5
* @version $Id: acp_attachments.php,v 1.55 2007/10/05 14:36:32 acydburn Exp $
6
* @copyright (c) 2005 phpBB Group
7
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
14
if (!defined('IN_PHPBB'))
27
function main($id, $mode)
29
global $db, $user, $auth, $template, $cache;
30
global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;
32
$user->add_lang(array('posting', 'viewtopic', 'acp/attachments'));
34
$error = $notify = array();
35
$submit = (isset($_POST['submit'])) ? true : false;
36
$action = request_var('action', '');
38
$form_key = 'acp_attach';
39
add_form_key($form_key);
41
if ($submit && !check_form_key($form_key))
43
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
49
$l_title = 'ACP_ATTACHMENT_SETTINGS';
53
$l_title = 'ACP_MANAGE_EXTENSIONS';
57
$l_title = 'ACP_EXTENSION_GROUPS';
61
$l_title = 'ACP_ORPHAN_ATTACHMENTS';
65
trigger_error('NO_MODE', E_USER_ERROR);
69
$this->tpl_name = 'acp_attachments';
70
$this->page_title = $l_title;
72
$template->assign_vars(array(
73
'L_TITLE' => $user->lang[$l_title],
74
'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'],
75
'U_ACTION' => $this->u_action)
82
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
84
$sql = 'SELECT group_name, cat_id
85
FROM ' . EXTENSION_GROUPS_TABLE . '
88
$result = $db->sql_query($sql);
90
$s_assigned_groups = array();
91
while ($row = $db->sql_fetchrow($result))
93
$s_assigned_groups[$row['cat_id']][] = $row['group_name'];
95
$db->sql_freeresult($result);
97
$l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode(', ', $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']';
99
$display_vars = array(
100
'title' => 'ACP_ATTACHMENT_SETTINGS',
102
'img_max_width' => false, 'img_max_height' => false, 'img_link_width' => false, 'img_link_height' => false,
104
'legend1' => 'ACP_ATTACHMENT_SETTINGS',
105
'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
106
'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
107
'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true),
108
'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true),
109
'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
110
'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
111
'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
112
'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
113
'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
114
'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
115
'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
116
'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
118
'legend2' => $l_legend_cat_images,
119
'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
120
'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
121
'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' px'),
122
'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int', 'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
123
'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
124
'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' px'),
125
'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' px'),
129
$this->new_config = $config;
130
$cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config;
133
// We validate the complete config if whished
134
validate_config_vars($display_vars['vars'], $cfg_array, $error);
136
// Do not write values if there is an error
142
// We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
143
foreach ($display_vars['vars'] as $config_name => $null)
145
if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
150
$this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
152
if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
154
$size_var = request_var($config_name, '');
155
$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
160
set_config($config_name, $config_value);
164
$this->perform_site_list();
168
add_log('admin', 'LOG_CONFIG_ATTACH');
171
$this->test_upload($error, $this->new_config['upload_path'], false);
175
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
179
$template->assign_var('S_ATTACHMENT_SETTINGS', true);
181
if ($action == 'imgmagick')
183
$this->new_config['img_imagick'] = $this->search_imagemagick();
186
// We strip eventually manual added convert program, we only want the patch
187
$this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
189
$supported_types = get_supported_image_types();
191
// Check Thumbnail Support
192
if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format'])))
194
$this->new_config['img_create_thumbnail'] = 0;
197
$template->assign_vars(array(
198
'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick',
199
'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true)
202
// Secure Download Options - Same procedure as with banning
203
$allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
206
FROM ' . SITELIST_TABLE;
207
$result = $db->sql_query($sql);
212
while ($row = $db->sql_fetchrow($result))
214
$value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];
217
$defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';
218
$ips[$row['site_id']] = $value;
221
$db->sql_freeresult($result);
223
$template->assign_vars(array(
224
'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'],
225
'S_DEFINED_IPS' => ($defined_ips != '') ? true : false,
226
'S_WARNING' => (sizeof($error)) ? true : false,
228
'WARNING_MSG' => implode('<br />', $error),
229
'DEFINED_IPS' => $defined_ips,
231
'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'],
232
'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'],
233
'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS'])
236
// Output relevant options
237
foreach ($display_vars['vars'] as $config_key => $vars)
239
if (!is_array($vars) && strpos($config_key, 'legend') === false)
244
if (strpos($config_key, 'legend') !== false)
246
$template->assign_block_vars('options', array(
248
'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars)
254
$type = explode(':', $vars['type']);
257
if ($vars['explain'] && isset($vars['lang_explain']))
259
$l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain'];
261
else if ($vars['explain'])
263
$l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
266
$template->assign_block_vars('options', array(
267
'KEY' => $config_key,
268
'TITLE' => $user->lang[$vars['lang']],
269
'S_EXPLAIN' => $vars['explain'],
270
'TITLE_EXPLAIN' => $l_explain,
271
'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars),
275
unset($display_vars['vars'][$config_key]);
282
if ($submit || isset($_POST['add_extension_check']))
286
// Change Extensions ?
