} elseif ($superCage->post->getInt('visiblehookpoints_display') == 0) {
$value = 0;
} else {
$value = 2;
}
if ($value != $CONFIG['plugin_visiblehookpoints_display']) {
$f = cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$value}' WHERE name = 'plugin_visiblehookpoints_display'");
if (version_compare(COPPERMINE_VERSION, '1.5.1') == -1) {
$header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
$redirect = "index.php?file=visiblehookpoints/index&action=config";
header($header_location . $redirect);
pageheader('Information', "<meta http-equiv=\"refresh\" content=\"0;url={$redirect}\" />");
msg_box('Information', 'Settings changed for Visible Hookpoints Plugin', 'continue', $redirect);
pagefooter();
ob_end_flush();
exit;
} else {
cpgRedirectPage('index.php?file=visiblehookpoints/index&action=config', $lang_common['information'], 'Settings changed for Visible Hookpoints Plugin', 1);
}
}
} else {
$message_id = '';
}
pageheader('Configuration of plugin "Visible HookPoints"');
visiblehookpoints_configure();
break;
default:
cpg_die(ERROR, 'Plugin "Visible HookPoints": Unknown action value', __FILE__, __LINE__);
}
pagefooter();
ob_end_flush();
<?php
/**************************************************
Coppermine 1.5.x Plugin - video2flash_ffmpeg
*************************************************
Copyright (c) 2010 Abbas Ali
*************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
********************************************
$HeadURL$
$Revision$
$LastChangedBy$
$Date$
**************************************************/
define('IN_COPPERMINE', true);
if (!GALLERY_ADMIN_MODE) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
if (video2flash_ffmpeg_install() !== 1) {
cpgRedirectPage('pluginmgr.php', $lang_common['information'], 'Plugin settings saved successfully', 1);
}
pageheader('Configure Video to Flash Plugin');
starttable('100%', 'Configure : Video to Flash Plugin');
echo '<tr><td>';
video2flash_ffmpeg_configure();
echo '</tr></td>';
endtable();
pagefooter();
function form_intercept()
{
global $CONFIG, $FAVPICS, $lightbox;
$superCage = Inspekt::makeSuperCage();
require_once "./plugins/album_fav_boxes/lang/english.php";
if ($CONFIG['lang'] != 'english' && file_exists("./plugins/album_fav_boxes/lang/{$CONFIG['lang']}.php")) {
require_once "./plugins/album_fav_boxes/lang/{$CONFIG['lang']}.php";
}
$lightbox['message'] = '';
$lightbox['icon']['add'] = cpg_fetch_icon('add', 2);
$lightbox['icon']['delete'] = cpg_fetch_icon('delete', 2);
$lightbox['icon']['delete_all'] = cpg_fetch_icon('erase', 2);
$lightbox['icon']['favorites'] = cpg_fetch_icon('favorites', 2);
$lightbox['icon']['favorite'] = cpg_fetch_icon('favorites', 2);
// Check if there is something for plugin to process
if ($superCage->post->keyExists('album_fav_boxes_data')) {
// If user does not accept script's cookies, we don't accept the vote
if (!$superCage->cookie->keyExists($CONFIG['cookie_name'] . '_data')) {
return false;
}
$pids = array_map('intval', $superCage->post->getInt('album_fav_boxes_data'));
$FAVPICS = array_unique(array_merge($FAVPICS, $pids));
if (count($pids) == 1) {
$lightbox['message'] = $lightbox['lang']['1 file added to favorites'];
} else {
$lightbox['message'] = sprintf($lightbox['lang']['x files added to favorites'], count($pids));
}
} elseif ($superCage->post->keyExists('album_fav_boxes_remove')) {
$pids = array_map('intval', $superCage->post->getInt('album_fav_boxes_remove'));
if (is_array($pids)) {
$FAVPICS = array_diff($FAVPICS, $pids);
}
if (count($pids) == 1) {
$lightbox['message'] = $lightbox['lang']['1 file removed from favorites'];
} else {
$lightbox['message'] = sprintf($lightbox['lang']['x files removed from favorites'], count($pids));
}
} elseif ($superCage->post->keyExists('clear_favs')) {
$FAVPICS = array();
