function __construct()
{
global $MAIN_CFG, $CPG_SESS;
if (!is_dir(BASEDIR . 'themes/default/template')) {
trigger_error('"default" theme does not exist', E_USER_ERROR);
}
$this->get_theme();
$this->_tpldata['.'][0]['REQUEST_URI'] = str_replace('&', '&', substr(URL::uri(), strlen($MAIN_CFG['server']['path'])));
$this->root = 'themes/' . $this->tpl . '/template';
}
function online()
{
global $userinfo, $prefix, $db, $module_title, $SESS, $mainindex;
if ($SESS->dbupdate) {
$url = URL::uri();
$uname = $SESS->sess_id;
$guest = 1;
if (is_user()) {
$uname = $userinfo['username'];
$guest = 0;
} elseif (SEARCHBOT) {
$uname = SEARCHBOT;
$guest = 3;
}
if (is_admin()) {
global $CLASS;
if ($guest == 1) {
$uname = $CLASS['member']->admin['aid'];
}
$guest = 2;
if (defined('ADMIN_PAGES')) {
$url = $mainindex;
}
}
$uname = Fix_Quotes($uname);
if (empty($uname)) {
return;
}
# something screwey
$ctime = time();
$custom_title = Fix_Quotes($module_title ? $module_title : _HOME);
$url = Fix_Quotes(str_replace('&', '&', $url));
if ($db->sql_count($prefix . '_session', "uname='{$uname}'")) {
$db->sql_query('UPDATE ' . $prefix . "_session SET time='{$ctime}', module='{$custom_title}', url='{$url}', guest='{$guest}' WHERE uname='{$uname}'", true);
} else {
$db->sql_query('INSERT INTO ' . $prefix . "_session (uname, time, host_addr, guest, module, url) VALUES ('{$uname}', '{$ctime}', {$userinfo['user_ip']}, '{$guest}', '{$custom_title}', '{$url}')", true);
}
}
}
return '<span style="padding:1px; background-color:' . $bgcolor2 . '; border-bottom:solid 1px ' . $bgcolor4 . ';">' . $content . '</span>';
}
}
$pagetitle .= $module_title . ' ' . _BC_DELIM . ' Search';
require_once 'header.php';
OpenTable();
echo dl_menu() . '<br /><hr />';
$search = new DL_Search();
if (isset($_POST['search']) || isset($_GET['sa']) || isset($_GET['key']) || isset($_GET['search_id'])) {
$cur_page = isset($_GET['page']) && $_GET['page'] > 0 ? intval($_GET['page']) : 1;
$perpage = $dl_config['perpage'];
$limit = ($cur_page - 1) * $perpage;
$search->search(isset($_GET['search_id']) ? $_GET['search_id'] : '');
if (count($search->criteria) > 0) {
echo '<div style="background-color:' . $bgcolor2 . '; padding:3px;"><span class="genmed">Advanced search results</span></div>
<div style="background-color:' . $bgcolor3 . '; border-bottom:1px solid ' . $bgcolor2 . '; padding:3px;"><span style="float:left;" class="genmed">Searching for downloads that match the following criteria:</span><span class="genmed" style="float:right;"><a href="' . URL::index('&file=search&edit=' . $search->search_id) . '">Edit search criteria</a></span><br />';
foreach ($search->criteria as $key => $value) {
echo $search->criterion_label($key, htmlprepare($value));
}
echo '<br /><br style="clear:both; line-height:0;" /></div>';
}
if (!$search->error && $search->result_count == 0) {
echo $search->show_error('No matching downloads found');
}
$cpgtpl->assign_vars(array('NO_DOWNLOADS' => false, 'DL_REVIEW_ACTIVE' => $dl_config['r_active'], 'DL_PAGINATION' => gen_pagination($search->total_results, $perpage, $cur_page, '&file=search&search_id=' . $search->search_id), 'U_TO_TOP' => htmlprepare(URL::uri()), 'L_TO_TOP' => strtolower(_DLP_BACK2TOP), 'L_PAGE' => _DLP_PAGE, 'L_RATING' => _RATING, 'L_POPULARITY' => _POPULARITY, 'L_HOMEPAGE' => 'Homepage', 'L_SUBMITTEDBY' => _DLP_SUBMITTEDBY, 'L_WRITE_REVIEW' => _DLP_WRITEREVIEW));
$cpgtpl->set_filenames(array('body' => 'downloads/list_downloads.html'));
$cpgtpl->display('body');
} else {
echo $search->search_form(isset($_GET['edit']) ? intval($_GET['edit']) : false);
}
CloseTable();
}
}
$content .= "<img src=\"{$avatar}\" alt=\"\" />";
$content .= '<br />' . _BWEL . ' <b>' . $userinfo['username'] . '</b><br /><img src="images/spacer.gif" style="height:8px;" alt="" /></div>';
if ($pm_active) {
$pm = $userinfo['user_new_privmsg'] + $userinfo['user_unread_privmsg'];
$content .= ' <a title="' . _READSEND . '" href="' . URL::index('Private_Messages') . '"><img src="images/blocks/email.gif" alt="" style="border:0;" /></a> <a title="' . _READSEND . '" href="' . URL::index('Private_Messages') . '">' . _INBOX . '</a>';
