Nemcio/Kleeja
1
0
Fork 0
mirror of https://github.com/kleeja-official/kleeja.git synced 2025-12-15 20:49:41 +01:00
Code Issues Packages Projects Releases Activity

Miscellaneous changes

Browse Source 
* PHP code style fixes
* Updated database schema for upgrade
This commit is contained in:
H.Rouatbi
2024-10-07 17:15:05 +01:00
parent 552423c700
commit 3cdfa9ce5a
47 changed files with 5007 additions and 4639 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/FetchFile.php
View File

@@ -130,7 +130,7 @@ class FetchFile
$error = true;
kleeja_log(sprintf("cUrl error (#%d): %s\n", curl_errno($ch), htmlspecialchars(curl_error($ch))));
}
curl_close($ch);
fclose($out);
@@ -145,7 +145,7 @@ class FetchFile
$error = true;
kleeja_log(sprintf("FetchFile error (curl: #%d): %s\n", curl_errno($ch), htmlspecialchars(curl_error($ch))));
}
curl_close($ch);
return isset($error) ? false : $data;

1
includes/KleejaUploader.php
View File

@@ -18,7 +18,6 @@ if (! defined('IN_COMMON'))
interface KleejaUploader
{
/**
* set the allowed extensions of uploaded files
* @param array $allowed_file_extensions an array of allowed extensions, and sizes ['gif'=>122, 'png'=>2421 ..]

8
includes/adm/a_configs.php
View File

@@ -275,9 +275,10 @@ foreach ($types as $typekey => $type)
if ($option['type'] == $typekey)
{
$options .= str_replace(
['<input ', '<select ', '<td>', '</td>', '<label>', '<tr>', '</tr>'],
['<input class="form-control" ', '<select class="form-control" ', '<div class="form-group">', '</div>', '<label class="form-check-label">', '', ''],
$option['option']);
['<input ', '<select ', '<td>', '</td>', '<label>', '<tr>', '</tr>'],
['<input class="form-control" ', '<select class="form-control" ', '<div class="form-group">', '</div>', '<label class="form-check-label">', '', ''],
$option['option']
);
}
}
}
@@ -285,7 +286,6 @@ foreach ($types as $typekey => $type)
//after submit
if (ip('submit'))
{
//some configs need refresh page ..
$need_refresh_configs = ['language'];

18
includes/adm/c_files.php
View File

@@ -77,6 +77,7 @@ if (ip('submit'))
{
//delete from folder ..
@kleeja_unlink(PATH . $row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists(PATH . $row['folder'] . '/thumbs/' . $row['name']))
{
@@ -98,8 +99,9 @@ if (ip('submit'))
$sizes += $row['size'];
//Subtract size from storage of the user
if ($row['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$row['size']." WHERE id=".$row['user']);
if ($row['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $row['size'] . ' WHERE id=' . $row['user']);
}
}
}
@@ -141,7 +143,6 @@ if (ip('submit'))
}
elseif ($current_smt == '')
{
//
//Delete all user files [only one user]
//
@@ -258,12 +259,12 @@ elseif ($current_smt == '')
{
//get search filter
$filter = get_filter(g('search_id'), 'file_search', false, 'filter_uid');
if (! $filter)
{
kleeja_admin_err($lang['ERROR_TRY_AGAIN'], true, $lang['ERROR'], true, basename(ADMIN_PATH) . '?cp=h_search', 1);
}
$deletelink = basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php') . '&deletefiles=' . g('search_id');
$is_search = true;
$query['WHERE'] = build_search_query(unserialize(htmlspecialchars_decode($filter['filter_value'])));
@@ -446,7 +447,7 @@ elseif ($current_smt == 'delete_by_extension')
'WHERE' => 'type = \'' . $ext . '\''
];
$result = $SQL->build($query);
$result = $SQL->build($query);
$deleted_files = [];
$fileSizes = 0;
@@ -470,8 +471,9 @@ elseif ($current_smt == 'delete_by_extension')
$deleted_files[] = $file['id'];
//Subtract size from storage of the user
if ($file['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$file['size']." WHERE id=".$file['user']);
if ($file['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $file['size'] . ' WHERE id=' . $file['user']);
}
}

6
includes/adm/d_img_ctrl.php
View File

@@ -63,6 +63,7 @@ if (ip('submit'))
{
//delete from folder ..
@kleeja_unlink(PATH . $row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists(PATH . $row['folder'] . '/thumbs/' . $row['name']))
{
@@ -73,8 +74,9 @@ if (ip('submit'))
$sizes += $row['size'];
//Subtract size from storage of the user
if ($row['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$row['size']." WHERE id=".$row['user']);
if ($row['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $row['size'] . ' WHERE id=' . $row['user']);
}
}

1223
includes/adm/g_users.php
View File

File diff suppressed because it is too large Load Diff

6
includes/adm/h_search.php
View File

@@ -53,7 +53,7 @@ if (ip('search_file'))
//delete all searches greater than 3 days
$query_del = [
'DELETE' => "{$dbprefix}filters",
'WHERE' => "filter_type='file_search' AND filter_user=" . $userinfo['id'] . " AND filter_time > " . (time() - 3600 * 24 * 3)
'WHERE' => "filter_type='file_search' AND filter_user=" . $userinfo['id'] . ' AND filter_time > ' . (time() - 3600 * 24 * 3)
];
$SQL->build($query_del);
@@ -96,10 +96,10 @@ if (ip('search_user'))
//delete all searches greater than 3 days
$query_del = [
'DELETE' => "{$dbprefix}filters",
'WHERE' => "filter_type='user_search' AND filter_user=" . $userinfo['id'] . " AND filter_time > " . (time() - 3600 * 24 * 3)
'WHERE' => "filter_type='user_search' AND filter_user=" . $userinfo['id'] . ' AND filter_time > ' . (time() - 3600 * 24 * 3)
];
$SQL->build($query_del);
$SQL->build($query_del);
//add as a user_search filter

32
includes/adm/j_plugins.php
View File

@@ -90,13 +90,13 @@ switch ($case):
$installed_plugins[$row['plg_name']]['icon'] = file_exists(
PATH . KLEEJA_PLUGINS_FOLDER . '/' . $row['plg_name'] . '/icon.png'
)
)
? PATH . KLEEJA_PLUGINS_FOLDER . '/' . $row['plg_name'] . '/icon.png'
: $STYLE_PATH_ADMIN . 'images/plugin.png';
$installed_plugins[$row['plg_name']]['has_settings_page'] = ! empty(
$installed_plugins[$row['plg_name']]['extra_info']['settings_page']
) && ! preg_match('/^https?:\/\//', $installed_plugins[$row['plg_name']]['extra_info']['settings_page']);
) && ! preg_match('/^https?:\/\//', $installed_plugins[$row['plg_name']]['extra_info']['settings_page']);
foreach (['plugin_title', 'plugin_description'] as $localized_info)
@@ -197,7 +197,7 @@ switch ($case):
if ($case == 'store' && (in_array($plugin_info['name'], $available_plugins_names) ||
! empty($installed_plugins[$plugin_info['name']]))
) {
) {
continue;
}
@@ -233,8 +233,9 @@ switch ($case):
$store_plugins_count = sizeof($store_plugins);
break;
//
//upload a plugin
//upload a plugin
//
case 'upload':
$ERRORS = [];
@@ -291,8 +292,9 @@ switch ($case):
}
break;
//
//install a plugin
//install a plugin
//
case 'install':
@@ -369,12 +371,12 @@ switch ($case):
if (version_compare(KLEEJA_VERSION, $plugin_info['plugin_kleeja_version_min'], '<'))
{
kleeja_admin_info(
$lang['PACKAGE_N_CMPT_KLJ'] . '<br>k:' . KLEEJA_VERSION . '|<|p.min:' . $plugin_info['plugin_kleeja_version_min'],
true,
'',
true,
ADMIN_PATH . '?cp=' . basename(__FILE__, '.php')
);
$lang['PACKAGE_N_CMPT_KLJ'] . '<br>k:' . KLEEJA_VERSION . '|<|p.min:' . $plugin_info['plugin_kleeja_version_min'],
true,
'',
true,
ADMIN_PATH . '?cp=' . basename(__FILE__, '.php')
);
exit;
}
@@ -435,8 +437,9 @@ switch ($case):
}
break;
//
//uninstall a plugin
//uninstall a plugin
//
case 'uninstall':
@@ -516,8 +519,9 @@ switch ($case):
}
break;
//
// disable a plugin
// disable a plugin
//
case 'disable':
case 'enable':
@@ -639,7 +643,7 @@ switch ($case):
if (
version_compare(strtolower($store_plugins[$plugin_name]['kj_min_version']), KLEEJA_VERSION, '<=')
&& version_compare(strtolower($store_plugins[$plugin_name]['kj_max_version']), KLEEJA_VERSION, '>=')
) {
) {
$plugin_name_link = $store_plugins[$plugin_name]['url'];
$plugin_archive = FetchFile::make($plugin_name_link)

