Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 963 |
|
0.00% |
0 / 9 |
CRAP | |
0.00% |
0 / 1 |
acp_attachments | |
0.00% |
0 / 961 |
|
0.00% |
0 / 9 |
67340 | |
0.00% |
0 / 1 |
main | |
0.00% |
0 / 759 |
|
0.00% |
0 / 1 |
38612 | |||
get_attachment_stats | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
2 | |||
set_attachment_stats | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
check_stats_accuracy | |
0.00% |
0 / 13 |
|
0.00% |
0 / 1 |
12 | |||
handle_stats_resync | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
6 | |||
category_select | |
0.00% |
0 / 27 |
|
0.00% |
0 / 1 |
20 | |||
group_select | |
0.00% |
0 / 28 |
|
0.00% |
0 / 1 |
30 | |||
perform_site_list | |
0.00% |
0 / 93 |
|
0.00% |
0 / 1 |
2070 | |||
max_filesize | |
0.00% |
0 / 20 |
|
0.00% |
0 / 1 |
2 |
1 | <?php |
2 | /** |
3 | * |
4 | * This file is part of the phpBB Forum Software package. |
5 | * |
6 | * @copyright (c) phpBB Limited <https://www.phpbb.com> |
7 | * @license GNU General Public License, version 2 (GPL-2.0) |
8 | * |
9 | * For full copyright and license information, please see |
10 | * the docs/CREDITS.txt file. |
11 | * |
12 | */ |
13 | |
14 | /** |
15 | * @ignore |
16 | */ |
17 | |
18 | use phpbb\attachment\attachment_category; |
19 | use phpbb\attachment\manager; |
20 | use phpbb\config\config; |
21 | use phpbb\controller\helper; |
22 | use phpbb\db\driver\driver_interface; |
23 | use phpbb\filesystem\filesystem_interface; |
24 | use phpbb\language\language; |
25 | use phpbb\template\template; |
26 | use phpbb\user; |
27 | |
28 | if (!defined('IN_PHPBB')) |
29 | { |
30 | exit; |
31 | } |
32 | |
33 | class acp_attachments |
34 | { |
35 | /** @var driver_interface */ |
36 | protected $db; |
37 | |
38 | /** @var config */ |
39 | protected $config; |
40 | |
41 | /** @var language */ |
42 | protected $language; |
43 | |
44 | /** @var ContainerBuilder */ |
45 | protected $phpbb_container; |
46 | |
47 | /** @var template */ |
48 | protected $template; |
49 | |
50 | /** @var user */ |
51 | protected $user; |
52 | |
53 | /** @var filesystem_interface */ |
54 | protected $filesystem; |
55 | |
56 | /** @var manager */ |
57 | protected $attachment_manager; |
58 | |
59 | /** @var helper */ |
60 | protected $controller_helper; |
61 | |
62 | public $id; |
63 | public $u_action; |
64 | protected $new_config; |
65 | |
66 | function main($id, $mode) |
67 | { |
68 | global $db, $user, $auth, $template, $cache, $phpbb_container, $phpbb_filesystem, $phpbb_dispatcher; |
69 | global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx, $phpbb_log, $request; |
70 | |
71 | $this->id = $id; |
72 | $this->db = $db; |
73 | $this->config = $config; |
74 | $this->language = $phpbb_container->get('language'); |
75 | $this->template = $template; |
76 | $this->user = $user; |
77 | $this->phpbb_container = $phpbb_container; |
78 | $this->filesystem = $phpbb_filesystem; |
79 | $this->attachment_manager = $phpbb_container->get('attachment.manager'); |
80 | $this->controller_helper = $phpbb_container->get('controller.helper'); |
81 | |
82 | $user->add_lang(array('posting', 'viewtopic', 'acp/attachments')); |
83 | |
84 | $error = $notify = array(); |
85 | $submit = (isset($_POST['submit'])) ? true : false; |
86 | $action = $request->variable('action', ''); |
87 | |
88 | $form_key = 'acp_attach'; |
89 | add_form_key($form_key); |
90 | |
91 | if ($submit && !check_form_key($form_key)) |
92 | { |
93 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); |
94 | } |
95 | |
96 | switch ($mode) |
97 | { |
98 | case 'attach': |
99 | $l_title = 'ACP_ATTACHMENT_SETTINGS'; |
100 | break; |
101 | |
102 | case 'extensions': |
103 | $l_title = 'ACP_MANAGE_EXTENSIONS'; |
104 | break; |
105 | |
106 | case 'ext_groups': |
107 | $l_title = 'ACP_EXTENSION_GROUPS'; |
108 | break; |
109 | |
110 | case 'orphan': |
111 | $l_title = 'ACP_ORPHAN_ATTACHMENTS'; |
112 | break; |
113 | |
114 | case 'manage': |
115 | $l_title = 'ACP_MANAGE_ATTACHMENTS'; |
116 | break; |
117 | |
118 | default: |
119 | trigger_error('NO_MODE', E_USER_ERROR); |
120 | break; |
121 | } |
122 | |
123 | $this->tpl_name = 'acp_attachments'; |
124 | $this->page_title = $l_title; |
125 | |
126 | $template->assign_vars(array( |
127 | 'L_TITLE' => $user->lang[$l_title], |
128 | 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'], |
129 | 'U_ACTION' => $this->u_action) |
130 | ); |
131 | |
132 | switch ($mode) |
133 | { |
134 | case 'attach': |
135 | |
136 | if (!function_exists('get_supported_image_types')) |
137 | { |
138 | include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); |
139 | } |
140 | |
141 | $allowed_pm_groups = []; |
142 | $allowed_post_groups = []; |
143 | $s_assigned_groups = []; |
144 | |
145 | $sql = 'SELECT group_id, group_name, cat_id, allow_group, allow_in_pm |
146 | FROM ' . EXTENSION_GROUPS_TABLE . ' |
147 | WHERE cat_id > 0 |
148 | ORDER BY cat_id'; |
149 | $result = $db->sql_query($sql); |
150 | while ($row = $db->sql_fetchrow($result)) |
151 | { |
152 | $row['group_name'] = $this->language->is_set('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) ? $this->language->lang('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) : $row['group_name']; |
153 | $s_assigned_groups[$row['cat_id']][] = $row['group_name']; |
154 | |
155 | if ($row['allow_group']) |
156 | { |
157 | $allowed_post_groups[] = $row['group_id']; |
158 | } |
159 | |
160 | if ($row['allow_in_pm']) |
161 | { |
162 | $allowed_pm_groups[] = $row['group_id']; |
163 | } |
164 | } |
165 | $db->sql_freeresult($result); |
166 | |
167 | $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[attachment_category::IMAGE])) ? implode($user->lang['COMMA_SEPARATOR'], $s_assigned_groups[attachment_category::IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']'; |
168 | |
169 | $display_vars = array( |
170 | 'title' => 'ACP_ATTACHMENT_SETTINGS', |
171 | 'vars' => array( |
172 | 'legend1' => 'ACP_ATTACHMENT_SETTINGS', |
173 | |
174 | 'img_max_width' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), |
175 | 'img_max_height' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), |
176 | 'img_link_width' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), |
177 | 'img_link_height' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,), |
178 | |
179 | 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), |
180 | 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), |
181 | 'max_attachments' => array('lang' => 'MAX_ATTACHMENTS', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => false), |
182 | 'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => false), |
183 | 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'radio', 'function' => 'phpbb_build_radio', 'params' => ['{CONFIG_VALUE}', '{KEY}', ['DESCENDING', 'ASCENDING']], 'explain' => true), |
184 | 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), |
185 | 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), |
186 | 'max_filesize_pm' => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), |
187 | 'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
188 | 'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'radio', 'function' => 'phpbb_build_radio', 'params' => ['{CONFIG_VALUE}', '{KEY}', [1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW']], 'explain' => true), |
189 | 'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
190 | 'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
191 | |
