source: trunk/forum/includes/acp/acp_attachments.php

Last change on this file was 702, checked in by george, 16 years ago
  • Upraveno: Aktualizace fóra.
File size: 44.4 KB
Line 
1<?php
2/**
3*
4* @package acp
5* @version $Id$
6* @copyright (c) 2005 phpBB Group
7* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8*
9*/
10
11/**
12* @ignore
13*/
14if (!defined('IN_PHPBB'))
15{
16 exit;
17}
18
19/**
20* @package acp
21*/
22class acp_attachments
23{
24 var $u_action;
25 var $new_config;
26
27 function main($id, $mode)
28 {
29 global $db, $user, $auth, $template, $cache;
30 global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;
31
32 $user->add_lang(array('posting', 'viewtopic', 'acp/attachments'));
33
34 $error = $notify = array();
35 $submit = (isset($_POST['submit'])) ? true : false;
36 $action = request_var('action', '');
37
38 $form_key = 'acp_attach';
39 add_form_key($form_key);
40
41 if ($submit && !check_form_key($form_key))
42 {
43 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
44 }
45
46 switch ($mode)
47 {
48 case 'attach':
49 $l_title = 'ACP_ATTACHMENT_SETTINGS';
50 break;
51
52 case 'extensions':
53 $l_title = 'ACP_MANAGE_EXTENSIONS';
54 break;
55
56 case 'ext_groups':
57 $l_title = 'ACP_EXTENSION_GROUPS';
58 break;
59
60 case 'orphan':
61 $l_title = 'ACP_ORPHAN_ATTACHMENTS';
62 break;
63
64 default:
65 trigger_error('NO_MODE', E_USER_ERROR);
66 break;
67 }
68
69 $this->tpl_name = 'acp_attachments';
70 $this->page_title = $l_title;
71
72 $template->assign_vars(array(
73 'L_TITLE' => $user->lang[$l_title],
74 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'],
75 'U_ACTION' => $this->u_action)
76 );
77
78 switch ($mode)
79 {
80 case 'attach':
81
82 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
83
84 $sql = 'SELECT group_name, cat_id
85 FROM ' . EXTENSION_GROUPS_TABLE . '
86 WHERE cat_id > 0
87 ORDER BY cat_id';
88 $result = $db->sql_query($sql);
89
90 $s_assigned_groups = array();
91 while ($row = $db->sql_fetchrow($result))
92 {
93 $s_assigned_groups[$row['cat_id']][] = $row['group_name'];
94 }
95 $db->sql_freeresult($result);
96
97 $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']';
98
99 $display_vars = array(
100 'title' => 'ACP_ATTACHMENT_SETTINGS',
101 'vars' => array(
102 'legend1' => 'ACP_ATTACHMENT_SETTINGS',
103
104 'img_max_width' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
105 'img_max_height' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
106 'img_link_width' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
107 'img_link_height' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
108
109 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
110 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
111 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true),
112 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true),
113 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
114 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
115 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
116 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
117 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
118 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
119 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
120 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
121 'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
122
123
124 'legend2' => $l_legend_cat_images,
125 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
126 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
127 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
128 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
129 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
130 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
131 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
132 )
133 );
134
135 $this->new_config = $config;
136 $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config;
137 $error = array();
138
139 // We validate the complete config if whished
140 validate_config_vars($display_vars['vars'], $cfg_array, $error);
141
142 // Do not write values if there is an error
143 if (sizeof($error))
144 {
145 $submit = false;
146 }
147
148 // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
149 foreach ($display_vars['vars'] as $config_name => $null)
150 {
151 if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
152 {
153 continue;
154 }
155
156 $this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
157
158 if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
159 {
160 $size_var = request_var($config_name, '');
161 $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
162 }
163
164 if ($submit)
165 {
166 set_config($config_name, $config_value);
167 }
168 }
169
170 $this->perform_site_list();
171
172 if ($submit)
173 {
174 add_log('admin', 'LOG_CONFIG_ATTACH');
175
176 // Check Settings
177 $this->test_upload($error, $this->new_config['upload_path'], false);
178
179 if (!sizeof($error))
180 {
181 trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
