 'ROOT_DIRECTORY' => MEDIA_DIRECTORY, 'DISPLAY_UP_ARROW' => ' display_up_arrow', 'CURRENT_PATH' => $directory, 'DIR' => $directory, 'FILE_TYPE' => $type, 'EXTENSION' => '.' . ltrim($ext, '.'), 'FILE_EXT' => ltrim($ext, '.'), 'TEXT_OVERWRITE_EXIST' => $TEXT['OVERWRITE_EXISTING'], 'TEXT_TO' => '', 'MEDIA_BROWSE' => '', 'TEXT_RENAME' => $TEXT['RENAME'], 'TEXT_CANCEL' => $TEXT['CANCEL'])); $tpl->parse('rename', 'main_wrapper_block', true); break; case 'media_settings': // load template language file $lang = THEME_PATH . '/languages/' . LANGUAGE . '.php'; include_once !file_exists($lang) ? THEME_PATH . '/languages/EN.php' : $lang; $tpl->loadfile('settings'); $tpl->set_block('main_block', 'main_wrapper_block', 'settings'); // false | true $tpl->debug = false; $admin_only = isset($pathsettings['global']['admin_only']) && $pathsettings['global']['admin_only'] == true ? ' checked="checked"' : ''; $show_thumbs = isset($pathsettings['global']['show_thumbs']) && $pathsettings['global']['show_thumbs'] == true ? ' checked="checked"' : ''; $tpl->set_var(array('TEXT_HEADER' => $TEXT['TEXT_HEADER'], 'SAVE_TEXT' => $TEXT['SAVE'], 'CANCEL' => $TEXT['CANCEL'], 'RESET' => $TEXT['RESET'], 'NO_SHOW_THUMBS' => $TEXT['NO_SHOW_THUMBS'], 'MEDIA_BROWSE' => '', 'ADMIN_ONLY' => $TEXT['ADMIN_ONLY'], 'SETTINGS' => $TEXT['SETTINGS'], 'CURRENT_PATH' => $directory, 'ADMIN_URL' => ADMIN_URL, 'WIDTH' => $TEXT['WIDTH'], 'HEIGHT' => $TEXT['HEIGHT'], 'ADMIN_ONLY_SELECTED' => $admin_only, 'NO_SHOW_THUMBS_SELECTED' => $show_thumbs, 'NONE_FOUND' => '', 'DISPLAY_NONE' => '')); // Get dirs in currentDir $dirs = array(); $skip = LEPTON_PATH; directory_list(LEPTON_PATH . MEDIA_DIRECTORY, false, 0, $dirs, $skip); $line = $row_id = 1; $tpl->set_block('settings', 'dir_settings_block', 'dir_settings'); if (isset($dirs)) { $good_dirs = 0; $dir_filter = MEDIA_DIRECTORY . $directory; $parent = substr_count($dir_filter, '/') + 1; $dir_filter = str_replace(array('/', ' '), '_', $dir_filter); foreach ($dirs as $name) { $relative = $name; // str_replace(LEPTON_PATH, '', $name); $subparent = substr_count($relative, '/') + 1; $safepath = str_replace(array('/', ' '), '_', $relative); $continue = strlen(str_replace($safepath, '', $dir_filter)); // if( (substr_count($safepath,$dir_filter) == 0) || ( $dir_filter == $safepath ) ) if ($parent != $subparent - 1 || substr_count($safepath, $dir_filter) == 0 || $dir_filter == $safepath) { continue; } $good_dirs++; $cur_width = $cur_height = ''; if (isset($pathsettings[$safepath]['width'])) { $cur_width = $pathsettings[$safepath]['width']; } if (isset($pathsettings[$safepath]['height'])) { $cur_height = $pathsettings[$safepath]['height']; } $cur_width = $cur_width != 0 ? (int) $cur_width : '-'; $cur_height = $cur_height != 0 ? (int) $cur_height : '-'; $tpl->set_var(array('PATH_NAME' => basename($relative), 'FIELD_NAME' => $safepath, 'CUR_WIDTH' => $cur_width, 'CUR_HEIGHT' => $cur_height, 'ROW_ID' => $line++ & 1)); $tpl->parse('dir_settings', 'dir_settings_block', true); } if ($good_dirs == 0) { $tpl->set_var(array('PATH_NAME' => '', 'FIELD_NAME' => '', 'CUR_WIDTH' => '', 'CUR_HEIGHT' => '', 'ROW_ID' => '', 'DISPLAY_NONE' => ' hide')); $tpl->parse('dir_settings', 'dir_settings_block', true); $tpl->set_var('NONE_FOUND', $MESSAGE['MEDIA_NONE_FOUND']); $tpl->parse('settings', 'dir_settings_block', true); } } else { $tpl->set_var('NONE_FOUND', $MESSAGE['MEDIA_NONE_FOUND']); $tpl->parse('settings', 'dir_settings_block', true); } break; } // normal actions switch ($actions) { case 'media_upload': $target_path = str_replace('\\', '/', LEPTON_PATH . MEDIA_DIRECTORY . $directory); // Create relative path of the new dir name $resizepath = MEDIA_DIRECTORY . $directory; $resizepath = str_replace(array('/', ' '), '_', $resizepath); // Find out whether we should replace files or give an error $overwrite = $admin->get_post('overwrite') != '' ? true : false; // convert to correct searchpattern $allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD); $good_uploads = 0; // If the user chose to unzip the first file, unzip into the current folder if (isset($_POST['unzip']) && $_POST['unzip'] == true) { // include_once(get_include('thumb.php')); if (isset($_FILES['upload']['error'][0]) && $_FILES['upload']['error'][0] == UPLOAD_ERR_OK) { $src_file = isset($_FILES['upload']['name'][0]) ? $_FILES['upload']['name'][0] : null; if ($src_file && preg_match('/\\.zip$/i', $src_file)) { /* * Callback function to skip files not in white-list */ function pclzipCheckValidFile($p_event, &$p_header) { // return 1; $allowed_file_types = str_replace(',', '|', RENAME_FILES_ON_UPLOAD); $info = pathinfo($p_header['filename']); $ext = isset($info['extension']) ? $info['extension'] : ''; $dots = substr($info['basename'], 0, 1) == '.' || substr($info['basename'], -1, 1) == '.'; if (preg_match('/' . $allowed_file_types . '$/i', $ext) && $dots != '.') { // ----- allowed file types are extracted return 1; } else { // ----- all other files are skiped return 0; } } /* ********************************* */ require_once get_include(LEPTON_PATH . '/modules/lib_lepton/pclzip/pclzip.lib.php'); $archive = new PclZip($_FILES['upload']['tmp_name'][0]); $list = $archive->extract(PCLZIP_OPT_PATH, $target_path, PCLZIP_CB_PRE_EXTRACT, 'pclzipCheckValidFile'); $good_uploads = sizeof($list); if ($archive->error_code != 0) { $admin->print_error('UNABLE TO UNZIP FILE' . ' :: ' . $archive->errorInfo(true), $backlink); } } } } else { // proceed normal multi-upload $file_count = sizeof($_FILES['upload']['error']); for ($x = 0; $x < $file_count; $x++) { // If file was upload to tmp if (isset($_FILES['upload']['name'][$x])) { // Remove bad characters $filename = media_filename($_FILES['upload']['name'][$x]); // Check if there is still a filename left and allowed filetyp if ($filename != '' && preg_match("/\\." . $allowed_file_types . "\$/i", $filename)) { // Move to relative path (in media folder) if (file_exists($target_path . '/' . $filename) && $overwrite === true) { if (move_uploaded_file($_FILES['upload']['tmp_name'][$x], $target_path . '/' . $filename)) { $good_uploads++; // Chmod the uploaded file change_mode($target_path . '/' . $filename, 'file'); } } elseif (!file_exists($target_path . '/' . $filename)) { if (move_uploaded_file($_FILES['upload']['tmp_name'][$x], $target_path . '/' . $filename)) { $good_uploads++; // Chmod the uploaded file change_mode($target_path . '/' . $filename); } } if (file_exists($target_path . '/' . $filename) && preg_match("/\\." . $allowed_img_types . "\$/i", $filename)) { if (isset($pathsettings[$resizepath])) { include_once get_include(ADMIN_PATH . '/media/resize_img.php'); if ($pathsettings[$resizepath]['width'] || $pathsettings[$resizepath]['height']) { $rimg = new RESIZEIMAGE($target_path . '/' . $filename); $rimg->resize_limitwh($pathsettings[$resizepath]['width'], $pathsettings[$resizepath]['height'], $target_path . '/' . $filename); $rimg->close(); } } } // store file name of first file for possible unzip action if ($x == 1) { $filename1 = $target_path . '/' . $filename; } } } } } if (isset($_POST['delzip'])) { if (file_exists($filename1)) { unlink($filename1); } } if ($good_uploads == 1) { $admin->print_success($good_uploads . ' ' . $MESSAGE['MEDIA_SINGLE_UPLOADED'], $backlink); } else { $admin->print_success($good_uploads . ' ' . $MESSAGE['MEDIA_UPLOADED'], $backlink); } break; case 'media_create': // $directory = rawurldecode(trim(stripslashes($admin->get_post('current_dir')))); // Remove bad characters from user folder name $target = $admin->get_post('target') != null ? media_filename(trim(stripslashes($admin->get_post('target')))) : $current_dir; $userPath = LEPTON_PATH . MEDIA_DIRECTORY; $err_msg = array(); if ($target == null || $target == $current_dir) { $err_msg[] = $MESSAGE['MEDIA_BLANK_NAME']; } else { // Try and make the dir $target = trim($target, '.'); $dirname = $userPath . $current_dir . '/' . $target; if (file_exists($dirname)) { $err_msg[] = $MESSAGE['MEDIA_DIR_EXISTS']; } else { if (make_dir($dirname)) { change_mode($dirname); if (is_writable($dirname)) { // Create default "index.php" file $rel_pages_dir = str_replace(LEPTON_PATH . MEDIA_DIRECTORY, '', dirname($dirname)); $step_back = str_repeat('../', substr_count($rel_pages_dir, '/') + 1); $content = '<?php' . "\n"; $content .