function globalErrorHandler($errno, $errstr, $errfile, $errline)
{
switch ($errno) {
case E_NOTICE:
case E_USER_NOTICE:
$errors = "Notice";
break;
case E_WARNING:
case E_USER_WARNING:
$errors = "Warning";
break;
case E_ERROR:
case E_USER_ERROR:
$errors = "Fatal Error";
break;
default:
$errors = "Unknown Error";
break;
}
error_log(sprintf("PHP %s: %s in %s on line %d", $errors, $errstr, $errfile, $errline));
$msg = "ERROR: [{$errno}] {$errstr}\r\n" . "{$errors} on line {$errline} in file {$errfile}\r\n";
sendErrorEmail($msg);
showErrorPage();
exit(1);
}
/**
* get AliasFile-instance
*
* @param $inFile the path to stats-file
* @param $user the user
* @param $fluxCfg torrent-flux config-array
* @param $clientType client-type
* @return $aliasFileInstance AliasFile-instance
*/
function getAliasFileInstance($inFile, $user = "", $fluxCfg, $clientType = '')
{
// check if file is a sane file
if (strpos($inFile, "../") !== false || !preg_match('/^[a-zA-Z0-9._\\-\\/]+(stat)$/', $inFile)) {
AuditAction($fluxCfg["constants"]["error"], "Invalid AliasFile : " . $fluxCfg["user"] . " tried to access " . $inFile);
global $argv;
if (isset($argv)) {
die("Invalid AliasFile");
} else {
showErrorPage("Invalid AliasFile");
}
}
// damn dirty but does php (< 5) have reflection or something like
// class-by-name ?
if (isset($clientType) && $clientType != '') {
$clientClass = $clientType;
$fluxCfg["btclient"] = $clientType;
} else {
$clientClass = $fluxCfg["btclient"];
}
switch ($clientClass) {
case "tornado":
require_once 'AliasFile.tornado.php';
return new AliasFileTornado($inFile, $user, serialize($fluxCfg));
case "transmission":
require_once 'AliasFile.transmission.php';
return new AliasFileTransmission($inFile, $user, serialize($fluxCfg));
}
}
/**
* get AliasFile-instance
*
* @param $inFile the path to stats-file
* @param $user the user
* @param $fluxCfg torrent-flux config-array
* @param $clientType client-type
* @return $aliasFileInstance AliasFile-instance
*/
function getAliasFileInstance($inFile, $user = "", $fluxCfg, $clientType = '')
{
// check if file is a sane file
if (ereg("(\\.\\.\\/)", $inFile) || !preg_match('/^[a-zA-Z0-9._\\/]+(stat)$/', $inFile)) {
AuditAction($fluxCfg["constants"]["error"], "Invalid AliasFile : " . $fluxCfg["user"] . " tried to access " . $inFile);
global $argv;
if (isset($argv)) {
die("Invalid AliasFile : " . $inFile);
} else {
showErrorPage("Invalid AliasFile : <br>" . htmlentities($inFile, ENT_QUOTES));
}
}
// damn dirty but does php (< 5) have reflection or something like
// class-by-name ?
