diff --git a/ajax.php b/ajax.php index 0eaa056cb..d98d2804e 100644 --- a/ajax.php +++ b/ajax.php @@ -44,7 +44,6 @@ switch ($ajax->action) case 'change_tor_status': case 'change_torrent': case 'gen_passkey': - require(ATTACH_DIR . 'attachment_mod.php'); require(INC_DIR . 'functions_torrent.php'); break; diff --git a/dl.php b/dl.php index 83358d740..489d743f5 100644 --- a/dl.php +++ b/dl.php @@ -4,7 +4,6 @@ define('BB_SCRIPT', 'dl'); define('NO_GZIP', true); define('BB_ROOT', './'); require(BB_ROOT .'common.php'); -require(ATTACH_DIR .'attachment_mod.php'); $download_id = request_var('id', 0); $thumbnail = request_var('thumb', 0); @@ -18,15 +17,6 @@ function send_file_to_browser($attachment, $upload_dir) $gotit = false; - if (@!file_exists(@amod_realpath($filename))) - { - bb_die($lang['ERROR_NO_ATTACHMENT'] . "

" . $filename. "

" .$lang['TOR_NOT_FOUND']); - } - else - { - $gotit = true; - } - // Correct the mime type - we force application/octet-stream for all files, except images // Please do not change this, it is a security precaution if (!strstr($attachment['mimetype'], 'image')) @@ -82,11 +72,6 @@ if (!$download_id) bb_die($lang['NO_ATTACHMENT_SELECTED']); } -if ($attach_config['disable_mod'] && !IS_ADMIN) -{ - bb_die($lang['ATTACHMENT_FEATURE_DISABLED']); -} - $sql = 'SELECT * FROM ' . BB_ATTACHMENTS_DESC . ' WHERE attach_id = ' . (int) $download_id; if (!($result = DB()->sql_query($sql))) @@ -152,52 +137,14 @@ if (!$authorised) $datastore->rm('cat_forums'); -// -// Get Information on currently allowed Extensions -// -$rows = get_extension_informations(); -$num_rows = count($rows); - -for ($i = 0; $i < $num_rows; $i++) -{ - $extension = strtolower(trim($rows[$i]['extension'])); - $allowed_extensions[] = $extension; - $download_mode[$extension] = $rows[$i]['download_mode']; -} - -// Disallowed -if (!in_array($attachment['extension'], $allowed_extensions) && !IS_ADMIN) -{ - bb_die(sprintf($lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); -} - -$download_mode = intval($download_mode[$attachment['extension']]); - -if ($thumbnail) -{ - $attachment['physical_filename'] = THUMB_DIR . '/t_' . $attachment['physical_filename']; -} - -// Update download count -if (!$thumbnail) -{ $sql = 'UPDATE ' . BB_ATTACHMENTS_DESC . ' SET download_count = download_count + 1 WHERE attach_id = ' . (int) $attachment['attach_id']; if (!DB()->sql_query($sql)) { bb_die('Could not update attachment download count'); } -} -// Determine the 'presenting'-method -if ($download_mode == PHYSICAL_LINK) -{ - $url = make_url($upload_dir . '/' . $attachment['physical_filename']); - header('Location: ' . $url); - exit; -} -else -{ + if (IS_GUEST && !bb_captcha('check')) { global $template; @@ -219,6 +166,5 @@ else require(PAGE_FOOTER); } - send_file_to_browser($attachment, $upload_dir); - exit; -} \ No newline at end of file + send_file_to_browser($attachment, ''); + exit; \ No newline at end of file diff --git a/install/sql/mysql.sql b/install/sql/mysql.sql index 1973d8723..6173e0338 100644 --- a/install/sql/mysql.sql +++ b/install/sql/mysql.sql @@ -1,46 +1,5 @@ SET SQL_MODE = ""; --- ---------------------------- --- Table structure for `bb_attachments` --- ---------------------------- -DROP TABLE IF EXISTS `bb_attachments`; -CREATE TABLE IF NOT EXISTS `bb_attachments` ( - `attach_id` mediumint(8) unsigned NOT NULL DEFAULT '0', - `post_id` mediumint(8) unsigned NOT NULL DEFAULT '0', - `user_id_1` mediumint(8) NOT NULL DEFAULT '0', - PRIMARY KEY (`attach_id`,`post_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; - --- ---------------------------- --- Records of bb_attachments --- ---------------------------- - --- ---------------------------- --- Table structure for `bb_attachments_desc` --- ---------------------------- -DROP TABLE IF EXISTS `bb_attachments_desc`; -CREATE TABLE IF NOT EXISTS `bb_attachments_desc` ( - `attach_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, - `physical_filename` varchar(255) NOT NULL DEFAULT '', - `real_filename` varchar(255) NOT NULL DEFAULT '', - `download_count` mediumint(8) unsigned NOT NULL DEFAULT '0', - `comment` varchar(255) NOT NULL DEFAULT '', - `extension` varchar(100) NOT NULL DEFAULT '', - `mimetype` varchar(100) NOT NULL DEFAULT '', - `filesize` int(20) NOT NULL DEFAULT '0', - `filetime` int(11) NOT NULL DEFAULT '0', - `thumbnail` tinyint(1) NOT NULL DEFAULT '0', - `tracker_status` tinyint(1) NOT NULL DEFAULT '0', - PRIMARY KEY (`attach_id`), - KEY `filetime` (`filetime`), - KEY `filesize` (`filesize`), - KEY `physical_filename` (`physical_filename`(10)) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; - --- ---------------------------- --- Records of bb_attachments_desc --- ---------------------------- - -- ---------------------------- -- Table structure for `bb_auth_access` -- ---------------------------- @@ -185,7 +144,6 @@ CREATE TABLE IF NOT EXISTS `bb_bt_torrents` ( `poster_id` mediumint(9) NOT NULL DEFAULT '0', `topic_id` mediumint(8) unsigned NOT NULL DEFAULT '0', `forum_id` smallint(5) unsigned NOT NULL DEFAULT '0', - `attach_id` mediumint(8) unsigned NOT NULL DEFAULT '0', `size` bigint(20) unsigned NOT NULL DEFAULT '0', `reg_time` int(11) NOT NULL DEFAULT '0', `call_seed_time` int(11) NOT NULL DEFAULT '0', @@ -200,7 +158,6 @@ CREATE TABLE IF NOT EXISTS `bb_bt_torrents` ( PRIMARY KEY (`info_hash`), UNIQUE KEY `post_id` (`post_id`), UNIQUE KEY `topic_id` (`topic_id`), - UNIQUE KEY `attach_id` (`attach_id`), KEY `reg_time` (`reg_time`), KEY `forum_id` (`forum_id`), KEY `poster_id` (`poster_id`) @@ -731,7 +688,6 @@ CREATE TABLE IF NOT EXISTS `bb_posts` ( `post_username` varchar(25) NOT NULL DEFAULT '', `post_edit_time` int(11) NOT NULL DEFAULT '0', `post_edit_count` smallint(5) unsigned NOT NULL DEFAULT '0', - `post_attachment` tinyint(1) NOT NULL DEFAULT '0', `user_post` tinyint(1) NOT NULL DEFAULT '1', `mc_comment` text NOT NULL, `mc_type` tinyint(1) NOT NULL DEFAULT '0', @@ -996,7 +952,6 @@ CREATE TABLE IF NOT EXISTS `bb_topics` ( `topic_first_post_id` mediumint(8) unsigned NOT NULL DEFAULT '0', `topic_last_post_id` mediumint(8) unsigned NOT NULL DEFAULT '0', `topic_moved_id` mediumint(8) unsigned NOT NULL DEFAULT '0', - `topic_attachment` tinyint(1) NOT NULL DEFAULT '0', `topic_dl_type` tinyint(1) NOT NULL DEFAULT '0', `attach_ext_id` tinyint(4) NOT NULL DEFAULT '0', `filesize` mediumint(8) unsigned NOT NULL DEFAULT '0', diff --git a/library/attach_mod/.htaccess b/library/attach_mod/.htaccess deleted file mode 100644 index baa56e5a3..000000000 --- a/library/attach_mod/.htaccess +++ /dev/null @@ -1,2 +0,0 @@ -order allow,deny -deny from all \ No newline at end of file diff --git a/library/attach_mod/attachment_mod.php b/library/attach_mod/attachment_mod.php deleted file mode 100644 index 8867e940a..000000000 --- a/library/attach_mod/attachment_mod.php +++ /dev/null @@ -1,77 +0,0 @@ -sql_query($sql))) - { - bb_die('Could not query attachment information'); - } - - while ($row = DB()->sql_fetchrow($result)) - { - $attach_config[$row['config_name']] = trim($row['config_value']); - } - - // We assign the original default board language here, because it gets overwritten later with the users default language - $attach_config['board_lang'] = trim($bb_cfg['default_lang']); - - return $attach_config; -} - -// Get Attachment Config -$attach_config = array(); - -if (!$attach_config = CACHE('bb_cache')->get('attach_config')) -{ - $attach_config = get_config(); - CACHE('bb_cache')->set('attach_config', $attach_config, 86400); -} - -include(ATTACH_DIR .'displaying.php'); -include(ATTACH_DIR .'posting_attachments.php'); - -$upload_dir = $attach_config['upload_dir']; \ No newline at end of file diff --git a/library/attach_mod/displaying_torrent.php b/library/attach_mod/displaying_torrent.php deleted file mode 100644 index 693e884f9..000000000 --- a/library/attach_mod/displaying_torrent.php +++ /dev/null @@ -1,605 +0,0 @@ -'; - -$peers_cnt = $seed_count = 0; -$seeders = $leechers = ''; -$tor_info = array(); - -$template->assign_vars(array( - 'SEED_COUNT' => false, - 'LEECH_COUNT' => false, - 'TOR_SPEED_UP' => false, - 'TOR_SPEED_DOWN' => false, - 'SHOW_RATIO_WARN' => false, -)); - -// Define show peers mode (count only || user names with complete % || full details) -$cfg_sp_mode = $bb_cfg['bt_show_peers_mode']; -$get_sp_mode = (isset($_GET['spmode'])) ? $_GET['spmode'] : ''; - -$s_mode = 'count'; - -if ($cfg_sp_mode == SHOW_PEERS_NAMES) -{ - $s_mode = 'names'; -} -else if ($cfg_sp_mode == SHOW_PEERS_FULL) -{ - $s_mode = 'full'; -} - -if ($bb_cfg['bt_allow_spmode_change']) -{ - if ($get_sp_mode == 'names') - { - $s_mode = 'names'; - } - else if ($get_sp_mode == 'full') - { - $s_mode = 'full'; - } -} - -$bt_topic_id = $t_data['topic_id']; -$bt_user_id = $userdata['user_id']; -$attach_id = $attachments['_'. $post_id][$i]['attach_id']; -$tracker_status = $attachments['_'. $post_id][$i]['tracker_status']; -$download_count = $attachments['_'. $post_id][$i]['download_count']; -$tor_file_size = humn_size($attachments['_'. $post_id][$i]['filesize']); -$tor_file_time = bb_date($attachments['_'. $post_id][$i]['filetime']); - -$tor_reged = (bool) $tracker_status; -$show_peers = (bool) $bb_cfg['bt_show_peers']; - -$locked = ($t_data['forum_status'] == FORUM_LOCKED || $t_data['topic_status'] == TOPIC_LOCKED); -$tor_auth = ($bt_user_id != GUEST_UID && (($bt_user_id == $poster_id && !$locked) || $is_auth['auth_mod'])); - -$tor_auth_reg = ($tor_auth && $t_data['allow_reg_tracker'] && $post_id == $t_data['topic_first_post_id']); -$tor_auth_del = ($tor_auth && $tor_reged); - -$tracker_link = ($tor_reged) ? $lang['BT_REG_YES'] : $lang['BT_REG_NO']; - -$download_link = DOWNLOAD_URL . $attach_id; -$description = ($comment) ? $comment : preg_replace("#.torrent$#i", '', $display_name); - -if ($tor_auth_reg || $tor_auth_del) -{ - $reg_tor_url = ''. $lang['BT_REG_ON_TRACKER'] .''; - $unreg_tor_url = ''. $lang['BT_UNREG_FROM_TRACKER'] .''; - - $tracker_link = ($tor_reged) ? $unreg_tor_url : $reg_tor_url; -} - -if ($bb_cfg['torrent_name_style']) -{ - $display_name = '['.$bb_cfg['server_name'].'].t' . $bt_topic_id . '.torrent'; -} - -if (!$tor_reged) -{ - $template->assign_block_vars('postrow.attach.tor_not_reged', array( - 'DOWNLOAD_NAME' => $display_name, - 'TRACKER_LINK' => $tracker_link, - 'ATTACH_ID' => $attach_id, - - 'S_UPLOAD_IMAGE' => $upload_image, - 'U_DOWNLOAD_LINK' => $download_link, - 'FILESIZE' => $tor_file_size, - - 'DOWNLOAD_COUNT' => sprintf($lang['DOWNLOAD_NUMBER'], $download_count), - 'POSTED_TIME' => $tor_file_time, - )); - - if ($comment) - { - $template->assign_block_vars('postrow.attach.tor_not_reged.comment', array('COMMENT' => $comment)); - } -} -else -{ - $sql = "SELECT bt.*, u.user_id, u.username, u.user_rank - FROM ". BB_BT_TORRENTS ." bt - LEFT JOIN ". BB_USERS ." u ON(bt.checked_user_id = u.user_id) - WHERE bt.attach_id = $attach_id"; - - if (!$result = DB()->sql_query($sql)) - { - bb_die('Could not obtain torrent information'); - } - $tor_info = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); -} - -if ($tor_reged && !$tor_info) -{ - DB()->query("UPDATE ". BB_ATTACHMENTS_DESC ." SET tracker_status = 0 WHERE attach_id = $attach_id"); - - bb_die('Torrent status fixed'); -} - -if ($tor_auth) -{ - $template->assign_vars(array( - 'TOR_CONTROLS' => true, - 'TOR_ATTACH_ID' => $attach_id, - )); - - if ($t_data['self_moderated'] || $is_auth['auth_mod']) - { - $template->assign_vars(array('AUTH_MOVE' => true)); - } -} - -if ($tor_reged && $tor_info) -{ - $tor_size = ($tor_info['size']) ? $tor_info['size'] : 0; - $tor_id = $tor_info['topic_id']; - $tor_type = $tor_info['tor_type']; - - // Magnet link - $passkey = DB()->fetch_row("SELECT auth_key FROM ". BB_BT_USERS ." WHERE user_id = ". (int) $bt_user_id ." LIMIT 1"); - $tor_magnet = create_magnet($tor_info['info_hash'], $passkey['auth_key'], $userdata['session_logged_in']); - - // ratio limits - $min_ratio_dl = $bb_cfg['bt_min_ratio_allow_dl_tor']; - $min_ratio_warn = $bb_cfg['bt_min_ratio_warning']; - $dl_allowed = true; - $user_ratio = 0; - - if (($min_ratio_dl || $min_ratio_warn) && $bt_user_id != $poster_id) - { - $sql = "SELECT u.