/** * Here we do the work */ function execute($comment) { global $_CONF, $_USER, $_TABLES, $LANG_SX00; if (isset($_USER['uid']) && $_USER['uid'] > 1) { $uid = $_USER['uid']; } else { $uid = 1; } /** * Include Blacklist Data */ $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'MTBlacklist'", 1); $nrows = DB_numRows($result); // named entities $comment = html_entity_decode($comment); // decimal notation $comment = preg_replace('/&#(\\d+);/me', "chr(\\1)", $comment); // hex notation $comment = preg_replace('/&#x([a-f0-9]+);/mei', "chr(0x\\1)", $comment); $ans = 0; // Found Flag for ($i = 1; $i <= $nrows; $i++) { list($val) = DB_fetchArray($result); if (@preg_match("#{$val}#i", $comment)) { $ans = 1; // quit on first positive match SPAMX_log($LANG_SX00['fsc'] . $val . $LANG_SX00['fsc1'] . $uid . $LANG_SX00['fsc2'] . $_SERVER['REMOTE_ADDR']); break; } } return $ans; }
/** * Here we do the work * * @param string $comment * @return int */ public function execute($comment) { global $_TABLES, $_USER, $LANG_SX00, $LANG28; $uid = COM_isAnonUser() ? 1 : $_USER['uid']; // Get homepage URLs of all banned users $result = DB_query("SELECT DISTINCT homepage FROM {$_TABLES['users']} WHERE status = 0 AND homepage IS NOT NULL AND homepage <> ''"); $numRows = DB_numRows($result); // named entities $comment = html_entity_decode($comment); // decimal notation $comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment); // hex notation $comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment); $ans = 0; for ($i = 0; $i < $numRows; $i++) { list($val) = DB_fetchArray($result); $val = str_replace('#', '\\#', $val); if (preg_match("#{$val}#i", $comment)) { $ans = 1; // quit on first positive match SPAMX_log($LANG_SX00['foundspam'] . $val . ' (' . $LANG28[42] . ')' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']); break; } } $this->result = $ans; return $ans; }
function draw_user_information($error) { global $_USER, $_CONF, $LANG_ECOM; $res = get_user_row($_USER['uid']); #If it's users first time to enter there information will have to add them to database. if (DB_numRows($res) <= 0) { add_user_row($_USER['uid']); #Create the row to hold ecom_userinfo $res = get_user_row($_USER['uid']); } $user_info = DB_fetchArray($res); #load template for editing user $T = new Template($_CONF['path'] . 'plugins/ecommerce/templates'); $T->set_file('text', 'user_info.thtml'); $T->set_var('site_url', $PHP_SELF); $T->set_var('error', $error); $T->set_var('full_name', $user_info['fullname']); $T->set_var('email', $user_info['email']); $T->set_var('phone_number', $user_info['ecom_phone_number']); $T->set_var('dob_month', $user_info['ecom_dob_month']); $T->set_var('dob_day', $user_info['ecom_dob_day']); $T->set_var('dob_year', $user_info['ecom_dob_year']); $T->set_var('driver_license_number', $user_info['ecom_drivers_license_number']); $T->set_var('driver_license_state', $user_info['ecom_drivers_license_state']); $T->set_var('msg_1', $LANG_ECOM[1]); $T->set_var('msg_12', $LANG_ECOM[12]); $T->set_var('msg_146', $LANG_ECOM[146]); $T->set_var('msg_147', $LANG_ECOM[147]); $T->set_var('msg_148', $LANG_ECOM[148]); $T->set_var('msg_149', $LANG_ECOM[149]); $T->set_var('msg_150', $LANG_ECOM[150]); echo $T->parse('output', 'text'); }
function MG_selectUsers($page) { global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01; $retval = ''; $T = new Template($_MG_CONF['template_path'] . '/admin'); $T->set_file('admin', 'createmembers.thtml'); $T->set_var('site_url', $_CONF['site_url']); $T->set_var('site_admin_url', $_CONF['site_admin_url']); $T->set_block('admin', 'UserRow', 'uRow'); $rowcounter = 0; $start = $page * 50; $end = 50; $tres = DB_query("SELECT COUNT(gl.uid) AS count FROM {$_TABLES['users']} AS gl LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1)"); $trow = DB_fetchArray($tres); $total_records = $trow['count']; $sql = "SELECT gl.uid, gl.status, gl.username, gl.fullname, mg.member_gallery FROM {$_TABLES['users']} AS gl LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1) ORDER BY gl.username ASC LIMIT {$start},{$end}"; $result = DB_query($sql); $nRows = DB_numRows($result); for ($x = 0; $x < $nRows; $x++) { $row = DB_fetchArray($result); $uid = $row['uid']; $remote = SEC_inGroup("Remote Users", $uid) ? '(r)' : ''; $username = $row['username']; $member_gallery = $row['member_gallery']; $T->set_var(array('uid' => $uid, 'username' => $username . ' ' . $remote . ' - ' . $row['fullname'], 'select' => '<input type="checkbox" name="user[]" value="' . $uid . '"/>')); $T->parse('uRow', 'UserRow', true); $rowcounter++; } $T->set_var(array('lang_userid' => $LANG_MG01['userid'], 'lang_username' => $LANG_MG01['username'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 's_form_action' => $_MG_CONF['admin_url'] . '/createmembers.php', 'pagenav' => COM_printPageNavigation($_MG_CONF['admin_url'] . '/createmembers.php', $page + 1, ceil($total_records / 50)))); $T->parse('output', 'admin'); $retval .= $T->finish($T->get_var('output')); return $retval; }