cpgRedirectPage('index.php', cpg_fetch_icon('warning', 2) . $lang_common['information'], $lightbox['lang']['Favorites cleared']);
} else {
return false;
}
$data = base64_encode(serialize($FAVPICS));
setcookie($CONFIG['cookie_name'] . '_fav', $data, time() + 86400 * 30, $CONFIG['cookie_path']);
// If the user is logged in then put it in the DB
if (USER_ID > 0) {
cpg_db_query("REPLACE INTO {$CONFIG['TABLE_FAVPICS']} ( user_id, user_favpics) VALUES (" . USER_ID . ", '{$data}')");
}
}
cpg_db_query($query);
$update_count++;
}
if ($update_count == 0) {
$returnOutput .= '<li>' . $lang_albmgr_php['no_change'] . '</li>';
}
$returnOutput .= '</ul></td></tr>' . $LINEBREAK;
}
if ($need_caption) {
ob_start();
output_caption();
$returnOutput .= ob_get_contents();
ob_end_clean();
}
$returnOutput .= '</table>';
cpgRedirectPage('picmgr.php?aid=' . $album_id, $lang_common['information'], $returnOutput);
// redirect the user
break;
case 'comment':
//Check if the form token is valid
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
$msg_id = $superCage->get->getInt('msg_id');
$result = cpg_db_query("SELECT pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id = '{$msg_id}'");
if (!$result->numRows()) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_comment'], __FILE__, __LINE__);
} else {
$comment_data = $result->fetchAssoc();
}
$result->free();
$sql = 'UPDATE ' . $CONFIG['TABLE_PLUGINS'] . ' SET priority=priority-1 WHERE priority>' . $priority . ';';
$result = cpg_db_query($sql);
if ($CONFIG['log_mode']) {
log_write("Plugin '" . $name . "' uninstalled", CPG_GLOBAL_LOG);
}
}
}
break;
case 'install':
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
if ($CONFIG['enable_plugins']) {
$installed = CPGPluginAPI::install($p);
} else {
cpgRedirectPage('pluginmgr.php', $lang_pluginmgr_php['pmgr'], $lang_pluginmgr_php['plugin_disabled_note']);
}
break;
case 'delete':
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
$path = $p;
if (is_bool(strpos('/', $path))) {
cpg_folder_file_delete('./plugins/' . $path);
if ($CONFIG['log_mode']) {
log_write("Plugin '" . $path . "' deleted", CPG_GLOBAL_LOG);
}
}
break;
case 'moveu':
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3
as published by the Free Software Foundation.
********************************************
Coppermine version: 1.5.0
$HeadURL$
$Revision$
$LastChangedBy$
$Date$
**********************************************/
define('IN_COPPERMINE', true);
define('LOGOUT_PHP', true);
require 'include/init.inc.php';
if (!USER_ID) {
cpg_die(ERROR, $lang_logout_php['err_not_loged_in'], __FILE__, __LINE__);
}
if (defined('UDB_INTEGRATION')) {
$cpg_udb->logout_page();
}
/*
setcookie($CONFIG['cookie_name'] . '_pass', '', time()-86400, $CONFIG['cookie_path']);
setcookie($CONFIG['cookie_name'] . '_uid', '', time()-86400, $CONFIG['cookie_path']);
*/
//$referer = $_GET['referer'] ? $_GET['referer'] : 'index.php';
/*$referer = $superCage->get->keyExists('referer') ? $superCage->get->getRaw('referer') : 'index.php';
if (strpos($referer, "http") !== false) {
$referer = "index.php";
}*/
cpgRedirectPage($CPG_REFERER, $lang_logout_php['logout'], sprintf($lang_logout_php['bye'], stripslashes(USER_NAME)), 3);
$message = $lang_mode_php['news_hide'];
}
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$value}' WHERE name = 'display_coppermine_news'");
$CONFIG['display_coppermine_news'] = $value;
if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
log_write('CONFIG UPDATE SQL: ' . "UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$value}' WHERE name = 'display_coppermine_news'\n" . 'TIME: ' . date("F j, Y, g:i a") . "\n" . 'USER: '******'user_name'], CPG_DATABASE_LOG);
}
//$referer = $_GET['referer'] ? $_GET['referer'] : 'index.php';