514
includes/adm/m_styles.php
View File

@@ -50,61 +50,61 @@ if (ip('newstyle'))
}
switch ($case):
default:
case 'local':
case 'store':
default:
case 'local':
case 'store':
//get styles
$available_styles = [];
//get styles
$available_styles = [];
if ($dh = @opendir(PATH . 'styles'))
{
while (false !== ($folder_name = readdir($dh)))
if ($dh = @opendir(PATH . 'styles'))
{
if (is_dir(PATH . 'styles/' . $folder_name) && preg_match('/[a-z0-9_.]{3,}/', $folder_name))
while (false !== ($folder_name = readdir($dh)))
{
//info
$style_info_arr = [
'name' => $folder_name,
'desc' => '',
'copyright' => '',
'version' => ''
];
if (($style_info = kleeja_style_info($folder_name)) != false)
if (is_dir(PATH . 'styles/' . $folder_name) && preg_match('/[a-z0-9_.]{3,}/', $folder_name))
{
foreach (['name', 'desc', 'copyright', 'version'] as $InfoKey)
//info
$style_info_arr = [
'name' => $folder_name,
'desc' => '',
'copyright' => '',
'version' => ''
];
if (($style_info = kleeja_style_info($folder_name)) != false)
{
if (array_key_exists($InfoKey, $style_info))
foreach (['name', 'desc', 'copyright', 'version'] as $InfoKey)
{
if (is_array($style_info[$InfoKey]))
if (array_key_exists($InfoKey, $style_info))
{
$style_info_arr[$InfoKey] = ! empty($style_info[$InfoKey][$config['language']])
? htmlspecialchars($style_info[$InfoKey][$config['language']])
: htmlspecialchars($style_info[$InfoKey]['en']);
}
else
{
$style_info_arr[$InfoKey] = htmlspecialchars($style_info[$InfoKey]);
if (is_array($style_info[$InfoKey]))
{
$style_info_arr[$InfoKey] = ! empty($style_info[$InfoKey][$config['language']])
? htmlspecialchars($style_info[$InfoKey][$config['language']])
: htmlspecialchars($style_info[$InfoKey]['en']);
}
else
{
$style_info_arr[$InfoKey] = htmlspecialchars($style_info[$InfoKey]);
}
}
}
}
$available_styles[$folder_name] = [
'name' => $folder_name,
'is_default' => $config['style'] == $folder_name ? true : false,
'link_mk_default' => basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php') . '&amp;style_choose=' . $folder_name,
'icon' => file_exists(PATH . 'styles/' . $folder_name . '/screenshot.png')
? PATH . 'styles/' . $folder_name . '/screenshot.png'
: $STYLE_PATH_ADMIN . 'images/style.png',
'info' => $style_info_arr
];
}
$available_styles[$folder_name] = [
'name' => $folder_name,
'is_default' => $config['style'] == $folder_name ? true : false,
'link_mk_default' => basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php') . '&amp;style_choose=' . $folder_name,
'icon' => file_exists(PATH . 'styles/' . $folder_name . '/screenshot.png')
? PATH . 'styles/' . $folder_name . '/screenshot.png'
: $STYLE_PATH_ADMIN . 'images/style.png',
'info' => $style_info_arr
];
}
}
@closedir($dh);
}
@closedir($dh);
}
//do not proceed if not store case
if (! in_array($case, ['store', 'check']))
@@ -174,142 +174,142 @@ case 'store':
$store_styles_count = sizeof($store_styles);
break;
break;
case 'select':
case 'select':
$style_name = preg_replace('/[^a-z0-9_\-\.]/i', '', g('style'));
$style_name = preg_replace('/[^a-z0-9_\-\.]/i', '', g('style'));
//if empty, let's ignore it
if (empty($style_name))
{
redirect(basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php'));
}
//
//check if this style depend on other style and
//check kleeja version that required by this style
//
if (($style_info = kleeja_style_info($style_name)) != false)
{
if (isset($style_info['depend_on']) && ! is_dir(PATH . 'styles/' . $style_info['depend_on']))
//if empty, let's ignore it
if (empty($style_name))
{
kleeja_admin_err(sprintf($lang['DEPEND_ON_NO_STYLE_ERR'], $style_info['depend_on']));
redirect(basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php'));
}
if (isset($style_info['kleeja_version']) && version_compare(strtolower($style_info['kleeja_version']), strtolower(KLEEJA_VERSION), '>'))
//
//check if this style depend on other style and
//check kleeja version that required by this style
//
if (($style_info = kleeja_style_info($style_name)) != false)
{
kleeja_admin_err(sprintf($lang['KLJ_VER_NO_STYLE_ERR'], $style_info['kleeja_version']));
}
//is this style require some plugins to be installed
if (isset($style_info['plugins_required']))
{
$plugins_required = explode(',', $style_info['plugins_required']);
$plugins_required = array_map('trim', $plugins_required);
$query = [
'SELECT' => 'plg_name, plg_disabled',
'FROM' => "{$dbprefix}plugins",
];
$result = $SQL->build($query);
if ($SQL->num_rows($result) != 0)
if (isset($style_info['depend_on']) && ! is_dir(PATH . 'styles/' . $style_info['depend_on']))
{
$plugins_required = array_flip($plugins_required);
while ($row = $SQL->fetch_array($result))
kleeja_admin_err(sprintf($lang['DEPEND_ON_NO_STYLE_ERR'], $style_info['depend_on']));
}
if (isset($style_info['kleeja_version']) && version_compare(strtolower($style_info['kleeja_version']), strtolower(KLEEJA_VERSION), '>'))
{
kleeja_admin_err(sprintf($lang['KLJ_VER_NO_STYLE_ERR'], $style_info['kleeja_version']));
}
//is this style require some plugins to be installed
if (isset($style_info['plugins_required']))
{
$plugins_required = explode(',', $style_info['plugins_required']);
$plugins_required = array_map('trim', $plugins_required);
$query = [
'SELECT' => 'plg_name, plg_disabled',
'FROM' => "{$dbprefix}plugins",
];
$result = $SQL->build($query);
if ($SQL->num_rows($result) != 0)
{
if (in_array($row['plg_name'], $plugins_required) and $row['plg_disabled'] != 1)
$plugins_required = array_flip($plugins_required);
while ($row = $SQL->fetch_array($result))
{
unset($plugins_required[$row['plg_name']]);
if (in_array($row['plg_name'], $plugins_required) and $row['plg_disabled'] != 1)
{
unset($plugins_required[$row['plg_name']]);
}
}
}
}
$SQL->freeresult($result);
$SQL->freeresult($result);
$plugins_required = array_flip($plugins_required);
$plugins_required = array_flip($plugins_required);
if (sizeof($plugins_required))
{
kleeja_admin_err(sprintf($lang['PLUGINS_REQ_NO_STYLE_ERR'], implode(', ', $plugins_required)));
if (sizeof($plugins_required))
{
kleeja_admin_err(sprintf($lang['PLUGINS_REQ_NO_STYLE_ERR'], implode(', ', $plugins_required)));
}
}
}
}
//make it as default
update_config('style', $style_name);
update_config('style_depend_on', isset($style_info['depend_on']) ? $style_info['depend_on'] : '');
//make it as default
update_config('style', $style_name);
update_config('style_depend_on', isset($style_info['depend_on']) ? $style_info['depend_on'] : '');
//delete all cache to get new style
delete_cache('', true);
//delete all cache to get new style
delete_cache('', true);
//show msg
kleeja_admin_info(sprintf($lang['STYLE_NOW_IS_DEFAULT'], $style_name), $action);
//show msg
kleeja_admin_info(sprintf($lang['STYLE_NOW_IS_DEFAULT'], $style_name), $action);
break;
break;
case 'upload':
case 'upload':
if (intval($userinfo['founder']) !== 1)
{
$ERRORS[] = $lang['HV_NOT_PRVLG_ACCESS'];
}
$ERRORS = [];
//is uploaded?
if (empty($_FILES['style_file']['tmp_name']))
{
$ERRORS[] = $lang['CHOSE_F'];
}
//extract it to plugins folder
if (! sizeof($ERRORS))
{
if (class_exists('ZipArchive'))
if (intval($userinfo['founder']) !== 1)
{
$zip = new ZipArchive;
$ERRORS[] = $lang['HV_NOT_PRVLG_ACCESS'];
}
if ($zip->open($_FILES['style_file']['tmp_name']) === true)
$ERRORS = [];
//is uploaded?
if (empty($_FILES['style_file']['tmp_name']))
{
$ERRORS[] = $lang['CHOSE_F'];
}
//extract it to plugins folder
if (! sizeof($ERRORS))
{
if (class_exists('ZipArchive'))
{
if (! $zip->extractTo(PATH . 'styles'))
$zip = new ZipArchive;
if ($zip->open($_FILES['style_file']['tmp_name']) === true)
{
$ERRORS[] = sprintf($lang['EXTRACT_ZIP_FAILED'], 'styles');
if (! $zip->extractTo(PATH . 'styles'))
{
$ERRORS[] = sprintf($lang['EXTRACT_ZIP_FAILED'], 'styles');
}
$zip->close();
}
else
{
$ERRORS[] = sprintf($lang['EXTRACT_ZIP_FAILED'], 'styles');
}
$zip->close();
}
else
{
$ERRORS[] = sprintf($lang['EXTRACT_ZIP_FAILED'], 'styles');
$ERRORS[] = $lang['NO_ZIP_ARCHIVE'];
}
}
if (! empty($_FILES['style_file']['tmp_name']))
{
@unlink($_FILES['style_file']['tmp_name']);
}
if (! sizeof($ERRORS))
{
kleeja_admin_info($lang['NO_PROBLEM_AFTER_ZIP'], true, '', true, $action);
}
else
{
$ERRORS[] = $lang['NO_ZIP_ARCHIVE'];
kleeja_admin_err('- ' . implode('<br>- ', $ERRORS), $action);
}
}
if (! empty($_FILES['style_file']['tmp_name']))
{
@unlink($_FILES['style_file']['tmp_name']);
}
if (! sizeof($ERRORS))
{
kleeja_admin_info($lang['NO_PROBLEM_AFTER_ZIP'], true, '', true, $action);
}
else
{
kleeja_admin_err('- ' . implode('<br>- ', $ERRORS), $action);
}
break;
break;
case 'dfolder':
@@ -341,160 +341,160 @@ case 'upload':
kleeja_admin_err($lang['ERROR_TRY_AGAIN'], $action);
break;
break;
case 'download':
case 'download':
if (intval($userinfo['founder']) !== 1)
{
header('HTTP/1.0 401 Unauthorized');
kleeja_admin_err($lang['HV_NOT_PRVLG_ACCESS']);
}
$style_name = g('style');
$is_update = false;
if (! is_writable(PATH . 'styles'))
{
@chmod(PATH . 'styles', K_DIR_CHMOD);
}
//if style exists before, then trigger update action. rename folder to rollback in case of failure
if (file_exists(PATH . 'styles/' . $style_name))
{
$is_update = true;
if (! rename(
PATH . 'styles/' . $style_name,
PATH . 'styles/' . $style_name . '_backup'
))
if (intval($userinfo['founder']) !== 1)
{
if (file_exists(PATH . 'styles/' . $style_name))
{
kleeja_unlink(PATH . 'styles/' . $style_name);
}
}
}
// plugins avilable in kleeja store
$store_link = 'https://raw.githubusercontent.com/kleeja-official/store-catalog/master/catalog.json';
$catalog_styles = FetchFile::make($store_link)->get();
if ($catalog_styles)
{
$catalog_styles = json_decode($catalog_styles, true);
$store_styles = [];
// make an arry for all plugins in kleeja store that not included in our server
foreach ($catalog_styles as $style_info)
{
if ($style_info['type'] != 'style')
{
continue;
}
$store_styles[$style_info['name']] = [
'name' => $style_info['name'] ,
'plg_version' => $style_info['file']['version'] ,
'url' => $style_info['file']['url'] ,
'kj_min_version' => $style_info['kleeja_version']['min'] ,
'kj_max_version' => $style_info['kleeja_version']['max'] ,
];
header('HTTP/1.0 401 Unauthorized');
kleeja_admin_err($lang['HV_NOT_PRVLG_ACCESS']);
}
// this style is hosted in our store
if (isset($store_styles[$style_name]))
$style_name = g('style');
$is_update = false;
if (! is_writable(PATH . 'styles'))
{
// check if the version of the plugin is compatible with our kleeja version or not
if (
version_compare(strtolower($store_styles[$style_name]['kj_min_version']), KLEEJA_VERSION, '<=')
&& version_compare(strtolower($store_styles[$style_name]['kj_max_version']), KLEEJA_VERSION, '>=')
) {
$style_name_link = $store_styles[$style_name]['url'];
@chmod(PATH . 'styles', K_DIR_CHMOD);
}
$style_archive = FetchFile::make($style_name_link)
->setDestinationPath(PATH . 'cache/' . $style_name . '.zip')
->isBinaryFile(true)
->get();
//if style exists before, then trigger update action. rename folder to rollback in case of failure
if (file_exists(PATH . 'styles/' . $style_name))
{
$is_update = true;
if ($style_archive)
if (! rename(
PATH . 'styles/' . $style_name,
PATH . 'styles/' . $style_name . '_backup'
))
{
if (file_exists(PATH . 'styles/' . $style_name))
{
if (file_exists(PATH . 'cache/' . $style_name . '.zip'))
kleeja_unlink(PATH . 'styles/' . $style_name);
}
}
}
// plugins avilable in kleeja store
$store_link = 'https://raw.githubusercontent.com/kleeja-official/store-catalog/master/catalog.json';
$catalog_styles = FetchFile::make($store_link)->get();
if ($catalog_styles)
{
$catalog_styles = json_decode($catalog_styles, true);
$store_styles = [];
// make an arry for all plugins in kleeja store that not included in our server
foreach ($catalog_styles as $style_info)
{
if ($style_info['type'] != 'style')
{
continue;
}
$store_styles[$style_info['name']] = [
'name' => $style_info['name'] ,
'plg_version' => $style_info['file']['version'] ,
'url' => $style_info['file']['url'] ,
'kj_min_version' => $style_info['kleeja_version']['min'] ,
'kj_max_version' => $style_info['kleeja_version']['max'] ,
];
}
// this style is hosted in our store
if (isset($store_styles[$style_name]))
{
// check if the version of the plugin is compatible with our kleeja version or not
if (
version_compare(strtolower($store_styles[$style_name]['kj_min_version']), KLEEJA_VERSION, '<=')
&& version_compare(strtolower($store_styles[$style_name]['kj_max_version']), KLEEJA_VERSION, '>=')
) {
$style_name_link = $store_styles[$style_name]['url'];
$style_archive = FetchFile::make($style_name_link)
->setDestinationPath(PATH . 'cache/' . $style_name . '.zip')
->isBinaryFile(true)
->get();
if ($style_archive)
{
$zip = new ZipArchive();
if ($zip->open(PATH . 'cache/' . $style_name . '.zip') === true)
if (file_exists(PATH . 'cache/' . $style_name . '.zip'))
{
if ($zip->extractTo(PATH . 'styles'))
$zip = new ZipArchive();
if ($zip->open(PATH . 'cache/' . $style_name . '.zip') === true)
{
// we dont need the zip file anymore
kleeja_unlink(PATH . 'cache/' . $style_name . '.zip');
// uploaded style's archive has different name, so we change it
rename(
PATH . 'styles/' . trim($zip->getNameIndex(0), '/'),
PATH . 'styles/' . $style_name
);
$zip->close();
// download or update msg
$adminAjaxContent = '1:::' . sprintf($lang[$is_update ? 'ITEM_UPDATED' : 'ITEM_DOWNLOADED'], $style_name);
//in case of update, delete back up version
if (file_exists(PATH . 'styles/' . $style_name . '_backup'))
if ($zip->extractTo(PATH . 'styles'))
{
kleeja_unlink(PATH . 'styles/' . $style_name . '_backup');
// we dont need the zip file anymore
kleeja_unlink(PATH . 'cache/' . $style_name . '.zip');
// uploaded style's archive has different name, so we change it
rename(
PATH . 'styles/' . trim($zip->getNameIndex(0), '/'),
PATH . 'styles/' . $style_name
);
$zip->close();
// download or update msg
$adminAjaxContent = '1:::' . sprintf($lang[$is_update ? 'ITEM_UPDATED' : 'ITEM_DOWNLOADED'], $style_name);
//in case of update, delete back up version
if (file_exists(PATH . 'styles/' . $style_name . '_backup'))
{
kleeja_unlink(PATH . 'styles/' . $style_name . '_backup');
}
}
else
{
$adminAjaxContent = '1003:::' . sprintf($lang['EXTRACT_ZIP_FAILED'], PATH . 'styles');
}
}
else
{
$adminAjaxContent = '1003:::' . sprintf($lang['EXTRACT_ZIP_FAILED'], PATH . 'styles');
}
}
else
{
$adminAjaxContent = '1004:::' . $lang['DOWNLOADED_FILE_NOT_FOUND'];
}
}
else
{
$adminAjaxContent = '1004:::' . $lang['DOWNLOADED_FILE_NOT_FOUND'];
$adminAjaxContent = '1005:::' . $lang['STORE_SERVER_ERROR'];
}
}
else
{
$adminAjaxContent = '1005:::' . $lang['STORE_SERVER_ERROR'];
$adminAjaxContent = '1006:::' . $lang['PACKAGE_N_CMPT_KLJ'];
}
}
else
{
$adminAjaxContent = '1006:::' . $lang['PACKAGE_N_CMPT_KLJ'];
$adminAjaxContent = '1007:::' . sprintf($lang['PACKAGE_REMOTE_FILE_MISSING'], $style_name);
}
}
else
{
$adminAjaxContent = '1007:::' . sprintf($lang['PACKAGE_REMOTE_FILE_MISSING'], $style_name);
$adminAjaxContent = '1008:::' . $lang['STORE_SERVER_ERROR'];
}
}
else
{
$adminAjaxContent = '1008:::' . $lang['STORE_SERVER_ERROR'];
}
//in case of update failure, rollback to current plugin version
if (strpos($adminAjaxContent, '1:::') === false)
{
if (file_exists(PATH . 'styles/' . $style_name . '_backup'))
//in case of update failure, rollback to current plugin version
if (strpos($adminAjaxContent, '1:::') === false)
{
rename(
PATH . 'styles/' . $style_name . '_backup',
PATH . 'styles/' . $style_name
);
if (file_exists(PATH . 'styles/' . $style_name . '_backup'))
{
rename(
PATH . 'styles/' . $style_name . '_backup',
PATH . 'styles/' . $style_name
);
}
}
}
break;
break;
endswitch;

