Пример #1
0
    /**
     * The actualiser to create a .po TAR.
     *
     * @return tempcode		The UI
     */
    function export_po()
    {
        $lang = filter_naughty(get_param('id'));
        // Send header
        header('Content-Type: application/octet-stream' . '; authoritative=true;');
        if (strstr(ocp_srv('HTTP_USER_AGENT'), 'MSIE') !== false) {
            header('Content-Disposition: filename="ocportal-' . $lang . '.tar"');
        } else {
            header('Content-Disposition: attachment; filename="ocportal-' . $lang . '.tar"');
        }
        require_code('tar');
        require_code('lang_compile');
        require_code('character_sets');
        $tempfile = ocp_tempnam('po');
        $tar = tar_open($tempfile, 'wb');
        $dh = @opendir(get_custom_file_base() . '/lang_custom/' . $lang);
        if ($dh !== false) {
            $charset = do_lang('charset', NULL, NULL, NULL, $lang);
            $english_charset = do_lang('charset', NULL, NULL, NULL, fallback_lang());
            while (($f = readdir($dh)) !== false) {
                if (substr($f, -4) == '.ini') {
                    $path = get_custom_file_base() . '/lang_custom/' . $lang . '/' . $f;
                    $entries = array();
                    _get_lang_file_map($path, $entries, false, false);
                    $mtime = filemtime($path);
                    $data = '
msgid ""
msgstr ""
"Project-Id-Version: ocportal\\n"
"PO-Revision-Date: ' . gmdate('Y-m-d H:i', $mtime) . '+0000\\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\\n"
"Language-Team: FULL NAME <EMAIL@ADDRESS>\\n"
"MIME-Version: 1.0\\n"
"Content-Type: text/plain; charset=UTF-8\\n"
"Content-Transfer-Encoding: 8bit\\n"
"X-ocPortal-Export-Date: ' . gmdate('Y-m-d H:i', $mtime) . '+0000\\n"
"X-Generator: ocPortal (' . ocp_version_full() . ')\\n"

';
                    $entries2 = array();
                    $en_seen_before = array();
                    foreach ($entries as $key => $val) {
                        $english = do_lang($key, NULL, NULL, NULL, fallback_lang(), false);
                        if (is_null($english)) {
                            continue;
                        }
                        if ($english == '') {
                            continue;
                        }
                        $val = convert_to_internal_encoding($val, $charset, 'utf-8');
                        $val = str_replace(chr(10), '\\n', $val);
                        $english = convert_to_internal_encoding($english, $english_charset, 'utf-8');
                        $english = str_replace(chr(10), '\\n', $english);
                        $seen_before = false;
                        if (isset($en_seen_before[$val])) {
                            $seen_before = true;
                            foreach ($entries2 as $_key => $_val) {
                                if ($entries2[$_key][2] == $val) {
                                    $entries2[$_key][1] = true;
                                }
                            }
                        }
                        $entries2[$key] = array($val, $seen_before, $english);
                        $en_seen_before[$val] = 1;
                    }
                    require_code('support2');
                    foreach ($entries2 as $key => $_val) {
                        list($val, $seen_before, $english) = $_val;
                        $data .= '#: [strings]' . $key . chr(10);
                        if ($seen_before) {
                            $data .= 'msgctxt "[strings]' . $key . '"' . chr(10);
                        }
                        $wrapped = preg_replace('#"\\n"$#', '', ocp_mb_chunk_split(str_replace('"', '\\"', $english), 76, '"' . chr(10) . '"'));
                        if (strpos($wrapped, chr(10)) !== false) {
                            $data .= 'msgid ""' . chr(10) . '"' . $wrapped . '"' . chr(10);
                        } else {
                            $data .= 'msgid "' . $wrapped . '"' . chr(10);
                        }
                        $wrapped = preg_replace('#"\\n"$#', '', ocp_mb_chunk_split(str_replace('"', '\\"', $val), 76, '"' . chr(10) . '"'));
                        if (strpos($wrapped, chr(10)) !== false) {
                            $data .= 'msgstr ""' . chr(10) . '"' . $wrapped . '"' . chr(10);
                        } else {
                            $data .= 'msgstr "' . $wrapped . '"' . chr(10);
                        }
                        $data .= chr(10);
                    }
                    tar_add_file($tar, basename($f, '.ini') . '/' . basename($f, '.ini') . '-' . strtolower($lang) . '.po', $data, 0666, $mtime);
                }
            }
        }
        tar_close($tar);
        readfile($tempfile);
        @unlink($tempfile);
        $GLOBALS['SCREEN_TEMPLATE_CALLED'] = '';
        exit;
        return new ocp_tempcode();
        // For code quality checker
    }
Пример #2
0
/**
 * Attempt to send an e-mail to the specified recipient. The mail will be forwarding to the CC address specified in the options (if there is one, and if not specified not to cc).
 * The mail will be sent in dual HTML/text format, where the text is the unconverted comcode source: if a member does not read HTML mail, they may wish to fallback to reading that.
 *
 * @param  string			The subject of the mail in plain text
 * @param  LONG_TEXT		The message, as Comcode
 * @param  ?array			The destination (recipient) e-mail addresses [array of strings] (NULL: site staff address)
 * @param  ?mixed			The recipient name. Array or string. (NULL: site name)
 * @param  EMAIL			The from address (blank: site staff address)
 * @param  string			The from name (blank: site name)
 * @param  integer		The message priority (1=urgent, 3=normal, 5=low)
 * @range  1 5
 * @param  ?array			An list of attachments (each attachment being a map, path=>filename) (NULL: none)
 * @param  boolean		Whether to NOT CC to the CC address
 * @param  ?MEMBER		Convert comcode->tempcode as this member (a privilege thing: we don't want people being able to use admin rights by default!) (NULL: guest)
 * @param  boolean		Replace above with arbitrary admin
 * @param  boolean		HTML-only
 * @param  boolean		Whether to bypass queueing, because this code is running as a part of the queue management tools
 * @param  ID_TEXT		The template used to show the email
 * @param  boolean		Whether to bypass queueing
 * @return ?tempcode		A full page (not complete XHTML) piece of tempcode to output (NULL: it worked so no tempcode message)
 */
function mail_wrap($subject_tag, $message_raw, $to_email = NULL, $to_name = NULL, $from_email = '', $from_name = '', $priority = 3, $attachments = NULL, $no_cc = false, $as = NULL, $as_admin = false, $in_html = false, $coming_out_of_queue = false, $mail_template = 'MAIL', $bypass_queue = false)
{
    if (get_option('smtp_sockets_use') == '0') {
        return non_overrided__mail_wrap($subject_tag, $message_raw, $to_email, $to_name, $from_email, $from_name, $priority, $attachments, $no_cc, $as, $as_admin, $in_html, $coming_out_of_queue);
    }
    if (running_script('stress_test_loader')) {
        return NULL;
    }
    if (is_null($bypass_queue)) {
        $bypass_queue = $priority < 3 || strpos(serialize($attachments), 'tmpfile') !== false;
    }
    global $EMAIL_ATTACHMENTS;
    $EMAIL_ATTACHMENTS = array();
    require_code('site');
    require_code('mime_types');
    if (is_null($as)) {
        $as = $GLOBALS['FORUM_DRIVER']->get_guest_id();
    }
    if (!$coming_out_of_queue) {
        $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'logged_mail_messages WHERE m_date_and_time<' . strval(time() - 60 * 60 * 24 * 14) . ' AND m_queued=0');
        // Log it all for 2 weeks, then delete
        $through_queue = !$bypass_queue && (get_option('mail_queue_debug') === '1' || get_option('mail_queue') === '1' && cron_installed());
        $GLOBALS['SITE_DB']->query_insert('logged_mail_messages', array('m_subject' => $subject_tag, 'm_message' => $message_raw, 'm_to_email' => serialize($to_email), 'm_to_name' => serialize($to_name), 'm_from_email' => $from_email, 'm_from_name' => $from_name, 'm_priority' => 3, 'm_attachments' => serialize($attachments), 'm_no_cc' => $no_cc ? 1 : 0, 'm_as' => $as, 'm_as_admin' => $as_admin ? 1 : 0, 'm_in_html' => $in_html ? 1 : 0, 'm_date_and_time' => time(), 'm_member_id' => get_member(), 'm_url' => get_self_url(true), 'm_queued' => $through_queue ? 1 : 0, 'm_template' => $mail_template));
        if ($through_queue) {
            return NULL;
        }
    }
    if (count($attachments) == 0) {
        $attachments = NULL;
    }
    global $SENDING_MAIL;
    if ($SENDING_MAIL) {
        return NULL;
    }
    $SENDING_MAIL = true;
    // To and from, and language
    $staff_address = get_option('staff_address');
    if (is_null($to_email)) {
        $to_email = array($staff_address);
    }
    $to_email_new = array();
    foreach ($to_email as $test_address) {
        if ($test_address != '') {
            $to_email_new[] = $test_address;
        }
    }
    $to_email = $to_email_new;
    if ($to_email == array()) {
        $SENDING_MAIL = false;
        return NULL;
    }
    if ($to_email[0] == $staff_address) {
        $lang = get_site_default_lang();
    } else {
        $lang = user_lang();
        if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member_from_email_address')) {
            $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_email_address($to_email[0]);
            if (!is_null($member_id)) {
                $lang = get_lang($member_id);
            }
        }
    }
    if (is_null($to_name)) {
        if ($to_email[0] == $staff_address) {
            $to_name = get_site_name();
        } else {
            $to_name = '';
        }
    }
    if ($from_email == '') {
        $from_email = get_option('staff_address');
    }
    if ($from_name == '') {
        $from_name = get_site_name();
    }
    $theme = method_exists($GLOBALS['FORUM_DRIVER'], 'get_theme') ? $GLOBALS['FORUM_DRIVER']->get_theme() : 'default';
    if ($theme == 'default') {
        $theme = $GLOBALS['FORUM_DRIVER']->get_theme('');
        // ... So get theme of welcome zone
    }
    // Our subject
    $_subject = do_template('MAIL_SUBJECT', array('_GUID' => '44a57c666bb00f96723256e26aade9e5', 'SUBJECT_TAG' => $subject_tag), $lang, false, NULL, '.tpl', 'templates', $theme);
    $subject = $_subject->evaluate($lang);
    // Note that this is slightly against spec, because characters aren't forced to be printable us-ascii. But it's better we allow this (which works in practice) than risk incompatibility via charset-base64 encoding.
