function uploadFile($file, $cattype, $cat) { global $loguserid, $uploaddirs, $goodfiles, $badfiles, $userquota, $maxSize; $targetdir = $uploaddirs[$cattype]; $totalsize = foldersize($targetdir); $filedata = $_FILES[$file]; $c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND cattype={1} AND user={2} AND deldate=0", $filedata['name'], $cattype, $loguserid); if ($c > 0) { return "You already have a file with this name. Please delete the old copy before uploading a new one."; } if ($filedata['size'] == 0) { if ($filedata['tmp_name'] == '') { return 'No file given.'; } else { return 'File is empty.'; } } if ($filedata['size'] > $maxSize) { return 'File is too large. Maximum size allowed is ' . BytesToSize($maxSize) . '.'; } $randomid = Shake(); $pname = $randomid . '_' . Shake(); $fname = $_FILES['newfile']['name']; $temp = $_FILES['newfile']['tmp_name']; $size = $_FILES['size']['size']; $parts = explode(".", $fname); $extension = end($parts); if ($totalsize + $size > $quot) { Alert(format(__("Uploading \"{0}\" would break the quota."), $fname)); } else { if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) { return 'Forbidden file type.'; } else { $description = $_POST['description']; $big_descr = $cat['showindownloads'] ? $_POST['big_description'] : ''; Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname); copy($temp, $targetdir . "/" . $pname); Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $fname . "[/]\"" . ($privateFlag ? " (privately)" : ""), $privateFlag); die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_POST["cat"]))); } } }
} $totalsize = foldersize($targetdir); mkdir($targetdir); $files = scandir($targetdir); if (in_array($_FILES['newfile']['name'], $files)) { Alert(format(__("The file \"{0}\" already exists. Please delete the old copy before uploading a new one."), $_FILES['newfile']['name'])); } else { if ($_FILES['newfile']['size'] == 0) { if ($_FILES['newfile']['tmp_name'] == "") { Alert(__("No file given.")); } else { Alert(__("File is empty.")); } } else { if ($_FILES['newfile']['size'] > Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024) { Alert(format(__("File is too large. Maximum size is {0}."), BytesToSize(Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024))); } else { $fname = $_FILES['newfile']['name']; $temp = $_FILES['newfile']['tmp_name']; $size = $_FILES['size']['size']; $parts = explode(".", $fname); $extension = end($parts); if ($totalsize + $size > $quot) { Alert(format(__("Uploading \"{0}\" would break the quota."), $fname)); } else { if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) { Alert(__("Forbidden file type.")); } else { $description = htmlspecialchars($_POST['description']); Query("insert into {uploader} (filename, description, date, user, private, category) values ({0}, {1}, {2}, {3}, {4}, {5})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat']); copy($temp, $targetdir . "/" . $fname);
function makePostText($post, $poster) { $noSmilies = $post['options'] & 2; //Do Ampersand Tags $tags = array("postnum" => $post['num'], "postcount" => $poster['posts'], "numdays" => floor((time() - $poster['regdate']) / 86400), "date" => formatdate($post['date']), "rank" => GetRank($poster['rankset'], $poster['posts'])); $bucket = "amperTags"; include __DIR__ . "/pluginloader.php"; if ($poster['signature']) { if (!$poster['signsep']) { $separator = "<br>_________________________<br>"; } else { $separator = "<br>"; } } $attachblock = ''; if ($post['has_attachments']) { if (isset($post['preview_attachs'])) { $ispreview = true; $fileids = array_keys($post['preview_attachs']); $attachs = Query("SELECT id,filename,physicalname,description,downloads \n\t\t\t\tFROM {uploadedfiles}\n\t\t\t\tWHERE id IN ({0c})", $fileids); } else { $ispreview = false; $attachs = Query("SELECT id,filename,physicalname,description,downloads \n\t\t\t\tFROM {uploadedfiles}\n\t\t\t\tWHERE parenttype={0} AND parentid={1} AND deldate=0\n\t\t\t\tORDER BY filename", 'post_attachment', $post['id']); } while ($attach = Fetch($attachs)) { $url = URL_ROOT . 'get.php?id=' . htmlspecialchars($attach['id']); $linkurl = $ispreview ? '#' : $url; $filesize = filesize(DATA_DIR . 'uploads/' . $attach['physicalname']); $attachblock .