<?php
#********************************** AgS MOD DOWNLOAD CENTR SEA *************************************#
#***************************************************************************************************#
# /||||||||||||||| ********************* /||||||||||||||| ********************* /||||||||||||||| #
# | ||||||||||||||| ********************* | ||||||||||||||| ********************* | ||||||||||||||| #
# | |||||/////||||| ********************* | |||||///////// ********************* | |||||///////// #
# | ||||| | ||||| ****** E-MAIL ******* | ||||| ****** WAP/WEB ****** | ||||| #
# | ||||| | ||||| *** [email protected] *** | ||||| * http://ags.h2m.ru * | ||||||||||||||| #
# | ||||| | ||||| ********************* | ||||||||||||||| ********************* | ||||||||||||||| #
# | ||||| | ||||| ********************* | |||||/////||||| ********************* |///////////||||| #
# | ||||||||||||||| ****** SKYPE ******** | ||||| | ||||| ***** MOD AUTHOR **** | ||||| #
# | |||||////|||||| ***** agrizz15 ****** | ||||| | ||||| ***** Agris Cišs **** /||||||||||||||| #
# | ||||| | ||||| ********************* | ||||||||||||||| ********************* | ||||||||||||||| #
# |///// |///// ********************* |/////////////// ********************* |/////////////// #
#***************************************************************************************************#
#********************************* MOD by AgS in 2010 @ LATVIA *************************************#
require_once"system/start.php";
require_once"system/config.php";
require_once"system/db.php";
require_once"system/head.php";
require_once"lng/$setup[lng]/lng.php";
require_once"system/functions.php";
require_once"system/cookies.php";
require_once"system/counter.php";
include_once"thm/$setup[thm]/index.php";
include_once"system/msg.php";
require_once"system/lib.id.php";
require_once"system/lib.pclzip.php";
@set_time_limit(99999);
ignore_user_abort(1);
/* Admina sesija */
if ($setup['adnick']==$_SESSION['log'] && $setup['adpass']==md5($_SESSION['par']) && $_SESSION['log']!="" && md5($_SESSION['par'])!="") {
/* ID apstrāde */
$id = intval($_GET['id']);
echo'<img src="pic/main/head.gif" alt=""> '.adm_000.'<br><br>';
/* ADMINA izvēlne */
if(!isset($act)){
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=scaner">'.adm_001.'</a><br>'.adm_002.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=rot">'.adm_003.'</a><br>'.adm_004.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=optm">'.adm_005.'</a><br>'.adm_006.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=clean">'.adm_007.'</a><br>'.adm_008.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=cleankomm">'.adm_009.'</a><br>'.adm_010.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=upload">'.adm_011.'</a><br>'.adm_012.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=import">'.adm_013.'</a><br>'.adm_014.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=id3">'.adm_015.'</a><br>'.adm_016.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin_setup.php?">'.adm_017.'</a><br>'.adm_018.'<br>';
echo'<img src="pic/main/dot2.gif" alt=""> <a href="admin_backup.php?">'.dl_165.'</a><br>'.dl_166.'<br>';
}
/* MP3 failu pārsaukšana vienam vai vairākiem */
if($act=="id3"){
$id3 = &new MP3_Id();
$genres = $id3->genres();
if(!$_POST) {
if($id) {
$tmp = mysql_fetch_row(mysql_query('SELECT `path` FROM `'.$MY_pre.'faili` WHERE `id`='.$id.' LIMIT 1'));
$id3->read($tmp[0]);
/* Kodējums */
function code($str) {
$charset = strtolower(mb_detect_encoding($str,'UTF-8, Windows-1251'));
if($charset != 'utf-8') {
$str = iconv('windows-1251','utf-8',$str);}
return $str;}
/* Iegūstam MP3 datus */
$name = code($id3->name);
$artists = code($id3->artists);
$album = code($id3->album);
$year = code($id3->year);
$track = code($id3->track);
$genre = code($id3->genre);
$comment = code($id3->comment);
/* Forma */
echo adm_019.'<br><br>';
echo '<form action="admin.php?act=id3&id='.$id.'" method="post">';
echo sys_name.':<br><input name="name" type="text" value="'.$name.'"><br>';
