| [ Index ] |
PHP Cross Reference of phpBB-3.1.12-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 if (!defined('IN_PHPBB')) 18 { 19 exit; 20 } 21 22 class acp_attachments 23 { 24 /** @var \phpbb\db\driver\driver_interface */ 25 protected $db; 26 27 /** @var \phpbb\config\config */ 28 protected $config; 29 30 /** @var ContainerBuilder */ 31 protected $phpbb_container; 32 33 /** @var \phpbb\template\template */ 34 protected $template; 35 36 /** @var \phpbb\user */ 37 protected $user; 38 39 public $id; 40 public $u_action; 41 protected $new_config; 42 43 function main($id, $mode) 44 { 45 global $db, $user, $auth, $template, $cache, $phpbb_container, $phpbb_dispatcher; 46 global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; 47 48 $this->id = $id; 49 $this->db = $db; 50 $this->config = $config; 51 $this->template = $template; 52 $this->user = $user; 53 $this->phpbb_container = $phpbb_container; 54 55 $user->add_lang(array('posting', 'viewtopic', 'acp/attachments')); 56 57 $error = $notify = array(); 58 $submit = (isset($_POST['submit'])) ? true : false; 59 $action = request_var('action', ''); 60 61 $form_key = 'acp_attach'; 62 add_form_key($form_key); 63 64 if ($submit && !check_form_key($form_key)) 65 { 66 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 67 } 68 69 switch ($mode) 70 { 71 case 'attach': 72 $l_title = 'ACP_ATTACHMENT_SETTINGS'; 73 break; 74 75 case 'extensions': 76 $l_title = 'ACP_MANAGE_EXTENSIONS'; 77 break; 78 79 case 'ext_groups': 80 $l_title = 'ACP_EXTENSION_GROUPS'; 81 break; 82 83 case 'orphan': 84 $l_title = 'ACP_ORPHAN_ATTACHMENTS'; 85 break; 86 87 case 'manage': 88 $l_title = 'ACP_MANAGE_ATTACHMENTS'; 89 break; 90 91 default: 92 trigger_error('NO_MODE', E_USER_ERROR); 93 break; 94 } 95 96 $this->tpl_name = 'acp_attachments'; 97 $this->page_title = $l_title; 98 99 $template->assign_vars(array( 100 'L_TITLE' => $user->lang[$l_title], 101 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'], 102 'U_ACTION' => $this->u_action) 103 ); 104 105 switch ($mode) 106 { 107 case 'attach': 108 109 if (!function_exists('get_supported_image_types')) 110 { 111 include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); 112 } 113 114 $sql = 'SELECT group_name, cat_id 115 FROM ' . EXTENSION_GROUPS_TABLE . ' 116 WHERE cat_id > 0 117 ORDER BY cat_id'; 118 $result = $db->sql_query($sql); 119 120 $s_assigned_groups = array(); 121 while ($row = $db->sql_fetchrow($result)) 122 { 123 $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; 124 $s_assigned_groups[$row['cat_id']][] = $row['group_name']; 125 } 126 $db->sql_freeresult($result); 127 128 $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode($user->lang['COMMA_SEPARATOR'], $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']'; 129 130 $display_vars = array( 131 'title' => 'ACP_ATTACHMENT_SETTINGS', 132 'vars' => array( 133 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 134 135 'img_max_width' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 136 'img_max_height' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 137 'img_link_width' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 138 'img_link_height' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), 139 140 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 141 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 142 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 143 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 144 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 145 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 146 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 147 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => false), 148 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => false), 149 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 150 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true), 151 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 152 'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 153 154 'legend2' => $l_legend_cat_images, 155 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 156 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 157 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 158 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 159 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'absolute_path', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 160 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 161 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 162 ) 163 ); 164 165 /** 166 * Event to add and/or modify acp_attachement configurations 167 * 168 * @event core.acp_attachments_config_edit_add 169 * @var array display_vars Array of config values to display and process 170 * @var string mode Mode of the config page we are displaying 171 * @var boolean submit Do we display the form or process the submission 172 * @since 3.1.11-RC1 173 */ 174 $vars = array('display_vars', 'mode', 'submit'); 175 extract($phpbb_dispatcher->trigger_event('core.acp_attachments_config_edit_add', compact($vars))); 176 177 $this->new_config = $config; 178 $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config; 179 $error = array(); 180 181 // We validate the complete config if whished 182 validate_config_vars($display_vars['vars'], $cfg_array, $error); 183 184 // Do not write values if there is an error 185 if (sizeof($error)) 186 { 187 $submit = false; 188 } 189 190 // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... 191 foreach ($display_vars['vars'] as $config_name => $null) 192 { 193 if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) 194 { 195 continue; 196 } 197 198 $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; 199 200 if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm'))) 201 { 202 $size_var = request_var($config_name, ''); 203 $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value); 204 } 205 206 if ($submit) 207 { 208 set_config($config_name, $config_value); 209 } 210 } 211 212 $this->perform_site_list(); 213 214 if ($submit) 215 { 216 add_log('admin', 'LOG_CONFIG_ATTACH'); 217 218 // Check Settings 219 $this->test_upload($error, $this->new_config['upload_path'], false); 220 221 if (!sizeof($error)) 222 { 223 trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); 224 } 225 } 226 227 $template->assign_var('S_ATTACHMENT_SETTINGS', true); 228 229 if ($action == 'imgmagick') 230 { 231 $this->new_config['img_imagick'] = $this->search_imagemagick(); 232 } 233 234 // We strip eventually manual added convert program, we only want the patch 235 if ($this->new_config['img_imagick']) 236 { 237 // Change path separator 238 $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']); 239 $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); 240 241 // Check for trailing slash 242 if (substr($this->new_config['img_imagick'], -1) !