if (isset($clientType) && $clientType != '') {
$clientClass = $clientType;
$fluxCfg["btclient"] = $clientType;
} else {
$clientClass = $fluxCfg["btclient"];
}
$classFile = 'AliasFile.' . $clientClass . '.php';
if (is_file($classFile)) {
include_once $classFile;
switch ($clientClass) {
case "tornado":
return new AliasFileTornado($inFile, $user, serialize($fluxCfg));
break;
case "transmission":
return new AliasFileTransmission($inFile, $user, serialize($fluxCfg));
break;
}
}
}
/**
* get ado-connection
*
* @return ado-connection
*/
function getdb()
{
global $cfg;
// build DSN
switch ($cfg["db_type"]) {
case "mysql":
$dsn = 'mysql://' . $cfg["db_user"] . ':' . $cfg["db_pass"] . '@' . $cfg["db_host"] . '/' . $cfg["db_name"];
if ($cfg["db_pcon"]) {
$dsn .= '?persist';
}
break;
case "sqlite":
$dsn = 'sqlite://' . $cfg["db_host"];
if ($cfg["db_pcon"]) {
$dsn .= '/?persist';
}
break;
case "postgres":
$dsn = 'postgres://' . $cfg["db_user"] . ':' . $cfg["db_pass"] . '@' . $cfg["db_host"] . '/' . $cfg["db_name"];
if ($cfg["db_pcon"]) {
$dsn .= '?persist';
}
break;
default:
showErrorPage('No valid Database-Type specfied. <br>valid : mysql/sqlite/postgres<br>Check your database settings in the config.db.php file.');
}
// connect
$db = @ADONewConnection($dsn);
// check connection
if (!$db) {
showErrorPage('Could not connect to database :<br><em>' . $dsn . '</em><br>Check your database settings in the config.db.php file.');
}
// return db-connection
return $db;
}
/**
* initialize ADOdb-connection
*
* @return ADOdb-connection
*/
function initializeDatabase()
{
global $cfg, $db;
// create ado-object
$db = ADONewConnection($cfg["db_type"]);
// connect
if ($cfg["db_pcon"]) {
@$db->PConnect($cfg["db_host"], $cfg["db_user"], $cfg["db_pass"], $cfg["db_name"]);
} else {
@$db->Connect($cfg["db_host"], $cfg["db_user"], $cfg["db_pass"], $cfg["db_name"]);
}
// check for error
if ($db->ErrorNo() != 0) {
global $argv;
if (isset($argv)) {
die("Error.\nCould not connect to database.\nCheck your database settings in the config.db.php file.\n");
} else {
showErrorPage("Could not connect to database.<br>Check your database settings in the config.db.php file.");
}
}
}
AuditAction($cfg["constants"]["fm_download"], $down);
exit;
} else {
AuditAction($cfg["constants"]["error"], "File Not found for download: " . $cfg['user'] . " tried to download " . $down);
}
} else {
AuditAction($cfg["constants"]["error"], "ILLEGAL DOWNLOAD: " . $cfg['user'] . " tried to download " . $down);
}
header("Location: dir.php?dir=" . urlencode($current));
}
// Are we to download something?
if ($tar != "") {
// is enabled ?
if ($cfg["enable_file_download"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use download (" . $tar . ")");
showErrorPage("download is disabled.");
}
$current = "";
// Yes, then tar and download it
// we need to strip slashes twice in some circumstances
// Ex. If we are trying to download test/tester's file/test.txt
// $down will be "test/tester\\\'s file/test.txt"
// one strip will give us "test/tester\'s file/test.txt
// the second strip will give us the correct
// "test/tester's file/test.txt"
$tar = stripslashes(stripslashes($tar));
if (isValidPath($tar)) {
// This prevents the script from getting killed off when running lengthy tar jobs.
ini_set("max_execution_time", 3600);
$tar = $cfg["path"] . $tar;
$arTemp = explode("/", $tar);
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include "config.php";
include "functions.php";
// is enabled ?
if ($cfg["enable_sfvcheck"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use cksfv");
showErrorPage("cksfv is disabled.");
}
// load settings for bin-path
include_once "settingsfunctions.php";
loadSettings();
DisplayHead('sfv check', false);
echo "<body bgcolor=" . $cfg["main_bgcolor"] . " leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>";
$cmd = $cfg['bin_cksfv'] . ' -C ' . escapeshellarg($_GET['dir']) . ' -f ' . escapeshellarg($_GET['file']);
$handle = popen($cmd . ' 2>&1', 'r');
while (!feof($handle)) {
$buff = fgets($handle, 30);
echo nl2br($buff);
ob_flush();
flush();
}
pclose($handle);
/**
* Show error message (page)
*
* @param mixed $code Error code
* @param string $message Error message
* @param string $page Error page or message template
*
* @return void
*/
protected static function showErrorPage($code, $message, $page = null, $prefix = 'ERROR_', $http_code = 500)
{
showErrorPage($code, $message, $page ?: (LC_IS_CLI_MODE ? LC_ERROR_PAGE_MESSAGE : static::getErrorPage(static::getErrorPageType($code))), $prefix, $http_code);
}
/*************************************************************
* TorrentFlux xfer Statistics hack
* blackwidow - matt@mattjanssen.net
**************************************************************/
/*
TorrentFlux xfer Statistics hack is free code; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
*/
include_once 'config.php';
include_once 'functions.php';
// is enabled ?
