function uploadFile($file, $cattype, $cat)
{
global $loguserid, $uploaddirs, $goodfiles, $badfiles, $userquota, $maxSize;
$targetdir = $uploaddirs[$cattype];
$totalsize = foldersize($targetdir);
$filedata = $_FILES[$file];
$c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND cattype={1} AND user={2} AND deldate=0", $filedata['name'], $cattype, $loguserid);
if ($c > 0) {
return "You already have a file with this name. Please delete the old copy before uploading a new one.";
}
if ($filedata['size'] == 0) {
if ($filedata['tmp_name'] == '') {
return 'No file given.';
} else {
return 'File is empty.';
}
}
if ($filedata['size'] > $maxSize) {
return 'File is too large. Maximum size allowed is ' . BytesToSize($maxSize) . '.';
}
$randomid = Shake();
$pname = $randomid . '_' . Shake();
$fname = $_FILES['newfile']['name'];
$temp = $_FILES['newfile']['tmp_name'];
$size = $_FILES['size']['size'];
$parts = explode(".", $fname);
$extension = end($parts);
if ($totalsize + $size > $quot) {
Alert(format(__("Uploading \"{0}\" would break the quota."), $fname));
} else {
if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) {
return 'Forbidden file type.';
} else {
$description = $_POST['description'];
$big_descr = $cat['showindownloads'] ? $_POST['big_description'] : '';
Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname);
copy($temp, $targetdir . "/" . $pname);
Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $fname . "[/]\"" . ($privateFlag ? " (privately)" : ""), $privateFlag);
die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_POST["cat"])));
}
}
}
}
$totalsize = foldersize($targetdir);
mkdir($targetdir);
$files = scandir($targetdir);
if (in_array($_FILES['newfile']['name'], $files)) {
Alert(format(__("The file \"{0}\" already exists. Please delete the old copy before uploading a new one."), $_FILES['newfile']['name']));
} else {
if ($_FILES['newfile']['size'] == 0) {
if ($_FILES['newfile']['tmp_name'] == "") {
Alert(__("No file given."));
} else {
Alert(__("File is empty."));
}
} else {
if ($_FILES['newfile']['size'] > Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024) {
Alert(format(__("File is too large. Maximum size is {0}."), BytesToSize(Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024)));
} else {
$fname = $_FILES['newfile']['name'];
$temp = $_FILES['newfile']['tmp_name'];
$size = $_FILES['size']['size'];
$parts = explode(".", $fname);
$extension = end($parts);
if ($totalsize + $size > $quot) {
Alert(format(__("Uploading \"{0}\" would break the quota."), $fname));
} else {
if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) {
Alert(__("Forbidden file type."));
} else {
$description = htmlspecialchars($_POST['description']);
Query("insert into {uploader} (filename, description, date, user, private, category) values ({0}, {1}, {2}, {3}, {4}, {5})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat']);
copy($temp, $targetdir . "/" . $fname);
function makePostText($post, $poster)
{
$noSmilies = $post['options'] & 2;
//Do Ampersand Tags
$tags = array("postnum" => $post['num'], "postcount" => $poster['posts'], "numdays" => floor((time() - $poster['regdate']) / 86400), "date" => formatdate($post['date']), "rank" => GetRank($poster['rankset'], $poster['posts']));
$bucket = "amperTags";
include __DIR__ . "/pluginloader.php";
if ($poster['signature']) {
if (!$poster['signsep']) {
$separator = "<br>_________________________<br>";
} else {
$separator = "<br>";
}
}
$attachblock = '';
if ($post['has_attachments']) {
if (isset($post['preview_attachs'])) {
$ispreview = true;
$fileids = array_keys($post['preview_attachs']);
$attachs = Query("SELECT id,filename,physicalname,description,downloads \n\t\t\t\tFROM {uploadedfiles}\n\t\t\t\tWHERE id IN ({0c})", $fileids);
} else {
$ispreview = false;
$attachs = Query("SELECT id,filename,physicalname,description,downloads \n\t\t\t\tFROM {uploadedfiles}\n\t\t\t\tWHERE parenttype={0} AND parentid={1} AND deldate=0\n\t\t\t\tORDER BY filename", 'post_attachment', $post['id']);
}
while ($attach = Fetch($attachs)) {
$url = URL_ROOT . 'get.php?id=' . htmlspecialchars($attach['id']);
$linkurl = $ispreview ? '#' : $url;
$filesize = filesize(DATA_DIR . 'uploads/' . $attach['physicalname']);
