search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
replace constants with class constants.
[phpbb.git] / phpBB / modules / acp / acp_attachments.php
blob6b827a91fb20149484f9a47c8dfc31cc1b623603
1 <?php
2 /**
3 *
4 * @package acp
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 if (!defined('IN_PHPBB'))
15 {
16 exit;
17 }
18
19 /**
20 * @package acp
21 */
22 class acp_attachments
23 {
24 var $u_action;
25 var $new_config;
26
27 function main($id, $mode)
28 {
29 global $db, $user, $auth, $template, $cache, $config;
30
31 $user->add_lang(array('posting', 'viewtopic', 'acp/attachments'));
32
33 $error = $notify = array();
34 $submit = phpbb_request::is_set_post('submit');
35 $action = request_var('action', '');
36
37 $form_key = 'acp_attach';
38 add_form_key($form_key);
39
40 if ($submit && !check_form_key($form_key))
41 {
42 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
43 }
44
45 switch ($mode)
46 {
47 case 'attach':
48 $l_title = 'ACP_ATTACHMENT_SETTINGS';
49 break;
50
51 case 'extensions':
52 $l_title = 'ACP_MANAGE_EXTENSIONS';
53 break;
54
55 case 'ext_groups':
56 $l_title = 'ACP_EXTENSION_GROUPS';
57 break;
58
59 case 'orphan':
60 $l_title = 'ACP_ORPHAN_ATTACHMENTS';
61 break;
62
63 default:
64 trigger_error('NO_MODE', E_USER_ERROR);
65 break;
66 }
67
68 $this->tpl_name = 'acp_attachments';
69 $this->page_title = $l_title;
70
71 $template->assign_vars(array(
72 'L_TITLE' => $user->lang[$l_title],
73 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'],
74 'U_ACTION' => $this->u_action)
75 );
76
77 switch ($mode)
78 {
79 case 'attach':
80
81 include_once(PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT);
82
83 $sql = 'SELECT group_name, cat_id
84 FROM ' . EXTENSION_GROUPS_TABLE . '
85 WHERE cat_id > 0
86 ORDER BY cat_id';
87 $result = $db->sql_query($sql);
88
89 $s_assigned_groups = array();
90 while ($row = $db->sql_fetchrow($result))
91 {
92 $s_assigned_groups[$row['cat_id']][] = $row['group_name'];
93 }
94 $db->sql_freeresult($result);
95
96 $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']';
97
98 $display_vars = array(
99 'title' => 'ACP_ATTACHMENT_SETTINGS',
100 'vars' => array(
101 'img_max_width' => false, 'img_max_height' => false, 'img_link_width' => false, 'img_link_height' => false,
102
103 'legend1' => 'ACP_ATTACHMENT_SETTINGS',
104 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
105 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
106 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true),
107 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true),
108 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
109 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
110 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
111 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
112 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
113 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
114 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
115 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
116 'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
117
118
119 'legend2' => $l_legend_cat_images,
120 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
121 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
122 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' px'),
123 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
124 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
125 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' px'),
126 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' px'),
127 )
128 );
129
130 $this->new_config = $config;
131 $cfg_array = (phpbb_request::is_set('config')) ? request_var('config', array('' => '')) : $this->new_config;
132 $error = array();
133
134 // We validate the complete config if whished
135 validate_config_vars($display_vars['vars'], $cfg_array, $error);
136
137 // Do not write values if there is an error
138 if (sizeof($error))
139 {
140 $submit = false;
141 }
142
143 // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
144 foreach ($display_vars['vars'] as $config_name => $null)
145 {
146 if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
147 {
148 continue;
149 }
150
151 $this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
152
153 if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
154 {
155 $size_var = request_var($config_name, '');
156 $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
157 }
158
159 if ($submit)
160 {
161 set_config($config_name, $config_value);
162 }
163 }
164
165 $this->perform_site_list();
166
167 if ($submit)
168 {
169 add_log('admin', 'LOG_CONFIG_ATTACH');
170
171 // Check Settings
172 $this->test_upload($error, $this->new_config['upload_path'], false);
173
174 if (!sizeof($error))
175 {
176 trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
177 }
178 }
179
180 $template->assign_var('S_ATTACHMENT_SETTINGS', true);
181
182 if ($action == 'imgmagick')