= '// This file is generated by LEPTON Ver.' . VERSION . ';' . "\n"; $content .= "\t" . 'header(\'Location: ' . $step_back . 'index.php\');' . "\n"; $content .= '?>'; $filename = $dirname . '/index.php'; // write content into file $handle = fopen($filename, 'w'); fwrite($handle, $content); fclose($handle); change_mode($filename, 'file'); } else { $err_msg[] = $MESSAGE['GENERIC_BAD_PERMISSIONS']; } } else { $err_msg[] = $MESSAGE['GENERIC_BAD_PERMISSIONS']; } } } if (sizeof($err_msg) > 0) { $admin->print_error(implode('<br />', $err_msg)); } else { $admin->print_success($MESSAGE['MEDIA_DIR_MADE'], $backlink); } break; case 'media_delete': $filetype = isset($_POST['filetype']) ? trim(stripslashes($admin->get_post('filetype'))) : ''; $filename = isset($_POST['filename']) ? trim(stripslashes($admin->get_post('filename'))) : ''; $relative_path = LEPTON_PATH . MEDIA_DIRECTORY . $directory; // Find out whether its a file or folder if ($filetype == 'dir') { // Try and delete the directory if (rm_full_dir($relative_path . '/' . $filename)) { $admin->print_success($MESSAGE['MEDIA_DELETED_DIR'], $backlink); } else { $admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_DIR'], $backlink); } } elseif ($filetype == 'file') { // Try and delete the file if (unlink($relative_path . '/' . $filename)) { $admin->print_success($MESSAGE['MEDIA_DELETED_FILE'], $backlink); } else { $admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_FILE'], $backlink); } } else { $admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_FILE'], $backlink); } break; } // Parse template for preferences form $tpl->parse('main', 'main_wrapper_block', false); $tpl->parse('main', 'main_block', false); $output = $tpl->finish($tpl->parse('output', 'page')); return $output; }
function validateMessage($message, $image, $type, $value, $privacy) { // If message is longer than admitted if (strlen($message) > $this->message_length) { $error = array('message_too_long', $this->message_length); } // Define the switch variable $x = 0; if ($image['name'][0]) { // Set the variable value to 1 if at least one image name exists $x = 1; } if ($x == 1) { // If the user selects more images than allowed if (count($image['name']) > $this->max_images) { $error = array('too_many_images', count($image['name']), $this->max_images); } else { // Define the array which holds the value names $value = array(); $tmp_value = array(); foreach ($image['error'] as $key => $error) { $allowedExt = explode(',', $this->image_format); $ext = pathinfo($image['name'][$key], PATHINFO_EXTENSION); if (!empty($image['size'][$key]) && $image['size'][$key] > $this->max_size) { $error = array('file_too_big', fsize($this->max_size), $image['name'][$key]); // Error Code #004 break; } elseif (!empty($ext) && !in_array(strtolower($ext), $allowedExt)) { $error = array('format_not_exist', $this->image_format, $image['name'][$key]); // Error Code #005 break; } else { if (isset($image['name'][$key]) && $image['name'][$key] !== '' && $image['size'][$key] > 0) { $rand = mt_rand(); $tmp_name = $image['tmp_name'][$key]; $name = pathinfo($image['name'][$key], PATHINFO_FILENAME); $fullname = $image['name'][$key]; $size = $image['size'][$key]; $ext = pathinfo($image['name'][$key], PATHINFO_EXTENSION); // $finalName = str_replace(',', '', $rand.'.'.$this->db->real_escape_string($name).'.'.$this->db->real_escape_string($ext)); $finalName = mt_rand() . '_' . mt_rand() . '_' . mt_rand() . '.' . $this->db->real_escape_string($ext); // Define the type for picture $type = 'picture'; // Store the values into arrays $tmp_value[] = $tmp_name; $value[] = $finalName; } } } if (empty($error)) { foreach ($value as $key => $finalName) { move_uploaded_file($tmp_value[$key], '../uploads/media/' . $finalName); } } // Implode the values $value = implode(',', $value); } } else { // Allowed types of evenets $allowedType = array('map', 'game', 'video', 'food', 'visited', 'movie', 'music'); // If the user doesn't select any event, at all. if (empty($type)) { // Empty the type & value $type = ''; $value = ''; } else { // Verify if the event exist if (in_array($type, $allowedType)) { if ($type == 'video') { if (substr($value, 0, 20) == "https://youtube.com/" || substr($value, 0, 24) == "https://www.youtube.com/" || substr($value, 0, 16) == "www.youtube.com/" || substr($value, 0, 12) == "youtube.com/" || substr($value, 0, 19) == "http://youtube.com/" || substr($value, 0, 23) == "http://www.youtube.com/" || substr($value, 0, 16) == "http://youtu.be/") { parse_str(parse_url($value, PHP_URL_QUERY), $my_array_of_vars); if (substr($value, 0, 16) == 'http://youtu.be/') { $value = str_replace('http://youtu.be/', 'yt:', $value); } else { $value = 'yt:' . $my_array_of_vars['v']; } } elseif (substr($value, 0, 17) == "http://vimeo.com/" || substr($value, 0, 21) == "http://www.vimeo.com/" || substr($value, 0, 18) == "https://vimeo.com/" || substr($value, 0, 22) == "https://www.vimeo.com/" || substr($value, 0, 14) == "www.vimeo.com/" || substr($value, 0, 10) == "vimeo.com/") { $value = 'vm:' . (int) substr(parse_url($value, PHP_URL_PATH), 1); } } elseif ($type == 'music') { if (substr($value, 0, 23) == "https://soundcloud.com/" || substr($value, 0, 27) == "https://www.soundcloud.com/" || substr($value, 0, 22) == "http://soundcloud.com/" || substr($value, 0, 22) == "http://www.soundcloud.com/" || substr($value, 0, 15) == "soundcloud.com/" || substr($value, 0, 19) == "www.soundcloud.com/") { $value = 'sc:' . parse_url($value, PHP_URL_PATH); } } } else { $error = array('event_not_exist'); // Error Code #002 } } } // Allowed types of privacy $allowedPrivacy = array(0, 1); if (!in_array($privacy, $allowedPrivacy)) { $error = array('privacy_no_exist'); // Error Code #003 } # #001 - The message is empty # #002 - The event does not exist # #003 - The privacy value is not valid # #004 - The selected file is too big # #005 - The selected file's format is invalid if ($error) { // Return an error return array('1', $error); } else { // Escape thge message and trim it to remove any extra white spaces or consecutive new lines $message = $this->db->real_escape_string(htmlspecialchars(trim(nl2clean($message)))); // Match the hashtags preg_match_all('/(#\\w+)/u', str_replace(array('\\r', '\\n'), ' ', $message), $matchedHashtags); // For each hashtag, strip the '#' tag and add a comma after it if (!empty($matchedHashtags[0])) { foreach ($matchedHashtags[0] as $match) { $hashtag .= str_replace('#', '', $match) . ','; } } // Create the query // Add the insert message $query = sprintf("INSERT INTO `messages` (`uid`, `message`, `tag`, `type`, `value`, `time`, `public`) VALUES ('%s', '%s', '%s', '%s', '%s', CURRENT_TIMESTAMP, '%s')", $this->db->real_escape_string($this->id), $message, $hashtag, $this->db->real_escape_string($type), $this->db->real_escape_string(strip_tags($value)), $this->db->real_escape_string($privacy)); return array('0', $query); } }