$attachblock .= '<br><div class="post_attachment">';
$fext = strtolower(substr($attach['filename'], -4));
if ($fext == '.png' || $fext == '.jpg' || $fext == 'jpeg' || $fext == '.gif') {
$alt = htmlspecialchars($attach['filename']) . ' — ' . BytesToSize($filesize) . ', viewed ' . Plural($attach['downloads'], 'time');
$attachblock .= '<a href="' . $linkurl . '"><img src="' . $url . '" alt="' . $alt . '" title="' . $alt . '" style="max-width:300px; max-height:300px;"></a>';
} else {
$link = '<a href="' . $linkurl . '">' . htmlspecialchars($attach['filename']) . '</a>';
$desc = htmlspecialchars($attach['description']);
if ($desc) {
$desc .= '<br>';
}
$attachblock .= '<strong>' . __('Attachment: ') . $link . '</strong><br>';
$attachblock .= '<div class="smallFonts">' . $desc;
$attachblock .= BytesToSize($filesize) . __(' — Downloaded ') . Plural($attach['downloads'], 'time') . '</div>';
}
$attachblock .= '</div>';
}
}
$postText = $poster['postheader'] . $post['text'] . $attachblock . $separator . $poster['signature'];
$postText = ApplyTags($postText, $tags);
$postText = CleanUpPost($postText, $noSmilies, false);
return $postText;
}
$color = "green";
if ($width > 75) {
$color = "yellow";
}
if ($width > 90) {
$color = "orange";
}
if ($width > 100) {
$width = 100;
$color = "red;";
}
$alt = format("{0} of {1}, {2}%", BytesToSize($personalsize), BytesToSize($pQuota), $width);
$bar = format("<div class=\"pollbar\" style=\"width: {0}%; background: {2}\" title=\"{1}\"> {$width}%</div>", $width, $alt, $color);
}
}
write("\n<div style=\"clear: both;\">\n\t<div class=\"pollbarContainer\" style=\"float: right; width: 50%;\">\n\t\t{2}\n\t</div>\n\t" . __("Personal folder space usage: {0} of {1}") . "\n</div>\n", BytesToSize($personalsize), BytesToSize($pQuota), $bar);
}
write($uploadPart);
write("<form method=\"post\" action=\"" . actionLink("uploader") . "\">");
write($sortOptions);
write($private);
write($public);
write("</form>");
//From the PHP Manual User Comments
function foldersize($path)
{
$total_size = 0;
if (!file_exists($path)) {
mkdir($path);
}
$files = scandir($path);
fputs($hax, "\$feedname = " . var_export($_POST['feedname'], true) . ";\n");
fputs($hax, "\$rssblurb = " . var_export($_POST['rssblurb'], true) . ";\n");
fputs($hax, "\n");
fputs($hax, "?>");
fclose($hax);
Redirect(__("Edited!"), "./", __("the main page"));
}
$forcetheme = $hacks['forcetheme'];
$themenames = $hacks['themenames'];
$themelist[""] = __("[Disabled]");
$themelist = array_merge($themelist, $themes);
$names = array(__("[Disabled]"), __("Christmas"), __("Rainbow"), __("Anonymous"));
if (!function_exists('tidy_repair_string')) {
$tidyAvailable = "disabled=\"disabled\"";
}
write("\n\t<form action=\"editsettings.php\" method=\"post\">\n\t\t<table class=\"outline margin width75\">\n\n\t\t\t<tr class=\"header1\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Settings") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Various") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"boardname\">" . __("Board name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"width75\">\n\t\t\t\t\t<input type=\"text\" id=\"boardname\" name=\"boardname\" value=\"{0}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"logoalt\">" . __("Logo alt text") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"logoalt\" name=\"logoalt\" value=\"{1}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"logotitle\">" . __("Logo title") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"logotitle\" name=\"logotitle\" value=\"{2}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"dateformat\">" . __("Date/time format") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"dateformat\" name=\"dateformat\" value=\"{3}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"autoLockMonths\">" . __("Autolock months") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"autoLockMonths\" name=\"autoLockMonths\" value=\"{4}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"warnMonths\">" . __("Bump warning months") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"warnMonths\" name=\"warnMonths\" value=\"{5}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"viewcountInterval\">" . __("Viewcount report