183 {
184 $this->new_config['img_imagick'] = $this->search_imagemagick();
185 }
186
187 // We strip eventually manual added convert program, we only want the patch
188 if ($this->new_config['img_imagick'])
189 {
190 // Change path separator
191 $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']);
192 $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
193
194 // Check for trailing slash
195 if (substr($this->new_config['img_imagick'], -1) !== '/')
196 {
197 $this->new_config['img_imagick'] .= '/';
198 }
199 }
200
201 $supported_types = get_supported_image_types();
202
203 // Check Thumbnail Support
204 if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format'])))
205 {
206 $this->new_config['img_create_thumbnail'] = 0;
207 }
208
209 $template->assign_vars(array(
210 'U_SEARCH_IMAGICK' => $this->u_action . '&amp;action=imgmagick',
211 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true)
212 );
213
214 // Secure Download Options - Same procedure as with banning
215 $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
216
217 $sql = 'SELECT *
218 FROM ' . SITELIST_TABLE;
219 $result = $db->sql_query($sql);
220
221 $defined_ips = '';
222 $ips = array();
223
224 while ($row = $db->sql_fetchrow($result))
225 {
226 $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];
227 if ($value)
228 {
229 $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';
230 $ips[$row['site_id']] = $value;
231 }
232 }
233 $db->sql_freeresult($result);
234
235 $template->assign_vars(array(
236 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'],
237 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false,
238 'S_WARNING' => (sizeof($error)) ? true : false,
239
240 'WARNING_MSG' => implode('<br />', $error),
241 'DEFINED_IPS' => $defined_ips,
242
243 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'],
244 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'],
245 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS'])
246 );
247
248 // Output relevant options
249 foreach ($display_vars['vars'] as $config_key => $vars)
250 {
251 if (!is_array($vars) && strpos($config_key, 'legend') === false)
252 {
253 continue;
254 }
255
256 if (strpos($config_key, 'legend') !== false)
257 {
258 $template->assign_block_vars('options', array(
259 'S_LEGEND' => true,
260 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars)
261 );
262
263 continue;
264 }
265
266 $type = explode(':', $vars['type']);
267
268 $l_explain = '';
269 if ($vars['explain'] && isset($vars['lang_explain']))
270 {
271 $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain'];
272 }
273 else if ($vars['explain'])
274 {
275 $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
276 }
277
278 $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
279 if (empty($content))
280 {
281 continue;
282 }
283
284 $template->assign_block_vars('options', array(
285 'KEY' => $config_key,
286 'TITLE' => $user->lang[$vars['lang']],
287 'S_EXPLAIN' => $vars['explain'],
288 'TITLE_EXPLAIN' => $l_explain,
289 'CONTENT' => $content,
290 )
291 );
292
293 unset($display_vars['vars'][$config_key]);
294 }
295
296 break;
297
298 case 'extensions':
299
300 if ($submit || phpbb_request::is_set_post('add_extension_check'))
301 {
302 if ($submit)
303 {
304 // Change Extensions ?
305 $extension_change_list = request_var('extension_change_list', array(0));
306 $group_select_list = request_var('group_select', array(0));
307
308 // Generate correct Change List
309 $extensions = array();
310
311 for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++)
312 {
313 $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i];
314 }
315
316 $sql = 'SELECT *
317 FROM ' . EXTENSIONS_TABLE . '
318 ORDER BY extension_id';
319 $result = $db->sql_query($sql);
320
321 while ($row = $db->sql_fetchrow($result))
322 {
323 if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])
324 {
325 $sql = 'UPDATE ' . EXTENSIONS_TABLE . '
326 SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '
327 WHERE extension_id = ' . $row['extension_id'];
328 $db->sql_query($sql);
329
330 add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']);
331 }
332 }
333 $db->sql_freeresult($result);
334
335 // Delete Extension?
336 $extension_id_list = request_var('extension_id_list', array(0));
337
338 if (sizeof($extension_id_list))
339 {
340 $sql = 'SELECT extension
341 FROM ' . EXTENSIONS_TABLE . '
342 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
343 $result = $db->sql_query($sql);
344
345 $extension_list = '';
346 while ($row = $db->sql_fetchrow($result))
347 {
348 $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension'];
349 }
350 $db->sql_freeresult($result);
351
352 $sql = 'DELETE
353 FROM ' . EXTENSIONS_TABLE . '
354 WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
355 $db->sql_query($sql);
356
357 add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list);
358 }
359 }
360
361 // Add Extension?