287
$extension_change_list = request_var('extension_change_list', array(0));
288
$group_select_list = request_var('group_select', array(0));
290
// Generate correct Change List
291
$extensions = array();
293
for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++)
295
$extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i];
299
FROM ' . EXTENSIONS_TABLE . '
300
ORDER BY extension_id';
301
$result = $db->sql_query($sql);
303
while ($row = $db->sql_fetchrow($result))
305
if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])
307
$sql = 'UPDATE ' . EXTENSIONS_TABLE . '
308
SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '
309
WHERE extension_id = ' . $row['extension_id'];
310
$db->sql_query($sql);
312
add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']);
315
$db->sql_freeresult($result);
318
$extension_id_list = request_var('extension_id_list', array(0));
320
if (sizeof($extension_id_list))
322
$sql = 'SELECT extension
323
FROM ' . EXTENSIONS_TABLE . '
324
WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
325
$result = $db->sql_query($sql);
327
$extension_list = '';
328
while ($row = $db->sql_fetchrow($result))
330
$extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension'];
332
$db->sql_freeresult($result);
335
FROM ' . EXTENSIONS_TABLE . '
336
WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
337
$db->sql_query($sql);
339
add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list);
344
$add_extension = strtolower(request_var('add_extension', ''));
345
$add_extension_group = request_var('add_group_select', 0);
346
$add = (isset($_POST['add_extension_check'])) ? true : false;
348
if ($add_extension && $add)
352
$sql = 'SELECT extension_id
353
FROM ' . EXTENSIONS_TABLE . "
354
WHERE extension = '" . $db->sql_escape($add_extension) . "'";
355
$result = $db->sql_query($sql);
357
if ($row = $db->sql_fetchrow($result))
359
$error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);
361
$db->sql_freeresult($result);
366
'group_id' => $add_extension_group,
367
'extension' => $add_extension
370
$db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
371
add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension);
378
$notify[] = $user->lang['EXTENSIONS_UPDATED'];
381
$cache->destroy('_extensions');
384
$template->assign_vars(array(
385
'S_EXTENSIONS' => true,
386
'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '',
387
'GROUP_SELECT_OPTIONS' => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))
391
FROM ' . EXTENSIONS_TABLE . '
392
ORDER BY group_id, extension';
393
$result = $db->sql_query($sql);
395
if ($row = $db->sql_fetchrow($result))
397
$old_group_id = $row['group_id'];
402
$current_group_id = $row['group_id'];
403
if ($old_group_id != $current_group_id)
406
$old_group_id = $current_group_id;
409
$template->assign_block_vars('extensions', array(
410
'S_SPACER' => $s_spacer,
411
'EXTENSION_ID' => $row['extension_id'],
412
'EXTENSION' => $row['extension'],
413
'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id']))
416
while ($row = $db->sql_fetchrow($result));
418
$db->sql_freeresult($result);
424
$template->assign_var('S_EXTENSION_GROUPS', true);
428
$action = request_var('action', '');
429
$group_id = request_var('g', 0);
431
if ($action != 'add' && $action != 'edit')
433
trigger_error('NO_MODE', E_USER_ERROR);
436
if (!$group_id && $action == 'edit')
438
trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
444
FROM ' . EXTENSION_GROUPS_TABLE . "
445
WHERE group_id = $group_id";
446
$result = $db->sql_query($sql);
447
$ext_row = $db->sql_fetchrow($result);
448
$db->sql_freeresult($result);
452
trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
460
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
461
$new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
465
$error[] = $user->lang['NO_EXT_GROUP_NAME'];
468
// Check New Group Name
471
$sql = 'SELECT group_id
472
FROM ' . EXTENSION_GROUPS_TABLE . "
473
WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
474
$result = $db->sql_query($sql);
476
if ($db->sql_fetchrow($result))
478
$error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name);
480
$db->sql_freeresult($result);
485
// Ok, build the update/insert array