if ($cfg["enable_xfer"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use xfer");
showErrorPage("xfer is disabled.");
}
DisplayHead(_XFER);
$cfg['xfer_realtime'] = 1;
getDirList($cfg['torrent_file_path']);
echo '<table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>';
if ($cfg['xfer_day']) {
echo displayXferBar($cfg['xfer_day'], $xfer_total['day']['total'], _XFERTHRU . ' Today:');
}
if ($cfg['xfer_week']) {
echo displayXferBar($cfg['xfer_week'], $xfer_total['week']['total'], _XFERTHRU . ' ' . $cfg['week_start'] . ':');
}
$monthStart = strtotime(date('Y-m-') . $cfg['month_start']);
$monthText = date('j') < $cfg['month_start'] ? date('M�j', strtotime('-1 Day', $monthStart)) : date('M�j', strtotime('+1 Month -1 Day', $monthStart));
if ($cfg['xfer_month']) {
echo displayXferBar($cfg['xfer_month'], $xfer_total['month']['total'], _XFERTHRU . ' ' . $monthText . ':');
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include "config.php";
include "functions.php";
// is enabled ?
if ($cfg["enable_rename"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use rename");
showErrorPage("rename is disabled.");
}
DisplayHead(_REN_TITLE, false);
if (isset($_GET['start']) && $_GET['start'] == true) {
?>
<form method="POST" action="renameFolder.php" name="move_form">
<p><?php
echo _REN_FILE;
?>
<input disabled="true" type="text" name="fileFromDis" size="91" value="<?php
echo $_GET['file'];
?>
"></p>
<p><?php
echo _REN_STRING;
?>
<?php
/*
* Template Name: Building-PDF
*/
$url = plugins_url();
$path = parse_url($url);
require ABSPATH . $path['path'] . '/idp-plugin/lib/idp-functions-pdf.php';
$building_id = intval(htmlspecialchars(get_query_var('buildingid', 1)));
$success = generateSinglePDF($building_id);
if (!$success) {
showErrorPage($building_id);
}
function showErrorPage()
{
get_header();
?>
<div class="row">
<div class="col-lg-12">
<div class="page-header">
<h1><?php
echo __('Create building', 'idp-theme');
?>
<small><?php
echo __('Step 3: Images', 'idp-theme');
?>
</small>
</h1>
</div>
</div>
* refer to http://www.x-cart.com/ for more information.