    // Evaluate message. Needs doing early so we know if we have any headers
    // Misc settings
    $website_email = get_option('website_email');
    if ($website_email == '') {
        $website_email = $from_email;
    }
    $cc_address = $no_cc ? '' : get_option("cc_address");
    global $CID_IMG_ATTACHMENT;
    $CID_IMG_ATTACHMENT = array();
    // Decide message
    $GLOBALS['NO_LINK_TITLES'] = true;
    global $LAX_COMCODE;
    $temp = $LAX_COMCODE;
    $LAX_COMCODE = true;
    $html_content = comcode_to_tempcode($message_raw, $as, $as_admin);
    $LAX_COMCODE = $temp;
    $GLOBALS['NO_LINK_TITLES'] = false;
    if (!$in_html) {
        $_html_content = $html_content->evaluate($lang);
        $_html_content = preg_replace('#(keep|for)_session=[\\d\\w]*#', 'filtered=1', $_html_content);
        $message_html = strpos($_html_content, '<html') !== false ? make_string_tempcode($_html_content) : do_template($mail_template, array('_GUID' => 'b23069c20202aa59b7450ebf8d49cde1', 'CSS' => '{CSS}', 'LOGOURL' => get_logo_url(''), 'LANG' => $lang, 'TITLE' => $subject, 'CONTENT' => $_html_content), $lang, false, NULL, '.tpl', 'templates', $theme);
        $css = css_tempcode(true, true, $message_html->evaluate($lang), $theme);
        $_css = $css->evaluate($lang);
        if (get_option('allow_ext_images') != '1') {
            $_css = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $_css);
        }
        $html_evaluated = $message_html->evaluate($lang);
        $html_evaluated = str_replace('{CSS}', $_css, $html_evaluated);
        // Cleanup the Comcode a bit
        $message_plain = comcode_to_clean_text($message_raw);
    } else {
        $html_evaluated = $message_raw;
    }
    // Character set
    $regexp = '#^[\\x' . dechex(32) . '-\\x' . dechex(126) . ']*$#';
    $charset = preg_match($regexp, $html_evaluated) == 0 ? do_lang('charset', NULL, NULL, NULL, $lang) : 'us-ascii';
    // CID attachments
    if (get_option('allow_ext_images') != '1') {
        $html_evaluated = preg_replace_callback('#<img\\s([^>]*)src="(http://[^"]*)"#U', '_mail_img_rep_callback', $html_evaluated);
        $matches = array();
        foreach (array('#<([^"<>]*\\s)style="([^"]*)"#', '#<style( [^<>]*)?' . '>(.*)</style>#Us') as $over) {
            $num_matches = preg_match_all($over, $html_evaluated, $matches);
            for ($i = 0; $i < $num_matches; $i++) {
                $altered_inner = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $matches[2][$i]);
                if ($matches[2][$i] != $altered_inner) {
                    $altered_outer = str_replace($matches[2][$i], $altered_inner, $matches[0][$i]);
                    $html_evaluated = str_replace($matches[0][$i], $altered_outer, $html_evaluated);
                }
            }
        }
    }
    $cid_attachments = array();
    foreach ($CID_IMG_ATTACHMENT as $id => $img) {
        $file_path_stub = convert_url_to_path($img);
        $mime_type = get_mime_type(get_file_extension($img));
        $filename = basename($img);
        if (!is_null($file_path_stub)) {
            $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $file_path_stub, 'temp' => false, 'cid' => $id);
        } else {
            $myfile = ocp_tempnam('email_attachment');
            http_download_file($img, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile);
            if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) {
                $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'];
            }
            if (!is_null($GLOBALS['HTTP_FILENAME'])) {
                $filename = $GLOBALS['HTTP_FILENAME'];
            }
            $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true, 'cid' => $id);
        }
        $cid_attachments[] = $cid_attachment;
    }
    // Attachments
    $real_attachments = array();
    $attachments = array_merge(is_null($attachments) ? array() : $attachments, $EMAIL_ATTACHMENTS);
    if (!is_null($attachments)) {
        foreach ($attachments as $path => $filename) {
            $mime_type = get_mime_type(get_file_extension($filename));
            if (strpos($path, '://') === false) {
                $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $path, 'temp' => false);
            } else {
                $myfile = ocp_tempnam('email_attachment');
                http_download_file($path, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile);
                if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) {
                    $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'];
                }
                if (!is_null($GLOBALS['HTTP_FILENAME'])) {
                    $filename = $GLOBALS['HTTP_FILENAME'];
                }
                $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true);
            }
            $real_attachments[] = $real_attachment;
        }
    }
    // ==========================
    // Interface with SwiftMailer
    // ==========================
    require_code('Swift-4.1.1/lib/swift_required');
    // Read in SMTP settings
    $host = get_option('smtp_sockets_host');
    $port = intval(get_option('smtp_sockets_port'));
    $username = get_option('smtp_sockets_username');
    $password = get_option('smtp_sockets_password');
    $smtp_from_address = get_option('smtp_from_address');
    if ($smtp_from_address != '') {
        $from_email = $smtp_from_address;
    }
    // Create the Transport
    $transport = Swift_SmtpTransport::newInstance($host, $port)->setUsername($username)->setPassword($password);
    if ($port == 419 || $port == 465 || $port == 587) {
        $transport->setEncryption('tls');
    }
    // Create the Mailer using your created Transport
    $mailer = Swift_Mailer::newInstance($transport);
    // Create a message
    $to_array = array();
    if ($to_name === '') {
        foreach ($to_email as $_to_email) {
            $to_array[] = $_to_email;
        }
    } else {
        foreach ($to_email as $i => $_to_email) {
            $to_array[$_to_email] = is_array($to_name) ? $to_name[$i] : $to_name;
        }
    }
    $message = Swift_Message::newInstance($subject)->setFrom(array($website_email => $from_name))->setReplyTo(array($from_email => $from_name))->setTo($to_array)->setPriority($priority)->setCharset($charset)->setBody($html_evaluated, 'text/html', $charset)->addPart($message_plain, 'text/plain', $charset);
    if ($cc_address != '') {
        $message->setCc($cc_address);
    }
    // Attachments
    foreach ($real_attachments as $r) {
        $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment');
        $message->attach($attachment);
    }
    foreach ($cid_attachments as $r) {
        $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment')->setId($r['cid']);
        $message->attach($attachment);
    }
    // Send the message, and error collection
    $error = '';
    try {
        $result = $mailer->send($message);
    } catch (Exception $e) {
        $error = $e->getMessage();
    }
    if ($error == '' && !$result) {
        $error = 'Unknown error';
    }
    // Attachment cleanup
    foreach ($real_attachments as $r) {
        if ($r['temp']) {
            @unlink($r['path']);
        }
    }
    foreach ($cid_attachments as $r) {
        if ($r['temp']) {
            @unlink($r['path']);
        }
    }
    // Return / Error handling
    $SENDING_MAIL = false;
    if ($error != '') {
        if (get_param_integer('keep_hide_mail_failure', 0) == 0) {
            require_code('site');
            attach_message(!is_null($error) ? make_string_tempcode($error) : do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address'))), 'warn');
        } else {
            return warn_screen(get_page_title('ERROR_OCCURRED'), do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address'))));
        }
    }
    return NULL;
}
Пример #3
0
/**
 * Create a data-mash from the file at a URL. This is data useful for the search engine.
 *
 * @param  URLPATH			The URL to make a data-mash of, or a filename if $data isn't blank
 * @param  ?string			Data (NULL: use URL)
 * @param  ?ID_TEXT			File extension (NULL: get from URL)
 * @param  boolean			Whether a direct file path was given instead of a URL
 * @return LONG_TEXT			The data-mash
 */
function create_data_mash($url, $data = NULL, $extension = NULL, $direct_path = false)
{
    if (function_exists('set_time_limit')) {
        @set_time_limit(300);
    }
    if (get_value('no_dload_search_index') === '1') {
        return '';
    }
    if (running_script('stress_test_loader')) {
        return '';
    }
    if (function_exists('memory_get_usage') && ini_get('memory_usage') == '8M') {
        return '';
    }
    // Some cowardice... don't want to tempt fate
    if (is_null($extension)) {
        $extension = get_file_extension($url);
    }
    $tmp_file = NULL;
    if (is_null($data)) {
        if ($direct_path || url_is_local($url)) {
            $actual_path = $direct_path ? $url : get_custom_file_base() . '/' . rawurldecode($url);
            if (file_exists($actual_path)) {
                switch ($extension) {
                    case 'zip':
                    case 'odt':
                    case 'odp':
                    case 'docx':
                    case 'tar':
                    case 'gz':
                        if (filesize($actual_path) > 1024 * 1024 * 3) {
                            return '';
                        }
                        break;
                }
                $tmp_file = $actual_path;
                if (filesize($actual_path) > 1024 * 1024 * 3) {
                    $myfile = fopen($actual_path, 'rb');
                    $data = '';
                    for ($i = 0; $i < 384; $i++) {
                        $data .= fread($myfile, 8192);
                    }
                    fclose($myfile);
                } else {
                    $data = file_get_contents($actual_path);
                }
            } else {
                $data = '';
            }
        } else {
            switch ($extension) {
                case 'txt':
                case '1st':
                case 'rtf':
                case 'pdf':
                case 'htm':
                case 'html':
                case 'xml':
                case 'doc':
                case 'xls':
                    break;
                    // Continue through to download good stuff
                // Continue through to download good stuff
                default:
                    return '';
                    // Don't download, it's not worth it
                    break;
            }
            $data = http_download_file($url, 3 * 1024 * 1024, false);
            // 3MB is enough
            if (is_null($data)) {
                return '';
            }
        }
    }
    $mash = '';
    switch ($extension) {
        case 'zip':
        case 'odt':
        case 'odp':
        case 'docx':
            require_code('m_zip');
            $tmp_file = ocp_tempnam('dcdm_');
            $myfile2 = fopen($tmp_file, 'wb');
            fwrite($myfile2, $data);
            fclose($myfile2);
            $myfile_zip = @zip_open($tmp_file);
            if (!is_integer($myfile_zip)) {
                while (($entry = @zip_read($myfile_zip)) !== false) {
                    $entry_name = @zip_entry_name($entry);
                    $mash .= ' ' . $entry_name;
                    if (substr($entry_name, -1) != '/') {
                        $_entry = @zip_entry_open($myfile_zip, $entry);
                        if ($_entry !== false) {
                            $file_data = '';
                            while (true) {
                                $it = @zip_entry_read($entry, 1024);
                                if ($it === false || $it == '') {
                                    break;
                                }
                                $file_data .= $it;
                                if (strlen($file_data) >= 3 * 1024 * 1024) {
                                    break;
                                }
                                // 3MB is enough
                            }
                            @zip_entry_close($entry);
                            $mash .= ' ' . create_data_mash($entry_name, $file_data);
                            if (strlen($mash) >= 3 * 1024 * 1024) {
                                break;
                            }
                            // 3MB is enough
                        }
                    }
                }
                @zip_close($myfile_zip);
            }
            @unlink($tmp_file);
            break;
        case 'tar':
            require_code('tar');
            $tmp_file = ocp_tempnam('dcdm_');
            $myfile = fopen($tmp_file, 'wb');
            fwrite($myfile, $data);
            fclose($myfile);
            $myfile_tar = tar_open($tmp_file, 'rb');
            if ($myfile_tar !== false) {
                $directory = tar_get_directory($myfile_tar);
                foreach ($directory as $entry) {
                    $entry_name = $entry['path'];
                    $mash .= ' ' . $entry_name;