486
$upload_icon = request_var('upload_icon', 'no_image');
487
$size_select = request_var('size_select', 'b');
488
$forum_select = request_var('forum_select', false);
489
$allowed_forums = request_var('allowed_forums', array(0));
490
$allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false;
491
$max_filesize = request_var('max_filesize', 0);
492
$max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
493
$allow_group = (isset($_POST['allow_group'])) ? true : false;
495
if ($max_filesize == $config['max_filesize'])
500
if (!sizeof($allowed_forums))
502
$forum_select = false;
506
'group_name' => $group_name,
507
'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE),
508
'allow_group' => ($allow_group) ? 1 : 0,
509
'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon,
510
'max_filesize' => $max_filesize,
511
'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '',
512
'allow_in_pm' => ($allow_in_pm) ? 1 : 0,
515
if ($action == 'add')
517
$group_ary['download_mode'] = INLINE_LINK;
520
$sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';
521
$sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);
522
$sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';
524
$db->sql_query($sql);
526
if ($action == 'add')
528
$group_id = $db->sql_nextid();
531
add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);
534
$extension_list = request_var('extensions', array(0));
536
if ($action == 'edit' && sizeof($extension_list))
538
$sql = 'UPDATE ' . EXTENSIONS_TABLE . "
540
WHERE group_id = $group_id";
541
$db->sql_query($sql);
544
if (sizeof($extension_list))
546
$sql = 'UPDATE ' . EXTENSIONS_TABLE . "
547
SET group_id = $group_id
548
WHERE " . $db->sql_in_set('extension_id', $extension_list);
549
$db->sql_query($sql);
552
$cache->destroy('_extensions');
556
$notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)];
561
ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
562
ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
563
ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
564
ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
565
ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
566
ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
569
$group_id = request_var('g', 0);
570
$action = (isset($_POST['add'])) ? 'add' : $action;
576
if (confirm_box(true))
578
$sql = 'SELECT group_name
579
FROM ' . EXTENSION_GROUPS_TABLE . "
580
WHERE group_id = $group_id";
581
$result = $db->sql_query($sql);
582
$group_name = (string) $db->sql_fetchfield('group_name');
583
$db->sql_freeresult($result);
586
FROM ' . EXTENSION_GROUPS_TABLE . "
587
WHERE group_id = $group_id";
588
$db->sql_query($sql);
590
// Set corresponding Extensions to a pending Group
591
$sql = 'UPDATE ' . EXTENSIONS_TABLE . "
593
WHERE group_id = $group_id";
594
$db->sql_query($sql);
596
add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);
598
$cache->destroy('_extensions');
600
trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action));
604
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
607
'group_id' => $group_id,
608
'action' => 'delete',
618
trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
622
FROM ' . EXTENSION_GROUPS_TABLE . "
623
WHERE group_id = $group_id";
624
$result = $db->sql_query($sql);
625
$ext_group_row = $db->sql_fetchrow($result);
626
$db->sql_freeresult($result);
628
$forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums']));
634
if ($action == 'add')
636
$ext_group_row = array(
637
'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)),
645
$forum_ids = array();
648
$extensions = array();
651
FROM ' . EXTENSIONS_TABLE . "
652
WHERE group_id = $group_id
655
$result = $db->sql_query($sql);
656
$extensions = $db->sql_fetchrowset($result);
657
$db->sql_freeresult($result);
659
if ($ext_group_row['max_filesize'] == 0)
661
$ext_group_row['max_filesize'] = (int) $config['max_filesize'];
664
$size_format = ($ext_group_row['max_filesize'] >= 1048576) ? 'mb' : (($ext_group_row['max_filesize'] >= 1024) ? 'kb' : 'b');
666
$ext_group_row['max_filesize'] = ($ext_group_row['max_filesize'] >= 1048576) ? round($ext_group_row['max_filesize'] / 1048576 * 100) / 100 : (($ext_group_row['max_filesize'] >= 1024) ? round($ext_group_row['max_filesize'] / 1024 * 100) / 100 : $ext_group_row['max_filesize']);
