function __construct() { global $MAIN_CFG, $CPG_SESS; if (!is_dir(BASEDIR . 'themes/default/template')) { trigger_error('"default" theme does not exist', E_USER_ERROR); } $this->get_theme(); $this->_tpldata['.'][0]['REQUEST_URI'] = str_replace('&', '&', substr(URL::uri(), strlen($MAIN_CFG['server']['path']))); $this->root = 'themes/' . $this->tpl . '/template'; }
function online() { global $userinfo, $prefix, $db, $module_title, $SESS, $mainindex; if ($SESS->dbupdate) { $url = URL::uri(); $uname = $SESS->sess_id; $guest = 1; if (is_user()) { $uname = $userinfo['username']; $guest = 0; } elseif (SEARCHBOT) { $uname = SEARCHBOT; $guest = 3; } if (is_admin()) { global $CLASS; if ($guest == 1) { $uname = $CLASS['member']->admin['aid']; } $guest = 2; if (defined('ADMIN_PAGES')) { $url = $mainindex; } } $uname = Fix_Quotes($uname); if (empty($uname)) { return; } # something screwey $ctime = time(); $custom_title = Fix_Quotes($module_title ? $module_title : _HOME); $url = Fix_Quotes(str_replace('&', '&', $url)); if ($db->sql_count($prefix . '_session', "uname='{$uname}'")) { $db->sql_query('UPDATE ' . $prefix . "_session SET time='{$ctime}', module='{$custom_title}', url='{$url}', guest='{$guest}' WHERE uname='{$uname}'", true); } else { $db->sql_query('INSERT INTO ' . $prefix . "_session (uname, time, host_addr, guest, module, url) VALUES ('{$uname}', '{$ctime}', {$userinfo['user_ip']}, '{$guest}', '{$custom_title}', '{$url}')", true); } } }
return '<span style="padding:1px; background-color:' . $bgcolor2 . '; border-bottom:solid 1px ' . $bgcolor4 . ';">' . $content . '</span>'; } } $pagetitle .= $module_title . ' ' . _BC_DELIM . ' Search'; require_once 'header.php'; OpenTable(); echo dl_menu() . '<br /><hr />'; $search = new DL_Search(); if (isset($_POST['search']) || isset($_GET['sa']) || isset($_GET['key']) || isset($_GET['search_id'])) { $cur_page = isset($_GET['page']) && $_GET['page'] > 0 ? intval($_GET['page']) : 1; $perpage = $dl_config['perpage']; $limit = ($cur_page - 1) * $perpage; $search->search(isset($_GET['search_id']) ? $_GET['search_id'] : ''); if (count($search->criteria) > 0) { echo '<div style="background-color:' . $bgcolor2 . '; padding:3px;"><span class="genmed">Advanced search results</span></div> <div style="background-color:' . $bgcolor3 . '; border-bottom:1px solid ' . $bgcolor2 . '; padding:3px;"><span style="float:left;" class="genmed">Searching for downloads that match the following criteria:</span><span class="genmed" style="float:right;"><a href="' . URL::index('&file=search&edit=' . $search->search_id) . '">Edit search criteria</a></span><br />'; foreach ($search->criteria as $key => $value) { echo $search->criterion_label($key, htmlprepare($value)); } echo '<br /><br style="clear:both; line-height:0;" /></div>'; } if (!$search->error && $search->result_count == 0) { echo $search->show_error('No matching downloads found'); } $cpgtpl->assign_vars(array('NO_DOWNLOADS' => false, 'DL_REVIEW_ACTIVE' => $dl_config['r_active'], 'DL_PAGINATION' => gen_pagination($search->total_results, $perpage, $cur_page, '&file=search&search_id=' . $search->search_id), 'U_TO_TOP' => htmlprepare(URL::uri()), 'L_TO_TOP' => strtolower(_DLP_BACK2TOP), 'L_PAGE' => _DLP_PAGE, 'L_RATING' => _RATING, 'L_POPULARITY' => _POPULARITY, 'L_HOMEPAGE' => 'Homepage', 'L_SUBMITTEDBY' => _DLP_SUBMITTEDBY, 'L_WRITE_REVIEW' => _DLP_WRITEREVIEW)); $cpgtpl->set_filenames(array('body' => 'downloads/list_downloads.html')); $cpgtpl->display('body'); } else { echo $search->search_form(isset($_GET['edit']) ? intval($_GET['edit']) : false); } CloseTable();
} } $content .= "<img src=\"{$avatar}\" alt=\"\" />"; $content .= '<br />' . _BWEL . ' <b>' . $userinfo['username'] . '</b><br /><img src="images/spacer.gif" style="height:8px;" alt="" /></div>'; if ($pm_active) { $pm = $userinfo['user_new_privmsg'] + $userinfo['user_unread_privmsg']; $content .= ' <a title="' . _READSEND . '" href="' . URL::index('Private_Messages') . '"><img src="images/blocks/email.gif" alt="" style="border:0;" /></a> <a title="' . _READSEND . '" href="' . URL::index('Private_Messages') . '">' . _INBOX . '</a>'; $content .= ' ' . _NEW . ": <b>{$pm}</b><br />\n"; } $content .