== '/') 243 { 244 $this->new_config['img_imagick'] .= '/'; 245 } 246 } 247 248 $supported_types = get_supported_image_types(); 249 250 // Check Thumbnail Support 251 if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) 252 { 253 $this->new_config['img_create_thumbnail'] = 0; 254 } 255 256 $template->assign_vars(array( 257 'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick', 258 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true) 259 ); 260 261 // Secure Download Options - Same procedure as with banning 262 $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; 263 264 $sql = 'SELECT * 265 FROM ' . SITELIST_TABLE; 266 $result = $db->sql_query($sql); 267 268 $defined_ips = ''; 269 $ips = array(); 270 271 while ($row = $db->sql_fetchrow($result)) 272 { 273 $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']; 274 if ($value) 275 { 276 $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>'; 277 $ips[$row['site_id']] = $value; 278 } 279 } 280 $db->sql_freeresult($result); 281 282 $template->assign_vars(array( 283 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'], 284 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false, 285 'S_WARNING' => (sizeof($error)) ? true : false, 286 287 'WARNING_MSG' => implode('<br />', $error), 288 'DEFINED_IPS' => $defined_ips, 289 290 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'], 291 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'], 292 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS']) 293 ); 294 295 // Output relevant options 296 foreach ($display_vars['vars'] as $config_key => $vars) 297 { 298 if (!is_array($vars) && strpos($config_key, 'legend') === false) 299 { 300 continue; 301 } 302 303 if (strpos($config_key, 'legend') !== false) 304 { 305 $template->assign_block_vars('options', array( 306 'S_LEGEND' => true, 307 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars) 308 ); 309 310 continue; 311 } 312 313 $type = explode(':', $vars['type']); 314 315 $l_explain = ''; 316 if ($vars['explain'] && isset($vars['lang_explain'])) 317 { 318 $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain']; 319 } 320 else if ($vars['explain']) 321 { 322 $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : ''; 323 } 324 325 $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars); 326 if (empty($content)) 327 { 328 continue; 329 } 330 331 $template->assign_block_vars('options', array( 332 'KEY' => $config_key, 333 'TITLE' => $user->lang[$vars['lang']], 334 'S_EXPLAIN' => $vars['explain'], 335 'TITLE_EXPLAIN' => $l_explain, 336 'CONTENT' => $content, 337 ) 338 ); 339 340 unset($display_vars['vars'][$config_key]); 341 } 342 343 break; 344 345 case 'extensions': 346 347 if ($submit || isset($_POST['add_extension_check'])) 348 { 349 if ($submit) 350 { 351 // Change Extensions ? 352 $extension_change_list = request_var('extension_change_list', array(0)); 353 $group_select_list = request_var('group_select', array(0)); 354 355 // Generate correct Change List 356 $extensions = array(); 357 358 for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++) 359 { 360 $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i]; 361 } 362 363 $sql = 'SELECT * 364 FROM ' . EXTENSIONS_TABLE . ' 365 ORDER BY extension_id'; 366 $result = $db->sql_query($sql); 367 368 while ($row = $db->sql_fetchrow($result)) 369 { 370 if ($row['group_id'] != $extensions[$row['extension_id']]['group_id']) 371 { 372 $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' 373 SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' 374 WHERE extension_id = ' . $row['extension_id']; 375 $db->sql_query($sql); 376 377 add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']); 378 } 379 } 380 $db->sql_freeresult($result); 381 382 // Delete Extension? 383 $extension_id_list = request_var('extension_id_list', array(0)); 384 385 if (sizeof($extension_id_list)) 386 { 387 $sql = 'SELECT extension 388 FROM ' . EXTENSIONS_TABLE . ' 389 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 390 $result = $db->sql_query($sql); 391 392 $extension_list = ''; 393 while ($row = $db->sql_fetchrow($result)) 394 { 395 $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension']; 396 } 397 $db->sql_freeresult($result); 398 399 $sql = 'DELETE 400 FROM ' . EXTENSIONS_TABLE . ' 401 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); 402 $db->sql_query($sql); 403 404 add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list); 405 } 406 } 407 408 // Add Extension? 409 $add_extension = strtolower(request_var('add_extension', '')); 410 $add_extension_group = request_var('add_group_select', 0); 411 $add = (isset($_POST['add_extension_check'])) ? true : false; 412 413 if ($add_extension && $add) 414 { 415 if (!sizeof($error)) 416 { 417 $sql = 'SELECT extension_id 418 FROM ' . EXTENSIONS_TABLE . " 419 WHERE extension = '" . $db->sql_escape($add_extension) . "'"; 420 $result = $db->sql_query($sql); 421 422 if ($row = $db->sql_fetchrow($result)) 423 { 424 $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension); 425 } 426 $db->sql_freeresult($result); 427 428 if (!sizeof($error)) 429 { 430 $sql_ary = array( 431 'group_id' => $add_extension_group, 432 'extension' => $add_extension 433 ); 434 435 $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); 436 add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension); 437 } 438 } 439 } 440 441 if (!sizeof($error)) 442 { 443 $notify[] = $user->lang['EXTENSIONS_UPDATED']; 444 } 445 446 $cache->destroy('_extensions'); 447 } 448 449 $template->assign_vars(array( 450 'S_EXTENSIONS' => true, 451 