668
$img_path = $config['upload_icons_path'];
671
$no_image_select = false;
673
$imglist = filelist($phpbb_root_path . $img_path);
675
if (sizeof($imglist))
677
$imglist = array_values($imglist);
678
$imglist = $imglist[0];
680
foreach ($imglist as $key => $img)
682
if (!$ext_group_row['upload_icon'])
684
$no_image_select = true;
689
$selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : '';
692
if (strlen($img) > 255)
697
$filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>';
702
$assigned_extensions = '';
703
foreach ($extensions as $num => $row)
705
if ($row['group_id'] == $group_id && $group_id)
707
$assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension'];
712
$s_extension_options = '';
713
foreach ($extensions as $row)
715
$s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>';
718
$template->assign_vars(array(
719
'PHPBB_ROOT_PATH' => $phpbb_root_path,
720
'IMG_PATH' => $img_path,
722
'GROUP_ID' => $group_id,
723
'GROUP_NAME' => $ext_group_row['group_name'],
724
'ALLOW_GROUP' => $ext_group_row['allow_group'],
725
'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'],
726
'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'],
727
'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'],
728
'ASSIGNED_EXTENSIONS' => $assigned_extensions,
730
'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'),
731
'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format),
732
'S_EXTENSION_OPTIONS' => $s_extension_options,
733
'S_FILENAME_LIST' => $filename_list,
734
'S_EDIT_GROUP' => true,
735
'S_NO_IMAGE' => $no_image_select,
736
'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false,
738
'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"),
739
'U_BACK' => $this->u_action,
741
'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'])
744
$s_forum_id_options = '';
746
$sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id
747
FROM ' . FORUMS_TABLE . '
748
ORDER BY left_id ASC';
749
$result = $db->sql_query($sql, 600);
751
$right = $cat_right = $padding_inc = 0;
752
$padding = $forum_list = $holding = '';
753
$padding_store = array('0' => '');
755
while ($row = $db->sql_fetchrow($result))
757
if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))
759
// Non-postable forum with no subforums, don't display
763
if (!$auth->acl_get('f_list', $row['forum_id']))
765
// if the user does not have permissions to list this forum skip
769
if ($row['left_id'] < $right)
771
$padding .= ' ';
772
$padding_store[$row['parent_id']] = $padding;
774
else if ($row['left_id'] > $right + 1)
776
$padding = $padding_store[$row['parent_id']];
779
$right = $row['right_id'];
781
$selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : '';
783
if ($row['left_id'] > $cat_right)
785
// make sure we don't forget anything
786
$s_forum_id_options .= $holding;
790
if ($row['right_id'] - $row['left_id'] > 1)
792
$cat_right = max($cat_right, $row['right_id']);
794
$holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
798
$s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
805
$s_forum_id_options .= $holding;
808
$db->sql_freeresult($result);
809
unset($padding_store);
811
$template->assign_vars(array(
812
'S_FORUM_ID_OPTIONS' => $s_forum_id_options)
819
FROM ' . EXTENSION_GROUPS_TABLE . '
820
ORDER BY allow_group DESC, allow_in_pm DESC, group_name';
821
$result = $db->sql_query($sql);
823
$old_allow_group = $old_allow_pm = 1;
824
while ($row = $db->sql_fetchrow($result))
826
$s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false;
828
$template->assign_block_vars('groups', array(
829
'S_ADD_SPACER' => $s_add_spacer,
830
'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false,
831
'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false,
833
'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}",
834
'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}",
836
'GROUP_NAME' => $row['group_name'],
837
'CATEGORY' => $cat_lang[$row['cat_id']],
841
$old_allow_group = $row['allow_group'];
842
$old_allow_pm = $row['allow_in_pm'];
844
$db->sql_freeresult($result);
852
$delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array();
853
$add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array();
854
$post_ids = request_var('post_id', array('' => 0));
856
if (sizeof($delete_files))
859
FROM ' . ATTACHMENTS_TABLE . '
860
WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
862
$result = $db->sql_query($sql);
864
$delete_files = array();
865
while ($row = $db->sql_fetchrow($result))
867
phpbb_unlink($row['physical_filename'], 'file');
869
if ($row['thumbnail'])
871
phpbb_unlink($row['physical_filename'], 'thumbnail');
874
$delete_files[$row['attach_id']] = $row['real_filename'];
876
$db->sql_freeresult($result);
879
if (sizeof($delete_files))
881
$sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '
882
WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));
883
$db->sql_query($sql);
885
add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));
886
$notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files));
889
$upload_list = array();
890
foreach ($add_files as $attach_id)
892
if (!in_array($attach_id, array_keys($delete_files)) && !empty($post_ids[$attach_id]))
894
$upload_list[$attach_id] = $post_ids[$attach_id];
899
if (sizeof($upload_list))
901
$template->assign_var('S_UPLOADING_FILES', true);
903
$sql = 'SELECT forum_id, forum_name
904
FROM ' . FORUMS_TABLE;
905
$result = $db->sql_query($sql);
907
$forum_names = array();
908
while ($row = $db->sql_fetchrow($result))
910
$forum_names[$row['forum_id']] = $row['forum_name'];
912
$db->sql_freeresult($result);
914
$sql = 'SELECT forum_id, topic_id, post_id, poster_id
915
FROM ' . POSTS_TABLE . '
916
WHERE ' . $db->sql_in_set('post_id', $upload_list);
917
$result = $db->sql_query($sql);
919
$post_info = array();
920
while ($row = $db->sql_fetchrow($result))
922
$post_info[$row['post_id']] = $row;
924
$db->sql_freeresult($result);
926
// Select those attachments we want to change...
928
FROM ' . ATTACHMENTS_TABLE . '
929
WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '
931
$result = $db->sql_query($sql);
933
while ($row = $db->sql_fetchrow($result))
935
$post_row = $post_info[$upload_list[$row['attach_id']]];
937
$template->assign_block_vars('upload', array(
938
'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
939
'S_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
940
'L_DENIED' => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
943
if (!$auth->acl_get('f_attach', $post_row['forum_id']))
948
// Adjust attachment entry
952
'poster_id' => $post_row['poster_id'],
953
'post_msg_id' => $post_row['post_id'],
954
'topic_id' => $post_row['topic_id'],
957
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
958
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
959
WHERE attach_id = ' . $row['attach_id'];
960
$db->sql_query($sql);
962
$sql = 'UPDATE ' . POSTS_TABLE . '
963
SET post_attachment = 1
964
WHERE post_id = ' . $post_row['post_id'];
965
$db->sql_query($sql);
967
$sql = 'UPDATE ' . TOPICS_TABLE . '
968
SET topic_attachment = 1
969
WHERE topic_id = ' . $post_row['topic_id'];
970
$db->sql_query($sql);
972
add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
974
$db->sql_freeresult($result);
978
$template->assign_vars(array(
982
// Just get the files with is_orphan set and older than 3 hours
984
FROM ' . ATTACHMENTS_TABLE . '
986
AND filetime < ' . (time() - 3*60*60) . '
987
ORDER BY filetime DESC';
988
$result = $db->sql_query($sql);
990
while ($row = $db->sql_fetchrow($result))
992
$size_lang = ($row['filesize'] >= 1048576) ? $user->lang['MB'] : (($row['filesize'] >= 1024) ? $user->lang['KB'] : $user->lang['BYTES']);
993
$row['filesize'] = ($row['filesize'] >= 1048576) ? round((round($row['filesize'] / 1048576 * 100) / 100), 2) : (($row['filesize'] >= 1024) ? round((round($row['filesize'] / 1024 * 100) / 100), 2) : $row['filesize']);
995
$template->assign_block_vars('orphan', array(
996
'FILESIZE' => $row['filesize'] . ' ' . $size_lang,
997
'FILETIME' => $user->format_date($row['filetime']),
998
'REAL_FILENAME' => basename($row['real_filename']),
999
'PHYSICAL_FILENAME' => basename($row['physical_filename']),
1000
'ATTACH_ID' => $row['attach_id'],
1001
'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
1002