/** * Returns array of ( * 'id' => $id (string), * 'title' => $title (string), * 'uri' => $uri (string), * 'date' => $date (int: Unix timestamp), * 'image_uri' => $image_uri (string), * 'raw_data' => raw data of the item (stripslashed) * ) */ public function getItemById($id, $all_langs = FALSE) { global $_CONF, $_TABLES; $retval = array(); $sql = "SELECT * " . "FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '" . addslashes($id) . "') "; if ($this->_isSP162) { $sql .= "AND (draft_flag = 0) "; } if (!Dataproxy::isRoot()) { $sql .= COM_getPermSql('AND', Dataproxy::uid()); } $result = DB_query($sql); if (DB_error()) { return $retval; } if (DB_numRows($result) == 1) { $A = DB_fetchArray($result, FALSE); $A = array_map('stripslashes', $A); $retval['id'] = $id; $retval['title'] = $A['sp_title']; $retval['uri'] = COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . rawurlencode($id)); $retval['date'] = Dataproxy::$isGL170 ? strtotime($A['modified']) : strtotime($A['sp_date']); $retval['image_uri'] = FALSE; $retval['raw_data'] = $A; } return $retval; }
/** * Update array if need be with correct topic. * * @param array $A Array of articles from db * @param string $tid_list List of child topics of current topic */ function fixTopic(&$A, $tid_list) { global $_TABLES, $topic; if (!empty($topic)) { // This case may happen if a article belongs to the current topic but the default topic for the article is a child of the current topic. $sql = "SELECT t.topic, t.imageurl\n FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta\n WHERE t.tid = ta.tid\n AND ta.type = 'article' AND ta.id = '{$A['sid']}' AND ta.tid = '{$topic}'\n " . COM_getLangSQL('tid', 'AND', 't') . COM_getPermSQL('AND', 0, 2, 't'); $result = DB_query($sql); $nrows = DB_numRows($result); if ($nrows > 0) { $B = DB_fetchArray($result); $A['topic'] = $B['topic']; $A['imageurl'] = $B['imageurl']; } else { // Does not belong to current topic so check inherited // Make sure sort order the same as in TOPIC_getTopic or articles with multiple topics might not display in the right topic when clicked $sql = "SELECT t.topic, t.imageurl\n FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta\n WHERE t.tid = ta.tid\n AND ta.type = 'article' AND ta.id = '{$A['sid']}'\n AND (ta.tid IN({$tid_list}) AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$topic}')))\n " . COM_getLangSQL('tid', 'AND', 't') . COM_getPermSQL('AND', 0, 2, 't') . "\n ORDER BY ta.tdefault DESC, ta.tid ASC"; $result = DB_query($sql); $nrows = DB_numRows($result); if ($nrows > 0) { $B = DB_fetchArray($result); $A['topic'] = $B['topic']; $A['imageurl'] = $B['imageurl']; } } } }
function view() { global $_CONF, $_TABLES; $retval = ''; $sql = "SELECT L.tag_id, L.tag, COUNT(m.tag_id) AS cnt, L.hits " . "FROM {$_TABLES['tag_list']} AS L " . "LEFT JOIN {$_TABLES['tag_map']} AS m " . "ON L.tag_id = m.tag_id " . "GROUP BY m.tag_id " . "ORDER BY cnt DESC, tag"; $result = DB_query($sql); if (DB_error()) { return $retval . '<p>' . TAG_str('db_error') . '</p>'; } else { if (DB_numRows($result) == 0) { return $retval . '<p>' . TAG_str('no_tag') . '</p>'; } } $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('stats', 'admin_stats.thtml'); $T->set_var('xhtml', XHTML); $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php')); $T->set_var('lang_desc_admin_stats', TAG_str('desc_admin_stats')); $T->set_var('lang_lbl_tag', TAG_str('lbl_tag')); $T->set_var('lang_lbl_count', TAG_str('lbl_count')); $T->set_var('lang_lbl_hit_count', TAG_str('lbl_hit_count')); $T->set_var('lang_delete_checked', TAG_str('delete_checked')); $T->set_var('lang_ban_checked', TAG_str('ban_checked')); $sw = 1; $body = ''; while (($A = DB_fetchArray($result)) !== false) { $tag_id = $A['tag_id']; $body .= '<tr class="pluginRow' . $sw . '">' . '<td><input id="tag' . TAG_escape($tag_id) . '" name="tag_ids[]" ' . 'type="checkbox" value="' . TAG_escape($A['tag_id']) . '"' . XHTML . '><label for="tag' . TAG_escape($tag_id) . '">' . TAG_escape($A['tag']) . '</label></td>' . '<td style="text-align: right;">' . TAG_escape($A['cnt']) . '</td><td style="text-align: right;">' . TAG_escape($A['hits']) . '</td></tr>' . LB; $sw = $sw == 1 ? 2 : 1; } $T->set_var('body', $body); $T->parse('output', 'stats'); $retval = $T->finish($T->get_var('output')); return $retval; }
function MG_displaySessions() { global $_CONF, $_MG_CONF, $_TABLES, $LANG_MG01; $retval = ''; $T = new Template($_MG_CONF['template_path']); $T->set_file('sessions', 'sessions.thtml'); $T->set_var(array('site_url' => $_CONF['site_url'], 'xhtml' => XHTML, 's_form_action' => $_MG_CONF['admin_url'] . 