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '', 452 'GROUP_SELECT_OPTIONS' => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group')) 453 ); 454 455 $sql = 'SELECT * 456 FROM ' . EXTENSIONS_TABLE . ' 457 ORDER BY group_id, extension'; 458 $result = $db->sql_query($sql); 459 460 if ($row = $db->sql_fetchrow($result)) 461 { 462 $old_group_id = $row['group_id']; 463 do 464 { 465 $s_spacer = false; 466 467 $current_group_id = $row['group_id']; 468 if ($old_group_id != $current_group_id) 469 { 470 $s_spacer = true; 471 $old_group_id = $current_group_id; 472 } 473 474 $template->assign_block_vars('extensions', array( 475 'S_SPACER' => $s_spacer, 476 'EXTENSION_ID' => $row['extension_id'], 477 'EXTENSION' => $row['extension'], 478 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id'])) 479 ); 480 } 481 while ($row = $db->sql_fetchrow($result)); 482 } 483 $db->sql_freeresult($result); 484 485 break; 486 487 case 'ext_groups': 488 489 $template->assign_var('S_EXTENSION_GROUPS', true); 490 491 if ($submit) 492 { 493 $action = request_var('action', ''); 494 $group_id = request_var('g', 0); 495 496 if ($action != 'add' && $action != 'edit') 497 { 498 trigger_error('NO_MODE', E_USER_ERROR); 499 } 500 501 if (!$group_id && $action == 'edit') 502 { 503 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 504 } 505 506 if ($group_id) 507 { 508 $sql = 'SELECT * 509 FROM ' . EXTENSION_GROUPS_TABLE . " 510 WHERE group_id = $group_id"; 511 $result = $db->sql_query($sql); 512 $ext_row = $db->sql_fetchrow($result); 513 $db->sql_freeresult($result); 514 515 if (!$ext_row) 516 { 517 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 518 } 519 } 520 else 521 { 522 $ext_row = array(); 523 } 524 525 $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); 526 $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : ''); 527 528 if (!$group_name) 529 { 530 $error[] = $user->lang['NO_EXT_GROUP_NAME']; 531 } 532 533 // Check New Group Name 534 if ($new_group_name) 535 { 536 $sql = 'SELECT group_id 537 FROM ' . EXTENSION_GROUPS_TABLE . " 538 WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'"; 539 if ($group_id) 540 { 541 $sql .= ' AND group_id <> ' . $group_id; 542 } 543 $result = $db->sql_query($sql); 544 545 if ($db->sql_fetchrow($result)) 546 { 547 $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name); 548 } 549 $db->sql_freeresult($result); 550 } 551 552 if (!sizeof($error)) 553 { 554 // Ok, build the update/insert array 555 $upload_icon = request_var('upload_icon', 'no_image'); 556 $size_select = request_var('size_select', 'b'); 557 $forum_select = request_var('forum_select', false); 558 $allowed_forums = request_var('allowed_forums', array(0)); 559 $allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false; 560 $max_filesize = request_var('max_filesize', 0); 561 $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize); 562 $allow_group = (isset($_POST['allow_group'])) ? true : false; 563 564 if ($max_filesize == $config['max_filesize']) 565 { 566 $max_filesize = 0; 567 } 568 569 if (!sizeof($allowed_forums)) 570 { 571 $forum_select = false; 572 } 573 574 $group_ary = array( 575 'group_name' => $group_name, 576 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE), 577 'allow_group' => ($allow_group) ? 1 : 0, 578 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon, 579 'max_filesize' => $max_filesize, 580 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '', 581 'allow_in_pm' => ($allow_in_pm) ? 1 : 0, 582 ); 583 584 if ($action == 'add') 585 { 586 $group_ary['download_mode'] = INLINE_LINK; 587 } 588 589 $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET '; 590 $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary); 591 $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : ''; 592 593 $db->sql_query($sql); 594 595 if ($action == 'add') 596 { 597 $group_id = $db->sql_nextid(); 598 } 599 600 $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name; 601 add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name); 602 } 603 604 $extension_list = request_var('extensions', array(0)); 605 606 if ($action == 'edit' && sizeof($extension_list)) 607 { 608 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 609 SET group_id = 0 610 WHERE group_id = $group_id"; 611 $db->sql_query($sql); 612 } 613 614 if (sizeof($extension_list)) 615 { 616 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 617 SET group_id = $group_id 618 WHERE " . $db->sql_in_set('extension_id', $extension_list); 619 $db->sql_query($sql); 620 } 621 622 $cache->destroy('_extensions'); 623 624 if (!sizeof($error)) 625 { 626 $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)]; 627 } 628 } 629 630 $cat_lang = array( 631 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 632 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 633 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 634 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 635 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 636 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 637 ); 638 639 $group_id = request_var('g', 0); 640 $action = (isset($_POST['add'])) ? 'add' : $action; 641 642 switch ($action) 643 { 644 case 'delete': 645 646 if (confirm_box(true)) 647 { 648 $sql = 'SELECT group_name 649 FROM ' . EXTENSION_GROUPS_TABLE . " 650 WHERE group_id = $group_id"; 651 $result = $db->sql_query($sql); 652 $group_name = (string) $db->sql_fetchfield('group_name'); 653 $db->sql_freeresult($result); 654 655 $sql = 'DELETE 656 FROM ' . EXTENSION_GROUPS_TABLE . " 657 WHERE group_id = $group_id"; 658 $db->sql_query($sql); 659 660 // Set corresponding Extensions to a pending Group 661 $sql = 'UPDATE ' . EXTENSIONS_TABLE . " 662 SET group_id = 0 663 WHERE group_id = $group_id"; 664 $db->sql_query($sql); 665 666 add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name); 667 668 $cache->destroy('_extensions'); 669 670 trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action)); 671 } 672 else 673 { 674 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 675 'i' => $id, 676 'mode' => $mode, 677 'group_id' => $group_id, 678 'action' => 'delete', 679 ))); 680 } 681 682 break; 683 684 case 'edit': 685 686 if (!