'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id']))
1005
$db->sql_freeresult($result);
1012
$template->assign_vars(array(
1013
'S_WARNING' => true,
1014
'WARNING_MSG' => implode('<br />', $error))
1018
if (sizeof($notify))
1020
$template->assign_vars(array(
1022
'NOTIFY_MSG' => implode('<br />', $notify))
1028
* Build Select for category items
1030
function category_select($select_name, $group_id = false, $key = '')
1035
ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
1036
ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
1037
ATTACHMENT_CATEGORY_WM => $user->lang['CAT_WM_FILES'],
1038
ATTACHMENT_CATEGORY_RM => $user->lang['CAT_RM_FILES'],
1039
ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
1040
ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
1045
$sql = 'SELECT cat_id
1046
FROM ' . EXTENSION_GROUPS_TABLE . '
1047
WHERE group_id = ' . (int) $group_id;
1048
$result = $db->sql_query($sql);
1050
$cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id'];
1052
$db->sql_freeresult($result);
1056
$cat_type = ATTACHMENT_CATEGORY_NONE;
1059
$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1061
foreach ($types as $type => $mode)
1063
$selected = ($type == $cat_type) ? ' selected="selected"' : '';
1064
$group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>';
1067
$group_select .= '</select>';
1069
return $group_select;
1073
* Extension group select
1075
function group_select($select_name, $default_group = false, $key = '')
1079
$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1081
$sql = 'SELECT group_id, group_name
1082
FROM ' . EXTENSION_GROUPS_TABLE . '
1083
ORDER BY group_name';
1084
$result = $db->sql_query($sql);
1086
$group_name = array();
1087
while ($row = $db->sql_fetchrow($result))
1089
$group_name[] = $row;
1091
$db->sql_freeresult($result);
1093
$row['group_id'] = 0;
1094
$row['group_name'] = $user->lang['NOT_ASSIGNED'];
1095
$group_name[] = $row;
1097
for ($i = 0; $i < sizeof($group_name); $i++)
1099
if ($default_group === false)
1101
$selected = ($i == 0) ? ' selected="selected"' : '';
1105
$selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : '';
1108
$group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>';
1111
$group_select .= '</select>';
1113
return $group_select;
1119
function search_imagemagick()
1123
$exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : '';
1125
$magic_home = getenv('MAGICK_HOME');
1127
if (empty($magic_home))
1129
$locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
1130
$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
1132
$locations = array_merge($path_locations, $locations);
1134
foreach ($locations as $location)
1136
// The path might not end properly, fudge it
1137
if (substr($location, -1, 1) !== '/')
1142
if (@is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000)
1144
$imagick = str_replace('\\', '/', $location);
1151
$imagick = str_replace('\\', '/', $magic_home);
1160
function test_upload(&$error, $upload_dir, $create_directory = false)
1162
global $user, $phpbb_root_path;
1164
// Does the target directory exist, is it a directory and writable.
1165
if ($create_directory)
1167
if (!file_exists($phpbb_root_path . $upload_dir))
1169
@mkdir($phpbb_root_path . $upload_dir, 0777);
1170
@chmod($phpbb_root_path . $upload_dir, 0777);
1174
if (!file_exists($phpbb_root_path . $upload_dir))
1176
$error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);
1180
if (!is_dir($phpbb_root_path . $upload_dir))
1182
$error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);
1186
if (!is_writable($phpbb_root_path . $upload_dir))
1188
$error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);
1194
* Perform operations on sites for external linking
1196
function perform_site_list()
1200
if (isset($_REQUEST['securesubmit']))
1202
// Grab the list of entries
1203
$ips = request_var('ips', '');
1204
$ip_list = array_unique(explode("\n", $ips));
1205
$ip_list_log = implode(', ', $ip_list);
1207
$ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0;
1210
$hostlist = array();
1212
foreach ($ip_list as $item)
1214
if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))
1216
// Don't ask about all this, just don't ask ... !