362 $add_extension = strtolower(request_var('add_extension', ''));
363 $add_extension_group = request_var('add_group_select', 0);
364 $add = phpbb_request::is_set_post('add_extension_check');
365
366 if ($add_extension && $add)
367 {
368 if (!sizeof($error))
369 {
370 $sql = 'SELECT extension_id
371 FROM ' . EXTENSIONS_TABLE . "
372 WHERE extension = '" . $db->sql_escape($add_extension) . "'";
373 $result = $db->sql_query($sql);
374
375 if ($row = $db->sql_fetchrow($result))
376 {
377 $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);
378 }
379 $db->sql_freeresult($result);
380
381 if (!sizeof($error))
382 {
383 $sql_ary = array(
384 'group_id' => $add_extension_group,
385 'extension' => $add_extension
386 );
387
388 $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
389 add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension);
390 }
391 }
392 }
393
394 if (!sizeof($error))
395 {
396 $notify[] = $user->lang['EXTENSIONS_UPDATED'];
397 }
398
399 $cache->destroy('_extensions');
400 }
401
402 $template->assign_vars(array(
403 'S_EXTENSIONS' => true,
404 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '',
405 'GROUP_SELECT_OPTIONS' => (phpbb_request::is_set_post('add_extension_check')) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))
406 );
407
408 $sql = 'SELECT *
409 FROM ' . EXTENSIONS_TABLE . '
410 ORDER BY group_id, extension';
411 $result = $db->sql_query($sql);
412
413 if ($row = $db->sql_fetchrow($result))
414 {
415 $old_group_id = $row['group_id'];
416 do
417 {
418 $s_spacer = false;
419
420 $current_group_id = $row['group_id'];
421 if ($old_group_id != $current_group_id)
422 {
423 $s_spacer = true;
424 $old_group_id = $current_group_id;
425 }
426
427 $template->assign_block_vars('extensions', array(
428 'S_SPACER' => $s_spacer,
429 'EXTENSION_ID' => $row['extension_id'],
430 'EXTENSION' => $row['extension'],
431 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id']))
432 );
433 }
434 while ($row = $db->sql_fetchrow($result));
435 }
436 $db->sql_freeresult($result);
437
438 break;
439
440 case 'ext_groups':
441
442 $template->assign_var('S_EXTENSION_GROUPS', true);
443
444 if ($submit)
445 {
446 $action = request_var('action', '');
447 $group_id = request_var('g', 0);
448
449 if ($action != 'add' && $action != 'edit')
450 {
451 trigger_error('NO_MODE', E_USER_ERROR);
452 }
453
454 if (!$group_id && $action == 'edit')
455 {
456 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
457 }
458
459 if ($group_id)
460 {
461 $sql = 'SELECT *
462 FROM ' . EXTENSION_GROUPS_TABLE . "
463 WHERE group_id = $group_id";
464 $result = $db->sql_query($sql);
465 $ext_row = $db->sql_fetchrow($result);
466 $db->sql_freeresult($result);
467
468 if (!$ext_row)
469 {
470 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
471 }
472 }
473 else
474 {
475 $ext_row = array();
476 }
477
478 $group_name = utf8_normalize_nfc(request_var('group_name', '', true));
479 $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
480
481 if (!$group_name)
482 {
483 $error[] = $user->lang['NO_EXT_GROUP_NAME'];
484 }
485
486 // Check New Group Name
487 if ($new_group_name)
488 {
489 $sql = 'SELECT group_name
490 FROM ' . EXTENSION_GROUPS_TABLE;
491 $result = $db->sql_query($sql);
492 $ext_row = $db->sql_fetchrow($result);
493 $db->sql_freeresult($result);
494
495 $clean_group_name = utf8_clean_string($new_group_name);
496
497 while ($row = $db->sql_fetchrow($result))
498 {
499 if (utf8_clean_string($row['group_name']) === $clean_group_name)
500 {
501 $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name);
502 break;
503 }
504 }
505 $db->sql_freeresult($result);
506 }
507
508 if (!sizeof($error))
509 {
510 // Ok, build the update/insert array
511 $upload_icon = request_var('upload_icon', 'no_image');
512 $size_select = request_var('size_select', 'b');
513 $forum_select = request_var('forum_select', false);
514 $allowed_forums = request_var('allowed_forums', array(0));
515 $allow_in_pm = phpbb_request::is_set_post('allow_in_pm');
516 $max_filesize = request_var('max_filesize', 0);
517 $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
518 $allow_group = phpbb_request::is_set_post('allow_group');
519
520 if ($max_filesize == $config['max_filesize'])
521 {
522 $max_filesize = 0;
523 }
524
525 if (!sizeof($allowed_forums))
526 {
527 $forum_select = false;
528 }
529
530 $group_ary = array(
531 'group_name' => $group_name,
532 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE),
533 'allow_group' => ($allow_group) ? 1 : 0,
534 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon,
535 'max_filesize' => $max_filesize,
536 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '',
537 'allow_in_pm' => ($allow_in_pm) ? 1 : 0,
538 );
539
540 if ($action == 'add')
541 {
542 $group_ary['download_mode'] = INLINE_LINK;
543 }
544
545 // @TODO: rewrite with the new param db functions
546 $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';
547 $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);
548 $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';
549
550 $db->sql_query($sql);
551
552 if ($action == 'add')
553 {
554 $group_id = $db->sql_nextid();
555 }
556
557 add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);
558 }
559
560 $extension_list = request_var('extensions', array(0));