*, dl.user_status - FROM ". BB_BT_USERS ." u - LEFT JOIN ". BB_BT_DLSTATUS ." dl ON dl.user_id = $bt_user_id AND dl.topic_id = $bt_topic_id - WHERE u.user_id = $bt_user_id - LIMIT 1"; - } - else - { - $sql = "SELECT user_status - FROM ". BB_BT_DLSTATUS ." - WHERE user_id = $bt_user_id - AND topic_id = $bt_topic_id - LIMIT 1"; - } - - $bt_userdata = DB()->fetch_row($sql); - - $user_status = isset($bt_userdata['user_status']) ? $bt_userdata['user_status'] : null; - - if (($min_ratio_dl || $min_ratio_warn) && $user_status != DL_STATUS_COMPLETE && $bt_user_id != $poster_id && $tor_type != TOR_TYPE_GOLD) - { - if (($user_ratio = get_bt_ratio($bt_userdata)) !== null) - { - $dl_allowed = ($user_ratio > $min_ratio_dl); - } - - if ((isset($user_ratio) && isset($min_ratio_warn) && $user_ratio < $min_ratio_warn && TR_RATING_LIMITS) || ($bt_userdata['u_down_total'] < MIN_DL_FOR_RATIO)) - { - $template->assign_vars(array( - 'SHOW_RATIO_WARN' => true, - 'RATIO_WARN_MSG' => sprintf($lang['BT_RATIO_WARNING_MSG'], $min_ratio_dl, $bb_cfg['ratio_url_help']), - )); - } - } - - if (!$dl_allowed) - { - $template->assign_block_vars('postrow.attach.tor_reged', array()); - $template->assign_vars(array( - 'TOR_BLOCKED' => true, - 'TOR_BLOCKED_MSG' => sprintf($lang['BT_LOW_RATIO_FOR_DL'], round($user_ratio, 2), "search.php?dlu=$bt_user_id&dlc=1"), - )); - } - else - { - $template->assign_block_vars('postrow.attach.tor_reged', array( - 'DOWNLOAD_NAME' => $display_name, - 'TRACKER_LINK' => $tracker_link, - 'ATTACH_ID' => $attach_id, - 'TOR_SILVER_GOLD' => $tor_type, - - // torrent status mod - 'TOR_FROZEN' => (!IS_AM) ? (isset($bb_cfg['tor_frozen'][$tor_info['tor_status']]) && !(isset($bb_cfg['tor_frozen_author_download'][$tor_info['tor_status']]) && $userdata['user_id'] == $tor_info['poster_id'])) ? true : '' : '', - 'TOR_STATUS_TEXT' => $lang['TOR_STATUS_NAME'][$tor_info['tor_status']], - 'TOR_STATUS_ICON' => $bb_cfg['tor_icons'][$tor_info['tor_status']], - 'TOR_STATUS_BY' => ($tor_info['checked_user_id'] && $is_auth['auth_mod']) ? (' · '. profile_url($tor_info) .' · '. delta_time($tor_info['checked_time']) . $lang['TOR_BACK'] .'') : '', - 'TOR_STATUS_SELECT' => build_select('sel_status', array_flip($lang['TOR_STATUS_NAME']), TOR_APPROVED), - 'TOR_STATUS_REPLY' => $bb_cfg['tor_comment'] && !IS_GUEST && in_array($tor_info['tor_status'], $bb_cfg['tor_reply']) && $userdata['user_id'] == $tor_info['poster_id'] && $t_data['topic_status'] != TOPIC_LOCKED, - //end torrent status mod - - 'S_UPLOAD_IMAGE' => $upload_image, - 'U_DOWNLOAD_LINK' => $download_link, - 'DL_LINK_CLASS' => (isset($bt_userdata['user_status'])) ? $dl_link_css[$bt_userdata['user_status']] : 'genmed', - 'DL_TITLE_CLASS' => (isset($bt_userdata['user_status'])) ? $dl_status_css[$bt_userdata['user_status']] : 'gen', - 'FILESIZE' => $tor_file_size, - 'MAGNET' => $tor_magnet, - 'HASH' => strtoupper(bin2hex($tor_info['info_hash'])), - 'DOWNLOAD_COUNT' => sprintf($lang['DOWNLOAD_NUMBER'], $download_count), - 'REGED_TIME' => bb_date($tor_info['reg_time']), - 'REGED_DELTA' => delta_time($tor_info['reg_time']), - 'TORRENT_SIZE' => humn_size($tor_size), - 'COMPLETED' => sprintf($lang['DOWNLOAD_NUMBER'], $tor_info['complete_count']), - )); - - if ($comment) - { - $template->assign_block_vars('postrow.attach.tor_reged.comment', array('COMMENT' => $comment)); - } - } - - if ($bb_cfg['show_tor_info_in_dl_list']) - { - $template->assign_vars(array( - 'SHOW_DL_LIST' => true, - 'SHOW_DL_LIST_TOR_INFO' => true, - - 'TOR_SIZE' => humn_size($tor_size), - 'TOR_LONGEVITY' => delta_time($tor_info['reg_time']), - 'TOR_COMPLETED' => declension($tor_info['complete_count'], 'times'), - )); - } - - // Show peers - if ($show_peers) - { - // Sorting order in full mode - if ($s_mode == 'full') - { - $full_mode_order = 'tr.remain'; - $full_mode_sort_dir = 'ASC'; - - if (isset($_REQUEST['psortasc'])) - { - $full_mode_sort_dir = 'ASC'; - } - else if (isset($_REQUEST['psortdesc'])) - { - $full_mode_sort_dir = 'DESC'; - } - - if (isset($_REQUEST['porder'])) - { - $peer_orders = array( - 'name' => 'u.username', - 'ip' => 'tr.ip', - 'port' => 'tr.port', - 'compl' => 'tr.remain', - 'cup' => 'tr.uploaded', - 'cdown' => 'tr.downloaded', - 'sup' => 'tr.speed_up', - 'sdown' => 'tr.speed_down', - 'time' => 'tr.update_time', - ); - - foreach ($peer_orders as $get_key => $order_by_value) - { - if ($_REQUEST['porder'] == $get_key) - { - $full_mode_order = $order_by_value; - break; - } - } - } - } - // SQL for each mode - if ($s_mode == 'count') - { - $sql = "SELECT seeders, leechers, speed_up, speed_down - FROM ". BB_BT_TRACKER_SNAP ." - WHERE topic_id = $tor_id - LIMIT 1"; - } - else if ($s_mode == 'names') - { - $sql = "SELECT tr.user_id, tr.ip, tr.port, tr.remain, tr.seeder, u.username, u.user_rank - FROM ". BB_BT_TRACKER ." tr, ". BB_USERS ." u - WHERE tr.topic_id = $tor_id - AND u.user_id = tr.user_id - GROUP BY tr.ip, tr.user_id, tr.port, tr.seeder - ORDER BY u.username - LIMIT $show_peers_limit"; - } - else - { - $sql = "SELECT - tr.user_id, tr.ip, tr.port, tr.uploaded, tr.downloaded, tr.remain, - tr.seeder, tr.releaser, tr.speed_up, tr.speed_down, tr.update_time, - tr.complete_percent, u.username, u.user_rank - FROM ". BB_BT_TRACKER ." tr - LEFT JOIN ". BB_USERS ." u ON u.user_id = tr.user_id - WHERE tr.topic_id = $tor_id - GROUP BY tr.ip, tr.user_id, tr.port, tr.seeder - ORDER BY $full_mode_order $full_mode_sort_dir - LIMIT $show_peers_limit"; - } - - // Build peers table - if ($peers = DB()->fetch_rowset($sql)) - { - $peers_cnt = count($peers); - - $cnt = $tr = $sp_up = $sp_down = $sp_up_tot = $sp_down_tot = array(); - $cnt['s'] = $tr['s'] = $sp_up['s'] = $sp_down['s'] = $sp_up_tot['s'] = $sp_down_tot['s'] = 0; - $cnt['l'] = $tr['l'] = $sp_up['l'] = $sp_down['l'] = $sp_up_tot['l'] = $sp_down_tot['l'] = 0; - - $max_up = $max_down = $max_sp_up = $max_sp_down = array(); - $max_up['s'] = $max_down['s'] = $max_sp_up['s'] = $max_sp_down['s'] = 0; - $max_up['l'] = $max_down['l'] = $max_sp_up['l'] = $max_sp_down['l'] = 0; - $max_up_id['s'] = $max_down_id['s'] = $max_sp_up_id['s'] = $max_sp_down_id['s'] = ($peers_cnt + 1); - $max_up_id['l'] = $max_down_id['l'] = $max_sp_up_id['l'] = $max_sp_down_id['l'] = ($peers_cnt + 1); - - if ($s_mode == 'full') - { - foreach ($peers as $pid => $peer) - { - $x = ($peer['seeder']) ? 's' : 'l'; - $cnt[$x]++; - $sp_up_tot[$x] += $peer['speed_up']; - $sp_down_tot[$x] += $peer['speed_down']; - - $guest = ($peer['user_id'] == GUEST_UID || is_null($peer['username'])); - $p_max_up = $peer['uploaded']; - $p_max_down = $peer['downloaded']; - - if ($p_max_up > $max_up[$x]) - { - $max_up[$x] = $p_max_up; - $max_up_id[$x] = $pid; - } - if ($peer['speed_up'] > $max_sp_up[$x]) - { - $max_sp_up[$x] = $peer['speed_up']; - $max_sp_up_id[$x] = $pid; - } - if ($p_max_down > $max_down[$x]) - { - $max_down[$x] = $p_max_down; - $max_down_id[$x] = $pid; - } - if ($peer['speed_down'] > $max_sp_down[$x]) - { - $max_sp_down[$x] = $peer['speed_down']; - $max_sp_down_id[$x] = $pid; - } - } - $max_down_id['s'] = $max_sp_down_id['s'] = ($peers_cnt + 1); - - if ($cnt['s'] == 1) - { - $max_up_id['s'] = $max_sp_up_id['s'] = ($peers_cnt + 1); - } - if ($cnt['l'] == 1) - { - $max_up_id['l'] = $max_down_id['l'] = $max_sp_up_id['l'] = $max_sp_down_id['l'] = ($peers_cnt + 1); - } - } - - if ($s_mode == 'count') - { - $tmp = array(); - $tmp[0]['seeder'] = $tmp[0]['username'] = $tmp[1]['username'] = 0; - $tmp[1]['seeder'] = 1; - $tmp[0]['username'] = (int) @$peers[0]['leechers']; - $tmp[1]['username'] = (int) @$peers[0]['seeders']; - $tor_speed_up = (int) @$peers[0]['speed_up']; - $tor_speed_down = (int) @$peers[0]['speed_down']; - $peers = $tmp; - - $template->assign_vars(array( - 'TOR_SPEED_UP' => ($tor_speed_up) ? humn_size($tor_speed_up, 0, 'KB') .'/s' : '0 KB/s', - 'TOR_SPEED_DOWN' => ($tor_speed_down) ? humn_size($tor_speed_down, 0, 'KB') .'/s' : '0 KB/s', - )); - } - - foreach ($peers as $pid => $peer) - { - $u_prof_href = ($s_mode == 'count') ? '#' : "profile.php?mode=viewprofile&u=". $peer['user_id'] ."#torrent"; - - // Full details mode - if ($s_mode == 'full') - { - $ip = bt_show_ip($peer['ip']); - $port = bt_show_port($peer['port']); - - // peer max/current up/down - $p_max_up = $peer['uploaded']; - $p_max_down = $peer['downloaded']; - $p_cur_up = $peer['uploaded']; - $p_cur_down = $peer['downloaded']; - - if ($peer['seeder']) - { - $x = 's'; - $x_row = 'srow'; - $x_full = 'sfull'; - - if (!defined('SEEDER_EXIST')) - { - define('SEEDER_EXIST', true); - $seed_order_action = "viewtopic.php?". POST_TOPIC_URL ."=$bt_topic_id&spmode=full#seeders"; - - $template->assign_block_vars("$x_full", array( - 'SEED_ORD_ACT' => $seed_order_action, - 'SEEDERS_UP_TOT' => humn_size($sp_up_tot[$x], 0, 'KB') .'/s' - )); - - if ($ip) - { - $template->assign_block_vars("$x_full.iphead", array()); - } - if ($port !== false) - { - $template->assign_block_vars("$x_full.porthead", array()); - } - } - $compl_perc = ($tor_size) ? round(($p_max_up / $tor_size), 1) : 0; - } - else - { - $x = 'l'; - $x_row = 'lrow'; - $x_full = 'lfull'; - - if (!defined('LEECHER_EXIST')) - { - define('LEECHER_EXIST', true); - $leech_order_action = "viewtopic.php?". POST_TOPIC_URL ."=$bt_topic_id&spmode=full#leechers"; - - $template->assign_block_vars("$x_full", array( - 'LEECH_ORD_ACT' => $leech_order_action, - 'LEECHERS_UP_TOT' => humn_size($sp_up_tot[$x], 0, 'KB') .'/s', - 'LEECHERS_DOWN_TOT' => humn_size($sp_down_tot[$x], 0, 'KB') .'/s' - )); - - if ($ip) - { - $template->assign_block_vars("$x_full.iphead", array()); - } - if ($port !== false) - { - $template->assign_block_vars("$x_full.porthead", array()); - } - } - $compl_size = ($peer['remain'] && $tor_size && $tor_size > $peer['remain']) ? ($tor_size - $peer['remain']) : 0; - $compl_perc = ($compl_size) ? floor($compl_size * 100 / $tor_size) : 0; - } - - $rel_sign = (!$guest && $peer['releaser']) ? ' ®' : ''; - $name = profile_url($peer). $rel_sign; - $up_tot = ($p_max_up) ? humn_size($p_max_up) : '-'; - $down_tot = ($p_max_down) ? humn_size($p_max_down) : '-'; - $up_ratio = ($p_max_down) ? round(($p_max_up / $p_max_down), 2) : ''; - $sp_up = ($peer['speed_up']) ? humn_size($peer['speed_up'], 0, 'KB') .'/s' : '-'; - $sp_down = ($peer['speed_down']) ? humn_size($peer['speed_down'], 0, 'KB') .'/s' : '-'; - - $bgr_class = (!($tr[$x] % 2)) ? $bgr_class_1 : $bgr_class_2; - $row_bgr = ($change_peers_bgr_over) ? " class=\"$bgr_class\" onmouseover=\"this.className='$bgr_class_over';\" onmouseout=\"this.className='$bgr_class';\"" : ''; - $tr[$x]++; - - $template->assign_block_vars("$x_full.$x_row", array( - 'ROW_BGR' => $row_bgr, - 'NAME' => ($peer['update_time']) ? $name : "$name", - 'COMPL_PRC' => $compl_perc, - 'UP_TOTAL' => ($max_up_id[$x] == $pid) ? "$up_tot" : $up_tot, - 'DOWN_TOTAL' => ($max_down_id[$x] == $pid) ? "$down_tot" : $down_tot, - 'SPEED_UP' => ($max_sp_up_id[$x] == $pid) ? "$sp_up" : $sp_up, - 'SPEED_DOWN' => ($max_sp_down_id[$x] == $pid) ? "$sp_down" : $sp_down, - 'UP_TOTAL_RAW' => $peer['uploaded'], - 'DOWN_TOTAL_RAW' => $peer['downloaded'], - 'SPEED_UP_RAW' => $peer['speed_up'], - 'SPEED_DOWN_RAW' => $peer['speed_down'], - 'UPD_EXP_TIME' => ($peer['update_time']) ? $lang['DL_UPD'] . bb_date($peer['update_time'], 'd-M-y H:i') .' · '. delta_time($peer['update_time']) . $lang['TOR_BACK'] : $lang['DL_STOPPED'], - 'TOR_RATIO' => ($up_ratio) ? $lang['USER_RATIO'] . "UL/DL: $up_ratio" : '', - )); - - if ($ip) - { - $template->assign_block_vars("$x_full.