$content .= ' ' . _NEW . ": <b>{$pm}</b><br />\n";
}
$content .= '<a title="' . _ACCOUNTOPTIONS . '" href="' . URL::index('Your_Account') . '"><img src="images/blocks/logout.gif" alt="" /></a> <a title="' . _ACCOUNTOPTIONS . '" href="' . URL::index('Your_Account') . '">' . _Your_AccountLANG . '</a><br />
<a title="' . _LOGOUTACCT . '" href="' . URL::index('Your_Account&op=logout&redirect', false) . '"><img src="images/blocks/login.gif" alt="" style="float:left;" /></a> <a title="' . _LOGOUTACCT . '" href="' . URL::index('Your_Account&op=logout&redirect', false) . '">' . _LOGOUT . '</a>';
} else {
if (isset($_GET['redirect']) && !isset($CPG_SESS['user']['redirect'])) {
$CPG_SESS['user']['redirect'] = $CPG_SESS['user']['uri'];
}
$redirect = isset($CPG_SESS['user']['redirect']) ? $CPG_SESS['user']['redirect'] : URL::uri();
$content .= '<div style="text-align:center;"><img src="images/blocks/no_avatar.gif" alt="" /><br />' . _BWEL . ' <b>' . _ANONYMOUS . '</b></div>
<hr /><form action="' . $redirect . '" method="post" enctype="multipart/form-data" accept-charset="utf-8" style="margin:0;"><div>
<span style="float:left; height:25px;">' . _NICKNAME . '</span><span style="float:right; height:25px;"><input type="text" name="ulogin" size="10" maxlength="25" /></span><br />
<span style="float:left; height:25px;">' . _PASSWORD . '</span><span style="float:right; height:25px;"><input type="password" name="user_password" size="10" maxlength="20" /></span><br />
';
if ($MAIN_CFG['debug']['sec_code'] & 2) {
$content .= '<span style="float:left; height:25px;">' . _SECURITYCODE . '</span><span style="float:right; height:25px;">' . generate_secimg() . '</span><br style="clear:left;" />
<span style="float:left; height:25px;">' . _TYPESECCODE . '</span><span style="float:right; height:25px;"><input type="text" name="gfx_check" size="8" maxlength="8" /></span><br />';
}
// don't show register link unless allowuserreg is yes
$content .= '<span style="float:left; height:25px;">' . ($MAIN_CFG['member']['allowuserreg'] ? '<input type="button" value="' . _BREG . '" onclick="window.location=\'' . URL::index('Your_Account&file=register', 1, 1) . '\'" />' : '') . '</span>
<span style="float:right; height:25px;"><input type="submit" value="' . _LOGIN . '" />
</span></div></form>';
}
if (is_admin()) {
$faq_block[$j][$counter]['question'] = $faq[$i][0];
$faq_block[$j][$counter]['answer'] = $faq[$i][1];
$counter++;
$counter_2++;
} else {
$j = $counter != 0 ? $j + 1 : 0;
$faq_block_titles[$j] = $faq[$i][1];
$counter = 0;
}
}
//
// Lets build a page ...
//
$page_title = $l_title;
require_once 'includes/phpBB/page_header.php';
make_jumpbox('viewforum');
$template->assign_vars(array('L_FAQ_TITLE' => $l_title, 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'L_GO' => $lang['Go']));
for ($i = 0; $i < count($faq_block); $i++) {
if (count($faq_block[$i])) {
$template->assign_block_vars('faq_block', array('BLOCK_TITLE' => $faq_block_titles[$i]));
$template->assign_block_vars('faq_block_link', array('BLOCK_TITLE' => $faq_block_titles[$i]));
for ($j = 0; $j < count($faq_block[$i]); $j++) {
$row_color = !($j % 2) ? $bgcolor2 : $bgcolor1;
$row_class = !($j % 2) ? 'row1' : 'row2';
$template->assign_block_vars('faq_block.faq_row', array('ROW_COLOR' => $row_color, 'ROW_CLASS' => $row_class, 'FAQ_QUESTION' => $faq_block[$i][$j]['question'], 'FAQ_ANSWER' => $faq_block[$i][$j]['answer'], 'U_FAQ_ID' => $faq_block[$i][$j]['id'], 'REQUEST_URI' => URL::uri()));
$template->assign_block_vars('faq_block_link.faq_row_link', array('ROW_COLOR' => $row_color, 'ROW_CLASS' => $row_class, 'FAQ_LINK' => $faq_block[$i][$j]['question'], 'U_FAQ_LINK' => URL::uri() . '#' . $faq_block[$i][$j]['id']));
}
}
}
$template->set_filenames(array('body' => 'forums/faq_body.html'));
require_once 'includes/phpBB/page_tail.php';
function get_uri()
{
depricated_warning();
return URL::uri();
}
+-------------------------------------------------------------------+
*/
if (!defined('CPG_NUKE')) {
exit;
}
global $db, $user_prefix, $userinfo, $SESS;
if (is_user()) {