561
562 if ($action == 'edit' && sizeof($extension_list))
563 {
564 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
565 SET group_id = 0
566 WHERE group_id = $group_id";
567 $db->sql_query($sql);
568 }
569
570 if (sizeof($extension_list))
571 {
572 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
573 SET group_id = $group_id
574 WHERE " . $db->sql_in_set('extension_id', $extension_list);
575 $db->sql_query($sql);
576 }
577
578 $cache->destroy('_extensions');
579
580 if (!sizeof($error))
581 {
582 $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)];
583 }
584 }
585
586 $cat_lang = array(
587 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
588 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
589 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
590 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
591 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
592 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
593 );
594
595 $group_id = request_var('g', 0);
596 $action = phpbb_request::is_set_post('add');
597
598 switch ($action)
599 {
600 case 'delete':
601
602 if (confirm_box(true))
603 {
604 $sql = 'SELECT group_name
605 FROM ' . EXTENSION_GROUPS_TABLE . "
606 WHERE group_id = $group_id";
607 $result = $db->sql_query($sql);
608 $group_name = (string) $db->sql_fetchfield('group_name');
609 $db->sql_freeresult($result);
610
611 $sql = 'DELETE
612 FROM ' . EXTENSION_GROUPS_TABLE . "
613 WHERE group_id = $group_id";
614 $db->sql_query($sql);
615
616 // Set corresponding Extensions to a pending Group
617 $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
618 SET group_id = 0
619 WHERE group_id = $group_id";
620 $db->sql_query($sql);
621
622 add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);
623
624 $cache->destroy('_extensions');
625
626 trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action));
627 }
628 else
629 {
630 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
631 'i' => $id,
632 'mode' => $mode,
633 'group_id' => $group_id,
634 'action' => 'delete',
635 )));
636 }
637
638 break;
639
640 case 'edit':
641
642 if (!$group_id)
643 {
644 trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
645 }
646
647 $sql = 'SELECT *
648 FROM ' . EXTENSION_GROUPS_TABLE . "
649 WHERE group_id = $group_id";
650 $result = $db->sql_query($sql);
651 $ext_group_row = $db->sql_fetchrow($result);
652 $db->sql_freeresult($result);
653
654 $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums']));
655
656 // no break;
657
658 case 'add':
659
660 if ($action == 'add')
661 {
662 $ext_group_row = array(
663 'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)),
664 'cat_id' => 0,
665 'allow_group' => 1,
666 'allow_in_pm' => 1,
667 'upload_icon' => '',
668 'max_filesize' => 0,
669 );
670
671 $forum_ids = array();
672 }
673
674 $extensions = array();
675
676 $sql = 'SELECT *
677 FROM ' . EXTENSIONS_TABLE . "
678 WHERE group_id = $group_id
679 OR group_id = 0
680 ORDER BY extension";
681 $result = $db->sql_query($sql);
682 $extensions = $db->sql_fetchrowset($result);
683 $db->sql_freeresult($result);
684
685 if ($ext_group_row['max_filesize'] == 0)
686 {
687 $ext_group_row['max_filesize'] = (int) $config['max_filesize'];
688 }
689
690 $size_format = ($ext_group_row['max_filesize'] >= 1048576) ? 'mb' : (($ext_group_row['max_filesize'] >= 1024) ? 'kb' : 'b');
691 $ext_group_row['max_filesize'] = get_formatted_filesize($ext_group_row['max_filesize'], false);
692
693 $img_path = $config['upload_icons_path'];
694
695 $filename_list = '';
696 $no_image_select = false;
697
698 $imglist = filelist(PHPBB_ROOT_PATH . $img_path);
699
700 if (sizeof($imglist))
701 {
702 $imglist = array_values($imglist);
703 $imglist = $imglist[0];
704
705 foreach ($imglist as $key => $img)
706 {
707 if (!$ext_group_row['upload_icon'])
708 {
709 $no_image_select = true;
710 $selected = '';
711 }
712 else
713 {
714 $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : '';
715 }
716
717 if (strlen($img) > 255)
718 {
719 continue;
720 }
721
722 $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>';
723 }
724 }
725
726 $i = 0;
727 $assigned_extensions = '';
728 foreach ($extensions as $num => $row)
729 {
730 if ($row['group_id'] == $group_id && $group_id)
731 {
732 $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension'];
733 $i++;
734 }
735 }
736
737 $s_extension_options = '';
738 foreach ($extensions as $row)
739 {
740 $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>';
741 }
742
743 $template->assign_vars(array(
744 'PHPBB_ROOT_PATH' => PHPBB_ROOT_PATH,
745 'IMG_PATH' => $img_path,
746 'ACTION' => $action,
747 'GROUP_ID' => $group_id,
748 'GROUP_NAME' => $ext_group_row['group_name'],
749 'ALLOW_GROUP' => $ext_group_row['allow_group'],
750 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'],
751 'UPLOAD_ICON_SRC' => PHPBB_ROOT_PATH . $img_path . '/' . $ext_group_row['upload_icon'],
752 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'],
753 'ASSIGNED_EXTENSIONS' => $assigned_extensions,
754
755 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'),
756 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format),
757 'S_EXTENSION_OPTIONS' => $s_extension_options,
758 'S_FILENAME_LIST' => $filename_list,
759 'S_EDIT_GROUP' => true,
