function check_session()
{
if (!@$_COOKIE[cfg('auth_int_cookie_name')]) {
return false;
}
$cd = explode(':', @base64_decode($_COOKIE[cfg('auth_int_cookie_name')]));
if (!@$cd[0] || !@$cd[1]) {
return false;
}
$uid = intval($cd[0]);
$kid = base64_decode($cd[1]);
# Check session...
$data = ldb_select('user', '*', '`id`=\'' . $uid . '\' AND `login_key`=\'' . md5($kid) . '\' LIMIT 1');
if (!$data) {
return false;
}
# Login ok!
$data = $data[0];
# Check status
if ($data['status'] != 'ACTIVE') {
return false;
}
# Update DB
ldb_update_by_id('user', $data['id'], array('last_login' => time(), 'last_ip' => ip2long($_SERVER['REMOTE_ADDR'])));
# Update cookie
setcookie(cfg('auth_int_cookie_name'), $_COOKIE[cfg('auth_int_cookie_name')], time() + intval(cfg('auth_int_session_time')), '/', COOKIE_DOMAIN);
# Set global user data
$GLOBALS['user'] = array();
$GLOBALS['user']['id'] = $data['id'];
$GLOBALS['user']['name'] = $data['name'];
$GLOBALS['user']['login'] = $data['mail'];
$GLOBALS['user']['logged'] = true;
$GLOBALS['user']['is_admin'] = @$data['is_admin'];
$GLOBALS['user']['adm_pages'] = @$data['adm_pages'] == 'Y';
$GLOBALS['user']['adm_users'] = @$data['adm_users'] == 'Y';
$GLOBALS['user']['adm_faq'] = @$data['adm_faq'] == 'Y';
$GLOBALS['user']['tmz'] = @$data['tmz'];
$GLOBALS['user']['lk'] = md5($_COOKIE[cfg('auth_int_cookie_name')]);
$GLOBALS['user']['max_file'] = intval(@$data['max_file']);
$GLOBALS['user']['max_total'] = intval(@$data['max_total']);
}
function get_final()
{
# Okay, remove th SID
@unlink(ROOT_PATH . '/tmp/sid/' . md5($this->sid));
# Check upload data
$u_data = ldb_select_one('upload', '*', $this->sid, 'code');
if (!$u_data || $u_data['uid'] != user('id')) {
return core_error_404();
}
include_once CORE_PATH . '/ttl.php';
$ttl = @$_POST['files_ttl'];
if (!isset($GLOBALS['ttl'][$ttl])) {
$ttl = $GLOBALS['ttl_def'];
}
$tms_del = $u_data['tms_last'] + $ttl;
$ttl_p = @$_POST['files_ttl_prol'] ? 'Y' : 'N';
# Update TTL
ldb_update_by_id('upload', $u_data['id'], array('tms_delete' => $tms_del, 'ttl' => $ttl, 'prolong' => $ttl_p, 'comment' => @$_POST['files_descr']));
ldb_query('UPDATE `upload` SET `file_count`=(SELECT COUNT(*) FROM `file` WHERE `file`.`upid`=`upload`.`id`),`file_size`=(SELECT SUM(`file_size`) FROM `file` WHERE `file`.`upid`=`upload`.`id`) WHERE `id`=' . $u_data['id']);
# Redirect to the file control...
@header('Location: ' . URL . '/f/' . $this->sid . '/');
}
function edit($data)
{
include_once CORE_PATH . '/ttl.php';
$ttl = @$_POST['files_ttl'];
if (!isset($GLOBALS['ttl'][$ttl])) {
$ttl = $GLOBALS['ttl_def'];
}
$db_data = array();
if (@$_POST['files_ttl_prol']) {
$db_data['prolong'] = 'Y';
$db_data['tms_delete'] = $data['tms_last'] + $ttl;
} else {
$db_data['prolong'] = 'N';
$db_data['tms_delete'] = $data['tms_upload'] + $ttl;
}
$db_data['ttl'] = $ttl;
$db_data['comment'] = @$_POST['files_descr'];
ldb_update_by_id('upload', $data['id'], $db_data);
redirect_msg(URL . '/f/' . $data['code'] . '/?', lang('save_ok'));
exit;
}
function create_session($uid)
{
$data = ldb_select_one('user', '*', $uid);
$lk = sha1(md5($_SERVER['HTTP_USER_AGENT']) . mt_rand() . md5($data['mail']) . time() . mt_rand(), true);
$c_data = base64_encode($uid . ':' . base64_encode($lk));
setcookie(cfg('auth_int_cookie_name'), $c_data, time() + intval(cfg('auth_int_session_time')), '/', COOKIE_DOMAIN);
ldb_update_by_id('user', $uid, array('login_key' => md5($lk), 'last_login' => time(), 'last_ip' => $_SERVER['REMOTE_ADDR']));
}