'; for ($i = 0, $iMax = count($view_types_text); $i < $iMax; $i++) { $selected = ($view === $view_types[$i]) ? ' selected' : ''; $select_view .= '' . $view_types_text[$i] . ''; } $select_view .= ''; } if (count($mode_types_text) > 0 && !empty($mode_types)) { $select_sort_mode = ''; for ($i = 0, $iMax = count($mode_types_text); $i < $iMax; $i++) { $selected = ($mode === $mode_types[$i]) ? ' selected' : ''; $select_sort_mode .= '' . $mode_types_text[$i] . ''; } $select_sort_mode .= ''; } $select_sort_order = ''; if ($sort_order === 'ASC') { $select_sort_order .= '' . $lang['ASC'] . '' . $lang['DESC'] . ''; } else { $select_sort_order .= '' . $lang['ASC'] . '' . $lang['DESC'] . ''; } $select_sort_order .= ''; $submit_change = isset($_POST['submit_change']); $delete = isset($_POST['delete']); $delete_id_list = get_var('delete_id_list', [0]); $confirm = isset($_POST['confirm']); if ($confirm && count($delete_id_list) > 0) { $attachments = []; delete_attachment(0, $delete_id_list); } elseif ($delete && count($delete_id_list) > 0) { // Not confirmed, show confirmation message $hidden_fields = ''; $hidden_fields .= ''; $hidden_fields .= ''; $hidden_fields .= ''; $hidden_fields .= ''; foreach ($delete_id_list as $iValue) { $hidden_fields .= ''; } print_confirmation([ 'FORM_ACTION' => 'admin_attach_cp.php', 'HIDDEN_FIELDS' => $hidden_fields, ]); } // Assign Default Template Vars $template->assign_vars([ 'S_VIEW_SELECT' => $select_view, 'S_MODE_ACTION' => 'admin_attach_cp.php?view=' . $view . '&mode=' . $mode . '&order=' . $sort_order . '&uid=' . $uid ]); if ($submit_change && $view === 'attachments') { $attach_change_list = get_var('attach_id_list', [0]); $attach_comment_list = get_var('attach_comment_list', ['']); $attach_download_count_list = get_var('attach_count_list', [0]); // Generate correct Change List $attachments = []; for ($i = 0, $iMax = count($attach_change_list); $i < $iMax; $i++) { $attachments['_' . $attach_change_list[$i]]['comment'] = $attach_comment_list[$i]; $attachments['_' . $attach_change_list[$i]]['download_count'] = $attach_download_count_list[$i]; } $sql = 'SELECT * FROM ' . BB_ATTACHMENTS_DESC . ' ORDER BY attach_id'; if (!($result = DB()->sql_query($sql))) { bb_die('Could not get attachment informations'); } while ($attachrow = DB()->sql_fetchrow($result)) { if (isset($attachments['_' . $attachrow['attach_id']])) { if ($attachrow['comment'] != $attachments['_' . $attachrow['attach_id']]['comment'] || $attachrow['download_count'] != $attachments['_' . $attachrow['attach_id']]['download_count']) { $sql = 'UPDATE ' . BB_ATTACHMENTS_DESC . " SET comment = '" . DB()->escape($attachments['_' . $attachrow['attach_id']]['comment']) . "', download_count = " . (int)$attachments['_' . $attachrow['attach_id']]['download_count'] . ' WHERE attach_id = ' . (int)$attachrow['attach_id']; if (!DB()->sql_query($sql)) { bb_die('Could not update attachments informations'); } } } } DB()->sql_freeresult($result); } // Statistics if ($view == 'stats') { $upload_dir_size = get_formatted_dirsize(); $attachment_quota = humn_size($attach_config['attachment_quota']); // number_of_attachments $row = DB()->fetch_row('SELECT COUNT(*) AS total FROM ' . BB_ATTACHMENTS_DESC); $number_of_attachments = $number_of_posts = $row['total']; $number_of_pms = 0; // number_of_topics $row = DB()->fetch_row('SELECT COUNT(*) AS topics FROM ' . BB_TOPICS . ' WHERE topic_attachment = 1'); $number_of_topics = $row['topics']; // number_of_users $row = DB()->fetch_row('SELECT COUNT(DISTINCT user_id_1) AS users FROM ' . BB_ATTACHMENTS . ' WHERE post_id != 0'); $number_of_users = $row['users']; $template->assign_vars([ 'TPL_ATTACH_STATISTICS' => true, 'TOTAL_FILESIZE' => $upload_dir_size, 'ATTACH_QUOTA' => $attachment_quota, 'NUMBER_OF_ATTACHMENTS' => $number_of_attachments, 'NUMBER_OF_POSTS' => $number_of_posts, 'NUMBER_OF_PMS' => $number_of_pms, 'NUMBER_OF_TOPICS' => $number_of_topics, 'NUMBER_OF_USERS' => $number_of_users, ]); } // Search if ($view === 'search') { // Get Forums and Categories //sf - add [, f.forum_parent] $sql = 'SELECT c.cat_title, c.cat_id, f.forum_name, f.forum_id, f.forum_parent FROM ' . BB_CATEGORIES . ' c, ' . BB_FORUMS . ' f WHERE f.cat_id = c.cat_id ORDER BY c.cat_id, f.forum_order'; if (!($result = DB()->sql_query($sql))) { bb_die('Could not obtain forum_name / forum_id'); } $s_forums = ''; $list_cat = []; while ($row = DB()->sql_fetchrow($result)) { //sf $s_forums .= '' . ($row['forum_parent'] ? HTML_SF_SPACER : '') . htmlCHR($row['forum_name']) . ''; if (empty($list_cat[$row['cat_id']])) { $list_cat[$row['cat_id']] = $row['cat_title']; } } $s_categories = ''; if ($s_forums) { $s_forums = '' . $lang['ALL_AVAILABLE'] . '' . $s_forums; // Category to search $s_categories = '' . $lang['ALL_AVAILABLE'] . ''; foreach ($list_cat as $cat_id => $cat_title) { $s_categories .= '' . htmlCHR($cat_title) . ''; } } else { bb_die($lang['NO_SEARCHABLE_FORUMS']); } $template->assign_vars([ 'TPL_ATTACH_SEARCH' => true, 'S_FORUM_OPTIONS' => $s_forums, 'S_CATEGORY_OPTIONS' => $s_categories, 'S_SORT_OPTIONS' => $select_sort_mode, 'S_SORT_ORDER' => $select_sort_order, ]); } // Username if ($view === 'username') { $template->assign_vars([ 'TPL_ATTACH_USER' => true, 'S_MODE_SELECT' => $select_sort_mode, 'S_ORDER_SELECT' => $select_sort_order, ]); $total_rows = 0; bb_die('removed'); } // Attachments if ($view === 'attachments') { $user_based = (bool)$uid; $search_based = (isset($_POST['search']) && $_POST['search']); $hidden_fields = ''; $template->assign_vars([ 'TPL_ATTACH_ATTACHMENTS' => true, 'S_MODE_SELECT' => $select_sort_mode, 'S_ORDER_SELECT' => $select_sort_order, ]); $total_rows = 0; // Are we called from Username ? if ($user_based) { $sql = 'SELECT username FROM ' . BB_USERS . ' WHERE user_id = ' . (int)$uid; if (!($result = DB()->sql_query($sql))) { bb_die('Error getting username'); } $row = DB()->sql_fetchrow($result); DB()->sql_freeresult($result); $username = $row['username']; $s_hidden = ''; $template->assign_block_vars('switch_user_based', []); $template->assign_vars([ 'S_USER_HIDDEN' => $s_hidden, 'L_STATISTICS_FOR_USER' => sprintf($lang['STATISTICS_FOR_USER'], $username), ]); $sql = 'SELECT attach_id FROM ' . BB_ATTACHMENTS . ' WHERE user_id_1 = ' . (int)$uid . ' GROUP BY attach_id'; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query attachments #1'); } $attach_ids = DB()->sql_fetchrowset($result); $num_attach_ids = DB()->num_rows($result); DB()->sql_freeresult($result); if ($num_attach_ids == 0) { bb_die('For some reason no attachments are assigned to the user ' . $username); } $total_rows = $num_attach_ids; $attach_id = []; for ($j = 0; $j < $num_attach_ids; $j++) { $attach_id[] = (int)$attach_ids[$j]['attach_id']; } $sql = 'SELECT a.