Просмотр файла attach_mod/includes/functions_admin.php

Конкурс дизайнеров на 15000 рублей
Милый пушистый сайт !!!!
Размер файла: 11.96Kb 
  1. <?php
  2. /***************************************************************************
  3.  *                                mides.ru
  4.  *                            -------------------
  5.  ***************************************************************************/
  6. if ( !defined('IN_PHPBB') )
  7. {
  8. 	die("ERROR!!! THIS FILE PROTECTED. IF YOU SAW THIS REPORT, MEANS HACKERS HERE IS NOTHING TO DO ");
  9. }
  10.  
  11. function process_quota_settings($mode, $id, $quota_type, $quota_limit_id = 0)
  12. {
  13. 	global $db;
  14.  
  15. 	$id = (int) $id;
  16. 	$quota_type = (int) $quota_type;
  17. 	$quota_limit_id = (int) $quota_limit_id;
  18.  
  19. 	if ($mode == 'user')
  20. 	{
  21. 		if (!$quota_limit_id)
  22. 		{
  23. 			$sql = 'DELETE FROM ' . QUOTA_TABLE . "
  24. 				WHERE user_id = $id
  25. 					AND quota_type = $quota_type";
  26. 		}
  27. 		else
  28. 		{
  29. 			$sql = 'SELECT user_id 
  30. 				FROM ' . QUOTA_TABLE . " 
  31. 				WHERE user_id = $id
  32. 					AND quota_type = $quota_type";
  33.  
  34. 			if (!($result = $db->sql_query($sql)))
  35. 			{
  36. 				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
  37. 			}
  38.  
  39. 			if ($db->sql_numrows($result) == 0)
  40. 			{
  41. 				$sql_ary = array(
  42. 					'user_id'		=> (int) $id,
  43. 					'group_id'		=> 0,
  44. 					'quota_type'	=> (int) $quota_type,
  45. 					'quota_limit_id'=> (int) $quota_limit_id
  46. 				);
  47.  
  48. 				$sql = 'INSERT INTO ' . QUOTA_TABLE . ' ' . attach_mod_sql_build_array('INSERT', $sql_ary);
  49. 			}
  50. 			else
  51. 			{
  52. 				$sql = 'UPDATE ' . QUOTA_TABLE . "
  53. 					SET quota_limit_id = $quota_limit_id
  54. 					WHERE user_id = $id
  55. 						AND quota_type = $quota_type";
  56. 			}
  57. 			$db->sql_freeresult($result);
  58. 		}
  59. 	
  60. 		if (!($result = $db->sql_query($sql)))
  61. 		{
  62. 			message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);
  63. 		}
  64. 		
  65. 	}
  66. 	else if ($mode == 'group')
  67. 	{
  68. 		if (!$quota_limit_id)
  69. 		{
  70. 			$sql = 'DELETE FROM ' . QUOTA_TABLE . " 
  71. 				WHERE group_id = $id 
  72. 					AND quota_type = $quota_type";
  73.  
  74. 			if (!($result = $db->sql_query($sql)))
  75. 			{
  76. 				message_die(GENERAL_ERROR, 'Unable to delete quota Settings', '', __LINE__, __FILE__, $sql);
  77. 			}
  78. 		}
  79. 		else
  80. 		{
  81. 			$sql = 'SELECT group_id 
  82. 				FROM ' . QUOTA_TABLE . " 
  83. 				WHERE group_id = $id 
  84. 					AND quota_type = $quota_type";
  85.  
  86. 			if (!($result = $db->sql_query($sql)))
  87. 			{
  88. 				message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
  89. 			}
  90.  
  91. 			if ($db->sql_numrows($result) == 0)
  92. 			{
  93. 				$sql = 'INSERT INTO ' . QUOTA_TABLE . " (user_id, group_id, quota_type, quota_limit_id) 
  94. 					VALUES (0, $id, $quota_type, $quota_limit_id)";
  95. 			}
  96. 			else
  97. 			{
  98. 				$sql = 'UPDATE ' . QUOTA_TABLE . " SET quota_limit_id = $quota_limit_id 
  99. 					WHERE group_id = $id AND quota_type = $quota_type";
  100. 			}
  101. 	
