Nemcio/Kleeja
1
0
Fork 0
mirror of https://github.com/kleeja-official/kleeja.git synced 2025-12-14 20:19:43 +01:00
Code Issues Packages Projects Releases Activity

Miscellaneous changes

Browse Source 
* PHP code style fixes
* Updated database schema for upgrade
This commit is contained in:
H.Rouatbi
2024-10-07 17:15:05 +01:00
parent 552423c700
commit 3cdfa9ce5a
47 changed files with 5007 additions and 4639 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -31,5 +31,5 @@ Project_Default.xml
.project
.vscode/launch.json
.htaccess
.php_cs.cache
.php-cs-fixer.cache
kleeja.db

6
.php_cs → .php-cs-fixer.php
View File

@@ -5,13 +5,13 @@ $finder = PhpCsFixer\Finder::create()
->in(__DIR__)
;
return PhpCsFixer\Config::create()
return (new PhpCsFixer\Config())
->setRules([
'binary_operator_spaces' => ['default' => 'align'],
'phpdoc_align' => true,
'array_indentation' => true,
'blank_line_before_statement' => ['statements' => [
'break', 'case', 'continue', 'default', 'die', 'for', 'foreach', 'if']
'break', 'case', 'continue', 'default', 'exit', 'for', 'foreach', 'if']
],
'braces' => ['position_after_control_structures' => 'next'],
'cast_spaces' => true,
@@ -22,7 +22,7 @@ return PhpCsFixer\Config::create()
'include' => true,
'indentation_type' => true,
'array_syntax' => ['syntax' => 'short'],
'lowercase_constants' => true,
'constant_case' => ['case' => 'lower'],
'method_chaining_indentation' => true,
'method_argument_space' => true,
'no_closing_tag' => true,

18
CHANGELOG.md
View File

@@ -3,6 +3,24 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
## 3.1.7
* add the ability to toggle multipart download for groups
* introduce custom admin path option
* compatibility with PHP 8.X
* add group max storage limit feature
* add the ability to delete files by extension
* change the default style to Bootstrap
* fix pagination issue with incorrect link generation
* introduce ajax upload (show upload progress bar and upload speed)
* fix the issue where correct username, password, and security code still shows "The security code is incorrect!"
* various bug fixes and improvements
## 3.1.6
* compatibility with `m3u` files
* change dashboard box colors
* fix rtl issue in bootstrap template
* kleeja new domain is `kleeja.net`
## 3.1.5
* fix hiding error msgs when updating kleeja
* hide update all buttun , when empty update's list

12
do.php
View File

@@ -505,9 +505,13 @@ elseif (ig('down') || ig('downf') ||
//send file headers
header('Pragma: public');
if ($resuming_on) {
if ($resuming_on)
{
header('Accept-Ranges: bytes');
} else {
}
else
{
header('Accept-Ranges: none');
}
header('Content-Description: File Transfer');
@@ -540,10 +544,12 @@ elseif (ig('down') || ig('downf') ||
$range = round(floatval($range), 0);
$range_end = ! $range_end ? $size - 1 : round(floatval($range_end), 0);
if ($range < 0 || $range >= $size || $range > $range_end || $range_end >= $size ) {
if ($range < 0 || $range >= $size || $range > $range_end || $range_end >= $size)
{
header('HTTP/1.1 416 Requested Range Not Satisfiable');
header("Content-Range: bytes */$size");
fclose($fp);
exit;
}

11
go.php
View File

@@ -53,9 +53,11 @@ switch ($current_go_case)
'ext' => $ext,
'size' => readable_size($size),
'group' => $gid,
'group_name' => str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
'group_name' => str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$gid]['data']['group_name']),
$d_groups[$gid]['data']['group_name']
),
'most_firstrow' => $same_group == 0 ? true : false,
'firstrow' => $same_group ==0 or $same_group != $gid ? true : false,
'rando' => $rando,
@@ -376,6 +378,7 @@ switch ($current_go_case)
while ($row=$SQL->fetch_array($result))
{
@kleeja_unlink($row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists($row['folder'] . '/thumbs/' . $row['name']))
{
@@ -426,7 +429,9 @@ switch ($current_go_case)
}
$SQL->freeresult($result);
} else {
}
else
{
kleeja_info($lang['NOT_FOUND']);
}
}

1
includes/KleejaUploader.php
View File

@@ -18,7 +18,6 @@ if (! defined('IN_COMMON'))
interface KleejaUploader
{
/**
* set the allowed extensions of uploaded files
* @param array $allowed_file_extensions an array of allowed extensions, and sizes ['gif'=>122, 'png'=>2421 ..]