= '<a title="' . _ACCOUNTOPTIONS . '" href="' . URL::index('Your_Account') . '"><img src="images/blocks/logout.gif" alt="" /></a> <a title="' . _ACCOUNTOPTIONS . '" href="' . URL::index('Your_Account') . '">' . _Your_AccountLANG . '</a><br /> <a title="' . _LOGOUTACCT . '" href="' . URL::index('Your_Account&op=logout&redirect', false) . '"><img src="images/blocks/login.gif" alt="" style="float:left;" /></a> <a title="' . _LOGOUTACCT . '" href="' . URL::index('Your_Account&op=logout&redirect', false) . '">' . _LOGOUT . '</a>'; } else { if (isset($_GET['redirect']) && !isset($CPG_SESS['user']['redirect'])) { $CPG_SESS['user']['redirect'] = $CPG_SESS['user']['uri']; } $redirect = isset($CPG_SESS['user']['redirect']) ? $CPG_SESS['user']['redirect'] : URL::uri(); $content .= '<div style="text-align:center;"><img src="images/blocks/no_avatar.gif" alt="" /><br />' . _BWEL . ' <b>' . _ANONYMOUS . '</b></div> <hr /><form action="' . $redirect . '" method="post" enctype="multipart/form-data" accept-charset="utf-8" style="margin:0;"><div> <span style="float:left; height:25px;">' . _NICKNAME . '</span><span style="float:right; height:25px;"><input type="text" name="ulogin" size="10" maxlength="25" /></span><br /> <span style="float:left; height:25px;">' . _PASSWORD . '</span><span style="float:right; height:25px;"><input type="password" name="user_password" size="10" maxlength="20" /></span><br /> '; if ($MAIN_CFG['debug']['sec_code'] & 2) { $content .= '<span style="float:left; height:25px;">' . _SECURITYCODE . '</span><span style="float:right; height:25px;">' . generate_secimg() . '</span><br style="clear:left;" /> <span style="float:left; height:25px;">' . _TYPESECCODE . '</span><span style="float:right; height:25px;"><input type="text" name="gfx_check" size="8" maxlength="8" /></span><br />'; } // don't show register link unless allowuserreg is yes $content .= '<span style="float:left; height:25px;">' . ($MAIN_CFG['member']['allowuserreg'] ? '<input type="button" value="' . _BREG . '" onclick="window.location=\'' . URL::index('Your_Account&file=register', 1, 1) . '\'" />' : '') . '</span> <span style="float:right; height:25px;"><input type="submit" value="' . _LOGIN . '" /> </span></div></form>'; } if (is_admin()) {
$faq_block[$j][$counter]['question'] = $faq[$i][0]; $faq_block[$j][$counter]['answer'] = $faq[$i][1]; $counter++; $counter_2++; } else { $j = $counter != 0 ? $j + 1 : 0; $faq_block_titles[$j] = $faq[$i][1]; $counter = 0; } } // // Lets build a page ... // $page_title = $l_title; require_once 'includes/phpBB/page_header.php'; make_jumpbox('viewforum'); $template->assign_vars(array('L_FAQ_TITLE' => $l_title, 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'L_GO' => $lang['Go'])); for ($i = 0; $i < count($faq_block); $i++) { if (count($faq_block[$i])) { $template->assign_block_vars('faq_block', array('BLOCK_TITLE' => $faq_block_titles[$i])); $template->assign_block_vars('faq_block_link', array('BLOCK_TITLE' => $faq_block_titles[$i])); for ($j = 0; $j < count($faq_block[$i]); $j++) { $row_color = !($j % 2) ? $bgcolor2 : $bgcolor1; $row_class = !($j % 2) ? 'row1' : 'row2'; $template->assign_block_vars('faq_block.faq_row', array('ROW_COLOR' => $row_color, 'ROW_CLASS' => $row_class, 'FAQ_QUESTION' => $faq_block[$i][$j]['question'], 'FAQ_ANSWER' => $faq_block[$i][$j]['answer'], 'U_FAQ_ID' => $faq_block[$i][$j]['id'], 'REQUEST_URI' => URL::uri())); $template->assign_block_vars('faq_block_link.faq_row_link', array('ROW_COLOR' => $row_color, 'ROW_CLASS' => $row_class, 'FAQ_LINK' => $faq_block[$i][$j]['question'], 'U_FAQ_LINK' => URL::uri() . '#' . $faq_block[$i][$j]['id'])); } } } $template->set_filenames(array('body' => 'forums/faq_body.html')); require_once 'includes/phpBB/page_tail.php';
function get_uri() { depricated_warning(); return URL::uri(); }
+-------------------------------------------------------------------+ */ if (!defined('CPG_NUKE')) { exit; } global $db, $user_prefix, $userinfo, $SESS; if (is_user()) { $newsletter = $userinfo['newsletter']; $user_id = $userinfo['user_id']; if ($newsletter) { $message = _NEWSLETTERBLOCKSUBSCRIBED; $action = '<form action="' . URL::uri() . '" method="post"><div><input type="submit" name="nb_unsubscribe" value="' . _NEWSLETTERBLOCKUNSUBSCRIBE . '" /></div></form>'; if (isset($_POST['nb_unsubscribe'])) { $db->sql_query("UPDATE " . $user_prefix . "_users SET newsletter='0' WHERE user_id='{$user_id}'"); unset($_SESSION['CPG_USER']); URL::redirect($uri); } } else { $message = _NEWSLETTERBLOCKNOTSUBSCRIBED; $action = '<form action="' . URL::uri() . '" method="post"><div><input type="submit" name="nb_subscribe" value="' . _NEWSLETTERBLOCKSUBSCRIBE . '" /></div></form>'; if (isset($_POST['nb_subscribe'])) { $db->sql_query("UPDATE " . $user_prefix . "_users SET newsletter='1' WHERE user_id='{$user_id}'"); unset($_SESSION['CPG_USER']); URL::redirect($uri); } } } else { $message = _NEWSLETTERBLOCKREGISTER; $action = '<a href="' . URL::index('Your_Account&file=register') . '" title="' . _NEWSLETTERBLOCKREGISTERNOW . '">' . _NEWSLETTERBLOCKREGISTERNOW . '</a>'; } $content = '<div style="text-align:center;"><img src="images/blocks/newsletter.png" alt="' . _NEWSLETTER . '" title="' . _NEWSLETTER . '" /><br /><br />' . $message . '<br /><br />' . $action . '</div>';
if ($forum_topic_data['parent_id'] != 0) { $is_subforum = true; $parent_id = $forum_topic_data['parent_id']; $parents = array(); while ($parent_id != 0) { list($parent_name, $parent_id, $parent_forum_id) = $db->sql_ufetchrow("SELECT forum_name AS parent_name, parent_id, forum_id FROM " . FORUMS_TABLE . " WHERE forum_id = {$parent_id}", SQL_NUM); $parents[] = '<a href="' . URL::index("&viewforum&f={$parent_forum_id}") . '">' . $parent_name . '</a>'; } $parents = array_reverse($parents); $parents_list = implode(' ' . _BC_DELIM . ' ', $parents); } else { $is_subforum = false; $parents_list = ''; } # Send vars to template $template->assign_vars(array('START_REL' => $start + 1, 'FINISH_REL' => isset($_GET['finish_rel']) ? intval($_GET['finish_rel']) : $board_config['posts_per_page'] - $start, 'FORUM_ID' => $forum_id, 'FORUM_NAME' => $forum_name, 'FORUM_DESC' => $forum_desc, 'TOPIC_ID' => $topic_id, 'TOPIC_TITLE' => $topic_title, 'PAGINATION' => $pagination, 'PAGE_NUMBER' => sprintf($lang['Page_of'], floor($start / $pagination_ppp) + 1, ceil($total_replies / $pagination_ppp)), 'POST_IMG' => $post_img, 'REPLY_IMG' => $reply_img, 'PRINTER_IMG' => $printer_img, 'BC_DELIM' => _BC_DELIM, 'IS_SUBFORUM' => $is_subforum, 'SF_PARENTS' => $parents_list, 'L_AUTHOR' => $lang['Author'], 'L_MESSAGE' => $lang['Message'], 'L_POSTED' => $lang['Posted'], 'L_POST_SUBJECT' => $lang['Post_subject'], 'L_VIEW_NEXT_TOPIC' => $lang['View_next_topic'], 'L_VIEW_PREVIOUS_TOPIC' => $lang['View_previous_topic'], 'L_POST_NEW_TOPIC' => $post_alt, 'L_POST_REPLY_TOPIC' => $reply_alt, 'L_PRINTER_TOPIC' => $printer_alt, 'L_BACK_TO_TOP_LINK' => URL::uri(), 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'L_DISPLAY_POSTS' => $lang['Display_posts'], 'L_LOCK_TOPIC' => $lang['Lock_topic'], 'L_UNLOCK_TOPIC' => $lang['Unlock_topic'], 'L_MOVE_TOPIC' => $lang['Move_topic'], 'L_SPLIT_TOPIC' => $lang['Split_topic'], 'L_DELETE_TOPIC' => $lang['Delete_topic'], 'L_GOTO_PAGE' => $lang['Goto_page'], 'L_GO' => $lang['Go'], 'S_TOPIC_LINK' => POST_TOPIC_URL, 'S_SELECT_POST_DAYS' => $select_post_days, 'S_SELECT_POST_ORDER' => $select_post_order, 'S_POST_DAYS_ACTION' => URL::index("&file=viewtopic&" . POST_TOPIC_URL . "={$topic_id}&start={$start}"), 'S_AUTH_LIST' => $s_auth_can, 'S_TOPIC_ADMIN' => $topic_mod, 'S_WATCH_TOPIC' => $s_watching_topic, 'S_WATCH_TOPIC_IMG' => $s_watching_topic_img, 'U_VIEW_TOPIC' => URL::index("&file=viewtopic&" . POST_TOPIC_URL . "={$topic_id}&start={$start}&postdays={$post_days}&postorder={$post_order}&highlight={$highlight}"), 'U_VIEW_FORUM' => $view_forum_url, 'U_VIEW_OLDER_TOPIC' => $view_prev_topic_url, 'U_VIEW_NEWER_TOPIC' => $view_next_topic_url, 'U_POST_NEW_TOPIC' => $new_topic_url, 'U_PRINTER_TOPIC' => $printer_topic_url, 'U_POST_REPLY_TOPIC' => $reply_topic_url)); # Does this topic contain a poll? if (!empty($forum_topic_data['topic_vote'])) { $s_hidden_fields = ''; $sql = "SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result\n\t\tFROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr\n\t\tWHERE vd.topic_id = {$topic_id} AND vr.vote_id = vd.vote_id\n\t\tORDER BY vr.vote_option_id ASC"; $vote_info = $db->sql_ufetchrowset($sql, SQL_ASSOC); if ($vote_info) { $vote_options = count($vote_info); $vote_id = $vote_info[0]['vote_id']; $vote_title = $vote_info[0]['vote_text']; $result = $db->sql_query("SELECT vote_id FROM " . VOTE_USERS_TABLE . " WHERE vote_id = {$vote_id} AND vote_user_id = " . intval($userdata['user_id'])); $user_voted = ($row = $db->sql_fetchrow($result)) ? TRUE : 0; $db->sql_freeresult($result); if (isset($_GET['vote']) || isset($_POST['vote'])) { $view_result = (isset($_GET['vote']) ? $_GET['vote'] : $_POST['vote']) == 'viewresult' ? TRUE : 0; } else {