/*$referer = $superCage->get->keyExists('referer') ? $superCage->get->getRaw('referer') : 'index.php';
$referer = rawurldecode($referer);
$referer = str_replace('&', '&', $referer);
$referer = str_replace('&', '&', $referer);*/
cpgRedirectPage($CPG_REFERER, $lang_common['information'], $message, 3);
} else {
if (!USER_IS_ADMIN) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
//if (!isset($_GET['admin_mode']) || !isset($_GET['referer'])) {
if (!$superCage->get->keyExists('admin_mode') || !$CPG_REFERER) {
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
// $admin_mode = (int)$_GET['admin_mode'] ? 1 : 0;
$admin_mode = $superCage->get->getInt('admin_mode') ? 1 : 0;
//$referer = $_GET['referer'] ? $_GET['referer'] : 'index.php';
//$referer = $superCage->get->keyExists('referer') ? $superCage->get->getRaw('referer') : 'index.php';
$USER['am'] = $admin_mode;
if (!$admin_mode) {
$CPG_REFERER = 'index.php';
}
cpgRedirectPage($CONFIG['ecards_more_pic_target'] . $CPG_REFERER, $lang_common['information'], $lang_mode_php[$admin_mode], 3);
}
} elseif ($superCage->post->getInt('visiblehookpoints_display') == 0) {
$value = 0;
} else {
$value = 2;
}
if ($value != $CONFIG['plugin_visiblehookpoints_display']) {
$f = cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$value}' WHERE name = 'plugin_visiblehookpoints_display'");
if (version_compare(COPPERMINE_VERSION, '1.5.1') == -1) {
$header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
$redirect = "index.php?file=visiblehookpoints/index&action=config";
header($header_location . $redirect);
pageheader('Information', "<meta http-equiv=\"refresh\" content=\"0;url={$redirect}\" />");
msg_box('Information', $lang_plugin_php['visiblehookpoints_settings_saved'], 'continue', $redirect);
pagefooter();
ob_end_flush();
exit;
} else {
cpgRedirectPage('index.php?file=visiblehookpoints/index&action=config', $lang_common['information'], $lang_plugin_php['visiblehookpoints_settings_saved'], 1);
}
}
} else {
$message_id = '';
}
pageheader($lang_plugin_php['visiblehookpoints_config_name'] . ' - ' . $lang_plugin_php['visiblehookpoints_plugin_config']);
visiblehookpoints_configure();
break;
default:
cpg_die(ERROR, $lang_plugin_php['visiblehookpoints_error'], __FILE__, __LINE__);
}
pagefooter();
ob_end_flush();
function newsletter_install_check()
{
global $CPG_PLUGINS, $lang_plugin_newsletter;
$hit = 0;
foreach ($CPG_PLUGINS as $installed_plugins) {
if ($installed_plugins->path == 'newsletter') {
$hit++;
}
}
if ($hit != 0) {
return;
} else {
cpgRedirectPage('index.php', $lang_plugin_newsletter['outdated_link'], $lang_plugin_newsletter['outdated_link_explain'], 0, 'error');
}
}
// Upload is ok
// Create thumbnail and internediate image and add the image into the DB
$result = add_picture($album, $filepath, $picture_name, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip, $superCage->post->getInt('width'), $superCage->post->getInt('height'));
if ($result !== true) {
@unlink($uploaded_pic);
cpg_die(CRITICAL_ERROR, isset($result['error']) ? $result['error'] : sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true);
} elseif ($PIC_NEED_APPROVAL) {
pageheader($lang_common['information']);
msg_box($lang_common['information'], $lang_db_input_php['upload_success'], $lang_common['continue'], 'index.php');
if ($CONFIG['upl_notify_admin_email']) {
include_once 'include/mailer.inc.php';
cpg_mail('admin', sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), make_clickable(sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'editpics.php?mode=upload_approval')));
}
pagefooter();
} else {
if (cpg_pw_protected_album_access($CURRENT_PIC_DATA['aid']) === 1) {
$redirect = "thumbnails.php?album=" . $CURRENT_PIC_DATA['aid'];
} else {
$redirect = "displayimage.php?pid=" . $CURRENT_PIC_DATA['pid'];
}