= '<br><div class="post_attachment">'; $fext = strtolower(substr($attach['filename'], -4)); if ($fext == '.png' || $fext == '.jpg' || $fext == 'jpeg' || $fext == '.gif') { $alt = htmlspecialchars($attach['filename']) . ' — ' . BytesToSize($filesize) . ', viewed ' . Plural($attach['downloads'], 'time'); $attachblock .= '<a href="' . $linkurl . '"><img src="' . $url . '" alt="' . $alt . '" title="' . $alt . '" style="max-width:300px; max-height:300px;"></a>'; } else { $link = '<a href="' . $linkurl . '">' . htmlspecialchars($attach['filename']) . '</a>'; $desc = htmlspecialchars($attach['description']); if ($desc) { $desc .= '<br>'; } $attachblock .= '<strong>' . __('Attachment: ') . $link . '</strong><br>'; $attachblock .= '<div class="smallFonts">' . $desc; $attachblock .= BytesToSize($filesize) . __(' — Downloaded ') . Plural($attach['downloads'], 'time') . '</div>'; } $attachblock .= '</div>'; } } $postText = $poster['postheader'] . $post['text'] . $attachblock . $separator . $poster['signature']; $postText = ApplyTags($postText, $tags); $postText = CleanUpPost($postText, $noSmilies, false); return $postText; }
$color = "green"; if ($width > 75) { $color = "yellow"; } if ($width > 90) { $color = "orange"; } if ($width > 100) { $width = 100; $color = "red;"; } $alt = format("{0} of {1}, {2}%", BytesToSize($personalsize), BytesToSize($pQuota), $width); $bar = format("<div class=\"pollbar\" style=\"width: {0}%; background: {2}\" title=\"{1}\"> {$width}%</div>", $width, $alt, $color); } } write("\n<div style=\"clear: both;\">\n\t<div class=\"pollbarContainer\" style=\"float: right; width: 50%;\">\n\t\t{2}\n\t</div>\n\t" . __("Personal folder space usage: {0} of {1}") . "\n</div>\n", BytesToSize($personalsize), BytesToSize($pQuota), $bar); } write($uploadPart); write("<form method=\"post\" action=\"" . actionLink("uploader") . "\">"); write($sortOptions); write($private); write($public); write("</form>"); //From the PHP Manual User Comments function foldersize($path) { $total_size = 0; if (!file_exists($path)) { mkdir($path); } $files = scandir($path);
fputs($hax, "\$feedname = " . var_export($_POST['feedname'], true) . ";\n"); fputs($hax, "\$rssblurb = " . var_export($_POST['rssblurb'], true) . ";\n"); fputs($hax, "\n"); fputs($hax, "?>"); fclose($hax); Redirect(__("Edited!"), "./", __("the main page")); } $forcetheme = $hacks['forcetheme']; $themenames = $hacks['themenames']; $themelist[""] = __("[Disabled]"); $themelist = array_merge($themelist, $themes); $names = array(__("[Disabled]"), __("Christmas"), __("Rainbow"), __("Anonymous")); if (!function_exists('tidy_repair_string')) { $tidyAvailable = "disabled=\"disabled\""; } write("\n\t<form action=\"editsettings.php\" method=\"post\">\n\t\t<table class=\"outline margin width75\">\n\n\t\t\t<tr class=\"header1\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Settings") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Various") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"boardname\">" . __("Board name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"width75\">\n\t\t\t\t\t<input type=\"text\" id=\"boardname\" name=\"boardname\" value=\"{0}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"logoalt\">" . __("Logo alt text") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"logoalt\" name=\"logoalt\" value=\"{1}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"logotitle\">" . __("Logo title") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"logotitle\" name=\"logotitle\" value=\"{2}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"dateformat\">" . __("Date/time format") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"dateformat\" name=\"dateformat\" value=\"{3}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"autoLockMonths\">" . __("Autolock months") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"autoLockMonths\" name=\"autoLockMonths\" value=\"{4}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"warnMonths\">" . __("Bump warning months") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"warnMonths\" name=\"warnMonths\" value=\"{5}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"viewcountInterval\">" . __("Viewcount report