} $row['link_type'] = -1; if (!isset($row['catpos'])) { $row['catpos'] = -1; } $menucats[$row['catpos']][$row['linkpos']] = $row; } // Load custom links from database $result = $db->sql_query("SELECT l.title, l.link, l.link_type, l.view, l.active, l.cat_id, l.pos AS linkpos, c.name, c.image, c.pos AS catpos, c.link AS catlnk, c.link_type AS cattype FROM " . $prefix . "_modules_links AS l LEFT JOIN " . $prefix . "_modules_cat c ON (c.cid = l.cat_id) {$lnkquery} ORDER BY l.pos"); while ($row = $db->sql_fetchrow($result)) { if (defined($row['title'])) { $row['title'] = constant($row['title']); } $link = str_ireplace('&', '&', $row['link']); if (URL::uri() != '') { if (false !== strpos(URL::uri(), $link)) { $row['lnkimage'] = 'icon_select.gif'; $setimage = 0; } } $row['link'] = str_ireplace('&', '&', $link); $row['catlnk'] = str_ireplace('&', '&', $row['catlnk']); $row['inmenu'] = 1; if (!isset($row['catpos'])) { $row['catpos'] = -1; } $menucats[$row['catpos']][$row['linkpos']] = $row; } ksort($menucats); $nocatcontent = ''; while (list($cat, $items) = each($menucats)) {
} else { $cpgtpl->assign_var('DL_REVIEWS', false); } $db->sql_freeresult($result); if (can_admin($module_name) || $row['submitter'] == $userinfo['user_id']) { // pagination $cur_page2 = isset($_GET['p_page']) && $_GET['p_page'] > 0 ? intval($_GET['p_page']) : 1; $limit2 = ($cur_page2 - 1) * $perpage; $result = $db->sql_query("SELECT r.id, r.uid, r.ip, r.title, r.comment, r.score, r.timestamp, u.username, COUNT(r.score) AS votes FROM " . $dl_prefix . "_ratings r\n\tLEFT JOIN " . $user_prefix . "_users u ON (u.user_id = r.uid)\n\tWHERE r.lid='{$global_id}' AND r.comment!='' AND active=0 \n\tGROUP BY r.id DESC, r.uid, r.ip, r.title, r.comment, r.score, r.timestamp, u.username \n\tLIMIT {$perpage} OFFSET {$limit2}"); list($pending) = $db->sql_ufetchrow("SELECT COUNT(*) FROM " . $dl_prefix . "_ratings \n\tWHERE lid='{$global_id}' AND active=0"); if ($db->sql_numrows($result)) { $cpgtpl->assign_vars(array('DL_P_REVIEW_PAGES' => ceil($pending / $perpage) > 1 ? gen_pagination($pending, $perpage, $cur_page2, '&file=details&id=' . $global_id, 'p_reviews', 'p_page') : false, 'DL_P_REVIEWS' => $pending)); $i = 0; while (list($review_id, $review_uid, $review_ip, $review_title, $review_comment, $review_score, $review_timestamp, $review_uname, $review_votes) = $db->sql_fetchrow($result)) { $rating_info = get_rating($review_score, $review_votes); $cpgtpl->assign_block_vars('dl_p_review', array('ID' => $review_id, 'U_ID' => htmlprepare(URL::uri()) . '#r' . $review_id, 'RATING' => _DLP_REVIEW . ' #' . $review_id . ': ' . $rating_info['desc'], 'U_MEMBER' => URL::index('Your_Account&profile=' . $review_uid), 'MEMBERNAME' => $review_uname, 'DATE' => generate_date($review_timestamp), 'U_DEL' => can_admin($module_name) || $row['submitter'] == $userinfo['user_id'] ? '<a href="' . URL::index('&del_review=' . $review_id) . '">[' . strtolower(_DELETE) . ']</a>' : false, 'U_APPR' => can_admin($module_name) || $row['submitter'] == $userinfo['user_id'] ? '<a href="' . URL::index('&approve_review=' . $review_id) . '">[' . strtolower(_DLP_APPROVE) . ']</a>' : false, 'TITLE' => $review_title, 'COMMENT' => decode_bb_all($review_comment), 'IP' => decode_ip($review_ip), 'IMG_RATE' => dl_image('stars/' . $rating_info['rating'] . '.png'), 'SPACER' => $i > 0)); $i++; } } else { $cpgtpl->assign_var('DL_P_REVIEWS', false); } $db->sql_freeresult($result); } else { $cpgtpl->assign_var('DL_P_REVIEWS', false); } } if ($row['pick']) { $cpgtpl->assign_block_vars('dl_image', array('SRC' => dl_image('pick.png'), 'TITLE' => _DLP_EDPICK)); } // custom fields: images $result = $db->sql_query("SELECT field, img_path, img_alt FROM " . $dl_prefix . "_fields \n\tWHERE type=3 AND visible > 0");