$x_row.ip", array('IP' => $ip)); - } - if ($port !== false) - { - $template->assign_block_vars("$x_full.$x_row.port", array('PORT' => $port)); - } - } - // Count only & only names modes - else - { - if ($peer['seeder']) - { - $seeders .= ''. $peer['username'] .', '; - $seed_count = $peer['username']; - } - else - { - $compl_size = (@$peer['remain'] && $tor_size && $tor_size > $peer['remain']) ? ($tor_size - $peer['remain']) : 0; - $compl_perc = ($compl_size) ? floor($compl_size * 100 / $tor_size) : 0; - - $leechers .= ''. $peer['username'] .''; - $leechers .= ($s_mode == 'names') ? ' ['. $compl_perc .'%]' : ''; - $leechers .= ', '; - $leech_count = $peer['username']; - } - } - } - - if ($s_mode != 'full' && $seeders) - { - $seeders[strlen($seeders)-9] = ' '; - $template->assign_vars(array( - 'SEED_LIST' => $seeders, - 'SEED_COUNT' => ($seed_count) ? $seed_count : 0, - )); - } - if ($s_mode != 'full' && $leechers) - { - $leechers[strlen($leechers)-9] = ' '; - $template->assign_vars(array( - 'LEECH_LIST' => $leechers, - 'LEECH_COUNT' => ($leech_count) ? $leech_count : 0, - )); - } - } - unset($peers); - - // Show "seeder last seen info" - if (($s_mode == 'count' && !$seed_count) || (!$seeders && !defined('SEEDER_EXIST'))) - { - $last_seen_time = ($tor_info['seeder_last_seen']) ? delta_time($tor_info['seeder_last_seen']) : $lang['NEVER']; - - $template->assign_vars(array( - 'SEEDER_LAST_SEEN' => sprintf($lang['SEEDER_LAST_SEEN'], $last_seen_time), - )); - } - } - - $template->assign_block_vars('tor_title', array('U_DOWNLOAD_LINK' => $download_link)); - - if ($peers_cnt > $max_peers_before_overflow && $s_mode == 'full') - { - $template->assign_vars(array('PEERS_DIV_STYLE' => $peers_div_style_overflow)); - $template->assign_vars(array('PEERS_OVERFLOW' => true)); - } - else - { - $template->assign_vars(array('PEERS_DIV_STYLE' => $peers_div_style_normal)); - } -} - -if ($bb_cfg['bt_allow_spmode_change'] && $s_mode != 'full') -{ - $template->assign_vars(array( - 'PEERS_FULL_LINK' => true, - 'SPMODE_FULL_HREF' => "viewtopic.php?". POST_TOPIC_URL ."=$bt_topic_id&spmode=full#seeders", - )); -} - -$template->assign_vars(array( - 'SHOW_DL_LIST_LINK' => (($bb_cfg['bt_show_dl_list'] || $bb_cfg['allow_dl_list_names_mode']) && $t_data['topic_dl_type'] == TOPIC_DL_TYPE_DL), - 'SHOW_TOR_ACT' => ($tor_reged && $show_peers && (!isset($bb_cfg['tor_no_tor_act'][$tor_info['tor_status']]) || IS_AM)), - 'S_MODE_COUNT' => ($s_mode == 'count'), - 'S_MODE_NAMES' => ($s_mode == 'names'), - 'S_MODE_FULL' => ($s_mode == 'full'), - 'PEER_EXIST' => ($seeders || $leechers || defined('SEEDER_EXIST') || defined('LEECHER_EXIST')), - 'SEED_EXIST' => ($seeders || defined('SEEDER_EXIST')), - 'LEECH_EXIST' => ($leechers || defined('LEECHER_EXIST')), - 'TOR_HELP_LINKS' => $bb_cfg['tor_help_links'], - 'CALL_SEED' => ($bb_cfg['callseed'] && $tor_reged && !isset($bb_cfg['tor_no_tor_act'][$tor_info['tor_status']]) && $seed_count < 3 && $tor_info['call_seed_time'] < (TIMENOW - 86400)), -)); \ No newline at end of file diff --git a/library/attach_mod/includes/.htaccess b/library/attach_mod/includes/.htaccess deleted file mode 100644 index baa56e5a3..000000000 --- a/library/attach_mod/includes/.htaccess +++ /dev/null @@ -1,2 +0,0 @@ -order allow,deny -deny from all \ No newline at end of file diff --git a/library/attach_mod/includes/functions_admin.php b/library/attach_mod/includes/functions_admin.php deleted file mode 100644 index 52d2aeec3..000000000 --- a/library/attach_mod/includes/functions_admin.php +++ /dev/null @@ -1,346 +0,0 @@ -sql_query($sql)) ) - { - bb_die('Could not get entry #1'); - } - - if (DB()->num_rows($result) == 0) - { - $sql_ary = array( - 'user_id' => (int) $id, - 'group_id' => 0, - 'quota_type' => (int) $quota_type, - 'quota_limit_id'=> (int) $quota_limit_id - ); - - $sql = 'INSERT INTO ' . BB_QUOTA . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary); - } - else - { - $sql = 'UPDATE ' . BB_QUOTA . " - SET quota_limit_id = $quota_limit_id - WHERE user_id = $id - AND quota_type = $quota_type"; - } - DB()->sql_freeresult($result); - } - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Unable to update quota settings'); - } - - } - else if ($mode == 'group') - { - if (!$quota_limit_id) - { - $sql = 'DELETE FROM ' . BB_QUOTA . " - WHERE group_id = $id - AND quota_type = $quota_type"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Unable to delete quota settings'); - } - } - else - { - // Check if user is already entered - $sql = 'SELECT group_id - FROM ' . BB_QUOTA . " - WHERE group_id = $id - AND quota_type = $quota_type"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get entry #2'); - } - - if (DB()->num_rows($result) == 0) - { - $sql = 'INSERT INTO ' . BB_QUOTA . " (user_id, group_id, quota_type, quota_limit_id) - VALUES (0, $id, $quota_type, $quota_limit_id)"; - } - else - { - $sql = 'UPDATE ' . BB_QUOTA . " SET quota_limit_id = $quota_limit_id - WHERE group_id = $id AND quota_type = $quota_type"; - } - - if (!DB()->sql_query($sql)) - { - bb_die('Unable to update quota settings'); - } - } - } -} - -/** -* sort multi-dimensional Array -*/ -function sort_multi_array ($sort_array, $key, $sort_order, $pre_string_sort = 0) -{ - $last_element = sizeof($sort_array) - 1; - - if (!$pre_string_sort) - { - $string_sort = (!is_numeric(@$sort_array[$last_element-1][$key]) ) ? true : false; - } - else - { - $string_sort = $pre_string_sort; - } - - for ($i = 0; $i < $last_element; $i++) - { - $num_iterations = $last_element - $i; - - for ($j = 0; $j < $num_iterations; $j++) - { - $next = 0; - - // do checks based on key - $switch = false; - if (!$string_sort) - { - if (($sort_order == 'DESC' && intval(@$sort_array[$j][$key]) < intval(@$sort_array[$j + 1][$key])) || ($sort_order == 'ASC' && intval(@$sort_array[$j][$key]) > intval(@$sort_array[$j + 1][$key]))) - { - $switch = true; - } - } - else - { - if (($sort_order == 'DESC' && strcasecmp(@$sort_array[$j][$key], @$sort_array[$j + 1][$key]) < 0) || ($sort_order == 'ASC' && strcasecmp(@$sort_array[$j][$key], @$sort_array[$j + 1][$key]) > 0)) - { - $switch = true; - } - } - - if ($switch) - { - $temp = $sort_array[$j]; - $sort_array[$j] = $sort_array[$j + 1]; - $sort_array[$j + 1] = $temp; - } - } - } - - return $sort_array; -} - -/** -* Returns the filesize of the upload directory in human readable format -*/ -function get_formatted_dirsize() -{ - global $attach_config, $upload_dir, $lang; - - $upload_dir_size = 0; - - if ($dirname = @opendir($upload_dir)) - { - while ($file = @readdir($dirname)) - { - if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file)) - { - $upload_dir_size += @filesize($upload_dir . '/' . $file); - } - } - @closedir($dirname); - } - else - { - $upload_dir_size = $lang['NOT_AVAILABLE']; - return $upload_dir_size; - } - - return humn_size($upload_dir_size); -} - -/* -* Build SQL-Statement for the search feature -*/ -function search_attachments($order_by, &$total_rows) -{ - global $lang; - - $where_sql = array(); - - // Get submitted Vars - $search_vars = array('search_keyword_fname', 'search_keyword_comment', 'search_author', 'search_size_smaller', 'search_size_greater', 'search_count_smaller', 'search_count_greater', 'search_days_greater', 'search_forum', 'search_cat'); - - for ($i = 0; $i < sizeof($search_vars); $i++) - { - $$search_vars[$i] = get_var($search_vars[$i], ''); - } - - // Author name search - if ($search_author != '') - { - // Bring in line with 2.0.x expected username - $search_author = addslashes(html_entity_decode($search_author)); - $search_author = stripslashes(clean_username($search_author)); - - // Prepare for directly going into sql query - $search_author = str_replace('*', '%', attach_mod_sql_escape($search_author)); - - // We need the post_id's, because we want to query the Attachment Table - $sql = 'SELECT user_id FROM ' . BB_USERS . " WHERE username LIKE '$search_author'"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not obtain list of matching users (searching for: ' . $search_author . ')'); - } - - $matching_userids = ''; - if ( $row = DB()->sql_fetchrow($result) ) - { - do - { - $matching_userids .= (($matching_userids != '') ? ', ' : '') . intval($row['user_id']); - } - while ($row = DB()->sql_fetchrow($result)); - - DB()->sql_freeresult($result); - } - else - { - bb_die($lang['NO_ATTACH_SEARCH_MATCH']); - } - - $where_sql[] = ' (t.user_id_1 IN (' . $matching_userids . ')) '; - } - - // Search Keyword - if ($search_keyword_fname != '') - { - $match_word = str_replace('*', '%', $search_keyword_fname); - $where_sql[] = " (a.real_filename LIKE '" . attach_mod_sql_escape($match_word) . "') "; - } - - if ($search_keyword_comment != '') - { - $match_word = str_replace('*', '%', $search_keyword_comment); - $where_sql[] = " (a.comment LIKE '" . attach_mod_sql_escape($match_word) . "') "; - } - - // Search Download Count - if ($search_count_smaller != '' || $search_count_greater != '') - { - if ($search_count_smaller != '') - { - $where_sql[] = ' (a.download_count < ' . (int) $search_count_smaller . ') '; - } - else if ($search_count_greater != '') - { - $where_sql[] = ' (a.download_count > ' . (int) $search_count_greater . ') '; - } - } - - // Search Filesize - if ($search_size_smaller != '' || $search_size_greater != '') - { - if ($search_size_smaller != '') - { - $where_sql[] = ' (a.filesize < ' . (int) $search_size_smaller . ') '; - } - else if ($search_size_greater != '') - { - $where_sql[] = ' (a.filesize > ' . (int) $search_size_greater . ') '; - } - } - - // Search Attachment Time - if ($search_days_greater != '') - { - $where_sql[] = ' (a.filetime < ' . ( TIMENOW - ((int) $search_days_greater * 86400)) . ') '; - } - - // Search Forum - if ($search_forum) - { - $where_sql[] = ' (p.forum_id = ' . intval($search_forum) . ') '; - } - - // Search Cat... nope... sorry :( - - $sql = 'SELECT a.*, t.post_id, p.post_time, p.topic_id - FROM ' . BB_ATTACHMENTS . ' t, ' . BB_ATTACHMENTS_DESC . ' a, ' . BB_POSTS . ' p WHERE '; - - if (sizeof($where_sql) > 0) - { - $sql .= implode('AND', $where_sql) . ' AND '; - } - - $sql .= 't.post_id = p.post_id AND a.attach_id = t.attach_id '; - - $total_rows_sql = $sql; - - $sql .= $order_by; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query attachments #1'); - } - - $attachments = DB()->sql_fetchrowset($result); - $num_attach = DB()->num_rows($result); - DB()->sql_freeresult($result); - - if ($num_attach == 0) - { - bb_die($lang['NO_ATTACH_SEARCH_MATCH']); - } - - if (!($result = DB()->sql_query($total_rows_sql))) - { - bb_die('Could not query attachments #2'); - } - - $total_rows = DB()->num_rows($result); - DB()->sql_freeresult($result); - - return $attachments; -} - -/** -* perform LIMIT statement on arrays -*/ -function limit_array($array, $start, $pagelimit) -{ - // array from start - start+pagelimit - $limit = (sizeof($array) < ($start + $pagelimit)) ? sizeof($array) : $start + $pagelimit; - - $limit_array = array(); - - for ($i = $start; $i < $limit; $i++) - { - $limit_array[] = $array[$i]; - } - - return $limit_array; -} \ No newline at end of file diff --git a/library/attach_mod/includes/functions_attach.php b/library/attach_mod/includes/functions_attach.php deleted file mode 100644 index 98188bd3c..000000000 --- a/library/attach_mod/includes/functions_attach.php +++ /dev/null @@ -1,623 +0,0 @@ - 4096) - { - return false; - } - else if ($number < $base) - { - return $chars[$number]; - } - - $hexval = ''; - - while ($number > 0) - { - $remainder = $number%$base; - - if ($remainder < $base) - { - $hexval = $chars[$remainder] . $hexval; - } - - $number = floor($number/$base); - } - - return $hexval; -} - -function base64_unpack($string) -{ - $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+-'; - $base = strlen($chars); - - $length = strlen($string); - $number = 0; - - for($i = 1; $i <= $length; $i++) - { - $pos = $length - $i; - $operand = strpos($chars, substr($string,$pos,1)); - $exponent = pow($base, $i-1); - $decValue = $operand * $exponent; - $number += $decValue; - } - - return $number; -} - -function auth_pack($auth_array) -{ - $one_char_encoding = '#'; - $two_char_encoding = '.'; - $one_char = $two_char = false; - $auth_cache = ''; - - for ($i = 0; $i < sizeof($auth_array); $i++) - { - $val = base64_pack(intval($auth_array[$i])); - if (strlen($val) == 1 && !