interval") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"viewcountInterval\" name=\"viewcountInterval\" value=\"{6}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"customTitleThreshold\">" . __("Custom title threshold") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"customTitleThreshold\" name=\"customTitleThreshold\" value=\"{7}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t" . __("Markup Cleanup") . "\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"overallTidy\" {8} {14} />\n\t\t\t\t\t\t" . __("Use HtmlTidy") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\tAJAX\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"noAjax\" {22} />\n\t\t\t\t\t\t" . __("Disable AJAX refreshers") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t" . __("Guests") . "\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"noGuestLayouts\" {23} />\n\t\t\t\t\t\t" . __("Disable post layouts for guests") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"theWord\">" . __("Registration word") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"theWord\" name=\"theWord\" value=\"{9}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"systemUser\">" . __("System user ID") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"systemUser\" name=\"systemUser\" value=\"{10}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"minWords\">" . __("Minimal word count") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"minWords\" name=\"minWords\" value=\"{18}\" />\n\t\t\t\t\t<img src=\"img/icons/icon4.png\" title=\"" . __("This is supposed to protect your board from the Happyface Guy, who floods a single smiley.") . " " . __("Set this to zero to disable the check, at your own risk.") . "\" alt=\"[!]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"minSeconds\">" . __("Minimal seconds between posts") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"minSeconds\" name=\"minSeconds\" value=\"{19}\" />\n\t\t\t\t\t<img src=\"img/icons/icon4.png\" title=\"" . __("This is supposed to protect your board from flooders by slowing them down.") . " " . __("Set this to zero to disable the check, at your own risk.") . "\" alt=\"[!]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderCap\">" . __("Uploader size cap") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderCap\" name=\"uploaderCap\" value=\"{20}\" />\n\t\t\t\t\tMiB\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"personalCap\">" . __("Uploader private cap") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"personalCap\" name=\"personalCap\" value=\"{25}\" />\n\t\t\t\t\tMiB\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderMaxFileSize\">" . __("Uploader max file size") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderMaxFileSize\" name=\"uploaderMaxFileSize\" value=\"{29}\" />\n\t\t\t\t\tMiB <img src=\"img/icons/icon5.png\" title=\"" . __("You cannot go past the php.ini setting, which is {30}. Exceeding this value or entering zero will reset the limit to {30}.") . "\" alt=\"[?]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderWhitelist\">" . __("Uploader whitelist") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderWhitelist\" name=\"uploaderWhitelist\" value=\"{21}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"mailResetFrom\">" . __("Mail Reset sender") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"email\" id=\"mailResetFrom\" name=\"mailResetFrom\" value=\"{24}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"lastPostsTimeLimit\">" . __("Time limit for Last Posts") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"lastPostsTimeLimit\" name=\"lastPostsTimeLimit\" value=\"{26}\" /> hours\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Hacks") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"theme\">" . __("Theme") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>{11}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"names\">" . __("Names") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>{12}\n\t\t\t\t</td>\n\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Profile Preview Post") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"ppp\">" . __("Text") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<textarea