cpgRedirectPage($redirect, $lang_common['information'], $lang_db_input_php['upl_success'], 1);
}
break;
// Unknown event
// Unknown event
default:
if ($CONFIG['log_mode'] != 0) {
log_write('Denied privileged access to db_input.php (unknown event) for user ' . $USER_DATA['user_name'] . ' at ' . $hdr_ip, CPG_SECURITY_LOG);
}
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
} else {
if ($CONFIG['enable_watermark'] == '1' && $CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original') {
if (resize_image($work_image, $image, $max_size_size, $CONFIG['thumb_method'], $resize_method, 'true')) {
$output .= '<li>' . $external_edit_icon_array['ok'] . sprintf($lang_plugin_external_edit['watermarked_fullsize'], $lang_plugin_external_edit['created']) . '</li>';
} else {
$output .= '<li>' . $external_edit_icon_array['cancel'] . sprintf($lang_plugin_external_edit['watermarked_fullsize'], $lang_plugin_external_edit['failure']) . '</li>';
}
} else {
if ((USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) && max($imagesize[0], $imagesize[1]) > $CONFIG['max_upl_width_height']) {
if (resize_image($work_image, $image, $max_size_size, $CONFIG['thumb_method'], $resize_method, 'false')) {
$output .= '<li>' . $external_edit_icon_array['ok'] . sprintf($lang_plugin_external_edit['intermediate'], $lang_plugin_external_edit['created']) . '</li>';
} else {
$output .= '<li>' . $external_edit_icon_array['cancel'] . sprintf($lang_plugin_external_edit['intermediate'], $lang_plugin_external_edit['failure']) . '</li>';
}
} elseif (copy($orig, $image)) {
$output .= '<li>' . $external_edit_icon_array['ok'] . sprintf($lang_plugin_external_edit['original'], $lang_plugin_external_edit['created']) . '</li>';
} else {
$output .= '<li>' . $external_edit_icon_array['cancel'] . sprintf($lang_plugin_external_edit['original'], $lang_plugin_external_edit['failure']) . '</li>';
}
}
}
$output = <<<EOT
\t<ul>
\t{$output}
\t</ul>
EOT;
if ($CONFIG['log_mode']) {
log_write('External Edit Plugin:' . $image . '|', CPG_GLOBAL_LOG);
}
cpgRedirectPage('displayimage.php?album=' . $aid . '&pid=' . $pid, $lang_plugin_external_edit['importing_remote_image'], $output, $countdown = 0, $type = 'info');
}
$sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query);
cpg_db_query("TRUNCATE TABLE {$CONFIG['TABLE_CONFIG']}");
cpg_db_query("TRUNCATE TABLE {$CONFIG['TABLE_FILETYPES']}");
$sql_query = remove_remarks($sql_query);
$sql_query = split_sql_file($sql_query, ';');
$sql_count = count($sql_query);
for ($i = 0; $i < $sql_count; $i++) {
if (strpos($sql_query[$i], 'config VALUES') || strpos($sql_query[$i], 'filetypes VALUES')) {
cpg_db_query($sql_query[$i]);
}
}
// undo the reset for config fields specified in $doNotReset_array
foreach ($doNotReset_array as $key) {
$f = cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$CONFIG[$key]}' WHERE name = '{$key}'");
}
cpgRedirectPage($CPG_PHP_SELF, $lang_common['information'], $lang_admin_php['restore_success']);
}
// user has chosen to factory-reset the config --- end
foreach ($config_data as $config_section_key => $config_section_value) {
// Loop through the config fields to check posted values for validity -- start
foreach ($config_section_value as $adminDataKey => $adminDataValue) {
if ($superCage->post->keyExists('update_config')) {
$evaluate_value = $superCage->post->getEscaped($adminDataKey);
} else {
$evaluate_value = $CONFIG[$adminDataKey];
}
// We need to catter for the fact that checkboxes that haven't been ticked are not being submit
if ($adminDataValue['type'] == 'checkbox' && !$evaluate_value) {
$evaluate_value = '0';
}
if ($adminDataValue['type'] == 'checkbox' && !$CONFIG[$adminDataKey]) {
v1.0 originally written by Gregory Demar
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3
as published by the Free Software Foundation.