2
includes/adm/p_check_update.php
View File

@@ -55,7 +55,7 @@ if ($current_smt == 'check')
if (! ($version_data = $cache->get('kleeja_repo_version')))
{
$version_data = [];
$github_data = FetchFile::make(KLEEJA_VERSION_CHECK_LINK)->setTimeOut(100)->get();
if (! empty($github_data))

318
includes/adm/r_repair.php
View File

@@ -45,183 +45,183 @@ $text = '';
switch ($case):
default:
default:
// Get real number from database right now
$all_files = get_actual_stats('files');
$all_images = get_actual_stats('imgs');
$all_users = get_actual_stats('users');
$all_sizes = readable_size(get_actual_stats('sizes'));
// Get real number from database right now
$all_files = get_actual_stats('files');
$all_images = get_actual_stats('imgs');
$all_users = get_actual_stats('users');
$all_sizes = readable_size(get_actual_stats('sizes'));
//links
$del_cache_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=clearc&amp;' . $GET_FORM_KEY;
$resync_files_link = $config['siteurl'] . 'go.php?go=resync&amp;case=sync_files';
$resync_images_link = $config['siteurl'] . 'go.php?go=resync&amp;case=sync_images';
$resync_users_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=sync_users&amp;' . $GET_FORM_KEY;
$resync_sizes_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=sync_sizes&amp;' . $GET_FORM_KEY;
$repair_tables_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=tables&amp;' . $GET_FORM_KEY;
//links
$del_cache_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=clearc&amp;' . $GET_FORM_KEY;
$resync_files_link = $config['siteurl'] . 'go.php?go=resync&amp;case=sync_files';
$resync_images_link = $config['siteurl'] . 'go.php?go=resync&amp;case=sync_images';
$resync_users_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=sync_users&amp;' . $GET_FORM_KEY;
$resync_sizes_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=sync_sizes&amp;' . $GET_FORM_KEY;
$repair_tables_link = basename(ADMIN_PATH) . '?cp=r_repair&amp;case=tables&amp;' . $GET_FORM_KEY;
$queue_cron_job_url = $config['siteurl'] . 'go.php?go=queue';
$queue_cron_job_url = $config['siteurl'] . 'go.php?go=queue';
$stylee = 'admin_repair';
$stylee = 'admin_repair';
break;
break;
//
//fix tables ..
//fix tables ..
//
case 'tables':
case 'tables':
$query = 'SHOW TABLE STATUS';
$result = $SQL->query($query);
$query = 'SHOW TABLE STATUS';
$result = $SQL->query($query);
while ($row=$SQL->fetch_array($result))
{
$queryf = 'REPAIR TABLE `' . $row['Name'] . '`';
$resultf = $SQL->query($queryf);
if ($resultf)
{
$text .= '<li>' . $lang['REPAIRE_TABLE'] . $row['Name'] . '</li>';
}
}
$SQL->freeresult($result);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//
//re-sync sizes ..
//
case 'sync_sizes':
$query_s = [
'SELECT' => 'size',
'FROM' => "{$dbprefix}files"
];
$result_s = $SQL->build($query_s);
$files_number = $files_sizes = 0;
while ($row=$SQL->fetch_array($result_s))
{
$files_number++;
$files_sizes = $files_sizes+$row['size'];
}
$SQL->freeresult($result_s);
$update_query = [
'UPDATE' => "{$dbprefix}stats",
'SET' => 'files=' . $files_number . ', sizes=' . $files_sizes
];
if ($SQL->build($update_query))
{
$text .= '<li>' . $lang['REPAIRE_F_STAT'] . '</li>';
}
delete_cache('data_stats');
$stylee = 'admin_info';
break;
//
//re-sync total users number ..
//
case 'sync_users':
$query_w = [
'SELECT' => 'name',
'FROM' => "{$dbprefix}users"
];
$result_w = $SQL->build($query_w);
$user_number = 0;
while ($row=$SQL->fetch_array($result_w))
{
$user_number++;
}
$SQL->freeresult($result_w);
$update_query = [
'UPDATE' => "{$dbprefix}stats",
'SET' => 'users=' . $user_number
];
$result = $SQL->build($update_query);
delete_cache('data_stats');
$text = sprintf($lang['SYNCING'], $lang['USERS_ST']);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//
//clear all cache ..
//
case 'clearc':
//clear cache
delete_cache('', true);
//show done, msg
$text .= '<li>' . $lang['REPAIRE_CACHE'] . '</li>';
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//toggle admin start boxes
case 'toggle_start_box':
if (! kleeja_check_form_key_get('adm_start_actions'))
{
header('HTTP/1.1 405 Method Not Allowed');
$adminAjaxContent = $lang['INVALID_FORM_KEY'];
}
else
{
$items = explode(':', $config['hidden_start_boxes']);
$new_items = $items = array_filter($items);
$name = g('name');
$hide = g('toggle', 'int') == 1;
if (in_array($name, $items) && ! $hide)
while ($row=$SQL->fetch_array($result))
{
$new_items = array_diff($items, [$name]);
}
elseif ($hide)
{
$new_items[] = $name;
$queryf = 'REPAIR TABLE `' . $row['Name'] . '`';
$resultf = $SQL->query($queryf);
if ($resultf)
{
$text .= '<li>' . $lang['REPAIRE_TABLE'] . $row['Name'] . '</li>';
}
}
if ($new_items != $items)
$SQL->freeresult($result);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//
//re-sync sizes ..
//
case 'sync_sizes':
$query_s = [
'SELECT' => 'size',
'FROM' => "{$dbprefix}files"
];
$result_s = $SQL->build($query_s);
$files_number = $files_sizes = 0;
while ($row=$SQL->fetch_array($result_s))
{
update_config('hidden_start_boxes', implode(':', $new_items));
$files_number++;
$files_sizes = $files_sizes+$row['size'];
}
$adminAjaxContent = $lang['CONFIGS_UPDATED'];
}
$SQL->freeresult($result_s);
break;
$update_query = [
'UPDATE' => "{$dbprefix}stats",
'SET' => 'files=' . $files_number . ', sizes=' . $files_sizes
];
if ($SQL->build($update_query))
{
$text .= '<li>' . $lang['REPAIRE_F_STAT'] . '</li>';
}
delete_cache('data_stats');
$stylee = 'admin_info';
break;
//
//re-sync total users number ..
//
case 'sync_users':
$query_w = [
'SELECT' => 'name',
'FROM' => "{$dbprefix}users"
];
$result_w = $SQL->build($query_w);
$user_number = 0;
while ($row=$SQL->fetch_array($result_w))
{
$user_number++;
}
$SQL->freeresult($result_w);
$update_query = [
'UPDATE' => "{$dbprefix}stats",
'SET' => 'users=' . $user_number
];
$result = $SQL->build($update_query);
delete_cache('data_stats');
$text = sprintf($lang['SYNCING'], $lang['USERS_ST']);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//
//clear all cache ..
//
case 'clearc':
//clear cache
delete_cache('', true);
//show done, msg
$text .= '<li>' . $lang['REPAIRE_CACHE'] . '</li>';
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=r_repair' . '\');", 2000);</script>' . "\n";
$stylee = 'admin_info';
break;
//toggle admin start boxes
case 'toggle_start_box':
if (! kleeja_check_form_key_get('adm_start_actions'))
{
header('HTTP/1.1 405 Method Not Allowed');
$adminAjaxContent = $lang['INVALID_FORM_KEY'];
}
else
{
$items = explode(':', $config['hidden_start_boxes']);
$new_items = $items = array_filter($items);
$name = g('name');
$hide = g('toggle', 'int') == 1;
if (in_array($name, $items) && ! $hide)
{
$new_items = array_diff($items, [$name]);
}
elseif ($hide)
{
$new_items[] = $name;
}
if ($new_items != $items)
{
update_config('hidden_start_boxes', implode(':', $new_items));
}
$adminAjaxContent = $lang['CONFIGS_UPDATED'];
}
break;
endswitch;