1217
$ip_1_counter = $ip_range_explode[1];
1218
$ip_1_end = $ip_range_explode[5];
1220
while ($ip_1_counter <= $ip_1_end)
1222
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
1223
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
1225
if ($ip_2_counter == 0 && $ip_2_end == 254)
1227
$ip_2_counter = 256;
1228
$ip_2_fragment = 256;
1230
$iplist[] = "'$ip_1_counter.*'";
1233
while ($ip_2_counter <= $ip_2_end)
1235
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
1236
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
1238
if ($ip_3_counter == 0 && $ip_3_end == 254)
1240
$ip_3_counter = 256;
1241
$ip_3_fragment = 256;
1243
$iplist[] = "'$ip_1_counter.$ip_2_counter.*'";
1246
while ($ip_3_counter <= $ip_3_end)
1248
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
1249
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
1251
if ($ip_4_counter == 0 && $ip_4_end == 254)
1253
$ip_4_counter = 256;
1254
$ip_4_fragment = 256;
1256
$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
1259
while ($ip_4_counter <= $ip_4_end)
1261
$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
1271
else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))
1273
$iplist[] = "'" . trim($item) . "'";
1275
else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))
1277
$hostlist[] = "'" . trim($item) . "'";
1279
else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))
1281
$hostlist[] = "'" . trim($item) . "'";
1285
$sql = 'SELECT site_ip, site_hostname
1286
FROM ' . SITELIST_TABLE . "
1287
WHERE ip_exclude = $ip_exclude";
1288
$result = $db->sql_query($sql);
1290
if ($row = $db->sql_fetchrow($result))
1292
$iplist_tmp = array();
1293
$hostlist_tmp = array();
1296
if ($row['site_ip'])
1298
if (strlen($row['site_ip']) > 40)
1303
$iplist_tmp[] = "'" . $row['site_ip'] . "'";
1305
else if ($row['site_hostname'])
1307
if (strlen($row['site_hostname']) > 255)
1312
$hostlist_tmp[] = "'" . $row['site_hostname'] . "'";
1316
while ($row = $db->sql_fetchrow($result));
1318
$iplist = array_unique(array_diff($iplist, $iplist_tmp));
1319
$hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));
1321
unset($hostlist_tmp);
1323
$db->sql_freeresult($result);
1325
if (sizeof($iplist))
1327
foreach ($iplist as $ip_entry)
1329
$sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)
1330
VALUES ($ip_entry, $ip_exclude)";
1331
$db->sql_query($sql);
1335
if (sizeof($hostlist))
1337
foreach ($hostlist as $host_entry)
1339
$sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude)
1340
VALUES ($host_entry, $ip_exclude)";
1341
$db->sql_query($sql);
1345
if (!empty($ip_list_log))
1348
$log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';
1349
add_log('admin', $log_entry, $ip_list_log);
1352
trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1354
else if (isset($_POST['unsecuresubmit']))
1356
$unip_sql = request_var('unip', array(0));
1358
if (sizeof($unip_sql))
1362
// Grab details of ips for logging information later
1363
$sql = 'SELECT site_ip, site_hostname
1364
FROM ' . SITELIST_TABLE . '
1365
WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1366
$result = $db->sql_query($sql);
1368
while ($row = $db->sql_fetchrow($result))
1370
$l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);
1372
$db->sql_freeresult($result);
1374
$sql = 'DELETE FROM ' . SITELIST_TABLE . '
1375
WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1376
$db->sql_query($sql);
1378
add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);
1381
trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1386
* Write display_order config field
1388
function display_order($value, $key = '')
1390
$radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING');
1392
return h_radio('config[display_order]', $radio_ary, $value, $key);
1396
* Adjust all three max_filesize config vars for display
1398
function max_filesize($value, $key = '')
1400
// Determine size var and adjust the value accordingly
1401
$size_var = ($value >= 1048576) ? 'mb' : (($value >= 1024) ? 'kb' : 'b');
1402
$value = ($value >= 1048576) ? round($value / 1048576 * 100) / 100 : (($value >= 1024) ? round($value / 1024 * 100) / 100 : $value);
1404
return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';
1408
* Write secure_allow_deny config field
1410
function select_allow_deny($value, $key = '')
1412
$radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW');
1414
return h_radio('config[' . $key . ']', $radio_ary, $value, $key);
b'\\ No newline at end of file'
added
removed
www/php/phpBB3/includes/acp/acp_attachments.php