$group_id) 687 { 688 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 689 } 690 691 $sql = 'SELECT * 692 FROM ' . EXTENSION_GROUPS_TABLE . " 693 WHERE group_id = $group_id"; 694 $result = $db->sql_query($sql); 695 $ext_group_row = $db->sql_fetchrow($result); 696 $db->sql_freeresult($result); 697 698 $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums'])); 699 700 // no break; 701 702 case 'add': 703 704 if ($action == 'add') 705 { 706 $ext_group_row = array( 707 'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)), 708 'cat_id' => 0, 709 'allow_group' => 1, 710 'allow_in_pm' => 1, 711 'upload_icon' => '', 712 'max_filesize' => 0, 713 ); 714 715 $forum_ids = array(); 716 } 717 718 $extensions = array(); 719 720 $sql = 'SELECT * 721 FROM ' . EXTENSIONS_TABLE . " 722 WHERE group_id = $group_id 723 OR group_id = 0 724 ORDER BY extension"; 725 $result = $db->sql_query($sql); 726 $extensions = $db->sql_fetchrowset($result); 727 $db->sql_freeresult($result); 728 729 if ($ext_group_row['max_filesize'] == 0) 730 { 731 $ext_group_row['max_filesize'] = (int) $config['max_filesize']; 732 } 733 734 $max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b')); 735 $size_format = $max_filesize['si_identifier']; 736 $ext_group_row['max_filesize'] = $max_filesize['value']; 737 738 $img_path = $config['upload_icons_path']; 739 740 $filename_list = ''; 741 $no_image_select = false; 742 743 $imglist = filelist($phpbb_root_path . $img_path); 744 745 if (!empty($imglist[''])) 746 { 747 $imglist = array_values($imglist); 748 $imglist = $imglist[0]; 749 750 foreach ($imglist as $key => $img) 751 { 752 if (!$ext_group_row['upload_icon']) 753 { 754 $no_image_select = true; 755 $selected = ''; 756 } 757 else 758 { 759 $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : ''; 760 } 761 762 if (strlen($img) > 255) 763 { 764 continue; 765 } 766 767 $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>'; 768 } 769 } 770 771 $i = 0; 772 $assigned_extensions = ''; 773 foreach ($extensions as $num => $row) 774 { 775 if ($row['group_id'] == $group_id && $group_id) 776 { 777 $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension']; 778 $i++; 779 } 780 } 781 782 $s_extension_options = ''; 783 foreach ($extensions as $row) 784 { 785 $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>'; 786 } 787 788 $template->assign_vars(array( 789 'IMG_PATH' => $img_path, 790 'ACTION' => $action, 791 'GROUP_ID' => $group_id, 792 'GROUP_NAME' => $ext_group_row['group_name'], 793 'ALLOW_GROUP' => $ext_group_row['allow_group'], 794 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], 795 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], 796 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], 797 'ASSIGNED_EXTENSIONS' => $assigned_extensions, 798 799 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), 800 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format), 801 'S_EXTENSION_OPTIONS' => $s_extension_options, 802 'S_FILENAME_LIST' => $filename_list, 803 'S_EDIT_GROUP' => true, 804 'S_NO_IMAGE' => $no_image_select, 805 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false, 806 807 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"), 808 'U_BACK' => $this->u_action, 809 810 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP']) 811 ); 812 813 $s_forum_id_options = ''; 814 815 /** @todo use in-built function **/ 816 817 $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id 818 FROM ' . FORUMS_TABLE . ' 819 ORDER BY left_id ASC'; 820 $result = $db->sql_query($sql, 600); 821 822 $right = $cat_right = $padding_inc = 0; 823 $padding = $forum_list = $holding = ''; 824 $padding_store = array('0' => ''); 825 826 while ($row = $db->sql_fetchrow($result)) 827 { 828 if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) 829 { 830 // Non-postable forum with no subforums, don't display 831 continue; 832 } 833 834 if (!$auth->acl_get('f_list', $row['forum_id'])) 835 { 836 // if the user does not have permissions to list this forum skip 837 continue; 838 } 839 840 if ($row['left_id'] < $right) 841 { 842 $padding .= ' '; 843 $padding_store[$row['parent_id']] = $padding; 844 } 845 else if ($row['left_id'] > $right + 1) 846 { 847 $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']]; 848 } 849 850 $right = $row['right_id']; 851 852 $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : ''; 853 854 if ($row['left_id'] > $cat_right) 855 { 856 // make sure we don't forget anything 857 $s_forum_id_options .= $holding; 858 $holding = ''; 859 } 860 861 if ($row['right_id'] - $row['left_id'] > 1) 862 { 863 $cat_right = max($cat_right, $row['right_id']); 864 865 $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 866 } 867 else 868 { 869 $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; 870 $holding = ''; 871 } 872 } 873 874 if ($holding) 875 { 876 $s_forum_id_options .= $holding; 877 } 878 879 $db->sql_freeresult($result); 880 unset($padding_store); 881 882 $template->assign_vars(array( 883 'S_FORUM_ID_OPTIONS' => $s_forum_id_options) 884 ); 885 886 break; 887 } 888 889 $sql = 'SELECT * 890 FROM ' . EXTENSION_GROUPS_TABLE . ' 891 ORDER BY allow_group DESC, allow_in_pm DESC, group_name'; 892 $result = $db->sql_query($sql); 893 894 $old_allow_group = $old_allow_pm = 1; 895 while ($row = $db->sql_fetchrow($result)) 896 { 897 $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false; 898 899 $template->assign_block_vars('groups', array( 900 'S_ADD_SPACER' => $s_add_spacer, 901 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false, 902 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false, 903 904 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 905 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", 906 907 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'], 908 'CATEGORY' => $cat_lang[$row['cat_id']], 909 ) 910 ); 911 912 $old_allow_group = $row['allow_group']; 913 $old_allow_pm = $row['allow_in_pm']; 914 } 915 $db->sql_freeresult($result); 916 917 break; 918 919 case 'orphan': 920 921 if ($submit) 922 { 923 $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); 924 $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array(); 925 $post_ids = request_var('post_id', array('' => 0)); 926 927 if (sizeof($delete_files)) 928 { 929 $sql = 'SELECT * 930 FROM ' . ATTACHMENTS_TABLE . ' 931 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' 932 AND is_orphan = 1'; 933 $result = $db->sql_query($sql); 934 935 $delete_files = array(); 936 while ($row = $db->sql_fetchrow($result)) 937 { 938 phpbb_unlink($row['physical_filename'], 'file'); 939 940 if ($row['thumbnail']) 941 { 942 phpbb_unlink($row['physical_filename'], 'thumbnail'); 943 } 944 945 $delete_files[$row['attach_id']] = $row['real_filename']; 946 } 947 $db->sql_freeresult($result); 948 } 949 950 if (sizeof($delete_files)) 951 { 952 $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . ' 953 WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files)); 954 $db->sql_query($sql); 955 956 add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files)); 957 $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode($user->lang['COMMA_SEPARATOR'], $delete_files)); 958 } 959 960 $upload_list = array(); 961 foreach ($add_files as $attach_id) 962 { 963 if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id])) 964 { 965 $upload_list[$attach_id] = $post_ids[$attach_id]; 966 } 967 } 968 unset($add_files); 969 970 if (sizeof($upload_list)) 971 { 972 $template->assign_var('S_UPLOADING_FILES', true); 973 974 $sql = 'SELECT forum_id, forum_name 975 FROM ' . FORUMS_TABLE; 976 $result = $db->sql_query($sql); 977 978 $forum_names = array(); 979 while ($row = $db->sql_fetchrow($result)) 980 { 981 $forum_names[$row['forum_id']] = $row['forum_name']; 982 } 983 $db->sql_freeresult($result); 984 985 $sql = 'SELECT forum_id, topic_id, post_id, poster_id 986 FROM ' . POSTS_TABLE . ' 987 WHERE ' . $db->sql_in_set('post_id', $upload_list); 988 $result = $db->sql_query($sql); 989 990 $post_info = array(); 991 while ($row = $db->sql_fetchrow($result)) 992 { 993 $post_info[$row['post_id']] = $row; 994 } 995 $db->sql_freeresult($result); 996 997 // Select those attachments we want to change... 998 $sql = 'SELECT * 999 FROM ' . ATTACHMENTS_TABLE . ' 1000 WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . ' 1001 AND is_orphan = 1'; 1002 $result = $db->sql_query($sql); 1003 1004 $files_added = $space_taken = 0; 1005 while ($row = $db->sql_fetchrow($result)) 1006 { 1007 $post_row = $post_info[$upload_list[$row['attach_id']]]; 1008 1009 $template->assign_block_vars('upload', array( 1010 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']), 1011 'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false, 1012 'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '') 1013 ); 1014 1015 if (!$auth->acl_get('f_attach', $post_row['forum_id'])) 1016 { 1017 continue; 1018 } 1019 1020 // Adjust attachment entry 1021 $sql_ary = array( 1022 'in_message' => 0, 1023 'is_orphan' => 0, 1024 'poster_id' => $post_row['poster_id'], 1025 'post_msg_id' => $post_row['post_id'], 1026 'topic_id' => $post_row['topic_id'], 1027 ); 1028 1029 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 1030 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 1031 WHERE attach_id = ' . $row['attach_id']; 1032 $db->sql_query($sql); 1033 1034 $sql = 'UPDATE ' . POSTS_TABLE . ' 1035 SET post_attachment = 1 1036 WHERE post_id = ' . $post_row['post_id']; 1037 $db->sql_query($sql); 1038 1039 $sql = 'UPDATE ' . TOPICS_TABLE . ' 1040 SET topic_attachment = 1 1041 WHERE topic_id = ' . $post_row['topic_id']; 1042 $db->sql_query($sql); 1043 1044 $space_taken += $row['filesize']; 1045 $files_added++; 1046 1047 add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']); 1048 } 1049 $db->sql_freeresult($result); 1050 1051 if ($files_added) 1052 { 1053 set_config_count('upload_dir_size', $space_taken, true); 1054 set_config_count('num_files', $files_added, true); 1055 } 1056 } 1057 } 1058 1059 $template->assign_vars(array( 1060 'S_ORPHAN' => true) 1061 ); 1062 1063 // Just get the files with is_orphan set and older than 3 hours 1064 $sql = 'SELECT * 1065 FROM ' . ATTACHMENTS_TABLE . ' 1066 WHERE is_orphan = 1 1067 AND filetime < ' . (time() - 3*60*60) . ' 1068 ORDER BY filetime DESC'; 1069 $result = $db->sql_query($sql); 1070 1071 while ($row = $db->sql_fetchrow($result)) 1072 { 1073 $template->assign_block_vars('orphan', array( 1074 'FILESIZE' => get_formatted_filesize($row['filesize']), 1075 'FILETIME' => $user->format_date($row['filetime']), 1076 'REAL_FILENAME' => utf8_basename($row['real_filename']), 1077 'PHYSICAL_FILENAME' => utf8_basename($row['physical_filename']), 1078 'ATTACH_ID' => $row['attach_id'], 1079 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '', 1080 'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id'])) 1081 ); 1082 } 1083 $db->sql_freeresult($result); 1084 1085 break; 1086 1087 case 'manage': 1088 1089 if ($submit) 1090 { 1091 $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); 1092 1093 if (sizeof($delete_files)) 1094 { 1095 // Select those attachments we want to delete... 1096 $sql = 'SELECT real_filename 1097 FROM ' . ATTACHMENTS_TABLE . ' 1098 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' 1099 AND is_orphan = 0'; 1100 $result = $db->sql_query($sql); 1101 while ($row = $db->sql_fetchrow($result)) 1102 { 1103 $deleted_filenames[] = $row['real_filename']; 1104 } 1105 $db->sql_freeresult($result); 1106 1107 if ($num_deleted = delete_attachments('attach', $delete_files)) 1108 { 1109 if (sizeof($delete_files) != $num_deleted) 1110 { 1111 $error[] = $user->lang['FILES_GONE']; 1112 } 1113 add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $deleted_filenames)); 1114 $notify[] = sprintf($user->lang['LOG_ATTACHMENTS_DELETED'], implode($user->lang['COMMA_SEPARATOR'], $deleted_filenames)); 1115 } 1116 else 1117 { 1118 $error[] = $user->lang['NO_FILES_TO_DELETE']; 1119 } 1120 } 1121 } 1122 1123 if ($action == 'stats') 1124 { 1125 $this->handle_stats_resync(); 1126 } 1127 1128 $stats_error = $this->check_stats_accuracy(); 1129 1130 if ($stats_error) 1131 { 1132 $error[] = $stats_error; 1133 } 1134 1135 $template->assign_vars(array( 1136 'S_MANAGE' => true, 1137 )); 1138 1139 $start = request_var('start', 0); 1140 1141 // Sort keys 1142 $sort_days = request_var('st', 0); 1143 $sort_key = request_var('sk', 't'); 1144 $sort_dir = request_var('sd', 'd'); 1145 1146 // Sorting 1147 $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); 1148 $sort_by_text = array('f' => $user->lang['FILENAME'], 't' => $user->lang['FILEDATE'], 's' => $user->lang['FILESIZE'], 'x' => $user->lang['EXTENSION'], 'd' => $user->lang['DOWNLOADS'],'p' => $user->lang['ATTACH_POST_TYPE'], 'u' => $user->lang['AUTHOR']); 1149 $sort_by_sql = array('f' => 'a.real_filename', 't' => 'a.filetime', 's' => 'a.filesize', 'x' => 'a.extension', 'd' => 'a.download_count', 'p' => 'a.in_message', 'u' => 'u.username'); 1150 1151 $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; 1152 gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); 1153 1154 $min_filetime = ($sort_days) ? (time() - ($sort_days * 86400)) : ''; 1155 $limit_filetime = ($min_filetime) ? " AND a.filetime >= $min_filetime " : ''; 1156 $start = ($sort_days && isset($_POST['sort'])) ? 