10
includes/adm/start.php
View File

@@ -84,7 +84,7 @@ if (! file_exists(PATH . '.htaccess') && (int) $config['mod_writer'] == 1)
}
//updating
$v = @unserialize($config['new_version']);
$v = @unserialize($config['new_version']);
$new_version = isset($v['version_number']) ? $v['version_number'] : '';
if (version_compare(strtolower(KLEEJA_VERSION), strtolower($new_version), '<'))
@@ -266,9 +266,11 @@ $hurry_groups_list .= '<option value="' . $config['default_group'] . '">' . $lan
foreach ($d_groups as $id=>$ddt)
{
$hurry_groups_list .= '<option value="' . $id . '">' .
str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$id]['data']['group_name']) .
str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$id]['data']['group_name']
) .
'</option>';
}

7
includes/cache.php
View File

@@ -62,14 +62,17 @@ class cache
$data_for_save .= 'if(time() > ' . (time() + $time) . ') return false;' . "\n\n";
$data_for_save .= '$data = ' . var_export($data, true) . ";\n\n//end of cache";
try {
try
{
$fd = fopen(PATH . 'cache/' . $name . '.php', 'w');
flock($fd, LOCK_EX); // exclusive look
fwrite($fd, $data_for_save);
flock($fd, LOCK_UN);
fclose($fd);
return true;
} catch (Exception $e) {
}
catch (Exception $e)
{
return false;
}
}

22
includes/captcha.php
View File

@@ -46,7 +46,7 @@ function kleeja_cpatcha_image()
$height = 25;
//Generate a random number of lines to make the image dirty
$lines = rand(3,5);
$lines = rand(3, 5);
//Create the image resource
$image = imagecreate($width, $height);
@@ -72,7 +72,7 @@ function kleeja_cpatcha_image()
// he search in the Linux fonts cache , but when you add './' he will know it's our font.
//
imagettftext($image, 16, $angle, rand(50, $x), $y+rand(1, 3), $white, dirname(__FILE__) . '/arial.ttf', $security_code);
//imagettftext ($image, 7, 0, $width-30, $height-4, $white,'./arial.ttf', 'Kleeja');
//imagettftext ($image, 7, 0, $width-30, $height-4, $white,'./arial.ttf', 'Kleeja');
}
else
{
@@ -81,18 +81,20 @@ function kleeja_cpatcha_image()
}
//Throw in some lines to make it a little bit harder for any bots to break
imagerectangle($image, 0, 0, $width-1, $height-1, $grey);
for( $i=0; $i<$lines; $i++ ) {
imageline($image, rand(0,$width), rand(0,$height), rand(0,$width), rand(0,$height), $grey);
imagerectangle($image, 0, 0, $width-1, $height-1, $grey);
for ($i=0; $i<$lines; $i++)
{
imageline($image, rand(0, $width), rand(0, $height), rand(0, $width), rand(0, $height), $grey);
}
//Tell the browser what kind of file is come in and prevent client side caching
header("Expires: Wed, 1 Jan 1997 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", FALSE);
header("Pragma: no-cache");
header('Expires: Wed, 1 Jan 1997 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: image/png');
//Output the newly created image in jpeg format

76
includes/common.php
View File

@@ -59,10 +59,10 @@ error_reporting(defined('DEV_STAGE') ? E_ALL : E_ALL ^ E_NOTICE);
/**
* functions for start
* @param mixed $error_number
* @param mixed $error_string
* @param mixed $error_file
* @param mixed $error_line
* @param mixed $error_number
* @param mixed $error_string
* @param mixed $error_file
* @param mixed $error_line
*/
function kleeja_show_error($error_number, $error_string = '', $error_file = '', $error_line = '')
{
@@ -77,7 +77,7 @@ function kleeja_show_error($error_number, $error_string = '', $error_file = '',
kleeja_log('[' . $error_name . '] ' . basename($error_file) . ':' . $error_line . ' ' . $error_string);
}
break;
break;
default:
header('HTTP/1.1 503 Service Temporarily Unavailable');
@@ -98,7 +98,7 @@ function kleeja_show_error($error_number, $error_string = '', $error_file = '',
exit;
break;
break;
}
}
set_error_handler('kleeja_show_error');
@@ -125,7 +125,7 @@ $starttm = get_microtime();
if (! is_bot() && PHP_SESSION_ACTIVE !== session_status() && ! headers_sent())
{
if(function_exists('ini_set'))
if (function_exists('ini_set'))
{
ini_set('session.use_cookies', 1);
ini_set('session.lazy_write', 1);
@@ -135,7 +135,7 @@ if (! is_bot() && PHP_SESSION_ACTIVE !== session_status() && ! headers_sent())
}
if(! session_start())
if (! session_start())
{
// big_error is not defined yet, and the file *function_display.php* is not included yet
kleeja_show_error('', 'Session Error!', 'There is a problem with PHP session. We can not start it.');
@@ -150,19 +150,21 @@ if ((empty($dbname) || empty($dbuser)) && ($dbtype !== 'sqlite'))
{
$install_file_url = (defined('IN_ADMIN') ? '.' : '') . './install/index.php';
if (file_exists(PATH . '/install/index.php')) {
if (file_exists(PATH . '/install/index.php'))
{
header("Location: {$install_file_url}");
exit;
}
kleeja_show_error(
'',
"There is no (install) folder, and the config file is not correct",
'There is no (install) folder, and the config file is not correct',
'includes/common.php',
__LINE__
);
exit;
exit;
}
// solutions for hosts running under suexec, add define('HAS_SUEXEC', true) to config.php.
@@ -192,22 +194,32 @@ include PATH . 'includes/FetchFile.php';
if (defined('IN_ADMIN'))
{
$currentDirectoryPath = dirname($_SERVER['PHP_SELF']);
$currentDirectoryPath = dirname($_SERVER['PHP_SELF']);
$currentDirectoryPathParts = explode('/', $currentDirectoryPath);
$currentDir = array_pop($currentDirectoryPathParts);
$adminDirErrorMsg = '';
if ($customadminpath == 'admin' && $currentDir != $customadminpath) {
$currentDir = array_pop($currentDirectoryPathParts);
$adminDirErrorMsg = '';
if ($customadminpath == 'admin' && $currentDir != $customadminpath)
{
$adminDirErrorMsg = 'You are trying to access the admin area through a directory that is not configured. Please either revert to the default admin directory name, or see our documentation for customizing the admin directory.';
} else {
if ($currentDir != $customadminpath) {
}
else
{
if ($currentDir != $customadminpath)
{
$adminDirErrorMsg = 'You are trying to access the admin area through a directory different from the one configured. Please refer to the Customize Administrator\'s Guide documentation for instructions on how to update it.';
} else {
if ($customadminpath != 'admin' && is_dir(PATH . 'admin')) {
}
else
{
if ($customadminpath != 'admin' && is_dir(PATH . 'admin'))
{
$adminDirErrorMsg = 'You are trying to access the admin area through a custom directory, but we also detected that there is a default directory \'admin\'. This may indicate that files from a recent update were uploaded to the default admin path location instead of the custom location, resulting in these files becoming outdated. Please make sure your custom admin folder contains the latest files, and delete the default admin directory to continue.';
}
}
}
if ($adminDirErrorMsg) {
if ($adminDirErrorMsg)
{
kleeja_show_error('', 'Critical Error', $adminDirErrorMsg);
}
include PATH . 'includes/functions_adm.php';
@@ -258,7 +270,7 @@ $config = array_merge($config, (array) $d_groups[$usrcp->group_id()]['configs'])
//admin path
define('ADMIN_PATH', rtrim($config['siteurl'], '/') . '/'. $customadminpath .'/index.php');
define('ADMIN_PATH', rtrim($config['siteurl'], '/') . '/' . $customadminpath . '/index.php');
//no tpl caching in dev stage
@@ -368,10 +380,10 @@ if (isset($_GET['go']) && $_GET['go'] == 'login')
//install.php exists
if (
file_exists(PATH . 'install') &&
! defined('IN_ADMIN') &&
! defined('IN_LOGIN') &&
! defined('DEV_STAGE') &&
file_exists(PATH . 'install') &&
! defined('IN_ADMIN') &&
! defined('IN_LOGIN') &&
! defined('DEV_STAGE') &&
! (defined('IN_GO') && in_array(g('go'), ['queue'])) &&
! (defined('IN_UCP') && in_array(g('go'), ['captcha', 'login']))
) {
@@ -384,18 +396,18 @@ if (
$login_page = '';
if (
$config['siteclose'] == '1' &&
! user_can('enter_acp') &&
! defined('IN_LOGIN') &&
! defined('IN_ADMIN') &&
$config['siteclose'] == '1' &&
! user_can('enter_acp') &&
! defined('IN_LOGIN') &&
! defined('IN_ADMIN') &&
! (defined('IN_GO') && in_array(g('go'), ['queue'])) &&
! (defined('IN_UCP') && in_array(g('go'), ['captcha', 'login', 'register', 'logout']))
) {
) {
//if download, images ?
if (
(defined('IN_DOWNLOAD') && (ig('img') || ig('thmb') || ig('thmbf') || ig('imgf')))
|| g('go', 'str', '') == 'queue'
) {
) {
@$SQL->close();
$fullname = 'images/site_closed.jpg';
$filesize = filesize($fullname);