182 }
183 }
184
185 $template->assign_var('S_ATTACHMENT_SETTINGS', true);
186
187 if ($action == 'imgmagick')
188 {
189 $this->new_config['img_imagick'] = $this->search_imagemagick();
190 }
191
192 // We strip eventually manual added convert program, we only want the patch
193 if ($this->new_config['img_imagick'])
194 {
195 // Change path separator
196 $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']);
197 $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
198
199 // Check for trailing slash
200 if (substr($this->new_config['img_imagick'], -1) !== '/')
201 {
202 $this->new_config['img_imagick'] .= '/';
203 }
204 }
205
206 $supported_types = get_supported_image_types();
207
208 // Check Thumbnail Support
209 if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format'])))
210 {
211 $this->new_config['img_create_thumbnail'] = 0;
212 }
213
214 $template->assign_vars(array(
215 'U_SEARCH_IMAGICK' => $this->u_action . '&amp;action=imgmagick',
216 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true)
217 );
218
219 // Secure Download Options - Same procedure as with banning
220 $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
221
222 $sql = 'SELECT *
223 FROM ' . SITELIST_TABLE;
224 $result = $db->sql_query($sql);
225
226 $defined_ips = '';
227 $ips = array();
228
229 while ($row = $db->sql_fetchrow($result))
230 {
231 $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];
232 if ($value)
233 {
234 $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';
235 $ips[$row['site_id']] = $value;
236 }
237 }
238 $db->sql_freeresult($result);
239
240 $template->assign_vars(array(
241 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'],
242 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false,
243 'S_WARNING' => (sizeof($error)) ? true : false,
244
245 'WARNING_MSG' => implode('<br />', $error),
246 'DEFINED_IPS' => $defined_ips,
247
248 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'],
249 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'],
250 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS'])
251 );
252
253 // Output relevant options
254 foreach ($display_vars['vars'] as $config_key => $vars)
255 {
256 if (!is_array($vars) && strpos($config_key, 'legend') === false)
257 {
258 continue;
259 }
260
261 if (strpos($config_key, 'legend') !== false)
262 {
263 $template->assign_block_vars('options', array(
264 'S_LEGEND' => true,
265 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars)
266 );
267
268 continue;
269 }
270
271 $type = explode(':', $vars['type']);
272
273 $l_explain = '';
274 if ($vars['explain'] && isset($vars['lang_explain']))
275 {
276 $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain'];
277 }
278 else if ($vars['explain'])
279 {
280 $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
281 }
282
283 $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
284 if (empty($content))
285 {
286 continue;
287 }
288
289 $template->assign_block_vars('options', array(
290 'KEY' => $config_key,
291 'TITLE' => $user->lang[$vars['lang']],
292 'S_EXPLAIN' => $vars['explain'],
293 'TITLE_EXPLAIN' => $l_explain,
294 'CONTENT' => $content,
295 )
296 );
297
298 unset($display_vars['vars'][$config_key]);
299 }
300
301 break;
302
303 case 'extensions':
304
305 if ($submit || isset($_POST['add_extension_check']))
306 {
307 if ($submit)
308 {
309 // Change Extensions ?
310 $extension_change_list = request_var('extension_change_list', array(0));
311 $group_select_list = request_var('group_select', array(0));
312
313 // Generate correct Change List
314 $extensions = array();
315
316 for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++)
317 {
318 $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i];
319 }
320
321 $sql = 'SELECT *
322 FROM ' . EXTENSIONS_TABLE . '
323 ORDER BY extension_id';
324 $result = $db->sql_query($sql);
325
326 while ($row = $db->sql_fetchrow($result))
327 {
328 if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])
329 {
330 $sql = 'UPDATE ' . EXTENSIONS_TABLE . '
331 SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '
332 WHERE extension_id = ' . $row['extension_id'];
333 $db->sql_query($sql);
334
335 add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']);
336 }
337 }
338 $db->sql_freeresult($result);
339
340 // Delete Extension?
341 $extension_id_list = request_var('extension_id_list', array(0));
342
343 if (sizeof($extension_id_list))
344 {
345 $sql = 'SELECT extension
346 FROM ' . EXTENSIONS_TABLE . '
347 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
348 $result = $db->sql_query($sql);
349
350 $extension_list = '';
351 while ($row = $db->sql_fetchrow($result))
352 {
353 $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension'];
354 }
355 $db->sql_freeresult($result);
356
357 $sql = 'DELETE
358 FROM ' . EXTENSIONS_TABLE . '
359 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
360 $db->sql_query($sql);
361
362 add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list);
363 }
364 }
365
366 // Add Extension?