$newsletter = $userinfo['newsletter'];
$user_id = $userinfo['user_id'];
if ($newsletter) {
$message = _NEWSLETTERBLOCKSUBSCRIBED;
$action = '<form action="' . URL::uri() . '" method="post"><div><input type="submit" name="nb_unsubscribe" value="' . _NEWSLETTERBLOCKUNSUBSCRIBE . '" /></div></form>';
if (isset($_POST['nb_unsubscribe'])) {
$db->sql_query("UPDATE " . $user_prefix . "_users SET newsletter='0' WHERE user_id='{$user_id}'");
unset($_SESSION['CPG_USER']);
URL::redirect($uri);
}
} else {
$message = _NEWSLETTERBLOCKNOTSUBSCRIBED;
$action = '<form action="' . URL::uri() . '" method="post"><div><input type="submit" name="nb_subscribe" value="' . _NEWSLETTERBLOCKSUBSCRIBE . '" /></div></form>';
if (isset($_POST['nb_subscribe'])) {
$db->sql_query("UPDATE " . $user_prefix . "_users SET newsletter='1' WHERE user_id='{$user_id}'");
unset($_SESSION['CPG_USER']);
URL::redirect($uri);
}
}
} else {
$message = _NEWSLETTERBLOCKREGISTER;
$action = '<a href="' . URL::index('Your_Account&file=register') . '" title="' . _NEWSLETTERBLOCKREGISTERNOW . '">' . _NEWSLETTERBLOCKREGISTERNOW . '</a>';
}
$content = '<div style="text-align:center;"><img src="images/blocks/newsletter.png" alt="' . _NEWSLETTER . '" title="' . _NEWSLETTER . '" /><br /><br />' . $message . '<br /><br />' . $action . '</div>';
if ($forum_topic_data['parent_id'] != 0) {
$is_subforum = true;
$parent_id = $forum_topic_data['parent_id'];
$parents = array();
while ($parent_id != 0) {
list($parent_name, $parent_id, $parent_forum_id) = $db->sql_ufetchrow("SELECT forum_name AS parent_name, parent_id, forum_id FROM " . FORUMS_TABLE . " WHERE forum_id = {$parent_id}", SQL_NUM);
$parents[] = '<a href="' . URL::index("&viewforum&f={$parent_forum_id}") . '">' . $parent_name . '</a>';
}
$parents = array_reverse($parents);
$parents_list = implode(' ' . _BC_DELIM . ' ', $parents);
} else {
$is_subforum = false;
$parents_list = '';
}
# Send vars to template
$template->assign_vars(array('START_REL' => $start + 1, 'FINISH_REL' => isset($_GET['finish_rel']) ? intval($_GET['finish_rel']) : $board_config['posts_per_page'] - $start, 'FORUM_ID' => $forum_id, 'FORUM_NAME' => $forum_name, 'FORUM_DESC' => $forum_desc, 'TOPIC_ID' => $topic_id, 'TOPIC_TITLE' => $topic_title, 'PAGINATION' => $pagination, 'PAGE_NUMBER' => sprintf($lang['Page_of'], floor($start / $pagination_ppp) + 1, ceil($total_replies / $pagination_ppp)), 'POST_IMG' => $post_img, 'REPLY_IMG' => $reply_img, 'PRINTER_IMG' => $printer_img, 'BC_DELIM' => _BC_DELIM, 'IS_SUBFORUM' => $is_subforum, 'SF_PARENTS' => $parents_list, 'L_AUTHOR' => $lang['Author'], 'L_MESSAGE' => $lang['Message'], 'L_POSTED' => $lang['Posted'], 'L_POST_SUBJECT' => $lang['Post_subject'], 'L_VIEW_NEXT_TOPIC' => $lang['View_next_topic'], 'L_VIEW_PREVIOUS_TOPIC' => $lang['View_previous_topic'], 'L_POST_NEW_TOPIC' => $post_alt, 'L_POST_REPLY_TOPIC' => $reply_alt, 'L_PRINTER_TOPIC' => $printer_alt, 'L_BACK_TO_TOP_LINK' => URL::uri(), 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'L_DISPLAY_POSTS' => $lang['Display_posts'], 'L_LOCK_TOPIC' => $lang['Lock_topic'], 'L_UNLOCK_TOPIC' => $lang['Unlock_topic'], 'L_MOVE_TOPIC' => $lang['Move_topic'], 'L_SPLIT_TOPIC' => $lang['Split_topic'], 'L_DELETE_TOPIC' => $lang['Delete_topic'], 'L_GOTO_PAGE' => $lang['Goto_page'], 'L_GO' => $lang['Go'], 'S_TOPIC_LINK' => POST_TOPIC_URL, 'S_SELECT_POST_DAYS' => $select_post_days, 'S_SELECT_POST_ORDER' => $select_post_order, 'S_POST_DAYS_ACTION' => URL::index("&file=viewtopic&" . POST_TOPIC_URL . "={$topic_id}&start={$start}"), 'S_AUTH_LIST' => $s_auth_can, 'S_TOPIC_ADMIN' => $topic_mod, 'S_WATCH_TOPIC' => $s_watching_topic, 'S_WATCH_TOPIC_IMG' => $s_watching_topic_img, 'U_VIEW_TOPIC' => URL::index("&file=viewtopic&" . POST_TOPIC_URL . "={$topic_id}&start={$start}&postdays={$post_days}&postorder={$post_order}&highlight={$highlight}"), 'U_VIEW_FORUM' => $view_forum_url, 'U_VIEW_OLDER_TOPIC' => $view_prev_topic_url, 'U_VIEW_NEWER_TOPIC' => $view_next_topic_url, 'U_POST_NEW_TOPIC' => $new_topic_url, 'U_PRINTER_TOPIC' => $printer_topic_url, 'U_POST_REPLY_TOPIC' => $reply_topic_url));