                    if ($entry['size'] >= 3 * 1024 * 1024) {
                        continue;
                    }
                    // 3MB is enough
                    $_entrya = tar_get_file($myfile_tar, $entry['path']);
                    if (!is_null($_entrya)) {
                        $mash .= ' ' . create_data_mash($entry_name, $_entrya['data']);
                        if (strlen($mash) >= 3 * 1024 * 1024) {
                            break;
                        }
                        // 3MB is enough
                    }
                }
                tar_close($myfile_tar);
            }
            @unlink($tmp_file);
            break;
        case 'gz':
            if (function_exists('gzopen')) {
                if (function_exists('gzeof')) {
                    if (function_exists('gzread')) {
                        $tmp_file = ocp_tempnam('dcdm_');
                        $myfile = fopen($tmp_file, 'wb');
                        fwrite($myfile, $data);
                        fclose($myfile);
                        $myfile = gzopen($tmp_file, 'rb');
                        if ($myfile !== false) {
                            $file_data = '';
                            while (!gzeof($myfile)) {
                                $it = gzread($myfile, 1024);
                                $file_data .= $it;
                                if (strlen($file_data) >= 3 * 1024 * 1024) {
                                    break;
                                }
                                // 3MB is enough
                            }
                            $mash = ' ' . create_data_mash(preg_replace('#\\.gz#i', '', $url), $file_data);
                        }
                        @unlink($tmp_file);
                    }
                }
            }
            break;
        case 'txt':
        case '1st':
            $mash .= $data;
            break;
        case 'rtf':
            $len = strlen($data);
            $skipping_section_depth = 0;
            $escape = false;
            for ($i = 0; $i < $len; $i++) {
                $byte = $data[$i];
                if (!$escape && $byte == "\\") {
                    $escape = true;
                } elseif (!$escape && $byte == '{') {
                    if ($skipping_section_depth != 0) {
                        $skipping_section_depth++;
                    }
                } elseif (!$escape && $byte == '}') {
                    if ($skipping_section_depth != 0) {
                        $skipping_section_depth--;
                    }
                } elseif ($escape && $byte != '{' && $byte != "\\" && $byte != '}') {
                    $end_pos_1 = strpos($data, "\\", $i + 1);
                    if ($end_pos_1 === false) {
                        $end_pos_1 = $len;
                    }
                    $end_pos_2 = strpos($data, chr(10), $i + 1);
                    if ($end_pos_2 === false) {
                        $end_pos_2 = $len;
                    }
                    $end_pos_3 = strpos($data, ' ', $i + 1);
                    if ($end_pos_3 === false) {
                        $end_pos_3 = $len;
                    }
                    $end_pos_4 = strpos($data, "\t", $i + 1);
                    if ($end_pos_4 === false) {
                        $end_pos_4 = $len;
                    }
                    $end_pos_5 = strpos($data, '{', $i + 1);
                    if ($end_pos_5 === false) {
                        $end_pos_5 = $len;
                    }
                    $end_pos_6 = strpos($data, '}', $i + 1);
                    if ($end_pos_6 === false) {
                        $end_pos_6 = $len;
                    }
                    $end_pos = min($end_pos_1, $end_pos_2, $end_pos_3, $end_pos_4, $end_pos_5, $end_pos_6);
                    $tag = substr($data, $i, $end_pos - $i);
                    $tag = preg_replace('#[\\-0-9]*#', '', $tag);
                    if ($skipping_section_depth == 0 && ($tag == 'pgdsc' || $tag == 'comment' || $tag == 'object' || $tag == 'pict' || $tag == 'stylesheet' || $tag == 'fonttbl')) {
                        $skipping_section_depth = 1;
                    }
                    if ($tag == 'par') {
                        $mash .= chr(10);
                    }
                    $i = $end_pos - 1;
                    $escape = false;
                } elseif ($skipping_section_depth == 0) {
                    if ($byte != chr(13) && $byte != chr(10)) {
                        $mash .= $byte;
                    }
                    $escape = false;
                } else {
                    $escape = false;
                }
            }
            break;
        case 'pdf':
            if (str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('safe_mode'))) != '1' && strpos(@ini_get('disable_functions'), 'shell_exec') === false && !is_null($tmp_file)) {
                $enc = get_charset() == 'utf-8' ? ' -enc UTF-8' : '';
                $path = 'pdftohtml -i -noframes -stdout -hidden' . $enc . ' -q -xml ' . @escapeshellarg($tmp_file);
                if (strpos(strtolower(PHP_OS), 'win') !== false) {
                    if (file_exists(get_file_base() . '/data_custom/pdftohtml.exe')) {
                        $path = '"' . get_file_base() . DIRECTORY_SEPARATOR . 'data_custom' . DIRECTORY_SEPARATOR . '"' . $path;
                    }
                }
                $tmp_file_2 = ocp_tempnam('pdfxml_');
                @shell_exec($path . ' > ' . $tmp_file_2);
                $mash = create_data_mash($tmp_file_2, NULL, 'xml', true);
                @unlink($tmp_file_2);
            }
            break;
        case 'htm':
        case 'html':
            $head_patterns = array('#<\\s*script.*<\\s*/\\s*script\\s*>#misU', '#<\\s*link[^<>]*>#misU', '#<\\s*style.*<\\s*/\\s*style\\s*>#misU');
            foreach ($head_patterns as $pattern) {
                $data = preg_replace($pattern, '', $data);
            }
        case 'xml':
            $mash = str_replace('&apos;', '\'', str_replace(' false ', ' ', str_replace(' true ', ' ', @html_entity_decode(preg_replace('#\\<[^\\<\\>]*\\>#', ' ', $data), ENT_QUOTES, get_charset()))));
            $mash = preg_replace('#Error : Bad \\w+#', '', $mash);
            break;
        case 'xls':
        case 'doc':
        case 'ppt':
        case 'hlp':
            //		default: // Binary formats are complex to parse, but whatsmore, as textual tagging isn't used, extraction can be done automatically as all identified text is good.
            $data = str_replace("", '', $data);
            // Strip out interleaved nulls because they are used in wide-chars, obscuring the data
            $mash = '';
            $needs_delimiter_next = false;
            $in_portion = false;
            $min_length = 10;
            if ($extension == 'xls') {
                $min_length = 4;
            }
            for ($i = 0; $i < strlen($data); $i++) {
                $ch = $data[$i];
                $chx = 1;
                $next_ok = _is_valid_data_mash_char($ch);
                if ($next_ok && !$in_portion) {
                    $x = $ch;
                    for ($j = $i + 1; $j < strlen($data); $j++) {
                        $_ch = $data[$j];
                        $_next_ok = _is_valid_data_mash_char($_ch);
                        if ($_next_ok) {
                            $x .= $_ch;
                            $chx++;
                        } else {
                            break;
                        }
                    }
                    if (strlen($x) < $min_length || $x == strtoupper($x) || $x == 'Microsoft Word Document' || $x == 'WordDocument' || $x == 'SummaryInformation' || $x == 'DocumentSummaryInformation') {
                        $i = $j;
                        continue;
                    }
                }
                if ($next_ok && $in_portion) {
                    $mash .= $ch;
                } elseif ($next_ok && $chx >= $min_length) {
                    if ($needs_delimiter_next) {
                        $mash .= ' ';
                        $needs_delimiter_next = false;
                    }
                    $mash .= $ch;
                    $in_portion = true;
                } else {
                    if ($in_portion) {
                        $needs_delimiter_next = true;
                        $in_portion = false;
                    }
                }
            }
            break;
    }
    if (strlen($mash) > 1024 * 1024 * 3) {
        $mash = substr($mash, 0, 1024 * 1024 * 3);
    }
    $mash = preg_replace('# +#', ' ', preg_replace('#[^\\w\\d-\\-\']#', ' ', $mash));
    if (strlen($mash) > intval(1024 * 1024 * 1 * 0.4)) {
        $mash = substr($mash, 0, intval(1024 * 1024 * 0.4));
    }
    return $mash;
}
Пример #4
0
/**
 * Make a new file over the open AFM connection. Will overwrite if already exists (assuming has access).
 *
 * @param  PATH		The path to the file we are making.
 * @param  string		The desired file contents.
 * @param  boolean	Whether world access is required.
 */
function afm_make_file($basic_path, $contents, $world_access)
{
    $path = _rescope_path($basic_path);
    $access = _translate_file_access($world_access, get_file_extension($basic_path));
    $conn = _ftp_info();
    if ($conn !== false) {
        $path2 = ocp_tempnam('ocpafm');
        $h = fopen($path2, 'wb');
        if (fwrite($h, $contents) < strlen($contents)) {
            warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE_TMP', escape_html($path2)));
        }
        fclose($h);
        $h = fopen($path2, 'rb');
        $success = @ftp_fput($conn, $path, $h, FTP_BINARY);
        if (!$success) {
            if (running_script('upgrader')) {
                echo @strval($php_errormsg);
                return;
            }
            warn_exit(protect_from_escaping(@strval($php_errormsg)));
        }
        fclose($h);
        @unlink($path2);
        @ftp_chmod($conn, $access, $path);
        clearstatcache();
        sync_file(get_custom_file_base() . '/' . $basic_path);
    } else {
        $h = @fopen($path, 'wb');
        if ($h === false) {
            intelligent_write_error($path);
        }
        if (fwrite($h, $contents) < strlen($contents)) {
            warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE_TMP'));
        }
        fclose($h);
        @chmod($path, $access);
        fix_permissions($path);
        sync_file($path);
    }
}
Пример #5
0
/**
 * Calculate CRC32 for a file. Based on a function in the PHP docs.
 *
 * @param  PATH			The file
 * @return ?integer		The CRC (NULL: error)
 */
function crc32_file($filename)
{
    if (function_exists('hash_file')) {
        $crc = hash_file('crc32b', $filename);
        // Detect PHP bug http://bugs.php.net/bug.php?id=45028
        $reverse = false;
        $tempnam = ocp_tempnam('crctest');
        $myfile = fopen($tempnam, 'wb');
        fwrite($myfile, 'test');
        fclose($myfile);
        $crc_test = hash_file('crc32b', $tempnam);
        @unlink($tempnam);
        if ($crc_test == '0c7e7fd8') {
            $reverse = true;
        }
        if (!$reverse) {
            return hexdec($crc);
        }
        return hexdec(substr($crc, 6, 2) . substr($crc, 4, 2) . substr($crc, 2, 2) . substr($crc, 0, 2));
    }
    return crc32(file_get_contents($filename));
    /* The below code is not 64-bit compatible :( */
    /*   $f = @fopen($filename,'rb');
       if ($f===false) return NULL;
       
       static $crc32table=array();
    	static $reflect8table=array();
       if ($crc32table==array())
       {
          $polynomial = 0x04c11db7;
          $top_bit = 1 << 31;
           
          for($i = 0; $i < 256; $i++) 
          { 
             $remainder = $i << 24;
             for ($j = 0; $j < 8; $j++)
             {
                if ($remainder & $top_bit)
                   $remainder = ($remainder << 1) ^ $polynomial;
                else $remainder = $remainder << 1;
             }
             
             $crc32table[$i] = $remainder;
             
             if (isset($reflect8table[$i])) continue;
             $str = str_pad(decbin($i), 8, '0', STR_PAD_LEFT);
             $num = bindec(strrev($str));
             $reflect8table[$i] = $num;
             $reflect8table[$num] = $i;
          }
       }
    
       $remainder = 0xffffffff;
       do
       {
    		$data = fread($f,1024);
    		if ($data===false) break;
          $len = strlen($data);
    		if ($len==0) break;
    
          for ($i = 0; $i < $len; $i++)
          {
             $byte = $reflect8table[ord($data[$i])];
             $index = @(($remainder >> 24) & 0xff) ^ $byte;
             $crc = $crc32table[$index];
             $remainder = @($remainder << 8) ^ $crc;
          }
       }
    	while (true);
       
       $str = decbin($remainder);
       $str = str_pad($str, 32, '0', STR_PAD_LEFT);
       $remainder = bindec(strrev($str));
    
       $crc=@($remainder ^ 0xffffffff);
       if(@($crc & 0x80000000))
    
    	return $crc;*/
}
Пример #6
0
/**
 * The upgrader.php script handler.