'sessions.php', 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all'], 'lang_session_description' => $LANG_MG01['description'], 'lang_session_owner' => $LANG_MG01['owner'], 'lang_session_count' => $LANG_MG01['count'], 'lang_action' => $LANG_MG01['action'])); $T->set_block('sessions', 'sessItems', 'sItems'); $sql = "SELECT * FROM {$_TABLES['mg_sessions']} WHERE session_status=1"; $result = DB_query($sql); $numRows = DB_numRows($result); $rowclass = 0; if ($numRows == 0) { // we have no active sessions $T->set_var('lang_no_sessions', $LANG_MG01['no_sessions']); $T->set_var('noitems', true); $T->set_var('sItems', ''); } else { $totalSess = $numRows; $T->set_block('sessions', 'sessRow', 'sRow'); for ($x = 0; $x < $numRows; $x++) { $row = DB_fetchArray($result); $res2 = DB_query("SELECT COUNT(id) FROM {$_TABLES['mg_session_items']} " . "WHERE session_id='" . $row['session_id'] . "' AND status=0"); list($count) = DB_fetchArray($res2); $T->set_var(array('row_class' => $rowclass % 2 ? '2' : '1', 'session_id' => $row['session_id'], 'session_owner' => DB_getItem($_TABLES['users'], 'username', "uid={$row['session_uid']}"), 'session_description' => $row['session_description'], 'session_continue' => $_MG_CONF['site_url'] . '/batch.php?mode=continue&sid=' . $row['session_id'] . '&limit=0', 'count' => $count)); $T->parse('sRow', 'sessRow', true); $rowclass++; } $T->parse('sItems', 'sessItems'); } $retval .= $T->finish($T->parse('output', 'sessions')); return $retval; }
/** * Here we do the work */ public function execute($comment) { global $_CONF, $_TABLES, $_USER, $LANG_SX00; if (isset($_USER['uid']) && $_USER['uid'] > 1) { $uid = $_USER['uid']; } else { $uid = 1; } /** * Include Blacklist Data */ $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='Personal'", 1); $nrows = DB_numRows($result); // named entities $comment = html_entity_decode($comment); // decimal notation $comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment); // hex notation $comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment); $ans = 0; for ($i = 1; $i <= $nrows; $i++) { list($val) = DB_fetchArray($result); $val = str_replace('#', '\\#', $val); if (preg_match("#{$val}#i", $comment)) { $ans = 1; // quit on first positive match SPAMX_log($LANG_SX00['foundspam'] . $val . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']); break; } } return $ans; }
/** * Plugin function to delete a comment * $cid Comment to be deleted * $id Item id to which $cid belongs * */ function _mg_deletecomment($cid, $id) { global $_CONF, $_MG_CONF, $_TABLES, $MG_albums; // find the album that holds this peice of media $sql = "SELECT album_id FROM {$_TABLES['mg_media_albums']} WHERE media_id='" . DB_escapeString($id) . "'"; $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $aid = $row['album_id']; if ($MG_albums[0]->owner_id) { $access = 3; } else { $access = $MG_albums[$aid]->access; } } else { $access = 0; } if ($access == 3 || SEC_hasRights('mediagallery.admin')) { if (CMT_deleteComment($cid, $id, 'mediagallery') == 0) { //reduce count in media table $comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($id), 'mediagallery')); DB_change($_TABLES['mg_media'], 'media_comments', $comments, 'media_id', DB_escapeString($id)); // Now redirect the program flow to the view of the file and its comments return COM_refresh($_MG_CONF['site_url'] . "/media.php?s={$id}"); } else { return false; } } else { return false; } }
function view() { global $_CONF, $_TABLES; $body = ''; $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('badword', 'admin_badword.thtml'); $T->set_var('xhtml', XHTML); $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php')); $T->set_var('lang_desc_admin_badword', TAG_str('desc_admin_badword')); $T->set_var('lang_add', TAG_str('add')); $T->set_var('lang_lbl_tag', TAG_str('lbl_tag')); $T->set_var('lang_delete_checked', TAG_str('delete_checked')); $sql = "SELECT * FROM {$_TABLES['tag_badwords']}"; $result = DB_query($sql); if (DB_error()) { return $retval . '<p>' . TAG_str('db_error') . '</p>'; } else { if (DB_numRows($result) == 0) { $T->set_var('msg', '<p>' . TAG_str('no_badword') . '</p>'); } else { $sw = 1; while (($A = DB_fetchArray($result)) !== false) { $word = TAG_escape($A['badword']); $body .= '<tr><td>' . '<input id="' . $word . '" name="words[]" type="checkbox" ' . 'value="' . $word . '"><label for="' . $word . '">' . $word . '</label></td></tr>' . LB; $sw = $sw == 1 ? 2 : 1; } } } $T->set_var('body', $body); $T->parse('output', 'badword'); $retval = $T->finish($T->get_var('output')); return $retval; }
function MG_saveEnroll() { global $_CONF, $_MG_CONF, $_MG_USERPREFS, $_TABLES, $_USER, $LANG_MG03; if ($_MG_CONF['member_albums'] != 1) { echo COM_refresh($_MG_CONF['site_url'] . '/index.php'); exit; } if (!isset($_MG_CONF['member_quota'])) { $_MG_CONF['member_quota'] = 0; } $sql = "SELECT album_id FROM {$_TABLES['mg_albums']} WHERE owner_id=" . (int) $_USER['uid'] . " AND album_parent=" . $_MG_CONF['member_album_root']; $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $display = MG_siteHeader(); $display .= COM_showMessageText($LANG_MG03['existing_member_album'], '', true); $display .= MG_siteFooter(); echo $display; exit; } $uid = (int) $_USER['uid']; $aid = plugin_user_create_mediagallery($uid, 1); $result = DB_query("UPDATE {$_TABLES['mg_userprefs']} SET member_gallery=1,quota=" . $_MG_CONF['member_quota'] . " WHERE uid=" . $uid, 1); $affected = DB_affectedRows($result); if (DB_error()) { $sql = "INSERT INTO {$_TABLES['mg_userprefs']} (uid, active, display_rows, display_columns, mp3_player, playback_mode, tn_size, quota, member_gallery) VALUES (" . $uid . ",1,0,0,-1,-1,-1," . $_MG_CONF['member_quota'] . ",1)"; DB_query($sql, 1); } CACHE_remove_instance('menu'); echo COM_refresh($_MG_CONF['site_url'] . '/album.php?aid=' . $aid); exit; }