29
includes/functions.php
View File

@@ -137,7 +137,7 @@ function get_ban()
/**
* Check if the given plugin installed ?
* @param $plugin_name
* @param $plugin_name
* @return bool
*/
function kleeja_plugin_exists($plugin_name)
@@ -211,7 +211,7 @@ function kleeja_get_page()
/**
* Fix email string to be UTF8
* @param $text
* @param $text
* @return string
*/
function _sm_mk_utf8($text)
@@ -268,7 +268,6 @@ function send_mail($to, $body, $subject, $fromAddress, $fromName, $bcc = '')
*/
function delete_cache($name, $all=false)
{
//Those files are exceptions and not for deletion
$exceptions = ['.htaccess', 'index.html', 'php.ini', 'web.config'];
@@ -389,7 +388,7 @@ function kleeja_unlink($filePath, $cache_file = false)
*/
function get_mime_for_header($ext)
{
$mime_types = include __DIR__.'/mime_types.php';
$mime_types = include __DIR__ . '/mime_types.php';
//return mime
$ext = strtolower($ext);
@@ -487,7 +486,7 @@ function get_config($name)
$result = $SQL->build($query);
$v = $SQL->fetch($result);
$return = isset($v['value']) ? $v['value'] : NULL;
$return = isset($v['value']) ? $v['value'] : null;
is_array($plugin_run_result = Plugins::getInstance()->run('get_config_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
return $return;
@@ -555,7 +554,7 @@ function add_config($name, $value, $order = '0', $html = '', $type = '0', $plg_i
/**
* add an array of new configs
* @param $configs
* @param $configs
* @return bool
*/
function add_config_r($configs)
@@ -759,7 +758,8 @@ function delete_olang($words = '', $lang = 'en', $plg_id = 0)
{
if (is_array($lang))
{
foreach ($lang as $index=>$current_lang) {
foreach ($lang as $index=>$current_lang)
{
$lang[$index] = $SQL->escape($lang[$index]);
}
$lang_sql = "(lang_id = '" . implode("' OR lang_id = '", $lang) . "')";
@@ -900,6 +900,7 @@ function klj_clean_old_files($from = 0)
{
@kleeja_unlink($row['folder'] . '/' . $row['name']);
}
//delete thumb
if (file_exists($row['folder'] . '/thumbs/' . $row['name']))
{
@@ -1103,8 +1104,8 @@ function kleeja_log($text)
/**
* Return the first and last seek of range to be flushed.
* @param string $range
* @param $fileSize
* @param string $range
* @param $fileSize
* @return array
*/
function kleeja_set_range($range, $fileSize)
@@ -1253,10 +1254,10 @@ function add_to_serve_rules($rules, $unique_id = '')
}
$current_serve_content = preg_replace(
'/return\s{0,4}\[/',
'return [' . PHP_EOL . $rules,
$current_serve_content
);
'/return\s{0,4}\[/',
'return [' . PHP_EOL . $rules,
$current_serve_content
);
if (! is_writable(PATH . 'plugins_rules.php'))
@@ -1285,7 +1286,7 @@ function remove_from_serve_rules($unique_id)
'/^#start_' . preg_quote($unique_id) . '.*' . '#end_' . preg_quote($unique_id) . '$/sm',
'',
$current_serve_content
);
);
if ($new_serve_content === $current_serve_content)
{

17
includes/functions_adm.php
View File

@@ -18,13 +18,13 @@ if (! defined('IN_COMMON'))
* Print cp error function handler
*
* For admin
* @param mixed $msg
* @param mixed $navigation
* @param mixed $title
* @param mixed $exit
* @param mixed $redirect
* @param mixed $rs
* @param mixed $style
* @param mixed $msg
* @param mixed $navigation
* @param mixed $title
* @param mixed $exit
* @param mixed $redirect
* @param mixed $rs
* @param mixed $style
*/
function kleeja_admin_err($msg, $navigation = true, $title='', $exit = true, $redirect = false, $rs = 3, $style = 'admin_err')
{
@@ -258,6 +258,7 @@ function build_search_query($search)
//if searched by a username
$usernamee = '';
if (! empty($search['username']) && (int) $config['user_system'] == 1)
{
$query = [
@@ -276,7 +277,7 @@ function build_search_query($search)
$SQL->freeresult($result);
if(! empty($usernamee))
if (! empty($usernamee))
{
$usernamee = 'AND (' . $usernamee . ')';
}

49
includes/functions_display.php
View File

@@ -205,7 +205,7 @@ function readable_size($size)
/**
* show an error message
*
* @param $message
* @param $message
* @param string $title
* @param bool $exit
* @param bool|string $redirect a link to redirect after showing the message, or false
@@ -240,7 +240,7 @@ function kleeja_err($message, $title = '', $exit = true, $redirect = false, $rs
/**
* show an information message
*
* @param $message
* @param $message
* @param string $title
* @param bool $exit
* @param bool|string $redirect a link to redirect after showing the message, or false
@@ -291,7 +291,7 @@ function kleeja_debug()
echo '<p>&nbsp;</p>';
echo '<p><h2><strong><em>SQL</em> Information :</strong></h2></p> ';
if (!empty($SQL->debugr))
if (! empty($SQL->debugr))
{
foreach ($SQL->debugr as $key=>$val)
{
@@ -495,7 +495,7 @@ function kleeja_check_form_key($form_name, $require_time = 300)
* Link generator
* TODO to be edited
* Files can be many links styles, so this will generate the current style of link
* @param $pid
* @param $pid
* @param array $extra
* @return string
*/
@@ -514,8 +514,8 @@ function kleeja_get_link ($pid, $extra = [])
if ($config['mod_writer'] && ! empty($extra['::NAME::']))
{
if (
(($pid == 'image' || $pid == 'thumb') && $config['id_form_img'] != 'direct') ||
($pid == 'file' && $config['id_form'] != 'direct')
(($pid == 'image' || $pid == 'thumb') && $config['id_form_img'] != 'direct') ||
($pid == 'file' && $config['id_form'] != 'direct')
) {
$extra['::NAME::'] = str_replace('.', '-', $extra['::NAME::']);
}
@@ -671,6 +671,7 @@ function kleeja_style_info($style_name)
}
$t = array_map('trim', @explode('=', $m, 2));
// ':' mean something secondary as in sub-array
if (strpos($t[0], ':') !== false)
{
@@ -730,52 +731,53 @@ function is_browser($b)
case 'ie':
$return = strpos(strtolower($u_agent), trim('msie ' . $r)) !== false ? true : false;
break;
break;
case 'firefox':
$return = strpos(str_replace('/', ' ', strtolower($u_agent)), trim('firefox ' . $r)) !== false ? true : false;
break;
break;
case 'safari':
$return = strpos(strtolower($u_agent), trim('safari/' . $r)) !== false ? true : false;
break;
break;
case 'chrome':
$return = strpos(strtolower($u_agent), trim('chrome ' . $r)) !== false ? true : false;
break;
break;
case 'flock':
$return = strpos(strtolower($u_agent), trim('flock ' . $r)) !== false ? true : false;
break;
break;
case 'opera':
$return = strpos(strtolower($u_agent), trim('opera ' . $r)) !== false ? true : false;
break;
break;
case 'konqueror':
$return = strpos(strtolower($u_agent), trim('konqueror/' . $r)) !== false ? true : false;
break;
break;
case 'mozilla':
$return = strpos(strtolower($u_agent), trim('gecko/' . $r)) !== false ? true : false;
break;
break;
case 'webkit':
$return = strpos(strtolower($u_agent), trim('applewebkit/' . $r)) !== false ? true : false;
break;
/**
* Mobile Phones are so popular those days, so we have to support them ...
* This is still in our test lab.
* @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones
**/
break;
/**
* Mobile Phones are so popular those days, so we have to support them ...
* This is still in our test lab.
* @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones
**/
case 'mobile':
$mobile_agents = ['iPhone;', 'iPod;', 'blackberry', 'Android', 'HTC' , 'IEMobile', 'LG/', 'LG-',
'LGE-', 'MOT-', 'Nokia', 'SymbianOS', 'nokia_', 'PalmSource', 'webOS', 'SAMSUNG-',
@@ -792,7 +794,7 @@ function is_browser($b)
}
}
break;
break;
}
is_array($plugin_run_result = Plugins::getInstance()->run('is_browser_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
@@ -847,7 +849,7 @@ function kleeja_date($time, $human_time = true, $format = false)
if (! empty($config['time_zone']) && strpos($config['time_zone'], '/') !== false)
{
if(strpos($config['time_zone'], 'Buraydah') !== false)
if (strpos($config['time_zone'], 'Buraydah') !== false)
{
$config['time_zone'] = 'Asia/Riyadh';
}
@@ -951,7 +953,8 @@ function time_zones()
*/
function configField($name, $type = 'text', $select_options = [])
{
switch ($type) {
switch ($type)
{
default:
case 'text':
return '<input type="text" id="kj_meta_seo_home_meta_keywords" name="' . $name . '"' .