********************************************
Coppermine version: 1.5.30
$HeadURL: https://svn.code.sf.net/p/coppermine/code/trunk/cpg1.5.x/logout.php $
$Revision: 8721 $
**********************************************/
define('IN_COPPERMINE', true);
define('LOGOUT_PHP', true);
require 'include/init.inc.php';
if (!USER_ID) {
if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
log_write("Logout attempt failed because visitor is not logged in.", CPG_SECURITY_LOG);
}
cpg_die(ERROR, $lang_logout_php['err_not_logged_in'], __FILE__, __LINE__);
}
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
log_write('The user ' . $USER_DATA['user_name'] . ' (user ID ' . $USER_DATA['user_id'] . ") logged out.", CPG_ACCESS_LOG);
}
if (defined('UDB_INTEGRATION')) {
$cpg_udb->logout_page();
}
cpgRedirectPage('index.php', $lang_logout_php['logout'], sprintf($lang_logout_php['bye'], stripslashes(USER_NAME)), 3);
// Replace 'index.php' with $CPG_REFERER to redirect the user to the page he came from, with the drawback that the visitor will get an error message if he came from a page that is not accesible for guests
**********************************************/
define('IN_COPPERMINE', true);
define('MODE_PHP', true);
require 'include/init.inc.php';
if ($superCage->get->getAlpha('what') == 'news') {
if (!GALLERY_ADMIN_MODE) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
if ($CONFIG['display_coppermine_news'] == 0) {
$value = 1;
$message = $lang_mode_php['news_show'];
} else {
$value = 0;
$message = $lang_mode_php['news_hide'];
}
cpg_config_set('display_coppermine_news', $value);
cpgRedirectPage($CPG_REFERER, $lang_common['information'], $message, 3);
} else {
if (!USER_IS_ADMIN) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
if (!$superCage->get->keyExists('admin_mode') || !$CPG_REFERER) {
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
$admin_mode = $superCage->get->getInt('admin_mode') ? 1 : 0;
$USER['am'] = $admin_mode;
if (!$admin_mode) {
$CPG_REFERER = 'index.php';
}
cpgRedirectPage($CPG_REFERER, $lang_common['information'], $lang_mode_php[$admin_mode], 3);
}
if ($superCage->server->testip('REMOTE_ADDR')) {
$ip = $superCage->server->getRaw('REMOTE_ADDR');
} else {
$ip = 'Unknown';
}
if (!cpg_mail($CONFIG['gallery_admin_email'], $subject, $html_message, 'text/html', $sender_name, $sender_email, $message)) {
if ($CONFIG['log_mode'] != CPG_NO_LOGGING) {
log_write("Sending an email using the contact form failed (name: {$sender_name}, email: {$sender_email}, subject: {$original_subject}, IP: {$ip}", CPG_MAIL_LOG);
}
cpg_die(ERROR, $lang_contact_php['failed_sending_email'], __FILE__, __LINE__);
} else {
// sending the email has been successfull, redirect the user
if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
log_write("Sending email from contact form successful (name: {$sender_name}, email: {$sender_email}, subject: {$original_subject}, IP: {$ip}", CPG_MAIL_LOG);
}
cpgRedirectPage($CONFIG['ecards_more_pic_target'] . $CPG_REFERER, $lang_common['information'], $lang_contact_php['email_sent']);
}
}
// beyond this point an error must have happened - let the visitor review his input
} else {
// the form has not been submit yet - populate default values
if (!USER_ID && isset($USER['name'])) {
$user_name = strtr($USER['name'], $HTML_SUBST);
} else {
$user_name = $lang_contact_php['your_name'];
}
$email_address = '';
$subject = '';
$message = '';
$captcha_remark = $lang_contact_php['captcha_field_mandatory'];
}
}
if ($superCage->post->keyExists('really_restore') && $superCage->post->getInt('really_restore') == '1') {
foreach ($config_data as $section => $values) {
foreach ($values as $name => $value) {
if (!empty($value['preserve_when_resetting'])) {
continue;
}
if (isset($value['default_value'])) {
cpg_config_set($name, $value['default_value']);
}
}
}
} else {
cpg_die(ERROR, $lang_errors['captcha_error'], __FILE__, __LINE__);
}
cpgRedirectPage($CPG_PHP_SELF, cpg_fetch_icon('warning', 2) . $lang_common['information'], $lang_admin_php['restore_success']);
}
// user has chosen to factory-reset the config --- end
if ($superCage->post->keyExists('update_config')) {
// first we check if the form token is valid
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
}
foreach ($config_data as $config_section_key => $config_section_value) {