/** * Add "root" category and fix categories * */ function links_update_set_categories() { global $_TABLES, $_LI_CONF; if (empty($_LI_CONF['root'])) { $_LI_CONF['root'] = 'site'; } $root = DB_escapeString($_LI_CONF['root']); DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid, pid, category, description, tid, created, modified, group_id, owner_id, perm_owner, perm_group, perm_members, perm_anon) VALUES ('{$root}', 'root', 'Root', 'Website root', NULL, NOW(), NOW(), 5, 2, 3, 3, 2, 2)"); // get Links admin group number $group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Links Admin'"); // loop through adding to category table, then update links table with cids $result = DB_query("SELECT DISTINCT cid AS category FROM {$_TABLES['links']}"); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); $category = DB_escapeString($A['category']); $cid = $category; DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid,pid,category,description,tid,owner_id,group_id,created,modified) VALUES ('{$cid}','{$root}','{$category}','{$category}','all',2,'{$group_id}',NOW(),NOW())", 1); if ($cid != $category) { // still experimenting ... DB_query("UPDATE {$_TABLES['links']} SET cid='{$cid}' WHERE cid='{$category}'", 1); } if (DB_error()) { echo "Error inserting categories into linkcategories table"; return false; } } }
/** * Here we do the work */ public function execute($comment) { global $_CONF, $_TABLES, $LANG_SX00; $uid = $this->getUid(); /** * Check for IP of url in blacklist */ /* * regex to find urls $2 = fqd */ $regx = '(ftp|http|file)://([^/\\s]+)'; $num = preg_match_all("#{$regx}#", html_entity_decode($comment), $urls); $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='IPofUrl'", 1); $nrows = DB_numRows($result); $ans = PLG_SPAM_NOT_FOUND; for ($j = 1; $j <= $nrows; $j++) { list($val) = DB_fetchArray($result); for ($i = 0; $i < $num; $i++) { $ip = gethostbyname($urls[2][$i]); if ($val == $ip) { $ans = PLG_SPAM_FOUND; // quit on first positive match $this->updateStat('IPofUrl', $val); SPAMX_log($LANG_SX00['foundspam'] . $urls[2][$i] . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']); break; } } if ($ans == PLG_SPAM_FOUND) { break; } } return $ans; }
function MG_adminEXIF() { global $_TABLES, $_MG_CONF, $_CONF, $LANG_MG01, $LANG_MG04; $retval = ''; $T = new Template($_MG_CONF['template_path'] . '/admin/'); $T->set_file('admin', 'exif_tags.thtml'); $T->set_var('site_url', $_CONF['site_url']); $T->set_var('site_admin_url', $_CONF['site_admin_url']); $T->set_block('admin', 'exifRow', 'eRow'); $sql = "SELECT * FROM {$_TABLES['mg_exif_tags']}"; $result = DB_query($sql); $nRows = DB_numRows($result); for ($i = 0; $i < $nRows; $i++) { $row = DB_fetchArray($result); $properties[] = $row['name']; $tag[$row['name']][] = $row['selected']; } $exifKeys = getExifKeys(); $x = 0; foreach ($properties as $property) { $title = $exifKeys[$property][0]; $T->set_var(array('exif_tag' => $title, 'selected' => $tag[$property][0] ? ' checked="checked"' : '', 'tag' => $property, 'rowcounter' => $x % 2)); $T->parse('eRow', 'exifRow', true); $x++; } $T->set_var(array('lang_select' => $LANG_MG01['select'], 'lang_exiftag' => $LANG_MG01['exiftag'], 'lang_exif_admin_help' => $LANG_MG01['exif_admin_help'], 'lang_check_all' => $LANG_MG01['check_all'], 'lang_uncheck_all' => $LANG_MG01['uncheck_all'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 's_form_action' => $_MG_CONF['admin_url'] . 'exif_admin.php')); $T->parse('output', 'admin'); $retval .= $T->finish($T->get_var('output')); return $retval; }
function MG_saveEnroll() { global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG03; if ($_MG_CONF['member_albums'] != 1) { echo COM_refresh($_MG_CONF['site_url'] . '/index.php'); exit; } if (!isset($_MG_CONF['member_quota'])) { $_MG_CONF['member_quota'] = 0; } $sql = "SELECT album_id FROM {$_TABLES['mg_albums']} " . "WHERE owner_id=" . intval($_USER['uid']) . " AND album_parent=" . intval($_MG_CONF['member_album_root']); $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $display = COM_startBlock('', '', COM_getBlockTemplate('_msg_block', 'header')); $display .= $LANG_MG03['existing_member_album']; $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $display = MG_createHTMLDocument($display); COM_output($display); exit; } $uid = $_USER['uid']; $aid = plugin_user_create_mediagallery($uid, 1); DB_change($_TABLES['mg_userprefs'], 'member_gallery', 1, 'uid', $uid); DB_change($_TABLES['mg_userprefs'], 'quota', intval($_MG_CONF['member_quota']), 'uid', $uid); if (DB_error()) { $sql = "INSERT INTO {$_TABLES['mg_userprefs']} " . "(uid, active, display_rows, display_columns, mp3_player, playback_mode, tn_size, quota, member_gallery) " . "VALUES (" . $uid . ",1,0,0,-1,-1,-1," . intval($_MG_CONF['member_quota']) . ",1)"; DB_query($sql, 1); } echo COM_refresh($_MG_CONF['site_url'] . '/album.php?aid=' . $aid); exit; }