367 $add_extension = strtolower(request_var('add_extension', ''));
368 $add_extension_group = request_var('add_group_select', 0);
369 $add = (isset($_POST['add_extension_check'])) ? true : false;
370
371 if ($add_extension && $add)
372 {
373 if (!sizeof($error))
374 {
375 $sql = 'SELECT extension_id
376 FROM ' . EXTENSIONS_TABLE . "
377 WHERE extension = '" . $db->sql_escape($add_extension) . "'";
378 $result = $db->sql_query($sql);
379
380 if ($row = $db->sql_fetchrow($result))
381 {
382 $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);
383 }
384 $db->sql_freeresult($result);
385
386 if (!sizeof($error))
387 {
388 $sql_ary = array(
389 'group_id' => $add_extension_group,
390 'extension' => $add_extension
391 );
392
393 $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
394 add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension);
395 }
396 }
397 }
398
399 if (!sizeof($error))
400 {
401 $notify[] = $user->lang['EXTENSIONS_UPDATED'];
402 }
403
404 $cache->destroy('_extensions');
405 }
406
407 $template->assign_vars(array(
408 'S_EXTENSIONS' => true,
409 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '',
410 'GROUP_SELECT_OPTIONS' => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))
411 );
412
413 $sql = 'SELECT *
414 FROM ' . EXTENSIONS_TABLE . '
415 ORDER BY group_id, extension';
416 $result = $db->sql_query($sql);
417
418 if ($row = $db->sql_fetchrow($result))
419 {
420 $old_group_id = $row['group_id'];
421 do
422 {
423 $s_spacer = false;
424
425 $current_group_id = $row['group_id'];
426 if ($old_group_id != $current_group_id)
427 {
428 $s_spacer = true;
429 $old_group_id = $current_group_id;
430 }
431
432 $template->assign_block_vars('extensions', array(
433 'S_SPACER' => $s_spacer,
434 'EXTENSION_ID' => $row['extension_id'],
435 'EXTENSION' => $row['extension'],
436 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id']))
437 );
438 }
439 while ($row = $db->sql_fetchrow($result));
440 }
441 $db->sql_freeresult($result);
442
443 break;
444
445 case 'ext_groups':
446
447 $template->assign_var('S_EXTENSION_GROUPS', true);
448
449 if ($submit)
450 {
451 $action = request_var('action', '');
452 $group_id = request_var('g', 0);
453
454 if ($action != 'add' && $action != 'edit')
455 {
456 trigger_error('NO_MODE', E_USER_ERROR);
457 }
458
459 if (!$group_id && $action == 'edit')
460 {
461 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
462 }
463
464 if ($group_id)
465 {
466 $sql = 'SELECT *
467 FROM ' . EXTENSION_GROUPS_TABLE . "
468 WHERE group_id = $group_id";
469 $result = $db->sql_query($sql);
470 $ext_row = $db->sql_fetchrow($result);
471 $db->sql_freeresult($result);
472
473 if (!$ext_row)
474 {
475 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
476 }
477 }
478 else
479 {
480 $ext_row = array();
481 }
482
483 $group_name = utf8_normalize_nfc(request_var('group_name', '', true));
484 $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
485
486 if (!$group_name)
487 {
488 $error[] = $user->lang['NO_EXT_GROUP_NAME'];
489 }
490
491 // Check New Group Name
492 if ($new_group_name)
493 {
494 $sql = 'SELECT group_id
495 FROM ' . EXTENSION_GROUPS_TABLE . "
496 WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
497 $result = $db->sql_query($sql);
498
499 if ($db->sql_fetchrow($result))
500 {
501 $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name);
502 }
503 $db->sql_freeresult($result);
504 }
505
506 if (!sizeof($error))
507 {
508 // Ok, build the update/insert array
509 $upload_icon = request_var('upload_icon', 'no_image');
510 $size_select = request_var('size_select', 'b');
511 $forum_select = request_var('forum_select', false);
512 $allowed_forums = request_var('allowed_forums', array(0));
513 $allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false;
514 $max_filesize = request_var('max_filesize', 0);
515 $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
516 $allow_group = (isset($_POST['allow_group'])) ? true : false;
517
518 if ($max_filesize == $config['max_filesize'])
519 {
520 $max_filesize = 0;
521 }
522
523 if (!sizeof($allowed_forums))
524 {
525 $forum_select = false;
526 }
527
528 $group_ary = array(
529 'group_name' => $group_name,
530 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE),
531 'allow_group' => ($allow_group) ? 1 : 0,
532 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon,
533 'max_filesize' => $max_filesize,
534 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '',
535 'allow_in_pm' => ($allow_in_pm) ? 1 : 0,
536 );
537
538 if ($action == 'add')
539 {
540 $group_ary['download_mode'] = INLINE_LINK;
541 }
542
543 $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';
544 $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);
545 $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';
546
547 $db->sql_query($sql);
548
549 if ($action == 'add')
550 {
551 $group_id = $db->sql_nextid();
552 }
553
554 add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);
555 }
556
557 $extension_list = request_var('extensions', array(0));
558
559 if ($action == 'edit' && sizeof($extension_list))
560 {
561 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