# Does this topic contain a poll?
if (!empty($forum_topic_data['topic_vote'])) {
$s_hidden_fields = '';
$sql = "SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result\n\t\tFROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr\n\t\tWHERE vd.topic_id = {$topic_id} AND vr.vote_id = vd.vote_id\n\t\tORDER BY vr.vote_option_id ASC";
$vote_info = $db->sql_ufetchrowset($sql, SQL_ASSOC);
if ($vote_info) {
$vote_options = count($vote_info);
$vote_id = $vote_info[0]['vote_id'];
$vote_title = $vote_info[0]['vote_text'];
$result = $db->sql_query("SELECT vote_id FROM " . VOTE_USERS_TABLE . " WHERE vote_id = {$vote_id} AND vote_user_id = " . intval($userdata['user_id']));
$user_voted = ($row = $db->sql_fetchrow($result)) ? TRUE : 0;
$db->sql_freeresult($result);
if (isset($_GET['vote']) || isset($_POST['vote'])) {
$view_result = (isset($_GET['vote']) ? $_GET['vote'] : $_POST['vote']) == 'viewresult' ? TRUE : 0;
} else {
}
$row['link_type'] = -1;
if (!isset($row['catpos'])) {
$row['catpos'] = -1;
}
$menucats[$row['catpos']][$row['linkpos']] = $row;
}
// Load custom links from database
$result = $db->sql_query("SELECT l.title, l.link, l.link_type, l.view, l.active, l.cat_id, l.pos AS linkpos, c.name, c.image, c.pos AS catpos, c.link AS catlnk, c.link_type AS cattype FROM " . $prefix . "_modules_links AS l LEFT JOIN " . $prefix . "_modules_cat c ON (c.cid = l.cat_id) {$lnkquery} ORDER BY l.pos");
while ($row = $db->sql_fetchrow($result)) {
if (defined($row['title'])) {
$row['title'] = constant($row['title']);
}
$link = str_ireplace('&', '&', $row['link']);
if (URL::uri() != '') {
if (false !== strpos(URL::uri(), $link)) {
$row['lnkimage'] = 'icon_select.gif';
$setimage = 0;
}
}
$row['link'] = str_ireplace('&', '&', $link);
$row['catlnk'] = str_ireplace('&', '&', $row['catlnk']);
$row['inmenu'] = 1;
if (!isset($row['catpos'])) {
$row['catpos'] = -1;
}
$menucats[$row['catpos']][$row['linkpos']] = $row;
}
ksort($menucats);
$nocatcontent = '';
while (list($cat, $items) = each($menucats)) {
} else {
$cpgtpl->assign_var('DL_REVIEWS', false);
}
$db->sql_freeresult($result);
if (can_admin($module_name) || $row['submitter'] == $userinfo['user_id']) {
// pagination
$cur_page2 = isset($_GET['p_page']) && $_GET['p_page'] > 0 ? intval($_GET['p_page']) : 1;
$limit2 = ($cur_page2 - 1) * $perpage;
$result = $db->sql_query("SELECT r.id, r.uid, r.ip, r.title, r.comment, r.score, r.timestamp, u.username, COUNT(r.score) AS votes FROM " . $dl_prefix . "_ratings r\n\tLEFT JOIN " . $user_prefix . "_users u ON (u.user_id = r.uid)\n\tWHERE r.lid='{$global_id}' AND r.comment!='' AND active=0 \n\tGROUP BY r.id DESC, r.uid, r.ip, r.title, r.comment, r.score, r.timestamp, u.username \n\tLIMIT {$perpage} OFFSET {$limit2}");
list($pending) = $db->sql_ufetchrow("SELECT COUNT(*) FROM " . $dl_prefix . "_ratings \n\tWHERE lid='{$global_id}' AND active=0");
if ($db->sql_numrows($result)) {
$cpgtpl->assign_vars(array('DL_P_REVIEW_PAGES' => ceil($pending / $perpage) > 1 ? gen_pagination($pending, $perpage, $cur_page2, '&file=details&id=' . $global_id, 'p_reviews', 'p_page') : false, 'DL_P_REVIEWS' => $pending));
$i = 0;
while (list($review_id, $review_uid, $review_ip, $review_title, $review_comment, $review_score, $review_timestamp, $review_uname, $review_votes) = $db->sql_fetchrow($result)) {
$rating_info = get_rating($review_score, $review_votes);
$cpgtpl->assign_block_vars('dl_p_review', array('ID' => $review_id, 'U_ID' => htmlprepare(URL::uri()) . '#r' . $review_id, 'RATING' => _DLP_REVIEW . ' #' . $review_id . ': ' . $rating_info['desc'], 'U_MEMBER' => URL::index('Your_Account&profile=' . $review_uid), 'MEMBERNAME' => $review_uname, 'DATE' => generate_date($review_timestamp), 'U_DEL' => can_admin($module_name) || $row['submitter'] == $userinfo['user_id'] ? '<a href="' . URL::index('&del_review=' . $review_id) . '">[' . strtolower(_DELETE) . ']</a>' : false, 'U_APPR' => can_admin($module_name) || $row['submitter'] == $userinfo['user_id'] ? '<a href="' . URL::index('&approve_review=' . $review_id) . '">[' . strtolower(_DLP_APPROVE) . ']</a>' : false, 'TITLE' => $review_title, 'COMMENT' => decode_bb_all($review_comment), 'IP' => decode_ip($review_ip), 'IMG_RATE' => dl_image('stars/' . $rating_info['rating'] . '.png'), 'SPACER' => $i > 0));
$i++;
}
} else {
$cpgtpl->assign_var('DL_P_REVIEWS', false);
}
$db->sql_freeresult($result);
} else {
$cpgtpl->assign_var('DL_P_REVIEWS', false);
}
}
if ($row['pick']) {
$cpgtpl->assign_block_vars('dl_image', array('SRC' => dl_image('pick.png'), 'TITLE' => _DLP_EDPICK));