interval") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"viewcountInterval\" name=\"viewcountInterval\" value=\"{6}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"customTitleThreshold\">" . __("Custom title threshold") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"customTitleThreshold\" name=\"customTitleThreshold\" value=\"{7}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t" . __("Markup Cleanup") . "\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"overallTidy\" {8} {14} />\n\t\t\t\t\t\t" . __("Use HtmlTidy") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\tAJAX\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"noAjax\" {22} />\n\t\t\t\t\t\t" . __("Disable AJAX refreshers") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t" . __("Guests") . "\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"checkbox\" name=\"noGuestLayouts\" {23} />\n\t\t\t\t\t\t" . __("Disable post layouts for guests") . "\n\t\t\t\t\t</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"theWord\">" . __("Registration word") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"theWord\" name=\"theWord\" value=\"{9}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"systemUser\">" . __("System user ID") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"systemUser\" name=\"systemUser\" value=\"{10}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"minWords\">" . __("Minimal word count") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"minWords\" name=\"minWords\" value=\"{18}\" />\n\t\t\t\t\t<img src=\"img/icons/icon4.png\" title=\"" . __("This is supposed to protect your board from the Happyface Guy, who floods a single smiley.") . " " . __("Set this to zero to disable the check, at your own risk.") . "\" alt=\"[!]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"minSeconds\">" . __("Minimal seconds between posts") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"minSeconds\" name=\"minSeconds\" value=\"{19}\" />\n\t\t\t\t\t<img src=\"img/icons/icon4.png\" title=\"" . __("This is supposed to protect your board from flooders by slowing them down.") . " " . __("Set this to zero to disable the check, at your own risk.") . "\" alt=\"[!]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderCap\">" . __("Uploader size cap") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderCap\" name=\"uploaderCap\" value=\"{20}\" />\n\t\t\t\t\tMiB\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"personalCap\">" . __("Uploader private cap") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"personalCap\" name=\"personalCap\" value=\"{25}\" />\n\t\t\t\t\tMiB\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderMaxFileSize\">" . __("Uploader max file size") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderMaxFileSize\" name=\"uploaderMaxFileSize\" value=\"{29}\" />\n\t\t\t\t\tMiB <img src=\"img/icons/icon5.png\" title=\"" . __("You cannot go past the php.ini setting, which is {30}. Exceeding this value or entering zero will reset the limit to {30}.") . "\" alt=\"[?]\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"uploaderWhitelist\">" . __("Uploader whitelist") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"uploaderWhitelist\" name=\"uploaderWhitelist\" value=\"{21}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"mailResetFrom\">" . __("Mail Reset sender") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"email\" id=\"mailResetFrom\" name=\"mailResetFrom\" value=\"{24}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"lastPostsTimeLimit\">" . __("Time limit for Last Posts") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"lastPostsTimeLimit\" name=\"lastPostsTimeLimit\" value=\"{26}\" /> hours\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Hacks") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"theme\">" . __("Theme") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>{11}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"names\">" . __("Names") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>{12}\n\t\t\t\t</td>\n\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Profile Preview Post") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"ppp\">" . __("Text") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<textarea id=\"ppp\" name=\"previewtext\" rows=\"8\" style=\"width: 