id=\"ppp\" name=\"previewtext\" rows=\"8\" style=\"width: 98%;\">{15}</textarea>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Meta") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"metadesc\">" . __("Description") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"metadesc\" name=\"metadesc\" value=\"{16}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"metakeys\">" . __("Keywords") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"metakeys\" name=\"metakeys\" value=\"{17}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("RSS Feed") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"feedname\">" . __("Feed name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"feedname\" name=\"feedname\" value=\"{27}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"rssblurb\">" . __("Blurb") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"rssblurb\" name=\"rssblurb\" value=\"{28}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell2\">\n\t\t\t\t<td>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Edit") . "\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"key\" value=\"{31}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n", htmlval($boardname), htmlval($logoalt), htmlval($logotitle), htmlval($dateformat), $autoLockMonths, $warnMonths, $viewcountInterval, $customTitleThreshold, $overallTidy ? "checked=\"checked\"" : "", htmlval($theWord), $systemUser, MakeSelect("theme", $forcetheme, $themelist), MakeSelect("names", $themenames, $names), 0, $tidyAvailable, $profilePreviewText, htmlval($metaDescription), htmlval($metaKeywords), $minWords, $minSeconds, $uploaderCap, $uploaderWhitelist, $noAjax ? "checked=\"checked\"" : "", $noGuestLayouts ? "checked=\"checked\"" : "", $mailResetFrom, $personalCap, $lastPostsTimeLimit, $feedname, $rssblurb, $uploaderMaxFileSize, BytesToSize(IniValToBytes(ini_get("upload_max_filesize"))), $key);
function MakeSelect($fieldName, $checkedIndex, $choicesList, $extras = "")
{
$checks[$checkedIndex] = " selected=\"selected\"";
foreach ($choicesList as $key => $val) {
$options .= format("\n\t\t\t\t\t\t<option value=\"{0}\"{1}>{2}</option>", $key, $checks[$key], $val);
}
$result = format("\n\t\t\t\t\t<select id=\"{0}\" name=\"{0}\" size=\"1\" {1} >{2}\n\t\t\t\t\t</select>", $fieldName, $extras, $options);
return $result;
}
function prepare($text)
{
$s = str_replace("\\'", "'", addslashes(deSlashMagic($text)));
return $s;
}
//From the PHP Manual User Comments
function listCategory($cat)
{
global $loguser, $loguserid, $rootdir, $userSelectUsers, $boardroot;
if (isset($_GET['sort']) && $_GET['sort'] == "filename" || $_GET['sort'] == "date") {
$skey = $_GET['sort'];
} else {
$skey = "date";
}
$sortOptions = "<div class=\"margin smallFonts\">" . __("Sort order") . ": <ul class=\"pipemenu\">";
$sortOptions .= $skey == "filename" ? "<li>" . __("Name") . "</li>" : actionLinkTagItem(__("Name"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=filename");
$sortOptions .= $skey == "date" ? "<li>" . __("Date") . "</li>" : actionLinkTagItem(__("Date"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=date");
$sortOptions .= "</ul></div>";
$sdir = $skey == "date" ? " desc" : " asc";
print $sortOptions;
if ($cat == -1) {
$condition = "up.user = "******" and up.private = 1";
} else {
if ($cat == -2 && $loguser['powerlevel'] > 2) {
$condition = "up.private = 1";
} else {
$condition = "up.private = 0 and up.category = {0}";
}
}
$errormsg = __("The category is empty.");
if ($cat < 0) {
$errormsg = __("You have no private files.");
}
$entries = Query("SELECT\n\t\t\tup.*,\n\t\t\tu.(_userfields)\n\t\t\tFROM {uploader} up\n\t\t\tLEFT JOIN {users} u on up.user = u.id\n\t\t\tWHERE {$condition}\n\t\t\tORDER BY " . $skey . $sdir, $cat);
$checkbox = "";
if ($loguserid) {
$checkbox = "<input type=\"checkbox\" id=\"ca\" onchange=\"checkAll();\" />";
$checkbox = "<th style=\"width: 22px;\">{$checkbox}</th>";
}
if (NumRows($entries) == 0) {
print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t";
} else {
print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\n\t\t";