0 : $start; 1157 1158 $attachments_per_page = (int) $config['topics_per_page']; 1159 1160 $stats = $this->get_attachment_stats($limit_filetime); 1161 $num_files = $stats['num_files']; 1162 $total_size = $stats['upload_dir_size']; 1163 1164 // Make sure $start is set to the last page if it exceeds the amount 1165 $pagination = $phpbb_container->get('pagination'); 1166 $start = $pagination->validate_start($start, $attachments_per_page, $num_files); 1167 1168 // If the user is trying to reach the second half of the attachments list, fetch it starting from the end 1169 $store_reverse = false; 1170 $sql_limit = $attachments_per_page; 1171 1172 if ($start > $num_files / 2) 1173 { 1174 $store_reverse = true; 1175 1176 // Select the sort order. Add time sort anchor for non-time sorting cases 1177 $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') : ''; 1178 $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') . $sql_sort_anchor; 1179 $sql_limit = $pagination->reverse_limit($start, $sql_limit, $num_files); 1180 $sql_start = $pagination->reverse_start($start, $sql_limit, $num_files); 1181 } 1182 else 1183 { 1184 // Select the sort order. Add time sort anchor for non-time sorting cases 1185 $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') : ''; 1186 $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') . $sql_sort_anchor; 1187 $sql_start = $start; 1188 } 1189 1190 $attachments_list = array(); 1191 1192 // Just get the files 1193 $sql = 'SELECT a.*, u.username, u.user_colour, t.topic_title 1194 FROM ' . ATTACHMENTS_TABLE . ' a 1195 LEFT JOIN ' . USERS_TABLE . ' u ON (u.user_id = a.poster_id) 1196 LEFT JOIN ' . TOPICS_TABLE . " t ON (a.topic_id = t.topic_id) 1197 WHERE a.is_orphan = 0 1198 $limit_filetime 1199 ORDER BY $sql_sort_order"; 1200 $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); 1201 1202 $i = ($store_reverse) ? $sql_limit - 1 : 0; 1203 1204 // Store increment value in a variable to save some conditional calls 1205 $i_increment = ($store_reverse) ? -1 : 1; 1206 while ($attachment_row = $db->sql_fetchrow($result)) 1207 { 1208 $attachments_list[$i] = $attachment_row; 1209 $i = $i + $i_increment; 1210 } 1211 $db->sql_freeresult($result); 1212 1213 $base_url = $this->u_action . "&$u_sort_param"; 1214 $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_files, $attachments_per_page, $start); 1215 1216 $template->assign_vars(array( 1217 'TOTAL_FILES' => $num_files, 1218 'TOTAL_SIZE' => get_formatted_filesize($total_size), 1219 1220 'S_LIMIT_DAYS' => $s_limit_days, 1221 'S_SORT_KEY' => $s_sort_key, 1222 'S_SORT_DIR' => $s_sort_dir) 1223 ); 1224 1225 // Grab extensions 1226 $extensions = $cache->obtain_attach_extensions(true); 1227 1228 for ($i = 0, $end = sizeof($attachments_list); $i < $end; ++$i) 1229 { 1230 $row = $attachments_list[$i]; 1231 1232 $row['extension'] = strtolower(trim((string) $row['extension'])); 1233 $comment = ($row['attach_comment'] && !$row['in_message']) ? str_replace(array("\n", "\r"), array('<br />', "\n"), $row['attach_comment']) : ''; 1234 $display_cat = $extensions[$row['extension']]['display_cat']; 1235 $l_downloaded_viewed = ($display_cat == ATTACHMENT_CATEGORY_NONE) ? 'DOWNLOAD_COUNTS' : 'VIEWED_COUNTS'; 1236 1237 $template->assign_block_vars('attachments', array( 1238 'ATTACHMENT_POSTER' => get_username_string('full', (int) $row['poster_id'], (string) $row['username'], (string) $row['user_colour'], (string) $row['username']), 1239 'FILESIZE' => get_formatted_filesize((int) $row['filesize']), 1240 'FILETIME' => $user->format_date((int) $row['filetime']), 1241 'REAL_FILENAME' => (!$row['in_message']) ? utf8_basename((string) $row['real_filename']) : '', 1242 'PHYSICAL_FILENAME' => utf8_basename((string) $row['physical_filename']), 1243 'EXT_GROUP_NAME' => (!empty($extensions[$row['extension']]['group_name'])) ? $user->lang['EXT_GROUP_' . $extensions[$row['extension']]['group_name']] : '', 1244 'COMMENT' => $comment, 1245 'TOPIC_TITLE' => (!$row['in_message']) ? (string) $row['topic_title'] : '', 1246 'ATTACH_ID' => (int) $row['attach_id'], 1247 'POST_ID' => (int) $row['post_msg_id'], 1248 'TOPIC_ID' => (int) $row['topic_id'], 1249 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? (int) $post_ids[$row['attach_id']] : '', 1250 1251 'L_DOWNLOAD_COUNT' => $user->lang($l_downloaded_viewed, (int) $row['download_count']), 1252 1253 'S_IN_MESSAGE' => (bool) $row['in_message'], 1254 1255 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}", 1256 'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id'])) 1257 ); 1258 } 1259 1260 break; 1261 } 1262 1263 if (sizeof($error)) 1264 { 1265 $template->assign_vars(array( 1266 'S_WARNING' => true, 1267 'WARNING_MSG' => implode('<br />', $error)) 1268 ); 1269 } 1270 1271 if (sizeof($notify)) 1272 { 1273 $template->assign_vars(array( 1274 'S_NOTIFY' => true, 1275 'NOTIFY_MSG' => implode('<br />', $notify)) 1276 ); 1277 } 1278 } 1279 1280 /** 1281 * Get attachment file count and size of upload directory 1282 * 1283 * @param $limit string Additional limit for WHERE clause to filter stats by. 1284 * @return array Returns array with stats: num_files and upload_dir_size 1285 */ 1286 public function get_attachment_stats($limit = '') 1287 { 1288 $sql = 'SELECT COUNT(a.attach_id) AS num_files, SUM(a.filesize) AS upload_dir_size 1289 FROM ' . ATTACHMENTS_TABLE . " a 1290 WHERE a.is_orphan = 0 1291 $limit"; 1292 $result = $this->db->sql_query($sql); 1293 $row = $this->db->sql_fetchrow($result); 1294 $this->db->sql_freeresult($result); 1295 1296 return array( 1297 'num_files' => (int) $row['num_files'], 1298 'upload_dir_size' => (float) $row['upload_dir_size'], 1299 ); 1300 } 1301 1302 /** 1303 * Set config attachment stat values 1304 * 1305 * @param $stats array Array of config key => value pairs to set. 1306 * @return null 1307 */ 1308 public function set_attachment_stats($stats) 1309 { 1310 foreach ($stats as $key => $value) 1311 { 1312 $this->config->set($key, $value, true); 1313 } 1314 } 1315 1316 /** 1317 * Check accuracy of attachment statistics. 