98%;\">{15}</textarea>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Meta") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"metadesc\">" . __("Description") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"metadesc\" name=\"metadesc\" value=\"{16}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"metakeys\">" . __("Keywords") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"metakeys\" name=\"metakeys\" value=\"{17}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("RSS Feed") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"feedname\">" . __("Feed name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"feedname\" name=\"feedname\" value=\"{27}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t<label for=\"rssblurb\">" . __("Blurb") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"text\" id=\"rssblurb\" name=\"rssblurb\" value=\"{28}\" class=\"width75\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell2\">\n\t\t\t\t<td>\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Edit") . "\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"key\" value=\"{31}\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n", htmlval($boardname), htmlval($logoalt), htmlval($logotitle), htmlval($dateformat), $autoLockMonths, $warnMonths, $viewcountInterval, $customTitleThreshold, $overallTidy ? "checked=\"checked\"" : "", htmlval($theWord), $systemUser, MakeSelect("theme", $forcetheme, $themelist), MakeSelect("names", $themenames, $names), 0, $tidyAvailable, $profilePreviewText, htmlval($metaDescription), htmlval($metaKeywords), $minWords, $minSeconds, $uploaderCap, $uploaderWhitelist, $noAjax ? "checked=\"checked\"" : "", $noGuestLayouts ? "checked=\"checked\"" : "", $mailResetFrom, $personalCap, $lastPostsTimeLimit, $feedname, $rssblurb, $uploaderMaxFileSize, BytesToSize(IniValToBytes(ini_get("upload_max_filesize"))), $key); function MakeSelect($fieldName, $checkedIndex, $choicesList, $extras = "") { $checks[$checkedIndex] = " selected=\"selected\""; foreach ($choicesList as $key => $val) { $options .= format("\n\t\t\t\t\t\t<option value=\"{0}\"{1}>{2}</option>", $key, $checks[$key], $val); } $result = format("\n\t\t\t\t\t<select id=\"{0}\" name=\"{0}\" size=\"1\" {1} >{2}\n\t\t\t\t\t</select>", $fieldName, $extras, $options); return $result; } function prepare($text) { $s = str_replace("\\'", "'", addslashes(deSlashMagic($text))); return $s; } //From the PHP Manual User Comments
function listCategory($cat) { global $loguser, $loguserid, $rootdir, $userSelectUsers, $boardroot; if (isset($_GET['sort']) && $_GET['sort'] == "filename" || $_GET['sort'] == "date") { $skey = $_GET['sort']; } else { $skey = "date"; } $sortOptions = "<div class=\"margin smallFonts\">" . __("Sort order") . ": <ul class=\"pipemenu\">"; $sortOptions .= $skey == "filename" ? "<li>" . __("Name") . "</li>" : actionLinkTagItem(__("Name"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=filename"); $sortOptions .= $skey == "date" ? "<li>" . __("Date") . "</li>" : actionLinkTagItem(__("Date"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=date"); $sortOptions .= "</ul></div>"; $sdir = $skey == "date" ? " desc" : " asc"; print $sortOptions; if ($cat == -1) { $condition = "up.user = "******" and up.private = 1"; } else { if ($cat == -2 && $loguser['powerlevel'] > 2) { $condition = "up.private = 1"; } else { $condition = "up.private = 0 and up.category = {0}"; } } $errormsg = __("The category is empty."); if ($cat < 0) { $errormsg = __("You have no private files."); } $entries = Query("SELECT\n\t\t\tup.*,\n\t\t\tu.(_userfields)\n\t\t\tFROM {uploader} up\n\t\t\tLEFT JOIN {users} u on up.user = u.id\n\t\t\tWHERE {$condition}\n\t\t\tORDER BY " . $skey . $sdir, $cat); $checkbox = ""; if ($loguserid) { $checkbox = "<input type=\"checkbox\" id=\"ca\" onchange=\"checkAll();\" />"; $checkbox = "<th style=\"width: 22px;\">{$checkbox}</th>"; } if (NumRows($entries) == 0) { print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t"; } else { print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\n\t\t"; print "\n\t\t\t<tr