function fsize($file) { $size = 0; $range = array(' B', ' Ko', ' Mo', ' Go'); if (is_dir($file)) { if ($dh = opendir($file)) { while (($filecnt = readdir($dh)) !== false) { if ($filecnt == "." || $filecnt == "..") { continue; } if (is_dir($file . "/" . $filecnt)) { $size += fsize($file . "/" . $filecnt); } else { $size += filesize($file . "/" . $filecnt); } echo "\n{$file}/{$filecnt}"; } closedir($dh); } else { return false; } } else { $size = filesize($file); } for ($i = 0; $size >= 1024 && $i < count($range); $i++) { $size /= 1024; } return round($size, 2) . $range[$i]; }
color: <? echo $a_menu; ?>; } a.menustyle:visited { color: <? echo $a_menu; ?>; } a.menustyle:hover { color: <? echo $a_menu_hover; ?>; } a.menustyle:active { color: <? echo $a_menu_hover; ?>; } /*=========================================================*/ .normallink { font-family: Arial,Helvetica,sans-serif; font-size: <? fsize() ?>; text-decoration: none; } a.normallink:link { color: <? echo $a_normal; ?>; } a.normallink:visited { color: <? echo $a_normal; ?>; } a.normallink:hover { color: <? echo $a_normal_hover; ?>; } a.normallink:active { color: <? echo $a_normal_hover; ?>; }
$filetypeicon = get_filetype_icon(WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name); $filetype = get_filetype(WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name); if (in_array($filetype, $filepreview)) { $preview = 'preview'; } else { $preview = ''; } $temp_id++; $imgdetail = ''; // $icon = THEME_URL.'/images/blank_16.gif'; $icon = ''; $tooltip = ''; if (!$pathsettings['global']['show_thumbs']) { $info = getimagesize(WB_PATH . MEDIA_DIRECTORY . $directory . '/' . $name); if ($info[0]) { $imgdetail = fsize(filesize(WB_PATH . MEDIA_DIRECTORY . $directory . '/' . $name)) . '<br /> ' . $info[0] . ' x ' . $info[1] . ' px'; $icon = 'thumb.php?t=1&img=' . $directory . '/' . $name; $tooltip = ShowTip('thumb.php?t=2&img=' . $directory . '/' . $name); } } $filetype_url = THEME_URL . '/images/files/' . $filetypeicon . '.png'; $template->set_var(array('NAME' => $name, 'NAME_SLASHED' => addslashes($name), 'TEMP_ID' => $admin->getIDKEY($temp_id), 'LINK' => WB_URL . MEDIA_DIRECTORY . $directory . '/' . $name, 'LINK_TARGET' => '_blank', 'ROW_BG_COLOR' => $row_bg_color, 'FT_ICON' => empty($icon) ? $filetype_url : $icon, 'FILETYPE_ICON' => $filetype_url, 'MOUSEOVER' => $tooltip, 'IMAGEDETAIL' => $imgdetail, 'SIZE' => $bytes, 'DATE' => $date, 'PREVIEW' => $preview, 'IMAGE_TITLE' => $name, 'IMAGE_EXIST' => 'blank_16.gif')); $template->parse('list', 'list_block', true); // Code to alternate row colors if ($row_bg_color == 'FFF') { $row_bg_color = 'ECF1F3'; } else { $row_bg_color = 'FFF'; } } }
function PageMain() { global $TMPL, $LNG, $CONF, $db, $loggedIn, $settings; if (!$settings['paypalapp']) { header("Location: " . $CONF['url'] . "/index.php?a=welcome"); } if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) { $verify = $loggedIn->verify(); if (empty($verify['username'])) { // If fake cookies are set, or they are set wrong, delete everything and redirect to home-page $loggedIn->logOut(); header("Location: " . $CONF['url'] . "/index.php?a=welcome"); } } // Start the music feed $feed = new feed(); $feed->db = $db; $feed->url = $CONF['url']; $feed->user = $verify; $feed->id = $verify['idu']; $feed->username = $verify['username']; $proAccount = $feed->getProStatus($feed->id, 0); $TMPL_old = $TMPL; $TMPL = array(); // Get the PayPal settings $PayPalMode = $settings['paypalsand'] ? '.sandbox' : ''; // Decide whether whether the request is for sandbox or live $PayPalCurrencyCode = $settings['currency']; // Paypal Currency Code $PayPalReturnURL = $CONF['url'] . '/index.php?a=pro&type=successful'; //Point to process.php page $PayPalCancelURL = $CONF['url'] . '/index.php?a=pro&type=canceled'; // Canceling URL if user clicks cancel $paypal = new paypalApi(); $paypal->username = $settings['paypaluser']; // PayPal API Username $paypal->password = $settings['paypalpass']; // Paypal API password $paypal->signature = $settings['paypalsign']; // Paypal API Signature $skin = new skin('pro/gopro'); $rows = ''; // If the user is logged-in if ($feed->id) { if (isset($_POST['plan']) && !$proAccount) { $ItemName = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']); //Item Name $ItemPrice = $_POST["plan"] == 1 ? $settings['proyear'] : $settings['promonth']; //Item Price $ItemNumber = $_POST["plan"] == 1 ? md5(1) : md5(0); //Item Number $ItemDesc = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']); //Item Number $ItemQty = 1; // Item Quantity $ItemTotalPrice = $ItemPrice * $ItemQty; //(Item Price x Quantity = Total) Get total amount of product; // Parameters for SetExpressCheckout, which will be sent to PayPal $params = array('METHOD' => 'SetExpressCheckout', 'RETURNURL' => $PayPalReturnURL, 'CANCELURL' => $PayPalCancelURL, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'SALE', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'NOSHIPPING' => 0, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly', 'LOCALECODE' => 'US', 'LOGOIMG' => $CONF['url'] . '/' . $CONF['theme_url'] . '/images/logo_black.png', 'CARTBORDERCOLOR' => 'FFFFFF', 'ALLOWNOTE' => 0); // Store the selected plan $_SESSION['SelectedPlan'] = $_POST['plan']; $_SESSION['ItemName'] = $ItemName; //Item Name $_SESSION['ItemPrice'] = $ItemPrice; //Item Price $_SESSION['ItemNumber'] = $ItemNumber; //Item Number $_SESSION['ItemDesc'] = $ItemDesc; //Item Number $_SESSION['ItemQty'] = $ItemQty; // Item Quantity $_SESSION['ItemTotalPrice'] = $ItemTotalPrice; //(Item Price x Quantity = Total) Get total amount of product; // Execute SetExpressCheckOut method to create the payment token and PayerID $paypalResponse = $paypal->post('SetExpressCheckout', $params, $PayPalMode); //Respond according to message we receive from Paypal if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") { // Generat the PayPal payment url with the response Token $paypalurl = 'https://www' . $PayPalMode . '.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $paypalResponse["TOKEN"] . ''; // Redirect to PayPal payment page header('Location: ' . $paypalurl); } else { // If the payment is not successful $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0'])); } } elseif ($_GET['type'] == 'canceled' && !$proAccount) { // If the payment has been canceled $TMPL['error'] = notificationBox('error', $LNG['payment_error_1']); } elseif ($_GET['type'] == 'successful' && !