1318 * 1319 * @return bool|string Returns false if stats are correct or error message 1320 * otherwise. 1321 */ 1322 public function check_stats_accuracy() 1323 { 1324 // Get fresh stats. 1325 $stats = $this->get_attachment_stats(); 1326 1327 // Get current files stats 1328 $num_files = (int) $this->config['num_files']; 1329 $total_size = (float) $this->config['upload_dir_size']; 1330 1331 if (($num_files != $stats['num_files']) || ($total_size != $stats['upload_dir_size'])) 1332 { 1333 $u_resync = $this->u_action . '&action=stats'; 1334 1335 return $this->user->lang( 1336 'FILES_STATS_WRONG', 1337 (int) $stats['num_files'], 1338 get_formatted_filesize($stats['upload_dir_size']), 1339 '<a href="' . $u_resync . '">', 1340 '</a>' 1341 ); 1342 } 1343 return false; 1344 } 1345 1346 /** 1347 * Handle stats resync. 1348 * 1349 * @return null 1350 */ 1351 public function handle_stats_resync() 1352 { 1353 if (!confirm_box(true)) 1354 { 1355 confirm_box(false, $this->user->lang['RESYNC_FILES_STATS_CONFIRM'], build_hidden_fields(array( 1356 'i' => $this->id, 1357 'mode' => 'manage', 1358 'action' => 'stats', 1359 ))); 1360 } 1361 else 1362 { 1363 $this->set_attachment_stats($this->get_attachment_stats()); 1364 $log = $this->phpbb_container->get('log'); 1365 $log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_RESYNC_FILES_STATS'); 1366 } 1367 1368 } 1369 1370 /** 1371 * Build Select for category items 1372 */ 1373 function category_select($select_name, $group_id = false, $key = '') 1374 { 1375 global $db, $user; 1376 1377 $types = array( 1378 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], 1379 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], 1380 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'], 1381 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'], 1382 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], 1383 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], 1384 ); 1385 1386 if ($group_id) 1387 { 1388 $sql = 'SELECT cat_id 1389 FROM ' . EXTENSION_GROUPS_TABLE . ' 1390 WHERE group_id = ' . (int) $group_id; 1391 $result = $db->sql_query($sql); 1392 1393 $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id']; 1394 1395 $db->sql_freeresult($result); 1396 } 1397 else 1398 { 1399 $cat_type = ATTACHMENT_CATEGORY_NONE; 1400 } 1401 1402 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1403 1404 foreach ($types as $type => $mode) 1405 { 1406 $selected = ($type == $cat_type) ? ' selected="selected"' : ''; 1407 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>'; 1408 } 1409 1410 $group_select .= '</select>'; 1411 1412 return $group_select; 1413 } 1414 1415 /** 1416 * Extension group select 1417 */ 1418 function group_select($select_name, $default_group = false, $key = '') 1419 { 1420 global $db, $user; 1421 1422 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>'; 1423 1424 $sql = 'SELECT group_id, group_name 1425 FROM ' . EXTENSION_GROUPS_TABLE . ' 1426 ORDER BY group_name'; 1427 $result = $db->sql_query($sql); 1428 1429 $group_name = array(); 1430 while ($row = $db->sql_fetchrow($result)) 1431 { 1432 $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; 1433 $group_name[] = $row; 1434 } 1435 $db->sql_freeresult($result); 1436 1437 $row['group_id'] = 0; 1438 $row['group_name'] = $user->lang['NOT_ASSIGNED']; 1439 $group_name[] = $row; 1440 1441 for ($i = 0, $groups_size = sizeof($group_name); $i < $groups_size; $i++) 1442 { 1443 if ($default_group === false) 1444 { 1445 $selected = ($i == 0) ? ' selected="selected"' : ''; 1446 } 1447 else 1448 { 1449 $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : ''; 1450 } 1451 1452 $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>'; 1453 } 1454 1455 $group_select .= '</select>'; 1456 1457 return $group_select; 1458 } 1459 1460 /** 1461 * Search Imagick 1462 */ 1463 function search_imagemagick() 1464 { 1465 $imagick = ''; 1466 1467 $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : ''; 1468 1469 $magic_home = getenv('MAGICK_HOME'); 1470 1471 if (empty($magic_home)) 1472 { 1473 $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); 1474 $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); 1475 1476 $locations = array_merge($path_locations, $locations); 1477 1478 foreach ($locations as $location) 1479 { 1480 // The path might not end properly, fudge it 1481 if (substr($location, -1) !== '/') 1482 { 1483 $location .= '/'; 1484 } 1485 1486 if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000) 1487 { 1488 $imagick = str_replace('\\', '/', $location); 1489 continue; 1490 } 1491 } 1492 } 1493 else 1494 { 1495 $imagick = str_replace('\\', '/', $magic_home); 1496 } 1497 1498 return $imagick; 1499 } 1500 1501 /** 1502 * Test Settings 1503 */ 1504 function test_upload(&$error, $upload_dir, $create_directory = false) 1505 { 1506 global $user, $phpbb_root_path; 1507 1508 // Does the target directory exist, is it a directory and writable. 