4
includes/adm/a_configs.php
View File

@@ -277,7 +277,8 @@ foreach ($types as $typekey => $type)
$options .= str_replace(
['<input ', '<select ', '<td>', '</td>', '<label>', '<tr>', '</tr>'],
['<input class="form-control" ', '<select class="form-control" ', '<div class="form-group">', '</div>', '<label class="form-check-label">', '', ''],
$option['option']);
$option['option']
);
}
}
}
@@ -285,7 +286,6 @@ foreach ($types as $typekey => $type)
//after submit
if (ip('submit'))
{
//some configs need refresh page ..
$need_refresh_configs = ['language'];

12
includes/adm/c_files.php
View File

@@ -77,6 +77,7 @@ if (ip('submit'))
{
//delete from folder ..
@kleeja_unlink(PATH . $row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists(PATH . $row['folder'] . '/thumbs/' . $row['name']))
{
@@ -98,8 +99,9 @@ if (ip('submit'))
$sizes += $row['size'];
//Subtract size from storage of the user
if ($row['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$row['size']." WHERE id=".$row['user']);
if ($row['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $row['size'] . ' WHERE id=' . $row['user']);
}
}
}
@@ -141,7 +143,6 @@ if (ip('submit'))
}
elseif ($current_smt == '')
{
//
//Delete all user files [only one user]
//
@@ -470,8 +471,9 @@ elseif ($current_smt == 'delete_by_extension')
$deleted_files[] = $file['id'];
//Subtract size from storage of the user
if ($file['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$file['size']." WHERE id=".$file['user']);
if ($file['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $file['size'] . ' WHERE id=' . $file['user']);
}
}

6
includes/adm/d_img_ctrl.php
View File

@@ -63,6 +63,7 @@ if (ip('submit'))
{
//delete from folder ..
@kleeja_unlink(PATH . $row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists(PATH . $row['folder'] . '/thumbs/' . $row['name']))
{
@@ -73,8 +74,9 @@ if (ip('submit'))
$sizes += $row['size'];
//Subtract size from storage of the user
if ($row['user'] != -1) {
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-".$row['size']." WHERE id=".$row['user']);
if ($row['user'] != -1)
{
$SQL->query("UPDATE {$dbprefix}users SET storage_size=storage_size-" . $row['size'] . ' WHERE id=' . $row['user']);
}
}