echo sys_artist.':<br><input name="artists" type="text" value="'.$artists.'"><br>';
echo sys_album.':<br><input name="album" type="text" value="'.$album.'"><br>';
echo sys_year.':<br><input name="year" type="text" value="'.$year.'"><br>';
echo adm_024.':<br><input name="track" type="text" value="'.$track.'"><br>';
echo sys_genre.':<br><select name="genre"><option value="'.$genre.'">'.$genre.'</option>';
foreach($genres as $var) {
if($var == $genre) {
continue;
}
$var = htmlspecialchars($var);
echo '<option value="'.$var.'">'.$var.'</option>';
}
echo '</select><br>';
echo sys_coment.':<br><textarea name="comment" rows="2" cols="32">'.$comment.'</textarea><br>';
echo '<input type="submit" value="'.sys_edit.'"></form></div>';
}else {
echo adm_028.'<br><br>';
echo '<form action="admin.php?act=id3" method="post">';
echo sys_name.':<br><input name="name" type="text"/><br>';
echo sys_artist.':<br><input name="artists" type="text"/><br>';
echo sys_album.':<br><input name="album" type="text"/><br>';
echo sys_year.':<br><input name="year" type="text"/><br>';
echo adm_024.':<br><input name="track" type="text"/><br>';
echo sys_genre.':<br><select name="genre"><option value=""></option>';
foreach($genres as $var) {
$var = htmlspecialchars($var);
echo '<option value="'.$var.'">'.$var.'</option>';}
echo '</select><br>';
echo sys_coment.':<br><textarea name="comment" rows="2" cols="32"></textarea><br>';
echo '<input type="submit" value="'.sys_edit.'"></form></div>';}
}else {
if($id) {
$tmp = mysql_fetch_row(mysql_query('SELECT `path` FROM `'.$MY_pre.'faili` WHERE `id`='.$id.' LIMIT 1'));
$id3->read($tmp[0]);
$id3->name = iconv('utf-8','windows-1251',$_POST['name']);
$id3->artists = iconv('utf-8','windows-1251',$_POST['artists']);
$id3->album = iconv('utf-8','windows-1251',$_POST['album']);
$id3->year = iconv('utf-8','windows-1251',$_POST['year']);
$id3->track = iconv('utf-8','windows-1251',$_POST['track']);
$id3->genre = iconv('utf-8','windows-1251',$_POST['genre']);
$id3->comment = iconv('utf-8','windows-1251',$_POST['comment']);
$id3->write();
header ('Location: about.php?id='.$id.'&sayer=mp3_teg_one&'.SID); exit;
}else {
$arr = array();
$q = mysql_query('SELECT TRIM(`path`) FROM `'.$MY_pre.'faili`');
while($f = mysql_fetch_row($q)) {
if(strtoupper(strrchr($f[0],'.')) == '.MP3') {
$arr[] = $f[0];
}}
if($_POST['name'] != '') { $_POST['name'] = iconv('utf-8','windows-1251',$_POST['name']);}
if($_POST['artists'] != ''){ $_POST['artists'] = iconv('utf-8','windows-1251',$_POST['artists']);}
if($_POST['album'] != '') { $_POST['album'] = iconv('utf-8','windows-1251',$_POST['album']);}
if($_POST['year'] != '') { $_POST['year'] = iconv('utf-8','windows-1251',$_POST['year']);}
if($_POST['track'] != '') { $_POST['track'] = iconv('utf-8','windows-1251',$_POST['track']);}
if($_POST['genre'] != '') { $_POST['genre'] = iconv('utf-8','windows-1251',$_POST['genre']);}
if($_POST['comment'] != '') { $_POST['comment'] = iconv('utf-8','windows-1251',$_POST['comment']);}
$all = sizeof($arr);
for($i = 0; $i <= $all; ++$i) {
$id3->read($arr[$i]);
if($_POST['name'] != '') { $id3->name = $_POST['name'];}
if($_POST['artists'] != '') { $id3->artists = $_POST['artists'];}
if($_POST['album'] != '') { $id3->album = $_POST['album'];}
if($_POST['year'] != '') { $id3->year = $_POST['year'];}
if($_POST['track'] != '') { $id3->track = $_POST['track'];}
if($_POST['genre'] != '') { $id3->genre = $_POST['genre'];}
if($_POST['comment'] != '') { $id3->comment = $_POST['comment'];}
$id3->write();
}
header ('Location: admin.php?sayer=mp3_teg_two&folderis='.$all.'&'.SID); exit;
}}}
/* Ātrais apraksts mapēm un failiem ( failiem ātrais + ātro pievieno pie galvenā ) */
if($act=="fast"){
$file = mysql_fetch_array(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
if(!$_POST) {
echo adm_029.' <b>'.$file['name'].'</b><br><br>';
echo '<form action="admin.php?act=fast&backid='.$backid.'&id='.$id.'" method="post">';
echo '<textarea cols="70" rows="10" name="text">'.htmlspecialchars($file['fastabout']).'</textarea><br><br>';
echo '<input name="tr" type="checkbox" value="1">'.adm_030.'<br>';