562 SET group_id = 0
563 WHERE group_id = $group_id";
564 $db->sql_query($sql);
565 }
566
567 if (sizeof($extension_list))
568 {
569 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
570 SET group_id = $group_id
571 WHERE " . $db->sql_in_set('extension_id', $extension_list);
572 $db->sql_query($sql);
573 }
574
575 $cache->destroy('_extensions');
576
577 if (!sizeof($error))
578 {
579 $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)];
580 }
581 }
582
583 $cat_lang = array(
584 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
585 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
586 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
587 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
588 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
589 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
590 );
591
592 $group_id = request_var('g', 0);
593 $action = (isset($_POST['add'])) ? 'add' : $action;
594
595 switch ($action)
596 {
597 case 'delete':
598
599 if (confirm_box(true))
600 {
601 $sql = 'SELECT group_name
602 FROM ' . EXTENSION_GROUPS_TABLE . "
603 WHERE group_id = $group_id";
604 $result = $db->sql_query($sql);
605 $group_name = (string) $db->sql_fetchfield('group_name');
606 $db->sql_freeresult($result);
607
608 $sql = 'DELETE
609 FROM ' . EXTENSION_GROUPS_TABLE . "
610 WHERE group_id = $group_id";
611 $db->sql_query($sql);
612
613 // Set corresponding Extensions to a pending Group
614 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
615 SET group_id = 0
616 WHERE group_id = $group_id";
617 $db->sql_query($sql);
618
619 add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);
620
621 $cache->destroy('_extensions');
622
623 trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action));
624 }
625 else
626 {
627 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
628 'i' => $id,
629 'mode' => $mode,
630 'group_id' => $group_id,
631 'action' => 'delete',
632 )));
633 }
634
635 break;
636
637 case 'edit':
638
639 if (!$group_id)
640 {
641 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
642 }
643
644 $sql = 'SELECT *
645 FROM ' . EXTENSION_GROUPS_TABLE . "
646 WHERE group_id = $group_id";
647 $result = $db->sql_query($sql);
648 $ext_group_row = $db->sql_fetchrow($result);
649 $db->sql_freeresult($result);
650
651 $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums']));
652
653 // no break;
654
655 case 'add':
656
657 if ($action == 'add')
658 {
659 $ext_group_row = array(
660 'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)),
661 'cat_id' => 0,
662 'allow_group' => 1,
663 'allow_in_pm' => 1,
664 'upload_icon' => '',
665 'max_filesize' => 0,
666 );
667
668 $forum_ids = array();
669 }
670
671 $extensions = array();
672
673 $sql = 'SELECT *
674 FROM ' . EXTENSIONS_TABLE . "
675 WHERE group_id = $group_id
676 OR group_id = 0
677 ORDER BY extension";
678 $result = $db->sql_query($sql);
679 $extensions = $db->sql_fetchrowset($result);
680 $db->sql_freeresult($result);
681
682 if ($ext_group_row['max_filesize'] == 0)
683 {
684 $ext_group_row['max_filesize'] = (int) $config['max_filesize'];
685 }
686
687 $max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b'));
688 $size_format = $max_filesize['si_identifier'];
689 $ext_group_row['max_filesize'] = $max_filesize['value'];
690
691 $img_path = $config['upload_icons_path'];
692
693 $filename_list = '';
694 $no_image_select = false;
695
696 $imglist = filelist($phpbb_root_path . $img_path);
697
698 if (!empty($imglist['']))
699 {
700 $imglist = array_values($imglist);
701 $imglist = $imglist[0];
702
703 foreach ($imglist as $key => $img)
704 {
705 if (!$ext_group_row['upload_icon'])
706 {
707 $no_image_select = true;
708 $selected = '';
709 }
710 else
711 {
712 $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : '';
713 }
714
715 if (strlen($img) > 255)
716 {
717 continue;
718 }
719
720 $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>';
721 }
722 }
723
724 $i = 0;
725 $assigned_extensions = '';
726 foreach ($extensions as $num => $row)
727 {
728 if ($row['group_id'] == $group_id && $group_id)
729 {
730 $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension'];
731 $i++;
732 }
733 }
734
735 $s_extension_options = '';
736 foreach ($extensions as $row)
737 {
738 $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>';
739 }
740
741 $template->assign_vars(array(
742 'PHPBB_ROOT_PATH' => $phpbb_root_path,
743 'IMG_PATH' => $img_path,
744 'ACTION' => $action,
745 'GROUP_ID' => $group_id,
746 'GROUP_NAME' => $ext_group_row['group_name'],
747 'ALLOW_GROUP' => $ext_group_row['allow_group'],
748 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'],
749 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'],
750 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'],
751 'ASSIGNED_EXTENSIONS' => $assigned_extensions,
752
753 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'),
754 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format),
755 'S_EXTENSION_OPTIONS' => $s_extension_options,
756 'S_FILENAME_LIST' => $filename_list,
757 'S_EDIT_GROUP' => true,
758 'S_NO_IMAGE' => $no_image_select,