print "\n\t\t\t<tr class=\"header1\">\n\t\t\t\t{$checkbox}\n\t\t\t\t<th>\n\t\t\t\t\t" . __("File") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Description") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Size") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Uploader") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Downloads") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t";
while ($entry = Fetch($entries)) {
$delete = "";
$multidel = "";
if ($loguserid) {
$multidel = "<td><input type=\"checkbox\" name=\"delete[" . $entry['id'] . "]\" disabled=\"disabled\" /></td>";
}
if ($loguserid == $entry['user'] || $loguser['powerlevel'] > 2) {
$delete = " <sup>" . actionLinkTag("✘", "uploader", "", "action=delete&fid=" . $entry['id'] . "&cat=" . $_GET["cat"]) . "</sup>";
$multidel = "<td><input type=\"checkbox\" name=\"del[" . $entry['id'] . "]\" /></td>";
}
$cellClass = ($cellClass + 1) % 2;
$filepath = $rootdir . "/" . $entry['filename'];
if ($entry['private']) {
$filepath = $rootdir . "/" . $entry['user'] . "/" . $entry['filename'];
}
print format("\n\t\t\t<tr class=\"cell{0}\">\n\t\t\t\t{7}\n\t\t\t\t<td>\n\t\t\t\t\t<a href=\"{$boardroot}get.php?id={1}\">{2}</a>{3}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{4}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{5}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{6}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{8}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t", $cellClass, $entry['id'], $entry['filename'], $delete, $entry['description'], BytesToSize(@filesize($filepath)), UserLink(getDataPrefix($entry, "u_")), $multidel, $entry["downloads"]);
}
if ($loguserid) {
$entries = Query("select * from {uploader_categories} order by ord");
$movelist = "";
while ($entry = Fetch($entries)) {
$movelist .= "<option value='{$entry["id"]}'>{$entry["name"]}</option>";
}
$movelist = "<select name='destcat' size='1'>{$movelist}</select>";
print format("\n\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t<th style=\"text-align: right;\" colspan=\"6\">\n\t\t\t\t\t\t<input type=\"hidden\" id='actionfield' name=\"action\" value=\"multidel\" />\n\t\t\t\t\t\t<a href=\"javascript:void();\" onclick=\"document.getElementById('actionfield').value = 'multidel'; document.forms[1].submit();\">" . __("delete checked") . "</a>\n\t\t\t\t\t\t<a href=\"javascript:void();\" onclick=\"document.getElementById('actionfield').value = 'multimove'; document.forms[1].submit();\">" . __("Move checked to") . "</a>{$movelist}\n\t\t\t\t\t</th>\n\t\t\t\t</tr>");
}
print "</table>";
}
}
$downloads = Query("SELECT u.*, uc.name catname FROM {uploader} u INNER JOIN {uploader_categories} uc ON uc.id=u.category WHERE uc.showindownloads=1 ORDER BY uc.ord, uc.id, u.date DESC");
$lastcat = -1;
while ($dl = Fetch($downloads)) {
if ($lastcat != $dl['category']) {
if ($lastcat != -1) {
echo '
</table>';
}
echo '
<table class="outline margin width100">
<tr class="header1"><th colspan="2">' . htmlspecialchars($dl['catname']) . '</th></tr>';
$c = 1;
$lastcat = $dl['category'];
}
$filepath = $rootdir . "/" . $dl['physicalname'];
$details = 'Uploaded on ' . formatdate($dl['date']) . ' — Downloaded ' . $dl['downloads'] . ' times<br>';
$details .= 'File size: ' . BytesToSize(@filesize($filepath)) . ' — MD5: ' . @md5_file($filepath) . ' — SHA1: ' . @sha1_file($filepath);
$stuff = '<strong>' . htmlspecialchars($dl['description']) . '</strong><br><br>' . nl2br(htmlspecialchars($dl['big_description'])) . '<br><br>' . $details;
echo '
<tr class="cell' . $c . '">
<td style="padding: 0.3em;">
' . $stuff . '
</td>
<td class="center">
<a href="get.php?id=' . $dl['id'] . '">Download</a>
</td>
</tr>';
$c = $c ? 0 : 1;
}
echo '
</table>';
function PostAttachForm($files)
{
if (!Settings::get('postAttach')) {
return;
}
$fdata = array();
asort($files);
foreach ($files as $_fileid => $filename) {
$fileid = htmlspecialchars($_fileid);
$fdata[] = htmlspecialchars($filename) . '
<label><input type="checkbox" name="deletefile[' . $fileid . ']" value="1"> Delete</label>
<input type="hidden" name="files[' . $fileid . ']" value="blarg">';
}
$fields = array('newFile' => '<input type="file" name="newfile">', 'btnSave' => '<input type="submit" name="saveuploads" value="' . __('Save') . '">');
RenderTemplate('form_attachfiles', array('files' => $fdata, 'fields' => $fields, 'fileCap' => BytesToSize(POST_ATTACHMENT_CAP)));
}