echo '<input type="submit" value="'.adm_031.'">';
echo '</form>';
}else {
$filename = pathinfo($file['path']);
$dir = $filename['dirname'];
if(intval($_POST['tr']) == 1) {
mysql_query("UPDATE `".$MY_pre."faili` SET about='".bb_kods(tirit($_POST['text']))."' WHERE `id` = ".$id);}
mysql_query("UPDATE `".$MY_pre."faili` SET fastabout='".bb_kods(tirit($_POST['text']))."' WHERE `id` = ".$id);
if($_POST['text'] == '') {
header ('Location: index.php?sayer=about_del&id='.$backid.'&'.SID); exit;}else{
header ('Location: index.php?sayer=about_add&id='.$backid.'&'.SID); exit;}}}
/* Pozīcijas maiņa */
if($act=="pos"){
$file_info = mysql_fetch_assoc(mysql_query('SELECT `name`,`path` FROM `'.$MY_pre.'faili` WHERE `id`='.$id));
if(is_dir($file_info['path'])){
$file_info['name'] = str_replace('*','',$file_info['name']);
if($_GET['to'] == 'down') {
$query = 'UPDATE `'.$MY_pre.'faili` SET `priority`=`priority`-1 WHERE `id` = '.$id;} elseif($_GET['to'] == 'up') {
$query = 'UPDATE `'.$MY_pre.'faili` SET `priority`=`priority`+1 WHERE `id` = '.$id;}
if(mysql_query($query)) {
header ('Location: index.php?sayer=pos_yes&id='.$backid.'&folderis='.$file_info['name'].'&'.SID); exit; }else {
header ('Location: index.php?sayer=pos_no&id='.$backid.'&'.SID); exit;}}else{
header ('Location: index.php?sayer=pos_no&id='.$backid.'&'.SID); exit;}}
/* DB tīrīšana */
if($act=="rot"){
$delfiles = 0;
$reses = mysql_query('SELECT `id`,`path` FROM `'.$MY_pre.'faili`');
while($array = mysql_fetch_assoc($reses)) {
$array_path[$array['id']] = $array['path'];
}
foreach($array_path as $key => $value) {
if(file_exists($value) == false) {
$res = mysql_query('DELETE FROM `'.$MY_pre.'faili` WHERE `id` = '.$key);
$res = mysql_query('DELETE FROM `'.$MY_pre.'komentari` WHERE `file_id` = '.$key);
$delfiles++;
}}
header ('Location: admin.php?sayer=rot&dellete='.$delfiles.'&'.SID); exit;}
/* Ikonas pievienošana */
if($act=="addico"){
$file_info = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
if(!$_FILES) {
echo adm_032.'<br><br>';
echo '<form action="admin.php?act=addico&backid='.$backid.'&id='.$id.'" method="post" enctype="multipart/form-data">';
echo sys_file.':<br>';
echo '<input name="ico" type="file"><br>';
echo '<input type="submit" value="'.sys_upload.'">';
echo '</form><br>';
}else {
$name = $_FILES['ico']['name'];
$ext = pathinfo($name);
$ext = strtolower($ext['extension']);
$to = $file_info['path'].'folder.png';
if($ext == 'php' or $ext == 'php3' or $ext == 'php4' or $ext == 'php5' or $ext == 'php6' or $ext == 'phtml' or $ext =='cgi' or $ext == 'asp' or $ext == 'js' or $ext == 'phtm' or $ext == 'py' or $ext == 'pl'){
die($setup['hackmess']);}
if($ext != 'png'){
header ('Location: admin.php?act=addico&sayer=adico_only&backid='.$backid.'&id='.$id.'&'.SID); exit;}
if(file_exists($to)){
header ('Location: index.php?sayer=dir_noexist&'.SID); exit; }
chmod($file_info['path'],0777);
if(move_uploaded_file($_FILES['ico']['tmp_name'],$to)) {
chmod($to,0644);
header ('Location: index.php?sayer=addico_yes&id='.$backid.'&'.SID); exit;
}else {
header ('Location: index.php?sayer=addico_no&id='.$backid.'&'.SID); exit; }}}
/* Mapes dzēšana ar visiem failiem */
if($act=="redir"){
if(!$_GET['level']) {
echo adm_035.'<br><br>';
echo '<center><a href="admin.php?act=redir&level=1&backid='.$backid.'&id='.$id.'">'.sys_yes.'</a>';
echo ' | <a href="index.php?id='.$backid.'">'.sys_nop.'</a></center><br><br>';
}else {
$file = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id.' ORDER BY `name`'));
if(!is_dir($file['path'])){header ('Location: index.php?sayer=dir_noexist&'.SID); exit; }
$ex = explode('/',$file['path']);
$f_chmod = null;
foreach($ex as $chmod) {
$f_chmod .= $chmod.'/';
chmod($f_chmod,0777);}
$array = glob($file['path'].'*');
foreach($array as $vv) {
if(is_dir($vv)){
echo adm_038.'<br>'; exit;
}else {
if(!unlink($vv)) die( adm_039.' '.$vv.'!<br></body></html>');}}
$query = mysql_query("DELETE FROM `".$MY_pre."faili` WHERE `infolder` = '".$file['path']."'") or header ('Location: index.php?sayer=dir_delerror2&id='.$backid.'&'.SID);