$proAccount) { $skin = new skin('pro/gopro'); $rows = ''; // If the token and PayerID has been returned by the Return URL if (isset($_GET["token"]) && isset($_GET["PayerID"])) { $token = $_GET["token"]; $payer_id = $_GET["PayerID"]; // Get the selected plan $ItemName = $_SESSION['ItemName']; //Item Name $ItemPrice = $_SESSION['ItemPrice']; //Item Price $ItemNumber = $_SESSION['ItemNumber']; //Item Number $ItemDesc = $_SESSION['ItemDesc']; //Item Number $ItemQty = $_SESSION['ItemQty']; // Item Quantity $ItemTotalPrice = $_SESSION['ItemTotalPrice']; $params = array('TOKEN' => $token, 'PAYERID' => $payer_id, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'Sale', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly'); // Execute DoExpressCheckoutPayment to receive the payment from the user $paypalResponse = $paypal->post('DoExpressCheckoutPayment', $params, $PayPalMode); // Check if the payment was successful if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") { // Verify if the payment is Completed if ($paypalResponse["PAYMENTINFO_0_PAYMENTSTATUS"] == 'Completed') { // Execute GetExpressCheckoutDetails to retrieve the transaction details $params = array('TOKEN' => $token); $paypalResponse = $paypal->post('GetExpressCheckoutDetails', $params, $PayPalMode); // If the GetExpressCheckoutDetails was successful if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") { $date = date("Y-m-d H:m:s", strtotime($_SESSION['SelectedPlan'] == 1 ? "+1 year" : "+1 month")); $stmt = $db->prepare(sprintf("INSERT INTO `payments`\n\t\t\t\t\t\t\t\t(`by`, `payer_id`, `payer_first_name`, `payer_last_name`, `payer_email`, `payer_country`, `txn_id`, `amount`, `currency`, `type`, `status`, `valid`, `time`) VALUES \n\t\t\t\t\t\t\t\t('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s', '%s', '%s', '%s')", $db->real_escape_string($feed->id), $db->real_escape_string($paypalResponse['PAYERID']), $db->real_escape_string($paypalResponse['FIRSTNAME']), $db->real_escape_string($paypalResponse['LASTNAME']), $db->real_escape_string($paypalResponse['EMAIL']), $db->real_escape_string($paypalResponse['SHIPTOCOUNTRYNAME']), $db->real_escape_string($paypalResponse['PAYMENTREQUEST_0_TRANSACTIONID']), $db->real_escape_string($paypalResponse['AMT']), $settings['currency'], $_SESSION['SelectedPlan'], 1, $date, date("Y-m-d H:m:s"))); // Execute the statement $stmt->execute(); // Check the affected rows $affected = $stmt->affected_rows; // Close the statement $stmt->close(); // If the pro status has been added if ($affected) { // Set the pro account to valid $proAccount = 2; } } else { $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0'])); } } else { $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0'])); } } else { $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0'])); } } } if ($proAccount) { $skin = new skin('pro/successful'); $rows = ''; $transaction = $feed->getProStatus($feed->id, 2); // If the proAccount was just created if ($proAccount == 2) { $TMPL['pro_title'] = $LNG['congratulations'] . '!'; $TMPL['pro_title_desc'] = $LNG['go_pro_congrats']; } else { $TMPL['pro_title'] = $LNG['pro_plan']; $TMPL['pro_title_desc'] = $LNG['account_status']; } // Explode the date to display in a custom format $valid = explode('-', $transaction['valid']); $TMPL['validuntil'] = $valid[0] . '-' . $valid[1] . '-' . substr($valid[2], 0, 2); // Decide the plan type $TMPL['plan'] = $transaction['amount'] == $settings['proyear'] ? $LNG['yearly'] : $LNG['monthly']; // Days left of pro Plan $TMPL['daysleft'] = floor((strtotime($transaction['valid']) - strtotime(date("Y-m-d H:i:s"))) / (60 * 60 * 24)) . ' ' . $LNG['days_left']; // The Amount paid for the pro plan $TMPL['amount'] = $transaction['amount'] . ' ' . $settings['currency']; } $TMPL['go_pro_action'] = 'formSubmit(\'gopro-form\')'; } else { $TMPL['go_pro_action'] = 'connect_modal()'; } $TMPL['history'] = $feed->proAccountHistory(null, 1, 1); $TMPL['protracksize'] = fsize($settings['protracksize']); $TMPL['protracktotal'] = fsize($settings['protracktotal']); $TMPL['tracksize'] = fsize($settings['tracksize']); $TMPL['tracksizetotal'] = fsize($settings['tracksizetotal']); $TMPL['promonth'] = $settings['promonth']; $TMPL['proyear'] = $settings['proyear']; $TMPL['currency'] = $settings['currency']; $rows = $skin->make(); $TMPL = $TMPL_old; unset($TMPL_old); $TMPL['rows'] = $rows; if (isset($_GET['logout']) == 1) { $loggedIn->logOut(); header("Location: " . $CONF['url'] . "/index.php?a=welcome"); } $TMPL['url'] = $CONF['url']; $TMPL['title'] = $LNG['go_pro'] . ' - ' . $settings['title']; $TMPL['meta_description'] = $settings['title'] . ' ' . $LNG['go_pro'] . ' - ' . $LNG['go_pro_desc']; $skin = new skin('pro/content'); return $skin->make(); }
function sidebarStatistics($id = null, $type = null, $extra = null) { // Type 0: Return statistics for your own tracks that have been played by other users // Type 1: Return statistics for track page global $LNG; if ($type == 1) { $query = $this->db->query(sprintf("SELECT (SELECT count(`track`) FROM `views` WHERE `track` = '%s') as total, (SELECT count(`track`) FROM `views` WHERE `track` = '%s' AND CURDATE() = date(`time`)) as today, (SELECT count(`track`) FROM `views` WHERE `track` = '%s' AND CURDATE()-1 = date(`time`)) as yesterday", $this->db->real_escape_string($id), $this->db->real_escape_string($id), $this->db->real_escape_string($id))); } elseif ($type == 2) { $query = $this->db->query(sprintf("SELECT (SELECT count(`id`) FROM `tracks` WHERE `uid` = '%s') as tracks_total, (SELECT SUM(`size`) FROM `tracks` WHERE `uid` = %s) as upload_size", $this->db->real_escape_string($this->id), $this->db->real_escape_string($this->id), $this->db->real_escape_string($id))); } else { if (!$this->trackList) { return; } $query = $this->db->query(sprintf("SELECT (SELECT count(`track`) FROM `views` WHERE `track` IN (%s)) as total, (SELECT count(`track`) FROM `views` WHERE `track` IN (%s) AND CURDATE() = date(`time`)) as today, (SELECT count(`track`) FROM `views` WHERE `track` IN (%s) AND CURDATE()-1 = date(`time`)) as yesterday", $this->trackList, $this->trackList, $this->trackList)); } $result = $query->fetch_assoc(); $output = '<div class="sidebar-container widget-statistics"><div class="sidebar-content"><div class="sidebar-header">' . (!$type ? '<a href="' . $this->url . '/index.php?a=stats" rel="loadpage">' . $LNG['statistics'] . '</a>' : ($extra ? $LNG['statistics'] . ' <div class="sidebar-header-extra"><a href="' . $this->url . '/index.php?a=track&id=' . $_GET['id'] . '&type=stats" rel="loadpage">' . $LNG['view_more'] . '</a></div>' : $LNG['statistics'])) . '</div><div class="sidebar-stats-container">'; if ($type == 2) { // Percentage for the stats bar $percentage = $result['upload_size'] / $this->track_size_total * 100; $output .= ' <div class="sidebar-stats-box">' . $LNG['tracks_uploaded'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['tracks_total'] . '</div> <div class="sidebar-stats-box">' . $LNG['total_space'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . fsize($this->track_size_total) . '</div> <div class="divider sidebar-stats-divider"></div> <div class="sidebar-stats-box">' . $LNG['used_space'] . '</div><div class="sidebar-stats-box sidebar-stats-box-right">' . $LNG['free_space'] . '</div> <div class="sidebar-stats-bar"><div class="sidebar-stats-bar-percentage" style="width: ' . $percentage . '%"></div></div> <div class="sidebar-stats-box">' . fsize($result['upload_size']) . '</div><div class="sidebar-stats-box sidebar-stats-box-right">' . fsize($this->track_size_total - $result['upload_size']) . '</div>'; } else { $output .= ' <div class="sidebar-stats-box">' . $LNG['plays_today'] . '</div><div class="sidebar-stats-box sidebar-text-right sidebar-stats-today">' . $result['today'] . '</div> <div class="sidebar-stats-box">' . $LNG['plays_yesterday'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['yesterday'] . '</div> <div class="sidebar-stats-box">' . $LNG['plays_total'] . '</div><div class="sidebar-stats-box sidebar-text-right">' . $result['total'] . '</div>'; } $output .= '</div></div></div>'; return $output; }