1509 if ($create_directory) 1510 { 1511 if (!file_exists($phpbb_root_path . $upload_dir)) 1512 { 1513 @mkdir($phpbb_root_path . $upload_dir, 0777); 1514 phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE); 1515 } 1516 } 1517 1518 if (!file_exists($phpbb_root_path . $upload_dir)) 1519 { 1520 $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); 1521 return; 1522 } 1523 1524 if (!is_dir($phpbb_root_path . $upload_dir)) 1525 { 1526 $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); 1527 return; 1528 } 1529 1530 if (!phpbb_is_writable($phpbb_root_path . $upload_dir)) 1531 { 1532 $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); 1533 return; 1534 } 1535 } 1536 1537 /** 1538 * Perform operations on sites for external linking 1539 */ 1540 function perform_site_list() 1541 { 1542 global $db, $user; 1543 global $request; 1544 1545 if (isset($_REQUEST['securesubmit'])) 1546 { 1547 // Grab the list of entries 1548 $ips = request_var('ips', ''); 1549 $ip_list = array_unique(explode("\n", $ips)); 1550 $ip_list_log = implode(', ', $ip_list); 1551 1552 $ip_exclude = (int) $request->variable('ipexclude', false, false, \phpbb\request\request_interface::POST); 1553 1554 $iplist = array(); 1555 $hostlist = array(); 1556 1557 foreach ($ip_list as $item) 1558 { 1559 if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode)) 1560 { 1561 // Don't ask about all this, just don't ask ... ! 1562 $ip_1_counter = $ip_range_explode[1]; 1563 $ip_1_end = $ip_range_explode[5]; 1564 1565 while ($ip_1_counter <= $ip_1_end) 1566 { 1567 $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; 1568 $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; 1569 1570 if ($ip_2_counter == 0 && $ip_2_end == 254) 1571 { 1572 $ip_2_counter = 256; 1573 $ip_2_fragment = 256; 1574 1575 $iplist[] = "'$ip_1_counter.*'"; 1576 } 1577 1578 while ($ip_2_counter <= $ip_2_end) 1579 { 1580 $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; 1581 $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; 1582 1583 if ($ip_3_counter == 0 && $ip_3_end == 254) 1584 { 1585 $ip_3_counter = 256; 1586 $ip_3_fragment = 256; 1587 1588 $iplist[] = "'$ip_1_counter.$ip_2_counter.*'"; 1589 } 1590 1591 while ($ip_3_counter <= $ip_3_end) 1592 { 1593 $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; 1594 $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; 1595 1596 if ($ip_4_counter == 0 && $ip_4_end == 254) 1597 { 1598 $ip_4_counter = 256; 1599 $ip_4_fragment = 256; 1600 1601 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; 1602 } 1603 1604 while ($ip_4_counter <= $ip_4_end) 1605 { 1606 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; 1607 $ip_4_counter++; 1608 } 1609 $ip_3_counter++; 1610 } 1611 $ip_2_counter++; 1612 } 1613 $ip_1_counter++; 1614 } 1615 } 1616 else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item))) 1617 { 1618 $iplist[] = "'" . trim($item) . "'"; 1619 } 1620 else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item))) 1621 { 1622 $hostlist[] = "'" . trim($item) . "'"; 1623 } 1624 else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item))) 1625 { 1626 $hostlist[] = "'" . trim($item) . "'"; 1627 } 1628 } 1629 1630 $sql = 'SELECT site_ip, site_hostname 1631 FROM ' . SITELIST_TABLE . " 1632 WHERE ip_exclude = $ip_exclude"; 1633 $result = $db->sql_query($sql); 1634 1635 if ($row = $db->sql_fetchrow($result)) 1636 { 1637 $iplist_tmp = array(); 1638 $hostlist_tmp = array(); 1639 do 1640 { 1641 if ($row['site_ip']) 1642 { 1643 if (strlen($row['site_ip']) > 40) 1644 { 1645 continue; 1646 } 1647 1648 $iplist_tmp[] = "'" . $row['site_ip'] . "'"; 1649 } 1650 else if ($row['site_hostname']) 1651 { 1652 if (strlen($row['site_hostname']) > 255) 1653 { 1654 continue; 1655 } 1656 1657 $hostlist_tmp[] = "'" . $row['site_hostname'] . "'"; 1658 } 1659 // break; 1660 } 1661 while ($row = $db->sql_fetchrow($result)); 1662 1663 $iplist = array_unique(array_diff($iplist, $iplist_tmp)); 1664 $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp)); 1665 unset($iplist_tmp); 1666 unset($hostlist_tmp); 1667 } 1668 $db->sql_freeresult($result); 1669 1670 if (sizeof($iplist)) 1671 { 1672 foreach ($iplist as $ip_entry) 1673 { 1674 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude) 1675 VALUES ($ip_entry, $ip_exclude)"; 1676 $db->sql_query($sql); 1677 } 1678 } 1679 1680 if (sizeof($hostlist)) 1681 { 1682 foreach ($hostlist as $host_entry) 1683 { 1684 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude) 1685 VALUES ($host_entry, $ip_exclude)"; 1686 $db->sql_query($sql); 1687 } 1688 } 1689 1690 if (!empty($ip_list_log)) 1691 { 1692 // Update log 1693 $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP'; 1694 add_log('admin', $log_entry, $ip_list_log); 1695 } 1696 1697 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1698 } 1699 else if (isset($_POST['unsecuresubmit'])) 1700 { 1701 $unip_sql = request_var('unip', array(0)); 1702 1703 if (sizeof($unip_sql)) 1704 { 1705 $l_unip_list = ''; 1706 1707 // Grab details of ips for logging information later 1708 $sql = 'SELECT site_ip, site_hostname 1709 FROM ' . SITELIST_TABLE . ' 1710 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1711 $result = $db->sql_query($sql); 1712 1713 while ($row = $db->sql_fetchrow($result)) 1714 { 1715 $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']); 1716 } 1717 $db->sql_freeresult($result); 1718 1719 $sql = 'DELETE FROM ' . SITELIST_TABLE . ' 1720 WHERE ' . $db->sql_in_set('site_id', $unip_sql); 1721 $db->sql_query($sql); 1722 1723 add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list); 1724 } 1725 1726 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); 1727 } 1728 } 1729 1730 /** 1731 * Write display_order config field 1732 */ 1733 function display_order($value, $key = '') 1734 { 1735 $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING'); 1736 1737 return h_radio('config[display_order]', $radio_ary, $value, $key); 1738 } 1739 1740 /** 1741 * Adjust all three max_filesize config vars for display 1742 */ 1743 function max_filesize($value, $key = '') 1744 { 1745 // Determine size var and adjust the value accordingly 1746 $filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b')); 1747 $size_var = $filesize['si_identifier']; 1748 $value = $filesize['value']; 1749 1750 // size and maxlength must not be specified for input of type number 1751 return '<input type="number" id="' . $key . '" min="0" max="999999999999999" step="any" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>'; 1752 } 1753 1754 /** 1755 * Write secure_allow_deny config field 1756 */ 1757 function select_allow_deny($value, $key = '') 1758 { 1759 $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW'); 1760 1761 return h_radio('config[' . $key . ']', $radio_ary, $value, $key); 1762 } 1763 1764 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jan 11 00:25:41 2018 | Cross-referenced by PHPXref 0.7.1 |