*
* @category X-Cart 5
* @author Qualiteam software Ltd <*****@*****.**>
* @copyright Copyright (c) 2011-2015 Qualiteam software Ltd <*****@*****.**>. All rights reserved
* @license http://www.x-cart.com/license-agreement.html X-Cart 5 License Agreement
* @link http://www.x-cart.com/
*/
define('LC_ERR_TAG_MSG', '@MSG@');
define('LC_ERR_TAG_ERROR', '@ERROR@');
define('LC_ERR_TAG_CODE', '@CODE@');
define('LC_ERROR_PAGE_MESSAGE', 'ERROR: "' . LC_ERR_TAG_ERROR . '" (' . LC_ERR_TAG_CODE . ') - ' . LC_ERR_TAG_MSG . LC_EOL);
/**
* Display error message
*
* @param string $code Error code
* @param string $message Error message
* @param string $page Template of message to display
*
* @return void
*/
function showErrorPage($code, $message, $page = LC_ERROR_PAGE_MESSAGE, $prefix = 'ERROR_')
{
header('Content-Type: text/html; charset=utf-8');
echo str_replace(array(LC_ERR_TAG_MSG, LC_ERR_TAG_ERROR, LC_ERR_TAG_CODE), array($message, str_replace($prefix, '', $code), defined($code) ? constant($code) : 'N/A'), $page);
exit(intval($code) ? $code : 1);
}
// Check PHP version before any other operations
if (!defined('LC_DO_NOT_CHECK_PHP_VERSION') && version_compare(PHP_VERSION, '5.3.0', '<')) {
showErrorPage('ERROR_UNSUPPORTED_PHP_VERSION', 'Min allowed PHP version is 5.3.0');
}
if (isset($_POST['formTerms'])) {
$options_array['formTerms'] = $_POST['formTerms'];
}
if (isset($_POST['formDefaultCategory'])) {
$options_array['formDefaultCategory'] = $_POST['formDefaultCategory'];
}
if (isset($_POST['formPermalinkStructure'])) {
$options_array['formPermalinkStructure'] = $_POST['formPermalinkStructure'];
}
$errors = migrate($wp_settings_array, $d_settings_array, $options_array);
include "display_step03.migrate.inc.php";
displayResultsPage($wp_settings_array, $d_settings_array, $errors);
break;
case 4:
default:
/*
print "<pre style='font-size:small'>";
print_r($_POST);
print '</pre>';
print '<hr />';
print "<pre style='font-size:small'>";
print_r($options_array);
print '</pre>';
print '<hr />';
*/
showErrorPage($errors);
break;
}
?>
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
define('_DEFAULT_TARGET', 'traffic');
include_once "config.php";
include_once "functions.php";
// is enabled ?
if ($cfg["enable_mrtg"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use mrtg");
showErrorPage("mrtg is disabled.");
}
// request-vars
$mrtgTarget = getRequestVar('mrtg_target');
if ($mrtgTarget == '') {
$mrtgTarget = _DEFAULT_TARGET;
}
// content-var
$htmlGraph = "";
// get list of available targets
$mrtgTargets = null;
$htmlTargets = "";
$htmlTargetsCount = 0;
if ($dirHandle = @opendir('./mrtg')) {
$htmlTargets .= '<table width="740" border="0" cellpadding="0" cellspacing="0"><tr><td align="center">';
$htmlTargets .= '<form name="targetSelector" action="' . $_SERVER['SCRIPT_NAME'] . '" method="post">';
$clientHandler = ClientHandler::getClientHandlerInstance($cfg, $btclient);
$clientHandler->startTorrentClient($torrent, 0);
// just 2 sec..
sleep(2);
}
}
}
break;
/* ---------------------------------------------------- selected torrents */
/* ---------------------------------------------------- selected torrents */
default:
foreach ($_POST['torrent'] as $key => $element) {
// is valid transfer ?
if (isValidTransfer(urldecode($element)) !== true) {
AuditAction($cfg["constants"]["error"], "Invalid Transfer for " . $action . " : " . $cfg["user"] . " tried to " . $action . " " . $element);
showErrorPage("Invalid Transfer for " . htmlentities($action, ENT_QUOTES) . " : <br>" . htmlentities($element, ENT_QUOTES));
}
// process
$alias = getAliasName($element) . ".stat";
$settingsAry = loadTorrentSettings(urldecode($element));
$torrentRunningFlag = isTorrentRunning(urldecode($element));
$btclient = $settingsAry["btclient"];
switch ($action) {
case "torrentStart":
/* torrentStart */
if ($torrentRunningFlag == 0) {
if ($cfg["enable_file_priority"]) {
include_once "setpriority.php";
// Process setPriority Request.