192 | 'legend2' => $l_legend_cat_images, |
193 | 'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
194 | 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
195 | 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), |
196 | 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), |
197 | 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), |
198 | 'img_strip_metadata' => array('lang' => 'IMAGE_STRIP_METADATA', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), |
199 | 'img_quality' => array('lang' => 'IMAGE_QUALITY', 'validate' => 'int:50:90', 'type' => 'number:50:90', 'explain' => true, 'append' => ' %'), |
200 | 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), |
201 | ) |
202 | ); |
203 | |
204 | /** |
205 | * Event to add and/or modify acp_attachement configurations |
206 | * |
207 | * @event core.acp_attachments_config_edit_add |
208 | * @var array display_vars Array of config values to display and process |
209 | * @var string mode Mode of the config page we are displaying |
210 | * @var boolean submit Do we display the form or process the submission |
211 | * @since 3.1.11-RC1 |
212 | */ |
213 | $vars = array('display_vars', 'mode', 'submit'); |
214 | extract($phpbb_dispatcher->trigger_event('core.acp_attachments_config_edit_add', compact($vars))); |
215 | |
216 | $this->new_config = $config; |
217 | $cfg_array = (isset($_REQUEST['config'])) ? $request->variable('config', array('' => '')) : $this->new_config; |
218 | $error = array(); |
219 | |
220 | // We validate the complete config if whished |
221 | validate_config_vars($display_vars['vars'], $cfg_array, $error); |
222 | |
223 | // Do not write values if there is an error |
224 | if (count($error)) |
225 | { |
226 | $submit = false; |
227 | } |
228 | |
229 | // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... |
230 | foreach ($display_vars['vars'] as $config_name => $null) |
231 | { |
232 | if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) |
233 | { |
234 | continue; |
235 | } |
236 | |
237 | $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; |
238 | |
239 | if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm'))) |
240 | { |
241 | $size_var = $request->variable($config_name, ''); |
242 | |
243 | $config_value = (int) $config_value; |
244 | |
245 | $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value); |
246 | } |
247 | |
248 | if ($submit) |
249 | { |
250 | $config->set($config_name, $config_value); |
251 | } |
252 | } |
253 | |
254 | $this->perform_site_list(); |
255 | |
256 | if ($submit) |
257 | { |
258 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_ATTACH'); |
259 | |
260 | if (!count($error)) |
261 | { |
262 | trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); |
263 | } |
264 | } |
265 | |
266 | $template->assign_var('S_ATTACHMENT_SETTINGS', true); |
267 | |
268 | // Secure Download Options - Same procedure as with banning |
269 | $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; |
270 | |
271 | $sql = 'SELECT * |
272 | FROM ' . SITELIST_TABLE; |
273 | $result = $db->sql_query($sql); |
274 | |
275 | $defined_ips = ''; |
276 | |
277 | while ($row = $db->sql_fetchrow($result)) |
278 | { |
279 | $value = $row['site_ip'] ?: $row['site_hostname']; |
280 | if ($value) |
281 | { |
282 | $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>'; |
283 | } |
284 | } |
285 | $db->sql_freeresult($result); |
286 | |
287 | $template->assign_vars(array( |
288 | 'S_EMPTY_PM_GROUPS' => empty($allowed_pm_groups), |
289 | 'S_EMPTY_POST_GROUPS' => empty($allowed_post_groups), |
290 | 'S_SECURE_DOWNLOADS' => $this->new_config['secure_downloads'], |
291 | 'S_DEFINED_IPS' => ($defined_ips != '') ? true : false, |
292 | 'S_WARNING' => (count($error)) ? true : false, |
293 | |
294 | 'U_EXTENSION_GROUPS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=ext_groups"), |
295 | |
296 | 'WARNING_MSG' => implode('<br />', $error), |
297 | 'DEFINED_IPS' => $defined_ips, |
298 | |
299 | 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'], |
300 | 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'], |
301 | 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS']) |
302 | ); |
303 | |
304 | // Output relevant options |
305 | foreach ($display_vars['vars'] as $config_key => $vars) |
306 | { |
307 | if (!is_array($vars) && strpos($config_key, 'legend') === false) |
308 | { |
309 | continue; |
310 | } |
311 | |
312 | if (strpos($config_key, 'legend') !== false) |
313 | { |
314 | $template->assign_block_vars('options', array( |
315 | 'S_LEGEND' => true, |
316 | 'LEGEND' => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars) |
317 | ); |
318 | |
319 | continue; |
320 | } |
321 | |
322 | $type = explode(':', $vars['type']); |
323 | |
324 | $l_explain = ''; |
325 | if ($vars['explain'] && isset($vars['lang_explain'])) |
326 | { |
327 | $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain']; |
328 | } |
329 | else if ($vars['explain']) |
330 | { |
331 | $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : ''; |
332 | } |
333 | |
334 | $content = phpbb_build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars); |
335 | if (empty($content)) |
336 | { |
337 | continue; |
338 | } |
339 | |
340 | $template->assign_block_vars('options', array( |
341 | 'KEY' => $config_key, |
342 | 'TITLE' => $user->lang[$vars['lang']], |
343 | 'S_EXPLAIN' => $vars['explain'], |
344 | 'TITLE_EXPLAIN' => $l_explain, |
345 | 'CONTENT' => $content, |
346 | ) |
347 | ); |
348 | |
349 | unset($display_vars['vars'][$config_key]); |
350 | } |
351 | |
352 | break; |
353 | |
354 | case 'extensions': |
355 | if ($submit || isset($_POST['add_extension_check'])) |
356 | { |
357 | if ($submit) |
358 | { |
359 | // Change Extensions ? |
360 | $extension_change_list = $request->variable('extension_change_list', array(0)); |
361 | $group_select_list = $request->variable('group_select', array(0)); |
362 | |
363 | // Generate correct Change List |
364 | $extensions = array(); |
365 | |
366 | for ($i = 0, $size = count($extension_change_list); $i < $size; $i++) |
367 | { |
368 | $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i]; |
369 | } |
370 | |
371 | $sql = 'SELECT * |
372 | FROM ' . EXTENSIONS_TABLE . ' |
373 | ORDER BY extension_id'; |
374 | $result = $db->sql_query($sql); |
375 | |
376 | while ($row = $db->sql_fetchrow($result)) |
377 | { |
378 | if ($row['group_id'] != $extensions[$row['extension_id']]['group_id']) |
379 | { |
380 | $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' |
381 | SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' |
382 | WHERE extension_id = ' . $row['extension_id']; |
383 | $db->sql_query($sql); |
384 | |
385 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_EXT_UPDATE', false, array($row['extension'])); |
386 | } |
387 | } |
388 | $db->sql_freeresult($result); |
389 | |
390 | // Delete Extension? |
391 | $extension_id_list = $request->variable('extension_id_list', array(0)); |
392 | |
393 | if (count($extension_id_list)) |
394 | { |
395 | $sql = 'SELECT extension |
396 | FROM ' . EXTENSIONS_TABLE . ' |
397 | WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); |
398 | $result = $db->sql_query($sql); |
399 | |
400 | $extension_list = ''; |
401 | while ($row = $db->sql_fetchrow($result)) |
402 | { |
403 | $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension']; |
404 | } |
405 | $db->sql_freeresult($result); |
406 | |
407 | $sql = 'DELETE |
408 | FROM ' . EXTENSIONS_TABLE . ' |