}
// custom fields: images
$result = $db->sql_query("SELECT field, img_path, img_alt FROM " . $dl_prefix . "_fields \n\tWHERE type=3 AND visible > 0");
//Module::$custom[-5] = array('mid' => -5, 'name' => 'user_search', 'file' => CORE_PATH.'user_search.php', 'view' => 1);
$name = !empty($_POST['name']) ? $_POST['name'] : (!empty($_GET['name']) ? $_GET['name'] : $MAIN_CFG['global']['main_module']);
if (!preg_match('#^[a-zA-Z0-9_\\-]+$#', $name)) {
trigger_error(sprintf(_ERROR_BAD_CHAR, strtolower(_MODULES)), E_USER_ERROR);
}
$file = isset($_POST['file']) ? $_POST['file'] : (isset($_GET['file']) ? $_GET['file'] : 'index');
if (!preg_match('#^[a-zA-Z0-9_\\-]+$#', $file)) {
trigger_error(sprintf(_ERROR_BAD_CHAR, strtolower(_BLOCKFILE2)), E_USER_ERROR);
}
$Module = new Module($name);
if (!is_file(BASEDIR . "modules/{$Module->name}/{$file}.php")) {
trigger_error("Failed: is_file(modules/{$Module->name}/{$file}.php)", E_USER_WARNING);
trigger_error(sprintf(_MODULENOEXIST, ''), E_USER_ERROR);
}
if (HTTPS_REQUIRED && 'https' !== DOMAIN_PROTOCOL && $Module->https) {
URL::redirect('https://' . DOMAIN_NAME . URL::uri());
}
/* class setup */
Module::$file = $file;
// optional
Module::$path = BASEDIR . "modules/{$Module->path_name}/";
// optional
Module::$is_home = $Module->name === $MAIN_CFG['global']['main_module'];
/* finished instructing class */
# check for permissions
$Module->allow();
# get module custom language
get_lang($Module->name, -1);
# setup blocks, showblocks may be depreciated in the near future
Blocks::$showblocks = $Module->sides;
/* compatibility */
public function secure_download(&$error, $filename, $realname = '')
{
$chunksize = 2048;
// how many bytes per chunk
if (empty($realname)) {
$realname = $filename;
}
if (strpos($filename, '://')) {
// send remote file
$rdf = parse_url($filename);
if (!isset($rdf['host'])) {
return false;
}
if (!isset($rdf['port'])) {
$rdf['port'] = 80;
}
if (!isset($rdf['query'])) {
$rdf['query'] = '';
}
$fp = fsockopen($rdf['host'], $rdf['port'], $errno, $errstr, 15);
if ($fp === false) {
$error = "{$errno}: {$errstr}";
trigger_error($error, E_USER_WARNING);
return false;
}
fputs($fp, 'GET ' . $rdf['path'] . $rdf['query'] . " HTTP/1.0\r\n");
fputs($fp, 'User-Agent: Dragonfly Passthru (' . URL::index('credits', true, true) . ")\r\n");
fputs($fp, 'Referer: ' . URL::uri() . "\r\n");
fputs($fp, 'HOST: ' . $rdf['host'] . "\r\n\r\n");
$data = rtrim(fgets($fp, 512));
if (false === strpos($data, ' 200 OK')) {
$error = $data;
trigger_error($data, E_USER_WARNING);
return false;
}
while (ob_end_clean()) {
}
// Read all headers
while (!empty($data)) {
$data = rtrim(fgets($fp, 300));
// read lines
if (preg_match('#(Content-Length|Content-Type|Last-Modified): #i', $data)) {
header($data);
}
}
} else {
if (preg_match('#\\.(\\.|php$)#', $filename)) {
$error = "{$filename} isn't allowed to be downloaded";
trigger_error($error, E_USER_WARNING);
return false;
}
if (!($fp = fopen($filename, 'rb'))) {
$error = "{$filename} could not be opened";
trigger_error($error, E_USER_WARNING);
return false;
}
while (ob_end_clean()) {
}
$mimetype = ($img = getimagesize($filename)) ? $img['mime'] : '';
// send local file
if (!strstr($mimetype, 'image')) {
$ext = explode('.', $realname);
$ext = strtolower(array_pop($ext));
if ($ext == 'bz2') {
$mimetype = 'application/bzip2';
} elseif ($ext == 'gz' || $ext == 'tgz') {
$mimetype = 'application/x-gzip';
} elseif ($ext == 'gtar') {
$mimetype = 'application/x-gtar';
} elseif ($ext == 'tar') {
$mimetype = 'application/x-tar';
} elseif ($ext == 'zip') {
$mimetype = 'application/zip';
} elseif ($ext == 'wma') {
$mimetype = 'audio/x-ms-wma';
} elseif ($ext == 'wmv') {
$mimetype = 'video/x-ms-wmv';
} else {
$mimetype = 'application/octet' . (preg_match('#(Opera|compatible; MSIE)#', $_SERVER['HTTP_USER_AGENT']) ? 'stream' : '-stream');
}
}
// header('Content-Type: "'.mime_content_type(basename($realname)).'"'); // PHP >= 4.3.0
header('Content-Type: ' . $mimetype . '; name="' . basename($realname) . '"');
header('Content-Length: ' . filesize($filename));
}
header('Content-Encoding:');
// header('Content-Disposition: inline; filename="'.basename($realname).'"');
header('Content-Disposition: attachment; filename="' . basename($realname) . '"');
set_time_limit(0);
while (!feof($fp)) {
print fread($fp, $chunksize);
}
return fclose($fp);
}
<?php