setPriority(urldecode($element));
}
/**
* stops a bittorrent-client
*
* @param $torrent name of the torrent
* @param $aliasFile alias-file of the torrent
* @param $torrentPid
* @param $return return-param
*/
function doStopTorrentClient($torrent, $aliasFile, $torrentPid = "", $return = "")
{
// set some vars
$this->torrent = $torrent;
$this->alias = $aliasFile;
// set pidfile
if ($this->pidFile == "") {
// pid-file not set in subclass. use a default
$this->pidFile = $this->cfg["torrent_file_path"] . $this->alias . ".pid";
}
// We are going to write a '0' on the front of the stat file so that
// the BT client will no to stop -- this will report stats when it dies
$this->owner = getOwner($this->torrent);
include_once "AliasFile.php";
// read the alias file + create AliasFile object
$this->af = AliasFile::getAliasFileInstance($this->cfg["torrent_file_path"] . $this->alias, $this->owner, $this->cfg, $this->handlerName);
if ($this->af->percent_done < 100) {
// The torrent is being stopped but is not completed dowloading
$this->af->percent_done = ($this->af->percent_done + 100) * -1;
$this->af->running = "0";
$this->af->time_left = "Torrent Stopped";
} else {
// Torrent was seeding and is now being stopped
$this->af->percent_done = 100;
$this->af->running = "0";
$this->af->time_left = "Download Succeeded!";
}
include_once "RunningTorrent.php";
// see if the torrent process is hung.
if (!is_file($this->pidFile)) {
$runningTorrents = getRunningTorrents();
foreach ($runningTorrents as $key => $value) {
$rt = RunningTorrent::getRunningTorrentInstance($value, $this->cfg, $this->handlerName);
if ($rt->statFile == $this->alias) {
AuditAction($this->cfg["constants"]["error"], "Posible Hung Process " . $rt->processId);
// $callResult = exec("kill ".$rt->processId);
}
}
}
// Write out the new Stat File
$this->af->WriteFile();
// flag the torrent as stopped (in db)
// blame me for this dirty shit, i am lazy. of course this should be
// hooked into the place where client really dies.
stopTorrentSettings($this->torrent);
//
if (!empty($return)) {
AuditAction($this->cfg["constants"]["kill_torrent"], $this->torrent);
sleep(3);
// set pid
if (isset($torrentPid) && $torrentPid != "") {
// test for valid pid-var
if (is_numeric($torrentPid)) {
$this->pid = $torrentPid;
} else {
AuditAction($this->cfg["constants"]["error"], "Invalid kill-param : " . $this->cfg["user"] . " tried to kill " . $torrentPid);
global $argv;
if (isset($argv)) {
die("Invalid kill-param : " . $torrentPid);
} else {
showErrorPage("Invalid kill-param : <br>" . htmlentities($torrentPid, ENT_QUOTES));
}
}
} else {
$data = "";
if ($fileHandle = @fopen($this->pidFile, 'r')) {
while (!@feof($fileHandle)) {
$data .= @fgets($fileHandle, 64);
}
@fclose($fileHandle);
}
$this->pid = trim($data);
}
// kill it
$this->callResult = exec("kill " . escapeshellarg($this->pid));
// try to remove the pid file
@unlink($this->pidFile);
}
}
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include_once "config.php";
include_once "functions.php";
// is enabled ?
if ($cfg["enable_multiupload"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use multiupload");
showErrorPage("multiupload is disabled.");
}
if (!empty($_FILES['upload_files'])) {
//echo '<pre>'; var_dump($_FILES); echo '</pre>';
// instant action ?