$one_char) - { - $auth_cache .= $one_char_encoding; - $one_char = true; - } - else if (strlen($val) == 2 && !$two_char) - { - $auth_cache .= $two_char_encoding; - $two_char = true; - } - - $auth_cache .= $val; - } - - return $auth_cache; -} - -function auth_unpack($auth_cache) -{ - $one_char_encoding = '#'; - $two_char_encoding = '.'; - - $auth = array(); - $auth_len = 1; - - for ($pos = 0; $pos < strlen($auth_cache); $pos += $auth_len) - { - $forum_auth = substr($auth_cache, $pos, 1); - if ($forum_auth == $one_char_encoding) - { - $auth_len = 1; - continue; - } - else if ($forum_auth == $two_char_encoding) - { - $auth_len = 2; - $pos--; - continue; - } - - $forum_auth = substr($auth_cache, $pos, $auth_len); - $forum_id = base64_unpack($forum_auth); - $auth[] = intval($forum_id); - } - return $auth; -} - -function is_forum_authed($auth_cache, $check_forum_id) -{ - $one_char_encoding = '#'; - $two_char_encoding = '.'; - - if (trim($auth_cache) == '') - { - return true; - } - - $auth = array(); - $auth_len = 1; - - for ($pos = 0; $pos < strlen($auth_cache); $pos+=$auth_len) - { - $forum_auth = substr($auth_cache, $pos, 1); - if ($forum_auth == $one_char_encoding) - { - $auth_len = 1; - continue; - } - else if ($forum_auth == $two_char_encoding) - { - $auth_len = 2; - $pos--; - continue; - } - - $forum_auth = substr($auth_cache, $pos, $auth_len); - $forum_id = (int) base64_unpack($forum_auth); - if ($forum_id == $check_forum_id) - { - return true; - } - } - return false; -} - -function unlink_attach($filename, $mode = false) -{ - global $upload_dir, $attach_config; - - $filename = basename($filename); - - if ($mode == MODE_THUMBNAIL) - { - $filename = $upload_dir . '/' . THUMB_DIR . '/t_' . $filename; - } - else - { - $filename = $upload_dir . '/' . $filename; - } - - $deleted = @unlink($filename); - - return $deleted; -} - -function attachment_exists($filename) -{ - global $upload_dir, $attach_config; - - $filename = basename($filename); - - if (!@file_exists(@amod_realpath($upload_dir . '/' . $filename))) - { - return false; - } - else - { - return true; - } -} - -function physical_filename_already_stored($filename) -{ - if ($filename == '') - { - return false; - } - - $filename = basename($filename); - - $sql = 'SELECT attach_id - FROM ' . BB_ATTACHMENTS_DESC . " - WHERE physical_filename = '" . attach_mod_sql_escape($filename) . "' - LIMIT 1"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get attachment information for filename: ' . htmlspecialchars($filename)); - } - $num_rows = DB()->num_rows($result); - DB()->sql_freeresult($result); - - return ($num_rows == 0) ? false : true; -} - -function get_attachments_from_post($post_id_array) -{ - global $attach_config; - - $attachments = array(); - - if (!is_array($post_id_array)) - { - if (empty($post_id_array)) - { - return $attachments; - } - - $post_id = intval($post_id_array); - - $post_id_array = array(); - $post_id_array[] = $post_id; - } - - $post_id_array = implode(', ', array_map('intval', $post_id_array)); - - if ($post_id_array == '') - { - return $attachments; - } - - $display_order = (intval($attach_config['display_order']) == 0) ? 'DESC' : 'ASC'; - - $sql = 'SELECT a.post_id, d.* - FROM ' . BB_ATTACHMENTS . ' a, ' . BB_ATTACHMENTS_DESC . " d - WHERE a.post_id IN ($post_id_array) - AND a.attach_id = d.attach_id - ORDER BY d.filetime $display_order"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get attachment informations for post number ' . $post_id_array); - } - - $num_rows = DB()->num_rows($result); - $attachments = DB()->sql_fetchrowset($result); - DB()->sql_freeresult($result); - - if ($num_rows == 0) - { - return array(); - } - - return $attachments; -} - -function get_total_attach_filesize($attach_ids) -{ - if (!is_array($attach_ids) || !sizeof($attach_ids)) - { - return 0; - } - - $attach_ids = implode(', ', array_map('intval', $attach_ids)); - - if (!$attach_ids) - { - return 0; - } - - $sql = 'SELECT filesize FROM ' . BB_ATTACHMENTS_DESC . " WHERE attach_id IN ($attach_ids)"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query total filesize'); - } - - $total_filesize = 0; - - while ($row = DB()->sql_fetchrow($result)) - { - $total_filesize += (int) $row['filesize']; - } - DB()->sql_freeresult($result); - - return $total_filesize; -} - -/** -* Get allowed Extensions and their respective Values -*/ -function get_extension_informations() -{ - return; -} - -// -// Sync Topic -// -function attachment_sync_topic ($topics) -{ - if (is_array($topics)) - { - $topics = join(',', $topics); - } - $posts_without_attach = $topics_without_attach = array(); - - // Check orphan post_attachment markers - $sql = "SELECT p.post_id - FROM ". BB_POSTS ." p - LEFT JOIN ". BB_ATTACHMENTS ." a USING(post_id) - WHERE p.topic_id IN($topics) - AND p.post_attachment = 1 - AND a.post_id IS NULL"; - - if ($rowset = DB()->fetch_rowset($sql)) - { - foreach ($rowset as $row) - { - $posts_without_attach[] = $row['post_id']; - } - if ($posts_sql = join(',', $posts_without_attach)) - { - DB()->query("UPDATE ". BB_POSTS ." SET post_attachment = 0 WHERE post_id IN($posts_sql)"); - } - } - - // Update missing topic_attachment markers - DB()->query(" - UPDATE ". BB_TOPICS ." t, ". BB_POSTS ." p SET - t.topic_attachment = 1 - WHERE p.topic_id IN($topics) - AND p.post_attachment = 1 - AND p.topic_id = t.topic_id - "); - - // Fix orphan topic_attachment markers - $sql = "SELECT t.topic_id - FROM ". BB_POSTS ." p, ". BB_TOPICS ." t - WHERE t.topic_id = p.topic_id - AND t.topic_id IN($topics) - AND t.topic_attachment = 1 - GROUP BY p.topic_id - HAVING SUM(p.post_attachment) = 0"; - - if ($rowset = DB()->fetch_rowset($sql)) - { - foreach ($rowset as $row) - { - $topics_without_attach[] = $row['topic_id']; - } - if ($topics_sql = join(',', $topics_without_attach)) - { - DB()->query("UPDATE ". BB_TOPICS ." SET topic_attachment = 0 WHERE topic_id IN($topics_sql)"); - } - } -} - -/** -* Get Extension -*/ -function get_extension($filename) -{ - if (!stristr($filename, '.')) - { - return ''; - } - $extension = strrchr(strtolower($filename), '.'); - $extension[0] = ' '; - $extension = strtolower(trim($extension)); - if (is_array($extension)) - { - return ''; - } - else - { - return $extension; - } -} - -/** -* Delete Extension -*/ -function delete_extension($filename) -{ - return substr($filename, 0, strrpos(strtolower(trim($filename)), '.')); -} - -/** -* Check if a user is within Group -*/ -function user_in_group($user_id, $group_id) -{ - $user_id = (int) $user_id; - $group_id = (int) $group_id; - - if (!$user_id || !$group_id) - { - return false; - } - - $sql = 'SELECT u.group_id - FROM ' . BB_USER_GROUP . ' u, ' . BB_GROUPS . " g - WHERE g.group_single_user = 0 - AND u.group_id = g.group_id - AND u.user_id = $user_id - AND g.group_id = $group_id - LIMIT 1"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get user group'); - } - - $num_rows = DB()->num_rows($result); - DB()->sql_freeresult($result); - - if ($num_rows == 0) - { - return false; - } - - return true; -} - -/** -* Realpath replacement for attachment mod -*/ -function amod_realpath($path) -{ - return (function_exists('realpath')) ? realpath($path) : $path; -} - -/** -* _set_var -* -* Set variable, used by {@link get_var the get_var function} -* -* @private -*/ -function _set_var(&$result, $var, $type, $multibyte = false) -{ - settype($var, $type); - $result = $var; - - if ($type == 'string') - { - $result = trim(str_replace(array("\r\n", "\r", '\xFF'), array("\n", "\n", ' '), $result)); - // 2.0.x is doing addslashes on all variables - $result = stripslashes($result); - if ($multibyte) - { - $result = preg_replace('#&(\#[0-9]+;)#', '&\1', $result); - } - } -} - -/** -* get_var -* -* Used to get passed variable -*/ -function get_var($var_name, $default, $multibyte = false) -{ - $request_var = (isset($_POST[$var_name])) ? $_POST : $_GET; - - if (!isset($request_var[$var_name]) || (is_array($request_var[$var_name]) && !is_array($default)) || (is_array($default) && !is_array($request_var[$var_name]))) - { - return (is_array($default)) ? array() : $default; - } - - $var = $request_var[$var_name]; - - if (!is_array($default)) - { - $type = gettype($default); - } - else - { - list($key_type, $type) = each($default); - $type = gettype($type); - $key_type = gettype($key_type); - } - - if (is_array($var)) - { - $_var = $var; - $var = array(); - - foreach ($_var as $k => $v) - { - if (is_array($v)) - { - foreach ($v as $_k => $_v) - { - _set_var($k, $k, $key_type); - _set_var($_k, $_k, $key_type); - _set_var($var[$k][$_k], $_v, $type, $multibyte); - } - } - else - { - _set_var($k, $k, $key_type); - _set_var($var[$k], $v, $type, $multibyte); - } - } - } - else - { - _set_var($var, $var, $type, $multibyte); - } - - return $var; -} - -/** -* Escaping SQL -*/ -function attach_mod_sql_escape($text) -{ - if (function_exists('mysql_real_escape_string')) - { - return DB()->escape_string($text); - } - else - { - return str_replace("'", "''", str_replace('\\', '\\\\', $text)); - } -} - -/** -* Build sql statement from array for insert/update/select statements -* -* Idea for this from Ikonboard -* Possible query values: INSERT, INSERT_SELECT, MULTI_INSERT, UPDATE, SELECT -*/ -function attach_mod_sql_build_array($query, $assoc_ary = false) -{ - if (!is_array($assoc_ary)) - { - return false; - } - - $fields = array(); - $values = array(); - if ($query == 'INSERT' || $query == 'INSERT_SELECT') - { - foreach ($assoc_ary as $key => $var) - { - $fields[] = $key; - - if (is_null($var)) - { - $values[] = 'NULL'; - } - else if (is_string($var)) - { - $values[] = "'" . attach_mod_sql_escape($var) . "'"; - } - else if (is_array($var) && is_string($var[0])) - { - $values[] = $var[0]; - } - else - { - $values[] = (is_bool($var)) ? intval($var) : $var; - } - } - - $query = ($query == 'INSERT') ? ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')' : ' (' . implode(', ', $fields) . ') SELECT ' . implode(', ', $values) . ' '; - } - else if ($query == 'MULTI_INSERT') - { - $ary = array(); - foreach ($assoc_ary as $id => $sql_ary) - { - $values = array(); - foreach ($sql_ary as $key => $var) - { - if (is_null($var)) - { - $values[] = 'NULL'; - } - elseif (is_string($var)) - { - $values[] = "'" . attach_mod_sql_escape($var) . "'"; - } - else - { - $values[] = (is_bool($var)) ? intval($var) : $var; - } - } - $ary[] = '(' . implode(', ', $values) . ')'; - } - - $query = ' (' . implode(', ', array_keys($assoc_ary[0])) . ') VALUES ' . implode(', ', $ary); - } - else if ($query == 'UPDATE' || $query == 'SELECT') - { - $values = array(); - foreach ($assoc_ary as $key => $var) - { - if (is_null($var)) - { - $values[] = "$key = NULL"; - } - elseif (is_string($var)) - { - $values[] = "$key = '" . attach_mod_sql_escape($var) . "'"; - } - else - { - $values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var"; - } - } - $query = implode(($query == 'UPDATE') ? ', ' : ' AND ', $values); - } - - return $query; -} \ No newline at end of file diff --git a/library/attach_mod/includes/functions_delete.php b/library/attach_mod/includes/functions_delete.php deleted file mode 100644 index 8cf7f7598..000000000 --- a/library/attach_mod/includes/functions_delete.php +++ /dev/null @@ -1,284 +0,0 @@ -sql_query($sql))) - { - bb_die('Could not select ids'); - } - - $num_post_list = DB()->num_rows($result); - - if ($num_post_list == 0) - { - DB()->sql_freeresult($result); - return; - } - - while ($row = DB()->sql_fetchrow($result)) - { - $post_id_array[] = intval($row[$p_id]); - } - DB()->sql_freeresult($result); - } - - if (!is_array($post_id_array)) - { - if (trim($post_id_array) == '') - { - return; - } - - if (strstr($post_id_array, ', ')) - { - $post_id_array = explode(', ', $post_id_array); - } - else if (strstr($post_id_array, ',')) - { - $post_id_array = explode(',', $post_id_array); - } - else - { - $post_id = intval($post_id_array); - - $post_id_array = array(); - $post_id_array[] = $post_id; - } - } - - if (!sizeof($post_id_array)) - { - return; - } - - // First of all, determine the post id and attach_id - if ($attach_id_array === 0) - { - $attach_id_array = array(); - - // Get the attach_ids to fill the array - $whereclause = 'WHERE post_id IN (' . implode(', ', $post_id_array) . ')'; - - $sql = 'SELECT attach_id - FROM ' . BB_ATTACHMENTS . " $whereclause - GROUP BY attach_id"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not select attachment id #1'); - } - - $num_attach_list = DB()->num_rows($result); - - if ($num_attach_list == 0) - { - DB()->sql_freeresult($result); - return; - } - - while ($row = DB()->sql_fetchrow($result)) - { - $attach_id_array[] = (int) $row['attach_id']; - } - DB()->sql_freeresult($result); - } - - if (!is_array($attach_id_array)) - { - if (strstr($attach_id_array, ', ')) - { - $attach_id_array = explode(', ', $attach_id_array); - } - else if (strstr($attach_id_array, ',')) - { - $attach_id_array = explode(',', $attach_id_array); - } - else - { - $attach_id = intval($attach_id_array); - - $attach_id_array = array(); - $attach_id_array[] = $attach_id; - } - } - - if (!sizeof($attach_id_array)) - { - return; - } - - $sql_id = 'post_id'; - - if (sizeof($post_id_array) && sizeof($attach_id_array)) - { - $sql = 'DELETE FROM ' . BB_ATTACHMENTS . ' - WHERE attach_id IN (' . implode(', ', $attach_id_array) . ") - AND $sql_id IN (" . implode(', ', $post_id_array) . ')'; - - if (!(DB()->sql_query($sql))) - { - bb_die($lang['ERROR_DELETED_ATTACHMENTS']); - } - - //bt - if ($sql_id == 'post_id') - { - $sql = "SELECT topic_id FROM ". BB_BT_TORRENTS ." WHERE attach_id IN(". implode(',', $attach_id_array) .")"; - - if (!$result = DB()->sql_query($sql)) - { - bb_die($lang['ERROR_DELETED_ATTACHMENTS']); - } - - $torrents_sql = array(); - - while ($row = DB()->sql_fetchrow($result)) - { - $torrents_sql[] = $row['topic_id']; - } - - if ($torrents_sql = implode(',', $torrents_sql)) - { - // Remove peers from tracker - $sql = "DELETE FROM ". BB_BT_TRACKER ." - WHERE topic_id IN($torrents_sql)"; - - if (!DB()->sql_query($sql)) - { - bb_die('Could not delete peers'); - } - } - // Delete torrents - $sql = "DELETE FROM ". BB_BT_TORRENTS ." - WHERE attach_id IN(". implode(',', $attach_id_array) .")"; - - if (!DB()->sql_query($sql)) - { - bb_die($lang['ERROR_DELETED_ATTACHMENTS']); - } - } - //bt end - - for ($i = 0; $i < sizeof($attach_id_array); $i++) - { - $sql = 'SELECT attach_id - FROM ' . BB_ATTACHMENTS . ' - WHERE attach_id = ' . (int) $attach_id_array[$i]; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not select Attachment id #2'); - } - - $num_rows = DB()->num_rows($result); - DB()->sql_freeresult($result); - - if ($num_rows == 0) - { - $sql = 'SELECT attach_id, physical_filename, thumbnail - FROM ' . BB_ATTACHMENTS_DESC . ' - WHERE attach_id = ' . (int) $attach_id_array[$i]; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query attach description table'); - } - $num_rows = DB()->num_rows($result); - - if ($num_rows != 0) - { - $num_attach = $num_rows; - $attachments = DB()->sql_fetchrowset($result); - DB()->sql_freeresult($result); - - // delete attachments - for ($j = 0; $j < $num_attach; $j++) - { - unlink_attach($attachments[$j]['physical_filename']); - - if (intval($attachments[$j]['thumbnail']) == 1) - { - unlink_attach($attachments[$j]['physical_filename'], MODE_THUMBNAIL); - } - - $sql = 'DELETE FROM ' . BB_ATTACHMENTS_DESC . ' WHERE attach_id = ' . (int) $attachments[$j]['attach_id']; - - if (!(DB()->sql_query($sql))) - { - bb_die($lang['ERROR_DELETED_ATTACHMENTS']); - } - } - } - else - { - DB()->sql_freeresult($result); - } - } - } - } - - // Now Sync the Topic/PM - if (sizeof($post_id_array)) - { - $sql = 'SELECT topic_id - FROM ' . BB_POSTS . ' - WHERE post_id IN (' . implode(', ', $post_id_array) . ') - GROUP BY topic_id'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not select topic id'); - } - - while ($row = DB()->sql_fetchrow($result)) - { - attachment_sync_topic($row['topic_id']); - } - DB()->sql_freeresult($result); - } -} \ No newline at end of file diff --git a/library/attach_mod/posting_attachments.php b/library/attach_mod/posting_attachments.php deleted file mode 100644 index b7466d78f..000000000 --- a/library/attach_mod/posting_attachments.php +++ /dev/null @@ -1,1356 +0,0 @@ -add_attachment_body = get_var('add_attachment_body', 0); - $this->posted_attachments_body = get_var('posted_attachments_body', 0); - - $this->file_comment = get_var('filecomment', ''); - $this->attachment_id_list = get_var('attach_id_list', array(0)); - $this->attachment_comment_list = get_var('comment_list', array('')); - $this->attachment_filesize_list = get_var('filesize_list', array(0)); - $this->attachment_filetime_list = get_var('filetime_list', array(0)); - $this->attachment_filename_list = get_var('filename_list', array('')); - $this->attachment_extension_list = get_var('extension_list', array('')); - $this->attachment_mimetype_list = get_var('mimetype_list', array('')); - - $this->filename = (isset($_FILES['fileupload']) && isset($_FILES['fileupload']['name']) && $_FILES['fileupload']['name'] != 'none') ? trim(stripslashes($_FILES['fileupload']['name'])) : ''; - - $this->attachment_list = get_var('attachment_list', array('')); - $this->attachment_thumbnail_list = get_var('attach_thumbnail_list', array(0)); - } - - /** - * Get Quota Limits - */ - function get_quota_limits($userdata_quota, $user_id = 0) - { - global $attach_config; - -// $priority = 'group;user'; - $priority = 'user;group'; - - if (IS_ADMIN) - { - $attach_config['pm_filesize_limit'] = 0; // Unlimited - $attach_config['upload_filesize_limit'] = 0; // Unlimited - return; - } - - $quota_type = QUOTA_UPLOAD_LIMIT; - $limit_type = 'upload_filesize_limit'; - $default = 'attachment_quota'; - - if (!$user_id) - { - $user_id = intval($userdata_quota['user_id']); - } - - $priority = explode(';', $priority); - $found = false; - - for ($i = 0; $i < sizeof($priority); $i++) - { - if (($priority[$i] == 'group') && (!$found)) - { - // Get Group Quota, if we find one, we have our quota - $sql = 'SELECT u.group_id - FROM ' . BB_USER_GROUP . ' u, ' . BB_GROUPS . ' g - WHERE g.group_single_user = 0 - AND u.user_pending = 0 - AND u.group_id = g.group_id - AND u.user_id = ' . $user_id; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get user group'); - } - - $rows = DB()->sql_fetchrowset($result); - $num_rows = DB()->num_rows($result); - DB()->sql_freeresult($result); - - if ($num_rows > 0) - { - $group_id = array(); - - for ($j = 0; $j < $num_rows; $j++) - { - $group_id[] = (int) $rows[$j]['group_id']; - } - - $sql = 'SELECT l.quota_limit - FROM ' . BB_QUOTA . ' q, ' . BB_QUOTA_LIMITS . ' l - WHERE q.group_id IN (' . implode(', ', $group_id) . ') - AND q.group_id <> 0 - AND q.quota_type = ' . $quota_type . ' - AND q.quota_limit_id = l.quota_limit_id - ORDER BY l.quota_limit DESC - LIMIT 1'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get group quota'); - } - - if (DB()->num_rows($result) > 0) - { - $row = DB()->sql_fetchrow($result); - $attach_config[$limit_type] = $row['quota_limit']; - $found = TRUE; - } - DB()->sql_freeresult($result); - } - } - - if ($priority[$i] == 'user' && !$found) - { - // Get User Quota, if the user is not in a group or the group has no quotas - $sql = 'SELECT l.quota_limit - FROM ' . BB_QUOTA . ' q, ' . BB_QUOTA_LIMITS . ' l - WHERE q.user_id = ' . $user_id . ' - AND q.user_id <> 0 - AND q.quota_type = ' . $quota_type . ' - AND q.quota_limit_id = l.quota_limit_id - LIMIT 1'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get user quota'); - } - - if (DB()->num_rows($result) > 0) - { - $row = DB()->sql_fetchrow($result); - $attach_config[$limit_type] = $row['quota_limit']; - $found = TRUE; - } - DB()->sql_freeresult($result); - } - } - - if (!$found) - { - // Set Default Quota Limit - $quota_id = ($quota_type == QUOTA_UPLOAD_LIMIT) ? $attach_config['default_upload_quota'] : $attach_config['default_pm_quota']; - - if ($quota_id == 0) - { - $attach_config[$limit_type] = $attach_config[$default]; - } - else - { - $sql = 'SELECT quota_limit - FROM ' . BB_QUOTA_LIMITS . ' - WHERE quota_limit_id = ' . (int) $quota_id . ' - LIMIT 1'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not get default quota limit'); - } - - if (DB()->num_rows($result) > 0) - { - $row = DB()->sql_fetchrow($result); - $attach_config[$limit_type] = $row['quota_limit']; - } - else - { - $attach_config[$limit_type] = $attach_config[$default]; - } - DB()->sql_freeresult($result); - } - } - - // Never exceed the complete Attachment Upload Quota - if ($quota_type == QUOTA_UPLOAD_LIMIT) - { - if ($attach_config[$limit_type] > $attach_config[$default]) - { - $attach_config[$limit_type] = $attach_config[$default]; - } - } - } - - /** - * Handle all modes... (intern) - * @private - */ - function handle_attachments($mode) - { - global $is_auth, $attach_config, $refresh, $post_id, $submit, $preview, $error, $error_msg, $lang; - - // - // ok, what shall we do ;) - // - - if (IS_ADMIN) - { - $max_attachments = ADMIN_MAX_ATTACHMENTS; - } - else - { - $max_attachments = intval($attach_config['max_attachments']); - } - - $sql_id = 'post_id'; - - // nothing, if the user is not authorized or attachment mod disabled - if (intval($attach_config['disable_mod']) || !$is_auth['auth_attachments']) - { - return false; - } - - // Init Vars - $attachments = array(); - - if (!$refresh) - { - $add = (isset($_POST['add_attachment'])) ? TRUE : FALSE; - $delete = (isset($_POST['del_attachment'])) ? TRUE : FALSE; - $edit = ( isset($_POST['edit_comment']) ) ? TRUE : FALSE; - $update_attachment = ( isset($_POST['update_attachment']) ) ? TRUE : FALSE; - $del_thumbnail = ( isset($_POST['del_thumbnail']) ) ? TRUE : FALSE; - - $add_attachment_box = (!empty($_POST['add_attachment_box'])) ? TRUE : FALSE; - $posted_attachments_box = (!empty($_POST['posted_attachments_box'])) ? TRUE : FALSE; - - $refresh = $add || $delete || $edit || $del_thumbnail || $update_attachment || $add_attachment_box || $posted_attachments_box; - } - - // Get Attachments - $attachments = get_attachments_from_post($post_id); - - $auth = ($is_auth['auth_edit'] || $is_auth['auth_mod']) ? TRUE : FALSE; - - if (!$submit && $mode == 'editpost' && $auth) - { - if (!$refresh && !$preview && !