if(!rmdir($file['path'])){
header ('Location: index.php?sayer=dir_delerror2&id='.$backid.'&'.SID); exit;}
$query = mysql_query('DELETE FROM `'.$MY_pre.'faili` WHERE `id` = '.$id) or header ('Location: index.php?sayer=dir_delerror2&id='.$backid.'&'.SID);
$f_chmod = null;
foreach($ex as $chmod) {
$f_chmod .= $chmod.'/';
if($f_chmod != $setup['dir_faili'].'/') {
chmod($f_chmod.'/',0777);
}}
header ('Location: index.php?sayer=redir_del&id='.$backid.'&'.SID); exit; }}
/* Failu un mapju pārsaukšana */
if($act=="rename"){
$file = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
if(!$_POST) {
if(is_dir($file['path'])) $file['name'] = str_replace('*','',$file['name']);
echo adm_040.':<br>';
echo '<form method="post" action="admin.php?act=rename&backid='.$backid.'&id='.$id.'"">';
echo '<input type="text" name="newname" size="50%" value="'.$file['name'].'"><br>';
echo '<input type="submit" value="'.adm_041.'" >';
echo '</form><br>';
}else {
$newname = tirit(dzest($_POST['newname']));
if(is_dir($file['path'])) $newname = '*'.$newname;
mysql_query("UPDATE `".$MY_pre."faili` SET name='".$newname."' WHERE `id` = ".$id);
$error = mysql_error();
if($error){ header ('Location: index.php?sayer=rename_error&id='.$backid.'&'.SID); exit; }
header ('Location: index.php?sayer=rename&id='.$backid.'&'.SID); exit; }}
/* Komentāru tīrīšana */
if($act=="clearkomm"){
$query = mysql_query('DELETE FROM `'.$MY_pre.'komentari` WHERE `file_id` = '.$id);
$error = mysql_error();
if($error){
header ('Location: about.php?id='.$id.'&sayer=cleancommno&'.SID); exit; }
header ('Location: about.php?id='.$id.'&sayer=clearcom&'.SID); exit; }
/* Ikonas dzēšana */
if($act=="reico"){
$file_info = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
if(!file_exists($file_info['path'].'folder.png')){
header ('Location: index.php?sayer=reico_error&id='.$backid.'&'.SID); exit;}
chmod($file_info['path'].'folder.png',0777);
if(unlink($file_info['path'].'folder.png')){
header ('Location: index.php?sayer=reico_yes&id='.$backid.'&'.SID); exit;}else{
header ('Location: index.php?sayer=reico_no&id='.$backid.'&'.SID); exit;}}
/* Reitinga nomešana */
if($act=="cleareval"){
$query = mysql_query('UPDATE `'.$MY_pre.'faili` SET `ips`="",`yes`=0,`no`=0 WHERE `id` = '.$id);
$error = mysql_error();
if($error){
header ('Location: about.php?id='.$id.'&sayer=eval_error&'.SID); exit;}
header ('Location: about.php?id='.$id.'&sayer=cleareval&'.SID); exit;}
/* DB optimizēšana */
if($act=="optm"){
mysql_query('OPTIMIZE TABLE `'.$MY_pre.'faili`;');
mysql_query('OPTIMIZE TABLE `'.$MY_pre.'komentari`;');
mysql_query('OPTIMIZE TABLE `'.$MY_pre.'iestatijumi`;');
header ('Location: index.php?sayer=db_optim'); exit;
}
/* Datu Bāze attīrīta no aprakstiem, kačājuma un reitinga skaita, komentāriem! */
if($act=="clean"){
if(!$_GET['level']) {
echo adm_042.'<br>';
echo '<a href="admin.php?act=clean&backid='.$backid.'&level=1">'.sys_yes.'</a>';
echo ' | <a href="admin.php?">'.sys_nop.'</a><br><br>';
}else {
mysql_query('TRUNCATE TABLE `'.$MY_pre.'faili`;');
mysql_query('TRUNCATE TABLE `'.$MY_pre.'komentari`;');
header ('Location: admin.php?sayer=del_db&'.SID); exit;}}
/* Visu komentāru dzēšana */
if($act=="cleankomm"){
if(!$_GET['level']) {
echo adm_043.'<br><br><a href="admin.php?act=cleankomm&level=1">'.sys_yes.'</a>';
echo ' | <a href="admin.php?">'.sys_nop.'</a>';
echo '<br><br>';
}else {
mysql_query('TRUNCATE TABLE `'.$MY_pre.'komentari`');
header ('Location: admin.php?sayer=delcomm_db&'.SID); exit;}}
/* Faila galvenais apraksts */
if($act=="about"){
$file = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
if(!$_POST) {
echo adm_044.' '.$file['name'].':<br>';
echo '<form action="admin.php?act=about&id='.$id.'" method="post">';
echo '<textarea cols="70" rows="10" name="text">'.htmlspecialchars($file['about']).'</textarea><br><br>';
echo '<input type="submit" value="'.adm_045.'"></form><br>';
echo adm_046.'<br><br>';
}else {
$filename = pathinfo($file['path']);
$dir = $filename['dirname'];