$actionId = getRequestVar('aid');
$tStack = array();
foreach ($_FILES['upload_files']['size'] as $id => $size) {
if ($size == 0) {
//no or empty file, skip it
continue;
}
$file_name = stripslashes($_FILES['upload_files']['name'][$id]);
$file_name = str_replace(array("'", ","), "", $file_name);
$file_name = cleanFileName($file_name);
$ext_msg = "";
/**
* Show error message (page)
*
* @param mixed $code Error code
* @param string $message Error message
* @param string $page Error page or message template
*
* @return void
*/
protected static function showErrorPage($code, $message, $page = null)
{
showErrorPage($code, $message, $page ?: (LC_IS_CLI_MODE ? LC_ERROR_PAGE_MESSAGE : static::getErrorPage(static::getErrorPageType($code))));
}
header("Content-type: application/octet-stream\n");
}
header("Content-disposition: attachment; filename=\"" . $headerName . "\"\n");
header("Content-transfer-encoding: binary\n");
header("Content-length: " . @filesize($tpath . $tfile) . "\n");
// Send the file
$fp = @fopen($tpath . $tfile, "r");
@fpassthru($fp);
@fclose($fp);
AuditAction($cfg["constants"]["fm_download"], $tfile);
} else {
AuditAction($cfg["constants"]["error"], "File Not found for download: " . $cfg['user'] . " tried to download " . $tfile);
}
} else {
AuditAction($cfg["constants"]["error"], "ILLEGAL DOWNLOAD: " . $cfg['user'] . " tried to download " . htmlentities($tfile, ENT_QUOTES));
@showErrorPage("ILLEGAL DOWNLOAD : <br>" . htmlentities($tfile, ENT_QUOTES));
}
exit;
}
// Strip the folders from the path
function StripFolders($path)
{
$pos = strrpos($path, "/");
if ($pos === false) {
$pos = 0;
} else {
$pos = $pos + 1;
}
$path = substr($path, $pos);
return $path;
}
<?php
require_once 'header.php';
require_once 'functions.php';
if (isset($_GET['id'])) {
$id = sanitizeString($_GET['id']);
$query = "SELECT * FROM blogposts WHERE id='{$id}'";
$result = queryMysql($query);
if (!$result) {
showErrorPage();
}
} else {
showErrorPage();
}
// Show page with article
$result->data_seek(0);
$row = $result->fetch_array();
$year = substr($row[2], 0, 4);
$month = substr($row[2], 5, 2);
$day = substr($row[2], 8, 2);
$date = "{$month}/{$day}/{$year}";
echo <<<_END
<div id="body">
<div class="container_12">
<div class="introduction grid_10">
<div class="articles">
<div class="article">
<h1 class="article-title">{$row['1']}</h1>
<p class="article-date">
{$date}
</p>
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include "config.php";
include "functions.php";
// is enabled ?
if ($cfg["enable_rar"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use rar");
showErrorPage("rar is disabled.");
}
DisplayHead('Uncompressing File', false);
echo "<body bgcolor=" . $cfg["main_bgcolor"] . " leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>";
if (isset($_GET['file']) && $_GET['file'] != "") {
echo '<form method="POST" name="pass_form">';
echo '<p>Please enter password for the file: <input type="text" name="passwd" size="60"></p>';
echo '<p><input type="submit" value=" OK " name="OK"></p>';
echo '<input type="hidden" name="file" value="' . str_replace('%2F', '/', urlencode($cfg['path'] . $_GET['file'])) . '">';
echo '<input type="hidden" name="dir" value="' . str_replace('%2F', '/', urlencode($cfg['path'] . $_GET['dir'])) . '">';
echo '<input type="hidden" name="type" value="' . $_GET['type'] . '">';
echo '<input type="hidden" name="exec" value="true">';
echo '</form>';
}
if (isset($_POST['exec']) && $_POST['exec'] == true) {
$passwd = $_POST['passwd'];
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
// includes
include_once "config.php";
include_once "functions.php";
// is enabled ?
if ($cfg["enable_dereferrer"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use dereferrer");
showErrorPage("dereferrer is disabled.");
}
if (isset($_REQUEST["u"])) {
DisplayHead("dereferrer", false, '0;URL=' . $_REQUEST["u"]);
?>
<br>
<div align="left" id="BodyLayer" name="BodyLayer" style="border: thin solid <?php
echo $cfg["main_bgcolor"];
?>
; position:relative; width:740; height:500; padding-left: 5px; padding-right: 5px; z-index:1; overflow: scroll; visibility: visible">
<?php
echo '<br><br><strong>';
echo 'forwarding to <a href="' . $_REQUEST["u"] . '">' . $_REQUEST["u"] . '</a> ...';
echo '</strong><br><br>';
DisplayFoot(false, false);
} else {
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include "config.php";
include "functions.php";
// is enabled ?