760 'S_NO_IMAGE' => $no_image_select,
761 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false,
762
763 'U_EXTENSIONS' => append_sid(PHPBB_ADMIN_PATH . 'index.' . PHP_EXT, "i=$id&amp;mode=extensions"),
764 'U_BACK' => $this->u_action,
765
766 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'])
767 );
768
769 $s_forum_id_options = '';
770
771 /** @todo use in-built function **/
772
773 $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id
774 FROM ' . FORUMS_TABLE . '
775 ORDER BY left_id ASC';
776 $result = $db->sql_query($sql, 600);
777
778 $right = $cat_right = $padding_inc = 0;
779 $padding = $forum_list = $holding = '';
780 $padding_store = array('0' => '');
781
782 while ($row = $db->sql_fetchrow($result))
783 {
784 if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))
785 {
786 // Non-postable forum with no subforums, don't display
787 continue;
788 }
789
790 if (!$auth->acl_get('f_list', $row['forum_id']))
791 {
792 // if the user does not have permissions to list this forum skip
793 continue;
794 }
795
796 if ($row['left_id'] < $right)
797 {
798 $padding .= '&nbsp; &nbsp;';
799 $padding_store[$row['parent_id']] = $padding;
800 }
801 else if ($row['left_id'] > $right + 1)
802 {
803 $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']];
804 }
805
806 $right = $row['right_id'];
807
808 $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : '';
809
810 if ($row['left_id'] > $cat_right)
811 {
812 // make sure we don't forget anything
813 $s_forum_id_options .= $holding;
814 $holding = '';
815 }
816
817 if ($row['right_id'] - $row['left_id'] > 1)
818 {
819 $cat_right = max($cat_right, $row['right_id']);
820
821 $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
822 }
823 else
824 {
825 $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
826 $holding = '';
827 }
828 }
829
830 if ($holding)
831 {
832 $s_forum_id_options .= $holding;
833 }
834
835 $db->sql_freeresult($result);
836 unset($padding_store);
837
838 $template->assign_vars(array(
839 'S_FORUM_ID_OPTIONS' => $s_forum_id_options)
840 );
841
842 break;
843 }
844
845 $sql = 'SELECT *
846 FROM ' . EXTENSION_GROUPS_TABLE . '
847 ORDER BY allow_group DESC, allow_in_pm DESC, group_name';
848 $result = $db->sql_query($sql);
849
850 $old_allow_group = $old_allow_pm = 1;
851 while ($row = $db->sql_fetchrow($result))
852 {
853 $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false;
854
855 $template->assign_block_vars('groups', array(
856 'S_ADD_SPACER' => $s_add_spacer,
857 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false,
858 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false,
859
860 'U_EDIT' => $this->u_action . "&amp;action=edit&amp;g={$row['group_id']}",
861 'U_DELETE' => $this->u_action . "&amp;action=delete&amp;g={$row['group_id']}",
862
863 'GROUP_NAME' => $row['group_name'],
864 'CATEGORY' => $cat_lang[$row['cat_id']],
865 )
866 );
867
868 $old_allow_group = $row['allow_group'];
869 $old_allow_pm = $row['allow_in_pm'];
870 }
871 $db->sql_freeresult($result);
872
873 break;
874
875 case 'orphan':
876
877 if ($submit)
878 {
879 $delete_files = array_keys(phpbb_request::variable('delete', array('' => 0), false, phpbb_request::POST));
880 $add_files = array_keys(phpbb_request::variable('add', array('' => 0), false, phpbb_request::POST));
881 $post_ids = request_var('post_id', array('' => 0));
882
883 if (sizeof($delete_files))
884 {
885 $sql = 'SELECT *
886 FROM ' . ATTACHMENTS_TABLE . '
887 WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
888 AND is_orphan = 1';
889 $result = $db->sql_query($sql);
890
891 $delete_files = array();
892 while ($row = $db->sql_fetchrow($result))
893 {
894 phpbb_unlink($row['physical_filename'], 'file');
895
896 if ($row['thumbnail'])
897 {
898 phpbb_unlink($row['physical_filename'], 'thumbnail');
899 }
900
901 $delete_files[$row['attach_id']] = $row['real_filename'];
902 }
903 $db->sql_freeresult($result);
904 }
905
906 if (sizeof($delete_files))
907 {
908 $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '
909 WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));
910 $db->sql_query($sql);
911
912 add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));
913 $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files));
914 }
915
916 $upload_list = array();
917 foreach ($add_files as $attach_id)
918 {
919 if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id]))
920 {
921 $upload_list[$attach_id] = $post_ids[$attach_id];
922 }
923 }
924 unset($add_files);
925
926 if (sizeof($upload_list))
927 {
928 $template->assign_var('S_UPLOADING_FILES', true);
929
930 $sql = 'SELECT forum_id, forum_name
931 FROM ' . FORUMS_TABLE;
932 $result = $db->sql_query($sql);
933
934 $forum_names = array();
935 while ($row = $db->sql_fetchrow($result))
936 {
937 $forum_names[$row['forum_id']] = $row['forum_name'];
938 }
939 $db->sql_freeresult($result);
940
941 $sql = 'SELECT forum_id, topic_id, post_id, poster_id
942 FROM ' . POSTS_TABLE . '
943 WHERE ' . $db->sql_in_set('post_id', $upload_list);
944 $result = $db->sql_query($sql);
945
946 $post_info = array();
947 while ($row = $db->sql_fetchrow($result))
948 {
949 $post_info[$row['post_id']] = $row;
950 }
951 $db->sql_freeresult($result);
952
953 // Select those attachments we want to change...