409 | WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); |
410 | $db->sql_query($sql); |
411 | |
412 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_EXT_DEL', false, array($extension_list)); |
413 | } |
414 | } |
415 | |
416 | // Add Extension? |
417 | $add_extension = strtolower($request->variable('add_extension', '')); |
418 | $add_extension_group = $request->variable('add_group_select', 0); |
419 | $add = (isset($_POST['add_extension_check'])) ? true : false; |
420 | |
421 | if ($add_extension && $add) |
422 | { |
423 | $sql = 'SELECT extension_id |
424 | FROM ' . EXTENSIONS_TABLE . " |
425 | WHERE extension = '" . $db->sql_escape($add_extension) . "'"; |
426 | $result = $db->sql_query($sql); |
427 | |
428 | if ($row = $db->sql_fetchrow($result)) |
429 | { |
430 | $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension); |
431 | } |
432 | $db->sql_freeresult($result); |
433 | |
434 | if (!count($error)) |
435 | { |
436 | $sql_ary = array( |
437 | 'group_id' => $add_extension_group, |
438 | 'extension' => $add_extension |
439 | ); |
440 | |
441 | $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); |
442 | |
443 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_EXT_ADD', false, array($add_extension)); |
444 | } |
445 | } |
446 | |
447 | if (!count($error)) |
448 | { |
449 | $notify[] = $user->lang['EXTENSIONS_UPDATED']; |
450 | } |
451 | |
452 | $cache->destroy('_extensions'); |
453 | } |
454 | |
455 | $template->assign_vars([ |
456 | 'S_EXTENSIONS' => true, |
457 | 'ADD_EXTENSION' => (isset($add_extension)) ? $add_extension : '', |
458 | 'GROUP_SELECT_OPTIONS' => $this->group_select('add_group_select', $request->is_set_post('add_extension_check') ? $add_extension_group : false, 'extension_group'), |
459 | ]); |
460 | |
461 | $sql = 'SELECT * |
462 | FROM ' . EXTENSIONS_TABLE . ' |
463 | ORDER BY group_id, extension'; |
464 | $result = $db->sql_query($sql); |
465 | |
466 | if ($row = $db->sql_fetchrow($result)) |
467 | { |
468 | $old_group_id = $row['group_id']; |
469 | do |
470 | { |
471 | $s_spacer = false; |
472 | |
473 | $current_group_id = $row['group_id']; |
474 | if ($old_group_id != $current_group_id) |
475 | { |
476 | $s_spacer = true; |
477 | $old_group_id = $current_group_id; |
478 | } |
479 | |
480 | $template->assign_block_vars('extensions', array( |
481 | 'S_SPACER' => $s_spacer, |
482 | 'EXTENSION_ID' => $row['extension_id'], |
483 | 'EXTENSION' => $row['extension'], |
484 | 'GROUP_OPTIONS' => $this->group_select('group_select[]', $row['group_id'])) |
485 | ); |
486 | } |
487 | while ($row = $db->sql_fetchrow($result)); |
488 | } |
489 | $db->sql_freeresult($result); |
490 | |
491 | break; |
492 | |
493 | case 'ext_groups': |
494 | |
495 | $template->assign_var('S_EXTENSION_GROUPS', true); |
496 | |
497 | if ($submit) |
498 | { |
499 | $action = $request->variable('action', ''); |
500 | $group_id = $request->variable('g', 0); |
501 | |
502 | if ($action != 'add' && $action != 'edit') |
503 | { |
504 | trigger_error('NO_MODE', E_USER_ERROR); |
505 | } |
506 | |
507 | if (!$group_id && $action == 'edit') |
508 | { |
509 | trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); |
510 | } |
511 | |
512 | if ($group_id) |
513 | { |
514 | $sql = 'SELECT * |
515 | FROM ' . EXTENSION_GROUPS_TABLE . " |
516 | WHERE group_id = $group_id"; |
517 | $result = $db->sql_query($sql); |
518 | $ext_row = $db->sql_fetchrow($result); |
519 | $db->sql_freeresult($result); |
520 | |
521 | if (!$ext_row) |
522 | { |
523 | trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); |
524 | } |
525 | } |
526 | else |
527 | { |
528 | $ext_row = array(); |
529 | } |
530 | |
531 | $group_name = $request->variable('group_name', '', true); |
532 | $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : ''); |
533 | |
534 | if (!$group_name) |
535 | { |
536 | $error[] = $user->lang['NO_EXT_GROUP_NAME']; |
537 | } |
538 | |
539 | // Check New Group Name |
540 | if ($new_group_name) |
541 | { |
542 | $sql = 'SELECT group_id |
543 | FROM ' . EXTENSION_GROUPS_TABLE . " |
544 | WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'"; |
545 | if ($group_id) |
546 | { |
547 | $sql .= ' AND group_id <> ' . $group_id; |
548 | } |
549 | $result = $db->sql_query($sql); |
550 | |
551 | if ($db->sql_fetchrow($result)) |
552 | { |
553 | $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name); |
554 | } |
555 | $db->sql_freeresult($result); |
556 | } |
557 | |
558 | if (!count($error)) |
559 | { |
560 | // Ok, build the update/insert array |
561 | $upload_icon = $request->variable('upload_icon', 'no_image'); |
562 | $size_select = $request->variable('size_select', 'b'); |
563 | $forum_select = $request->variable('forum_select', false); |
564 | $allowed_forums = $request->variable('allowed_forums', array(0)); |
565 | $allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false; |
566 | $max_filesize = $request->variable('max_filesize', 0); |
567 | $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize); |
568 | $allow_group = (isset($_POST['allow_group'])) ? true : false; |
569 | |
570 | if ($max_filesize == $config['max_filesize']) |
571 | { |
572 | $max_filesize = 0; |
573 | } |
574 | |
575 | if (!count($allowed_forums)) |
576 | { |
577 | $forum_select = false; |
578 | } |
579 | |
580 | $group_ary = array( |
581 | 'group_name' => $group_name, |
582 | 'cat_id' => $request->variable('special_category', attachment_category::NONE), |
583 | 'allow_group' => ($allow_group) ? 1 : 0, |
584 | 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon, |
585 | 'max_filesize' => $max_filesize, |
586 | 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '', |
587 | 'allow_in_pm' => ($allow_in_pm) ? 1 : 0, |
588 | ); |
589 | |
590 | $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET '; |
591 | $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary); |
592 | $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : ''; |
593 | |
594 | $db->sql_query($sql); |
595 | |
596 | if ($action == 'add') |
597 | { |
598 | $group_id = $db->sql_nextid(); |
599 | } |
600 | |
601 | $group_name = $this->language->is_set('EXT_GROUP_' . utf8_strtoupper($group_name)) ? $this->language->lang('EXT_GROUP_' . utf8_strtoupper($group_name)) : $group_name; |
602 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), false, array($group_name)); |
603 | } |
604 | |
605 | $extension_list = $request->variable('extensions', array(0)); |
606 | |
607 | if ($action == 'edit' && count($extension_list)) |
608 | { |
609 | $sql = 'UPDATE ' . EXTENSIONS_TABLE . " |
610 | SET group_id = 0 |
611 | WHERE group_id = $group_id"; |
612 | $db->sql_query($sql); |
613 | } |
614 | |
615 | if (count($extension_list)) |
616 | { |
617 | $sql = 'UPDATE ' . EXTENSIONS_TABLE . " |
618 | SET group_id = $group_id |
619 | WHERE " . $db->sql_in_set('extension_id', $extension_list); |
620 | $db->sql_query($sql); |
621 | } |
622 | |
623 | $cache->destroy('_extensions'); |
624 | |
625 | if (!count($error)) |
626 | { |
627 | $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)]; |
628 | } |
629 | } |
630 | |
631 | $cat_lang = array( |
632 | attachment_category::NONE => $user->lang['NO_FILE_CAT'], |
633 | attachment_category::IMAGE => $user->lang['CAT_IMAGES'], |
634 | attachment_category::AUDIO => $user->lang('CAT_AUDIO_FILES'), |
635 | attachment_category::VIDEO => $user->lang('CAT_VIDEO_FILES'), |
636 | ); |
637 | |
638 | $group_id = $request->variable('g', 0); |