if ($cfg["enable_move"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use move");
showErrorPage("move is disabled.");
}
DisplayHead(_MOVE_FILE_TITLE, false);
if (isset($_GET['start']) && $_GET['start'] == true) {
?>
<form method="POST" action="move.php" name="move_form">
<p><?php
echo _MOVE_FILE;
?>
<input disabled="true" type="text" name="T1" size="91" value="<?php
echo $_GET['path'];
?>
"></p>
<p>
<?php
echo _MOVE_STRING;
*******************************************************************************/
// contributed by NovaKing -- thanks duder!
include_once "config.php";
include_once "functions.php";
// is enabled ?
if ($cfg["enable_view_nfo"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use nfo-viewer");
showErrorPage("nfo-viewer is disabled.");
}
// target-file
$file = getRequestVar("path");
$fileIsValid = isValidPath($file, ".nfo") || isValidPath($file, ".txt") || isValidPath($file, ".log");
if (!$fileIsValid) {
AuditAction($cfg["constants"]["error"], "Invalid NFO-file : " . $cfg["user"] . " tried to access " . $file);
showErrorPage("Invalid NFO-file : <br>" . $file);
}
// get content
$folder = htmlspecialchars(substr($file, 0, strrpos($file, "/")));
if (($output = @file_get_contents($cfg["path"] . $file)) === false) {
$output = "Error opening NFO File.";
}
// output
DisplayHead("View NFO");
?>
<div align="center" style="width: 740px;">
<a href="<?php
echo "viewnfo.php?path={$file}&dos=1";
?>
">DOS Format</a> :-:
<a href="<?php
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
*******************************************************************************/
include_once "config.php";
include_once "functions.php";
require_once "metaInfo.php";
// is enabled ?
if ($cfg["advanced_start"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use advanced start");
showErrorPage("advanced start is disabled.");
}
$torrent = getRequestVar('torrent');
// Load saved settings
$btclient_default = $cfg["btclient"];
$torrentExists = loadTorrentSettingsToConfig($torrent);
// savepath
if (!isset($cfg["savepath"]) || empty($cfg["savepath"])) {
$cfg["savepath"] = $cfg["path"] . getOwner($torrent) . '/';
}
// torrent exists ?
$torrentExists = getTorrentDataSize($torrent) > 0;
// display name
$displayName = htmlentities($torrent, ENT_QUOTES);
if (strlen($displayName) >= 55) {
$displayName = substr($displayName, 0, 52) . "...";
/**
* deletes a torrent
*
* @param $torrent name of the torrent
* @param $alias_file alias-file of the torrent
* @return boolean of success
*/
function deleteTorrent($torrent, $alias_file)
{
global $cfg;
$delfile = $torrent;
// check if valid transfer
if (isValidTransfer($delfile) !== true) {
AuditAction($cfg["constants"]["error"], "Invalid File for Delete : " . $cfg["user"] . " tried to delete " . $delfile);
global $argv;
if (isset($argv)) {
die("Invalid File for Delete : " . $delfile);
} else {
showErrorPage("Invalid File for Delete : <br>" . htmlentities($delfile, ENT_QUOTES));
}
}
//$alias_file = getRequestVar('alias_file');
$torrentowner = getOwner($delfile);
if ($cfg["user"] == $torrentowner || IsAdmin()) {
include_once "AliasFile.php";
// we have more meta-files than .torrent. handle this.