// Loop through the config fields to check posted values for validity -- start
foreach ($config_section_value as $adminDataKey => $adminDataValue) {
if (isset($adminDataValue['force_config']) && $adminDataValue['force_config']) {
if (isset($CONFIG[$adminDataKey . '_config'])) {
$CONFIG[$adminDataKey] = $CONFIG[$adminDataKey . '_config'];
}
if (utf_strlen($new_pass) < 2) {
cpg_die(ERROR, $lang_register_php['password_warning1'], __FILE__, __LINE__);
}
if ($new_pass != $new_pass_again) {
cpg_die(ERROR, $lang_register_php['password_verification_warning1'], __FILE__, __LINE__);
}
$new_pass = md5($new_pass);
$current_pass = md5($current_pass);
$sql = "UPDATE {$CONFIG['TABLE_USERS']} SET user_password = '******' WHERE user_id = '" . USER_ID . "' AND BINARY user_password = '******'";
$result = cpg_db_query($sql);
if (!mysql_affected_rows($CONFIG['LINK_ID'])) {
cpg_die(ERROR, $lang_register_php['pass_chg_error'], __FILE__, __LINE__);
}
$title = sprintf($lang_register_php['x_s_profile'], stripslashes(USER_NAME));
$redirect = $CPG_PHP_SELF . "?op=edit_profile";
cpgRedirectPage($redirect, $title, $lang_register_php['pass_chg_success'], 3, 'success');
exit;
}
switch ($op) {
case 'edit_profile':
if (!USER_ID) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$cpg_udb->edit_profile(USER_ID);
$sql = "SELECT user_name, user_email, user_group, user_active, UNIX_TIMESTAMP(user_regdate) AS user_regdate, group_name, " . "user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_group_list, " . "COUNT(pid) AS pic_count, SUM(total_filesize) AS disk_usage, group_quota " . "FROM {$CONFIG['TABLE_USERS']} AS u " . "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id " . "LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.owner_id = u.user_id " . "WHERE user_id ='" . USER_ID . "' " . "GROUP BY user_id ";
$result = cpg_db_query($sql);
if (!mysql_num_rows($result)) {
cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__);
}
$user_data = mysql_fetch_assoc($result);
mysql_free_result($result);
$expiry_date = date("Y-m-d H:i:s", mktime(date('H'), date('i') + $CONFIG['login_expiry'], date('s'), date('m'), date('d'), date('Y')));
if ($failed_logon_counter['brute_force']) {
$failed_logon_counter['brute_force'] = $failed_logon_counter['brute_force'] - 1;
$query_string = "UPDATE {$CONFIG['TABLE_BANNED']} SET brute_force = {$failed_logon_counter['brute_force']}, expiry = '{$expiry_date}' WHERE ban_id = {$failed_logon_counter['ban_id']}";
} else {
$failed_logon_counter['brute_force'] = $CONFIG['login_threshold'];
$query_string = "INSERT INTO {$CONFIG['TABLE_BANNED']} (ip_addr, expiry, brute_force) VALUES ('{$raw_ip}', '{$expiry_date}', {$failed_logon_counter['brute_force']})";
}
//write the logon counter to the database
cpg_db_query($query_string);
}
}
if (!$superCage->cookie->keyExists($CONFIG['cookie_name'] . '_data')) {
if (!$superCage->get->keyExists('reload_once')) {
$ref = $CPG_REFERER ? '?reload_once&referer=' . urlencode($CPG_REFERER) : '?reload_once';
cpgRedirectPage('login.php' . $ref);
}
$cookie_warning = <<<EOT
<tr>
<td colspan="2" align="center" class="tableh2">
<span style="color:red"><strong>{$lang_login_php['cookie_warning']}</strong></span>
</td>
</tr>
EOT;
}
if ($CONFIG['reg_requires_valid_email'] == 1) {
$send_activation_link = '<br /><a href="send_activation.php" class="topmenu">' . $lang_login_php['send_activation_link'] . '</a>';
} else {
$send_activation_link = '';
}
$v_histo2 = $lb_superCage->post->getInt('histobutton2');
$v_histofeature = $lb_superCage->post->getInt('usehistofeature');
$v_histtype = $lb_superCage->post->getEscaped('histtype');
$v_histcol = $lb_superCage->post->getEscaped('histcol');
$v_histw = $lb_superCage->post->getInt('histw');
$v_histlbw = $lb_superCage->post->getInt('histlbw');
$v_histlbh = $lb_superCage->post->getInt('histlbh');
$v_histfly = $lb_superCage->post->getInt('histfly');