954 $sql = 'SELECT *
955 FROM ' . ATTACHMENTS_TABLE . '
956 WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '
957 AND is_orphan = 1';
958 $result = $db->sql_query($sql);
959
960 $files_added = $space_taken = 0;
961 while ($row = $db->sql_fetchrow($result))
962 {
963 $post_row = $post_info[$upload_list[$row['attach_id']]];
964
965 $template->assign_block_vars('upload', array(
966 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
967 'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
968 'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
969 );
970
971 if (!$auth->acl_get('f_attach', $post_row['forum_id']))
972 {
973 continue;
974 }
975
976 // Adjust attachment entry
977 $sql_ary = array(
978 'in_message' => 0,
979 'is_orphan' => 0,
980 'poster_id' => $post_row['poster_id'],
981 'post_msg_id' => $post_row['post_id'],
982 'topic_id' => $post_row['topic_id'],
983 );
984
985 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
986 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
987 WHERE attach_id = ' . $row['attach_id'];
988 $db->sql_query($sql);
989
990 $sql = 'UPDATE ' . POSTS_TABLE . '
991 SET post_attachment = 1
992 WHERE post_id = ' . $post_row['post_id'];
993 $db->sql_query($sql);
994
995 $sql = 'UPDATE ' . TOPICS_TABLE . '
996 SET topic_attachment = 1
997 WHERE topic_id = ' . $post_row['topic_id'];
998 $db->sql_query($sql);
999
1000 $space_taken += $row['filesize'];
1001 $files_added++;
1002
1003 add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
1004 }
1005 $db->sql_freeresult($result);
1006
1007 if ($files_added)
1008 {
1009 set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);
1010 set_config('num_files', $config['num_files'] + $files_added, true);
1011 }
1012 }
1013 }
1014
1015 $template->assign_vars(array(
1016 'S_ORPHAN' => true)
1017 );
1018
1019 // Just get the files with is_orphan set and older than 3 hours
1020 $sql = 'SELECT *
1021 FROM ' . ATTACHMENTS_TABLE . '
1022 WHERE is_orphan = 1
1023 AND filetime < ' . (time() - 3*60*60) . '
1024 ORDER BY filetime DESC';
1025 $result = $db->sql_query($sql);
1026
1027 while ($row = $db->sql_fetchrow($result))
1028 {
1029 $template->assign_block_vars('orphan', array(
1030 'FILESIZE' => get_formatted_filesize($row['filesize']),
1031 'FILETIME' => $user->format_date($row['filetime']),
1032 'REAL_FILENAME' => basename($row['real_filename']),
1033 'PHYSICAL_FILENAME' => basename($row['physical_filename']),
1034 'ATTACH_ID' => $row['attach_id'],
1035 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
1036 'U_FILE' => append_sid('download/file', 'mode=view&amp;id=' . $row['attach_id']))
1037 );
1038 }
1039 $db->sql_freeresult($result);
1040
1041 break;
1042 }
1043
1044 if (sizeof($error))
1045 {
1046 $template->assign_vars(array(
1047 'S_WARNING' => true,
1048 'WARNING_MSG' => implode('<br />', $error))
1049 );
1050 }
1051
1052 if (sizeof($notify))
1053 {
1054 $template->assign_vars(array(
1055 'S_NOTIFY' => true,
1056 'NOTIFY_MSG' => implode('<br />', $notify))
1057 );
1058 }
1059 }
1060
1061 /**
1062 * Build Select for category items
1063 */
1064 function category_select($select_name, $group_id = false, $key = '')
1065 {
1066 global $db, $user;
1067
1068 $types = array(
1069 ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
1070 ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
1071 ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
1072 ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
1073 ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
1074 ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
1075 );
1076
1077 if ($group_id)
1078 {
1079 $sql = 'SELECT cat_id
1080 FROM ' . EXTENSION_GROUPS_TABLE . '
1081 WHERE group_id = ' . (int) $group_id;
1082 $result = $db->sql_query($sql);
1083
1084 $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id'];
1085
1086 $db->sql_freeresult($result);
1087 }
1088 else
1089 {
1090 $cat_type = ATTACHMENT_CATEGORY_NONE;