//Module::$custom[-5] = array('mid' => -5, 'name' => 'user_search', 'file' => CORE_PATH.'user_search.php', 'view' => 1); $name = !empty($_POST['name']) ? $_POST['name'] : (!empty($_GET['name']) ? $_GET['name'] : $MAIN_CFG['global']['main_module']); if (!preg_match('#^[a-zA-Z0-9_\\-]+$#', $name)) { trigger_error(sprintf(_ERROR_BAD_CHAR, strtolower(_MODULES)), E_USER_ERROR); } $file = isset($_POST['file']) ? $_POST['file'] : (isset($_GET['file']) ? $_GET['file'] : 'index'); if (!preg_match('#^[a-zA-Z0-9_\\-]+$#', $file)) { trigger_error(sprintf(_ERROR_BAD_CHAR, strtolower(_BLOCKFILE2)), E_USER_ERROR); } $Module = new Module($name); if (!is_file(BASEDIR . "modules/{$Module->name}/{$file}.php")) { trigger_error("Failed: is_file(modules/{$Module->name}/{$file}.php)", E_USER_WARNING); trigger_error(sprintf(_MODULENOEXIST, ''), E_USER_ERROR); } if (HTTPS_REQUIRED && 'https' !== DOMAIN_PROTOCOL && $Module->https) { URL::redirect('https://' . DOMAIN_NAME . URL::uri()); } /* class setup */ Module::$file = $file; // optional Module::$path = BASEDIR . "modules/{$Module->path_name}/"; // optional Module::$is_home = $Module->name === $MAIN_CFG['global']['main_module']; /* finished instructing class */ # check for permissions $Module->allow(); # get module custom language get_lang($Module->name, -1); # setup blocks, showblocks may be depreciated in the near future Blocks::$showblocks = $Module->sides; /* compatibility */
public function secure_download(&$error, $filename, $realname = '') { $chunksize = 2048; // how many bytes per chunk if (empty($realname)) { $realname = $filename; } if (strpos($filename, '://')) { // send remote file $rdf = parse_url($filename); if (!isset($rdf['host'])) { return false; } if (!isset($rdf['port'])) { $rdf['port'] = 80; } if (!isset($rdf['query'])) { $rdf['query'] = ''; } $fp = fsockopen($rdf['host'], $rdf['port'], $errno, $errstr, 15); if ($fp === false) { $error = "{$errno}: {$errstr}"; trigger_error($error, E_USER_WARNING); return false; } fputs($fp, 'GET ' . $rdf['path'] . $rdf['query'] . " HTTP/1.0\r\n"); fputs($fp, 'User-Agent: Dragonfly Passthru (' . URL::index('credits', true, true) . ")\r\n"); fputs($fp, 'Referer: ' . URL::uri() . "\r\n"); fputs($fp, 'HOST: ' . $rdf['host'] . "\r\n\r\n"); $data = rtrim(fgets($fp, 512)); if (false === strpos($data, ' 200 OK')) { $error = $data; trigger_error($data, E_USER_WARNING); return false; } while (ob_end_clean()) { } // Read all headers while (!empty($data)) { $data = rtrim(fgets($fp, 300)); // read lines if (preg_match('#(Content-Length|Content-Type|Last-Modified): #i', $data)) { header($data); } } } else { if (preg_match('#\\.(\\.|php$)#', $filename)) { $error = "{$filename} isn't allowed to be downloaded"; trigger_error($error, E_USER_WARNING); return false; } if (!($fp = fopen($filename, 'rb'))) { $error = "{$filename} could not be opened"; trigger_error($error, E_USER_WARNING); return false; } while (ob_end_clean()) { } $mimetype = ($img = getimagesize($filename)) ? $img['mime'] : ''; // send local file if (!strstr($mimetype, 'image')) { $ext = explode('.', $realname); $ext = strtolower(array_pop($ext)); if ($ext == 'bz2') { $mimetype = 'application/bzip2'; } elseif ($ext == 'gz' || $ext == 'tgz') { $mimetype = 'application/x-gzip'; } elseif ($ext == 'gtar') { $mimetype = 'application/x-gtar'; } elseif ($ext == 'tar') { $mimetype = 'application/x-tar'; } elseif ($ext == 'zip') { $mimetype = 'application/zip'; } elseif ($ext == 'wma') { $mimetype = 'audio/x-ms-wma'; } elseif ($ext == 'wmv') { $mimetype = 'video/x-ms-wmv'; } else { $mimetype = 'application/octet' . (preg_match('#(Opera|compatible; MSIE)#', $_SERVER['HTTP_USER_AGENT']) ? 'stream' : '-stream'); } } // header('Content-Type: "'.mime_content_type(basename($realname)).'"'); // PHP >= 4.3.0 header('Content-Type: ' . $mimetype . '; name="' . basename($realname) . '"'); header('Content-Length: ' . filesize($filename)); } header('Content-Encoding:'); // header('Content-Disposition: inline; filename="'.basename($realname).'"'); header('Content-Disposition: attachment; filename="' . basename($realname) . '"'); set_time_limit(0); while (!feof($fp)) { print fread($fp, $chunksize); } return fclose($fp); }