 */
function upgrade_script()
{
    @ini_set('ocproducts.xss_detect', '0');
    require_lang('upgrade');
    require_code('database_action');
    require_code('config2');
    if (function_exists('set_time_limit')) {
        @set_time_limit(180);
    }
    if (array_key_exists('given_password', $_POST)) {
        $given_password = post_param('given_password');
        if (check_master_password($given_password)) {
            $type = get_param('type', 'misc');
            require_code('abstract_file_manager');
            up_do_header();
            if (post_param('ftp_username', '') != '') {
                $_POST['uses_ftp'] = '1';
                _ftp_info(true);
                // To give early error if there's a problem
            }
            // Handle shared site upgrading with no per-site UI
            global $SITE_INFO;
            if (isset($SITE_INFO['custom_file_base_stub'])) {
                require_code('shared_installs');
                $u = current_share_user();
                if (!is_null($u)) {
                    upgrade_sharedinstall_sites();
                    echo '<p>Now regenerate <kbd>template.sql</kbd>, using something like <kbd>mysqldump -uroot -p myocp_site_shareddemo > ~/public_html/template.sql</kbd></p>';
                    up_do_footer();
                    return;
                }
            }
            $show_more_link = true;
            switch ($type) {
                case 'misc':
                    clear_caches_1();
                    $l_choices = do_lang('FU_CHOICES');
                    $oc = get_option('site_closed') == '0' ? do_lang('SITE_OPEN') : do_lang('SITE_CLOSED');
                    $a = float_to_raw_string(ocp_version_number());
                    $b = get_value('version');
                    if (is_null($b)) {
                        $b = '2.5';
                    }
                    $l_up_info = do_lang('FU_UP_INFO' . ($a == $b ? '_1' : '_2'), $a, $b);
                    $l_fu_closedness = do_lang('FU_CLOSENESS', $oc);
                    $l_maintenance = do_lang('FU_MAINTENANCE');
                    $l_upgrading = do_lang('FU_UPGRADING');
                    $l_take_backup = do_lang('FU_TAKE_BACKUP');
                    $l_clear_caches = fu_link('upgrader.php?type=decache', do_lang('FU_CLEAR_CACHES'));
                    $l_check_permissions = fu_link('upgrader.php?type=check_perms', do_lang('FU_CHECK_PERMISSIONS'));
                    $l_fix_permissions = fu_link('upgrader.php?type=fix_perms', do_lang('FU_FIX_PERMISSIONS'));
                    $l_close_site = fu_link('upgrader.php?type=close_site', do_lang('FU_CLOSE_SITE'), get_option('site_closed') == '1');
                    $l_integrity_scan = fu_link('upgrader.php?type=integrity_scan&allow_merging=1', do_lang('FU_INTEGRITY_SCAN'), false, do_lang('FU_WILL_MERGE'));
                    $l_integrity_scan_no_merging = fu_link('upgrader.php?type=integrity_scan', do_lang('FU_INTEGRITY_SCAN_NO_CSS_MERGE'));
                    $l_database_upgrade = fu_link('upgrader.php?type=db_upgrade', do_lang('FU_DATABASE_UPGRADE'));
                    $l_theme_upgrade = fu_link('upgrader.php?type=theme_upgrade', do_lang('FU_THEME_UPGRADE'));
                    $l_open_site = fu_link('upgrader.php?type=open_site', do_lang('FU_OPEN_SITE'), get_option('site_closed') == '0');
                    $l_error_correction = do_lang('FU_ERROR_CORRECTION');
                    $l_not_for_patch = do_lang('FU_NOT_FOR_PATCH');
                    $l_tutorial = fu_link('http://ocportal.com/docs/tut_upgrade.htm', do_lang('FU_TUTORIAL'));
                    $l_release_notes = do_lang('FU_RELEASE_NOTES');
                    $l_refer_release_notes = do_lang('FU_REFER_RELEASE_NOTES');
                    $news_id = post_param_integer('news_id', NULL);
                    $tar_url = '';
                    if (!is_null($news_id)) {
                        require_code('files');
                        $fetch_url = 'http://ocportal.com/uploads/website_specific/ocportal.com/scripts/fetch_release_details.php?news_id=' . strval($news_id) . '&from_version=' . urlencode(strval(ocp_version()) . '.' . ocp_version_minor());
                        $news = http_download_file($fetch_url, NULL, true, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 30.0);
                        $details = unserialize($news);
                        if ($details[0] != '') {
                            $l_refer_release_notes = $details[0] . '<div style="overflow: auto; height: 150px">' . $details[2] . '</div>';
                        }
                        $tar_url = $details[1];
                    }
                    $l_download = fu_link('upgrader.php?type=file_upgrade&tar_url=' . urlencode(base64_encode($tar_url)), do_lang('FU_DOWNLOAD'));
                    $l_important = do_lang('IMPORTANT');
                    $l_bugs = do_lang('FU_BUGS');
                    $l_upgrade_steps = do_lang('FU_UPGRADE_STEPS');
                    $l_action = do_lang('ACTION');
                    $l_step = do_lang('FU_STEP');
                    $l_estimated_time = do_lang('FU_ESTIMATED_TIME');
                    $l_safe_mode = fu_link('index.php?keep_safe_mode=1', do_lang('FU_SAFE_MODE'));
                    $num_addons = $GLOBALS['SITE_DB']->query_value('addons', 'COUNT(*)');
                    $l_addon_management = fu_link('adminzone/index.php?page=admin_addons&keep_safe_mode=1', do_lang('FU_ADDON_MANAGEMENT', integer_format($num_addons)), $num_addons == 0);
                    $l_customisations = do_lang('FU_CUSTOMISATIONS');
                    $closed = comcode_to_tempcode(get_option('closed'), NULL, true);
                    $closed_url = build_url(array('page' => 'admin_config', 'type' => 'category', 'id' => 'SITE'), get_module_zone('admin_config'), NULL, false, false, false, 'group_CLOSED_SITE');
                    echo "\n<p>{$l_choices}</p>\n\n<div style=\"margin: 0 50px\">\n\t<h2>{$l_maintenance}&hellip;</h2><ul>\n\t\t<li>{$l_clear_caches}</li>\n\t\t<li>{$l_check_permissions}</li>\n\t\t<li>{$l_fix_permissions}</li>\n\t</ul>\n\n\t<h2 style=\"margin-top: 40px\">{$l_upgrading}&hellip;</h2>\n\n\t<h3>{$l_important}</h3>\n\n\t<p>{$l_bugs}</p>\n\n\t<h3>{$l_release_notes}</h3>\n\n\t<p>{$l_refer_release_notes}</p>\n\n\t<h3>{$l_upgrade_steps}</h3>\n\n\t<div class=\"wide_table_wrap\"><table style=\"margin-top: 5px\" class=\"solidborder wide_table spaced_table\">\n\t\t<tr>\n\t\t\t<th>{$l_step}</th>\n\t\t\t<th>{$l_action}</th>\n\t\t\t<th>{$l_estimated_time}</th>\n\t\t</tr>\n\t\t<tr><th>X</th><td>{$l_not_for_patch} {$l_tutorial}</td><td>" . escape_html(display_time_period(60 * 120)) . "</td></tr>\n\t\t<tr><th>1</th><td>{$l_take_backup}</td><td>" . escape_html(display_time_period(60 * 120)) . "</td></tr>\n\t\t<tr><th>2</th><td>{$l_close_site}  {$l_fu_closedness}<br /><q style=\"font-style: italic\">" . $closed->evaluate() . "</q> <span class=\"associated_link_to_small\">[<a href=\"" . escape_html($closed_url->evaluate()) . "\" title=\"(this link will open in a new window)\" target=\"_blank\">" . do_lang('CHANGE') . "</a>]</span></td><td>" . escape_html(display_time_period(60)) . "</td></tr>\n\t\t<tr><th>3</th><td>{$l_download}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>4</th><td>{$l_not_for_patch} {$l_integrity_scan_no_merging}<!-- " . do_lang('OR') . " {$l_integrity_scan}--></td><td>" . str_replace(' ', '&nbsp;', escape_html(display_time_period(60 * 10))) . "&nbsp;&dagger;</td></tr>\n\t\t<tr><th>5</th><td>{$l_not_for_patch} {$l_database_upgrade}<br />{$l_up_info}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>6</th><td>{$l_not_for_patch} {$l_theme_upgrade}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>7</th><td>{$l_clear_caches}</td><td>1 minute</td></tr>\n\t\t<tr><th>8</th><td>{$l_open_site}  {$l_fu_closedness}</td><td>1 minute</td></tr>\n\t</table></div>\n\n\t<p>&dagger; {$l_customisations}</p>\n\n\t<h2 style=\"margin-top: 40px\">{$l_error_correction}&hellip;</h2><ul style=\"margin-top: 5px\">\n\t\t<li>{$l_safe_mode}</li>\n\t\t<li>{$l_addon_management}</li>\n\t</ul>\n</div>\n";
                    $show_more_link = false;
                    break;
                case 'decache':
                    clear_caches_2();
                    echo '<p>' . do_lang('SUCCESS') . '</p>';
                    break;
                case 'check_perms':
                    echo check_perms();
                    break;
                case 'fix_perms':
                    echo fix_perms();
                    break;
                case 'open_site':
                    set_option('site_closed', '0');
                    echo '<p>' . do_lang('SUCCESS') . '</p>';
                    break;
                case 'close_site':
                    set_option('closed', do_lang('FU_CLOSED_FOR_UPGRADES', get_site_name()));
                    set_option('site_closed', '1');
                    echo '<p>' . do_lang('SUCCESS') . '</p>';
                    break;
                case 'file_upgrade':
                    if (get_param('tar_url', '') == '') {
                        echo do_lang('FU_FILE_UPGRADE_INFO');
                    }
                    echo do_lang('FU_FILE_UPGRADE_INFO_MANUAL');
                    echo '<form title="' . do_lang('PROCEED') . '" enctype="multipart/form-data" action="upgrader.php?type=_file_upgrade" method="post">' . post_fields_relay();
                    echo '<label for="url">' . do_lang('URL') . '</label> <input type="text" id="url" name="url" value="' . escape_html(base64_decode(get_param('tar_url', ''))) . '" /> ';
                    if (ocp_srv('HTTP_HOST') == 'ocportal.com' || $GLOBALS['DEBUG_MODE']) {
                        echo '<br /><label for="upload">' . do_lang('UPLOAD') . '</label> <input type="file" id="upload" name="upload" />';
                    }
                    echo '<input type="submit" value="' . do_lang('PROCEED') . '" />';
                    echo '</form>';
                    $show_more_link = false;
                    break;
                case '_file_upgrade':
                    require_code('tar');
                    if (function_exists('set_time_limit')) {
                        @set_time_limit(0);
                    }
                    if (post_param('url', '') == '' && (ocp_srv('HTTP_HOST') == 'ocportal.com' || $GLOBALS['DEBUG_MODE'])) {
                        $temp_path = $_FILES['upload']['tmp_name'];
                    } else {
                        if (post_param('url', '') == '') {
                            warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN'));
                        }
                        $temp_path = ocp_tempnam('ocpfu');
                        $myfile = fopen($temp_path, 'wb');
                        http_download_file(post_param('url'), NULL, true, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile);
                        fclose($myfile);
                    }
                    $upgrade_resource = tar_open($temp_path, 'rb');
                    //tar_extract_to_folder($upgrade_resource,'',true);
                    disable_php_memory_limit();
                    $directory = tar_get_directory($upgrade_resource);
                    // Uses up to around 5MB
                    $data = array('todo' => array());
                    $popup_simple_extract = _ftp_info() === false;
                    if (!$popup_simple_extract) {
                        echo '<p>' . do_lang('EXTRACTING_MESSAGE') . '</p>';
                    }
                    $addon_contents = array();
                    // Find addons
                    foreach ($directory as $upgrade_file2) {
                        // See if we can find an addon registry file in our upgrade TAR
                        if (strpos($upgrade_file2['path'], '/addon_registry/') !== false && substr($upgrade_file2['path'], -4) == '.php') {
                            $file_data = tar_get_file($upgrade_resource, $upgrade_file2['path']);
                            $addon_contents[basename($upgrade_file2['path'], '.php')] = $file_data['data'];
                        }
                    }
                    // Process files
                    foreach ($directory as $offset => $upgrade_file) {
                        // skip over these, from manually installer package (which may be used for an upgrade)
                        if ($upgrade_file['path'] == 'info.php') {
                            continue;
                        }
                        if ($upgrade_file['path'] == 'install.php') {
                            continue;
                        }
                        if ($upgrade_file['path'] == 'install.sql') {
                            continue;
                        }
                        if ($upgrade_file['path'] == 'info.php.template') {
                            continue;
                        }
                        if (!$popup_simple_extract) {
                            // See if we can skip the file, if the on-disk version is identical?