1091 }
1092
1093 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1094
1095 foreach ($types as $type => $mode)
1096 {
1097 $selected = ($type == $cat_type) ? ' selected="selected"' : '';
1098 $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>';
1099 }
1100
1101 $group_select .= '</select>';
1102
1103 return $group_select;
1104 }
1105
1106 /**
1107 * Extension group select
1108 */
1109 function group_select($select_name, $default_group = false, $key = '')
1110 {
1111 global $db, $user;
1112
1113 $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1114
1115 $sql = 'SELECT group_id, group_name
1116 FROM ' . EXTENSION_GROUPS_TABLE . '
1117 ORDER BY group_name';
1118 $result = $db->sql_query($sql);
1119
1120 $group_name = array();
1121 while ($row = $db->sql_fetchrow($result))
1122 {
1123 $group_name[] = $row;
1124 }
1125 $db->sql_freeresult($result);
1126
1127 $row['group_id'] = 0;
1128 $row['group_name'] = $user->lang['NOT_ASSIGNED'];
1129 $group_name[] = $row;
1130
1131 for ($i = 0; $i < sizeof($group_name); $i++)
1132 {
1133 if ($default_group === false)
1134 {
1135 $selected = ($i == 0) ? ' selected="selected"' : '';
1136 }
1137 else
1138 {
1139 $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : '';
1140 }
1141
1142 $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>';
1143 }
1144
1145 $group_select .= '</select>';
1146
1147 return $group_select;
1148 }
1149
1150 /**
1151 * Search Imagick
1152 */
1153 function search_imagemagick()
1154 {
1155 $imagick = '';
1156
1157 $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : '';
1158
1159 $magic_home = getenv('MAGICK_HOME');
1160
1161 if (empty($magic_home))
1162 {
1163 $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
1164 $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
1165
1166 $locations = array_merge($path_locations, $locations);
1167
1168 foreach ($locations as $location)
1169 {
1170 // The path might not end properly, fudge it
1171 if (substr($location, -1) !== '/')
1172 {
1173 $location .= '/';
1174 }
1175
1176 if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000)
1177 {
1178 $imagick = str_replace('\\', '/', $location);
1179 continue;
1180 }
1181 }
1182 }
1183 else
1184 {
1185 $imagick = str_replace('\\', '/', $magic_home);
1186 }
1187
1188 return $imagick;
1189 }
1190
1191 /**
1192 * Test Settings
1193 */
1194 function test_upload(&$error, $upload_dir, $create_directory = false)
1195 {
1196 global $user;
1197
1198 // Does the target directory exist, is it a directory and writable.
1199 if ($create_directory)
1200 {
1201 if (!file_exists(PHPBB_ROOT_PATH . $upload_dir))
1202 {
1203 @mkdir(PHPBB_ROOT_PATH . $upload_dir, 0777);
1204 phpbb_chmod(PHPBB_ROOT_PATH . $upload_dir, phpbb::CHMOD_READ | phpbb::CHMOD_WRITE);
1205 }
1206 }
1207
1208 if (!file_exists(PHPBB_ROOT_PATH . $upload_dir))
1209 {
1210 $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);
1211 return;
1212 }
1213
1214 if (!is_dir(PHPBB_ROOT_PATH . $upload_dir))
1215 {
1216 $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);
1217 return;
1218 }
1219
1220 if (!is_writable(PHPBB_ROOT_PATH . $upload_dir))
1221 {
1222 $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);
1223 return;
1224 }
1225 }
1226
1227 /**
1228 * Perform operations on sites for external linking
1229 */
1230 function perform_site_list()
1231 {
1232 global $db, $user;
1233
1234 if (phpbb_request::is_set('securesubmit'))
1235 {
1236 // Grab the list of entries
1237 $ips = request_var('ips', '');
1238 $ip_list = array_unique(explode("\n", $ips));
1239 $ip_list_log = implode(', ', $ip_list);
1240
1241 $ip_exclude = (int) phpbb_request::variable('ipexclude', false, false, phpbb_request::POST);
1242
1243 $iplist = array();
1244 $hostlist = array();
1245
1246 foreach ($ip_list as $item)
1247 {
1248 if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))
1249 {
1250 // Don't ask about all this, just don't ask ... !