<?php $LNG = array('_SECURITY_STATUS' => array(301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 500 => 'Internal Server Error', 503 => 'Service Unavailable', 800 => 'Bad IP', 801 => 'Spam url in referer header', 802 => 'Unknown user-agent', 803 => 'Flood Protection'), '_SECURITY_MSG' => array(301 => 'The URL that you requested, ' . URL::uri() . ', has been moved permanently to a new URI and any future references to this page SHOULD use the new URI.', 302 => 'The URL that you requested, ' . URL::uri() . ', has been moved temporarily to a new URI and any future references to this page SHOULD remain.', 400 => 'The URL that you requested, ' . URL::uri() . ', was a bad request.', 401 => 'The URL that you requested, ' . URL::uri() . ', requires preauthorization to access.', 402 => 'The URL that you requested, ' . URL::uri() . ', requires payment to access.', 403 => 'Access to the URL that you requested, ' . URL::uri() . ', is forbidden.', 404 => 'The URL that you requested, ' . URL::uri() . ', could not be found. Perhaps you either mistyped the URL or we have a broken link.<br /><br />We have logged this error and will correct the problem if it is a broken link.', 500 => 'The URL that you requested, ' . URL::uri() . ', resulted in a server configuration error. It is possible that the condition causing the problem will be gone by the time you finish reading this.<br /><br />We have logged this error and will correct the problem.', 503 => 'The URL that you requested, ' . URL::uri() . ', is temporarily unavailable.', 800 => 'You are banned from this site due to a bad ip.', 801 => 'You are banned from this site due to a spam url in the referer header.', 802 => 'You are banned from this site due to a unknown user-agent.', 803 => 'You are banned from this site due to ignoring our anti-flood warnings.', '_FLOOD' => 'You are not allowed to flood our system.<br />You may view our website again after %s seconds', 'Last_warning' => '<p>This is your last warning, next time you will be banned!</p>'));
public function write_close() { if (!$this->started) { return; } global $CPG_SESS, $module_name; $_SESSION['SECURITY']['page'] = $module_name; $CPG_SESS['admin']['page'] = isset($_GET['op']) ? $_GET['op'] : (isset($_POST['op']) ? $_POST['op'] : ''); $CPG_SESS['user']['page'] = $module_name; $CPG_SESS['user']['file'] = isset($_GET['file']) ? $_GET['file'] : (isset($_POST['file']) ? $_POST['file'] : ''); $CPG_SESS['user']['uri'] = URL::uri(); if (isset($CPG_SESS['user']['redirect']) && $CPG_SESS['user']['redirect'] != $CPG_SESS['user']['uri'] && $module_name != 'Your_Account') { unset($CPG_SESS['user']['redirect']); } $_SESSION['CPG_SESS'] = $CPG_SESS; session_write_close(); if (CAN_MOD_INI) { ini_set('session.save_handler', $this->old_handler); } $this->started = false; }
function userinfo($username) { global $db, $prefix, $user_prefix, $currentlang, $pagetitle, $MAIN_CFG, $CPG_SESS, $CLASS, $cpgtpl; $owninfo = is_user() && ($username == is_user() || strtolower($username) == strtolower($CLASS['member']->members[is_user()]['username'])); if ($owninfo) { $userinfo =& $CLASS['member']->members[is_user()]; global $Blocks; $block = array('bid' => 10000, 'view' => 1, 'side' => 'l', 'title' => _TB_BLOCK, 'content' => member_block()); $Blocks->custom($block); $block = NULL; } else { if (!is_user() && $username != 'Anonymous') { URL::redirect(URL::index('&profile=Anonymous')); } else { if (!($userinfo = getusrdata($username)) || $userinfo['user_level'] < 1) { require_once 'header.php'; OpenTable(); echo _NOINFOFOR . ' <strong>' . htmlspecialchars($username) . '</strong>'; if (!$userinfo) { echo '<br /><br /><em>' . _MA_USERNOEXIST . '</em>'; } elseif ($userinfo['user_level'] == 0) { echo '<br /><br /><em>' . _ACCSUSPENDED . '</em>'; } elseif ($userinfo['user_level'] == -1) { echo '<br /><br /><em>' . _ACCDELETED . '</em>'; } CloseTable(); return; } } } $username = $userinfo['username']; $imgpath = 'themes/' . $CPG_SESS['theme'] . '/images/forums/lang_'; $imgpath .= file_exists($imgpath . $currentlang . '/icon_email.gif') ? $currentlang : 'english'; if ($owninfo) { $pagetitle .= ' ' . _BC_DELIM . ' ' . $username . ', ' . _THISISYOURPAGE; } else { $pagetitle .= ' ' . _BC_DELIM . ' ' . _PERSONALINFO . ' ' . _BC_DELIM . ' ' . $username; } require_once 'header.php'; require_once CORE_PATH . 'nbbcode.php'; if ($userinfo['user_avatar_type'] == 1) { $avatar = $MAIN_CFG['avatar']['path'] . '/' . $userinfo['user_avatar']; } else { if ($userinfo['user_avatar_type'] == 2) { $avatar = $userinfo['user_avatar']; } else { if ($userinfo['user_avatar_type'] == 3 && !empty($userinfo['user_avatar'])) { $avatar = $MAIN_CFG['avatar']['gallery_path'] . '/' . $userinfo['user_avatar']; } else { $avatar = $MAIN_CFG['avatar']['gallery_path'] . '/' . $MAIN_CFG['avatar']['default']; } } } if ($avatar) { $avatar = '<img src="' . $avatar . '" alt="" />'; } if ($userinfo['user_website']) { if (false === strpos($userinfo['user_website'], '://')) { $userinfo['user_website'] = "http://{$userinfo['user_website']}"; } } if (!preg_match('#^(http[s]?