$back = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `".$MY_pre."faili` WHERE `path` = '".bb_kods(tirit($dir))."';"));
$write_bd = mysql_query("UPDATE `".$MY_pre."faili` SET about='".bb_kods(tirit($_POST['text']))."' WHERE `id` = ".$id);
if($_POST['text'] == ''){
header ('Location: about.php?id='.$id.'&sayer=about_del&'.SID); exit; }else{
header ('Location: about.php?id='.$id.'&sayer=about_add&'.SID); exit; }}}
/* Failu imports */
if($act=="import"){
if(!$_POST) {
$dirs = mysql_query('SELECT `path` FROM `'.$MY_pre.'faili` WHERE `size` = 0');
echo adm_047.'<br><br>';
echo sys_save.':<br>';
echo '<form action="admin.php?act=import" method="post">';
echo '<select size="1" width="70" name="topath">';
echo '<option value="'.$setup['dir_faili'].'/">./</option>';
while($item = mysql_fetch_assoc($dirs)) {
$name = str_replace($setup['dir_faili'].'/','',$item['path']);
$path = explode('/',$name);
$option = '';
unset($path[sizeof($path) - 1]);
foreach($path as $value) {
if(strpos($value,'!') !== false){
$name = trans($value);}else{
$name = $value;}
$option = $option.$name.'/';
}
echo '<option value="'.$item['path'].'">'.$option.'</option>';
}
echo '</select><br><br>';
echo adm_049.':<br><textarea cols="70" rows="10" name="files"></textarea><br>';
echo '<input type="submit" value="'.adm_050.'"></form><br>';
echo adm_051.'<br><br>';
}else {
$newpath = trim($_POST['topath']);
if(!empty($newpath)){
$text = explode("\n",$_POST['files']);
for($i = 0; $i < $sizeof = sizeof($text); $i++) {
$ex = pathinfo($text[$i]);
$ext = strtolower($ex['extension']);
$to = $newpath.$ex['basename'];
if(file_exists($to)){
echo sys_file.' '.$to.' '.adm_053.'<br></body></html>';
}
if($ext == 'php' or $ext == 'php2' or $ext == 'php3' or $ext == 'php4' or $ext == 'php5' or $ext == 'php6' or $ext == 'phtml' or $ext == 'cgi' or $ext == 'asp' or $ext == 'js' or $ext == 'phtm' or $ext == 'py' or $ext == 'pl'){echo $setup['hackmess'].'</body></html>';}
chmod($newpath,0777);
@ini_set('user_agent',$_SERVER['HTTP_USER_AGENT']);
if(copy($text[$i],$to)) {
echo sys_file.' '.$text[$i].' '.adm_054.'<br>';
$upltime = filectime($to);
$ex = pathinfo($to);
$name = str_replace('.'.$ex['extension'],'',basename($to));
if(strpos($name,'!') !== false) {
$name = trans($name);}else {
$name = trans2($name);}
$size = filesize($to);
$infolder = dirname($to).'/';
$query = mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `size` , `timeupload`) VALUES ('$to', '$name', '$infolder' , '$size' , '$upltime');");
}else {
echo sys_file.' '.$text[$i].' '.adm_056.'<br>';
}}
chmod($newpath,0777);
echo '<br><img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=import">'.adm_055.'</a><br>';
}else{header ('Location: admin.php?act=import&sayer=import_exists&'.SID);}}}
/* Failu augšuplāde */
if($act=="upload"){
if(!$_POST) {
$dirs = mysql_query('SELECT `path` FROM `'.$MY_pre.'faili` WHERE `size` = 0');
echo adm_057.' (<b>MAX - '.ini_get('upload_max_filesize').'</b>)<br><br>';
echo sys_save.':<br>';
echo '<form action="admin.php?act=upload" method="post" enctype="multipart/form-data">';
echo '<select size="1" width="70" name="topath">';
echo '<option value="'.$setup['dir_faili'].'/">./</option>';
while($item = mysql_fetch_assoc($dirs)) {
$name = str_replace($setup['dir_faili'].'/','',$item['path']);
$path = explode('/',$name);
$option = '';
unset($path[sizeof($path) - 1]);
foreach($path as $value) {
if(strpos($value,'!') !== false){
$name = trans($value);}else{
$name = $value;}
$option = $option.$name.'/';
}
echo '<option value="'.$item['path'].'">'.$option.'</option>';
}
echo '</select><br><br>';
echo adm_059.':<br>';
echo '<input name="userfile[]" type="file"><br>';
echo '<input name="userfile[]" type="file"><br>';
echo '<input name="userfile[]" type="file"><br>';
echo '<input name="userfile[]" type="file"><br>';
echo '<input name="userfile[]" type="file"><br>';
echo '<input type="submit" value="'.sys_upload.'"></form><br><br>';
}else {
$newpath = trim($_POST['topath']);
if(empty($newpath)){ header ('Location: admin.php?act=upload&sayer=import_exists&'.SID);}