1251 $ip_1_counter = $ip_range_explode[1];
1252 $ip_1_end = $ip_range_explode[5];
1253
1254 while ($ip_1_counter <= $ip_1_end)
1255 {
1256 $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
1257 $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
1258
1259 if ($ip_2_counter == 0 && $ip_2_end == 254)
1260 {
1261 $ip_2_counter = 256;
1262 $ip_2_fragment = 256;
1263
1264 $iplist[] = "'$ip_1_counter.*'";
1265 }
1266
1267 while ($ip_2_counter <= $ip_2_end)
1268 {
1269 $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
1270 $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
1271
1272 if ($ip_3_counter == 0 && $ip_3_end == 254)
1273 {
1274 $ip_3_counter = 256;
1275 $ip_3_fragment = 256;
1276
1277 $iplist[] = "'$ip_1_counter.$ip_2_counter.*'";
1278 }
1279
1280 while ($ip_3_counter <= $ip_3_end)
1281 {
1282 $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
1283 $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
1284
1285 if ($ip_4_counter == 0 && $ip_4_end == 254)
1286 {
1287 $ip_4_counter = 256;
1288 $ip_4_fragment = 256;
1289
1290 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
1291 }
1292
1293 while ($ip_4_counter <= $ip_4_end)
1294 {
1295 $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
1296 $ip_4_counter++;
1297 }
1298 $ip_3_counter++;
1299 }
1300 $ip_2_counter++;
1301 }
1302 $ip_1_counter++;
1303 }
1304 }
1305 else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))
1306 {
1307 $iplist[] = "'" . trim($item) . "'";
1308 }
1309 else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))
1310 {
1311 $hostlist[] = "'" . trim($item) . "'";
1312 }
1313 else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))
1314 {
1315 $hostlist[] = "'" . trim($item) . "'";
1316 }
1317 }
1318
1319 $sql = 'SELECT site_ip, site_hostname
1320 FROM ' . SITELIST_TABLE . "
1321 WHERE ip_exclude = $ip_exclude";
1322 $result = $db->sql_query($sql);
1323
1324 if ($row = $db->sql_fetchrow($result))
1325 {
1326 $iplist_tmp = array();
1327 $hostlist_tmp = array();
1328 do
1329 {
1330 if ($row['site_ip'])
1331 {
1332 if (strlen($row['site_ip']) > 40)
1333 {
1334 continue;
1335 }
1336
1337 $iplist_tmp[] = "'" . $row['site_ip'] . "'";
1338 }
1339 else if ($row['site_hostname'])
1340 {
1341 if (strlen($row['site_hostname']) > 255)
1342 {
1343 continue;
1344 }
1345
1346 $hostlist_tmp[] = "'" . $row['site_hostname'] . "'";
1347 }
1348 // break;
1349 }
1350 while ($row = $db->sql_fetchrow($result));
1351
1352 $iplist = array_unique(array_diff($iplist, $iplist_tmp));
1353 $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));
1354 unset($iplist_tmp);
1355 unset($hostlist_tmp);
1356 }
1357 $db->sql_freeresult($result);
1358
1359 if (sizeof($iplist))
1360 {
1361 foreach ($iplist as $ip_entry)
1362 {
1363 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)
1364 VALUES ($ip_entry, $ip_exclude)";
1365 $db->sql_query($sql);
1366 }
1367 }
1368
1369 if (sizeof($hostlist))
1370 {
1371 foreach ($hostlist as $host_entry)
1372 {
1373 $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude)
1374 VALUES ($host_entry, $ip_exclude)";
1375 $db->sql_query($sql);
1376 }
1377 }
1378
1379 if (!empty($ip_list_log))
1380 {
1381 // Update log
1382 $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';
1383 add_log('admin', $log_entry, $ip_list_log);
1384 }
1385
1386 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1387 }
1388 else if (phpbb_request::is_set_post('unsecuresubmit'))
1389 {
1390 $unip_sql = request_var('unip', array(0));
1391
1392 if (sizeof($unip_sql))
1393 {
1394 $l_unip_list = '';
1395
1396 // Grab details of ips for logging information later
1397 $sql = 'SELECT site_ip, site_hostname
1398 FROM ' . SITELIST_TABLE . '
1399 WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1400 $result = $db->sql_query($sql);
1401
1402 while ($row = $db->sql_fetchrow($result))
1403 {
1404 $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);
1405 }
1406 $db->sql_freeresult($result);
1407
1408 $sql = 'DELETE FROM ' . SITELIST_TABLE . '
1409 WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1410 $db->sql_query($sql);
1411
1412 add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);
1413 }
1414
1415 trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1416 }
1417 }
1418
1419 /**
1420 * Write display_order config field
1421 */
1422 function display_order($value, $key = '')
1423 {
1424 $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING');
1425
1426 return h_radio('config[display_order]', $radio_ary, $value, $key);
1427 }
1428
1429 /**
1430 * Adjust all three max_filesize config vars for display
1431 */
1432 function max_filesize($value, $key = '')
1433 {
1434 // Determine size var and adjust the value accordingly
1435 $size_var = ($value >= 1048576) ? 'mb' : (($value >= 1024) ? 'kb' : 'b');
1436 $value = get_formatted_filesize($value, false);
1437
1438 return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';
1439 }
1440
1441 /**
1442 * Write secure_allow_deny config field
1443 */
1444 function select_allow_deny($value, $key = '')
1445 {
1446 $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW');
1447
1448 return h_radio('config[' . $key . ']', $radio_ary, $value, $key);
1449 }
1450
1451 }
1452
1453 ?>
phpbb is a php-based BBS (buletin board system)