$error) - { - for ($i = 0; $i < sizeof($attachments); $i++) - { - $this->attachment_list[] = $attachments[$i]['physical_filename']; - $this->attachment_comment_list[] = $attachments[$i]['comment']; - $this->attachment_filename_list[] = $attachments[$i]['real_filename']; - $this->attachment_extension_list[] = $attachments[$i]['extension']; - $this->attachment_mimetype_list[] = $attachments[$i]['mimetype']; - $this->attachment_filesize_list[] = $attachments[$i]['filesize']; - $this->attachment_filetime_list[] = $attachments[$i]['filetime']; - $this->attachment_id_list[] = $attachments[$i]['attach_id']; - $this->attachment_thumbnail_list[] = $attachments[$i]['thumbnail']; - } - } - } - - $this->num_attachments = sizeof($this->attachment_list); - - if ($submit) - { - if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') - { - if ($this->filename != '') - { - if ($this->num_attachments < intval($max_attachments)) - { - $this->upload_attachment($this->page); - - if (!$error && $this->post_attach) - { - array_unshift($this->attachment_list, $this->attach_filename); - array_unshift($this->attachment_comment_list, $this->file_comment); - array_unshift($this->attachment_filename_list, $this->filename); - array_unshift($this->attachment_extension_list, $this->extension); - array_unshift($this->attachment_mimetype_list, $this->type); - array_unshift($this->attachment_filesize_list, $this->filesize); - array_unshift($this->attachment_filetime_list, $this->filetime); - array_unshift($this->attachment_id_list, '0'); - array_unshift($this->attachment_thumbnail_list, $this->thumbnail); - - $this->file_comment = ''; - $this->post_attach = FALSE; - } - } - else - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['TOO_MANY_ATTACHMENTS'], intval($max_attachments)); - } - } - } - } - - if ($preview || $refresh || $error) - { - $delete_attachment = ( isset($_POST['del_attachment']) ) ? TRUE : FALSE; - $delete_thumbnail = (isset($_POST['del_thumbnail'])) ? TRUE : FALSE; - - $add_attachment = (isset($_POST['add_attachment'])) ? TRUE : FALSE; - $edit_attachment = (isset($_POST['edit_comment'])) ? TRUE : FALSE; - $update_attachment = (isset($_POST['update_attachment']) ) ? TRUE : FALSE; - - // Perform actions on temporary attachments - if ($delete_attachment || $delete_thumbnail) - { - // store old values - $actual_id_list = get_var('attach_id_list', array(0)); - $actual_comment_list = get_var('comment_list', array('')); - $actual_filename_list = get_var('filename_list', array('')); - $actual_extension_list = get_var('extension_list', array('')); - $actual_mimetype_list = get_var('mimetype_list', array('')); - $actual_filesize_list = get_var('filesize_list', array(0)); - $actual_filetime_list = get_var('filetime_list', array(0)); - - $actual_list = get_var('attachment_list', array('')); - $actual_thumbnail_list = get_var('attach_thumbnail_list', array(0)); - - // clean values - $this->attachment_list = array(); - $this->attachment_comment_list = array(); - $this->attachment_filename_list = array(); - $this->attachment_extension_list = array(); - $this->attachment_mimetype_list = array(); - $this->attachment_filesize_list = array(); - $this->attachment_filetime_list = array(); - $this->attachment_id_list = array(); - $this->attachment_thumbnail_list = array(); - - // restore values :) - if (isset($_POST['attachment_list'])) - { - for ($i = 0; $i < sizeof($actual_list); $i++) - { - $restore = FALSE; - $del_thumb = FALSE; - - if ($delete_thumbnail) - { - if ( !isset($_POST['del_thumbnail'][$actual_list[$i]]) ) - { - $restore = TRUE; - } - else - { - $del_thumb = TRUE; - } - } - if ( $delete_attachment ) - { - if ( !isset($_POST['del_attachment'][$actual_list[$i]]) ) - { - $restore = TRUE; - } - } - - if ( $restore ) - { - $this->attachment_list[] = $actual_list[$i]; - $this->attachment_comment_list[] = $actual_comment_list[$i]; - $this->attachment_filename_list[] = $actual_filename_list[$i]; - $this->attachment_extension_list[] = $actual_extension_list[$i]; - $this->attachment_mimetype_list[] = $actual_mimetype_list[$i]; - $this->attachment_filesize_list[] = $actual_filesize_list[$i]; - $this->attachment_filetime_list[] = $actual_filetime_list[$i]; - $this->attachment_id_list[] = $actual_id_list[$i]; - $this->attachment_thumbnail_list[] = $actual_thumbnail_list[$i]; - } - else if (!$del_thumb) - { - // delete selected attachment - if ($actual_id_list[$i] == '0' ) - { - unlink_attach($actual_list[$i]); - - if ($actual_thumbnail_list[$i] == 1) - { - unlink_attach($actual_list[$i], MODE_THUMBNAIL); - } - } - else - { - delete_attachment($post_id, $actual_id_list[$i], $this->page); - } - } - else if ($del_thumb) - { - // delete selected thumbnail - $this->attachment_list[] = $actual_list[$i]; - $this->attachment_comment_list[] = $actual_comment_list[$i]; - $this->attachment_filename_list[] = $actual_filename_list[$i]; - $this->attachment_extension_list[] = $actual_extension_list[$i]; - $this->attachment_mimetype_list[] = $actual_mimetype_list[$i]; - $this->attachment_filesize_list[] = $actual_filesize_list[$i]; - $this->attachment_filetime_list[] = $actual_filetime_list[$i]; - $this->attachment_id_list[] = $actual_id_list[$i]; - $this->attachment_thumbnail_list[] = 0; - - if ($actual_id_list[$i] == 0) - { - unlink_attach($actual_list[$i], MODE_THUMBNAIL); - } - else - { - $sql = 'UPDATE ' . BB_ATTACHMENTS_DESC . ' SET thumbnail = 0 WHERE attach_id = ' . (int) $actual_id_list[$i]; - - if (!(DB()->sql_query($sql))) - { - bb_die('Unable to update ' . BB_ATTACHMENTS_DESC); - } - } - } - } - } - } - else if ($edit_attachment || $update_attachment || $add_attachment || $preview) - { - if ($edit_attachment) - { - $actual_comment_list = get_var('comment_list', array('')); - - $this->attachment_comment_list = array(); - - for ($i = 0; $i < sizeof($this->attachment_list); $i++) - { - $this->attachment_comment_list[$i] = $actual_comment_list[$i]; - } - } - - if ($update_attachment) - { - if ($this->filename == '') - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= $lang['ERROR_EMPTY_ADD_ATTACHBOX']; - } - - $this->upload_attachment($this->page); - - if (!$error) - { - $actual_list = get_var('attachment_list', array('')); - $actual_id_list = get_var('attach_id_list', array(0)); - - $attachment_id = 0; - $actual_element = 0; - - for ($i = 0; $i < sizeof($actual_id_list); $i++) - { - if (isset($_POST['update_attachment'][$actual_id_list[$i]])) - { - $attachment_id = intval($actual_id_list[$i]); - $actual_element = $i; - } - } - - // Get current informations to delete the Old Attachment - $sql = 'SELECT physical_filename, comment, thumbnail - FROM ' . BB_ATTACHMENTS_DESC . ' - WHERE attach_id = ' . (int) $attachment_id; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Unable to select old attachment entry'); - } - - if (DB()->num_rows($result) != 1) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= $lang['ERROR_MISSING_OLD_ENTRY']; - } - - $row = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); - - $comment = (trim($this->file_comment) == '') ? trim($row['comment']) : trim($this->file_comment); - - // Update Entry - $sql_ary = array( - 'physical_filename' => (string) basename($this->attach_filename), - 'real_filename' => (string) basename($this->filename), - 'comment' => (string) $comment, - 'extension' => (string) strtolower($this->extension), - 'mimetype' => (string) strtolower($this->type), - 'filesize' => (int) $this->filesize, - 'filetime' => (int) $this->filetime, - 'thumbnail' => (int) $this->thumbnail - ); - - $sql = 'UPDATE ' . BB_ATTACHMENTS_DESC . ' SET ' . attach_mod_sql_build_array('UPDATE', $sql_ary) . ' - WHERE attach_id = ' . (int) $attachment_id; - - if (!(DB()->sql_query($sql))) - { - bb_die('Unable to update the attachment'); - } - - // Delete the Old Attachment - unlink_attach($row['physical_filename']); - - if (intval($row['thumbnail']) == 1) - { - unlink_attach($row['physical_filename'], MODE_THUMBNAIL); - } - - //bt - if ($this->attachment_extension_list[$actual_element] === TORRENT_EXT && $attachments[$actual_element]['tracker_status']) - { - include(INC_DIR .'functions_torrent.php'); - tracker_unregister($attachment_id); - } - //bt end - - // Make sure it is displayed - $this->attachment_list[$actual_element] = $this->attach_filename; - $this->attachment_comment_list[$actual_element] = $comment; - $this->attachment_filename_list[$actual_element] = $this->filename; - $this->attachment_extension_list[$actual_element] = $this->extension; - $this->attachment_mimetype_list[$actual_element] = $this->type; - $this->attachment_filesize_list[$actual_element] = $this->filesize; - $this->attachment_filetime_list[$actual_element] = $this->filetime; - $this->attachment_id_list[$actual_element] = $actual_id_list[$actual_element]; - $this->attachment_thumbnail_list[$actual_element] = $this->thumbnail; - $this->file_comment = ''; - } - } - - if (($add_attachment || $preview) && $this->filename != '') - { - if ($this->num_attachments < intval($max_attachments)) - { - $this->upload_attachment($this->page); - - if (!$error) - { - array_unshift($this->attachment_list, $this->attach_filename); - array_unshift($this->attachment_comment_list, $this->file_comment); - array_unshift($this->attachment_filename_list, $this->filename); - array_unshift($this->attachment_extension_list, $this->extension); - array_unshift($this->attachment_mimetype_list, $this->type); - array_unshift($this->attachment_filesize_list, $this->filesize); - array_unshift($this->attachment_filetime_list, $this->filetime); - array_unshift($this->attachment_id_list, '0'); - array_unshift($this->attachment_thumbnail_list, $this->thumbnail); - - $this->file_comment = ''; - } - } - else - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['TOO_MANY_ATTACHMENTS'], intval($max_attachments)); - } - } - } - } - - return TRUE; - } - - /** - * Basic Insert Attachment Handling for all Message Types - */ - function do_insert_attachment($mode, $message_type, $message_id) - { - global $upload_dir; - - if (intval($message_id) < 0) - { - return FALSE; - } - - global $post_info, $userdata; - - $post_id = (int) $message_id; - $user_id_1 = (isset($post_info['poster_id'])) ? (int) $post_info['poster_id'] : 0; - - if (!$user_id_1) - { - $user_id_1 = (int) $userdata['user_id']; - } - - if ($mode == 'attach_list') - { - for ($i = 0; $i < sizeof($this->attachment_list); $i++) - { - if ($this->attachment_id_list[$i]) - { - //bt - if ($this->attachment_extension_list[$i] === TORRENT_EXT && !defined('TORRENT_ATTACH_ID')) - { - define('TORRENT_ATTACH_ID', $this->attachment_id_list[$i]); - } - //bt end - - // update entry in db if attachment already stored in db and filespace - $sql = 'UPDATE ' . BB_ATTACHMENTS_DESC . " - SET comment = '" . @attach_mod_sql_escape($this->attachment_comment_list[$i]) . "' - WHERE attach_id = " . $this->attachment_id_list[$i]; - - if (!(DB()->sql_query($sql))) - { - bb_die('Unable to update the file comment'); - } - } - else - { - if (empty($this->attachment_mimetype_list[$i]) && $this->attachment_extension_list[$i] === TORRENT_EXT) - { - $this->attachment_mimetype_list[$i] = 'application/x-bittorrent'; - } - - // insert attachment into db - $sql_ary = array( - 'physical_filename' => (string) basename($this->attachment_list[$i]), - 'real_filename' => (string) basename($this->attachment_filename_list[$i]), - 'comment' => (string) @$this->attachment_comment_list[$i], - 'extension' => (string) strtolower($this->attachment_extension_list[$i]), - 'mimetype' => (string) strtolower($this->attachment_mimetype_list[$i]), - 'filesize' => (int) $this->attachment_filesize_list[$i], - 'filetime' => (int) $this->attachment_filetime_list[$i], - 'thumbnail' => (int) $this->attachment_thumbnail_list[$i] - ); - - $sql = 'INSERT INTO ' . BB_ATTACHMENTS_DESC . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary); - - if (!(DB()->sql_query($sql))) - { - bb_die('Could not store Attachment.