if (substr(strtolower($torrent), -8) == ".torrent") {
// this is a torrent-client
$btclient = getTorrentClient($delfile);
$af = AliasFile::getAliasFileInstance($cfg['torrent_file_path'] . $alias_file, $torrentowner, $cfg, $btclient);
// update totals for this torrent
updateTorrentTotals($delfile);
// remove torrent-settings from db
deleteTorrentSettings($delfile);
// client-proprietary leftovers
include_once "ClientHandler.php";
$clientHandler = ClientHandler::getClientHandlerInstance($cfg, $btclient);
$clientHandler->deleteTorrentCache($torrent);
} else {
if (substr(strtolower($torrent), -4) == ".url") {
// this is wget. use tornado statfile
$alias_file = str_replace(".url", "", $alias_file);
$af = AliasFile::getAliasFileInstance($cfg['torrent_file_path'] . $alias_file, $cfg['user'], $cfg, 'tornado');
} else {
// this is "something else". use tornado statfile as default
$af = AliasFile::getAliasFileInstance($cfg['torrent_file_path'] . $alias_file, $cfg['user'], $cfg, 'tornado');
}
}
if ($cfg['enable_xfer'] != 0) {
//XFER: before torrent deletion save upload/download xfer data to SQL
$torrentTotals = getTorrentTotalsCurrent($delfile);
saveXfer($torrentowner, $torrentTotals["downtotal"] + 0, $torrentTotals["uptotal"] + 0);
}
// torrent+stat
@unlink($cfg["torrent_file_path"] . $delfile);
@unlink($cfg["torrent_file_path"] . $alias_file);
// try to remove the QInfo if in case it was queued.
@unlink($cfg["torrent_file_path"] . "queue/" . $alias_file . ".Qinfo");
// try to remove the pid file
@unlink($cfg["torrent_file_path"] . $alias_file . ".pid");
@unlink($cfg["torrent_file_path"] . getAliasName($delfile) . ".prio");
AuditAction($cfg["constants"]["delete_torrent"], $delfile);
return true;
} else {
AuditAction($cfg["constants"]["error"], $cfg["user"] . " attempted to delete " . $delfile);
return false;
}
}
// Go get the if this is a search request. go get the data and produce output.
$hideSeedless = getRequestVar('hideSeedless');
if (!empty($hideSeedless)) {
$_SESSION['hideSeedless'] = $hideSeedless;
}
if (!isset($_SESSION['hideSeedless'])) {
$_SESSION['hideSeedless'] = 'no';
}
$hideSeedless = $_SESSION['hideSeedless'];
$pg = getRequestVar('pg');
$searchEngine = getRequestVar('searchEngine');
if (empty($searchEngine)) {
$searchEngine = $cfg["searchEngine"];
}
if (!preg_match('/^[a-zA-Z0-9]+$/', $searchEngine)) {
showErrorPage("Invalid SearchEngine");
}
$searchterm = getRequestVar('searchterm');
if (empty($searchterm)) {
$searchterm = getRequestVar('query');
}
$searchterm = str_replace(" ", "+", $searchterm);
// Check to see if there was a searchterm.
// if not set the get latest flag.
if (strlen($searchterm) == 0) {
if (!array_key_exists("LATEST", $_REQUEST)) {
$_REQUEST["LATEST"] = "1";
}
}
DisplayHead("TorrentSearch " . _SEARCH);
echo "<style>.tinyRow {font-size:2px;height:2px;}</style>";
showErrorPage("wget is disabled.");
}
exec("nohup " . $cfg['bin_php'] . " -f wget.php " . escapeshellarg($url_wget) . " " . $cfg['user'] . " > /dev/null &");
sleep(2);
//sleep so that hopefully the other script has time to write out the stat files.
header("location: index.php");
exit;
}
// =============================================================================
// Do they want us to get a torrent via a URL?
$url_upload = getRequestVar('url_upload');
if (!$url_upload == '') {
// is enabled ?
if ($cfg["enable_torrent_download"] != 1) {
AuditAction($cfg["constants"]["error"], "ILLEGAL ACCESS: " . $cfg["user"] . " tried to use torrent download");
showErrorPage("torrent download is disabled.");
}
// download
indexProcessDownload($url_upload);
}
// =============================================================================
// Handle the file upload if there is one
if (!empty($_FILES['upload_file']['name'])) {
indexProcessUpload();
}
// =============================================================================
// if a file was set to be deleted then delete it
$delfile = getRequestVar('delfile');
if (!$delfile == '') {
deleteTorrent($delfile, getRequestVar('alias_file'));
header("location: index.php");