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_tab}' WHERE name = 'flf_histotag_tablename'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_mapw}' WHERE name = 'flf_histotag_mapwidth'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_maph}' WHERE name = 'flf_histotag_mapheight'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_lbw}' WHERE name = 'flf_histotag_lyteboxwidth'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_lbh}' WHERE name = 'flf_histotag_lyteboxheight'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_api}' WHERE name = 'flf_histotag_apikey'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_geo}' WHERE name = 'flf_histotag_show_geo_button'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_geo2}' WHERE name = 'flf_histotag_show_geo_button_if_no_geotag'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histo}' WHERE name = 'flf_histogram_show_hist_button'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histo2}' WHERE name = 'flf_histogram_show_hist_if_no_hist'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histofeature}' WHERE name = 'flf_histogram_use_hist_feature'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histtype}' WHERE name = 'flf_histogram_type'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histcol}' WHERE name = 'flf_histogram_color'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histw}' WHERE name = 'flf_histogram_width'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histlbw}' WHERE name = 'flf_histo_lyteboxwidth'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histlbh}' WHERE name = 'flf_histo_lyteboxheight'");
cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$v_histfly}' WHERE name = 'flf_histo_onthefly'");
cpgRedirectPage('index.php?file=flf_histotag/flf_histotag_config', $lang_common['information'], 'flf histotag plugin settings saved successfully', 1);
exit;
}
endtable();
pagefooter();
ob_end_flush();
if (USER_ID) {
cpg_die(ERROR, $lang_login_php['err_already_logged_in'], __FILE__, __LINE__);
}
if (defined('UDB_INTEGRATION')) {
$cpg_udb->login_page();
}
//$referer = $superCage->get->keyExists('referer') ? $superCage->get->getRaw('referer') : 'index.php';
if (strpos($CPG_REFERER, "logout.php") !== false) {
$CPG_REFERER = "index.php";
}
$login_failed = '';
$cookie_warning = '';
if ($superCage->post->keyExists('submitted')) {
if ($USER_DATA = $cpg_udb->login($superCage->post->getEscaped('username'), $superCage->post->getEscaped('password'), $superCage->post->getInt('remember_me'))) {
//$referer=preg_replace("'&'","&",$referer);
cpgRedirectPage($CPG_REFERER, $lang_login_php['login'], sprintf($lang_login_php['welcome'], $USER_DATA['user_name']), 3);
exit;
} else {
if ($superCage->server->testip('REMOTE_ADDR')) {
$ip = $superCage->server->getRaw('REMOTE_ADDR');
} else {
$ip = 'Unknown';
}
log_write("Failed login attempt with Username: "******" from IP {$ip} on " . localised_date(-1, $log_date_fmt), CPG_SECURITY_LOG);
$login_failed = <<<EOT
<tr>
<td colspan="2" align="center" class="tableh2">
<span style="color:red"><b>{$lang_login_php['err_login']}<b></span>
</td>
</tr>
EOT;
$newsletter_subscriptions_by_cat[$loopCounter]['user_id'] = $row['user_id'];
$newsletter_subscriptions_by_cat[$loopCounter]['subscriber_active'] = $row['subscriber_active'];
$newsletter_subscriptions_by_cat[$loopCounter]['subscriber_name'] = $row['subscriber_name'];
$newsletter_subscriptions_by_cat[$loopCounter]['subscriber_email'] = $row['subscriber_email'];
$loopCounter++;
}
mysql_free_result($result);
// Write the mailing record
cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_newsletter_mailings \n SET subject='" . $superCage->post->getRaw('subject') . "',\n salutation='" . $superCage->post->getRaw('salutation') . "',\n body='" . $superCage->post->getRaw('body') . "',\n date_sent='" . time() . "',\n category_id='" . $superCage->post->getInt('category') . "',\n completed=0,\n recipients='{$loopCounter}'");
$mailing_id = mysql_insert_id();
// Write the queue
$loopCounter = 0;
foreach ($newsletter_subscriptions_by_cat as $subscription_key => $subscription_value) {
cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_newsletter_queue (`mailing_id`, `subscriber_id`, `time`) VALUES ('{$mailing_id}', '{$subscription_value['subscriber_id']}', '" . time() . "')");
}
cpgRedirectPage('index.php?file=newsletter/send', $lang_common['information'], $lang_plugin_newsletter['mailing_created']);
} else {
$message = <<<EOT
<div class="cpg_message_error">
{$lang_plugin_newsletter['you_need_to_select_a_category']}
</div>
EOT;
}
}
pageheader($lang_plugin_newsletter['create_mailing']);
echo <<<EOT
<form action="" method="post" name="newsletter_catlist" id="newsletter_catlist">
EOT;
starttable('100%', $newsletter_icon_array['mailing'] . $lang_plugin_newsletter['create_mailing'], 2);
if ($message != '') {
echo <<<EOT