function forum_admin_list() { global $_TABLES, $LANG_ADMIN, $LANG_GF00, $LANG_GF91, $LANG_GF06, $_CONF, $_FF_CONF; USES_lib_admin(); $retval = ''; $selected = ''; $menu_arr = array(); $admin_list = new Template($_CONF['path'] . 'plugins/forum/templates/admin/'); $admin_list->set_file('admin-list', 'index.thtml'); $admin_list->set_var('block_start', COM_startBlock($LANG_GF91['gfstats'])); $menu_arr = FF_adminNav($LANG_GF06['1']); $admin_list->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_GF00['instructions'], $_CONF['site_url'] . '/forum/images/forum.png')); // CATEGORIES $numcats = DB_query("SELECT id FROM {$_TABLES['ff_categories']}"); $totalcats = DB_numRows($numcats); // FORUMS $numforums = DB_query("SELECT forum_id FROM {$_TABLES['ff_forums']}"); $totalforums = DB_numRows($numforums); // TOPICS $numtopics = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE pid = 0"); $totaltopics = DB_numRows($numtopics); // POSTS $numposts = DB_query("SELECT id FROM {$_TABLES['ff_topic']}"); $totalposts = DB_numRows($numposts); // VIEWS $numviews = DB_query("SELECT SUM(views) AS TOTAL FROM {$_TABLES['ff_topic']}"); $totalviews = DB_fetchArray($numviews); // AVERAGE POSTS if ($totalposts != 0) { $avgcposts = $totalposts / $totalcats; $avgcposts = round($avgcposts); $avgfposts = $totalposts / $totalforums; $avgfposts = round($avgfposts); $avgtposts = $totalposts / $totaltopics; $avgtposts = round($avgtposts); } else { $avgcposts = 0; $avgfposts = 0; $avgtposts = 0; } // AVERAGE VIEWS if ($totalviews['TOTAL'] != 0) { $avgcviews = $totalviews['TOTAL'] / $totalcats; $avgcviews = round($avgcviews); $avgfviews = $totalviews['TOTAL'] / $totalforums; $avgfviews = round($avgfviews); $avgtviews = $totalviews['TOTAL'] / $totaltopics; $avgtviews = round($avgtviews); } else { $avgcviews = 0; $avgfviews = 0; $avgtviews = 0; } $admin_list->set_var(array('statsmsg' => $LANG_GF91['statsmsg'], 'totalcatsmsg' => $LANG_GF91['totalcats'], 'totalcats' => $totalcats, 'totalforumsmsg' => $LANG_GF91['totalforums'], 'totalforums' => $totalforums, 'totaltopicsmsg' => $LANG_GF91['totaltopics'], 'totaltopics' => $totaltopics, 'totalpostsmsg' => $LANG_GF91['totalposts'], 'totalposts' => $totalposts, 'totalviewsmsg' => $LANG_GF91['totalviews'], 'totalviews' => $totalviews['TOTAL'], 'category' => $LANG_GF91['category'], 'forum' => $LANG_GF91['forum'], 'topic' => $LANG_GF91['topic'], 'avgpmsg' => $LANG_GF91['avgpmsg'], 'avgcposts' => $avgcposts, 'avgfposts' => $avgfposts, 'avgtposts' => $avgtposts, 'avgvmsg' => $LANG_GF91['avgvmsg'], 'avgcviews' => $avgcviews, 'avgfviews' => $avgfviews, 'avgtviews' => $avgtviews)); $admin_list->set_var('block_end', COM_endBlock()); $admin_list->parse('output', 'admin-list'); $retval .= $admin_list->finish($admin_list->get_var('output')); return $retval; }
function MG_getItems($mode = 'sv') { global $MG_albums, $_TABLES, $_MG_CONF; $retval = ''; $aid = 0; if (isset($_REQUEST['aid'])) { $aid = COM_applyFilter($_REQUEST['aid'], true); } $src = 'disp'; if (isset($_REQUEST['src'])) { $src = COM_applyFilter($_REQUEST['src']); } $type = 'mini'; if (isset($_REQUEST['type'])) { $type = COM_applyFilter($_REQUEST['type']); } if ($src != 'disp' && $src != 'orig') { $src = 'tn'; } if ($type != 'full' || $type != 'mini') { $type = 'mini'; } if (isset($MG_albums[$aid]->id)) { if ($MG_albums[$aid]->access >= 1) { $orderBy = MG_getSortOrder($aid, 0); $sql = "SELECT * FROM {$_TABLES['mg_media_albums']} as ma INNER JOIN " . $_TABLES['mg_media'] . " as m " . " ON ma.media_id=m.media_id WHERE ma.album_id=" . (int) $aid . " AND m.include_ss=1 " . $orderBy; $result = DB_query($sql); $nRows = DB_numRows($result); $mediaRows = 0; if ($nRows > 0) { while ($row = DB_fetchArray($result)) { if ($row['media_type'] == 0) { foreach ($_MG_CONF['validExtensions'] as $ext) { if (file_exists($_MG_CONF['path_mediaobjects'] . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext)) { $PhotoURL = $_MG_CONF['mediaobjects_url'] . '/' . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext; $PhotoPath = $_MG_CONF['path_mediaobjects'] . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext; break; } } if ($row['remote_url'] != '') { $viewURL = $row['remote_url']; } else { $viewURL = $_MG_CONF['site_url'] . "/media.php?s=" . $row['media_id']; } $imgsize = @getimagesize($PhotoPath); if ($imgsize == false && $row['remote_media'] != 1) { continue; } if ($row['remote_media'] == 1) { $PhotoURL = $row['remote_url']; } $retval .= '<slide src="' . $PhotoURL . '" caption="' . htmlentities(strip_tags($row['media_title']), ENT_QUOTES, COM_getEncodingt()) . '"/>' . "\n"; } } } } return $retval; } }