639 | $action = (isset($_POST['add'])) ? 'add' : $action; |
640 | |
641 | switch ($action) |
642 | { |
643 | case 'delete': |
644 | |
645 | if (confirm_box(true)) |
646 | { |
647 | $sql = 'SELECT group_name |
648 | FROM ' . EXTENSION_GROUPS_TABLE . " |
649 | WHERE group_id = $group_id"; |
650 | $result = $db->sql_query($sql); |
651 | $group_name = (string) $db->sql_fetchfield('group_name'); |
652 | $db->sql_freeresult($result); |
653 | |
654 | $sql = 'DELETE |
655 | FROM ' . EXTENSION_GROUPS_TABLE . " |
656 | WHERE group_id = $group_id"; |
657 | $db->sql_query($sql); |
658 | |
659 | // Set corresponding Extensions to a pending Group |
660 | $sql = 'UPDATE ' . EXTENSIONS_TABLE . " |
661 | SET group_id = 0 |
662 | WHERE group_id = $group_id"; |
663 | $db->sql_query($sql); |
664 | |
665 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_EXTGROUP_DEL', false, array($group_name)); |
666 | |
667 | $cache->destroy('_extensions'); |
668 | |
669 | trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action)); |
670 | } |
671 | else |
672 | { |
673 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( |
674 | 'i' => $id, |
675 | 'mode' => $mode, |
676 | 'group_id' => $group_id, |
677 | 'action' => 'delete', |
678 | ))); |
679 | } |
680 | |
681 | break; |
682 | |
683 | case 'edit': |
684 | |
685 | if (!$group_id) |
686 | { |
687 | trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); |
688 | } |
689 | |
690 | $sql = 'SELECT * |
691 | FROM ' . EXTENSION_GROUPS_TABLE . " |
692 | WHERE group_id = $group_id"; |
693 | $result = $db->sql_query($sql); |
694 | $ext_group_row = $db->sql_fetchrow($result); |
695 | $db->sql_freeresult($result); |
696 | |
697 | $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums'])); |
698 | |
699 | // no break; |
700 | |
701 | case 'add': |
702 | |
703 | if ($action == 'add') |
704 | { |
705 | $ext_group_row = array( |
706 | 'group_name' => $request->variable('group_name', '', true), |
707 | 'cat_id' => 0, |
708 | 'allow_group' => 1, |
709 | 'allow_in_pm' => 1, |
710 | 'upload_icon' => '', |
711 | 'max_filesize' => 0, |
712 | ); |
713 | |
714 | $forum_ids = array(); |
715 | } |
716 | |
717 | $sql = 'SELECT * |
718 | FROM ' . EXTENSIONS_TABLE . " |
719 | WHERE group_id = $group_id |
720 | OR group_id = 0 |
721 | ORDER BY extension"; |
722 | $result = $db->sql_query($sql); |
723 | $extensions = $db->sql_fetchrowset($result); |
724 | $db->sql_freeresult($result); |
725 | |
726 | if ($ext_group_row['max_filesize'] == 0) |
727 | { |
728 | $ext_group_row['max_filesize'] = (int) $config['max_filesize']; |
729 | } |
730 | |
731 | $max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b')); |
732 | $size_format = $max_filesize['si_identifier']; |
733 | $ext_group_row['max_filesize'] = $max_filesize['value']; |
734 | |
735 | $img_path = $config['upload_icons_path']; |
736 | |
737 | $filename_list = ''; |
738 | $no_image_select = false; |
739 | |
740 | $imglist = filelist($phpbb_root_path . $img_path); |
741 | |
742 | if (!empty($imglist[''])) |
743 | { |
744 | $imglist = array_values($imglist); |
745 | $imglist = $imglist[0]; |
746 | |
747 | foreach ($imglist as $img) |
748 | { |
749 | if (!$ext_group_row['upload_icon']) |
750 | { |
751 | $no_image_select = true; |
752 | $selected = ''; |
753 | } |
754 | else |
755 | { |
756 | $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : ''; |
757 | } |
758 | |
759 | if (strlen($img) > 255) |
760 | { |
761 | continue; |
762 | } |
763 | |
764 | $filename_list .= '<option value="' . htmlspecialchars($img, ENT_COMPAT) . '"' . $selected . '>' . htmlspecialchars($img, ENT_COMPAT) . '</option>'; |
765 | } |
766 | } |
767 | |
768 | $i = 0; |
769 | $assigned_extensions = ''; |
770 | foreach ($extensions as $row) |
771 | { |
772 | if ($row['group_id'] == $group_id && $group_id) |
773 | { |
774 | $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension']; |
775 | $i++; |
776 | } |
777 | } |
778 | |
779 | $s_extension_options = ''; |
780 | foreach ($extensions as $row) |
781 | { |
782 | $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>'; |
783 | } |
784 | |
785 | $template->assign_vars(array( |
786 | 'IMG_PATH' => $img_path, |
787 | 'ACTION' => $action, |
788 | 'GROUP_ID' => $group_id, |
789 | 'GROUP_NAME' => $ext_group_row['group_name'], |
790 | 'ALLOW_GROUP' => $ext_group_row['allow_group'], |
791 | 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], |
792 | 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], |
793 | 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], |
794 | 'ASSIGNED_EXTENSIONS' => $assigned_extensions, |
795 | |
796 | 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), |
797 | 'EXT_GROUP_SIZE_OPTIONS' => [ |
798 | 'name' => 'size_select', |
799 | 'options' => size_select_options($size_format), |
800 | ], |
801 | 'S_EXTENSION_OPTIONS' => $s_extension_options, |
802 | 'S_FILENAME_LIST' => $filename_list, |
803 | 'S_EDIT_GROUP' => true, |
804 | 'S_NO_IMAGE' => $no_image_select, |
805 | 'S_FORUM_IDS' => (count($forum_ids)) ? true : false, |
806 | |
807 | 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"), |
808 | 'U_BACK' => $this->u_action, |
809 | |
810 | 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP']) |
811 | ); |
812 | |
813 | $s_forum_id_options = ''; |
814 | |
815 | /** @todo use in-built function **/ |
816 | |
817 | $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id |
818 | FROM ' . FORUMS_TABLE . ' |
819 | ORDER BY left_id ASC'; |
820 | $result = $db->sql_query($sql, 600); |
821 | |
822 | $right = $cat_right = 0; |
823 | $padding = $holding = ''; |
824 | $padding_store = array('0' => ''); |
825 | |
826 | while ($row = $db->sql_fetchrow($result)) |
827 | { |
828 | if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) |
829 | { |
830 | // Non-postable forum with no subforums, don't display |
831 | continue; |
832 | } |
833 | |
834 | if (!$auth->acl_get('f_list', $row['forum_id'])) |
835 | { |
836 | // if the user does not have permissions to list this forum skip |
837 | continue; |
838 | } |
839 | |
840 | if ($row['left_id'] < $right) |
841 | { |
842 | $padding .= ' '; |
843 | $padding_store[$row['parent_id']] = $padding; |
844 | } |
845 | else if ($row['left_id'] > $right + 1) |
846 | { |
847 | $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']]; |
848 | } |
849 | |
850 | $right = $row['right_id']; |
851 | |
852 | $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : ''; |
853 | |
854 | if ($row['left_id'] > $cat_right) |
855 | { |
856 | // make sure we don't forget anything |
857 | $s_forum_id_options .= $holding; |
858 | $holding = ''; |
859 | } |
860 | |
861 | if ($row['right_id'] - $row['left_id'] > 1) |
862 | { |
863 | $cat_right = max($cat_right, $row['right_id']); |
864 | |
865 | $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; |
866 | } |
867 | else |
868 | { |
869 | $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>'; |
870 | $holding = ''; |
871 | } |
872 | } |
873 | |
874 | if ($holding) |
875 | { |
876 | $s_forum_id_options .= $holding; |
877 | } |
878 | |
879 | $db->sql_freeresult($result); |
880 | unset($padding_store); |
881 | |
882 | $template->assign_vars(array( |
883 | 'S_FORUM_ID_OPTIONS' => $s_forum_id_options) |
884 | ); |
885 | |
886 | break; |
887 | } |
888 | |
889 | $sql = 'SELECT * |
890 | FROM ' . EXTENSION_GROUPS_TABLE . ' |
891 | ORDER BY allow_group DESC, allow_in_pm DESC, group_name'; |
892 | $result = $db->sql_query($sql); |