                            if (file_exists(get_file_base() . '/' . $upgrade_file['path']) && filesize(get_file_base() . '/' . $upgrade_file['path']) == $upgrade_file['size']) {
                                $tar_data = tar_get_file($upgrade_resource, $upgrade_file['path']);
                                if (file_get_contents(get_file_base() . '/' . $upgrade_file['path']) == $tar_data['data']) {
                                    echo do_lang('U_SKIPPING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />';
                                    continue;
                                }
                            }
                        }
                        // Addon registry file, for installed addon
                        if (strpos($upgrade_file['path'], '/addon_registry/') !== false && file_exists(get_file_base() . '/' . $upgrade_file['path'])) {
                            if (substr($upgrade_file['path'], -1) != '/') {
                                if ($popup_simple_extract) {
                                    $data['todo'][] = array($upgrade_file['path'], $upgrade_file['mtime'], $offset + 512, $upgrade_file['size'], ($upgrade_file['mode'] & 02) != 0);
                                } else {
                                    $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']);
                                    afm_make_file($upgrade_file['path'], $file_data['data'], ($file_data['mode'] & 02) != 0);
                                    echo do_lang('U_EXTRACTING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />';
                                }
                            }
                        } else {
                            // Some other file
                            $found = NULL;
                            if (substr($upgrade_file['path'], -1) != '/') {
                                foreach ($addon_contents as $addon_name => $addon_data) {
                                    // See if this is the addon for the file
                                    $shortened_path = $upgrade_file['path'];
                                    $shortened_path = preg_replace('#^themes/default/(templates|css)/#', '', $shortened_path);
                                    if (strpos($addon_data, '\'' . addslashes($shortened_path) . '\'') !== false) {
                                        $found = $addon_name;
                                        break;
                                    }
                                }
                            }
                            // Install if either of the following is true:
                            //  - it's some file not in an addon (shouldn't actually happen)
                            //  - it's a new addon (addon that is not installed or uninstalled i.e. does not have an exported mod file)
                            //  - it's a file in an addon we have installed
                            //  - we're upgrading from an ocPortal version that doesn't support addons yet
                            if (is_null($found) || !file_exists(get_file_base() . '/imports/mods/' . $found . '.tar') || file_exists(get_file_base() . '/sources/hooks/systems/addon_registry/' . $found . '.php') || !file_exists(get_file_base() . '/sources/hooks/systems/addon_registry')) {
                                if (substr($upgrade_file['path'], -1) == '/') {
                                    afm_make_directory($upgrade_file['path'], false, true);
                                } else {
                                    if ($popup_simple_extract) {
                                        $data['todo'][] = array($upgrade_file['path'], $upgrade_file['mtime'], $offset + 512, $upgrade_file['size'], ($upgrade_file['mode'] & 02) != 0);
                                    } else {
                                        $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']);
                                        if (!file_exists(get_file_base() . '/' . dirname($upgrade_file['path']))) {
                                            afm_make_directory(dirname($upgrade_file['path']), false, true);
                                        }
                                        afm_make_file($upgrade_file['path'], $file_data['data'], ($file_data['mode'] & 02) != 0);
                                        echo do_lang('U_EXTRACTING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />';
                                    }
                                }
                            }
                            if (substr($upgrade_file['path'], -1) != '/') {
                                // If true: We need to copy it into our archived addon so that addon is kept up-to-date
                                if (!is_null($found) && file_exists(get_file_base() . '/imports/mods/' . $found . '.tar')) {
                                    $old_mod_file = tar_open(get_file_base() . '/imports/mods/' . $found . '.tar', 'rb');
                                    $new_mod_file = tar_open(get_file_base() . '/imports/mods/' . $found . '.new.tar', 'wb');
                                    $directory2 = tar_get_directory($old_mod_file, true);
                                    if (!is_null($directory2)) {
                                        foreach ($directory2 as $d) {
                                            if ($d['path'] == $upgrade_file['path']) {
                                                continue;
                                            }
                                            $file_data = tar_get_file($old_mod_file, $d['path']);
                                            if ($d['path'] == 'mod.inf') {
                                                $file_data['data'] = preg_replace('#^version=.*#m', 'version=(version-synched)', $file_data['data']);
                                            }
                                            tar_add_file($new_mod_file, $d['path'], $file_data['data'], $d['mode'], $d['mtime']);
                                        }
                                        $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']);
                                        tar_add_file($new_mod_file, $upgrade_file['path'], $file_data['data'], $upgrade_file['mode'], $upgrade_file['mtime']);
                                        tar_close($new_mod_file);
                                        tar_close($old_mod_file);
                                        unlink(get_file_base() . '/imports/mods/' . $found . '.tar');
                                        rename(get_file_base() . '/imports/mods/' . $found . '.new.tar', get_file_base() . '/imports/mods/' . $found . '.tar');
                                        echo do_lang('U_PACKING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />';
                                    }
                                }
                            }
                        }
                    }
                    tar_close($upgrade_resource);
                    if ($popup_simple_extract) {
                        copy($temp_path, get_custom_file_base() . '/data_custom/upgrader.tar.tmp');
                        @unlink($temp_path);
                        $temp_path = get_custom_file_base() . '/data_custom/upgrader.tar.tmp';
                        $tmp_data_path = get_custom_file_base() . '/data_custom/upgrader.tmp';
                        $tmp_data_file = fopen($tmp_data_path, 'wb');
                        fwrite($tmp_data_file, serialize($data));
                        fclose($tmp_data_file);
                        global $SITE_INFO;
                        $extract_url = get_base_url() . '/data/upgrader2.php?hashed_password='******'admin_password']) . '&tmp_path=' . urlencode($temp_path) . '&file_offset=0&tmp_data_path=' . urlencode($tmp_data_path) . '&done=' . urlencode(do_lang('DONE'));
                        echo '<p>' . do_lang('FU_EXTRACTING_WINDOW', integer_format(count($data['todo']))) . '</p>';
                        echo '<iframe frameBorder="0" title="" style="width: 100%; height: 400px" src="' . escape_html($extract_url) . '"></iframe>';
                    } else {
                        echo '<p>' . do_lang('SUCCESS') . '</p>';
                        @unlink($temp_path);
                    }
                    unset($_POST['news_id']);
                    break;
                case 'integrity_scan':
                    $allow_merging = either_param_integer('allow_merging', 0);
                    echo run_integrity_check(false, $allow_merging == 1);
                    break;
                case '_integrity_scan':
                    _integrity_scan();
                    echo '<p>' . do_lang('SUCCESS') . '</p>';
                    break;
                case 'db_upgrade':
                    $something_done = false;
                    clear_caches_2();
                    if (version_specific()) {
                        echo do_lang('FU_UPGRADED_CORE_TABLES');
                        $something_done = true;
                    }
                    $done = upgrade_modules();
                    if ($done != '') {
                        echo do_lang('FU_UPGRADE_MODULES', $done);
                        $something_done = true;
                    }
                    if (!$something_done) {
                        echo do_lang('NO_UPGRADE_DONE');
                    }
                    $version_files = ocp_version_number();
                    $_version_database = get_value('ocf_version');
                    $version_database = floatval($_version_database);
                    if (is_null($_version_database)) {
                        $version_database = 2.1;
                    }
                    // Either 2.0 or 2.1, and they are equivalent in terms of what we need to do
                    if ($version_database < $version_files) {
                        echo do_lang('FU_MUST_UPGRADE_OCF', fu_link('upgrader.php?type=ocf', do_lang('FU_UPGRADE_OCF')));
                    }
                    break;
                case 'theme_upgrade':
                    echo upgrade_themes();
                    break;
                case 'ocf':
                    // Only to be launched as a consequent of db_upgrade
                    if (ocf_upgrade()) {
                        echo '<p>' . do_lang('SUCCESS') . '</p>';
                    } else {
                        echo do_lang('FU_NO_OCF_UPGRADE');
                    }
                    break;
            }
            if ($show_more_link) {
                echo '<hr /><div>' . fu_link('upgrader.php?type=misc', do_lang('MORE_OPTIONS')) . '</div>';
            }
        } else {
            up_do_header();
            up_do_login(do_lang('USER_BAD_PASSWORD'));
        }
    } else {
        up_do_header();
        up_do_login();
    }
    up_do_footer();
}
Пример #7
0
 /**
  * Standard modular run function.
  *
  * @return tempcode	Results
  */
 function run()
 {
     require_lang('stats');
     require_lang('dates');
     $delete_older_than = post_param_integer('delete_older_than', NULL);
     if (is_null($delete_older_than)) {
         @ob_end_clean();
         $delete_older_than = intval(get_option('stats_store_time'));
         require_code('form_templates');
         $fields = form_input_integer(do_lang_tempcode('DPLU_DAYS'), do_lang_tempcode('DESCRIPTION_DELETE_DAYS'), 'delete_older_than', $delete_older_than, true);
         $post_url = get_self_url(false, false, NULL, false, true);
         $submit_name = do_lang_tempcode('DELETE');
         $hidden = build_keep_post_fields();
         $title = get_page_title('PAGE_STATS_DELETE');
         $tpl = do_template('FORM_SCREEN', array('SKIP_VALIDATION' => true, 'HIDDEN' => $hidden, 'TITLE' => $title, 'TEXT' => do_lang_tempcode('DELETE_DATA_AVAILABLE'), 'URL' => $post_url, 'FIELDS' => $fields, 'SUBMIT_NAME' => $submit_name));
         $echo = globalise($tpl, NULL, '', true);
         $echo->evaluate_echo();
         exit;
     }
     if (function_exists('set_time_limit')) {
         @set_time_limit(0);
     }
     // Write install.php file
     $template = get_custom_file_base() . '/data_custom/modules/admin_cleanup/page_stats.php.pre';
     if (!file_exists($template)) {
         $template = get_file_base() . '/data/modules/admin_cleanup/page_stats.php.pre';
     }
     $_install_php_file = file_get_contents($template);
     $install_php_file = ocp_tempnam('ps');
     $tmpfile = fopen($install_php_file, 'wb');
     fwrite($tmpfile, substr($_install_php_file, 0, strpos($_install_php_file, '{!!DB!!}')));
     // Get old data
     do {
         $or_list = '';
         $data = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . get_table_prefix() . 'stats WHERE date_and_time<' . strval(time() - 60 * 60 * 24 * $delete_older_than), 500);
         foreach ($data as $d) {
             $list = '';
             foreach ($d as $name => $value) {
                 if (is_null($value)) {
                     continue;
                 }
                 if ($list != '') {
                     $list .= ',';
                 }
                 $list .= "'" . (is_string($name) ? $name : strval($name)) . "'=>";
                 if (!is_integer($value)) {
                     $list .= "'" . str_replace('\'', '\\\'', $value) . "'";
                 } else {
                     $list .= strval($value);
                 }
             }
             fwrite($tmpfile, "\t\$GLOBALS['SITE_DB']->query_insert('stats',array({$list}));\n");
             if ($or_list != '') {
                 $or_list .= ' OR ';
             }
             $or_list .= 'id=' . strval($d['id']);
         }
         if ($or_list != '') {
             $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'stats WHERE ' . $or_list);
         }
     } while ($data != array());
     fwrite($tmpfile, substr($_install_php_file, strpos($_install_php_file, '{!!DB!!}') + 8));
     // Make tar
     require_code('tar');
     $file = 'stats-leading-to-' . date('Y-m-d', utctime_to_usertime(time() - 60 * 60 * 24 * $delete_older_than));
     $stats_backup_url = get_custom_base_url() . '/exports/backups/' . $file . '.tar';
     $myfile = tar_open(get_custom_file_base() . '/exports/backups/' . $file . '.tar', 'wb');
     tar_add_file($myfile, $file . '.php', $install_php_file, 0664, time(), true);
     tar_close($myfile);
     fclose($tmpfile);
     @unlink($install_php_file);
     $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'stats WHERE date_and_time<' . strval(time() - 60 * 60 * 24 * $delete_older_than));
     return do_template('CLEANUP_PAGE_STATS', array('_GUID' => '1df213eee7c5c6b97168e5a34e92d3b0', 'STATS_BACKUP_URL' => $stats_backup_url));
 }
Пример #8
0
/**
 * Detect calendar matches in a time period, in user-time.