$userfiles[$i]['tmp_name'] = $_FILES['userfile']['tmp_name'][$i]; $userfiles[$i]['error'] = $_FILES['userfile']['error'][$i]; $name = $_FILES['userfile']['name'][$i]; if ($modx->config['clean_uploaded_filename']) { $nameparts = explode('.', $name); $nameparts = array_map(array($modx, 'stripAlias'), $nameparts); $name = implode('.', $nameparts); } $userfiles[$i]['name'] = $name; $userfiles[$i]['type'] = $_FILES['userfile']['type'][$i]; } } foreach ((array) $userfiles as $userfile) { // this seems to be an upload action. printf("<p>" . $_lang['files_uploading'] . "</p>", $userfile['name'], substr($startpath, $len, strlen($startpath))); echo $userfile['error'] == 0 ? "<p>" . $_lang['files_file_type'] . $userfile['type'] . ", " . fsize($userfile['tmp_name']) . '</p>' : ''; $userfilename = $userfile['tmp_name']; if (is_uploaded_file($userfilename)) { // file is uploaded file, process it! if (!in_array(getExtension($userfile['name']), $uploadablefiles)) { echo '<p><span class="warning">' . $_lang['files_filetype_notok'] . '</span></p>'; } else { if (@move_uploaded_file($userfile['tmp_name'], $_POST['path'] . '/' . $userfile['name'])) { // Ryan: Repair broken permissions issue with file manager if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') { @chmod($_POST['path'] . "/" . $userfile['name'], $new_file_permissions); } // Ryan: End echo '<p><span class="success">' . $_lang['files_upload_ok'] . '</span></p>'; // invoke OnFileManagerUpload event $modx->invokeEvent('OnFileManagerUpload', array('filepath' => $_POST['path'], 'filename' => $userfile['name']));
function msql_adm($msql = '') { //echo br(); $root = sesm('root', 'msql/'); $auth = $_SESSION['auth']; $ath = 6; //auth_level_mini $wsz = define_s('wsz', 700); $msql = $msql ? $msql : $_GET['msql']; $_SESSION['page'] = $_GET['page'] ? $_GET['page'] : 1; #boot if ($msql && $msql != '=') { $url = sesm('url', '/msql/'); $ra = msql_boot($msql); $_SESSION['msql_boot'] = $ra; list($bases, $base, $dirs, $dir, $prefixes, $prefix, $files, $table, $version, $folder, $node) = $ra; //build url $murl = sesm('murl', murl($base, $dir, $prefix, $table, $version)); //b/d/p_t_v $basename = $root . $folder . $node; $is_file = is_file($basename . '.php'); $lk = sesm('lk', $url . $folder . $node . gpage()); $folder = $root . $folder; //conformity msql_adm_head($lk, $base, $prefix, $table, $version); } $def = ajx($_POST['def'] ? $_POST['def'] : $_GET['def'], 1); if ($_GET['see']) { $ret[] = verbose($ra, 'dirs'); } //auth if ($base == 'users' && $prefix == $_SESSION['USE']) { $_SESSION['ex_atz'] = 1; } if ($auth >= $ath && $_SESSION['ex_atz'] or $auth >= 6) { $authorized = true; } $lkb = $lk . '&'; #load //reqp('msql'); $msq=new msql($base,$node); if($is_file)$defs=$msq->load(); if (get('repair')) { msql_repair($folder, $node); } //old if ($is_file) { $defs = read_vars($folder, $node, $defsb); } //if(!$defs)$ret[]=verbose($ra,''); if ($defs['_menus_']) { $defsb['_menus_'] = $defs['_menus_']; } //save if ($def && !$defs[$def]) { $_POST['add'] = $def; } if (($_POST['def'] or $_POST['add']) && $authorized) { list($defs, $def) = save_defs($folder, $node, $defs, $def, $base); } //savb if ($_GET['sav']) { save_vars($folder, $node . '_sav', $defs, 1); } //create if ($_GET['create'] && $authorized) { $prefix = normaliz_c($_POST['prfx']); $table = normaliz_c($_POST['hbname']); if ($_POST['hbnb'] && $_POST['hbnb'] != 'version') { $version = $_POST['hbnb']; } if (!$_POST['hbnb']) { $version = ''; } if (is_numeric($_POST['nbc'])) { $defsb['_menus_'] = ''; $nbc = $_POST['nbc']; $nbc = $nbc > 1 ? $nbc : 1; for ($i = 1; $i <= $nbc; $i++) { $defsb['_menus_'][] = 'col_' . $i; } } elseif ($defs['_menus_']) { $defsb['_menus_'] = $defs['_menus_']; } else { $defsb['_menus_'] = array(''); } $node = mnod($prefix, $table, $version); if ($folder && $prefix) { read_vars($folder, $node, $defsb); } relod(sesm('url') . murl_build('', '', $prefix, $table, $version)); } #modifs //save_modif $do = find_command(); if ($do && $auth >= $ath) { $defs = msql_modifs($defs, $defsb, $folder, $prefix . '_' . $table, $node, $basename, $do); } #render $lh = sesmk('msqlang'); #-menus if (!$_GET['def']) { $ret['menus'] = msql_menus($ra); } //auth(3) && if (!$_GET['def']) { //called #-files //add if (auth(4)) { $ret['fls'] = lkc('txtblc', $lkb . 'new==', pictxt('add', $lh[9][0])) . ' '; } if ($table && $authorized && $prefix && $is_file) { //$defs && $ret['fls'] .= lkc('txtx', $lkb . 'sav==', $lh[2][0]) . ' '; if (is_file($basename . '_sav.php')) { $ret['fls'] .= lkc('txtx', $lkb . 'restore==', $lh[3][0]) . ' '; } $ret['fls'] .= lj_goto('import_defs', 5); //$ret['fls'].=lj_goto('import_old',''); $ret['fls'] .= lj_goto('import_keys', 17); $ret['fls'] .= lj_goto('merge_defs', 6); $ret['fls'] .= lj_goto('append_update', 7); $ret['fls'] .= lj_goto('append_values', 8); } else { $ret['fls'] .= $bckp; } if ($files[$prefix] && ($auth > $ath or $prefix == $_SESSION['USE'])) { if ($auth >= $ath && $table && $prefix && $is_file) { $ret['fls'] .= lkc('txtx', $lkb . 'del_table==', $lh[10][0]) . ' '; $ret['fls'] .= ljb('txtblc', 'delfile', $lkb . 'del_file==', $lh[11][0]) . ' '; //$ret['fls'].=lkc('txtyl',$lkb.'del_file==',$lh[11][0]).' '; if (!$defs or isset($defs[0])) { $ret['fls'] .= lkc('txtyl', $lkb . 'repair==', $lh[12][0]) . ' '; } } } if ($ret['fls']) { $ret['fls'] .= br(); } //$ret['fls']=divc('menu',$ret['fls']); //new if ($_GET['new']) { $ret['fls'] .= newbase($base, $prefix, $table, $version); } #-util if ($table && $authorized && $prefix && $is_file) { $ret['utl'] .= lkc('txtblc', $lkb . 'def=_menus_', $lh[1][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'reset_menus==', $lh[22][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'del_menus==', $lh[23][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'add_keys==', $lh[24][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'del_keys==', $lh[25][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'def=_menus_&add_col==', $lh[14][0]) . ' '; $ret['utl'] .= lj_goto('del_col', 15); if ($is_file) { $ret['utl'] .= lkc('txtx" title="' . $lh[13][1], $lkb . 'repair_cols==', $lh[13][0]) . br(); } if ($base != 'system' && is_file(sesm('root') . 'system/' . $node . '.php')) { $ret['utl'] .= lkc('txtblc', $lkb . 'update==', $lh[26][0]) . ' '; } $ret['utl'] .= lj_goto('sort_table', 19); if ($table != 'restrictions' && $table != 'params') { $ret['utl'] .= lkc('txtx', $lkb . 'reorder==', $lh[20][0]) . ' '; } $ret['utl'] .= lj_goto('permut', 21); $ret['utl'] .= lkc('txtx', $lkb . 'edit_conn==', $lh[16][0]) . ' '; $ret['utl'] .= lkc('txtx" title="' . $lh[6][1], $lkb . 'inject_defs==', $lh[18][0]) . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'edit_csv==', 'csv') . ' '; $ret['utl'] .= lkc('txtx', $lkb . 'json==', 'json') . ' '; if (auth(6)) { $ret['utl'] .= lkc('txtx', $lkb . 