75
includes/adm/g_users.php
View File

@@ -136,6 +136,7 @@ if (ig('deleteuserfile'))
{
//delete from folder ..
kleeja_unlink(PATH . $row['folder'] . '/' . $row['name']);
//delete thumb
if (file_exists(PATH . $row['folder'] . '/thumbs/' . $row['name']))
{
@@ -178,6 +179,7 @@ if (ig('deleteuserfile'))
kleeja_admin_info($lang['ADMIN_DELETE_FILE_OK'], true, '', true, $action_all, 3);
}
}
//
//Delete a user
//
@@ -589,12 +591,16 @@ if (ip('delgroup'))
$SQL->build($update_query);
//get those groups name
$group_name_from = str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$group_name_from = str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$from_group]['data']['group_name']);
$group_name_to =str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$d_groups[$from_group]['data']['group_name']
);
$group_name_to =str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$to_group]['data']['group_name']);
$d_groups[$to_group]['data']['group_name']
);
//delete cache ..
delete_cache('data_groups');
@@ -643,9 +649,11 @@ case 'general':
{
$r = [
'id' => $row['group_id'],
'name' => str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
'name' => str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$row['group_name']),
$row['group_name']
),
'style' => ! empty($groups_background_color[$row['group_id']])
? $groups_background_color[$row['group_id']]
: ['background' => 'secondary', 'icon' => ''],
@@ -681,9 +689,11 @@ case 'group_acl':
kleeja_admin_err('ERROR-NO-ID', true, '', true, basename(ADMIN_PATH) . '?cp=g_users');
}
$group_name = str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$group_name = str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$req_group]['data']['group_name']);
$d_groups[$req_group]['data']['group_name']
);
$query = [
'SELECT' => 'acl_name, acl_can',
@@ -807,14 +817,21 @@ case 'group_data':
//msg, done
kleeja_admin_info($lang['CONFIGS_UPDATED'] . ', ' . $lang['LANGUAGE'] . ':' . $got_lang . ' - ' . $lang['FOR'] . ':' . $group_name,
true, '', true, basename(ADMIN_PATH) . '?cp=start');
kleeja_admin_info(
$lang['CONFIGS_UPDATED'] . ', ' . $lang['LANGUAGE'] . ':' . $got_lang . ' - ' . $lang['FOR'] . ':' . $group_name,
true,
'',
true,
basename(ADMIN_PATH) . '?cp=start'
);
}
$group_name = str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$group_name = str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$req_group]['data']['group_name']);
$d_groups[$req_group]['data']['group_name']
);
$gdata = $d_groups[$req_group]['data'];
$query = [
@@ -869,6 +886,7 @@ case 'group_data':
}
$guest_disallowed_configs = ['enable_userfile', 'max_storage'];
if ($req_group == 2 && in_array($row['name'], $guest_disallowed_configs))
{
continue;
@@ -882,7 +900,8 @@ case 'group_data':
'<div class="form-group">' . "\n" .
'<label for="' . $row['name'] . '">' . (! empty($lang[strtoupper($row['name'])]) ? $lang[strtoupper($row['name'])] : $olang[strtoupper($row['name'])]) . '</label>' . "\n" .
'<div class="box">' . (empty($row['option']) ? '' : $tpl->admindisplayoption(preg_replace(['!{con.[a-z0-9_]+}!', '!NAME="con.!'], ['{cdata.' . $row['name'] . '}', 'NAME="cdata.'], $row['option']))) . '</div>' . "\n" .
'</div>' . "\n" . '<div class="clearfix"></div>')
'</div>' . "\n" . '<div class="clearfix"></div>'
)
];
}
@@ -930,9 +949,11 @@ case 'group_exts':
kleeja_admin_err('ERROR-NO-ID', true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php'));
}
$group_name =str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$group_name =str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$req_group]['data']['group_name']);
$d_groups[$req_group]['data']['group_name']
);
@@ -1096,9 +1117,11 @@ case 'show_group':
{
$is_search = true;
$req_group = ig('qg') ? g('qg', 'int') : 0;
$group_name =str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
$group_name =str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$req_group]['data']['group_name']);
$d_groups[$req_group]['data']['group_name']
);
$query['WHERE'] = "name != '' AND group_id = " . $req_group;
}
@@ -1144,9 +1167,11 @@ case 'users':
'editusr_link' => basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php') . '&amp;smt=edit_user&amp;uid=' . $row['id'] . (ig('page') ? '&amp;page=' . g('page', 'int') : ''),
'founder' => (int) $row['founder'],
'last_visit' => empty($row['last_visit']) ? $lang['NOT_YET'] : kleeja_date($row['last_visit']),
'group' => str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
'group' => str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$row['group_id']]['data']['group_name'])
$d_groups[$row['group_id']]['data']['group_name']
)
];
}
@@ -1225,9 +1250,11 @@ case 'edit_user':
{
$u_groups[] = [
'id' => $id,
'name' => str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
'name' => str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$id]['data']['group_name']),
$d_groups[$id]['data']['group_name']
),
'default' => $config['default_group'] == $id ? true : false,
'selected' => $id == $u_group
];
@@ -1257,9 +1284,11 @@ case 'new_u':
{
$u_groups[] = [
'id' => $id,
'name' => str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
'name' => str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$id]['data']['group_name']),
$d_groups[$id]['data']['group_name']
),
'default' => $config['default_group'] == $id ? true : false,
'selected' => ip('lgroup') ? p('lgroup') == $id : $id == $config['default_group']
];

4
includes/adm/h_search.php
View File

@@ -53,7 +53,7 @@ if (ip('search_file'))
//delete all searches greater than 3 days
$query_del = [
'DELETE' => "{$dbprefix}filters",
'WHERE' => "filter_type='file_search' AND filter_user=" . $userinfo['id'] . " AND filter_time > " . (time() - 3600 * 24 * 3)
'WHERE' => "filter_type='file_search' AND filter_user=" . $userinfo['id'] . ' AND filter_time > ' . (time() - 3600 * 24 * 3)
];
$SQL->build($query_del);
@@ -96,7 +96,7 @@ if (ip('search_user'))
//delete all searches greater than 3 days
$query_del = [
'DELETE' => "{$dbprefix}filters",
'WHERE' => "filter_type='user_search' AND filter_user=" . $userinfo['id'] . " AND filter_time > " . (time() - 3600 * 24 * 3)
'WHERE' => "filter_type='user_search' AND filter_user=" . $userinfo['id'] . ' AND filter_time > ' . (time() - 3600 * 24 * 3)
];
$SQL->build($query_del);

4
includes/adm/j_plugins.php
View File

@@ -233,6 +233,7 @@ switch ($case):
$store_plugins_count = sizeof($store_plugins);
break;
//
//upload a plugin
//
@@ -291,6 +292,7 @@ switch ($case):
}
break;
//
//install a plugin
//
@@ -435,6 +437,7 @@ switch ($case):
}
break;
//
//uninstall a plugin
//
@@ -516,6 +519,7 @@ switch ($case):
}
break;
//
// disable a plugin
//