893 | |
894 | $old_allow_group = $old_allow_pm = 1; |
895 | while ($row = $db->sql_fetchrow($result)) |
896 | { |
897 | $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false; |
898 | |
899 | $template->assign_block_vars('groups', array( |
900 | 'S_ADD_SPACER' => $s_add_spacer, |
901 | 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false, |
902 | 'S_GROUP_ALLOWED' => ($row['allow_group']) ? true : false, |
903 | |
904 | 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", |
905 | 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", |
906 | |
907 | 'GROUP_NAME' => $this->language->is_set('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) ? $this->language->lang('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) : $row['group_name'], |
908 | 'CATEGORY' => $cat_lang[$row['cat_id']], |
909 | ) |
910 | ); |
911 | |
912 | $old_allow_group = $row['allow_group']; |
913 | $old_allow_pm = $row['allow_in_pm']; |
914 | } |
915 | $db->sql_freeresult($result); |
916 | |
917 | break; |
918 | |
919 | case 'orphan': |
920 | |
921 | /* @var $pagination \phpbb\pagination */ |
922 | $pagination = $this->phpbb_container->get('pagination'); |
923 | |
924 | if ($submit) |
925 | { |
926 | $delete_files = (isset($_POST['delete'])) ? array_keys($request->variable('delete', array('' => 0))) : array(); |
927 | $add_files = (isset($_POST['add'])) ? array_keys($request->variable('add', array('' => 0))) : array(); |
928 | $post_ids = $request->variable('post_id', array('' => 0)); |
929 | |
930 | if (count($delete_files)) |
931 | { |
932 | $sql = 'SELECT * |
933 | FROM ' . ATTACHMENTS_TABLE . ' |
934 | WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' |
935 | AND is_orphan = 1'; |
936 | $result = $db->sql_query($sql); |
937 | |
938 | $delete_files = array(); |
939 | while ($row = $db->sql_fetchrow($result)) |
940 | { |
941 | $this->attachment_manager->unlink($row['physical_filename'], 'file'); |
942 | |
943 | if ($row['thumbnail']) |
944 | { |
945 | $this->attachment_manager->unlink($row['physical_filename'], 'thumbnail'); |
946 | } |
947 | |
948 | $delete_files[$row['attach_id']] = $row['real_filename']; |
949 | } |
950 | $db->sql_freeresult($result); |
951 | } |
952 | |
953 | if (count($delete_files)) |
954 | { |
955 | $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . ' |
956 | WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files)); |
957 | $db->sql_query($sql); |
958 | |
959 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_ORPHAN_DEL', false, array(implode(', ', $delete_files))); |
960 | $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode($user->lang['COMMA_SEPARATOR'], $delete_files)); |
961 | } |
962 | |
963 | $upload_list = array(); |
964 | foreach ($add_files as $attach_id) |
965 | { |
966 | if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id])) |
967 | { |
968 | $upload_list[$attach_id] = $post_ids[$attach_id]; |
969 | } |
970 | } |
971 | unset($add_files); |
972 | |
973 | if (count($upload_list)) |
974 | { |
975 | $template->assign_var('S_UPLOADING_FILES', true); |
976 | |
977 | $sql = 'SELECT forum_id, forum_name |
978 | FROM ' . FORUMS_TABLE; |
979 | $result = $db->sql_query($sql); |
980 | |
981 | $forum_names = array(); |
982 | while ($row = $db->sql_fetchrow($result)) |
983 | { |
984 | $forum_names[$row['forum_id']] = $row['forum_name']; |
985 | } |
986 | $db->sql_freeresult($result); |
987 | |
988 | $sql = 'SELECT forum_id, topic_id, post_id, poster_id |
989 | FROM ' . POSTS_TABLE . ' |
990 | WHERE ' . $db->sql_in_set('post_id', $upload_list); |
991 | $result = $db->sql_query($sql); |
992 | |
993 | $post_info = array(); |
994 | while ($row = $db->sql_fetchrow($result)) |
995 | { |
996 | $post_info[$row['post_id']] = $row; |
997 | } |
998 | $db->sql_freeresult($result); |
999 | |
1000 | // Select those attachments we want to change... |
1001 | $sql = 'SELECT * |
1002 | FROM ' . ATTACHMENTS_TABLE . ' |
1003 | WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . ' |
1004 | AND is_orphan = 1'; |
1005 | $result = $db->sql_query($sql); |
1006 | |
1007 | $files_added = $space_taken = 0; |
1008 | $error_msg = ''; |
1009 | $upload_row = []; |
1010 | while ($row = $db->sql_fetchrow($result)) |
1011 | { |
1012 | $upload_row = [ |
1013 | 'FILE_INFO' => $user->lang('UPLOADING_FILE_TO', $row['real_filename'], $upload_list[$row['attach_id']]), |
1014 | ]; |
1015 | |
1016 | if (isset($post_info[$upload_list[$row['attach_id']]])) |
1017 | { |
1018 | $post_row = $post_info[$upload_list[$row['attach_id']]]; |
1019 | $upload_row = array_merge($upload_row, [ |
1020 | 'S_DENIED' => !$auth->acl_get('f_attach', $post_row['forum_id']), |
1021 | 'L_DENIED' => !$auth->acl_get('f_attach', $post_row['forum_id']) ? $user->lang('UPLOAD_DENIED_FORUM', $forum_names[$row['forum_id']]) : '', |
1022 | ]); |
1023 | } |
1024 | else |
1025 | { |
1026 | $error_msg = $user->lang('UPLOAD_POST_NOT_EXIST', $row['real_filename'], $upload_list[$row['attach_id']]); |
1027 | $upload_row = array_merge($upload_row, [ |
1028 | 'ERROR_MSG' => $error_msg, |
1029 | ]); |
1030 | }; |
1031 | |
1032 | $template->assign_block_vars('upload', $upload_row); |
1033 | |
1034 | if ($error_msg || !$auth->acl_get('f_attach', $post_row['forum_id'])) |
1035 | { |
1036 | continue; |
1037 | } |
1038 | |
1039 | // Adjust attachment entry |
1040 | $sql_ary = [ |
1041 | 'in_message' => 0, |
1042 | 'is_orphan' => 0, |
1043 | 'poster_id' => $post_row['poster_id'], |
1044 | 'post_msg_id' => $post_row['post_id'], |
1045 | 'topic_id' => $post_row['topic_id'], |
1046 | ]; |
1047 | |
1048 | $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' |
1049 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' |
1050 | WHERE attach_id = ' . $row['attach_id']; |
1051 | $db->sql_query($sql); |
1052 | |
1053 | $sql = 'UPDATE ' . POSTS_TABLE . ' |
1054 | SET post_attachment = 1 |
1055 | WHERE post_id = ' . $post_row['post_id']; |
1056 | $db->sql_query($sql); |
1057 | |
1058 | $sql = 'UPDATE ' . TOPICS_TABLE . ' |
1059 | SET topic_attachment = 1 |
1060 | WHERE topic_id = ' . $post_row['topic_id']; |
1061 | $db->sql_query($sql); |
1062 | |
1063 | $space_taken += $row['filesize']; |
1064 | $files_added++; |
1065 | |
1066 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_FILEUPLOAD', false, [$post_row['post_id'], $row['real_filename']]); |
1067 | } |
1068 | $db->sql_freeresult($result); |
1069 | |
1070 | if ($files_added) |
1071 | { |
1072 | $config->increment('upload_dir_size', $space_taken, false); |
1073 | $config->increment('num_files', $files_added, false); |
1074 | } |
1075 | } |
1076 | } |
1077 | |
1078 | $template->assign_vars([ |
1079 | 'S_ORPHAN' => true, |
1080 | ]); |
1081 | |
1082 | $attachments_per_page = (int) $config['topics_per_page']; |
1083 | |
1084 | // Get total number or orphans older than 3 hours |
1085 | $sql = 'SELECT COUNT(attach_id) as num_files, SUM(filesize) as total_size |
1086 | FROM ' . ATTACHMENTS_TABLE . ' |
1087 | WHERE is_orphan = 1 |
1088 | AND filetime < ' . (time() - 3*60*60); |
1089 | $result = $this->db->sql_query($sql); |
1090 | $row = $this->db->sql_fetchrow($result); |
1091 | $num_files = (int) $row['num_files']; |
1092 | $total_size = (int) $row['total_size']; |
1093 | $this->db->sql_freeresult($result); |
1094 | |
1095 | $start = $request->variable('start', 0); |
1096 | $start = $pagination->validate_start($start, $attachments_per_page, $num_files); |
1097 | |