for($i = 0; $i < sizeof($_FILES['userfile']['name']); $i++) {
if(empty($_FILES['userfile']['name'][$i])) {
continue;}
$name = $_FILES['userfile']['name'][$i];
$ex = pathinfo($name);
$ext = strtolower($ex['extension']);
$to = $newpath.$name;
if($ext == 'php' or $ext == 'php3' or $ext == 'php4' or $ext == 'php5' or $ext == 'php6' or $ext == 'phtml' or $ext == 'cgi' or $ext == 'asp' or $ext == 'js' or $ext == 'phtm' or $ext == 'py' or $ext == 'pl'){
die($setup[hackmess]);}
if(file_exists($to)){
die(adm_061.'<br>');}
chmod($newpath,0777);
if(move_uploaded_file($_FILES['userfile']['tmp_name'][$i],$to)) {
echo sys_file.' '.$name.' '.adm_062.'<br>';
$upltime = filectime($to);
$ex = pathinfo($to);
$ex = $ex['extension'];
$name = str_replace('.'.$ex,'',basename($to));
$size = filesize($to);
$infolder = dirname($to).'/';
if(strpos($name,'!') !== false) {
$name = trans($name);}else {
$name = trans2($name);}
$query = mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `size` , `timeupload`) VALUES ('$to', '$name', '$infolder' , '$size' , '$upltime');");
chmod($to,0644);}else{
echo sys_file.' '.$name.' '.adm_063.'<br>';}}
chmod($newpath,0777);
echo '<br><img src="pic/main/dot2.gif" alt=""> <a href="admin.php?act=upload">'.sys_upload.'</a><br>';
}}
/* Jauna mape */
if($act=="newdir"){
if(!$_POST) {
echo adm_065.'<br><br>';
echo '<form action="admin.php?act=newdir&backid='.$backid.'&id='.$id.'" method="post">';
echo sys_name.':<br>';
echo '<input name="dirnew" type="text" size="70" value=""><br><br>';
echo '<input name="tr" type="checkbox" value="1" checked="checked">';
echo adm_067.'<br>';
echo '<input type="submit" value="'.sys_create.'"></form><br><br>';
}else {
if(empty($_POST['dirnew'])) {
header ('Location: admin.php?act=addico&sayer=newdir_empty&backid='.$backid.'&id='.$id.'&'.SID); exit; }
$dirnew = tirit(dzest($_POST['dirnew']));
$name = '*'.$dirnew;
if($_POST['tr'] == 1) {$dirnew = '!'.retrans($dirnew);}
if(!$id) {$d['path'] = $setup['dir_faili'].'/';
}else {
$d = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
}
chmod($d['path'],0777);
$dirnew = trim($d['path']).trim($dirnew).'/';
if(mkdir($dirnew,0777) AND mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `timeupload`, `loads`, `yes` ) VALUES ('".$dirnew."', '$name', '".$d['path']."', '9999999999', '9999999999', '9999');")) {
$screen = $setup['dir_screen'].substr($dirnew,strlen($setup['dir_faili']));
mkdir($screen,0777);
chmod($screen,0777);
$desc = $setup['dir_about'].substr($dirnew,strlen($setup['dir_faili']));
mkdir($desc,0777);
chmod($desc,0777);
chmod($dirnew,0777);
header ('Location: index.php?sayer=newdir_yes&id='.$backid.'&'.SID); exit; }else {
header ('Location: index.php?sayer=newdir_no&id='.$backid.'&'.SID); exit; }}}
/* Failu DB atjaunošana noteiktām mapēm */
if($act=="flash"){
$file_info = mysql_fetch_assoc(mysql_query('SELECT `path` FROM `'.$MY_pre.'faili` WHERE `id` = '.$id.' AND `size` = 0'));
if(!is_dir($file_info['path'])){header ('Location: index.php?sayer=dir_noexist&'.SID); exit; }
function scaner($paths) {
$paths = $paths.'/*';
$array = glob($paths);
static $file_aray;
foreach($array as $vv) {
if(is_dir($vv)) {
$file_aray[] = $vv.'/';
scaner($vv);
}else {
if(basename($vv) == 'folder.png'){ continue;}
$file_aray[] = $vv;}}
return $file_aray;}
$file_array = scaner(mb_substr($file_info['path'],0,mb_strlen($file_info['path']) - 1));
$addfolder = $addfiles = 0;
$reses = mysql_query('SELECT `id`,`path` FROM `'.$MY_pre.'faili`');
while($array = mysql_fetch_assoc($reses)) {
$array_path[$array['id']] = $array['path'];}
foreach($file_array as $value) {
if(@in_array($value,$array_path) === false) {
$upltime = filectime($value);
$name = basename($value);
$pathinfo = pathinfo($value);
$ext = $pathinfo['extension'];
$name = str_replace('.'.$ext,'',$name);
$infolder = dirname($value).'/';
$size = filesize($value);
if(strpos($name,'!') !== false) {
$name = trans($name);}else {
$name = trans2($name);}
if(is_dir($value)) {
$query = mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `timeupload`, `loads`, `yes` ) VALUES ('$value', '*".