$LNG = array('_SECURITY_STATUS' => array(301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 500 => 'Internal Server Error', 503 => 'Service Unavailable', 800 => 'Bad IP', 801 => 'Spam url in referer header', 802 => 'Unknown user-agent', 803 => 'Flood Protection'), '_SECURITY_MSG' => array(301 => 'The URL that you requested, ' . URL::uri() . ', has been moved permanently to a new URI and any future references to this page SHOULD use the new URI.', 302 => 'The URL that you requested, ' . URL::uri() . ', has been moved temporarily to a new URI and any future references to this page SHOULD remain.', 400 => 'The URL that you requested, ' . URL::uri() . ', was a bad request.', 401 => 'The URL that you requested, ' . URL::uri() . ', requires preauthorization to access.', 402 => 'The URL that you requested, ' . URL::uri() . ', requires payment to access.', 403 => 'Access to the URL that you requested, ' . URL::uri() . ', is forbidden.', 404 => 'The URL that you requested, ' . URL::uri() . ', could not be found. Perhaps you either mistyped the URL or we have a broken link.<br /><br />We have logged this error and will correct the problem if it is a broken link.', 500 => 'The URL that you requested, ' . URL::uri() . ', resulted in a server configuration error. It is possible that the condition causing the problem will be gone by the time you finish reading this.<br /><br />We have logged this error and will correct the problem.', 503 => 'The URL that you requested, ' . URL::uri() . ', is temporarily unavailable.', 800 => 'You are banned from this site due to a bad ip.', 801 => 'You are banned from this site due to a spam url in the referer header.', 802 => 'You are banned from this site due to a unknown user-agent.', 803 => 'You are banned from this site due to ignoring our anti-flood warnings.', '_FLOOD' => 'You are not allowed to flood our system.<br />You may view our website again after %s seconds', 'Last_warning' => '<p>This is your last warning, next time you will be banned!</p>'));
public function write_close()
{
if (!$this->started) {
return;
}
global $CPG_SESS, $module_name;
$_SESSION['SECURITY']['page'] = $module_name;
$CPG_SESS['admin']['page'] = isset($_GET['op']) ? $_GET['op'] : (isset($_POST['op']) ? $_POST['op'] : '');
$CPG_SESS['user']['page'] = $module_name;
$CPG_SESS['user']['file'] = isset($_GET['file']) ? $_GET['file'] : (isset($_POST['file']) ? $_POST['file'] : '');
$CPG_SESS['user']['uri'] = URL::uri();
if (isset($CPG_SESS['user']['redirect']) && $CPG_SESS['user']['redirect'] != $CPG_SESS['user']['uri'] && $module_name != 'Your_Account') {
unset($CPG_SESS['user']['redirect']);
}
$_SESSION['CPG_SESS'] = $CPG_SESS;
session_write_close();
if (CAN_MOD_INI) {
ini_set('session.save_handler', $this->old_handler);
}
$this->started = false;
}
function userinfo($username)
{
global $db, $prefix, $user_prefix, $currentlang, $pagetitle, $MAIN_CFG, $CPG_SESS, $CLASS, $cpgtpl;
$owninfo = is_user() && ($username == is_user() || strtolower($username) == strtolower($CLASS['member']->members[is_user()]['username']));
if ($owninfo) {
$userinfo =& $CLASS['member']->members[is_user()];
global $Blocks;
$block = array('bid' => 10000, 'view' => 1, 'side' => 'l', 'title' => _TB_BLOCK, 'content' => member_block());
$Blocks->custom($block);
$block = NULL;
} else {
if (!is_user() && $username != 'Anonymous') {
URL::redirect(URL::index('&profile=Anonymous'));
} else {
if (!($userinfo = getusrdata($username)) || $userinfo['user_level'] < 1) {
require_once 'header.php';
OpenTable();
echo _NOINFOFOR . ' <strong>' . htmlspecialchars($username) . '</strong>';
if (!$userinfo) {
echo '<br /><br /><em>' . _MA_USERNOEXIST . '</em>';
} elseif ($userinfo['user_level'] == 0) {
echo '<br /><br /><em>' . _ACCSUSPENDED . '</em>';
} elseif ($userinfo['user_level'] == -1) {
echo '<br /><br /><em>' . _ACCDELETED . '</em>';
}
CloseTable();
return;
}
}
}
$username = $userinfo['username'];
$imgpath = 'themes/' . $CPG_SESS['theme'] . '/images/forums/lang_';
$imgpath .= file_exists($imgpath . $currentlang . '/icon_email.gif') ? $currentlang : 'english';
if ($owninfo) {
$pagetitle .= ' ' . _BC_DELIM . ' ' . $username . ', ' . _THISISYOURPAGE;
} else {
$pagetitle .= ' ' . _BC_DELIM . ' ' . _PERSONALINFO . ' ' . _BC_DELIM . ' ' . $username;
}
require_once 'header.php';
require_once CORE_PATH . 'nbbcode.php';
if ($userinfo['user_avatar_type'] == 1) {
$avatar = $MAIN_CFG['avatar']['path'] . '/' . $userinfo['user_avatar'];
} else {
if ($userinfo['user_avatar_type'] == 2) {
$avatar = $userinfo['user_avatar'];
} else {
if ($userinfo['user_avatar_type'] == 3 && !empty($userinfo['user_avatar'])) {