1098 | // Just get the files with is_orphan set and older than 3 hours |
1099 | $sql = 'SELECT * |
1100 | FROM ' . ATTACHMENTS_TABLE . ' |
1101 | WHERE is_orphan = 1 |
1102 | AND filetime < ' . (time() - 3*60*60) . ' |
1103 | ORDER BY filetime DESC'; |
1104 | $result = $db->sql_query_limit($sql, $attachments_per_page, $start); |
1105 | |
1106 | while ($row = $db->sql_fetchrow($result)) |
1107 | { |
1108 | $template->assign_block_vars('orphan', [ |
1109 | 'FILESIZE' => get_formatted_filesize($row['filesize']), |
1110 | 'FILETIME' => $user->format_date($row['filetime']), |
1111 | 'REAL_FILENAME' => utf8_basename($row['real_filename']), |
1112 | 'PHYSICAL_FILENAME' => utf8_basename($row['physical_filename']), |
1113 | 'ATTACH_ID' => $row['attach_id'], |
1114 | 'POST_ID' => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '', |
1115 | 'U_FILE' => $this->controller_helper->route( |
1116 | 'phpbb_storage_attachment', |
1117 | [ |
1118 | 'id' => (int) $row['attach_id'], |
1119 | 'filename' => $row['real_filename'], |
1120 | ] |
1121 | ), |
1122 | ]); |
1123 | } |
1124 | $db->sql_freeresult($result); |
1125 | |
1126 | $pagination->generate_template_pagination( |
1127 | $this->u_action, |
1128 | 'pagination', |
1129 | 'start', |
1130 | $num_files, |
1131 | $attachments_per_page, |
1132 | $start |
1133 | ); |
1134 | |
1135 | $template->assign_vars([ |
1136 | 'TOTAL_FILES' => $num_files, |
1137 | 'TOTAL_SIZE' => get_formatted_filesize($total_size), |
1138 | ]); |
1139 | |
1140 | break; |
1141 | |
1142 | case 'manage': |
1143 | |
1144 | if ($submit) |
1145 | { |
1146 | $delete_files = (isset($_POST['delete'])) ? array_keys($request->variable('delete', array('' => 0))) : array(); |
1147 | |
1148 | if (count($delete_files)) |
1149 | { |
1150 | // Select those attachments we want to delete... |
1151 | $sql = 'SELECT real_filename |
1152 | FROM ' . ATTACHMENTS_TABLE . ' |
1153 | WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' |
1154 | AND is_orphan = 0'; |
1155 | $result = $db->sql_query($sql); |
1156 | |
1157 | $deleted_filenames = []; |
1158 | while ($row = $db->sql_fetchrow($result)) |
1159 | { |
1160 | $deleted_filenames[] = $row['real_filename']; |
1161 | } |
1162 | $db->sql_freeresult($result); |
1163 | |
1164 | if ($num_deleted = $this->attachment_manager->delete('attach', $delete_files)) |
1165 | { |
1166 | if (count($delete_files) != $num_deleted) |
1167 | { |
1168 | $error[] = $user->lang['FILES_GONE']; |
1169 | } |
1170 | |
1171 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACHMENTS_DELETED', false, array(implode(', ', $deleted_filenames))); |
1172 | $notify[] = sprintf($user->lang['LOG_ATTACHMENTS_DELETED'], implode($user->lang['COMMA_SEPARATOR'], $deleted_filenames)); |
1173 | } |
1174 | else |
1175 | { |
1176 | $error[] = $user->lang['NO_FILES_TO_DELETE']; |
1177 | } |
1178 | } |
1179 | } |
1180 | |
1181 | if ($action == 'stats') |
1182 | { |
1183 | $this->handle_stats_resync(); |
1184 | } |
1185 | |
1186 | $stats_error = $this->check_stats_accuracy(); |
1187 | |
1188 | if ($stats_error) |
1189 | { |
1190 | $error[] = $stats_error; |
1191 | } |
1192 | |
1193 | $template->assign_vars(array( |
1194 | 'S_MANAGE' => true, |
1195 | )); |
1196 | |
1197 | $start = $request->variable('start', 0); |
1198 | |
1199 | // Sort keys |
1200 | $sort_days = $request->variable('st', 0); |
1201 | $sort_key = $request->variable('sk', 't'); |
1202 | $sort_dir = $request->variable('sd', 'd'); |
1203 | |
1204 | // Sorting |
1205 | $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); |
1206 | $sort_by_text = array('f' => $user->lang['FILENAME'], 't' => $user->lang['FILEDATE'], 's' => $user->lang['FILESIZE'], 'x' => $user->lang['EXTENSION'], 'd' => $user->lang['DOWNLOADS'],'p' => $user->lang['ATTACH_POST_TYPE'], 'u' => $user->lang['AUTHOR']); |
1207 | $sort_by_sql = array('f' => 'a.real_filename', 't' => 'a.filetime', 's' => 'a.filesize', 'x' => 'a.extension', 'd' => 'a.download_count', 'p' => 'a.in_message', 'u' => 'u.username'); |
1208 | |
1209 | $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; |
1210 | gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); |
1211 | |
1212 | $min_filetime = ($sort_days) ? (time() - ($sort_days * 86400)) : ''; |
1213 | $limit_filetime = ($min_filetime) ? " AND a.filetime >= $min_filetime " : ''; |
1214 | $start = ($sort_days && isset($_POST['sort'])) ? 0 : $start; |
1215 | |
1216 | $attachments_per_page = (int) $config['topics_per_page']; |
1217 | |
1218 | $stats = $this->get_attachment_stats($limit_filetime); |
1219 | $num_files = $stats['num_files']; |
1220 | $total_size = $stats['upload_dir_size']; |
1221 | |
1222 | // Make sure $start is set to the last page if it exceeds the amount |
1223 | /* @var $pagination \phpbb\pagination */ |
1224 | $pagination = $phpbb_container->get('pagination'); |
1225 | $start = $pagination->validate_start($start, $attachments_per_page, $num_files); |
1226 | |
1227 | // If the user is trying to reach the second half of the attachments list, fetch it starting from the end |
1228 | $store_reverse = false; |
1229 | $sql_limit = $attachments_per_page; |
1230 | |
1231 | if ($start > $num_files / 2) |
1232 | { |
1233 | $store_reverse = true; |
1234 | |
1235 | // Select the sort order. Add time sort anchor for non-time sorting cases |
1236 | $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') : ''; |
1237 | $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') . $sql_sort_anchor; |
1238 | $sql_limit = $pagination->reverse_limit($start, $sql_limit, $num_files); |
1239 | $sql_start = $pagination->reverse_start($start, $sql_limit, $num_files); |
1240 | } |
1241 | else |
1242 | { |
1243 | // Select the sort order. Add time sort anchor for non-time sorting cases |
1244 | $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') : ''; |
1245 | $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') . $sql_sort_anchor; |
1246 | $sql_start = $start; |
1247 | } |
1248 | |
1249 | $attachments_list = array(); |
1250 | |
1251 | // Just get the files |
1252 | $sql = 'SELECT a.*, u.username, u.user_colour, t.topic_title |
1253 | FROM ' . ATTACHMENTS_TABLE . ' a |
1254 | LEFT JOIN ' . USERS_TABLE . ' u ON (u.user_id = a.poster_id) |
1255 | LEFT JOIN ' . TOPICS_TABLE . " t ON (a.topic_id = t.topic_id) |
1256 | WHERE a.is_orphan = 0 |
1257 | $limit_filetime |
1258 | ORDER BY $sql_sort_order"; |
1259 | $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); |
1260 | |
1261 | $i = ($store_reverse) ? $sql_limit - 1 : 0; |
1262 | |
1263 | // Store increment value in a variable to save some conditional calls |
1264 | $i_increment = ($store_reverse) ? -1 : 1; |
1265 | while ($attachment_row = $db->sql_fetchrow($result)) |
1266 | { |
1267 | $attachments_list[$i] = $attachment_row; |
1268 | $i = $i + $i_increment; |
1269 | } |
1270 | $db->sql_freeresult($result); |
1271 | |
1272 | $base_url = $this->u_action . "&$u_sort_param"; |
1273 | $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_files, $attachments_per_page, $start); |
1274 | |
1275 | $template->assign_vars(array( |
1276 | 'TOTAL_FILES' => $num_files, |
1277 | 'TOTAL_SIZE' => get_formatted_filesize($total_size), |
1278 | |
1279 | 'S_LIMIT_DAYS' => $s_limit_days, |
1280 | 'S_SORT_KEY' => $s_sort_key, |
1281 | 'S_SORT_DIR' => $s_sort_dir) |
1282 | ); |
1283 | |
1284 | // Grab extensions |
1285 | $extensions = $cache->obtain_attach_extensions(true); |
1286 | |
1287 | for ($i = 0, $end = count($attachments_list); $i < $end; ++$i) |