'export_mysql==', 'sql') . ' '; } if (auth(6)) { $ret['utl'] .= lkc('txtx', $lkb . 'create_mysql==', 'create mysql') . ' '; } $ret['utl'] .= lj('txtx', 'popup_msql___lang_helps_msql', '?'); } #-fieldset if ($ret['fls'] . $ret['utl']) { $ret['utils'] = divc('menu', $ret['fls'] . $ret['utl']); } $ret['fls'] = $ret['utl'] = ''; //if($ret['nfo'])$ret['nfo'].=br(); } //called #-infos if ($table && $is_file) { $ret['nfo'] = lkc('popsav', $lk, $murl) . ' '; $wurl = $_SERVER['HTTP_HOST'] . '/msql/' . $murl; $ret['nfo'] .= lj('popbt', 'popup_text___' . ajx($wurl) . '_weburl_console', pictit('link', 'web url')); $wcon = '[' . $murl . $kdef . ($def ? ':' . $def : '') . ':microsql]'; $ret['nfo'] .= lj('popbt', 'popup_text___' . ajx($wcon) . '_connector_console', pictit('conn', 'connector')); $ret['nfo'] .= lkt('popbt', '/plug/microxml.php?table=' . $murl, pictit('rss', 'xml')) . ' - '; $ret['nfo'] .= btn('txtsmall2', count($defs) . ' ' . plurial(count($defs), 116)) . ' - '; if ($is_file) { $ret['nfo'] .= btn('txtsmall2', fsize($basename . '.php')) . ' - '; } $ret['nfo'] .= btn('txtsmall2', ftime($basename . '.php')) . ' '; $ret['nfo'] .= msq_search($murl); } if ($ret['nfo']) { $ret['nfo'] = divc('menu', $ret['nfo']); } //entries //if($defs)$ret['edt'].=slctmenuder($defs,$def?$def:'_menus_'); //add if ($is_file && $authorized && !$_GET['called'] && $defs && !$_GET['def']) { $ret['edt'] .= divc('menu', f_inp_add($defs, $defsb, $def)) . br(); } //edit //echo verbose($ra,''); if ($def && $defs[$def]) { $ret['edt'] .= f_inp_m($defs, $defsb['_menus_'], $def); } //edit_conn if ($_GET['edit_conn'] == '=') { if ($defs) { foreach ($defs as $k => $v) { $v = str_replace(array('|', '¬'), array(':BAR:', ':LINE:'), $v); $edittable .= implode('|', $v) . '¬' . "\n"; } } //(!is_numeric($k)?$k.'|':'') $ret[] = divc('', 'paste a table as created by transductor from html table :: use "|" for cells and "¬" for lines of cells') . form($lkb . 'def=' . $def, txarea('import_conn', $edittable, 60, 14) . br() . checkbox('aid', 'ok', 'auto_increment', '1') . input2('submit', 'save', 'import', 'txtbox')) . hr() . br(); } //array if ($_GET['inject_defs'] == '=') { $datas = str_replace(array('<' . '?php', '?' . '>'), '', read_file($basename . '.php')); $ret[] = divc('', 'paste $r[1]=array(1,2,3)') . form($lkb, txarea('inject_defs', $datas, 60, 14) . br() . input2('submit', 'replace', 'replace', 'txtbox') . input2('submit', 'inject', 'inject', 'txtbox') . checkbox('mono', '1', 'key=>value', '') . checkbox('sql', '1', 'mysql', '')) . hr() . br(); } //export_mysql if ($_GET['create_mysql'] == '=' && auth(6)) { $ok = plugin_func('mysql', 'import_msql', $defs, $node); $ret[] = divc('txtalert', 'create table ' . $node . ': ' . $ok); } if ($_GET['export_mysql'] == '=' && auth(6)) { $ret[] = txarea('', mysqlrb($defs), 60, 40); } //csv if ($_GET['edit_csv'] == '=') { foreach ($defs as $k => $v) { if ($v) { $edittable .= $k . ':' . (is_array($v) ? implode(',', $v) : htmlentities($v)) . "\n"; } } $ret[] = divc('', 'paste csv using "," for cells and lines for rows') . form($lkb . 'def=' . $def, txarea('edit_csv', $edittable, 60, 14) . br() . checkbox('aid', 'ok', 'auto_increment', '1') . input2('submit', 'save', 'import', 'txtbox')) . hr() . br(); } //csv if ($_GET['json'] == '=') { foreach ($defs as $k => $v) { if ($v) { $edittable .= '"' . $k . '":' . (is_array($v) ? '["' . implode('","', $v) . '"]' : '"' . htmlentities($v[0])) . '",'; } } $ret[] = txarea('edit_csv', '{' . $edittable, 60, 14) . '}' . br(); } //see_table if ($defs && !$_GET['def']) { // && (!$def or $_POST['save'])//called $out = divd('editmsql', draw_table($defs, $murl, '')); $ret[] = $out . br(); } else { $ret[] = divd('editmsql', ''); } if ($auth > 6) { $ret[] = lkc('txtx', $lkb . 'backup_msql==', 'backup') . ' '; } if ($_GET['backup_msql']) { $ret[] = backup_msql(); } return divd('content', implode('', $ret)); }
$form_field .= ' size="' . $cnt_form["fields"][$key]['size'] . '"'; } if ($cnt_form["fields"][$key]['max']) { $form_field .= ' maxlength="' . $cnt_form["fields"][$key]['max'] . '"'; } elseif (!empty($cnt_form['upload_value']['maxlength'])) { $form_field .= ' maxlength="' . $cnt_form['upload_value']['maxlength'] . '"'; } if ($cnt_form["fields"][$key]['class']) { $form_field .= ' class="' . $cnt_form["fields"][$key]['class'] . '"'; } if ($cnt_form["fields"][$key]['style']) { $form_field .= ' style="' . $cnt_form["fields"][$key]['style'] . '"'; } $form_field .= ' title="'; if ($cnt_form['upload_value']['maxlength']) { $form_field .= 'max. ' . fsize($cnt_form['upload_value']['maxlength'], ' ', 1); } $form_field .= '" />'; unset($cnt_form['upload_value']); // enable enctype attribute $cnt_form['is_enctype'] = true; break; case 'submit': /* * Submit */ if (strpos(strtolower($cnt_form["fields"][$key]['value']), 'src=') === false) { $form_field .= '<input type="submit" name="' . $form_name . '" id="' . $form_name . '" '; if ($cnt_form["fields"][$key]['value'] != '') { $form_field .= 'value="' . html_specialchars($cnt_form["fields"][$key]['value']) . '"'; }
function get_dir($path, $max_depth = '', $l = 0, $total = '') { if (!is_dir($path)) { echo "\nInvalid Path\n"; return; } echo "<table border='0' cellpadding='5' cellspacing='0'>"; $path = substr($path, -1) != "/" ? $path . "/" : $path; if (!$l) { echo "\n<tr><td colspan='4'>Contents of directory {$path} :</td></tr>\n"; echo "\n<tr><td>Permissions</td><td>File Size</td><td>File Name</td><td> </td></tr>\n"; $total = 0; } if ($max_depth === '' || $max_depth > $l && is_int($max_depth)) { $test_depth = true; } else { $test_depth = false; } $pre = ""; $c = $l; while ($c--) { $pre .= "\t"; } $dir = opendir($path); while ($f = readdir($dir)) { if ($f == "." || $f == "..") { continue; } $file = $path . $f; $size = ""; if (is_file($file) || !is_dir($file)) { $s = filesize($file); $total += $s; $size = "[ " . fsize($s) . " ]"; } else { $f .= "/"; } while (strlen($size) < 16) { $size = " " . $size; } // echo "\n".get_permissions(fileperms($file)).$size.$pre."\t".$f; // echo "\n<tr><td>".get_permissions(fileperms($file))."</td><td>".$size.$pre."</td><td>".$f."</td><td><a href=\"upld1/download.php?name=$f&mode=view\">View</a> <a href=\"upld1/download.php?name=$f\">Download</a> <a href=\"$me?mode=delete&name=$f\" onclick=\"return delete_confirm();\">Delete</a></td></tr>"; echo "\n<tr><td>" . get_permissions(fileperms($file)) . "</td><td>" . $size . $pre . "</td><td>" . $f . "</td><td>"; switch ($f) { case 'download.php': case 'dl.php': case 'index.php': echo " </td></tr>"; break; default: echo "<a href=\"{$urlpath}/dl.php?name={$f}&mode=view\">View</a> <a href=\"{$urlpath}/dl.php?name={$f}\">Download</a> <a href=\"{$me}?mode=delete&name={$f}\" onclick=\"return delete_confirm();\">Delete</a></td></tr>"; break; } if (is_dir($file) && $test_depth) { $total = get_dir($file, $max_depth, $l + 1, $total); } } if (!$l) { echo "\n<tr><td colspan='4'>Total size: " . fsize($total) . "</td></tr></table>"; } return $total; }
plugins: { streaming: { url: 'flowplayer/flowplayer.pseudostreaming-3.2.7.swf' }, audio: { url: 'flowplayer/flowplayer.audio-3.2.2.swf' } } }); </script> <br /><br /> <a href="<?php echo urlenc($rootdir . $file); ?> " style="color:#555;">原始檔案下載(<?php echo fsize(ufilesize($rootdir . $_GET['file'])); ?> )</a> </center> </body> </html> <?php } else { $job = array('base' => $_GET['base'], 'file' => $file); $gmc = new Gearmanclient(); $gmc->addServer(); $gmc->doBackground("webnautilus", serialize($job)); ?> <html> <head> <meta http-equiv="refresh" content="10" />