$avatar = $MAIN_CFG['avatar']['gallery_path'] . '/' . $userinfo['user_avatar'];
} else {
$avatar = $MAIN_CFG['avatar']['gallery_path'] . '/' . $MAIN_CFG['avatar']['default'];
}
}
}
if ($avatar) {
$avatar = '<img src="' . $avatar . '" alt="" />';
}
if ($userinfo['user_website']) {
if (false === strpos($userinfo['user_website'], '://')) {
$userinfo['user_website'] = "http://{$userinfo['user_website']}";
}
}
if (!preg_match('#^(http[s]?\\:\\/\\/)?([a-z0-9\\-\\.]+)?[a-z0-9\\-]+\\.[a-z]{2,4}$#i', $userinfo['user_website'])) {
$userinfo['user_website'] = '';
}
if ($userinfo['user_rank']) {
$sql = 'rank_id = ' . $userinfo['user_rank'] . ' AND rank_special = 1';
} else {
$sql = 'rank_min <= ' . intval($userinfo['user_posts']) . ' AND rank_special = 0 ORDER BY rank_min DESC';
}
list($poster_rank, $rank_image) = $db->sql_ufetchrow('SELECT rank_title, rank_image FROM ' . $prefix . '_bbranks WHERE ' . $sql, SQL_NUM);
$poster_rank = $rank_image ? '<img src="' . $rank_image . '" alt="' . $poster_rank . '" title="' . $poster_rank . '" />' : $poster_rank;
if (can_admin('members') || $owninfo) {
$result = $db->sql_query("SELECT field, langdef, type FROM " . $user_prefix . "_users_fields WHERE section = 2 OR section = 3");
} else {
$result = $db->sql_query("SELECT field, langdef, type FROM " . $user_prefix . "_users_fields WHERE section = 2");
}
if ($db->sql_numrows($result) > 0) {
while ($row = $db->sql_fetchrow($result)) {
if ($row['type'] == 1) {
$value = $userinfo[$row['field']] ? _YES : _NO;
} else {
$value = $userinfo[$row['field']];
}
if (defined($row['langdef'])) {
$row['langdef'] = constant($row['langdef']);
}
$cpgtpl->assign_block_vars('custom_field', array('NAME' => $row['langdef'], 'VALUE' => $value));
}
}
$blog_url = 0;
if (is_active('Blogs')) {
list($num_blogs) = $db->sql_ufetchrow("SELECT COUNT(*) FROM " . $prefix . "_blogs \n\t\tWHERE aid='{$username}' AND private=0");
if ($num_blogs > 0) {
$blog_url = 1;
}
}
$show_email = 0;
if ($userinfo['user_viewemail'] && is_user() || $owninfo || is_admin() && !$CLASS['member']->demo) {
$email = $userinfo['user_email'];
} else {
if ($userinfo['femail']) {
$email = $userinfo['femail'];
}
}
if (isset($email) && Security::check_email($email)) {
$email = 'mailto:' . $email;
if (!$owninfo && is_user()) {
define('IN_PHPBB', true);
define('PHPBB_INSTALLED', true);
$phpbb_root_path = "./modules/Forums/";
require_once $phpbb_root_path . 'common.php';
global $board_config;
if ($board_config['board_email_form']) {
$email = URL::index('Forums&file=profile&mode=email&u=' . $userinfo['user_id']);
}
}
$show_email = 1;
}
$show_pm = 0;
if (!$owninfo && is_user() && is_active('Private_Messages')) {
$show_pm = 1;
}
$show_gallery = 0;
if (is_active('coppermine')) {
$user_gallery = 10000 + $userinfo['user_id'];
$ugall_result = $db->sql_query("SELECT p.pid FROM " . $prefix . "_cpg_pictures AS p, " . $prefix . "_cpg_albums AS a WHERE a.aid = p.aid AND a.category = {$user_gallery}");
if ($db->sql_numrows($ugall_result) > 0) {
$show_gallery = 1;
}
}
$cpgtpl->assign_vars(array('ABOUT_USER' => _ABOUT_USER . $username, 'AVATAR' => $avatar, 'JOINED_DATE' => formatDateTime($userinfo['user_regdate'], _DATESTRING3), 'USER_RANK' => $poster_rank, 'USER_LOCATION' => decode_bb_all($userinfo['user_from']), 'USER_WEBSITE' => $userinfo['user_website'], 'USER_OCCUPATION' => decode_bb_all($userinfo['user_occ']), 'USER_INTERESTS' => decode_bb_all($userinfo['user_interests']), 'USER_SIGNATURE' => $userinfo['user_sig'] ? decode_bb_all($userinfo['user_sig'], 1, false) : false, 'USER_EXTRA_INFO' => $userinfo['bio'] ? decode_bb_all($userinfo['bio'], 1, false) : false, 'BLOG_URL' => $blog_url ? URL::index('Blogs&mode=user&nick=' . $username) : false, 'EMAIL_ADDRESS' => $show_email ? $email : false, 'IMG_PATH' => $imgpath, 'U_PM' => $show_pm ? URL::index("Private_Messages&mode=post&u={$userinfo['user_id']}") : false, 'USER_MSNM' => $userinfo['user_msnm'], 'USER_YIM' => $userinfo['user_yim'], 'USER_AIM' => $userinfo['user_aim'], 'USER_ICQ' => $userinfo['user_icq'], 'USER_SKYPE' => $userinfo['user_skype'], 'USER_GALLERY' => $show_gallery ? URL::index('coppermine&cat=' . (10000 + $userinfo['user_id'])) : false, 'OWN_OR_CAN_ADMIN' => $owninfo || can_admin('members'), 'OWN_INFO' => $owninfo, 'SUBSCRIBED' => $userinfo['newsletter'], 'CAN_ADMIN_MEMBERS' => can_admin('members'), 'U_EDIT_USER' => URL::admin('users&mode=edit&edit=profile&id=' . $userinfo['user_id']), 'U_SUSPEND_USER' => URL::admin('users&mode=edit&edit=admin&id=' . $userinfo['user_id']), 'HEADLINES_ALLOWED' => $owninfo && $MAIN_CFG['member']['my_headlines'], 'URL_URI' => URL::uri(), 'SHOW_RSS' => false));