1288 | { |
1289 | $row = $attachments_list[$i]; |
1290 | |
1291 | $row['extension'] = strtolower(trim((string) $row['extension'])); |
1292 | $comment = ($row['attach_comment'] && !$row['in_message']) ? str_replace(array("\n", "\r"), array('<br />', "\n"), $row['attach_comment']) : ''; |
1293 | $display_cat = isset($extensions[$row['extension']]['display_cat']) ? $extensions[$row['extension']]['display_cat'] : attachment_category::NONE; |
1294 | $l_downloaded_viewed = ($display_cat == attachment_category::NONE) ? 'DOWNLOAD_COUNTS' : 'VIEWED_COUNTS'; |
1295 | |
1296 | $template->assign_block_vars('attachments', array( |
1297 | 'ATTACHMENT_POSTER' => get_username_string('full', (int) $row['poster_id'], (string) $row['username'], (string) $row['user_colour'], (string) $row['username']), |
1298 | 'FILESIZE' => get_formatted_filesize((int) $row['filesize']), |
1299 | 'FILETIME' => $user->format_date((int) $row['filetime']), |
1300 | 'REAL_FILENAME' => utf8_basename((string) $row['real_filename']), |
1301 | 'EXT_GROUP_NAME' => $this->language->is_set('EXT_GROUP_' . utf8_strtoupper($extensions[$row['extension']]['group_name'])) ? $this->language->lang('EXT_GROUP_' . utf8_strtoupper($extensions[$row['extension']]['group_name'])) : $extensions[$row['extension']]['group_name'], |
1302 | 'COMMENT' => $comment, |
1303 | 'TOPIC_TITLE' => (!$row['in_message']) ? (string) $row['topic_title'] : '', |
1304 | 'ATTACH_ID' => (int) $row['attach_id'], |
1305 | |
1306 | 'L_DOWNLOAD_COUNT' => $user->lang($l_downloaded_viewed, (int) $row['download_count']), |
1307 | |
1308 | 'S_IN_MESSAGE' => (bool) $row['in_message'], |
1309 | |
1310 | 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}", |
1311 | 'U_FILE' => $this->controller_helper->route( |
1312 | 'phpbb_storage_attachment', |
1313 | [ |
1314 | 'id' => (int) $row['attach_id'], |
1315 | 'filename' => $row['real_filename'], |
1316 | ] |
1317 | ) |
1318 | )); |
1319 | } |
1320 | |
1321 | break; |
1322 | } |
1323 | |
1324 | if (count($error)) |
1325 | { |
1326 | $template->assign_vars(array( |
1327 | 'S_WARNING' => true, |
1328 | 'WARNING_MSG' => implode('<br />', $error)) |
1329 | ); |
1330 | } |
1331 | |
1332 | if (count($notify)) |
1333 | { |
1334 | $template->assign_vars(array( |
1335 | 'S_NOTIFY' => true, |
1336 | 'NOTIFY_MSG' => implode('<br />', $notify)) |
1337 | ); |
1338 | } |
1339 | } |
1340 | |
1341 | /** |
1342 | * Get attachment file count and size of upload directory |
1343 | * |
1344 | * @param $limit string Additional limit for WHERE clause to filter stats by. |
1345 | * @return array Returns array with stats: num_files and upload_dir_size |
1346 | */ |
1347 | public function get_attachment_stats($limit = '') |
1348 | { |
1349 | $sql = 'SELECT COUNT(a.attach_id) AS num_files, SUM(' . $this->db->cast_expr_to_bigint('a.filesize') . ') AS upload_dir_size |
1350 | FROM ' . ATTACHMENTS_TABLE . " a |
1351 | WHERE a.is_orphan = 0 |
1352 | $limit"; |
1353 | $result = $this->db->sql_query($sql); |
1354 | $row = $this->db->sql_fetchrow($result); |
1355 | $this->db->sql_freeresult($result); |
1356 | |
1357 | return array( |
1358 | 'num_files' => (int) $row['num_files'], |
1359 | 'upload_dir_size' => (float) $row['upload_dir_size'], |
1360 | ); |
1361 | } |
1362 | |
1363 | /** |
1364 | * Set config attachment stat values |
1365 | * |
1366 | * @param $stats array Array of config key => value pairs to set. |
1367 | * @return void |
1368 | */ |
1369 | public function set_attachment_stats($stats) |
1370 | { |
1371 | foreach ($stats as $key => $value) |
1372 | { |
1373 | $this->config->set($key, $value, true); |
1374 | } |
1375 | } |
1376 | |
1377 | /** |
1378 | * Check accuracy of attachment statistics. |
1379 | * |
1380 | * @return bool|string Returns false if stats are correct or error message |
1381 | * otherwise. |
1382 | */ |
1383 | public function check_stats_accuracy() |
1384 | { |
1385 | // Get fresh stats. |
1386 | $stats = $this->get_attachment_stats(); |
1387 | |
1388 | // Get current files stats |
1389 | $num_files = (int) $this->config['num_files']; |
1390 | $total_size = (float) $this->config['upload_dir_size']; |
1391 | |
1392 | if (($num_files != $stats['num_files']) || ($total_size != $stats['upload_dir_size'])) |
1393 | { |
1394 | $u_resync = $this->u_action . '&action=stats'; |
1395 | |
1396 | return $this->user->lang( |
1397 | 'FILES_STATS_WRONG', |
1398 | (int) $stats['num_files'], |
1399 | get_formatted_filesize($stats['upload_dir_size']), |
1400 | '<a href="' . $u_resync . '">', |
1401 | '</a>' |
1402 | ); |
1403 | } |
1404 | return false; |
1405 | } |
1406 | |
1407 | /** |
1408 | * Handle stats resync. |
1409 | * |
1410 | * @return void |
1411 | */ |
1412 | public function handle_stats_resync() |
1413 | { |
1414 | if (!confirm_box(true)) |
1415 | { |
1416 | confirm_box(false, $this->user->lang['RESYNC_FILES_STATS_CONFIRM'], build_hidden_fields(array( |
1417 | 'i' => $this->id, |
1418 | 'mode' => 'manage', |
1419 | 'action' => 'stats', |
1420 | ))); |
1421 | } |
1422 | else |
1423 | { |
1424 | $this->set_attachment_stats($this->get_attachment_stats()); |
1425 | |
1426 | /* @var $log \phpbb\log\log_interface */ |
1427 | $log = $this->phpbb_container->get('log'); |
1428 | $log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_RESYNC_FILES_STATS'); |
1429 | } |
1430 | |
1431 | } |
1432 | |
1433 | /** |
1434 | * Build Select for category items |
1435 | */ |
1436 | function category_select($select_name, $group_id = false, $key = '') |
1437 | { |
1438 | global $db, $user; |
1439 | |
1440 | $types = array( |
1441 | attachment_category::NONE => $user->lang['NO_FILE_CAT'], |
1442 | attachment_category::IMAGE => $user->lang['CAT_IMAGES'], |
1443 | attachment_category::AUDIO => $user->lang('CAT_AUDIO_FILES'), |
1444 | attachment_category::VIDEO => $user->lang('CAT_VIDEO_FILES'), |
1445 | ); |
1446 | |
1447 | if ($group_id) |
1448 | { |
1449 | $sql = 'SELECT cat_id |
1450 | FROM ' . EXTENSION_GROUPS_TABLE . ' |
1451 | WHERE group_id = ' . (int) $group_id; |
1452 | $result = $db->sql_query($sql); |
1453 | |
1454 | $cat_type = (!($row = $db->sql_fetchrow($result))) ? attachment_category::NONE : $row['cat_id']; |
1455 | |
1456 | $db->sql_freeresult($result); |
1457 | } |
1458 | else |
1459 | { |
1460 | $cat_type = attachment_category::NONE; |
1461 | } |
1462 | |
1463 | $group_select = [ |
1464 | 'name' => $select_name, |
1465 | 'id' => $key, |
1466 | 'options' => [], |
1467 | ]; |
1468 | |
1469 | foreach ($types as $type => $mode) |
1470 | { |
1471 | $group_select['options'][] = [ |
1472 | 'value' => $type, |
1473 | 'selected' => $type == $cat_type, |
1474 | 'label' => $mode, |
1475 | ]; |
1476 | } |
1477 | |
1478 | return $group_select; |
1479 | } |
1480 | |
1481 | /** |
1482 | * Extension group select |
1483 | */ |
1484 | function group_select($select_name, $default_group = false, $key = '') |
1485 | { |
1486 | global $db, $user; |
1487 | |
1488 | $sql = 'SELECT group_id, group_name |
1489 | FROM ' . EXTENSION_GROUPS_TABLE . ' |
1490 | ORDER BY group_name'; |
1491 | $result = $db->sql_query($sql); |
1492 | |
1493 | $group_name = array(); |
1494 | while ($row = $db->sql_fetchrow($result)) |
1495 | { |
1496 | $row['group_name'] = $this->language->is_set('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) ? $this->language->lang('EXT_GROUP_' . utf8_strtoupper($row['group_name'])) : $row['group_name']; |
1497 | $group_name[] = $row; |
1498 | } |