function subscribe_topic() { global $_CONF, $_FF_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02; $retval = ''; if (COM_isAnonUser()) { $retval['statusMessage'] = 'Invalid Request'; $retval['errorCode'] = 1; $return["json"] = json_encode($retval); echo json_encode($return); exit; } $forum = COM_applyFilter($_POST['id'], true); $topic = COM_applyFilter($_POST['topic_id'], true); $notify_id = COM_applyFilter($_POST['notify_id'], true); $sql = "SELECT * FROM {$_TABLES['subscriptions']}\n WHERE ((type='forum' AND id=" . (int) $topic . ") AND (uid=" . (int) $_USER['uid'] . ")\n OR "; $sql .= "((type='forum' AND category=" . (int) $forum . ") AND (id=0) and (uid=" . (int) $_USER['uid'] . ")))"; $notifyquery = DB_query("{$sql}"); $pid = DB_getItem($_TABLES['ff_topic'], 'pid', "id=" . (int) $topic); if ($pid == 0) { $pid = $topic; } $ntopic = -$topic; if (DB_numRows($notifyquery) > 0) { $A = DB_fetchArray($notifyquery); if ($A['id'] == 0) { // User has subscribed to complete forum // Check and see if user has a non-subscribe record for this topic id $query = DB_query("SELECT sub_id FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $_USER['uid'] . " AND category=" . (int) $forum . " AND id = " . $ntopic); if (DB_numRows($query) > 0) { list($watchrec) = DB_fetchArray($query); DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $watchrec); $retval['statusMessage'] = $LANG_GF02['msg142']; } else { $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum); $topic_name = DB_getItem($_TABLES['ff_topic'], 'subject', 'id=' . (int) $pid); DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum'," . (int) $forum . ",'" . DB_escapeString($forum_name) . "'," . (int) $pid . ",'" . DB_escapeString($topic_name) . "'," . (int) $_USER['uid'] . ",now() )"); $retval['statusMessage'] = $LANG_GF02['msg142']; } } else { $retval['statusMessage'] = $LANG_GF02['msg40']; } } else { $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum); $topic_name = DB_getItem($_TABLES['ff_topic'], 'subject', 'id=' . (int) $pid); DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum'," . (int) $forum . ",'" . DB_escapeString($forum_name) . "'," . (int) $pid . ",'" . DB_escapeString($topic_name) . "'," . (int) $_USER['uid'] . ",now() )"); $nid = -$notify_id; DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $_USER['uid'] . " AND category=" . (int) $forum . " AND id = " . $nid); $retval['statusMessage'] = $LANG_GF02['msg142']; } $retval['errorCode'] = 0; $retval['icon'] = 'uk-icon-bookmark'; $retval['subOption'] = 'unsubscribe_topic'; $retval['label'] = $LANG_GF01['unSubscribeLink']; $return["json"] = json_encode($retval); echo json_encode($return); exit; }
function doValidLogin($login) { global $_CONF, $_TABLES, $status, $uid; // Remote auth precludes usersubmission, // and integrates user activation, see?; $status = USER_ACCOUNT_ACTIVE; // PHP replaces "." with "_" $openid_identity = DB_escapeString($this->query['openid_identity']); $openid_nickname = ''; if (isset($this->query['openid_sreg_nickname'])) { $openid_nickname = $this->query['openid_sreg_nickname']; } // Check if that account is already registered. $result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'"); $tmp = DB_error(); $nrows = DB_numRows($result); if (!($tmp == 0) || !($nrows == 1)) { // First time login with this OpenID, creating account... if ($_CONF['disable_new_user_registration']) { // not strictly correct - just to signal a failed login attempt $status = USER_ACCOUNT_DISABLED; $uid = 0; return; } if (empty($openid_nickname)) { $openid_nickname = $this->makeUsername($this->query['openid_identity']); } // we simply can't accept empty usernames ... if (empty($openid_nickname)) { COM_errorLog('Got an empty username for ' . $openid_identity); // not strictly correct - just to signal a failed login attempt $status = USER_ACCOUNT_DISABLED; $uid = 0; return; } // Ensure that remoteusername is unique locally. $openid_nickname = USER_uniqueUsername($openid_nickname); $openid_sreg_email = ''; if (isset($this->query['openid_sreg_email'])) { $openid_sreg_email = $this->query['openid_sreg_email']; } $openid_sreg_fullname = ''; if (isset($this->query['openid_sreg_fullname'])) { $openid_sreg_fullname = $this->query['openid_sreg_fullname']; } USER_createAccount($openid_nickname, $openid_sreg_email, '', $openid_sreg_fullname, '', $this->query['openid_identity'], 'openid'); $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice = 'openid'"); // Store full remote account name: DB_query("UPDATE {$_TABLES['users']} SET remoteusername = '******', remoteservice = 'openid', status = 3 WHERE uid = {$uid}"); // Add to remote users: $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})"); } else { $result = DB_query("SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'"); list($uid, $status) = DB_fetchArray($result); } }
function MG_getUserActive($uid) { global $_TABLES; $result = DB_query("SELECT active FROM {$_TABLES['mg_userprefs']} WHERE uid=" . (int) $uid); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); return $row['active']; } return 0; }