* FROM ' . BB_ATTACHMENTS_DESC . ' a WHERE a.attach_id IN (' . implode(', ', $attach_id) . ') ' . $order_by; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query attachments #2'); } $attachments = DB()->sql_fetchrowset($result); $num_attach = DB()->num_rows($result); DB()->sql_freeresult($result); } else { // we are called from search $attachments = search_attachments($order_by, $total_rows); } if (count($attachments) > 0) { for ($i = 0, $iMax = count($attachments); $i < $iMax; $i++) { $delete_box = ''; foreach ($delete_id_list as $jValue) { if ($jValue == $attachments[$i]['attach_id']) { $delete_box = ''; break; } } $row_class = !($i % 2) ? 'row1' : 'row2'; // Is the Attachment assigned to more than one post ? // If it's not assigned to any post, it's an private message thingy. ;) $post_titles = []; $sql = 'SELECT * FROM ' . BB_ATTACHMENTS . ' WHERE attach_id = ' . (int)$attachments[$i]['attach_id']; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query attachments #3'); } $ids = DB()->sql_fetchrowset($result); $num_ids = DB()->num_rows($result); DB()->sql_freeresult($result); for ($j = 0; $j < $num_ids; $j++) { if ($ids[$j]['post_id'] != 0) { $sql = 'SELECT t.topic_title FROM ' . BB_TOPICS . ' t, ' . BB_POSTS . ' p WHERE p.post_id = ' . (int)$ids[$j]['post_id'] . ' AND p.topic_id = t.topic_id GROUP BY t.topic_id, t.topic_title'; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query topic'); } $row = DB()->sql_fetchrow($result); DB()->sql_freeresult($result); $post_title = str_short($row['topic_title'], 30); $view_topic = BB_ROOT . POST_URL . $ids[$j]['post_id'] . '#' . $ids[$j]['post_id']; $post_titles[] = '' . $post_title . ''; } else { $post_titles[] = $lang['PRIVATE_MESSAGE']; } } $post_titles = implode('
', $post_titles); $hidden_field = ''; $template->assign_block_vars('attachrow', [ 'ROW_NUMBER' => $i + (@$_GET['start'] + 1), 'ROW_CLASS' => $row_class, 'FILENAME' => htmlspecialchars($attachments[$i]['real_filename']), 'COMMENT' => htmlspecialchars($attachments[$i]['comment']), 'EXTENSION' => $attachments[$i]['extension'], 'SIZE' => humn_size($attachments[$i]['filesize'], 2), 'DOWNLOAD_COUNT' => $attachments[$i]['download_count'], 'POST_TIME' => bb_date($attachments[$i]['filetime']), 'POST_TITLE' => $post_titles, 'S_DELETE_BOX' => $delete_box, 'S_HIDDEN' => $hidden_field, 'U_VIEW_ATTACHMENT' => BB_ROOT . DL_URL . $attachments[$i]['attach_id'], ]); } } if (!$search_based && !$user_based) { if (!$attachments) { $sql = 'SELECT attach_id FROM ' . BB_ATTACHMENTS_DESC; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query attachment description table'); } $total_rows = DB()->num_rows($result); DB()->sql_freeresult($result); } } } // Generate Pagination if ($do_pagination && $total_rows > $bb_cfg['topics_per_page']) { generate_pagination('admin_attach_cp.php?view=' . $view . '&mode=' . $mode . '&order=' . $sort_order . '&uid=' . $uid, $total_rows, $bb_cfg['topics_per_page'], $start); } print_page('admin_attach_cp.tpl', 'admin');