1499 | $db->sql_freeresult($result); |
1500 | |
1501 | $row['group_id'] = 0; |
1502 | $row['group_name'] = $user->lang['NOT_ASSIGNED']; |
1503 | $group_name[] = $row; |
1504 | |
1505 | $group_select = [ |
1506 | 'name' => $select_name, |
1507 | 'id' => $key, |
1508 | 'options' => [], |
1509 | ]; |
1510 | |
1511 | for ($i = 0, $groups_size = count($group_name); $i < $groups_size; $i++) |
1512 | { |
1513 | if ($default_group === false) |
1514 | { |
1515 | $selected = $i == 0; |
1516 | } |
1517 | else |
1518 | { |
1519 | $selected = $group_name[$i]['group_id'] == $default_group; |
1520 | } |
1521 | |
1522 | $group_select['options'][] = [ |
1523 | 'value' => $group_name[$i]['group_id'], |
1524 | 'selected' => $selected, |
1525 | 'label' => $group_name[$i]['group_name'], |
1526 | ]; |
1527 | } |
1528 | |
1529 | return $group_select; |
1530 | } |
1531 | |
1532 | /** |
1533 | * Perform operations on sites for external linking |
1534 | */ |
1535 | function perform_site_list() |
1536 | { |
1537 | global $db, $user, $request, $phpbb_log; |
1538 | |
1539 | if (isset($_REQUEST['securesubmit'])) |
1540 | { |
1541 | // Grab the list of entries |
1542 | $ips = $request->variable('ips', ''); |
1543 | $ip_list = array_unique(explode("\n", $ips)); |
1544 | $ip_list_log = implode(', ', $ip_list); |
1545 | |
1546 | $ip_exclude = (int) $request->variable('ipexclude', false, false, \phpbb\request\request_interface::POST); |
1547 | |
1548 | $iplist = array(); |
1549 | $hostlist = array(); |
1550 | |
1551 | foreach ($ip_list as $item) |
1552 | { |
1553 | if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode)) |
1554 | { |
1555 | // Don't ask about all this, just don't ask ... ! |
1556 | $ip_1_counter = $ip_range_explode[1]; |
1557 | $ip_1_end = $ip_range_explode[5]; |
1558 | |
1559 | while ($ip_1_counter <= $ip_1_end) |
1560 | { |
1561 | $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; |
1562 | $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; |
1563 | |
1564 | if ($ip_2_counter == 0 && $ip_2_end == 254) |
1565 | { |
1566 | $ip_2_counter = 256; |
1567 | |
1568 | $iplist[] = "'$ip_1_counter.*'"; |
1569 | } |
1570 | |
1571 | while ($ip_2_counter <= $ip_2_end) |
1572 | { |
1573 | $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; |
1574 | $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; |
1575 | |
1576 | if ($ip_3_counter == 0 && $ip_3_end == 254) |
1577 | { |
1578 | $ip_3_counter = 256; |
1579 | |
1580 | $iplist[] = "'$ip_1_counter.$ip_2_counter.*'"; |
1581 | } |
1582 | |
1583 | while ($ip_3_counter <= $ip_3_end) |
1584 | { |
1585 | $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; |
1586 | $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; |
1587 | |
1588 | if ($ip_4_counter == 0 && $ip_4_end == 254) |
1589 | { |
1590 | $ip_4_counter = 256; |
1591 | |
1592 | $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; |
1593 | } |
1594 | |
1595 | while ($ip_4_counter <= $ip_4_end) |
1596 | { |
1597 | $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; |
1598 | $ip_4_counter++; |
1599 | } |
1600 | $ip_3_counter++; |
1601 | } |
1602 | $ip_2_counter++; |
1603 | } |
1604 | $ip_1_counter++; |
1605 | } |
1606 | } |
1607 | else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item))) |
1608 | { |
1609 | $iplist[] = "'" . trim($item) . "'"; |
1610 | } |
1611 | else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item))) |
1612 | { |
1613 | $hostlist[] = "'" . trim($item) . "'"; |
1614 | } |
1615 | else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item))) |
1616 | { |
1617 | $hostlist[] = "'" . trim($item) . "'"; |
1618 | } |
1619 | } |
1620 | |
1621 | $sql = 'SELECT site_ip, site_hostname |
1622 | FROM ' . SITELIST_TABLE . " |
1623 | WHERE ip_exclude = $ip_exclude"; |
1624 | $result = $db->sql_query($sql); |
1625 | |
1626 | if ($row = $db->sql_fetchrow($result)) |
1627 | { |
1628 | $iplist_tmp = array(); |
1629 | $hostlist_tmp = array(); |
1630 | do |
1631 | { |
1632 | if ($row['site_ip']) |
1633 | { |
1634 | if (strlen($row['site_ip']) > 40) |
1635 | { |
1636 | continue; |
1637 | } |
1638 | |
1639 | $iplist_tmp[] = "'" . $row['site_ip'] . "'"; |
1640 | } |
1641 | else if ($row['site_hostname']) |
1642 | { |
1643 | if (strlen($row['site_hostname']) > 255) |
1644 | { |
1645 | continue; |
1646 | } |
1647 | |
1648 | $hostlist_tmp[] = "'" . $row['site_hostname'] . "'"; |
1649 | } |
1650 | // break; |
1651 | } |
1652 | while ($row = $db->sql_fetchrow($result)); |
1653 | |
1654 | $iplist = array_unique(array_diff($iplist, $iplist_tmp)); |
1655 | $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp)); |
1656 | unset($iplist_tmp); |
1657 | unset($hostlist_tmp); |
1658 | } |
1659 | $db->sql_freeresult($result); |
1660 | |
1661 | if (count($iplist)) |
1662 | { |
1663 | foreach ($iplist as $ip_entry) |
1664 | { |
1665 | $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude) |
1666 | VALUES ($ip_entry, $ip_exclude)"; |
1667 | $db->sql_query($sql); |
1668 | } |
1669 | } |
1670 | |
1671 | if (count($hostlist)) |
1672 | { |
1673 | foreach ($hostlist as $host_entry) |
1674 | { |
1675 | $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude) |
1676 | VALUES ($host_entry, $ip_exclude)"; |
1677 | $db->sql_query($sql); |
1678 | } |
1679 | } |
1680 | |
1681 | if (!empty($ip_list_log)) |
1682 | { |
1683 | // Update log |
1684 | $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP'; |
1685 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log_entry, false, array($ip_list_log)); |
1686 | } |
1687 | |
1688 | trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); |
1689 | } |
1690 | else if (isset($_POST['unsecuresubmit'])) |
1691 | { |
1692 | $unip_sql = $request->variable('unip', array(0)); |
1693 | |
1694 | if (count($unip_sql)) |
1695 | { |
1696 | $l_unip_list = ''; |
1697 | |
1698 | // Grab details of ips for logging information later |
1699 | $sql = 'SELECT site_ip, site_hostname |
1700 | FROM ' . SITELIST_TABLE . ' |
1701 | WHERE ' . $db->sql_in_set('site_id', $unip_sql); |
1702 | $result = $db->sql_query($sql); |
1703 | |
1704 | while ($row = $db->sql_fetchrow($result)) |
1705 | { |
1706 | $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']); |
1707 | } |
1708 | $db->sql_freeresult($result); |
1709 | |
1710 | $sql = 'DELETE FROM ' . SITELIST_TABLE . ' |
1711 | WHERE ' . $db->sql_in_set('site_id', $unip_sql); |
1712 | $db->sql_query($sql); |
1713 | |
1714 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_DOWNLOAD_REMOVE_IP', false, array($l_unip_list)); |
1715 | } |
1716 | |
1717 | trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action)); |
1718 | } |
1719 | } |
1720 | |
1721 | /** |
1722 | * Adjust all three max_filesize config vars for display |
1723 | */ |
1724 | function max_filesize($value, $key = '') |
1725 | { |
1726 | // Determine size var and adjust the value accordingly |
1727 | $filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b')); |
1728 | $size_var = $filesize['si_identifier']; |
1729 | $value = $filesize['value']; |
1730 | |
1731 | return [ |
1732 | [ |
1733 | 'tag' => 'input', |
1734 | 'id' => $key, |
1735 | 'type' => 'number', |
1736 | 'name' => 'config[' . $key . ']', |
1737 | 'min' => 0, |
1738 | 'max' => 999999999999999, |
1739 | 'step' => 'any', |
1740 | 'value' => $value, |
1741 | ], |
1742 | [ |
1743 | 'tag' => 'select', |
1744 | 'name' => $key, |
1745 | 'options' => size_select_options($size_var), |
1746 | ] |
1747 | ]; |
1748 | } |
1749 | } |