function fncComment($id) { global $_CONF; global $_TABLES; // $order = ''; if (isset($_REQUEST['order'])) { $order = COM_applyFilter($_REQUEST['order']); } $mode = ''; if (isset($_REQUEST['mode'])) { $mode = COM_applyFilter($_REQUEST['mode']); } $page = 1; if (isset($_REQUEST['cpage'])) { $page = COM_applyFilter($_REQUEST['cpage']); } // $tbl = $_TABLES['USERBOX_base']; //----- $sql = "SELECT "; $sql .= "commentcode "; $sql .= ",owner_id"; $sql .= ",group_id"; $sql .= ",perm_owner"; $sql .= ",perm_group"; $sql .= ",perm_members"; $sql .= ",perm_anon"; $sql .= " FROM "; $sql .= " {$tbl} AS t "; //base $sql .= " WHERE "; $sql .= " id=" . $id; $sql .= " AND t.draft_flag=0" . LB; //アクセス権のないデータ はのぞく $sql .= COM_getPermSql('AND'); //公開日以前のデータはのぞく $sql .= " AND (released <= NOW())"; //公開終了日を過ぎたデータはのぞく $sql .= " AND (expired=0 OR expired > NOW())"; // $result = DB_query($sql); $numrows = DB_numRows($result); if ($numrows > 0) { $A = DB_fetchArray($result); $A = array_map('stripslashes', $A); if ($A['commentcode'] >= 0) { $delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false; require_once $_CONF['path_system'] . 'lib-comment.php'; $retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']); } } return $retval; }
/** * Constructor */ function display() { global $_CONF, $_TABLES, $LANG_SX00; $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } elseif (isset($_POST['paction'])) { $action = $_POST['paction']; } if ($action == 'delete' && SEC_checkToken()) { $entry = $_GET['entry']; if (!empty($entry)) { $dbentry = addslashes($entry); DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry)); } } elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) { $entry = ''; $name = COM_applyFilter($_REQUEST['header-name']); $n = explode(':', $name); $name = $n[0]; $value = $_REQUEST['header-value']; if (!empty($name) && !empty($value)) { $entry = $name . ': ' . $value; } $dbentry = addslashes($entry); if (!empty($entry)) { $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')"); } } $token = SEC_createToken(); $display = '<hr' . XHTML . '>' . LB . '<p><b>'; $display .= $LANG_SX00['headerblack']; $display .= '</b></p>' . LB . '<ul>' . LB; $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value"); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { list($e) = DB_fetchArray($result); $display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB; } $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB; $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB; $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB; $display .= '<table border="0" width="100%">' . LB; $display .= '<tr><td align="right"><b>Header:</b></td>' . LB; $display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB; $display .= '<tr><td align="right"><b>Content:</b></td>' . LB; $display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB; $display .= '</table>' . LB; $display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>'; $display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB; $display .= '</form>' . LB; return $display; }
function MG_rebuildThumb() { global $_MG_CONF, $LANG_MG01; $sql = MG_buildMediaSql(array('where' => "m.media_type = 0", 'sortorder' => -1)); $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $actionURL = $_MG_CONF['admin_url'] . 'index.php'; $session_description = $LANG_MG01['rebuild_thumb']; $session_id = MG_beginSession('rebuildthumb', $actionURL, $session_description); for ($x = 0; $x < $nRows; $x++) { $row = DB_fetchArray($result); $srcImage = ''; $imageDisplay = ''; $mfn = $row['media_filename'][0] . '/' . $row['media_filename']; if ($_MG_CONF['discard_original'] == 1) { $ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn); if (!empty($ext)) { $srcImage = $_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn . $ext; $imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext; $row['mime_type'] = ''; } } else { $ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'orig/' . $mfn); if (!empty($ext)) { $srcImage = $_MG_CONF['path_mediaobjects'] . 'orig/' . $mfn . $ext; $imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext; } } if ($srcImage == '' || !file_exists($srcImage)) { $ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn); if (!empty($ext)) { $srcImage = $_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn . $ext; $imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext; $row['mime_type'] = ''; $row['media_mime_ext'] = $ext; } } if ($srcImage == '') { continue; } MG_registerSession(array('session_id' => $session_id, 'mid' => $row['mime_type'], 'aid' => $row['album_id'], 'data' => $srcImage, 'data2' => $imageDisplay, 'data3' => $row['media_mime_ext'])); } $display = MG_continueSession($session_id, 0, $_MG_CONF['def_refresh_rate']); $display = COM_createHTMLDocument($display); COM_output($display); exit; } else { echo COM_refresh($_MG_CONF['admin_url'] . 'index.php?msg=7'); exit; } }