  102. 			if (!$db->sql_query($sql))
  103. 			{
  104. 				message_die(GENERAL_ERROR, 'Unable to update quota Settings', '', __LINE__, __FILE__, $sql);
  105. 			}
  106. 		}
  107. 	}
  108. }
  109.  
  110. function sort_multi_array ($sort_array, $key, $sort_order, $pre_string_sort = 0) 
  111. {
  112. 	$last_element = sizeof($sort_array) - 1;
  113.  
  114. 	if (!$pre_string_sort)
  115. 	{
  116. 		$string_sort = (!is_numeric($sort_array[$last_element-1][$key]) ) ? true : false;
  117. 	}
  118. 	else
  119. 	{
  120. 		$string_sort = $pre_string_sort;
  121. 	}
  122.  
  123. 	for ($i = 0; $i < $last_element; $i++) 
  124. 	{
  125. 		$num_iterations = $last_element - $i;
  126.  
  127. 		for ($j = 0; $j < $num_iterations; $j++) 
  128. 		{
  129. 			$next = 0;
  130. 			$switch = false;
  131. 			if (!$string_sort)
  132. 			{
  133. 				if (($sort_order == 'DESC' && intval($sort_array[$j][$key]) < intval($sort_array[$j + 1][$key])) || ($sort_order == 'ASC' && intval($sort_array[$j][$key]) > intval($sort_array[$j + 1][$key])))
  134. 				{
  135. 					$switch = true;
  136. 				}
  137. 			}
  138. 			else
  139. 			{
  140. 				if (($sort_order == 'DESC' && strcasecmp($sort_array[$j][$key], $sort_array[$j + 1][$key]) < 0) || ($sort_order == 'ASC' && strcasecmp($sort_array[$j][$key], $sort_array[$j + 1][$key]) > 0))
  141. 				{
  142. 					$switch = true;
  143. 				}
  144. 			}
  145.  
  146. 			if ($switch)
  147. 			{
  148. 				$temp = $sort_array[$j];
  149. 				$sort_array[$j] = $sort_array[$j + 1];
  150. 				$sort_array[$j + 1] = $temp;
  151. 			}
  152. 		}
  153. 	}
  154.  
  155. 	return $sort_array;
  156. }
  157.  
  158. function entry_exists($attach_id)
  159. {
  160. 	global $db;
  161.  
  162. 	$attach_id = (int) $attach_id;
  163.  
  164. 	if (!$attach_id)
  165. 	{
  166. 		return false;
  167. 	}
  168. 	
  169. 	$sql = 'SELECT post_id, privmsgs_id
  170. 		FROM ' . ATTACHMENTS_TABLE . "
  171. 		WHERE attach_id = $attach_id";
  172. 	$result = $db->sql_query($sql);
  173.  
  174. 	if (!$result)
  175. 	{
  176. 		message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
  177. 	}
  178.  
  179. 	$ids = $db->sql_fetchrowset($result);
  180. 	$num_ids = $db->sql_numrows($result);
  181. 	$db->sql_freeresult($result);
  182.  
  183. 	$exists = false;
  184. 	
  185. 	for ($i = 0; $i < $num_ids; $i++)
  186. 	{
  187. 		if (intval($ids[$i]['post_id']) != 0)
  188. 		{
  189. 			$sql = 'SELECT post_id
  190. 				FROM ' . POSTS_TABLE . '
  191. 				WHERE post_id = ' . intval($ids[$i]['post_id']);
  192. 		}
  193. 		else if (intval($ids[$i]['privmsgs_id']) != 0)
  194. 		{
  195. 			$sql = 'SELECT privmsgs_id
  196. 				FROM ' . PRIVMSGS_TABLE . '
  197. 				WHERE privmsgs_id = ' . intval($ids[$i]['privmsgs_id']);
  198. 		}
  199. 		$result = $db->sql_query($sql);
  200.  