759 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false,
760
761 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;mode=extensions"),
762 'U_BACK' => $this->u_action,
763
764 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'])
765 );
766
767 $s_forum_id_options = '';
768
769 /** @todo use in-built function **/
770
771 $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id
772 FROM ' . FORUMS_TABLE . '
773 ORDER BY left_id ASC';
774 $result = $db->sql_query($sql, 600);
775
776 $right = $cat_right = $padding_inc = 0;
777 $padding = $forum_list = $holding = '';
778 $padding_store = array('0' => '');
779
780 while ($row = $db->sql_fetchrow($result))
781 {
782 if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))
783 {
784 // Non-postable forum with no subforums, don't display
785 continue;
786 }
787
788 if (!$auth->acl_get('f_list', $row['forum_id']))
789 {
790 // if the user does not have permissions to list this forum skip
791 continue;
792 }
793
794 if ($row['left_id'] < $right)
795 {
796 $padding .= '&nbsp; &nbsp;';
797 $padding_store[$row['parent_id']] = $padding;
798 }
799 else if ($row['left_id'] > $right + 1)
800 {
801 $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']];
802 }
803
804 $right = $row['right_id'];
805
806 $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : '';
807
808 if ($row['left_id'] > $cat_right)
809 {
810 // make sure we don't forget anything
811 $s_forum_id_options .= $holding;
812 $holding = '';
813 }
814
815 if ($row['right_id'] - $row['left_id'] > 1)
816 {
817 $cat_right = max($cat_right, $row['right_id']);
818
819 $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
820 }
821 else
822 {
823 $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
824 $holding = '';
825 }
826 }
827
828 if ($holding)
829 {
830 $s_forum_id_options .= $holding;
831 }
832
833 $db->sql_freeresult($result);
834 unset($padding_store);
835
836 $template->assign_vars(array(
837 'S_FORUM_ID_OPTIONS' => $s_forum_id_options)
838 );
839
840 break;
841 }
842
843 $sql = 'SELECT *
844 FROM ' . EXTENSION_GROUPS_TABLE . '
845 ORDER BY allow_group DESC, allow_in_pm DESC, group_name';
846 $result = $db->sql_query($sql);
847
848 $old_allow_group = $old_allow_pm = 1;
849 while ($row = $db->sql_fetchrow($result))
850 {
851 $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false;
852
853 $template->assign_block_vars('groups', array(
854 'S_ADD_SPACER' => $s_add_spacer,
855 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false,
856 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false,
857
858 'U_EDIT' => $this->u_action . "&amp;action=edit&amp;g={$row['group_id']}",
859 'U_DELETE' => $this->u_action . "&amp;action=delete&amp;g={$row['group_id']}",
860
861 'GROUP_NAME' => $row['group_name'],
862 'CATEGORY' => $cat_lang[$row['cat_id']],
863 )
864 );
865
866 $old_allow_group = $row['allow_group'];
867 $old_allow_pm = $row['allow_in_pm'];
868 }
869 $db->sql_freeresult($result);
870
871 break;
872
873 case 'orphan':
874
875 if ($submit)
876 {
877 $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array();
878 $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array();
879 $post_ids = request_var('post_id', array('' => 0));
880
881 if (sizeof($delete_files))
882 {
883 $sql = 'SELECT *
884 FROM ' . ATTACHMENTS_TABLE . '
885 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
886 AND is_orphan = 1';
887 $result = $db->sql_query($sql);
888
889 $delete_files = array();
890 while ($row = $db->sql_fetchrow($result))
891 {
892 phpbb_unlink($row['physical_filename'], 'file');
893
894 if ($row['thumbnail'])
895 {
896 phpbb_unlink($row['physical_filename'], 'thumbnail');
897 }
898
899 $delete_files[$row['attach_id']] = $row['real_filename'];
900 }
901 $db->sql_freeresult($result);
902 }
903
904 if (sizeof($delete_files))
905 {
906 $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '
907 WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));
908 $db->sql_query($sql);
909
910 add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));
911 $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files));
912 }
913
914 $upload_list = array();
915 foreach ($add_files as $attach_id)
916 {
917 if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id]))
918 {
919 $upload_list[$attach_id] = $post_ids[$attach_id];
920 }
921 }
922 unset($add_files);
923
924 if (sizeof($upload_list))
925 {
926 $template->assign_var('S_UPLOADING_FILES', true);
927
928 $sql = 'SELECT forum_id, forum_name
929 FROM ' . FORUMS_TABLE;
930 $result = $db->sql_query($sql);
931
932 $forum_names = array();
933 while ($row = $db->sql_fetchrow($result))
934 {
935 $forum_names[$row['forum_id']] = $row['forum_name'];
936 }
937 $db->sql_freeresult($result);
938
939 $sql = 'SELECT forum_id, topic_id, post_id, poster_id
940 FROM ' . POSTS_TABLE . '
941 WHERE ' . $db->sql_in_set('post_id', $upload_list);
942 $result = $db->sql_query($sql);
943
944 $post_info = array();
945 while ($row = $db->sql_fetchrow($result))
946 {
947 $post_info[$row['post_id']] = $row;
948 }
949 $db->sql_freeresult($result);
950
951 // Select those attachments we want to change...