/** * Constructor */ function display() { global $_CONF, $_TABLES, $LANG_SX00; $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } elseif (isset($_POST['paction'])) { $action = $_POST['paction']; } $entry = ''; if (isset($_GET['entry'])) { $entry = COM_stripslashes($_GET['entry']); } elseif (isset($_POST['pentry'])) { $entry = COM_stripslashes($_POST['pentry']); } if ($action == 'delete' && SEC_checkToken()) { $entry = DB_escapeString($entry); DB_delete($_TABLES['spamx'], array('name', 'value'), array('Personal', $entry)); } elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) { if (!empty($entry)) { $entry = DB_escapeString($entry); $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')"); } } elseif ($action == $LANG_SX00['addcen'] && SEC_checkToken()) { foreach ($_CONF['censorlist'] as $entry) { $entry = DB_escapeString($entry); $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')"); } } $token = SEC_createToken(); $display = '<hr' . XHTML . '>' . LB . '<p><b>'; $display .= $LANG_SX00['pblack']; $display .= '</b></p>' . LB . '<ul>' . LB; $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'Personal'"); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); $e = $A['value']; $display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB; } $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB; $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB; $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList">' . LB; $display .= '<div><input type="text" size="30" name="pentry"' . XHTML . '> '; $display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>' . LB; $display .= '<p>' . $LANG_SX00['e3'] . '</p> '; $display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addcen'] . '"' . XHTML . '>' . LB; $display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '>' . LB; $display .= '</div></form>' . LB; return $display; }
/** * Automatic uninstall function for plugins * * @return array * * This code is automatically uninstalling the plugin. * It passes an array to the core code function that removes * tables, groups, features and php blocks from the tables. * Additionally, this code can perform special actions that cannot be * foreseen by the core code (interactions with other plugins for example) * */ function plugin_autouninstall_nexfile() { global $_TABLES, $_CONF; require_once $_CONF['path_system'] . 'nexpro/classes/tagcloud.class.php'; $query = DB_query("SELECT itemid FROM {$_TABLES['tagworditems']} WHERE type = 'nexfile'"); if (DB_numRows($query) > 0) { $tagcloud = new nexfileTagCloud(); while ($A = DB_fetchArray($query)) { $tagcloud->clear_tags($A['itemid']); } } $out = array('tables' => array('nxfile_access', 'nxfile_categories', 'nxfile_files', 'nxfile_filedetail', 'nxfile_fileversions', 'nxfile_notifications', 'nxfile_filesubmissions', 'auditlog', 'nxfile_favorites', 'nxfile_recentfolders', 'nxfile_downloads', 'nxfile_usersettings', 'nxfile_notificationlog', 'nxfile_import_queue', 'nxfile_export_queue'), 'groups' => array('nexfile Admin'), 'features' => array('nexfile.admin', 'nexfile.edit', 'nexfile.user'), 'php_blocks' => array('phpblock_nexfile_latestfiles'), 'vars' => array('nexfile_admin')); return $out; }
/** * Add passwords for OAuth and OpenID users * */ function update_UsersFor180() { global $_CONF, $_TABLES; require_once $_CONF['path_system'] . 'lib-security.php'; require_once $_CONF['path_system'] . 'lib-user.php'; $passwords = array(); $sql = "SELECT uid FROM {$_TABLES['users']} WHERE (remoteservice IS NOT NULL OR remoteservice != '') AND passwd = ''"; $result = DB_query($sql); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); $passwords = USER_createPassword($A['uid']); } }
function updaterating($sel_id) { global $_FM_TABLES; $sel_id = intval($sel_id); $voteresult = DB_query("SELECT rating FROM {$_FM_TABLES['filemgmt_votedata']} WHERE lid = '{$sel_id}'"); $votesDB = DB_numRows($voteresult); $totalrating = 0; if ($votesDB > 0) { while (list($rating) = DB_fetchArray($voteresult)) { $totalrating += $rating; } $finalrating = $totalrating / $votesDB; } $finalrating = number_format($finalrating, 4); DB_query("UPDATE {$_FM_TABLES['filemgmt_filedetail']} SET rating='{$finalrating}', votes='{$votesDB}' WHERE lid = '{$sel_id}'"); }
function DLM_updaterating($sel_id) { global $_TABLES; $sel_id = addslashes($sel_id); $voteresult = DB_query("SELECT rating FROM {$_TABLES['downloadvotes']} " . "WHERE lid = '{$sel_id}'"); $votesDB = DB_numRows($voteresult); $totalrating = 0; if ($votesDB > 0) { while (list($rating) = DB_fetchArray($voteresult)) { $totalrating += $rating; } $finalrating = $totalrating / $votesDB; } $finalrating = number_format($finalrating, 4); DB_query("UPDATE {$_TABLES['downloads']} " . "SET rating='{$finalrating}', votes='{$votesDB}' " . "WHERE lid = '{$sel_id}'"); }
function MG_saveUser() { global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $_POST; $uid = COM_applyFilter($_POST['uid'], true); $quota = COM_applyFilter($_POST['quota'], true) * 1048576; $active = COM_applyFilter($_POST['active'], true); $result = DB_query("SELECT uid FROM {$_TABLES['mg_userprefs']} WHERE uid=" . $uid); $nRows = DB_numRows($result); if ($nRows > 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET quota=" . $quota . ",active=" . $active . " WHERE uid=" . $uid, 1); } else { DB_query("INSERT INTO {$_TABLES['mg_userprefs']} SET uid=" . $uid . ", quota=" . $quota . ",active=" . $active, 1); } echo COM_refresh($_MG_CONF['admin_url'] . 'quotareport.php'); exit; }