 *
 * @param  MEMBER			The member to detect conflicts for
 * @param  boolean		Whether to restrict only to viewable events for the current member
 * @param  ?TIME			The timestamp that found times must exceed. In user-time (NULL: use find_periods_recurrence default)
 * @param  ?TIME			The timestamp that found times must not exceed. In user-time (NULL: use find_periods_recurrence default)
 * @param  ?array			The type filter (NULL: none)
 * @param  boolean		Whether to include RSS events in the results
 * @return array			A list of events happening, with time details
 */
function calendar_matches($member_id, $restrict, $period_start, $period_end, $filter = NULL, $do_rss = true)
{
    if (is_null($period_start)) {
        $period_start = utctime_to_usertime(time());
    }
    if (is_null($period_end)) {
        $period_end = utctime_to_usertime(time() + 60 * 60 * 24 * 360 * 20);
    }
    $matches = array();
    $where = '';
    if ($restrict) {
        if ($where != '') {
            $where .= ' AND ';
        }
        $where .= '(e_submitter=' . strval((int) $member_id) . ' OR e_is_public=1)';
    }
    if (!is_null($filter)) {
        foreach ($filter as $a => $b) {
            if ($b == 0) {
                if ($where != '') {
                    $where .= ' AND ';
                }
                $where .= 'e_type<>' . strval((int) substr($a, 4));
            }
        }
    }
    if ($where != '') {
        $where .= ' AND ';
    }
    $where .= '(validated=1 OR e_is_public=0)';
    if (addon_installed('syndication_blocks')) {
        // Determine what feeds to overlay
        $feed_urls_todo = array();
        for ($i = 0; $i < 10; $i++) {
            $feed_url = post_param('feed_' . strval($i), ocp_admirecookie('feed_' . strval($i), ''));
            require_code('users_active_actions');
            ocp_setcookie('feed_' . strval($i), $feed_url);
            if ($feed_url != '' && preg_match('#^[\\w\\d\\-\\_]*$#', $feed_url) == 0) {
                $feed_urls_todo[$feed_url] = NULL;
            }
        }
        $_event_types = list_to_map('id', $GLOBALS['SITE_DB']->query_select('calendar_types', array('id', 't_title', 't_logo', 't_external_feed')));
        foreach ($_event_types as $j => $_event_type) {
            if ($_event_type['t_external_feed'] != '' && (is_null($filter) || !array_key_exists($_event_type['id'], $filter) || $filter[$_event_type['id']] == 1) && has_category_access(get_member(), 'calendar', strval($_event_type['id']))) {
                $feed_urls_todo[$_event_type['t_external_feed']] = $_event_type['id'];
            }
            $_event_types[$j]['text_original'] = get_translated_text($_event_type['t_title']);
        }
        $event_types = collapse_2d_complexity('text_original', 't_logo', $_event_types);
        // Overlay it
        foreach ($feed_urls_todo as $feed_url => $event_type) {
            $temp_file_path = ocp_tempnam('feed');
            require_code('files');
            $write_to_file = fopen($temp_file_path, 'wb');
            http_download_file($feed_url, 1024 * 512, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $write_to_file);
            if ($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'] == 'text/calendar' || $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'] == 'application/octet-stream') {
                $data = file_get_contents($temp_file_path);
                require_code('calendar_ical');
                $whole = end(explode('BEGIN:VCALENDAR', $data));
                $events = explode('BEGIN:VEVENT', $whole);
                $calendar_nodes = array();
                foreach ($events as $key => $items) {
                    $items = preg_replace('#(.+)\\n +(.*)\\n#', '${1}${2}' . "\n", $items);
                    // Merge split lines
                    $nodes = explode("\n", $items);
                    foreach ($nodes as $_child) {
                        if (strpos($_child, ':') === false) {
                            continue;
                        }
                        $child = array('', '');
                        $in_quotes = false;
                        $j = 0;
                        for ($i = 0; $i < strlen($_child); $i++) {
                            $char = $_child[$i];
                            if ($char == '"') {
                                $in_quotes = !$in_quotes;
                            }
                            if ($j != 1 && !$in_quotes && $char == ':') {
                                $j++;
                            } else {
                                $child[$j] .= $char;
                            }
                        }
                        $matches2 = array();
                        if (preg_match('#;TZID=(.*)#', $child[0], $matches2)) {
                            $calendar_nodes[$key]['TZID'] = $matches2[1];
                        }
                        $child[0] = preg_replace('#;.*#', '', $child[0]);
                        if (array_key_exists("1", $child) && $child[0] !== 'PRODID' && $child[0] !== 'VERSION' && $child[0] !== 'END') {
                            $calendar_nodes[$key][$child[0]] = str_replace(array('\\n', '\\,'), array("\n", ','), trim($child[1]));
                        }
                    }
                    if ($key != 0) {
                        list($full_url, $type_id, $type, $recurrence, $recurrences, $seg_recurrences, $title, $content, $priority, $is_public, $start_year, $start_month, $start_day, $start_hour, $start_minute, $end_year, $end_month, $end_day, $end_hour, $end_minute, $timezone, $validated, $allow_rating, $allow_comments, $allow_trackbacks, $notes) = get_event_data_ical($calendar_nodes[$key]);
                        $is_public = 1;
                        $event = array('e_recurrence' => $recurrence, 'e_content' => $content, 'e_title' => $title, 'e_id' => $feed_url, 'e_priority' => $priority, 't_logo' => 'calendar/rss', 'e_recurrences' => $recurrences, 'e_seg_recurrences' => $seg_recurrences, 'e_is_public' => $is_public, 'e_start_year' => $start_year, 'e_start_month' => $start_month, 'e_start_day' => $start_day, 'e_start_hour' => $start_hour, 'e_start_minute' => $start_minute, 'e_end_year' => $end_year, 'e_end_month' => $end_month, 'e_end_day' => $end_day, 'e_end_hour' => $end_hour, 'e_end_minute' => $end_minute, 'e_timezone' => $timezone);
                        if (!is_null($event_type)) {
                            $event['t_logo'] = $_event_types[$event_type]['t_logo'];
                        }
                        if (!is_null($type)) {
                            $event['t_title'] = $type;
                            if (array_key_exists($type, $event_types)) {
                                $event['t_logo'] = $event_types[$type];
                            }
                        }
                        $their_times = find_periods_recurrence($timezone, 0, $start_year, $start_month, $start_day, $start_hour, $start_minute, $end_year, $end_month, $end_day, $end_hour, $end_minute, $recurrence, $recurrences, $period_start, $period_end);
                        // Now search every combination to see if we can get a hit
                        foreach ($their_times as $their) {
                            $matches[] = array($full_url, $event, $their[0], $their[1], $their[2], $their[3], $their[4], $their[5]);
                        }
                    }
                }
            } else {
                require_code('rss');
                $rss = new rss($temp_file_path, true);
                $content = new ocp_tempcode();
                foreach ($rss->gleamed_items as $item) {
                    if (array_key_exists('guid', $item)) {
                        $full_url = $item['guid'];
                    } elseif (array_key_exists('comment_url', $item)) {
                        $full_url = $item['comment_url'];
                    } elseif (array_key_exists('full_url', $item)) {
                        $full_url = $item['full_url'];
                    } else {
                        $full_url = '';
                    }
                    if (array_key_exists('title', $item) && array_key_exists('clean_add_date', $item) && $full_url != '') {
                        $event = array('e_recurrence' => 'none', 'e_content' => array_key_exists('news', $item) ? $item['news'] : '', 'e_title' => $item['title'], 'e_id' => $full_url, 'e_priority' => 'na', 't_logo' => 'calendar/rss', 'e_recurrences' => 1, 'e_seg_recurrences' => '', 'e_is_public' => 1, 'e_timezone' => get_users_timezone());
                        if (!is_null($event_type)) {
                            $event['t_logo'] = $_event_types[$event_type]['t_logo'];
                        }
                        if (array_key_exists('category', $item)) {
                            $event['t_title'] = $item['category'];
                            if (array_key_exists($item['category'], $event_types)) {
                                $event['t_logo'] = $event_types[$item['category']];
                            }
                        }
                        $from = utctime_to_usertime($item['clean_add_date']);
                        if ($from >= $period_start && $from < $period_end) {
                            $event += array('e_start_year' => date('Y', $from), 'e_start_month' => date('m', $from), 'e_start_day' => date('D', $from), 'e_start_hour' => date('H', $from), 'e_start_minute' => date('i', $from), 'e_end_year' => NULL, 'e_end_month' => NULL, 'e_end_day' => NULL, 'e_end_hour' => NULL, 'e_end_minute' => NULL);
                            $matches[] = array($full_url, $event, $from, NULL, $from, NULL, $from, NULL);
                        }
                    }
                }
            }
            @unlink($temp_file_path);
        }
    }
    if ($where != '') {
        $where .= ' AND ';
    }
    $where .= '(((e_start_month>=' . strval(intval(date('m', $period_start)) - 1) . ' AND e_start_year=' . date('Y', $period_start) . ' OR e_start_year>' . date('Y', $period_start) . ') AND (e_start_month<=' . strval(intval(date('m', $period_end)) + 1) . ' AND e_start_year=' . date('Y', $period_end) . ' OR e_start_year<' . date('Y', $period_end) . ')) OR ' . db_string_not_equal_to('e_recurrence', 'none') . ')';
    $where = ' WHERE ' . $where;
    $event_count = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON e.e_type=t.id' . $where);
    if ($event_count > 2000) {
        attach_message(do_lang_tempcode('TOO_MANY_TO_CHOOSE_FROM'), 'inform');
        return array();
    }
    $events = $GLOBALS['SITE_DB']->query('SELECT *,e.id AS e_id FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON e.e_type=t.id' . $where);
    foreach ($events as $event) {
        if (!has_category_access(get_member(), 'calendar', strval($event['e_type']))) {
            continue;
        }
        $their_times = find_periods_recurrence($event['e_timezone'], $event['e_do_timezone_conv'], $event['e_start_year'], $event['e_start_month'], $event['e_start_day'], $event['e_start_hour'], $event['e_start_minute'], $event['e_end_year'], $event['e_end_month'], $event['e_end_day'], $event['e_end_hour'], $event['e_end_minute'], $event['e_recurrence'], $event['e_recurrences'], $period_start, $period_end);
        // Now search every combination to see if we can get a hit
        foreach ($their_times as $their) {
            $matches[] = array($event['e_id'], $event, $their[0], $their[1], $their[2], $their[3], $their[4], $their[5]);
        }
    }
    global $M_SORT_KEY;
    $M_SORT_KEY = 2;
    usort($matches, 'multi_sort');
    return $matches;
}
Пример #9
0
 /**
  * Extract video meta info from any uploaded video.
  *
  * @return array		A triplet of 3 "?integer"'s: video width, video height, video length
  */
 function get_special_video_info()
 {
     $video_length = post_param_integer('video_length', 0);
     $video_width = post_param_integer('video_width', 0);
     $video_height = post_param_integer('video_height', 0);
     if ($video_width == 0 || $video_height == 0 || $video_length == 0) {
         require_code('uploads');
         if (is_swf_upload(true) && array_key_exists('file', $_FILES) || array_key_exists('file', $_FILES) && is_uploaded_file($_FILES['file']['tmp_name'])) {
             list($_video_width, $_video_height, $_video_length) = get_video_details($_FILES['file']['tmp_name'], $_FILES['file']['name']);
         } else {
             $url = post_param('url', '');
             if ($url == '') {
                 return array(NULL, NULL, NULL);
             }
             $download_test = NULL;
             $temp_path = '';
             if ($url != '') {
                 $temp_path = ocp_tempnam('ocpafm');
                 $write_to_file = fopen($temp_path, 'wb');
                 $download_test = http_download_file($url, 1024 * 50, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $write_to_file);
                 rewind($write_to_file);
                 fclose($write_to_file);
             }
             if (!is_null($download_test)) {
                 list($_video_width, $_video_height, $_video_length) = get_video_details($temp_path, is_null($GLOBALS['HTTP_FILENAME']) ? basename(urldecode($url)) : $GLOBALS['HTTP_FILENAME']);
             } else {
                 list($_video_width, $_video_height, $_video_length) = array(NULL, NULL, NULL);
             }
             if ($temp_path != '') {
                 @unlink($temp_path);
             }
         }
         if ($video_width == 0) {
             $video_width = is_null($_video_width) ? intval(get_option('default_video_width')) : $_video_width;
         }
         if ($video_height == 0) {
             $video_height = is_null($_video_height) ? intval(get_option('default_video_height')) : $_video_height;
         }
         if ($video_length == 0) {
             $video_length = is_null($_video_length) ? 0 : $_video_length;
         }
     }
     return array($video_width, $video_height, $video_length);
 }
Пример #10
0
/**
 * Backend function to do a backup (meant to be run as a shutdown function - essentially a background task).