Your '. $message_type .' has been stored'); - } - - $attach_id = DB()->sql_nextid(); - - //bt - if ($this->attachment_extension_list[$i] === TORRENT_EXT && !defined('TORRENT_ATTACH_ID')) - { - define('TORRENT_ATTACH_ID', $attach_id); - } - //bt end - - $sql_ary = array( - 'attach_id' => (int) $attach_id, - 'post_id' => (int) $post_id, - 'user_id_1' => (int) $user_id_1, - ); - - $sql = 'INSERT INTO ' . BB_ATTACHMENTS . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary); - - if (!(DB()->sql_query($sql))) - { - bb_die('Could not store Attachment.
Your '. $message_type .' has been stored'); - } - } - } - - return TRUE; - } - - if ($mode == 'last_attachment') - { - if ($this->post_attach && !isset($_POST['update_attachment'])) - { - // insert attachment into db, here the user submited it directly - $sql_ary = array( - 'physical_filename' => (string) basename($this->attach_filename), - 'real_filename' => (string) basename($this->filename), - 'comment' => (string) $this->file_comment, - 'extension' => (string) strtolower($this->extension), - 'mimetype' => (string) strtolower($this->type), - 'filesize' => (int) $this->filesize, - 'filetime' => (int) $this->filetime, - 'thumbnail' => (int) $this->thumbnail - ); - - $sql = 'INSERT INTO ' . BB_ATTACHMENTS_DESC . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary); - - // Inform the user that his post has been created, but nothing is attached - if (!(DB()->sql_query($sql))) - { - bb_die('Could not store Attachment.
Your '. $message_type .' has been stored'); - } - - $attach_id = DB()->sql_nextid(); - - $sql_ary = array( - 'attach_id' => (int) $attach_id, - 'post_id' => (int) $post_id, - 'user_id_1' => (int) $user_id_1, - ); - - $sql = 'INSERT INTO ' . BB_ATTACHMENTS . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary); - - if (!(DB()->sql_query($sql))) - { - bb_die('Could not store Attachment.
Your '. $message_type .' has been stored'); - } - } - } - } - - /** - * Attachment Mod entry switch/output (intern) - * @private - */ - function display_attachment_bodies() - { - global $attach_config, $is_auth, $lang, $template, $upload_dir, $forum_id; - - // Choose what to display - $value_add = $value_posted = 0; - - $this->add_attachment_body = 1; - $this->posted_attachments_body = 1; - - $s_hidden = ''; - $s_hidden .= ''; - - $template->assign_vars(array( - 'ADD_ATTACH_HIDDEN_FIELDS' => $s_hidden, - )); - - $attachments = array(); - - if (sizeof($this->attachment_list) > 0) - { - $hidden = ''; - for ($i = 0; $i < sizeof($this->attachment_list); $i++) - { - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - $hidden .= ''; - - if (!$this->posted_attachments_body || sizeof($this->attachment_list) == 0) - { - $hidden .= ''; - } - } - $template->assign_var('POSTED_ATTACHMENTS_HIDDEN_FIELDS', $hidden); - } - - if ($this->add_attachment_body) - { - $template->assign_vars(array( - 'TPL_ADD_ATTACHMENT' => true, - 'FILE_COMMENT' => htmlspecialchars($this->file_comment), - 'FILESIZE' => $attach_config['max_filesize'], - 'FILENAME' => htmlspecialchars($this->filename), - 'S_FORM_ENCTYPE' => 'enctype="multipart/form-data"', - )); - } - - if ($this->posted_attachments_body && sizeof($this->attachment_list) > 0) - { - $template->assign_vars(array( - 'TPL_POSTED_ATTACHMENTS' => true, - )); - - for ($i = 0; $i < sizeof($this->attachment_list); $i++) - { - if (@$this->attachment_id_list[$i] == 0) - { - $download_link = $upload_dir . '/' . basename($this->attachment_list[$i]); - } - else - { - $download_link = BB_ROOT . DOWNLOAD_URL . $this->attachment_id_list[$i]; - } - - $template->assign_block_vars('attach_row', array( - 'FILE_NAME' => @htmlspecialchars($this->attachment_filename_list[$i]), - 'ATTACH_FILENAME' => @$this->attachment_list[$i], - 'FILE_COMMENT' => @htmlspecialchars($this->attachment_comment_list[$i]), - 'ATTACH_ID' => @$this->attachment_id_list[$i], - 'U_VIEW_ATTACHMENT' => $download_link, - )); - - // Thumbnail there ? And is the User Admin or Mod ? Then present the 'Delete Thumbnail' Button - if (@intval($this->attachment_thumbnail_list[$i]) == 1 && ((isset($is_auth['auth_mod']) && $is_auth['auth_mod']) || IS_ADMIN)) - { - $template->assign_block_vars('attach_row.switch_thumbnail', array()); - } - - if (@$this->attachment_id_list[$i]) - { - $template->assign_block_vars('attach_row.switch_update_attachment', array()); - } - } - } - - $template->assign_var('ATTACHBOX'); - } - - /** - * Upload an Attachment to Filespace (intern) - */ - function upload_attachment() - { - global $error, $error_msg, $lang, $attach_config, $userdata, $upload_dir, $forum_id; - - $this->post_attach = ($this->filename != '') ? TRUE : FALSE; - - if ($this->post_attach) - { - $r_file = trim(basename($this->filename)); - $file = $_FILES['fileupload']['tmp_name']; - $this->type = $_FILES['fileupload']['type']; - - if (isset($_FILES['fileupload']['size']) && $_FILES['fileupload']['size'] == 0) - { - bb_die('Tried to upload empty file'); - } - - $this->type = strtolower($this->type); - $this->extension = strtolower(get_extension($this->filename)); - - $this->filesize = @filesize($file); - $this->filesize = intval($this->filesize); - - $sql = 'SELECT g.allow_group, g.max_filesize, g.cat_id, g.forum_permissions - FROM ' . BB_EXTENSION_GROUPS . ' g, ' . BB_EXTENSIONS . " e - WHERE g.group_id = e.group_id - AND e.extension = '" . attach_mod_sql_escape($this->extension) . "' - LIMIT 1"; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query extensions'); - } - - $row = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); - - $allowed_filesize = ($row['max_filesize']) ? $row['max_filesize'] : $attach_config['max_filesize']; - $cat_id = intval($row['cat_id']); - $auth_cache = trim($row['forum_permissions']); - - // check Filename - if (preg_match("#[\\/:*?\"<>|]#i", $this->filename)) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['INVALID_FILENAME'], htmlspecialchars($this->filename)); - } - - // check php upload-size - if (!$error && $file == 'none') - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $ini_val = 'ini_get'; - - $max_size = @$ini_val('upload_max_filesize'); - - if ($max_size == '') - { - $error_msg .= $lang['ATTACHMENT_PHP_SIZE_NA']; - } - else - { - $error_msg .= sprintf($lang['ATTACHMENT_PHP_SIZE_OVERRUN'], $max_size); - } - } - - // Check Extension - if (!$error && intval($row['allow_group']) == 0) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['DISALLOWED_EXTENSION'], htmlspecialchars($this->extension)); - } - - // Check Forum Permissions - if (!$error && !IS_ADMIN && !is_forum_authed($auth_cache, $forum_id) && trim($auth_cache) != '') - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['DISALLOWED_EXTENSION_WITHIN_FORUM'], htmlspecialchars($this->extension)); - } - - //bt - // Check if user can post torrent - global $post_data; - - if (!$error && $this->extension === TORRENT_EXT && !$post_data['first_post']) - { - $error = TRUE; - if (!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= $lang['ALLOWED_ONLY_1ST_POST_ATTACH']; - } - //bt end - - // Upload File - - $this->thumbnail = 0; - - if (!$error) - { - // - // Prepare Values - $this->filetime = TIMENOW; - - $this->filename = $r_file; - - // physical filename - //$this->attach_filename = strtolower($this->filename); - $this->attach_filename = $this->filename; - - //bt - if (FILENAME_CRYPTIC) - { - $this->attach_filename = make_rand_str(FILENAME_CRYPTIC_LENGTH); - } - else - { // original - $this->attach_filename = html_entity_decode(trim(stripslashes($this->attach_filename))); - $this->attach_filename = delete_extension($this->attach_filename); - $this->attach_filename = str_replace(array(' ','-'), array('_','_'), $this->attach_filename); - $this->attach_filename = str_replace('__', '_', $this->attach_filename); - $this->attach_filename = str_replace(array(',', '.', '!', '?', 'ь', 'Ь', 'ц', 'Ц', 'д', 'Д', ';', ':', '@', "'", '"', '&'), array('', '', '', '', 'ue', 'ue', 'oe', 'oe', 'ae', 'ae', '', '', '', '', '', 'and'), $this->attach_filename); - $this->attach_filename = str_replace(array('$', 'Я', '>','<','§','%','=','/','(',')','#','*','+',"\\",'{','}','[',']'), array('dollar', 'ss','greater','lower','paragraph','percent','equal','','','','','','','','','','',''), $this->attach_filename); - // Remove non-latin characters - $this->attach_filename = preg_replace('#([\xC2\xC3])([\x80-\xBF])#', 'chr(ord(\'$1\')<<6&0xC0|ord(\'$2\')&0x3F)', $this->attach_filename); - $this->attach_filename = rawurlencode($this->attach_filename); - $this->attach_filename = preg_replace("/(%[0-9A-F]{1,2})/i", '', $this->attach_filename); - $this->attach_filename = trim($this->attach_filename); - } - $this->attach_filename = str_replace(array('&','&',' '), '_', $this->attach_filename); - $this->attach_filename = str_replace('php', '_php_', $this->attach_filename); - $this->attach_filename = substr(trim($this->attach_filename), 0, FILENAME_MAX_LENGTH); - - for ($i=0, $max_try=5; $i <= $max_try; $i++) - { - $fn_prefix = make_rand_str(FILENAME_PREFIX_LENGTH) .'_'; - $new_physical_filename = clean_filename($fn_prefix . $this->attach_filename); - - if (!physical_filename_already_stored($new_physical_filename)) - { - break; - } - if ($i == $max_try) - { - bb_die('Could not create filename for attachment'); - } - } - $this->attach_filename = $new_physical_filename; - - // Do we have to create a thumbnail ? - if ($cat_id == IMAGE_CAT && intval($attach_config['img_create_thumbnail'])) - { - $this->thumbnail = 1; - } - } - - if ($error) - { - $this->post_attach = FALSE; - return; - } - - // Upload Attachment - if (!$error) - { - // Descide the Upload method - $ini_val = 'ini_get'; - - $safe_mode = @$ini_val('safe_mode'); - - if (@$ini_val('open_basedir')) - { - $upload_mode = 'move'; - } - else if ( @$ini_val('safe_mode') ) - { - $upload_mode = 'move'; - } - else - { - $upload_mode = 'copy'; - } - - // Ok, upload the Attachment - if (!$error) - { - $this->move_uploaded_attachment($upload_mode, $file); - } - } - - // Now, check filesize parameters - if (!$error) - { - if (!$this->filesize) - { - $this->filesize = intval(@filesize($upload_dir . '/' . $this->attach_filename)); - } - } - - // Check Image Size, if it's an image - if (!$error && !IS_ADMIN && $cat_id == IMAGE_CAT) - { - list($width, $height) = image_getdimension($upload_dir . '/' . $this->attach_filename); - - if ($width != 0 && $height != 0 && intval($attach_config['img_max_width']) != 0 && intval($attach_config['img_max_height']) != 0) - { - if ($width > intval($attach_config['img_max_width']) || $height > intval($attach_config['img_max_height'])) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['ERROR_IMAGESIZE'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height'])); - } - } - } - - // check Filesize - if (!$error && $allowed_filesize != 0 && $this->filesize > $allowed_filesize && !(IS_ADMIN || IS_MOD || IS_GROUP_MEMBER)) - { - $allowed_filesize = humn_size($allowed_filesize); - - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['ATTACHMENT_TOO_BIG'], $allowed_filesize); - } - - // Check our complete quota - if ($attach_config['attachment_quota']) - { - $sql = 'SELECT sum(filesize) as total FROM ' . BB_ATTACHMENTS_DESC; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query total filesize #1'); - } - - $row = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); - - $total_filesize = $row['total']; - - if (($total_filesize + $this->filesize) > $attach_config['attachment_quota']) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= $lang['ATTACH_QUOTA_REACHED']; - } - - } - - $this->get_quota_limits($userdata); - - // Check our user quota - if ($attach_config['upload_filesize_limit']) - { - $sql = 'SELECT attach_id - FROM ' . BB_ATTACHMENTS . ' - WHERE user_id_1 = ' . (int) $userdata['user_id'] . ' - GROUP BY attach_id'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query attachments'); - } - - $attach_ids = DB()->sql_fetchrowset($result); - $num_attach_ids = DB()->num_rows($result); - DB()->sql_freeresult($result); - - $attach_id = array(); - - for ($i = 0; $i < $num_attach_ids; $i++) - { - $attach_id[] = intval($attach_ids[$i]['attach_id']); - } - - if ($num_attach_ids > 0) - { - // Now get the total filesize - $sql = 'SELECT sum(filesize) as total - FROM ' . BB_ATTACHMENTS_DESC . ' - WHERE attach_id IN (' . implode(', ', $attach_id) . ')'; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Could not query total filesize #2'); - } - - $row = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); - $total_filesize = $row['total']; - } - else - { - $total_filesize = 0; - } - - if (($total_filesize + $this->filesize) > $attach_config['upload_filesize_limit']) - { - $upload_filesize_limit = $attach_config['upload_filesize_limit']; - $size_lang = ($upload_filesize_limit >= 1048576) ? $lang['MB'] : ( ($upload_filesize_limit >= 1024) ? $lang['KB'] : $lang['BYTES'] ); - - if ($upload_filesize_limit >= 1048576) - { - $upload_filesize_limit = round($upload_filesize_limit / 1048576 * 100) / 100; - } - else if($upload_filesize_limit >= 1024) - { - $upload_filesize_limit = round($upload_filesize_limit / 1024 * 100) / 100; - } - - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['USER_UPLOAD_QUOTA_REACHED'], $upload_filesize_limit, $size_lang); - } - } - - if ($error) - { - unlink_attach($this->attach_filename); - unlink_attach($this->attach_filename, MODE_THUMBNAIL); - $this->post_attach = FALSE; - } - } - } - - // Copy the temporary attachment to the right location (copy, move_uploaded_file) - function move_uploaded_attachment($upload_mode, $file) - { - global $error, $error_msg, $lang, $upload_dir; - - if (!is_uploaded_file($file)) - { - bb_die('Unable to upload file. The given source has not been uploaded'); - } - - switch ($upload_mode) - { - case 'copy': - - if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) - { - if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['GENERAL_UPLOAD_ERROR'], './' . $upload_dir . '/' . $this->attach_filename); - return; - } - } - @chmod($upload_dir . '/' . basename($this->attach_filename), 0666); - - break; - - case 'move': - - if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) - { - if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['GENERAL_UPLOAD_ERROR'], './' . $upload_dir . '/' . $this->attach_filename); - return; - } - } - @chmod($upload_dir . '/' . $this->attach_filename, 0666); - - break; - } - - if (!