<?php $svr = $_SERVER["PATH_TRANSLATED"]; $path_parts = pathinfo($svr); $str_current_path = $path_parts["dirname"]; $mydir = $str_current_path . "\\admin\\csv\\Integration_guide.zip"; $ret_val = fsize($mydir); print $ret_val; function fsize($file) { $a = array("B", "KB", "MB", "GB", "TB", "PB"); $pos = 0; $size = filesize($file); print $size . "<br>"; while ($size >= 1024) { $size /= 1024; $pos++; } return round($size, 2) . " " . $a[$pos]; } exit; function delete($file) { if (file_exists($file)) { chmod($file, 0777); if (is_dir($file)) { $handle = opendir($file); while ($filename = readdir($handle)) { if ($filename != "." && $filename != "..") { delete($file . "/" . $filename); }
function func_send_documents($zipfile, $str_company_name, $other_email, $str_failure_companies, $i_max_file_size_MB, $error_msg) { $arr_result = array(2); $zip_file_name = func_replace_invalid_literals($str_company_name); $filename = "csv/" . $zip_file_name . "_document.zip"; $fd = fopen($filename, "wb"); $out = fwrite($fd, $zipfile->file()); fclose($fd); $file_size = fsize($filename); //print($file_size."<br>"); if ($file_size < $i_max_file_size_MB) { $mailbody = "<html><head></head><body>"; $mailbody .= "Application / Documents for " . $str_company_name . " are being attached herewith."; $mailbody .= "</body></html>"; $mail_response = ""; $arrFiles = array($filename); $arrFileNames = array("application_document.zip"); if ($other_email != "") { //print("$str_company_name<br>"); if (!sendMail($_SESSION['gw_emails_sales'], "Application/Documents", $mailbody, $other_email, $arrFiles, $arrFileNames)) { //print("failure: $str_company_name<br>"); $str_failure_companies .= "<br> {$str_company_name}"; } else { //print("success: $str_company_name<br>"); } } } else { $error_msg .= "<br> {$str_company_name}"; } delete($filename); $arr_result[0] = $str_failure_companies; $arr_result[1] = $error_msg; return $arr_result; }
/** * Return file size if the file exists. * * @since 1.0.2 */ public function length() { if($this->exists()) return fsize($this->path); throw new Exception('File ' . $this->getName() . ' does not exist.'); }
function showdir($df) { $df = str_replace("//", "/", $df); $dirs = array(); $files = array(); if ($dir = opendir($df)) { while (($file = readdir($dir)) !== false) { if ($file == "." || $file == "..") { continue; } if (is_dir("{$df}/{$file}")) { $dirs[] = $file; } else { $files[] = $file; } } } closedir($dir); sort($dirs); sort($files); echo <<<EOF <table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> EOF; for ($i = 0; $i < count($dirs); $i++) { $perm = perms("{$df}/{$dirs[$i]}"); echo <<<EOF <tr height="1"> <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="{$PHP_SELF}?d={$df}/{$dirs[$i]}&show"><img HSPACE=3 border=0 src={$PHP_SELF}?imgname=dir></a></span></td> <td width="241" bgcolor="#FFFFF0"><a href="{$PHP_SELF}?d={$df}/{$dirs[$i]}&show">{$dirs[$i]}</a></td> <td width="100" align="center" bgcolor="#FFFFFF"><a href="{$PHP_SELF}?deldir={$df}/{$dirs[$i]}/">Удалить</a></td> <td width="51" align="center" bgcolor="#EFFFFF"><span class="style8"><center>Каталог</center></span></td> <td width="113" align="center" bgcolor="#FFFFF0">{$perm}</td> </tr> EOF; } for ($i = 0; $i < count($files); $i++) { $attr = ""; if (!($fi = @fopen("{$df}/{$files[$i]}", "r+"))) { $attr = " ONLY_READ "; $read = " href=\"{$PHP_SELF}?edit={$df}/{$files[$i]}&readonly\""; $write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\""; } else { fclose($fi); } if (!($fi = @fopen("{$df}/{$files[$i]}", "r"))) { $attr = " Can't_READ "; $read = ""; $write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\""; } else { fclose($fi); } if ($attr == "") { $attr = " READ/WRITE "; $read = " href=\"{$PHP_SELF}?edit={$df}/{$files[$i]}\""; $write = " href=\"{$PHP_SELF}?delfile={$df}/{$files[$i]}\""; } $perm = perms("{$df}/{$files[$i]}"); $it = "file"; switch (ext($files[$i])) { case ".txt": $it = "txt"; break; case ".php": $it = "txt"; break; case ".htm": $it = "txt"; break; case ".log": $it = "txt"; break; case ".pl": $it = "txt"; break; case ".asm": $it = "txt"; break; case ".bat": $it = "txt"; break; case ".bash_profile": $it = "txt"; break; case ".bash_history": $it = "txt"; break; case ".ini": $it = "txt"; break; case ".php3": $it = "txt"; break; case ".html": $it = "txt"; break; case ".cgi": $it = "txt"; break; case ".inc": $it = "txt"; break; case ".c": $it = "txt"; break; case ".cpp": $it = "txt"; break; } $fsize = fsize("{$df}/{$files[$i]}"); echo <<<EOF <tr height="1"> <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="{$PHP_SELF}?downloadfile={$df}/{$files[$i]}"><img HSPACE=3 border=0 src={$PHP_SELF}?imgname={$it}></a></span></td> <td width="241" bgcolor="#00FFFF"><a{$read}>{$files[$i]} </a> ({$fsize})</td> <td width="100" align="center" bgcolor="#FFFFFF"><a href="{$PHP_SELF}?rename=1&filetorename={$files[$i]}&d={$df}&diz">ren</a>/<a{$write}>del</a>/<a href="{$PHP_SELF}?downloadfile={$df}/{$files[$i]}">get</a>/<a href="{$PHP_SELF}?mailfile={$df}/{$files[$i]}">mail</a></td> <td width="51" align="center" bgcolor="#FFEFEF"><span class="style8"><center>{$attr}</center></span></td> <td width="113" align="center" bgcolor="#FFFFF9">{$perm}</td> </tr> EOF; } echo "</table>"; if (count($dirs) == 0 && count($files) == 0) { echo <<<EOF <table width="505" height="24" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">Папка пуста</td> </tr> </table> EOF; } }
function renderdir($rootdir, $dir) { global $ignore; $ret = ''; $r = $fnlist = $dirlist = array(); $r['index'] = null; if (($dir = safepath($rootdir, $dir)) === false) { redirect('index.php'); } $r['dir'] = $dir; $list = (array) uscandir(pathjoin($rootdir, $dir)); if ($list === false) { redirect('index.php?base=' . $_GET['base']); } foreach ($list as $e) { if ($e == '.' || $e == '..' || in_array(strtolower($e), $ignore)) { continue; } if (uis_dir(pathjoin($rootdir, $dir, $e))) { $dirlist[] = $e; } else { $fnlist[] = $e; } } $index_file = tryindex($fnlist, $dir); if (!empty($index_file)) { $r['index'] = pathjoin($rootdir, $dir, $index_file); } natsort($dirlist); natsort($fnlist); foreach ($dirlist as $e) { $cfg = loadcfg(pathjoin($rootdir, $dir, $e)); if (isset($cfg['index'])) { $idx = pathjoin($dir, $e, upath($cfg['index'])); $ahref = urlenc(pathjoin($rootdir, $idx)); $img = 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode($idx); } else { $ahref = 'index.php?base=' . $_GET['base'] . '&dir=' . urlencode(pathjoin($dir, $e)); $img = 'images/dir.gif'; } if (isset($cfg['icon'])) { $img = 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e, upath($cfg['icon']))); } $ret .= mkitem($e, $e, $e, '<a href="' . $ahref . '"' . ($cfg['target'] == '_blank' ? ' target="_blank"' : '') . '>', $img, istoday(pathjoin($rootdir, $dir, $e)), ($dz = udirsize(pathjoin($rootdir, $dir, $e))) > 0 ? '<br /><a name="pack" style="visibility: hidden; float:right;" href="pack.php?base=' . $_GET['base'] . '&dir=' . urlencode(pathjoin($dir, $e)) . '"><img alt="Download" title="Download - ' . fsize($dz) . '" src="images/pack.gif" /></a>' : ''); } foreach ($fnlist as $e) { if (isvideo($e) || isaudio($e)) { $ahref = '<a href="flowplayer.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">'; } elseif (isimage($e)) { $ahref = '<a href="image.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">'; } elseif (isweb($e)) { $ahref = '<a href="' . urlenc(pathjoin($rootdir, $dir, $e)) . '">'; } elseif (isdocument($e)) { $ahref = '<a href="document.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">'; } elseif (iscode($e)) { $ahref = '<a href="code.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)) . '">'; } else { $ahref = '<a href="' . urlenc(pathjoin($rootdir, $dir, $e)) . '">'; } # echo $dir.$e."\t".urlencode($dir.$e)."\n"; $ret .= mkitem($e, $e, $e . ' - (' . fsize(ufilesize(pathjoin($rootdir, $dir, $e))) . ')', $ahref, 'thumb.php?base=' . $_GET['base'] . '&file=' . urlencode(pathjoin($dir, $e)), istoday(pathjoin($rootdir, $dir, $e)), null); } $r['html'] = $ret; return $r; }