2458
includes/mime_types.php
View File

File diff suppressed because it is too large Load Diff

1027
includes/mysqli.php
View File

File diff suppressed because it is too large Load Diff

6
includes/pager.php
View File

@@ -19,8 +19,8 @@ class Pagination
protected $totalPages, $startRow , $currentPage;
/**
* @param $rowsPerPage
* @param $numRows
* @param $rowsPerPage
* @param $numRows
* @param int $currentPage
*/
public function __construct($rowsPerPage, $numRows, $currentPage = 1)
@@ -91,7 +91,7 @@ class Pagination
/**
* @param $link
* @param $link
* @param string $link_plus
* @return string
*/

19
includes/phpass.php
View File

@@ -51,6 +51,7 @@ class PasswordHash
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime();
if (function_exists('getmypid'))
{
$this->random_state .= getmypid();
@@ -114,7 +115,8 @@ class PasswordHash
break;
}
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
}
while ($i < $count);
return $output;
}
@@ -138,6 +140,7 @@ class PasswordHash
}
$id = substr($setting, 0, 3);
// We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id !== '$P$' && $id !== '$H$')
{
@@ -170,7 +173,8 @@ class PasswordHash
do
{
$hash = md5($hash . $password, true);
} while (--$count);
}
while (--$count);
$output = substr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
@@ -191,7 +195,7 @@ class PasswordHash
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$output = '$2a$';
$output .= chr((int)(ord('0') + $this->iteration_count_log2 / 10));
$output .= chr((int) (ord('0') + $this->iteration_count_log2 / 10));
$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
$output .= '$';
@@ -218,7 +222,8 @@ class PasswordHash
$c1 |= $c2 >> 6;
$output .= $itoa64[$c1];
$output .= $itoa64[$c2 & 0x3f];
} while (1);
}
while (1);
return $output;
}
@@ -243,8 +248,10 @@ class PasswordHash
$random = $this->get_random_bytes(6);
}
$hash =
$this->crypt_private($password,
$this->gensalt_private($random));
$this->crypt_private(
$password,
$this->gensalt_private($random)
);
if (strlen($hash) === 34)
{

1039
includes/sqlite.php
View File

File diff suppressed because it is too large Load Diff

103
includes/style.php
View File

@@ -9,7 +9,8 @@
//no direct access
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit;
}
@@ -22,7 +23,7 @@ class kleeja_style
/**
* Function to load a template file.
* @param $template_name
* @param $template_name
* @param null|mixed $style_path
*/
protected function _load_template($template_name, $style_path = null)
@@ -30,7 +31,8 @@ class kleeja_style
global $config, $THIS_STYLE_PATH_ABS, $STYLE_PATH_ADMIN_ABS, $DEFAULT_PATH_ADMIN_ABS;
if (! ($template_path = $this->template_exists($template_name, $style_path))) {
if (! ($template_path = $this->template_exists($template_name, $style_path)))
{
big_error('No Template !', 'Requested <b>"' . $template_name . '"</b> template doesnt exist!');
}
@@ -39,7 +41,8 @@ class kleeja_style
$html = "<!-- file generated by kleeja {kleeja.net} -->\n" . $html;
//use 'b' to force binary mode
if ($filename = @fopen(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php', 'wb')) {
if ($filename = @fopen(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php', 'wb'))
{
is_array($plugin_run_result = Plugins::getInstance()->run('style_load_template_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
@@ -54,7 +57,7 @@ class kleeja_style
/**
* check if a template exists or not
* @param $template_name
* @param $template_name
* @param null $style_path
*/
public function template_exists($template_name, $style_path = null)
@@ -67,10 +70,13 @@ class kleeja_style
$style_path = str_replace(DIRECTORY_SEPARATOR, '/', $style_path ?? '');
//admin template always begin with admin_
if (substr($template_name, 0, 6) == 'admin_') {
if (substr($template_name, 0, 6) == 'admin_')
{
$current_style_path = ! empty($style_path) ? $style_path : $STYLE_PATH_ADMIN_ABS;
$is_admin_template = true;
} else {
}
else
{
$current_style_path = ! empty($style_path) ? $style_path : $THIS_STYLE_PATH_ABS;
}
@@ -82,21 +88,29 @@ class kleeja_style
$is_tpl_exist = file_exists($template_path);
if (! $is_tpl_exist) {
if (trim($config['style_depend_on']) != '') {
if (! $is_tpl_exist)
{
if (trim($config['style_depend_on']) != '')
{
$template_path_alternative = str_replace('/' . $config['style'] . '/', '/' . $config['style_depend_on'] . '/', $template_path);
if (file_exists($template_path_alternative)) {
if (file_exists($template_path_alternative))
{
$template_path = $template_path_alternative;
$is_tpl_exist = true;
}
} elseif ($is_admin_template) {
}
elseif ($is_admin_template)
{
$template_path = $DEFAULT_PATH_ADMIN_ABS . $template_name . '.html';
$is_tpl_exist = true;
} elseif ($config['style'] != 'default' && ! $is_admin_template) {
}
elseif ($config['style'] != 'default' && ! $is_admin_template)
{
$template_path_alternative = str_replace('/' . $config['style'] . '/', '/default/', $template_path);
if (file_exists($template_path_alternative)) {
if (file_exists($template_path_alternative))
{
$template_path = $template_path_alternative;
$is_tpl_exist = true;
}
@@ -150,7 +164,7 @@ class kleeja_style
/**
* if tag
* @param $matches
* @param $matches
* @return string
*/
protected function _if_callback($matches)
@@ -160,14 +174,16 @@ class kleeja_style
foreach ([
'NAME' => '', 'LOOP' => '', 'AND' => ' && ', 'OR' => ' || ', 'ISSET' => ' isset', 'EMPTY' => ' empty'
] as $attribute=>$separator) {
if (isset($atts[$attribute])) {
] as $attribute=> $separator)
{
if (isset($atts[$attribute]))
{
$haveParentheses = in_array($attribute, ['ISSET', 'EMPTY']);
$condition .= $separator . ($haveParentheses ? '(' : '') .
$this->parse_condition($atts[$attribute], ! empty($atts['LOOP'])) .
($haveParentheses ? ')' : '')
;
;
}
}
@@ -181,25 +197,30 @@ class kleeja_style
$char = [' eq ', ' lt ', ' gt ', ' lte ', ' gte ', ' neq ', '==', '!=', '>=', '<=', '<', '>'];
$reps = ['==', '<', '>', '<=', '>=', '!=', '==', '!=', '>=', '<=', '<', '>'];
if (trim($condition) == '') {
if (trim($condition) == '')
{
return '';
}
$con = str_replace('$this->vars', '[----this-vars----]', $condition);
if (preg_match('/(.*)(' . implode('|', $char) . ')(.*)/i', $con, $arr)) {
if (preg_match('/(.*)(' . implode('|', $char) . ')(.*)/i', $con, $arr))
{
$arr[1] = trim($arr[1]);
$var1 = $arr[1][0] != '$' ? call_user_func(['kleeja_style', '_var_callback'], (! $is_loop ? '{' . $arr[1] . '}' : '{{' . $arr[1] . '}}')) : $arr[1];
$opr = str_replace($char, $reps, $arr[2]);
$var2 = trim($arr[3]);
//check for type
if (strpos($var2, '$')!==0 && ! preg_match('/[0-9]/', $var2)) {
if (strpos($var2, '$')!==0 && ! preg_match('/[0-9]/', $var2))
{
$var2 = '"' . str_replace('"', '\"', $var2) . '"';
}
$con = "$var1 $opr $var2";
} elseif ($con[0] !== '$' && strpos($con, '(') === false) {
}
elseif ($con[0] !== '$' && strpos($con, '(') === false)
{
$con = call_user_func(['kleeja_style', '_var_callback'], (! $is_loop ? '{' . $con . '}' : '{{' . $con . '}}'));
}
@@ -209,14 +230,15 @@ class kleeja_style
/**
* make variable printable
* @param $matches
* @param $matches
* @return string
*/
protected function _vars_callback($matches)
{
$variable = call_user_func(['kleeja_style', '_var_callback'], $matches);
if (strpos($matches[0], '{lang') !== false || strpos($matches[0], '{olang') !== false) {
if (strpos($matches[0], '{lang') !== false || strpos($matches[0], '{olang') !== false)
{
return '<?=' . $variable . ' ?? \'' . $matches[0] . '\'?>';
}
@@ -226,18 +248,20 @@ class kleeja_style
/**
* variable replace
* @param $matches
* @param $matches
* @return string
*/
protected function _var_callback($matches)
{
if (! is_array($matches)) {
if (! is_array($matches))
{
preg_match(kleeja_style::reg('var'), $matches, $matches);
}
$var = trim(! empty($matches[2]) ? str_replace('.', '\'][\'', $matches[2]) : '');
if (empty($var)) {
if (empty($var))
{
return '';
}
@@ -246,7 +270,7 @@ class kleeja_style
/**
* att variable replace
* @param $matches
* @param $matches
* @return string
*/
protected function _var_callback_att($matches)
@@ -257,7 +281,7 @@ class kleeja_style
/**
* get reg var
* @param $var
* @param $var
* @return mixed
*/
protected function reg($var)
@@ -269,7 +293,7 @@ class kleeja_style
/**
* get tag attributes
* @param $tag
* @param $tag
* @return array
*/
protected function _get_attributes($tag)
@@ -278,7 +302,8 @@ class kleeja_style
$attributes = [];
for ($i = 0; $i < count($attribute[1]); $i++) {
for ($i = 0; $i < count($attribute[1]); $i++)
{
$att = strtoupper($attribute[1][$i]);
$attributes[$att] = preg_replace_callback(kleeja_style::reg('var'), ['kleeja_style', '_var_callback'], $attribute[2][$i]);
@@ -299,8 +324,8 @@ class kleeja_style
/**
* load parser and return page content
* @param $template_name
* @param null $style_path optional, good for plugins
* @param $template_name
* @param null $style_path optional, good for plugins
* @return mixed|string
*/
public function display($template_name, $style_path = null)
@@ -310,7 +335,8 @@ class kleeja_style
$this->vars = $GLOBALS;
//is there ?
if (! file_exists(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php') || ! $this->caching) {
if (! file_exists(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php') || ! $this->caching)
{
$this->_load_template($template_name, $style_path);
}
@@ -324,7 +350,7 @@ class kleeja_style
/**
* generate admin option block
* @param $html
* @param $html
* @return string
*/
public function admindisplayoption($html)
@@ -338,9 +364,12 @@ class kleeja_style
ob_start();
if ($eval_on) {
if ($eval_on)
{
eval(' ?' . '>' . $parsed_html . '<' . '?php ');
} else {
}
else
{
$path = PATH . 'cache/tpl_' . md5($parsed_html) . '.php';
file_put_contents($path, $parsed_html);
include_once $path;
@@ -354,7 +383,7 @@ class kleeja_style
/**
* change name of template to be valid
* @param $name
* @param $name
* @param null|mixed $style_path
* @return mixed
*/

38
includes/up_helpers/thumbs.php
View File

@@ -65,9 +65,9 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
//get file info
list($source_width, $source_height, $source_type) = getimagesize($source_path);
$source_gdim = false;
switch ($source_type)
{
case IMAGETYPE_GIF:
@@ -123,10 +123,14 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
imagecopyresampled(
$temp_gdim,
$source_gdim,
0, 0,
0, 0,
$temp_width, $temp_height,
$source_width, $source_height
0,
0,
0,
0,
$temp_width,
$temp_height,
$source_width,
$source_height
);
// Copy cropped region from temporary image into the desired GD image
@@ -137,9 +141,12 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
imagecopy(
$desired_gdim,
$temp_gdim,
0, 0,
$x0, $y0,
$dw, $dh
0,
0,
$x0,
$y0,
$dw,
$dh
);
// Create thumbnail
@@ -159,7 +166,7 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
case 'gif':
$return = @imagegif($desired_gdim, $dest_image);
break;
break;
case 'bmp':
$return = @imagebmp($desired_gdim, $dest_image);
@@ -234,21 +241,24 @@ function helper_thumb_imagick($name, $ext, $filename, $new_w, $new_h)
//guess the right thumb height, weights
list($thumb_w, $thumb_h) = scale_image_imagick(
$im->getImageWidth(),
$im->getImageHeight(),
$new_w,
$new_h);
$im->getImageWidth(),
$im->getImageHeight(),
$new_w,
$new_h
);
//an exception for gif image
//generating thumb with 10 frames only, big gif is a devil
if ($ext == 'gif')
{
$i = 0;
//$gif_new = new Imagick();
foreach ($im as $frame)
{
$frame->thumbnailImage($thumb_w, $thumb_h);
$frame->setImagePage($thumb_w, $thumb_h, 0, 0);
// $gif_new->addImage($frame->getImage());
if ($i >= 10)
{