$error && $this->thumbnail == 1) - { - $source = $upload_dir . '/' . basename($this->attach_filename); - $dest_file = amod_realpath($upload_dir); - $dest_file .= '/' . THUMB_DIR . '/t_' . basename($this->attach_filename); - - if (!create_thumbnail($source, $dest_file, $this->type)) - { - if (!$file || !create_thumbnail($file, $dest_file, $this->type)) - { - $this->thumbnail = 0; - } - } - } - } -} - -/** -* @package attachment_mod -* Attachment posting -*/ -class attach_posting extends attach_parent -{ - /** - * Constructor - */ - function attach_posting() - { - $this->attach_parent(); - $this->page = 0; - } - - /** - * Insert an Attachment into a Post (this is the second function called from posting.php) - */ - function insert_attachment($post_id) - { - global $is_auth, $mode; - - // Insert Attachment ? - if (!empty($post_id) && ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') && $is_auth['auth_attachments']) - { - $this->do_insert_attachment('attach_list', 'post', $post_id); - $this->do_insert_attachment('last_attachment', 'post', $post_id); - - if ((sizeof($this->attachment_list) > 0 || $this->post_attach) && !isset($_POST['update_attachment'])) - { - $sql = 'UPDATE ' . BB_POSTS . ' SET post_attachment = 1 WHERE post_id = ' . (int) $post_id; - - if (!(DB()->sql_query($sql))) - { - bb_die('Unable to update posts table'); - } - - $sql = 'SELECT topic_id FROM ' . BB_POSTS . ' WHERE post_id = ' . (int) $post_id; - - if (!($result = DB()->sql_query($sql))) - { - bb_die('Unable to select posts table'); - } - - $row = DB()->sql_fetchrow($result); - DB()->sql_freeresult($result); - - $sql = 'UPDATE ' . BB_TOPICS . ' SET topic_attachment = 1 WHERE topic_id = ' . (int) $row['topic_id']; - - if (!(DB()->sql_query($sql))) - { - bb_die('Unable to update topics table'); - } - } - } - } - - /** - * Handle Attachments (Add/Delete/Edit/Show) - This is the first function called from every message handler - */ - function posting_attachment_mod() - { - global $mode, $confirm, $is_auth, $post_id, $delete, $refresh; - - if (!$refresh) - { - $add_attachment_box = (!empty($_POST['add_attachment_box'])) ? TRUE : FALSE; - $posted_attachments_box = (!empty($_POST['posted_attachments_box'])) ? TRUE : FALSE; - - $refresh = $add_attachment_box || $posted_attachments_box; - } - - // Choose what to display - $result = $this->handle_attachments($mode); - - if ($result === false) - { - return; - } - - if ($confirm && ($delete || $mode == 'delete' || $mode == 'editpost') && ($is_auth['auth_delete'] || $is_auth['auth_mod'])) - { - if ($post_id) - { - delete_attachment($post_id); - } - } - - $this->display_attachment_bodies(); - } - -} - -/** -* Entry Point -*/ -function execute_posting_attachment_handling() -{ - global $attachment_mod; - - $attachment_mod['posting'] = new attach_posting(); - $attachment_mod['posting']->posting_attachment_mod(); -} \ No newline at end of file diff --git a/library/includes/functions_admin.php b/library/includes/functions_admin.php index 7bf42ab41..82c76d003 100644 --- a/library/includes/functions_admin.php +++ b/library/includes/functions_admin.php @@ -303,33 +303,6 @@ function topic_delete ($mode_or_topic_id, $forum_id = null, $prune_time = 0, $pr LEFT JOIN ". BB_POLL_USERS ." pu USING(topic_id) "); - // Delete attachments (from disk) - $attach_dir = get_attachments_dir(); - - $result = DB()->query(" - SELECT - d.physical_filename - FROM - ". $tmp_delete_topics ." del, - ". BB_POSTS ." p, - ". BB_ATTACHMENTS ." a, - ". BB_ATTACHMENTS_DESC ." d - WHERE - p.topic_id = del.topic_id - AND a.post_id = p.post_id - AND d.attach_id = a.attach_id - "); - - while ($row = DB()->fetch_next($result)) - { - if ($filename = basename($row['physical_filename'])) - { - @unlink("$attach_dir/". $filename); - @unlink("$attach_dir/". THUMB_DIR .'/t_'. $filename); - } - } - unset($row, $result); - // Delete posts, posts_text, attachments (from DB) DB()->query(" DELETE p, pt, ps, a, d, ph @@ -614,31 +587,6 @@ function post_delete ($mode_or_post_id, $user_id = null, $exclude_first = true) return 0; } - // Delete attachments (from disk) - $attach_dir = get_attachments_dir(); - - $result = DB()->query(" - SELECT - d.physical_filename - FROM - ". $tmp_delete_posts ." del, - ". BB_ATTACHMENTS ." a, - ". BB_ATTACHMENTS_DESC ." d - WHERE - a.post_id = del.post_id - AND d.attach_id = a.attach_id - "); - - while ($row = DB()->fetch_next($result)) - { - if ($filename = basename($row['physical_filename'])) - { - @unlink("$attach_dir/". $filename); - @unlink("$attach_dir/". THUMB_DIR .'/t_'. $filename); - } - } - unset($row, $result); - // Delete posts, posts_text, attachments (from DB) DB()->query(" DELETE p, pt, ps, tor, a, d, ph diff --git a/library/attach_mod/displaying.php b/library/includes/old_attachment.php similarity index 61% rename from library/attach_mod/displaying.php rename to library/includes/old_attachment.php index efc18701d..7ec141c49 100644 --- a/library/attach_mod/displaying.php +++ b/library/includes/old_attachment.php @@ -1,37 +1,96 @@ sql_query($sql))) + { + bb_die('Could not get attachment informations for post number ' . $post_id_array); + } + + $num_rows = DB()->num_rows($result); + $attachments = DB()->sql_fetchrowset($result); + DB()->sql_freeresult($result); + + if ($num_rows == 0) + { + return array(); + } + + return $attachments; +} + /** -* Create needed arrays for Extension Assignments +* Get attachment mod configuration */ -function init_complete_extensions_data() +function get_config() { - global $allowed_extensions, $display_categories, $download_modes, $upload_icons; + global $bb_cfg; - if (!$extension_informations = get_extension_informations()) - { - $extension_informations = get_extension_informations(); - } - $allowed_extensions = array(); + $attach_config = array(); - for ($i = 0, $size = sizeof($extension_informations); $i < $size; $i++) + $sql = 'SELECT * FROM ' . BB_ATTACH_CONFIG; + + if (!($result = DB()->sql_query($sql))) { - $extension = strtolower(trim($extension_informations[$i]['extension'])); - $allowed_extensions[] = $extension; - $display_categories[$extension] = intval($extension_informations[$i]['cat_id']); - $download_modes[$extension] = intval($extension_informations[$i]['download_mode']); - $upload_icons[$extension] = trim($extension_informations[$i]['upload_icon']); + bb_die('Could not query attachment information'); } + + while ($row = DB()->sql_fetchrow($result)) + { + $attach_config[$row['config_name']] = trim($row['config_value']); + } + + // We assign the original default board language here, because it gets overwritten later with the users default language + $attach_config['board_lang'] = trim($bb_cfg['default_lang']); + + return $attach_config; +} + +// Get Attachment Config +$attach_config = array(); + +if (!$attach_config = CACHE('bb_cache')->get('attach_config')) +{ + $attach_config = get_config(); + CACHE('bb_cache')->set('attach_config', $attach_config, 86400); } /** -* Writing Data into plain Template Vars -*/ + * Writing Data into plain Template Vars + */ function init_display_template($template_var, $replacement, $filename = 'viewtopic_attach.tpl') { global $template; @@ -81,8 +140,8 @@ function init_display_template($template_var, $replacement, $filename = 'viewtop } /** -* Display Attachments in Posts -*/ + * Display Attachments in Posts + */ function display_post_attachments($post_id, $switch_attachment) { global $attach_config, $is_auth; @@ -99,8 +158,8 @@ function display_post_attachments($post_id, $switch_attachment) } /** -* Initializes some templating variables for displaying Attachments in Posts -*/ + * Initializes some templating variables for displaying Attachments in Posts + */ function init_display_post_attachments($switch_attachment) { global $attach_config, $is_auth, $template, $lang, $postrow, $total_posts, $attachments, $forum_row, $t_data; @@ -158,18 +217,8 @@ function init_display_post_attachments($switch_attachment) init_display_template('body', '{postrow.ATTACHMENTS}'); - init_complete_extensions_data(); } -/** -* END ATTACHMENT DISPLAY IN POSTS -*/ - -/** -* Assign Variables and Definitions based on the fetched Attachments - internal -* used by all displaying functions, the Data was collected before, it's only dependend on the template used. :) -* before this function is usable, init_display_attachments have to be called for specific pages (pm, posting, review etc...) -*/ function display_attachments($post_id) { global $template, $upload_dir, $userdata, $allowed_extensions, $display_categories, $download_modes, $lang, $attachments, $upload_icons, $attach_config; @@ -204,48 +253,22 @@ function display_attachments($post_id) $denied = false; - // Admin is allowed to view forbidden Attachments, but the error-message is displayed too to inform the Admin - if (!in_array($attachments['_' . $post_id][$i]['extension'], $allowed_extensions)) - { - $denied = true; - - $template->assign_block_vars('postrow.attach.denyrow', array( - 'L_DENIED' => sprintf($lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachments['_' . $post_id][$i]['extension'])) - ); - } - if (!$denied || IS_ADMIN) { - // define category - $image = FALSE; - $thumbnail = FALSE; - $link = FALSE; + $target_blank = ( (@intval($display_categories[$attachments['_' . $post_id][$i]['extension']]) == IMAGE_CAT) ) ? 'target="_blank"' : ''; - if (!$image && !$thumbnail) - { - $link = TRUE; - } - - // bt - if ($link && ($attachments['_'. $post_id][$i]['extension'] === TORRENT_EXT)) - { - include(ATTACH_DIR .'displaying_torrent.php'); - } - else if ($link) - { - $target_blank = ( (@intval($display_categories[$attachments['_' . $post_id][$i]['extension']]) == IMAGE_CAT) ) ? 'target="_blank"' : ''; - - // display attachment - $template->assign_block_vars('postrow.attach.attachrow', array( - 'U_DOWNLOAD_LINK' => BB_ROOT . DOWNLOAD_URL . $attachments['_' . $post_id][$i]['attach_id'], - 'S_UPLOAD_IMAGE' => $upload_image, - 'DOWNLOAD_NAME' => $display_name, - 'FILESIZE' => $filesize, - 'COMMENT' => $comment, - 'TARGET_BLANK' => $target_blank, - 'DOWNLOAD_COUNT' => sprintf($lang['DOWNLOAD_NUMBER'], $attachments['_' . $post_id][$i]['download_count']), - )); - } + // display attachment + $template->assign_block_vars('postrow.attach.attachrow', array( + 'U_DOWNLOAD_LINK' => BB_ROOT . DOWNLOAD_URL . $attachments['_' . $post_id][$i]['attach_id'], + 'S_UPLOAD_IMAGE' => $upload_image, + 'DOWNLOAD_NAME' => $display_name, + 'FILESIZE' => $filesize, + 'COMMENT' => $comment, + 'TARGET_BLANK' => $target_blank, + 'DOWNLOAD_COUNT' => sprintf($lang['DOWNLOAD_NUMBER'], $attachments['_' . $post_id][$i]['download_count']), + )); } } -} \ No newline at end of file +} + +$upload_dir = $attach_config['upload_dir']; \ No newline at end of file diff --git a/posting.php b/posting.php index 51a0d9fb4..40359bf7a 100644 --- a/posting.php +++ b/posting.php @@ -5,7 +5,6 @@ define('BB_ROOT', './'); require(BB_ROOT ."common.php"); require(INC_DIR .'bbcode.php'); require(INC_DIR .'functions_post.php'); -require(ATTACH_DIR .'attachment_mod.php'); $page_cfg['load_tpl_vars'] = array('post_icons'); @@ -285,8 +284,6 @@ else $update_post_time = !empty($_POST['update_post_time']); -execute_posting_attachment_handling(); - // если за время пока вы писали ответ, в топике появились новые сообщения, перед тем как ваше сообщение будет отправлено, выводится предупреждение с обзором этих сообщений $topic_has_new_posts = false; diff --git a/viewtopic.php b/viewtopic.php index 10ddd065c..293410242 100644 --- a/viewtopic.php +++ b/viewtopic.php @@ -529,7 +529,7 @@ require(INC_DIR .'torrent_show_dl_list.php'); if ($t_data['topic_attachment']) { - require(ATTACH_DIR .'attachment_mod.php'); + require(INC_DIR .'old_attachment.php'); init_display_post_attachments($t_data['topic_attachment']); }