function fsizelong($zahl, $spacer = ' ') { return fsize($zahl, $spacer, 1); }
if ($newDir != "") { // get the path passed as a hidden form field $path = $_POST['path']; // only make a directory if it can be populated if ((@ini_set("file_uploads", 1) === true || ini_get("file_uploads") == 1) && is_writable($path)) { // create the new directory and assign it full read + write permissions mkdir($path . "/" . $newDir, 0777); } } } if (isset($_FILES['userfile']['tmp_name']) && $_POST['newDir'] == "") { // <!-- END: create new directory feature added 2006-10-19 by RAD --> // if(isset($_FILES['userfile']['tmp_name'])) { // old code replaced by new code above RAD // this seems to be an upload action. printf($_lang['files_uploading'], $_FILES['userfile']['name'], substr($startpath, $len, strlen($startpath))); echo $_FILES['userfile']['error'] == 0 ? $_lang['files_file_type'] . $_FILES['userfile']['type'] . ", " . fsize($_FILES['userfile']['tmp_name']) . "<br />" : ""; $userfile = $_FILES['userfile']['tmp_name']; if (is_uploaded_file($userfile)) { // file is uploaded file, process it! if (!in_array(getExtension($_FILES['userfile']['name']), $uploadablefiles)) { echo "<br /><span class='warning'>" . $_lang['files_filetype_notok'] . "</span><br />"; } else { if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $_POST['path'] . "/" . $_FILES['userfile']['name'])) { @chmod($_POST['path'] . "/" . $_FILES['userfile']['name'], 0644); echo "<br /><span class='success'>" . $_lang['files_upload_ok'] . "</span><br />"; } else { echo "<br /><span class='warning'>" . $_lang['files_upload_copy_failed'] . "</span> Possible permission problems - the directory you want to upload to needs to be set to 0777 permissions.<br />"; } } } else { echo "<br /><span class='warning'><b>" . $_lang['files_upload_error'] . ":</b> ";
} elseif ($ekstensi == 'pdf') { echo "<td rowspan='5'><img src='images/pdf.png'></td>"; } elseif ($ekstensi == 'ppt') { echo "<td rowspan='5'><img src='images/ppt.png'></td>"; } elseif ($ekstensi == 'pptx') { echo "<td rowspan='5'><img src='images/pptx.png'></td>"; } elseif ($ekstensi == 'docx') { echo "<td rowspan='5'><img src='images/doc.png'></td>"; } } else { echo "<td rowspan='5'><img src='images/kosong.png'></td>"; } echo "<td>Judul</td><td>: {$r['judul']}</td></tr>\n <tr><td>Nama File</td><td>: {$r['nama_file']}</td></tr>\n <tr><td>Ukuran</td>"; if (!empty($r[nama_file])) { $file = "files_materi/{$r['nama_file']}"; echo "<td>: " . fsize($file) . "</td></tr>"; } else { echo "<td>: </td></tr>"; } echo "<tr><td>Tanggal Posting</td><td>: {$r['tgl_posting']}</td></tr>\n <tr><td colspan=2><input type=button class='tombol' value='Download File'\n onclick=\"window.location.href='downlot.php?file={$r['nama_file']}';\">\n <b class='judul'>Di download : {$r['hits']} kali</b></td></tr>"; $no++; } echo "</table>"; $jmldata = mysql_num_rows(mysql_query("SELECT * FROM file_materi WHERE id_matapelajaran = '{$_GET['id']}'")); $jmlhalaman = $p->jumlahHalaman($jmldata, $batas); $linkHalaman = $p->navHalaman($_GET[halaman], $jmlhalaman); echo "<div id=paging>{$linkHalaman}</div><br>"; echo "<p class='garisbawah'></p><input type=button class='tombol' value='Kembali'\n onclick=self.history.back()>"; } else { echo "<script>window.alert('Tidak ada file materi di mata pelajaran ini?');\n window.location=(href='media.php?module=materi')</script>"; }
</head> <body> <?php if (is_dir($_SERVER["DOCUMENT_ROOT"] . $_GET["folder"])) { if ($dh = opendir($_SERVER["DOCUMENT_ROOT"] . $_GET["folder"])) { while (($file = readdir($dh)) !== false) { if ($file != "." && $file != ".." && !ereg("^\\.", $file) && !is_dir($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file)) { ?> <div> <?php echo $file; ?> - <?php echo fsize($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file); ?> - <?php echo date("d/m/Y h:i:s", filectime($_SERVER["DOCUMENT_ROOT"] . $_GET['folder'] . "/" . $file)); ?> - <a href="javascript:deleteFile('<?php echo urlencode($file); ?> ')">supprimer</a> <hr size="1"/> </div> <?php
function finder_data($r, $p, $rb) { if (!$r) { return array(array('f' => 'empty')); } if ($p) { $p .= '/'; } //ksort($r); foreach ($r as $k => $v) { $rc = ''; $rc['id'] = normalize($p . $k); $rc['pid'] = normalize($p); if (!is_numeric($k) or is_array($v)) { $rc['r'] = 1; $rc['f'] = $k; $nf = count($v); $nbd = 0; if (is_array($v)) { foreach ($v as $ka => $va) { if (!is_numeric($ka)) { $nbd++; } } } $rc['nbd'] = $nbd; $rc['opt'] = btn('txtsmall2', '(' . $nf . ')'); //nbof(,51) $rc['typ'] = 'folder'; $rc['j'] = ajx($p . $k) . '_'; } else { if ($rb[0] == 'shared') { $url = $v; $f = strpos($v, '/') !== false ? strrchr_b($v, '/') : $v; } else { $url = $p . $v; $f = $v; } $fb = fi_droot() . $url; $xt = xtb($f); $rc['url'] = $rc['url'] = $url; $rc['prop'] = strprm($p); if ($rb[1] == 'distant') { $rc['dist'] = 1; } else { $rc['opt'] = btn('txtsmall2', fsize($fb)) . ' '; $rc['date'] = btn('txtsmall2', ftime($fb, 'ymd')) . ' '; } $rc['xt'] = $xt; $rc['r'] = 0; $rc['j'] = ajx($url) . '_'; $rc['f'] = $f; if ($rb[0] == 'shared') { $rc['prop'] = btn('txtsmall', strprm($v)) . ' '; } if (is_file($fb) && $xt) { if (strpos('.jpg.png.gif', $xt) !== false && $rb[6] != 'pictos' && substr(fi_droot(), 0, 4) != 'http') { //set as mini $rc['img'] = make_thumb_c($fb, '48/48'); } else { $rc['typ'] = $xt; } } if ($rb[3] == 'icon') { if ($xt) { list($fd, $fl) = split_one('/', $url, 1); if ($xt == '.svg') { $fsvg = substr($url, 0, -4); $rc['conn'] = '[' . $fsvg . '§24:svg]'; $rc['img'] = svg($fsvg . '§24'); } elseif (strpos('.jpg.png.gif', $xt) !== false) { $rc['conn'] = '[' . substr($fl, 0, -4) . '§' . $fd . ':icon]'; } } } if ($rb[3] == 'disk') { $rc['conn'] = '[' . $url . ']'; } } $ret[] = $rc; } return $ret; }
?> <tr> <td class="text-center" data-title="Image"><img src="../images/<?php echo $p->filename; ?> " class="img-thumbnail" style="width:100px;height:100px;"></td> <td class="text-center" data-title="File Name"><?php echo $p->filename; ?> </td> <td class="text-center" data-title="Type"><?php echo $p->type; ?> </td> <td class="text-center" data-title="Type"><?php echo fsize($p->size); ?> </td> <td class="text-center" data-title="Caption"><?php echo $p->caption; ?> </td> <td class="text-center" data-title="Uploaded On"><?php echo $p->created_at; ?> </td> <td class="text-center" data-title="Last Edited"><?php echo $p->updated_at; ?> </td> <td class="text-center" data-title="Edit">