\\:\\/\\/)?([a-z0-9\\-\\.]+)?[a-z0-9\\-]+\\.[a-z]{2,4}$#i', $userinfo['user_website'])) { $userinfo['user_website'] = ''; } if ($userinfo['user_rank']) { $sql = 'rank_id = ' . $userinfo['user_rank'] . ' AND rank_special = 1'; } else { $sql = 'rank_min <= ' . intval($userinfo['user_posts']) . ' AND rank_special = 0 ORDER BY rank_min DESC'; } list($poster_rank, $rank_image) = $db->sql_ufetchrow('SELECT rank_title, rank_image FROM ' . $prefix . '_bbranks WHERE ' . $sql, SQL_NUM); $poster_rank = $rank_image ? '<img src="' . $rank_image . '" alt="' . $poster_rank . '" title="' . $poster_rank . '" />' : $poster_rank; if (can_admin('members') || $owninfo) { $result = $db->sql_query("SELECT field, langdef, type FROM " . $user_prefix . "_users_fields WHERE section = 2 OR section = 3"); } else { $result = $db->sql_query("SELECT field, langdef, type FROM " . $user_prefix . "_users_fields WHERE section = 2"); } if ($db->sql_numrows($result) > 0) { while ($row = $db->sql_fetchrow($result)) { if ($row['type'] == 1) { $value = $userinfo[$row['field']] ? _YES : _NO; } else { $value = $userinfo[$row['field']]; } if (defined($row['langdef'])) { $row['langdef'] = constant($row['langdef']); } $cpgtpl->assign_block_vars('custom_field', array('NAME' => $row['langdef'], 'VALUE' => $value)); } } $blog_url = 0; if (is_active('Blogs')) { list($num_blogs) = $db->sql_ufetchrow("SELECT COUNT(*) FROM " . $prefix . "_blogs \n\t\tWHERE aid='{$username}' AND private=0"); if ($num_blogs > 0) { $blog_url = 1; } } $show_email = 0; if ($userinfo['user_viewemail'] && is_user() || $owninfo || is_admin() && !$CLASS['member']->demo) { $email = $userinfo['user_email']; } else { if ($userinfo['femail']) { $email = $userinfo['femail']; } } if (isset($email) && Security::check_email($email)) { $email = 'mailto:' . $email; if (!$owninfo && is_user()) { define('IN_PHPBB', true); define('PHPBB_INSTALLED', true); $phpbb_root_path = "./modules/Forums/"; require_once $phpbb_root_path . 'common.php'; global $board_config; if ($board_config['board_email_form']) { $email = URL::index('Forums&file=profile&mode=email&u=' . $userinfo['user_id']); } } $show_email = 1; } $show_pm = 0; if (!$owninfo && is_user() && is_active('Private_Messages')) { $show_pm = 1; } $show_gallery = 0; if (is_active('coppermine')) { $user_gallery = 10000 + $userinfo['user_id']; $ugall_result = $db->sql_query("SELECT p.pid FROM " . $prefix . "_cpg_pictures AS p, " . $prefix . "_cpg_albums AS a WHERE a.aid = p.aid AND a.category = {$user_gallery}"); if ($db->sql_numrows($ugall_result) > 0) { $show_gallery = 1; } } $cpgtpl->assign_vars(array('ABOUT_USER' => _ABOUT_USER . $username, 'AVATAR' => $avatar, 'JOINED_DATE' => formatDateTime($userinfo['user_regdate'], _DATESTRING3), 'USER_RANK' => $poster_rank, 'USER_LOCATION' => decode_bb_all($userinfo['user_from']), 'USER_WEBSITE' => $userinfo['user_website'], 'USER_OCCUPATION' => decode_bb_all($userinfo['user_occ']), 'USER_INTERESTS' => decode_bb_all($userinfo['user_interests']), 'USER_SIGNATURE' => $userinfo['user_sig'] ? decode_bb_all($userinfo['user_sig'], 1, false) : false, 'USER_EXTRA_INFO' => $userinfo['bio'] ? decode_bb_all($userinfo['bio'], 1, false) : false, 'BLOG_URL' => $blog_url ? URL::index('Blogs&mode=user&nick=' . $username) : false, 'EMAIL_ADDRESS' => $show_email ? $email : false, 'IMG_PATH' => $imgpath, 'U_PM' => $show_pm ? URL::index("Private_Messages&mode=post&u={$userinfo['user_id']}") : false, 'USER_MSNM' => $userinfo['user_msnm'], 'USER_YIM' => $userinfo['user_yim'], 'USER_AIM' => $userinfo['user_aim'], 'USER_ICQ' => $userinfo['user_icq'], 'USER_SKYPE' => $userinfo['user_skype'], 'USER_GALLERY' => $show_gallery ? URL::index('coppermine&cat=' . (10000 + $userinfo['user_id'])) : false, 'OWN_OR_CAN_ADMIN' => $owninfo || can_admin('members'), 'OWN_INFO' => $owninfo, 'SUBSCRIBED' => $userinfo['newsletter'], 'CAN_ADMIN_MEMBERS' => can_admin('members'), 'U_EDIT_USER' => URL::admin('users&mode=edit&edit=profile&id=' . $userinfo['user_id']), 'U_SUSPEND_USER' => URL::admin('users&mode=edit&edit=admin&id=' . $userinfo['user_id']), 'HEADLINES_ALLOWED' => $owninfo && $MAIN_CFG['member']['my_headlines'], 'URL_URI' => URL::uri(), 'SHOW_RSS' => false)); if ($owninfo && $MAIN_CFG['member']['my_headlines']) { $hid = isset($_POST['hid']) ? intval($_POST['hid']) : 0; $url = isset($_POST['url']) ? $_POST['url'] : ''; $sql4 = 'SELECT hid, sitename FROM ' . $prefix . '_headlines ORDER BY sitename'; $headl = $db->sql_query($sql4); while (list($nhid, $hsitename) = $db->sql_fetchrow($headl)) { $sel = $hid == $nhid ? ' selected="selected"' : ''; $cpgtpl->assign_block_vars('feed_option', array('VALUE' => $nhid, 'SELECTED' => $sel, 'NAME' => $hsitename)); } if ($hid > 0 || $hid == 0 && strlen($url) > 10) { if ($hid > 0) { $sql5 = 'SELECT sitename, headlinesurl FROM ' . $prefix . "_headlines WHERE hid='{$hid}'"; $result5 = $db->sql_query($sql5); list($title, $url) = $db->sql_fetchrow($result5); $siteurl = str_ireplace('http://', '', $url); $siteurl = explode('/', $siteurl); } else { if (false === strpos($url, '://')) { $url = 'http://' . $url; } $siteurl = str_ireplace('http://', '', $url); $siteurl = explode('/', $siteurl); $title = 'http://' . $siteurl[0]; } include_once CORE_PATH . 'classes/rss.php'; $content = CPG_RSS::display($url); $cpgtpl->assign_vars(array('SHOW_RSS' => true, 'RSS_CONTENT' => $content, 'RSS_URL' => $siteurl[0], 'RSS_TITLE' => $title)); } } $cpgtpl->set_handle('userinfo', 'your_account/userinfo.html'); $cpgtpl->display('userinfo'); $blocksdir = dir('modules/Your_Account/blocks'); while ($func = $blocksdir->read()) { if (substr($func, -3) == 'php') { $blockslist[] = $func; } } closedir($blocksdir->handle); natcasesort($blockslist); for ($i = 0; $i < sizeof($blockslist); $i++) { require_once 'modules/Your_Account/blocks/' . $blockslist[$i]; } }
<a href="' . URL::index() . '">' . _MAIN . '</a> | <a href="' . URL::index('&file=search&cat=' . $id_cat) . '">' . _SEARCH . '</a><br /><br /> <table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline"> <tr><td align="center" class="catleft" colspan="2"><b><span class="gen">' . _QUESTION . '</span></b></td></tr> <tr><td align="center" class="row1" colspan="2">' . _SORT . ': ' . (isset($_GET['sort']) && $_GET['sort'] == 'asc' ? '<b>' . _ASCENDING . '</b>' : '<a href="' . URL::index('&cat=' . $id_cat . '&sort=asc') . '">' . _ASCENDING . '</a>') . ' / ' . (isset($_GET['sort']) && $_GET['sort'] == 'desc' ? '<b>' . _DESCENDING . '</b>' : '<a href="' . URL::index('&cat=' . $id_cat . '&sort=desc') . '">' . _DESCENDING . '</a>') . ' </td></tr>'; foreach ($result as $row) { echo '<tr><td class="row1" colspan="2"><span class="gen"><a href="' . htmlprepare(URL::uri()) . '#' . $row['id'] . '">' . $row['question'] . '</a></span></td></tr>'; } echo '</table><br /> <table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline" align="center"> <tr><td align="center" class="catleft" colspan="2"><b><span class="gen">' . _ANSWER . '</span></b></td></tr>'; foreach ($result as $row) { echo '<tr><td align="justify" class="row1" colspan="2"><a id="' . $row['id'] . '"></a><b><span class="gen">' . $row['question'] . '</span></b><br /><br /> <span class="gen">' . decode_bbcode($row['answer'], 1) . '</span><br /><br /> <div style="float:left;"><a href="' . htmlprepare(URL::uri()) . '#top">' . _BACKTOTOP . '</a></div>'; if (can_admin('faq')) { echo '<div style="float:right;"><a href="' . URL::admin('&mode=edit&faq=' . $row['id']) . '">' . _EDIT . '</a> | <a href="' . URL::admin('&mode=delete&faq=' . $row['id']) . '">' . _DELETE . '</a></div>'; } echo '</tr><tr><td class="spaceRow" style="height:1px;"><img src="images/spacer.gif" alt="" width="1" height="1" /></td></tr>'; } echo '</table>'; } else { echo '<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline" align="center"> <tr><td align="center" class="row1" colspan="2" style="height:22px;">' . sprintf(_ERROR_NONE_TO_DISPLAY, strtolower(_FAQ2)) . '<br /><br /><a href="' . URL::index() . '">' . _BACKTOFAQINDEX . '</a></td></tr> </table>'; } } else { $order = isset($_GET['sort']) && $_GET['sort'] == 'desc' ? 'categories DESC' : (isset($_GET['sort']) ? 'categories ASC' : 'id ASC'); $querylang = $multilingual ? 'WHERE (flanguage=\'' . $currentlang . '\' OR flanguage= \'\') ' : ''; $cats = $db->sql_ufetchrowset("SELECT c.id_cat, c.categories, COUNT(a.id_cat) AS faqs FROM " . $prefix . "_faqcategories c \n\t\tLEFT JOIN " . $prefix . "_faqanswer a ON (a.id_cat = c.id_cat) {$querylang} \n\t\tGROUP BY c.categories, c.id_cat \n\t\tORDER BY {$order}", SQL_BOTH, __FILE__, __LINE__);