  201. 		if (!$result)
  202. 		{
  203. 			message_die(GENERAL_ERROR, 'Could not get Entry', '', __LINE__, __FILE__, $sql);
  204. 		}
  205. 	
  206. 		$num_rows = $db->sql_numrows($result);
  207. 		$db->sql_freeresult($result);
  208.  
  209. 		if ($num_rows > 0)
  210. 		{
  211. 			$exists = true;
  212. 			break;
  213. 		}
  214. 	}
  215.  
  216. 	return $exists;
  217. }
  218.  
  219. function collect_attachments()
  220. {
  221. 	global $upload_dir, $attach_config;
  222.  
  223. 	$file_attachments = array(); 
  224.  
  225. 	if (!intval($attach_config['allow_ftp_upload']))
  226. 	{
  227. 		if ($dir = @opendir($upload_dir))
  228. 		{
  229. 			while ($file = @readdir($dir))
  230. 			{
  231. 				if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file))
  232. 				{
  233. 					$file_attachments[] = trim($file);
  234. 				}
  235. 			}
  236. 		
  237. 			closedir($dir);
  238. 		}
  239. 		else
  240. 		{
  241. 			message_die(GENERAL_ERROR, 'Is Safe Mode Restriction in effect? The Attachment Mod seems to be unable to collect the Attachments within the upload Directory. Try to use FTP Upload to circumvent this error. Another reason could be that the directory ' . $upload_dir . ' does not exist.');
  242. 		}
  243. 	}
  244. 	else
  245. 	{
  246. 		$conn_id = attach_init_ftp();
  247.  
  248. 		$file_listing = array();
  249.  
  250. 		$file_listing = @ftp_rawlist($conn_id, '');
  251.  
  252. 		if (!$file_listing)
  253. 		{
  254. 			message_die(GENERAL_ERROR, 'Unable to get Raw File Listing. Please be sure the LIST command is enabled at your FTP Server.');
  255. 		}
  256.  
  257. 		for ($i = 0; $i < sizeof($file_listing); $i++)
  258. 		{
  259. 			if (ereg("([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)", $file_listing[$i], $regs))
  260. 			{
  261. 				if ($regs[1] == 'd') 
  262. 				{	
  263. 					$dirinfo[0] = 1;
  264. 				}
  265. 				$dirinfo[1] = $regs[2];
  266. 				$dirinfo[2] = $regs[3];
  267. 				$dirinfo[3] = $regs[4];
  268. 				$dirinfo[4] = $regs[5];
  269. 			}
  270. 			
  271. 			if ($dirinfo[0] != 1 && $dirinfo[4] != 'index.php' && $dirinfo[4] != '.htaccess')
  272. 			{
  273. 				$file_attachments[] = trim($dirinfo[4]);
  274. 			}
  275. 		}
  276.  
  277. 		@ftp_quit($conn_id);
  278. 	}
  279.  
  280. 	return $file_attachments;
  281. }
  282.  
  283. function get_formatted_dirsize()
  284. {
  285. 	global $attach_config, $upload_dir, $lang;
  286.  
  287. 	$upload_dir_size = 0;
  288.  
  289. 	if (!intval($attach_config['allow_ftp_upload']))
  290. 	{
  291. 		if ($dirname = @opendir($upload_dir))
  292. 		{
  293. 			while ($file = @readdir($dirname))
  294. 			{
  295. 				if ($file != 'index.php' && $file != '.htaccess' && !is_dir($upload_dir . '/' . $file) && !is_link($upload_dir . '/' . $file))
  296. 				{
  297. 					$upload_dir_size += @filesize($upload_dir . '/' . $file);
  298. 				}
  299. 			}
  300. 			@closedir($dirname);
  301. 		}
  302. 		else
  303. 		{
  304. 			$upload_dir_size = $lang['Not_available'];
  305. 			return $upload_dir_size;
  306. 		}
  307. 	}
  308. 	else
  309. 	{
  310. 		$conn_id = attach_init_ftp();
  311.  
  312. 		$file_listing = array();
  313.  
  314. 		$file_listing = @ftp_rawlist($conn_id, '');
  315.  