952 $sql = 'SELECT *
953 FROM ' . ATTACHMENTS_TABLE . '
954 WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '
955 AND is_orphan = 1';
956 $result = $db->sql_query($sql);
957
958 $files_added = $space_taken = 0;
959 while ($row = $db->sql_fetchrow($result))
960 {
961 $post_row = $post_info[$upload_list[$row['attach_id']]];
962
963 $template->assign_block_vars('upload', array(
964 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
965 'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
966 'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
967 );
968
969 if (!$auth->acl_get('f_attach', $post_row['forum_id']))
970 {
971 continue;
972 }
973
974 // Adjust attachment entry
975 $sql_ary = array(
976 'in_message' => 0,
977 'is_orphan' => 0,
978 'poster_id' => $post_row['poster_id'],
979 'post_msg_id' => $post_row['post_id'],
980 'topic_id' => $post_row['topic_id'],
981 );
982
983 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
984 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
985 WHERE attach_id = ' . $row['attach_id'];
986 $db->sql_query($sql);
987
988 $sql = 'UPDATE ' . POSTS_TABLE . '
989 SET post_attachment = 1
990 WHERE post_id = ' . $post_row['post_id'];
991 $db->sql_query($sql);
992
993 $sql = 'UPDATE ' . TOPICS_TABLE . '
994 SET topic_attachment = 1
995 WHERE topic_id = ' . $post_row['topic_id'];
996 $db->sql_query($sql);
997
998 $space_taken += $row['filesize'];
999 $files_added++;
1000
1001 add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
1002 }
1003 $db->sql_freeresult($result);
1004
1005 if ($files_added)
1006 {
1007 set_config_count('upload_dir_size', $space_taken, true);
1008 set_config_count('num_files', $files_added, true);
1009 }
1010 }
1011 }
1012
1013 $template->assign_vars(array(
1014 'S_ORPHAN' => true)
1015 );
1016
1017 // Just get the files with is_orphan set and older than 3 hours
1018 $sql = 'SELECT *
1019 FROM ' . ATTACHMENTS_TABLE . '
1020 WHERE is_orphan = 1
1021 AND filetime < ' . (time() - 3*60*60) . '
1022 ORDER BY filetime DESC';
1023 $result = $db->sql_query($sql);
1024
1025 while ($row = $db->sql_fetchrow($result))
1026 {
1027 $template->assign_block_vars('orphan', array(
1028 'FILESIZE' => get_formatted_filesize($row['filesize']),
1029 'FILETIME' => $user->format_date($row['filetime']),
1030 'REAL_FILENAME' => utf8_basename($row['real_filename']),
1031 'PHYSICAL_FILENAME' => utf8_basename($row['physical_filename']),
1032 'ATTACH_ID' => $row['attach_id'],
1033 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
1034 'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))
1035 );
1036 }
1037 $db->sql_freeresult($result);
1038
1039 break;
1040 }
1041
1042 if (sizeof($error))
1043 {
1044 $template->assign_vars(array(
1045 'S_WARNING' => true,
1046 'WARNING_MSG' => implode('<br />', $error))
1047 );
1048 }
1049
1050 if (sizeof($notify))
1051 {
1052 $template->assign_vars(array(
1053 'S_NOTIFY' => true,
1054 'NOTIFY_MSG' => implode('<br />', $notify))
1055 );
1056 }
1057 }
1058
1059 /**
1060 * Build Select for category items
1061 */
1062 function category_select($select_name, $group_id = false, $key = '')
1063 {
1064 global $db, $user;
1065
1066 $types = array(
1067 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
1068 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
1069 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
1070 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
1071 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
1072 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
1073 );
1074
1075 if ($group_id)
1076 {
1077 $sql = 'SELECT cat_id
1078 FROM ' . EXTENSION_GROUPS_TABLE . '
1079 WHERE group_id = ' . (int) $group_id;
1080 $result = $db->sql_query($sql);
1081
1082 $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id'];
1083
1084 $db->sql_freeresult($result);
1085 }
1086 else
1087 {
1088 $cat_type = ATTACHMENT_CATEGORY_NONE;