 *
 * @param  ?string		The filename to backup to (NULL: get global)
 * @param  ?string		The type of backup to do (NULL: get global)
 * @set    full incremental
 * @param  ?integer		The maximum size of a file to include in the backup (NULL: get global)
 */
function make_backup_2($file = NULL, $b_type = NULL, $max_size = NULL)
{
    global $STARTED_BACKUP;
    if ($STARTED_BACKUP) {
        return;
    }
    $STARTED_BACKUP = true;
    if (is_null($file)) {
        global $MB2_FILE, $MB2_B_TYPE, $MB2_MAX_SIZE;
        $file = $MB2_FILE;
        $b_type = $MB2_B_TYPE;
        $max_size = $MB2_MAX_SIZE;
    }
    if (function_exists('set_time_limit')) {
        @set_time_limit(0);
    }
    $logfile_path = get_custom_file_base() . '/exports/backups/' . $file . '.txt';
    $logfile = @fopen($logfile_path, 'wt') or intelligent_write_error($logfile_path);
    // .txt file because IIS doesn't allow .log download
    @ini_set('log_errors', '1');
    @ini_set('error_log', $logfile_path);
    fwrite($logfile, 'This is a log file for an ocPortal backup. The backup is not complete unless this log terminates with a completion message.' . "\n\n");
    require_code('tar');
    $myfile = tar_open(get_custom_file_base() . '/exports/backups/' . filter_naughty($file), 'wb');
    // Write readme.txt file
    tar_add_file($myfile, 'readme.txt', do_lang('BACKUP_README', get_timezoned_date(time())), 0664, time());
    // Write restore.php file
    $template = get_custom_file_base() . '/data_custom/modules/admin_backup/restore.php.pre';
    if (!file_exists($template)) {
        $template = get_file_base() . '/data/modules/admin_backup/restore.php.pre';
    }
    $_install_php_file = file_get_contents($template);
    $place = strpos($_install_php_file, '{!!DB!!}');
    $__install_php_file = ocp_tempnam('ocpbak');
    $install_php_file = fopen($__install_php_file, 'wb');
    fwrite($install_php_file, substr($_install_php_file, 0, $place));
    get_table_backup($logfile, 'db_meta', 'db_meta_indices', $install_php_file);
    if (fwrite($install_php_file, substr($_install_php_file, $place + 8)) == 0) {
        warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE'));
    }
    fclose($install_php_file);
    tar_add_file($myfile, 'restore.php', $__install_php_file, 0664, time(), true);
    @unlink($__install_php_file);
    if ($b_type == 'full') {
        set_value('last_backup', strval(time()));
        $original_files = get_param_integer('keep_backup_alien', 0) == 1 ? unserialize(file_get_contents(get_file_base() . '/data/files.dat')) : NULL;
        $root_only_dirs = array_merge(find_all_zones(false, false, true), array('data', 'data_custom', 'exports', 'imports', 'lang', 'lang_custom', 'lang_cached', 'pages', 'persistant_cache', 'safe_mode_temp', 'sources', 'sources_custom', 'text', 'text_custom', 'themes', 'uploads', 'site'));
        tar_add_folder($myfile, $logfile, get_file_base(), $max_size, '', $original_files, $root_only_dirs, !running_script('cron_bridge'), true);
    } elseif ($b_type == 'incremental') {
        $threshold = intval(get_value('last_backup'));
        set_value('last_backup', strval(time()));
        $directory = tar_add_folder_incremental($myfile, $logfile, get_file_base(), $threshold, $max_size);
        $_directory = '';
        foreach ($directory as $d) {
            $a = '';
            foreach ($d as $k => $v) {
                if ($a != '') {
                    $a .= ", ";
                }
                $a .= $k . '=' . $v;
            }
            $_directory .= $a . "\n";
        }
        tar_add_file($myfile, 'DIRECTORY', $_directory, 0664, time());
    } else {
        set_value('last_backup', strval(time()));
    }
    tar_close($myfile);
    if (!file_exists(get_custom_file_base() . '/exports/backups/' . filter_naughty($file))) {
        warn_exit(do_lang_tempcode('INTERNAL_ERROR'));
    }
    rename(get_custom_file_base() . '/exports/backups/' . filter_naughty($file), get_custom_file_base() . '/exports/backups/' . filter_naughty($file) . '.tar');
    sync_file('exports/backups/' . filter_naughty($file) . '.tar');
    fix_permissions('exports/backups/' . filter_naughty($file) . '.tar');
    $url = get_base_url() . '/exports/backups/' . $file . '.tar';
    if (function_exists('gzopen')) {
        if (fwrite($logfile, "\n" . do_lang('COMPRESSING') . "\n") == 0) {
            warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE'));
        }
        $myfile = gzopen(get_custom_file_base() . '/exports/backups/' . $file . '.tar.gz.tmp', 'wb') or intelligent_write_error(get_custom_file_base() . '/exports/backups/' . $file . '.tar.gz.tmp');
        $tar_path = get_custom_file_base() . '/exports/backups/' . filter_naughty($file) . '.tar';
        $fp_in = fopen($tar_path, 'rb');
        while (!feof($fp_in)) {
            $read = fread($fp_in, 8192);
            gzwrite($myfile, $read, strlen($read));
        }
        fclose($fp_in);
        gzclose($myfile);
        rename(get_custom_file_base() . '/exports/backups/' . $file . '.tar.gz.tmp', get_custom_file_base() . '/exports/backups/' . $file . '.tar.gz');
        fix_permissions(get_custom_file_base() . '/exports/backups/' . $file . '.tar.gz');
        sync_file('exports/backups/' . filter_naughty($file) . '.tar.gz');
        $url = get_base_url() . '/exports/backups/' . $file . '.tar.gz';
    }
    if (fwrite($logfile, "\n" . do_lang('SUCCESS') . "\n") == 0) {
        warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE'));
    }
    fclose($logfile);
    sync_file($logfile_path);
    fix_permissions($logfile_path);
    sync_file($logfile_path);
    // Remote backup
    $copy_server = get_option('backup_server_hostname');
    if ($copy_server != '') {
        $path_stub = get_custom_file_base() . '/exports/backups/';
        if (file_exists($path_stub . $file . '.tar.gz')) {
            $_file = $file . '.tar.gz';
        } elseif (file_exists($path_stub . $file . '.tar')) {
            $_file = $file . '.tar';
        } else {
            $file = NULL;
        }
        if (!is_null($file)) {
            $copy_port = get_option('backup_server_port');
            if ($copy_port == '') {
                $copy_port = '21';
            }
            $copy_user = get_option('backup_server_user');
            if ($copy_user == '') {
                $copy_user = '******';
            }
            $copy_password = get_option('backup_server_password');
            if (is_null($copy_password)) {
                $copy_password = get_option('staff_address');
            }
            $copy_path = get_option('backup_server_path');
            if ($copy_path == '') {
                $copy_path = $_file;
            } elseif (substr($copy_path, -1) == '/' || $copy_path == '') {
                $copy_path .= $_file;
            }
            $ftp_connection = @ftp_connect($copy_server, intval($copy_port));
            if ($ftp_connection !== false) {
                if (@ftp_login($ftp_connection, $copy_user, $copy_password)) {
                    @ftp_delete($ftp_connection, $path_stub . $_file);
                    @ftp_put($ftp_connection, $copy_path, $path_stub, FTP_BINARY);
                }
                @ftp_close($ftp_connection);
            }
        }
    }
    require_code('notifications');
    dispatch_notification('backup_finished', NULL, do_lang('BACKUP', NULL, NULL, NULL, get_site_default_lang()), do_lang('BACKUP_FINISHED', comcode_escape($url), get_site_default_lang()), NULL, A_FROM_SYSTEM_PRIVILEGED);
}
Пример #11
0
/**
 * Initialise the writing to a Sitemaps XML file. You can only call one of these functions per time as it uses global variables for tracking.
 *
 * @param  PATH  		Where we will save to.
 */
function sitemaps_xml_initialise($file_path)
{
    global $SITEMAPS_OUT_FILE, $SITEMAPS_OUT_PATH, $SITEMAPS_OUT_TEMPPATH, $LOADED_MONIKERS;
    $SITEMAPS_OUT_TEMPPATH = ocp_tempnam('ocpsmap');
    // We write to temporary path first to minimise the time our target file is invalid (during generation)
    $SITEMAPS_OUT_FILE = fopen($SITEMAPS_OUT_TEMPPATH, 'wb');
    $SITEMAPS_OUT_PATH = $file_path;
    // Load ALL URL ID monikers (for efficiency)
    if ($GLOBALS['SITE_DB']->query_value('url_id_monikers', 'COUNT(*)', array('m_deprecated' => 0)) < 10000) {
        $query = 'SELECT m_moniker,m_resource_page,m_resource_type,m_resource_id FROM ' . get_table_prefix() . 'url_id_monikers WHERE m_deprecated=0';
        $results = $GLOBALS['SITE_DB']->query_select('url_id_monikers', array('m_moniker', 'm_resource_page', 'm_resource_type', 'm_resource_id'), array('m_deprecated' => 0));
        foreach ($results as $result) {
            $LOADED_MONIKERS[$result['m_resource_page']][$result['m_resource_type']][$result['m_resource_id']] = $result['m_moniker'];
        }
    }
    // Load ALL guest permissions (for effiency)
    $guest_id = $GLOBALS['FORUM_DRIVER']->get_guest_id();
    load_up_all_self_page_permissions($guest_id);
    load_up_all_module_category_permissions($guest_id);
    // Start of file
    $blob = '<' . '?xml version="1.0" encoding="' . get_charset() . '"?' . '>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
	';
    fwrite($SITEMAPS_OUT_FILE, $blob);
}
Пример #12
0
/**
 * Get URLs generated according to the specified information. It can also generate a thumbnail if required. It first tries attached upload, then URL, then fails.
 *
 * @param  ID_TEXT		The name of the POST parameter storing the URL (if '', then no POST parameter). Parameter value may be blank.
 * @param  ID_TEXT		The name of the HTTP file parameter storing the upload (if '', then no HTTP file parameter). No file necessarily is uploaded under this.