  316. 		if (!$file_listing)
  317. 		{
  318. 			$upload_dir_size = $lang['Not_available'];
  319. 			return $upload_dir_size;
  320. 		}
  321.  
  322. 		for ($i = 0; $i < count($file_listing); $i++)
  323. 		{
  324. 			if (ereg("([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)", $file_listing[$i], $regs))
  325. 			{
  326. 				if ($regs[1] == 'd') 
  327. 				{	
  328. 					$dirinfo[0] = 1;
  329. 				}
  330. 				$dirinfo[1] = $regs[2];
  331. 				$dirinfo[2] = $regs[3]; 
  332. 				$dirinfo[3] = $regs[4]; 
  333. 				$dirinfo[4] = $regs[5]; 
  334. 			}
  335. 			
  336. 			if ($dirinfo[0] != 1 && $dirinfo[4] != 'index.php' && $dirinfo[4] != '.htaccess')
  337. 			{
  338. 				$upload_dir_size += $dirinfo[1];
  339. 			}
  340. 		}
  341.  
  342. 		@ftp_quit($conn_id);
  343. 	}
  344.  
  345. 	if ($upload_dir_size >= 1048576)
  346. 	{
  347. 		$upload_dir_size = round($upload_dir_size / 1048576 * 100) / 100 . ' ' . $lang['MB'];
  348. 	}
  349. 	else if ($upload_dir_size >= 1024)
  350. 	{
  351. 		$upload_dir_size = round($upload_dir_size / 1024 * 100) / 100 . ' ' . $lang['KB'];
  352. 	}
  353. 	else
  354. 	{
  355. 		$upload_dir_size = $upload_dir_size . ' ' . $lang['Bytes'];
  356. 	}
  357.  
  358. 	return $upload_dir_size;
  359. }
  360.  
  361. function search_attachments($order_by, &$total_rows)
  362. {
  363. 	global $db, $HTTP_POST_VARS, $HTTP_GET_VARS, $lang;
  364. 	
  365. 	$where_sql = array();
  366.  
  367. 	$search_vars = array('search_keyword_fname', 'search_keyword_comment', 'search_author', 'search_size_smaller', 'search_size_greater', 'search_count_smaller', 'search_count_greater', 'search_days_greater', 'search_forum', 'search_cat');
  368. 	
  369. 	for ($i = 0; $i < sizeof($search_vars); $i++)
  370. 	{
  371. 		$$search_vars[$i] = get_var($search_vars[$i], '');
  372. 	}
  373.  
  374. 	if ($search_author != '')
  375. 	{
  376. 		$search_author = addslashes(html_entity_decode($search_author));
  377. 		$search_author = stripslashes(phpbb_clean_username($search_author));
  378. 		$search_author = str_replace('*', '%', attach_mod_sql_escape($search_author));
  379.  
  380. 		$sql = 'SELECT user_id
  381. 			FROM ' . USERS_TABLE . "
  382. 			WHERE username LIKE '$search_author'";
  383.  
  384. 		if (!($result = $db->sql_query($sql)))
  385. 		{
  386. 			message_die(GENERAL_ERROR, 'Couldn\'t obtain list of matching users (searching for: ' . $search_author . ')', '', __LINE__, __FILE__, $sql);
  387. 		}
  388.  
  389. 		$matching_userids = '';
  390. 		if ($row = $db->sql_fetchrow($result))
  391. 		{
  392. 			do
  393. 			{
  394. 				$matching_userids .= (($matching_userids != '') ? ', ' : '') . intval($row['user_id']);
  395. 			}
  396. 			while ($row = $db->sql_fetchrow($result));
  397. 			
  398. 			$db->sql_freeresult($result);
  399. 		}
  400. 		else
  401. 		{
  402. 			message_die(GENERAL_MESSAGE, $lang['No_attach_search_match']);
  403. 		}
  404.  
  405. 		$where_sql[] = ' (t.user_id_1 IN (' . $matching_userids . ')) ';
  406. 	}
  407.  