1089 }
1090
1091 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1092
1093 foreach ($types as $type => $mode)
1094 {
1095 $selected = ($type == $cat_type) ? ' selected="selected"' : '';
1096 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>';
1097 }
1098
1099 $group_select .= '</select>';
1100
1101 return $group_select;
1102 }
1103
1104 /**
1105 * Extension group select
1106 */
1107 function group_select($select_name, $default_group = false, $key = '')
1108 {
1109 global $db, $user;
1110
1111 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1112
1113 $sql = 'SELECT group_id, group_name
1114 FROM ' . EXTENSION_GROUPS_TABLE . '
1115 ORDER BY group_name';
1116 $result = $db->sql_query($sql);
1117
1118 $group_name = array();
1119 while ($row = $db->sql_fetchrow($result))
1120 {
1121 $group_name[] = $row;
1122 }
1123 $db->sql_freeresult($result);
1124
1125 $row['group_id'] = 0;
1126 $row['group_name'] = $user->lang['NOT_ASSIGNED'];
1127 $group_name[] = $row;
1128
1129 for ($i = 0; $i < sizeof($group_name); $i++)
1130 {
1131 if ($default_group === false)
1132 {
1133 $selected = ($i == 0) ? ' selected="selected"' : '';
1134 }
1135 else
1136 {
1137 $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : '';
1138 }
1139
1140 $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>';
1141 }
1142
1143 $group_select .= '</select>';
1144
1145 return $group_select;
1146 }
1147
1148 /**
1149 * Search Imagick
1150 */
1151 function search_imagemagick()
1152 {
1153 $imagick = '';
1154
1155 $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : '';
1156
1157 $magic_home = getenv('MAGICK_HOME');
1158
1159 if (empty($magic_home))
1160 {
1161 $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
1162 $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
1163
1164 $locations = array_merge($path_locations, $locations);
1165
1166 foreach ($locations as $location)
1167 {
1168 // The path might not end properly, fudge it
1169 if (substr($location, -1) !== '/')
1170 {
1171 $location .= '/';
1172 }
1173
1174 if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000)
1175 {
1176 $imagick = str_replace('\\', '/', $location);
1177 continue;
1178 }
1179 }
1180 }
1181 else
1182 {
1183 $imagick = str_replace('\\', '/', $magic_home);
1184 }
1185
1186 return $imagick;
1187 }
1188
1189 /**
1190 * Test Settings
1191 */
1192 function test_upload(&$error, $upload_dir, $create_directory = false)
1193 {
1194 global $user, $phpbb_root_path;
1195
1196 // Does the target directory exist, is it a directory and writable.
1197 if ($create_directory)
1198 {
1199 if (!file_exists($phpbb_root_path . $upload_dir))
1200 {
1201 @mkdir($phpbb_root_path . $upload_dir, 0777);
1202 phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE);
1203 }
1204 }
1205
1206 if (!file_exists($phpbb_root_path . $upload_dir))
1207 {
1208 $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);
1209 return;
1210 }
1211
1212 if (!is_dir($phpbb_root_path . $upload_dir))
1213 {
1214 $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);
1215 return;
1216 }
1217
1218 if (!is_writable($phpbb_root_path . $upload_dir))
1219 {
1220 $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);
1221 return;
1222 }
1223 }
1224
1225 /**
1226 * Perform operations on sites for external linking
1227 */
1228 function perform_site_list()
1229 {
1230 global $db, $user;
1231
1232 if (isset($_REQUEST['securesubmit']))
1233 {
1234 // Grab the list of entries
1235 $ips = request_var('ips', '');
1236 $ip_list = array_unique(explode("\n", $ips));
1237 $ip_list_log = implode(', ', $ip_list);
1238
1239 $ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0;
1240
1241 $iplist = array();
1242 $hostlist = array();
1243
1244 foreach ($ip_list as $item)
1245 {
1246 if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))
1247 {
1248 // Don't ask about all this, just don't ask ... !