 * @param  ID_TEXT		The folder name in uploads/ where we will put this upload
 * @param  integer		Whether to obfuscate file names so the URLs can not be guessed/derived (0=do not, 1=do, 2=make extension .dat as well, 3=only obfuscate if we need to)
 * @set    0 1 2 3
 * @param  integer		The type of upload it is (from an OCP_UPLOAD_* constant)
 * @param  boolean		Make a thumbnail (this only makes sense, if it is an image)
 * @param  ID_TEXT		The name of the POST parameter storing the thumb URL. As before
 * @param  ID_TEXT		The name of the HTTP file parameter storing the thumb upload. As before
 * @param  boolean		Whether to copy a URL (if a URL) to the server, and return a local reference
 * @param  boolean		Whether to accept upload errors
 * @param  boolean		Whether to give a (deferred?) error if no file was given at all
 * @return array			An array of 4 URL bits (URL, thumb URL, URL original filename, thumb original filename)
 */
function get_url($specify_name, $attach_name, $upload_folder, $obfuscate = 0, $enforce_type = 0, $make_thumbnail = false, $thumb_specify_name = '', $thumb_attach_name = '', $copy_to_server = false, $accept_errors = false, $should_get_something = false)
{
    require_code('files2');
    $upload_folder = filter_naughty($upload_folder);
    $out = array();
    $thumb = NULL;
    $swf_uploaded = false;
    $swf_uploaded_thumb = false;
    foreach (array($attach_name, $thumb_attach_name) as $i => $_attach_name) {
        if ($_attach_name == '') {
            continue;
        }
        //check whatever it is an incoming upload
        $row_id_file = 'hidFileID_' . $_attach_name;
        $row_id_file_value = post_param($row_id_file, NULL);
        if ($row_id_file_value == '-1') {
            $row_id_file_value = NULL;
        }
        //id of the upload from the incoming uploads database table
        if (!is_null($row_id_file_value)) {
            //get the incoming uploads appropiate db table row
            if (substr($row_id_file_value, -4) == '.dat' && strpos($row_id_file_value, ':') === false) {
                $path = 'uploads/incoming/' . filter_naughty($row_id_file_value);
                if (file_exists(get_custom_file_base() . '/' . $path)) {
                    $_FILES[$_attach_name] = array('type' => 'swfupload', 'name' => post_param(str_replace('hidFileID', 'hidFileName', $row_id_file)), 'tmp_name' => get_custom_file_base() . '/' . $path, 'size' => filesize(get_custom_file_base() . '/' . $path));
                    if ($i == 0) {
                        $swf_uploaded = true;
                    } else {
                        $swf_uploaded_thumb = true;
                    }
                }
            } else {
                $incoming_uploads_id = intval(preg_replace('#:.*$#', '', $row_id_file_value));
                $incoming_uploads_row = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . get_table_prefix() . 'incoming_uploads WHERE (i_submitter=' . strval(get_member()) . ' OR i_submitter=' . strval($GLOBALS['FORUM_DRIVER']->get_guest_id()) . ') AND id=' . strval($incoming_uploads_id), 1);
                //if there is a db record proceed
                if (array_key_exists(0, $incoming_uploads_row)) {
                    if (file_exists(get_custom_file_base() . '/' . $incoming_uploads_row[0]['i_save_url'])) {
                        $_FILES[$_attach_name] = array('type' => 'swfupload', 'name' => $incoming_uploads_row[0]['i_orig_filename'], 'tmp_name' => get_custom_file_base() . '/' . $incoming_uploads_row[0]['i_save_url'], 'size' => filesize(get_custom_file_base() . '/' . $incoming_uploads_row[0]['i_save_url']));
                        if ($i == 0) {
                            $swf_uploaded = true;
                        } else {
                            $swf_uploaded_thumb = true;
                        }
                    }
                }
            }
        }
    }
    if ($obfuscate == 3) {
        $accept_errors = true;
    }
    $thumb_folder = strpos($upload_folder, 'uploads/galleries') !== false ? str_replace('uploads/galleries', 'uploads/galleries_thumbs', $upload_folder) : $upload_folder . '_thumbs';
    if (!file_exists(get_custom_file_base() . '/' . $upload_folder)) {
        $success = @mkdir(get_custom_file_base() . '/' . $upload_folder, 0777);
        if ($success === false) {
            warn_exit(@strval($php_errormsg));
        }
        fix_permissions(get_custom_file_base() . '/' . $upload_folder, 0777);
        sync_file($upload_folder);
    }
    if (!file_exists(get_custom_file_base() . '/' . $thumb_folder) && $make_thumbnail) {
        $success = @mkdir(get_custom_file_base() . '/' . $thumb_folder, 0777);
        if ($success === false) {
            warn_exit(@strval($php_errormsg));
        }
        fix_permissions(get_custom_file_base() . '/' . $thumb_folder, 0777);
        sync_file($thumb_folder);
    }
    // Find URL
    require_code('images');
    if ($enforce_type == OCP_UPLOAD_IMAGE || $enforce_type == OCP_UPLOAD_IMAGE_OR_SWF) {
        $max_size = get_max_image_size();
    } else {
        require_code('files2');
        $max_size = get_max_file_size();
    }
    if ($attach_name != '' && array_key_exists($attach_name, $_FILES) && (is_uploaded_file($_FILES[$attach_name]['tmp_name']) || $swf_uploaded)) {
        if (!has_specific_permission(get_member(), 'exceed_filesize_limit')) {
            if ($_FILES[$attach_name]['size'] > $max_size) {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)));
                }
            }
        }
        $url = _get_upload_url($attach_name, $upload_folder, $enforce_type, $obfuscate, $accept_errors);
        if ($url == array('', '')) {
            return array('', '', '', '');
        }
        $is_image = is_image($_FILES[$attach_name]['name']);
    } elseif (post_param($specify_name, '') != '') {
        $is_image = is_image($_POST[$specify_name], true);
        $url = _get_specify_url($specify_name, $upload_folder, $enforce_type, $accept_errors);
        if ($url == array('', '')) {
            return array('', '', '', '');
        }
        if ($copy_to_server && !url_is_local($url[0])) {
            $path2 = ocp_tempnam('ocpfc');
            $tmpfile = fopen($path2, 'wb');
            $file = http_download_file($url[0], $max_size, true, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $tmpfile);
            fclose($tmpfile);
            if (is_null($file)) {
                @unlink($path2);
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('CANNOT_COPY_TO_SERVER'), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('CANNOT_COPY_TO_SERVER'));
                }
            }
            global $HTTP_FILENAME;
            if (is_null($HTTP_FILENAME)) {
                $HTTP_FILENAME = $url[1];
            }
            if (!check_extension($HTTP_FILENAME, $obfuscate == 2, $path2, $accept_errors)) {
                if ($obfuscate == 3) {
                    $obfuscate = 2;
                    if (!check_extension($HTTP_FILENAME, $obfuscate == 2, $path2, $accept_errors)) {
                        return array('', '', '', '');
                    }
                } else {
                    return array('', '', '', '');
                }
            }
            if (url_is_local($url[0])) {
                unlink($path2);
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('CANNOT_COPY_TO_SERVER'), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('CANNOT_COPY_TO_SERVER'));
                }
            }
            if ($obfuscate != 0 && $obfuscate != 3) {
                $ext = $obfuscate == 2 && !is_image($HTTP_FILENAME) ? 'dat' : get_file_extension($HTTP_FILENAME);
                $_file = preg_replace('#\\..*\\.#', '.', $HTTP_FILENAME) . (substr($HTTP_FILENAME, -strlen($ext) - 1) == '.' . $ext ? '' : '.' . $ext);
                $place = get_custom_file_base() . '/' . $upload_folder . '/' . $_file;
                while (file_exists($place)) {
                    $_file = uniqid('', true) . '.' . $ext;
                    $place = get_custom_file_base() . '/' . $upload_folder . '/' . $_file;
                }
            } else {
                $_file = $HTTP_FILENAME;
                $place = get_custom_file_base() . '/' . $upload_folder . '/' . $_file;
            }
            if (!has_specific_permission(get_member(), 'exceed_filesize_limit')) {
                $max_size = intval(get_option('max_download_size')) * 1024;
                if (strlen($file) > $max_size) {
                    if ($accept_errors) {
                        attach_message(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)), 'warn');
                        return array('', '', '', '');
                    } else {
                        warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)));
                    }
                }
            }
            $result = @rename($path2, $place);
            if (!$result) {
                unlink($path2);
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('WRITE_ERROR', escape_html($upload_folder)), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('WRITE_ERROR', escape_html($upload_folder)));
                }
            }
            fix_permissions($place);
            sync_file($place);
            $url[0] = $upload_folder . '/' . $_file;
            if (strpos($HTTP_FILENAME, '/') === false) {
                $url[1] = $HTTP_FILENAME;
            }
        }
    } else {
        if (array_key_exists($attach_name, $_FILES) && array_key_exists('error', $_FILES[$attach_name]) && ($_FILES[$attach_name]['error'] != 4 || $should_get_something) && $_FILES[$attach_name]['error'] != 0) {
            if ($_FILES[$attach_name]['error'] == 1) {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format($max_size)));
                }
            } elseif ($_FILES[$attach_name]['error'] == 2) {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('FILE_TOO_BIG_QUOTA', integer_format($max_size)), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('FILE_TOO_BIG_QUOTA', integer_format($max_size)));
                }
            } elseif ($_FILES[$attach_name]['error'] == 3 || $_FILES[$attach_name]['error'] == 4 || $_FILES[$attach_name]['error'] == 6 || $_FILES[$attach_name]['error'] == 7) {
                attach_message(do_lang_tempcode('ERROR_UPLOADING_' . strval($_FILES[$attach_name]['error'])), 'warn');
                return array('', '', '', '');
            } else {
                warn_exit(do_lang_tempcode('ERROR_UPLOADING_' . strval($_FILES[$attach_name]['error'])));
            }
        }
        $url[0] = '';
        $url[1] = '';
        $is_image = false;
    }
    $out[0] = $url[0];
    $out[2] = $url[1];
    // Generate thumbnail if needed
    if ($make_thumbnail && $url[0] != '' && $is_image) {
        if (array_key_exists($thumb_attach_name, $_FILES) && (is_uploaded_file($_FILES[$thumb_attach_name]['tmp_name']) || $swf_uploaded_thumb)) {
            if ($_FILES[$thumb_attach_name]['size'] > get_max_image_size()) {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('FILE_TOO_BIG', integer_format(get_max_image_size())), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format(get_max_image_size())));
                }
            }
            $_thumb = _get_upload_url($thumb_attach_name, $thumb_folder, OCP_UPLOAD_IMAGE, 0, $accept_errors);
            $thumb = $_thumb[0];
        } elseif (array_key_exists($thumb_specify_name, $_POST)) {
            $_thumb = _get_specify_url($thumb_specify_name, $thumb_folder, OCP_UPLOAD_IMAGE, $accept_errors);
            $thumb = $_thumb[0];
        } else {
            $gd = get_option('is_on_gd') == '1' && function_exists('imagetypes');
            if ($gd) {
                if (!is_saveable_image($url[0])) {
                    $ext = '.png';
                } else {
                    $ext = '';
                }
                $file = preg_replace('#[^\\w\\.]#', 'x', basename($url[0]));
                $_file = $file;
                $place = get_custom_file_base() . '/' . $thumb_folder . '/' . $_file . $ext;
                $i = 2;
                while (file_exists($place)) {
                    $_file = strval($i) . $file;
                    $place = get_custom_file_base() . '/' . $thumb_folder . '/' . $_file . $ext;
                    $i++;
                }
                $url_full = url_is_local($url[0]) ? get_custom_base_url() . '/' . $url[0] : $url[0];
                convert_image($url_full, $place, -1, -1, intval(get_option('thumb_width')));
                $thumb = $thumb_folder . '/' . rawurlencode($_file) . $ext;
            } else {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('GD_THUMB_ERROR'), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('GD_THUMB_ERROR'));
                }
            }
        }
        $out[1] = $thumb;
    } elseif ($make_thumbnail) {
        if (array_key_exists($thumb_attach_name, $_FILES) && (is_uploaded_file($_FILES[$thumb_attach_name]['tmp_name']) || $swf_uploaded_thumb)) {
            if ($_FILES[$thumb_attach_name]['size'] > get_max_image_size()) {
                if ($accept_errors) {
                    attach_message(do_lang_tempcode('FILE_TOO_BIG', integer_format(get_max_image_size())), 'warn');
                    return array('', '', '', '');
                } else {
                    warn_exit(do_lang_tempcode('FILE_TOO_BIG', integer_format(get_max_image_size())));
                }
            }
            $_thumb = _get_upload_url($thumb_attach_name, $thumb_folder, OCP_UPLOAD_IMAGE, 0, $accept_errors);
            $thumb = $_thumb[0];
        } elseif (array_key_exists($thumb_specify_name, $_POST)) {
            $_thumb = _get_specify_url($thumb_specify_name, $thumb_folder, OCP_UPLOAD_IMAGE, $accept_errors);
            $thumb = $_thumb[0];
        }
        if (!is_null($thumb)) {
            $out[1] = $thumb;
        } else {
            $out[1] = '';
        }
    }
    // For reentrance of previews
    if ($specify_name != '') {
        $_POST[$specify_name] = array_key_exists(0, $out) ? $out[0] : '';
    }
    if ($thumb_specify_name != '') {
        $_POST[$thumb_specify_name] = array_key_exists(1, $out) ? $out[1] : '';
    }
    return $out;
}