$name."', '$infolder', '9999999999', '9999999999', '9999');");
$addfolder++;
}else {
$query = mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `size` , `timeupload`) VALUES ('$value', '$name', '$infolder' , '$size' , '$upltime');");
$addfiles++;
}}}
header ('Location: index.php?sayer=flash_ok&id='.$backid.'&folders='.$addfolder.'&files='.$addfiles.'&'.SID); exit; }
/* Arhīva atrhivēšana arhīva atrašanās vietā */
if($act=="unpack"){
$file = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
$dir = dirname($file['path']).'/';
chmod($folder['path'],0777);
$zip = new PclZip($file['path']);
if(!$zip->extract(PCLZIP_OPT_PATH,$dir)){
header ('Location: index.php?sayer=unzip_no&id='.$backid.'&'.SID); exit; }else{
chmod($folder['path'],0777);
header ('Location: index.php?sayer=unzip_yes&id='.$backid.'&'.SID); exit; }}
/* Faila dzēšana */
if($act=="refile"){
$file = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id.' ORDER BY `name`'));
if(!is_file($file['path'])){
header ('Location: index.php?sayer=refile_doesnt&id='.$backid.'&'.SID); exit; }
$ex = explode('/',$file['path']);
$f_chmod = null;
foreach($ex as $chmod) {
$f_chmod .= $chmod;
if(is_dir($f_chmod)) {$f_chmod = $f_chmod.'/';}
chmod($f_chmod,0777);}
if(!unlink($file['path'])){
header ('Location: index.php?sayer=refile_error&folderis='.$file['path'].'&id='.$backid.'&'.SID); exit;}
$query = mysql_query('DELETE FROM `'.$MY_pre.'faili` WHERE `id` = '.$id) or header ('Location: index.php?sayer=refile_errordb&id='.$backid.'&'.SID);
$f_chmod = null;
foreach($ex as $chmod) {
$f_chmod .= $chmod;
if(is_dir($f_chmod)) {$f_chmod = $f_chmod.'/';}
if($f_chmod != $setup['dir_faili'].'/') {chmod($f_chmod,0777);}}
header ('Location: index.php?sayer=file_del&folderis='.$file['name'].'&id='.$backid.'&'.SID); exit;}
/* Priekšskata augšuplāde */
if($act=="screen"){
$info = mysql_fetch_assoc(mysql_query('SELECT * FROM `'.$MY_pre.'faili` WHERE `id` = '.$id));
$info['path'] = strstr($info['path'],'/');
$to = $setup['dir_screen'].$info['path'].'.gif';
if(!$_FILES) {
if(empty($backid)){$backid=$id;}
echo adm_069.'<br><br>';
echo '<form action="admin.php?act=screen&backid='.$backid.'&id='.$id.'" method="post" enctype="multipart/form-data">';
echo sys_prew.':<br>';
echo '<input name="scr" type="file"><br>';
echo '<input type="submit" value="'.sys_upload.'"></form><br><br>';
}else {
$name = htmlspecialchars($_FILES['scr']['name']);
$ex = pathinfo($name);
$ext = strtolower($ex['extension']);
if(($ext != 'gif' && $ext != 'jpg' && $ext != 'jpe' && $ext != 'jpeg' && $ext != 'png') && ($backid==$id)){
header ('Location: about.php?id='.$id.'&sayer=screen_formats&'.SID); exit;
}elseif($ext != 'gif' && $ext != 'jpg' && $ext != 'jpe' && $ext != 'jpeg' && $ext != 'png'){
header ('Location: index.php?id='.$backid.'&sayer=screen_formats&'.SID); exit;
}
chmod($setup['dir_screen'],0777);
$dirs = explode('/',$to);
$all = sizeof($dirs) - 1;
$tmp = $setup['dir_screen'].'/';
for($i = 1; $i < $all; ++$i) {
$tmp .= $dirs[$i].'/';
mkdir($tmp,0777);
chmod($tmp,0777);
}
if(move_uploaded_file($_FILES['scr']['tmp_name'],$to)) {
chmod($to,0666);
if($ext == 'jpg' || $ext == 'jpe' || $ext == 'jpeg') {
$im = imagecreatefromjpeg($to);
imagegif($im,$to);
imagedestroy($im);
} elseif($ext == 'png') {
$im = imagecreatefrompng($to);
imagegif($im,$to);
imagedestroy($im);
}
if($backid==$id){