class=\"header1\">\n\t\t\t\t{$checkbox}\n\t\t\t\t<th>\n\t\t\t\t\t" . __("File") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Description") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Size") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Uploader") . "\n\t\t\t\t</th>\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Downloads") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t"; while ($entry = Fetch($entries)) { $delete = ""; $multidel = ""; if ($loguserid) { $multidel = "<td><input type=\"checkbox\" name=\"delete[" . $entry['id'] . "]\" disabled=\"disabled\" /></td>"; } if ($loguserid == $entry['user'] || $loguser['powerlevel'] > 2) { $delete = " <sup>" . actionLinkTag("✘", "uploader", "", "action=delete&fid=" . $entry['id'] . "&cat=" . $_GET["cat"]) . "</sup>"; $multidel = "<td><input type=\"checkbox\" name=\"del[" . $entry['id'] . "]\" /></td>"; } $cellClass = ($cellClass + 1) % 2; $filepath = $rootdir . "/" . $entry['filename']; if ($entry['private']) { $filepath = $rootdir . "/" . $entry['user'] . "/" . $entry['filename']; } print format("\n\t\t\t<tr class=\"cell{0}\">\n\t\t\t\t{7}\n\t\t\t\t<td>\n\t\t\t\t\t<a href=\"{$boardroot}get.php?id={1}\">{2}</a>{3}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{4}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{5}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{6}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{8}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t", $cellClass, $entry['id'], $entry['filename'], $delete, $entry['description'], BytesToSize(@filesize($filepath)), UserLink(getDataPrefix($entry, "u_")), $multidel, $entry["downloads"]); } if ($loguserid) { $entries = Query("select * from {uploader_categories} order by ord"); $movelist = ""; while ($entry = Fetch($entries)) { $movelist .= "<option value='{$entry["id"]}'>{$entry["name"]}</option>"; } $movelist = "<select name='destcat' size='1'>{$movelist}</select>"; print format("\n\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t<th style=\"text-align: right;\" colspan=\"6\">\n\t\t\t\t\t\t<input type=\"hidden\" id='actionfield' name=\"action\" value=\"multidel\" />\n\t\t\t\t\t\t<a href=\"javascript:void();\" onclick=\"document.getElementById('actionfield').value = 'multidel'; document.forms[1].submit();\">" . __("delete checked") . "</a>\n\t\t\t\t\t\t<a href=\"javascript:void();\" onclick=\"document.getElementById('actionfield').value = 'multimove'; document.forms[1].submit();\">" . __("Move checked to") . "</a>{$movelist}\n\t\t\t\t\t</th>\n\t\t\t\t</tr>"); } print "</table>"; } }
$downloads = Query("SELECT u.*, uc.name catname FROM {uploader} u INNER JOIN {uploader_categories} uc ON uc.id=u.category WHERE uc.showindownloads=1 ORDER BY uc.ord, uc.id, u.date DESC"); $lastcat = -1; while ($dl = Fetch($downloads)) { if ($lastcat != $dl['category']) { if ($lastcat != -1) { echo ' </table>'; } echo ' <table class="outline margin width100"> <tr class="header1"><th colspan="2">' . htmlspecialchars($dl['catname']) . '</th></tr>'; $c = 1; $lastcat = $dl['category']; } $filepath = $rootdir . "/" . $dl['physicalname']; $details = 'Uploaded on ' . formatdate($dl['date']) . ' — Downloaded ' . $dl['downloads'] . ' times<br>'; $details .= 'File size: ' . BytesToSize(@filesize($filepath)) . ' — MD5: ' . @md5_file($filepath) . ' — SHA1: ' . @sha1_file($filepath); $stuff = '<strong>' . htmlspecialchars($dl['description']) . '</strong><br><br>' . nl2br(htmlspecialchars($dl['big_description'])) . '<br><br>' . $details; echo ' <tr class="cell' . $c . '"> <td style="padding: 0.3em;"> ' . $stuff . ' </td> <td class="center"> <a href="get.php?id=' . $dl['id'] . '">Download</a> </td> </tr>'; $c = $c ? 0 : 1; } echo ' </table>';
function PostAttachForm($files) { if (!Settings::get('postAttach')) { return; } $fdata = array(); asort($files); foreach ($files as $_fileid => $filename) { $fileid = htmlspecialchars($_fileid); $fdata[] = htmlspecialchars($filename) . ' <label><input type="checkbox" name="deletefile[' . $fileid . ']" value="1"> Delete</label> <input type="hidden" name="files[' . $fileid . ']" value="blarg">'; } $fields = array('newFile' => '<input type="file" name="newfile">', 'btnSave' => '<input type="submit" name="saveuploads" value="' . __('Save') . '">'); RenderTemplate('form_attachfiles', array('files' => $fdata, 'fields' => $fields, 'fileCap' => BytesToSize(POST_ATTACHMENT_CAP))); }