  408. 	if ($search_keyword_fname != '')
  409. 	{
  410. 		$match_word = str_replace('*', '%', $search_keyword_fname);
  411. 		$where_sql[] = " (a.real_filename LIKE '" . attach_mod_sql_escape($match_word) . "') ";
  412. 	}
  413.  
  414. 	if ($search_keyword_comment != '')
  415. 	{
  416. 		$match_word = str_replace('*', '%', $search_keyword_comment);
  417. 		$where_sql[] = " (a.comment LIKE '" . attach_mod_sql_escape($match_word) . "') ";
  418. 	}
  419.  
  420. 	if ($search_count_smaller != '' || $search_count_greater != '')
  421. 	{
  422. 		if ($search_count_smaller != '')
  423. 		{
  424. 			$where_sql[] = ' (a.download_count < ' . (int) $search_count_smaller . ') ';
  425. 		}
  426. 		else if ($search_count_greater != '')
  427. 		{
  428. 			$where_sql[] = ' (a.download_count > ' . (int) $search_count_greater . ') ';
  429. 		}
  430. 	}
  431.  
  432. 	if ($search_size_smaller != '' || $search_size_greater != '')
  433. 	{
  434. 		if ($search_size_smaller != '')
  435. 		{
  436. 			$where_sql[] = ' (a.filesize < ' . (int) $search_size_smaller . ') ';
  437. 		}
  438. 		else if ($search_size_greater != '')
  439. 		{
  440. 			$where_sql[] = ' (a.filesize > ' . (int) $search_size_greater . ') ';
  441. 		}
  442. 	}
  443.  
  444. 	if ($search_days_greater != '')
  445. 	{
  446. 		$where_sql[] = ' (a.filetime < ' . ( time() - ((int) $search_days_greater * 86400)) . ') ';
  447. 	}
  448.  
  449. 	if ($search_forum)
  450. 	{
  451. 		$where_sql[] = ' (p.forum_id = ' . intval($search_forum) . ') ';
  452. 	}
  453.  
  454. 	$sql = 'SELECT a.*, t.post_id, p.post_time, p.topic_id
  455. 		FROM ' . ATTACHMENTS_TABLE . ' t, ' . ATTACHMENTS_DESC_TABLE . ' a, ' . POSTS_TABLE . ' p WHERE ';
  456. 	
  457. 	if (sizeof($where_sql) > 0)
  458. 	{
  459. 		$sql .= implode('AND', $where_sql) . ' AND ';
  460. 	}
  461.  
  462. 	$sql .= 't.post_id = p.post_id AND a.attach_id = t.attach_id ';
  463. 	
  464. 	$total_rows_sql = $sql;
  465.  
  466. 	$sql .= $order_by; 
  467.  
  468. 	if (!($result = $db->sql_query($sql)))
  469. 	{
  470. 		message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql);
  471. 	}
  472.  
  473. 	$attachments = $db->sql_fetchrowset($result);
  474. 	$num_attach = $db->sql_numrows($result);
  475. 	$db->sql_freeresult($result);
  476.  
  477. 	if ($num_attach == 0)
  478. 	{
  479. 		message_die(GENERAL_MESSAGE, $lang['No_attach_search_match']);
  480. 	}
  481.  
  482. 	if (!($result = $db->sql_query($total_rows_sql)))
  483. 	{
  484. 		message_die(GENERAL_ERROR, 'Could not query attachments', '', __LINE__, __FILE__, $sql);
  485. 	}
  486.  
  487. 	$total_rows = $db->sql_numrows($result);
  488. 	$db->sql_freeresult($result);
  489.  
  490. 	return $attachments;
  491. }
  492.  
  493. function limit_array($array, $start, $pagelimit)
  494. {
  495. 	$limit = (sizeof($array) < ($start + $pagelimit)) ? sizeof($array) : $start + $pagelimit;
  496.  
  497. 	$limit_array = array();
  498.  
  499. 	for ($i = $start; $i < $limit; $i++)
  500. 	{
  501. 		$limit_array[] = $array[$i];
  502. 	}
  503.  
  504. 	return $limit_array;
  505. }
  506.  
  507. ?>