header ('Location: about.php?id='.$id.'&sayer=screen_yes&folderis='.$name.'&'.SID); exit; }else{
header ('Location: index.php?sayer=screen_yes&folderis='.$name.'&id='.$backid.'&'.SID); exit; }}else {
if($backid==$id){
header ('Location: about.php?id='.$id.'&folderis='.$name.'&sayer=screen_no&'.SID); exit; }else{
header ('Location: index.php?sayer=screen_no&folderis='.$name.'&id='.$backid.'&'.SID); exit; }}}}
/* Failu rakstīšana DB */
if($act=="scaner"){
$currtime = $sitetime;
$addfolder = $addfiles = 0;
chmod($setup['dir_screen'],0777);
chmod($setup['dir_about'],0777);
$reses = mysql_query('SELECT `id`,`path` FROM `'.$MY_pre.'faili`;');
while($arr = mysql_fetch_row($reses)) {
$array_path[$arr[0]] = $arr[1];
}
function scaner($path) {
static $f_arr;
chmod($path,0777);
$arr = glob($path.'/*');
foreach($arr as $vv) {
if(is_dir($vv)) {
$f_arr[] = $vv.'/';
scaner($vv);
}else {
if(basename($vv) == 'folder.png') {
continue;
}else {$f_arr[] = $vv;}}}
return $f_arr;}
$file_array = scaner($setup['dir_faili']);
$upltime = time();
foreach($file_array as $value) {
if(!in_array($value,$array_path)) {
$pathinfo = pathinfo($value);
$name = str_replace('.'.$pathinfo['extension'],'',basename($value));
$infolder = dirname($value).'/';
$size = filesize($value);
if(strpos($name,'!') !== false) {
$name = trans($name);
}else { $name = trans2($name); }
if(is_dir($value)) {
mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `timeupload`, `loads`, `yes` ) VALUES ('".mysql_real_escape_string($value)."', '*".mysql_real_escape_string($name)."', '".mysql_real_escape_string($infolder)."', '9999999999', '9999999999', '$upltime');");
$addfolder++;
$screen = $setup['dir_screen'].substr($value,strlen($setup['dir_faili']));
mkdir($screen,0777);
chmod($screen,0777);
$desc = $setup['dir_about'].substr($value,strlen($setup['dir_faili']));
mkdir($desc,0777);
chmod($desc,0777);
}else {
mysql_query("INSERT INTO `".$MY_pre."faili` (`path`, `name`, `infolder`, `size` , `timeupload`) VALUES ('".mysql_real_escape_string($value)."', '".mysql_real_escape_string($name)."', '".mysql_real_escape_string($infolder)."' , '$size' , '$upltime');");
$addfiles++;}}}
header ("Location: ".BASE."admin.php?sayer=flash_ok&folders=".$addfolder."&files=".$addfiles."&".SID);
exit;
}
/* Komentāra dzēšana */
if($act=="allkom_delete"){
$del = mysql_query('DELETE FROM `'.$MY_pre.'komentari` WHERE `id` = '.intval($_GET['id']).' LIMIT 1');
if($del) {
header ("Location: ".BASE."allkomm.php?sayer=del_all_suces&page=".$page."&".SID);
}else {
header ("Location: ".BASE."allkomm.php?sayer=del_all_suces_no&page=".$page."&".SID);
}
}
echo'<img src="pic/main/dot.gif" alt=""> <a href="admin_login.php?action=exit&'.SID.'">EXIT</a><br>';
} else {
echo '<img src="pic/main/head.gif" alt=""> <b>'.adm_072.'</b><br><br>';
echo'<form method="post" action="'.BASE.'admin_login.php?'.SID.'">';
echo sys_nick.':<br><input name="login" value="'.$_COOKIE['cookname'].'" /><br>';
echo adm_074.':<br><input name="pass" type="password" /><br><br>';
echo'<input value="'.adm_075.'" type="submit" /></form><hr>';
echo'<br>'.adm_076.'<br>';
}
/* Beigas */
echo'<img src="pic/main/dot.gif" alt=""> <a href="index.php?'.SID.'">'.sys_dl.'</a><br>';
echo'<img src="pic/main/home.gif" alt=""> <a href="'.$setup['home'].'?'.SID.'">'.sys_home.'</a><br>';
include_once"thm/$setup[thm]/foot.php";
?>