1249 $ip_1_counter = $ip_range_explode[1];
1250 $ip_1_end = $ip_range_explode[5];
1251
1252 while ($ip_1_counter <= $ip_1_end)
1253 {
1254 $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
1255 $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
1256
1257 if ($ip_2_counter == 0 && $ip_2_end == 254)
1258 {
1259 $ip_2_counter = 256;
1260 $ip_2_fragment = 256;
1261
1262 $iplist[] = "'$ip_1_counter.*'";
1263 }
1264
1265 while ($ip_2_counter <= $ip_2_end)
1266 {
1267 $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
1268 $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
1269
1270 if ($ip_3_counter == 0 && $ip_3_end == 254)
1271 {
1272 $ip_3_counter = 256;
1273 $ip_3_fragment = 256;
1274
1275 $iplist[] = "'$ip_1_counter.$ip_2_counter.*'";
1276 }
1277
1278 while ($ip_3_counter <= $ip_3_end)
1279 {
1280 $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
1281 $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
1282
1283 if ($ip_4_counter == 0 && $ip_4_end == 254)
1284 {
1285 $ip_4_counter = 256;
1286 $ip_4_fragment = 256;
1287
1288 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
1289 }
1290
1291 while ($ip_4_counter <= $ip_4_end)
1292 {
1293 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
1294 $ip_4_counter++;
1295 }
1296 $ip_3_counter++;
1297 }
1298 $ip_2_counter++;
1299 }
1300 $ip_1_counter++;
1301 }
1302 }
1303 else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))
1304 {
1305 $iplist[] = "'" . trim($item) . "'";
1306 }
1307 else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))
1308 {
1309 $hostlist[] = "'" . trim($item) . "'";
1310 }
1311 else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))
1312 {
1313 $hostlist[] = "'" . trim($item) . "'";
1314 }
1315 }
1316
1317 $sql = 'SELECT site_ip, site_hostname
1318 FROM ' . SITELIST_TABLE . "
1319 WHERE ip_exclude = $ip_exclude";
1320 $result = $db->sql_query($sql);
1321
1322 if ($row = $db->sql_fetchrow($result))
1323 {
1324 $iplist_tmp = array();
1325 $hostlist_tmp = array();
1326 do
1327 {
1328 if ($row['site_ip'])
1329 {
1330 if (strlen($row['site_ip']) > 40)
1331 {
1332 continue;
1333 }
1334
1335 $iplist_tmp[] = "'" . $row['site_ip'] . "'";
1336 }
1337 else if ($row['site_hostname'])
1338 {
1339 if (strlen($row['site_hostname']) > 255)
1340 {
1341 continue;
1342 }
1343
1344 $hostlist_tmp[] = "'" . $row['site_hostname'] . "'";
1345 }
1346 // break;
1347 }
1348 while ($row = $db->sql_fetchrow($result));
1349
1350 $iplist = array_unique(array_diff($iplist, $iplist_tmp));
1351 $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));
1352 unset($iplist_tmp);
1353 unset($hostlist_tmp);
1354 }
1355 $db->sql_freeresult($result);
1356
1357 if (sizeof($iplist))
1358 {
1359 foreach ($iplist as $ip_entry)
1360 {
1361 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)
1362 VALUES ($ip_entry, $ip_exclude)";
1363 $db->sql_query($sql);
1364 }
1365 }
1366
1367 if (sizeof($hostlist))
1368 {
1369 foreach ($hostlist as $host_entry)
1370 {
1371 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude)
1372 VALUES ($host_entry, $ip_exclude)";
1373 $db->sql_query($sql);
1374 }
1375 }
1376
1377 if (!empty($ip_list_log))
1378 {
1379 // Update log
1380 $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';
1381 add_log('admin', $log_entry, $ip_list_log);
1382 }
1383
1384 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1385 }
1386 else if (isset($_POST['unsecuresubmit']))
1387 {
1388 $unip_sql = request_var('unip', array(0));
1389
1390 if (sizeof($unip_sql))
1391 {
1392 $l_unip_list = '';
1393
1394 // Grab details of ips for logging information later
1395 $sql = 'SELECT site_ip, site_hostname
1396 FROM ' . SITELIST_TABLE . '
1397 WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1398 $result = $db->sql_query($sql);
1399
1400 while ($row = $db->sql_fetchrow($result))
1401 {
1402 $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);
1403 }
1404 $db->sql_freeresult($result);
1405
1406 $sql = 'DELETE FROM ' . SITELIST_TABLE . '
1407 WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1408 $db->sql_query($sql);
1409
1410 add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);
1411 }
1412
1413 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1414 }
1415 }
1416
1417 /**
1418 * Write display_order config field
1419 */
1420 function display_order($value, $key = '')
1421 {
1422 $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING');
1423
1424 return h_radio('config[display_order]', $radio_ary, $value, $key);
1425 }
1426
1427 /**
1428 * Adjust all three max_filesize config vars for display
1429 */
1430 function max_filesize($value, $key = '')
1431 {
1432 // Determine size var and adjust the value accordingly
1433 $filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b'));
1434 $size_var = $filesize['si_identifier'];
1435 $value = $filesize['value'];
1436
1437 return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';
1438 }
1439
1440 /**
1441 * Write secure_allow_deny config field
1442 */
1443 function select_allow_deny($value, $key = '')
1444 {
1445 $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW');
1446
1447 return h_radio('config[' . $key . ']', $radio_ary, $value, $key);
1448 }
1449
1450}
1451
1452?>
Note: See TracBrowser for help on using the repository browser.