17
includes/up_helpers/watermark.php
View File

@@ -18,8 +18,8 @@ if (! defined('IN_COMMON'))
* return nothing because if it work then ok , and if not then ok too :)
* @todo text support
*
* @param $name
* @param $ext
* @param $name
* @param $ext
* @return bool|void
*/
function helper_watermark($name, $ext)
@@ -64,12 +64,12 @@ function helper_watermark($name, $ext)
helper_watermark_imagick($name, $ext, $logo_path);
return;
}
//now, lets work and detect our image extension
list($bwidth, $bheight, $src_img_type) = getimagesize($name);
$src_img = false;
//now, lets work and detect our image extension
list($bwidth, $bheight, $src_img_type) = getimagesize($name);
$src_img = false;
switch ($src_img_type)
{
case IMAGETYPE_GIF:
@@ -182,6 +182,7 @@ function helper_watermark_imagick($name, $ext, $logo)
if ($ext == 'gif')
{
$i = 0;
//$gif_new = new Imagick();
foreach ($im as $frame)
{

147
includes/up_methods/defaultUploader.php
View File

@@ -9,7 +9,8 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
@@ -234,24 +235,27 @@ class defaultUploader implements KleejaUploader
// show del code link box
$extra_del = '';
if ($config['del_url_file']) {
if ($config['del_url_file'])
{
$extra_del = get_up_tpl_box(
'del_file_code',
[
'b_title' => $lang['URL_F_DEL'],
'b_code_link' => kleeja_get_link('del', ['::CODE::'=>$fileInfo['DeleteCode']])
]
'b_title' => $lang['URL_F_DEL'],
'b_code_link' => kleeja_get_link('del', ['::CODE::'=>$fileInfo['DeleteCode']])
]
);
}
//show imgs
if ($is_img) {
if ($is_img)
{
$img_html_result = '';
// get default thumb dimensions
$thmb_dim_w = $thmb_dim_h = 150;
if (strpos($config['thmb_dims'], '*') !== false) {
if (strpos($config['thmb_dims'], '*') !== false)
{
list($thmb_dim_w, $thmb_dim_h) = array_map('trim', explode('*', $config['thmb_dims']));
}
@@ -268,15 +272,16 @@ class defaultUploader implements KleejaUploader
$img_html_result .= get_up_tpl_box(
'image_thumb',
[
'b_title' => $lang['URL_F_THMB'],
'b_url_link' => kleeja_get_link('image', $file_info),
'b_img_link' => kleeja_get_link('thumb', $file_info)
]
'b_title' => $lang['URL_F_THMB'],
'b_url_link' => kleeja_get_link('image', $file_info),
'b_img_link' => kleeja_get_link('thumb', $file_info)
]
);
// watermark on image
if ($config['write_imgs'] != 0 && in_array($fileInfo['fileExtension'], ['gif', 'png', 'jpg', 'jpeg', 'bmp'])) {
if ($config['write_imgs'] != 0 && in_array($fileInfo['fileExtension'], ['gif', 'png', 'jpg', 'jpeg', 'bmp']))
{
helper_watermark($fileInfo['saveToFolder'] . '/' . $fileInfo['generatedFileName'], $fileInfo['fileExtension']);
}
@@ -284,10 +289,10 @@ class defaultUploader implements KleejaUploader
$img_html_result .= get_up_tpl_box(
'image',
[
'b_title' => $lang['URL_F_IMG'],
'b_bbc_title' => $lang['URL_F_BBC'],
'b_url_link' => kleeja_get_link('image', $file_info),
]
'b_title' => $lang['URL_F_IMG'],
'b_bbc_title' => $lang['URL_F_BBC'],
'b_url_link' => kleeja_get_link('image', $file_info),
]
);
//add del link box to the result if there is any
@@ -302,15 +307,17 @@ class defaultUploader implements KleejaUploader
htmlspecialchars($fileInfo['originalFileName']) . '</div>' . "\n" .
$img_html_result
);
} else {
}
else
{
//then show other files
$else_html_result = get_up_tpl_box(
'file',
[
'b_title' => $lang['URL_F_FILE'],
'b_bbc_title' => $lang['URL_F_BBC'],
'b_url_link' => kleeja_get_link('file', $file_info),
]
'b_title' => $lang['URL_F_FILE'],
'b_bbc_title' => $lang['URL_F_BBC'],
'b_url_link' => kleeja_get_link('file', $file_info),
]
);
@@ -356,28 +363,34 @@ class defaultUploader implements KleejaUploader
// check folder our real folder
if (! file_exists($current_uploading_folder)) {
if (! make_folder($current_uploading_folder)) {
if (! file_exists($current_uploading_folder))
{
if (! make_folder($current_uploading_folder))
{
$this->addErrorMessage($lang['CANT_DIR_CRT']);
}
}
if ($return_now) {
if ($return_now)
{
return;
}
// is captcha on, and there is uploading going on
if ($captcha_enabled) {
if ($captcha_enabled)
{
//captcha is wrong
if (! kleeja_check_captcha()) {
if (! kleeja_check_captcha())
{
$this->addErrorMessage($lang['WRONG_VERTY_CODE']);
return;
}
}
// to prevent flooding, user must wait, waiting-time is grapped from Kleeja settings, admin is exceptional
if (! user_can('enter_acp') && user_is_flooding($current_user_id)) {
if (! user_can('enter_acp') && user_is_flooding($current_user_id))
{
$this->addErrorMessage(sprintf(
$lang['YOU_HAVE_TO_WAIT'],
$config['usersectoupload']
@@ -387,8 +400,10 @@ class defaultUploader implements KleejaUploader
//detect flooding, TODO fix it or remove it
if (isset($_SESSION['FIILES_NOT_DUPLI'])) {
if (! empty($_SESSION['FIILES_NOT_DUPLI']) && $_SESSION['FIILES_NOT_DUPLI'] == sha1(serialize(array_column($_FILES, 'name')))) {
if (isset($_SESSION['FIILES_NOT_DUPLI']))
{
if (! empty($_SESSION['FIILES_NOT_DUPLI']) && $_SESSION['FIILES_NOT_DUPLI'] == sha1(serialize(array_column($_FILES, 'name'))))
{
unset($_SESSION['FIILES_NOT_DUPLI']);
$this->addErrorMessage($lang['U_R_FLOODER']);
@@ -397,7 +412,8 @@ class defaultUploader implements KleejaUploader
}
// flooding code, making sure every ok session is cleared
if (sizeof($_FILES) > 0) {
if (sizeof($_FILES) > 0)
{
$_SESSION['FIILES_NOT_DUPLI'] = sha1(serialize(array_column($_FILES, 'name')));
}
@@ -405,16 +421,20 @@ class defaultUploader implements KleejaUploader
//now close session to let user open any other page in Kleeja
session_write_close();
if (! empty($_FILES['file']['tmp_name'])) {
if (! empty($_FILES['file']['tmp_name']))
{
$_FILES['file'][0] = $_FILES['file'];
}
// loop the uploaded files
for ($i=0; $i<=$this->getUploadFieldsLimit(); $i++) {
for ($i=0; $i<=$this->getUploadFieldsLimit(); $i++)
{
//no file!
if (empty($_FILES['file_' . $i . '_']['tmp_name']) && empty($_FILES['file'][$i]['tmp_name'])) {
if (! isset($_FILES['file_' . $i . '_'], $_FILES['file'][$i])) {
if (empty($_FILES['file_' . $i . '_']['tmp_name']) && empty($_FILES['file'][$i]['tmp_name']))
{
if (! isset($_FILES['file_' . $i . '_'], $_FILES['file'][$i]))
{
continue;
}
@@ -428,8 +448,10 @@ class defaultUploader implements KleejaUploader
$upload_max_size = ini_get('upload_max_filesize');
if ($error !== UPLOAD_ERR_OK) {
switch ($error) {
if ($error !== UPLOAD_ERR_OK)
{
switch ($error)
{
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$this->addErrorMessage(
@@ -469,7 +491,6 @@ class defaultUploader implements KleejaUploader
$this->addErrorMessage(sprintf($lang['CANT_UPLAOD'], htmlspecialchars($filename)));
break;
}
}
@@ -482,7 +503,8 @@ class defaultUploader implements KleejaUploader
// well, no file uploaded, ask user to choose a file before submit
if ($this->total_uploaded_files == 0 && sizeof($this->messages) == 0) {
if ($this->total_uploaded_files == 0 && sizeof($this->messages) == 0)
{
$this->addErrorMessage($lang['CHOSE_F']);
}
}
@@ -490,9 +512,9 @@ class defaultUploader implements KleejaUploader
/**
* upload a file from $_FILES
* @param integer $fieldNumber as in file[i]
* @param $current_uploading_folder
* @param $current_user_id
* @param integer $fieldNumber as in file[i]
* @param $current_uploading_folder
* @param $current_user_id
*/
public function uploadTypeFile($fieldNumber, $current_uploading_folder, $current_user_id)
{
@@ -512,7 +534,8 @@ class defaultUploader implements KleejaUploader
$fileInfo['currentUserId'] = $current_user_id;
if (! isset($_FILES['file_' . $fieldNumber . '_']) && isset($_FILES['file'][$fieldNumber])) {
if (! isset($_FILES['file_' . $fieldNumber . '_']) && isset($_FILES['file'][$fieldNumber]))
{
$_FILES['file_' . $fieldNumber . '_'] = $_FILES['file'][$fieldNumber];
}
@@ -521,13 +544,14 @@ class defaultUploader implements KleejaUploader
? urldecode(str_replace([';',','], '', $_FILES['file_' . $fieldNumber . '_']['name']))
: '';
if (empty($fileInfo['originalFileName'])) {
if (empty($fileInfo['originalFileName']))
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
return;
}
// get the extension of file
$originalFileName = explode('.', $fileInfo['originalFileName']);
$originalFileName = explode('.', $fileInfo['originalFileName']);
$fileInfo['fileExtension'] = strtolower(array_pop($originalFileName));
@@ -546,7 +570,8 @@ class defaultUploader implements KleejaUploader
// file exists before? change it a little
if (file_exists($current_uploading_folder . '/' . $fileInfo['generatedFileName'])) {
if (file_exists($current_uploading_folder . '/' . $fileInfo['generatedFileName']))
{
$fileInfo['generatedFileName'] = change_filename_decoding(
$fileInfo['generatedFileName'],
$fieldNumber,
@@ -559,9 +584,11 @@ class defaultUploader implements KleejaUploader
// now, let process it
if (! in_array(strtolower($fileInfo['fileExtension']), array_keys($this->getAllowedFileExtensions()))) {
if (! in_array(strtolower($fileInfo['fileExtension']), array_keys($this->getAllowedFileExtensions())))
{
// guest
if ($current_user_id == '-1') {
if ($current_user_id == '-1')
{
$this->addErrorMessage(
sprintf($lang['FORBID_EXT'], $fileInfo['fileExtension'])
. '<br> <a href="' . ($config['mod_writer'] ? 'register.html' : 'ucp.php?go=register') .
@@ -569,24 +596,29 @@ class defaultUploader implements KleejaUploader
);
}
// a member
else {
else
{
$this->addErrorMessage(sprintf($lang['FORBID_EXT'], $fileInfo['fileExtension']));
}
}
// bad chars in the filename
elseif (preg_match("#[\\\/\:\*\?\<\>\|\"]#", $fileInfo['generatedFileName'])) {
elseif (preg_match("#[\\\/\:\*\?\<\>\|\"]#", $fileInfo['generatedFileName']))
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check file extension for bad stuff
elseif (ext_check_safe($_FILES['file_' . $fieldNumber . '_']['name']) == false) {
elseif (ext_check_safe($_FILES['file_' . $fieldNumber . '_']['name']) == false)
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check the mime-type for the file
elseif (check_mime_type($_FILES['file_' . $fieldNumber . '_']['type'], $fileInfo['fileExtension'], $_FILES['file_' . $fieldNumber . '_']['tmp_name']) == false) {
elseif (check_mime_type($_FILES['file_' . $fieldNumber . '_']['type'], $fileInfo['fileExtension'], $_FILES['file_' . $fieldNumber . '_']['tmp_name']) == false)
{
$this->addErrorMessage(sprintf($lang['NOT_SAFE_FILE'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check file size
elseif ($this->getAllowedFileExtensions()[$fileInfo['fileExtension']] > 0 && $fileInfo['fileSize'] >= $this->getAllowedFileExtensions()[$fileInfo['fileExtension']]) {
elseif ($this->getAllowedFileExtensions()[$fileInfo['fileExtension']] > 0 && $fileInfo['fileSize'] >= $this->getAllowedFileExtensions()[$fileInfo['fileExtension']])
{
$this->addErrorMessage(
sprintf(
$lang['SIZE_F_BIG'],
@@ -600,19 +632,24 @@ class defaultUploader implements KleejaUploader
$this->addErrorMessage($lang['TOTAL_SIZE_EXCEEDED']);
}
// no errors, so upload it
else {
else
{
is_array($plugin_run_result = Plugins::getInstance()->run('defaultUploader_uploadTypeFile_2nd', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
// now, upload the file
$file = move_uploaded_file($_FILES['file_' . $fieldNumber . '_']['tmp_name'], $current_uploading_folder . '/' . $fileInfo['generatedFileName']);
if ($file) {
if ($file)
{
$this->saveToDatabase($fileInfo);
if ($remaining_storage != -1)
{
$remaining_storage -= $fileInfo['fileSize'];
}
} else {
}
else
{
$this->addErrorMessage(sprintf($lang['CANT_UPLAOD'], $fileInfo['originalFileName']));
}
}