if ($owninfo && $MAIN_CFG['member']['my_headlines']) {
$hid = isset($_POST['hid']) ? intval($_POST['hid']) : 0;
$url = isset($_POST['url']) ? $_POST['url'] : '';
$sql4 = 'SELECT hid, sitename FROM ' . $prefix . '_headlines ORDER BY sitename';
$headl = $db->sql_query($sql4);
while (list($nhid, $hsitename) = $db->sql_fetchrow($headl)) {
$sel = $hid == $nhid ? ' selected="selected"' : '';
$cpgtpl->assign_block_vars('feed_option', array('VALUE' => $nhid, 'SELECTED' => $sel, 'NAME' => $hsitename));
}
if ($hid > 0 || $hid == 0 && strlen($url) > 10) {
if ($hid > 0) {
$sql5 = 'SELECT sitename, headlinesurl FROM ' . $prefix . "_headlines WHERE hid='{$hid}'";
$result5 = $db->sql_query($sql5);
list($title, $url) = $db->sql_fetchrow($result5);
$siteurl = str_ireplace('http://', '', $url);
$siteurl = explode('/', $siteurl);
} else {
if (false === strpos($url, '://')) {
$url = 'http://' . $url;
}
$siteurl = str_ireplace('http://', '', $url);
$siteurl = explode('/', $siteurl);
$title = 'http://' . $siteurl[0];
}
include_once CORE_PATH . 'classes/rss.php';
$content = CPG_RSS::display($url);
$cpgtpl->assign_vars(array('SHOW_RSS' => true, 'RSS_CONTENT' => $content, 'RSS_URL' => $siteurl[0], 'RSS_TITLE' => $title));
}
}
$cpgtpl->set_handle('userinfo', 'your_account/userinfo.html');
$cpgtpl->display('userinfo');
$blocksdir = dir('modules/Your_Account/blocks');
while ($func = $blocksdir->read()) {
if (substr($func, -3) == 'php') {
$blockslist[] = $func;
}
}
closedir($blocksdir->handle);
natcasesort($blockslist);
for ($i = 0; $i < sizeof($blockslist); $i++) {
require_once 'modules/Your_Account/blocks/' . $blockslist[$i];
}
}
<a href="' . URL::index() . '">' . _MAIN . '</a> | <a href="' . URL::index('&file=search&cat=' . $id_cat) . '">' . _SEARCH . '</a><br /><br />
<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
<tr><td align="center" class="catleft" colspan="2"><b><span class="gen">' . _QUESTION . '</span></b></td></tr>
<tr><td align="center" class="row1" colspan="2">' . _SORT . ': ' . (isset($_GET['sort']) && $_GET['sort'] == 'asc' ? '<b>' . _ASCENDING . '</b>' : '<a href="' . URL::index('&cat=' . $id_cat . '&sort=asc') . '">' . _ASCENDING . '</a>') . '
/ ' . (isset($_GET['sort']) && $_GET['sort'] == 'desc' ? '<b>' . _DESCENDING . '</b>' : '<a href="' . URL::index('&cat=' . $id_cat . '&sort=desc') . '">' . _DESCENDING . '</a>') . '
</td></tr>';
foreach ($result as $row) {
echo '<tr><td class="row1" colspan="2"><span class="gen"><a href="' . htmlprepare(URL::uri()) . '#' . $row['id'] . '">' . $row['question'] . '</a></span></td></tr>';
}
echo '</table><br />
<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline" align="center">
<tr><td align="center" class="catleft" colspan="2"><b><span class="gen">' . _ANSWER . '</span></b></td></tr>';
foreach ($result as $row) {
echo '<tr><td align="justify" class="row1" colspan="2"><a id="' . $row['id'] . '"></a><b><span class="gen">' . $row['question'] . '</span></b><br /><br />
<span class="gen">' . decode_bbcode($row['answer'], 1) . '</span><br /><br />
<div style="float:left;"><a href="' . htmlprepare(URL::uri()) . '#top">' . _BACKTOTOP . '</a></div>';
if (can_admin('faq')) {
echo '<div style="float:right;"><a href="' . URL::admin('&mode=edit&faq=' . $row['id']) . '">' . _EDIT . '</a> | <a href="' . URL::admin('&mode=delete&faq=' . $row['id']) . '">' . _DELETE . '</a></div>';
}
echo '</tr><tr><td class="spaceRow" style="height:1px;"><img src="images/spacer.gif" alt="" width="1" height="1" /></td></tr>';
}
echo '</table>';
} else {
echo '<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline" align="center">
<tr><td align="center" class="row1" colspan="2" style="height:22px;">' . sprintf(_ERROR_NONE_TO_DISPLAY, strtolower(_FAQ2)) . '<br /><br /><a href="' . URL::index() . '">' . _BACKTOFAQINDEX . '</a></td></tr>
</table>';
}
} else {
$order = isset($_GET['sort']) && $_GET['sort'] == 'desc' ? 'categories DESC' : (isset($_GET['sort']) ? 'categories ASC' : 'id ASC');
$querylang = $multilingual ? 'WHERE (flanguage=\'' . $currentlang . '\' OR flanguage= \'\') ' : '';
$cats = $db->sql_ufetchrowset("SELECT c.id_cat, c.categories, COUNT(a.id_cat) AS faqs FROM " . $prefix . "_faqcategories c \n\t\tLEFT JOIN " . $prefix . "_faqanswer a ON (a.id_cat = c.id_cat) {$querylang} \n\t\tGROUP BY c.categories, c.id_cat \n\t\tORDER BY {$order}", SQL_BOTH, __FILE__, __LINE__);