137
includes/usr.php
View File

@@ -9,17 +9,18 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
class usrcp
{
private $user_id = -1;
private $group_id = 2;
private $user_name = null;
private $user_mail = null;
private $user_id = -1;
private $group_id = 2;
private $user_name = null;
private $user_mail = null;
private $last_visit = null;
public function data($name, $pass, $hashed = false, $expire = 86400, $loginadm = false)
@@ -33,7 +34,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('data_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $login_status;
}
@@ -48,7 +50,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('auth_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $auth_status;
}
@@ -73,18 +76,24 @@ class usrcp
'LIMIT' => '1'
];
if ($hashed) {
if ($hashed)
{
$query['WHERE'] = 'id=' . intval($name) . " and password='" . $SQL->escape($pass) . "'";
} else {
}
else
{
$query['WHERE'] = "clean_name='" . $SQL->real_escape($this->cleanusername($name)) . "'";
}
is_array($plugin_run_result = Plugins::getInstance()->run('qr_select_usrdata_n_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
$result = $SQL->build($query);
if ($SQL->num_rows($result)) {
while ($row=$SQL->fetch_array($result)) {
if (empty($row['password'])) {
if ($SQL->num_rows($result))
{
while ($row=$SQL->fetch_array($result))
{
if (empty($row['password']))
{
//more security
return false;
}
@@ -92,10 +101,13 @@ class usrcp
$phppass = $hashed ? $pass : $pass . $row['password_salt'];
//CHECK IF IT'S MD5 PASSWORD
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT')) {
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT'))
{
$passmd5 = md5($pass);
////update old md5 hash to phpass hash
if ($row['password'] == $passmd5) {
if ($row['password'] == $passmd5)
{
////new salt
$new_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7);
////new password hash
@@ -111,34 +123,39 @@ class usrcp
];
$SQL->build($update_query);
} else { //if the password is wrong
}
else //if the password is wrong
{
return false;
}
}
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false)) {
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false))
{
return false;
}
//all user fileds info
$userinfo = $row;
$this->user_id = $row['id'];
$this->group_id = $row['group_id'];
$this->user_name = $row['name'];
$this->user_mail = $row['mail'];
$this->user_id = $row['id'];
$this->group_id = $row['group_id'];
$this->user_name = $row['name'];
$this->user_mail = $row['mail'];
$this->last_visit = $row['last_visit'];
$user_y = base64_encode(serialize(['id'=>$row['id'], 'name'=>$row['name'], 'mail'=>$row['mail'], 'last_visit'=>$row['last_visit']]));
if (! $hashed && ! $loginadm) {
if (! $hashed && ! $loginadm)
{
$hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
$this->kleeja_set_cookie('ulogu', $this->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . $row['group_id'] . '|' . $user_y), $expire);
}
//if last visit > 1 minute then update it
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60) {
$this->last_visit = time();
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60)
{
$this->last_visit = time();
$update_last_visit = [
'UPDATE' => "{$dbprefix}users",
'SET' => 'last_visit=' . $this->last_visit,
@@ -154,7 +171,9 @@ class usrcp
unset($pass);
return true;
} else {
}
else
{
return false;
}
}
@@ -167,7 +186,8 @@ class usrcp
{
global $dbprefix, $SQL;
if (! $user_id) {
if (! $user_id)
{
$user_id = $this->id();
}
@@ -233,14 +253,15 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('logout_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
//acp
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN'])) {
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN']))
{
$this->logout_cp();
}
$this->user_id = -1;
$this->group_id = 2;
$this->user_name = null;
$this->user_mail = null;
$this->user_id = -1;
$this->group_id = 2;
$this->user_name = null;
$this->user_mail = null;
$this->last_visit = null;
//is ther any cookies
@@ -254,7 +275,8 @@ class usrcp
{
is_array($plugin_run_result = Plugins::getInstance()->run('logout_cp_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if (! empty($_SESSION['ADMINLOGIN'])) {
if (! empty($_SESSION['ADMINLOGIN']))
{
unset($_SESSION['ADMINLOGIN'], $_SESSION['USER_SESS'] /*, $_SESSION['LAST_VISIT']*/);
}
@@ -272,7 +294,8 @@ class usrcp
['a','a','a','a','a','a','a','a','a','a','e','e','e','e','e','e','e','i','i','i','i','i','i','i','i','o','o','o','o','o','o','o','o','o','o','o','u','u','u','u','u','u','c','c','n','n','y','e']
];
if (empty($arabic_t)) {
if (empty($arabic_t))
{
//Arabic chars must be stay in utf8 format, so we encoded them
$arabic_t = unserialize(base64_decode('YToyOntpOjA7YToxMjp7aTowO3M6Mjoi2KMiO2k6MTtzOjI6ItilIjtpOjI7czoyOiLYpCI7aTozO3M6Mjoi2YAiO2k6NDtzOjI6Itm' .
'LIjtpOjU7czoyOiLZjCI7aTo2O3M6Mjoi2Y8iO2k6NztzOjI6ItmOIjtpOjg7czoyOiLZkCI7aTo5O3M6Mjoi2ZIiO2k6MTA7czoyOiLYoiI7aToxMTtzOjI6ItimIjt9aToxO' .
@@ -321,7 +344,8 @@ class usrcp
//
//when user add define('FORCE_COOKIES', true) in config.php we will make our settings of cookies
//
if (defined('FORCE_COOKIES')) {
if (defined('FORCE_COOKIES'))
{
$config['cookie_domain'] = ! empty($_SERVER['HTTP_HOST']) ? strtolower($_SERVER['HTTP_HOST']) : (! empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : @getenv('SERVER_NAME'));
$config['cookie_domain'] = str_replace('www.', '.', substr($config['cookie_domain'], 0, strpos($config['cookie_domain'], ':')));
$config['cookie_path'] = '/';
@@ -344,27 +368,32 @@ class usrcp
global $config;
static $txt = [];
if (empty($txt)) {
if (empty($config['h_key'])) {
if (empty($txt))
{
if (empty($config['h_key']))
{
$config['h_key'] = sha1(microtime());
}
$chars = str_split($config['h_key']);
foreach (range('a', 'z') as $k=>$v) {
if (! isset($chars[$k])) {
foreach (range('a', 'z') as $k=>$v)
{
if (! isset($chars[$k]))
{
break;
}
$txt[$v] = $chars[$k] . $k . '-';
}
}
switch ($type) {
switch ($type)
{
case 1:
$data = str_replace('=', '_', base64_encode($data));
$data = strtr($data, $txt);
break;
break;
case 2:
$txtx = array_flip($txt);
@@ -372,7 +401,7 @@ class usrcp
$data = strtr($data, $txtx);
$data = base64_decode(str_replace('_', '=', $data));
break;
break;
}
return $data;
@@ -405,28 +434,34 @@ class usrcp
];
//if login up
if ($this->kleeja_get_cookie('ulogu')) {
if ($this->kleeja_get_cookie('ulogu'))
{
$user_data = false;
list($user_id, $hashed_password, $expire_at, $hashed_expire, $group_id, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2));
//if not expire
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time())) {
if (! empty($u_info)) {
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time()))
{
if (! empty($u_info))
{
$userinfo = unserialize(base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
}
}
if ($user_data == false) {
if ($user_data == false)
{
$this->logout();
} else {
$this->user_id = $userinfo['id'];
$this->group_id = $userinfo['group_id'];
$this->user_name = $userinfo['name'];
$this->user_mail = $userinfo['mail'];
}
else
{
$this->user_id = $userinfo['id'];
$this->group_id = $userinfo['group_id'];
$this->user_name = $userinfo['name'];
$this->user_mail = $userinfo['mail'];
$this->last_visit = $userinfo['last_visit'];
return $user_data;
}
@@ -434,4 +469,4 @@ class usrcp
return false; //nothing
}
}
}