6
includes/adm/start.php
View File

@@ -266,9 +266,11 @@ $hurry_groups_list .= '<option value="' . $config['default_group'] . '">' . $lan
foreach ($d_groups as $id=>$ddt)
{
$hurry_groups_list .= '<option value="' . $id . '">' .
str_replace(['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
str_replace(
['{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'],
[$lang['ADMINS'], $lang['USERS'], $lang['GUESTS']],
$d_groups[$id]['data']['group_name']) .
$d_groups[$id]['data']['group_name']
) .
'</option>';
}

7
includes/cache.php
View File

@@ -62,14 +62,17 @@ class cache
$data_for_save .= 'if(time() > ' . (time() + $time) . ') return false;' . "\n\n";
$data_for_save .= '$data = ' . var_export($data, true) . ";\n\n//end of cache";
try {
try
{
$fd = fopen(PATH . 'cache/' . $name . '.php', 'w');
flock($fd, LOCK_EX); // exclusive look
fwrite($fd, $data_for_save);
flock($fd, LOCK_UN);
fclose($fd);
return true;
} catch (Exception $e) {
}
catch (Exception $e)
{
return false;
}
}

14
includes/captcha.php
View File

@@ -82,17 +82,19 @@ function kleeja_cpatcha_image()
//Throw in some lines to make it a little bit harder for any bots to break
imagerectangle($image, 0, 0, $width-1, $height-1, $grey);
for( $i=0; $i<$lines; $i++ ) {
for ($i=0; $i<$lines; $i++)
{
imageline($image, rand(0, $width), rand(0, $height), rand(0, $width), rand(0, $height), $grey);
}
//Tell the browser what kind of file is come in and prevent client side caching
header("Expires: Wed, 1 Jan 1997 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", FALSE);
header("Pragma: no-cache");
header('Expires: Wed, 1 Jan 1997 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: image/png');
//Output the newly created image in jpeg format

30
includes/common.php
View File

@@ -150,19 +150,21 @@ if ((empty($dbname) || empty($dbuser)) && ($dbtype !== 'sqlite'))
{
$install_file_url = (defined('IN_ADMIN') ? '.' : '') . './install/index.php';
if (file_exists(PATH . '/install/index.php')) {
if (file_exists(PATH . '/install/index.php'))
{
header("Location: {$install_file_url}");
exit;
}
kleeja_show_error(
'',
"There is no (install) folder, and the config file is not correct",
'There is no (install) folder, and the config file is not correct',
'includes/common.php',
__LINE__
);
exit;
exit;
}
// solutions for hosts running under suexec, add define('HAS_SUEXEC', true) to config.php.
@@ -196,18 +198,28 @@ if (defined('IN_ADMIN'))
$currentDirectoryPathParts = explode('/', $currentDirectoryPath);
$currentDir = array_pop($currentDirectoryPathParts);
$adminDirErrorMsg = '';
if ($customadminpath == 'admin' && $currentDir != $customadminpath) {
if ($customadminpath == 'admin' && $currentDir != $customadminpath)
{
$adminDirErrorMsg = 'You are trying to access the admin area through a directory that is not configured. Please either revert to the default admin directory name, or see our documentation for customizing the admin directory.';
} else {
if ($currentDir != $customadminpath) {
}
else
{
if ($currentDir != $customadminpath)
{
$adminDirErrorMsg = 'You are trying to access the admin area through a directory different from the one configured. Please refer to the Customize Administrator\'s Guide documentation for instructions on how to update it.';
} else {
if ($customadminpath != 'admin' && is_dir(PATH . 'admin')) {
}
else
{
if ($customadminpath != 'admin' && is_dir(PATH . 'admin'))
{
$adminDirErrorMsg = 'You are trying to access the admin area through a custom directory, but we also detected that there is a default directory \'admin\'. This may indicate that files from a recent update were uploaded to the default admin path location instead of the custom location, resulting in these files becoming outdated. Please make sure your custom admin folder contains the latest files, and delete the default admin directory to continue.';
}
}
}
if ($adminDirErrorMsg) {
if ($adminDirErrorMsg)
{
kleeja_show_error('', 'Critical Error', $adminDirErrorMsg);
}
include PATH . 'includes/functions_adm.php';

7
includes/functions.php
View File

@@ -268,7 +268,6 @@ function send_mail($to, $body, $subject, $fromAddress, $fromName, $bcc = '')
*/
function delete_cache($name, $all=false)
{
//Those files are exceptions and not for deletion
$exceptions = ['.htaccess', 'index.html', 'php.ini', 'web.config'];
@@ -487,7 +486,7 @@ function get_config($name)
$result = $SQL->build($query);
$v = $SQL->fetch($result);
$return = isset($v['value']) ? $v['value'] : NULL;
$return = isset($v['value']) ? $v['value'] : null;
is_array($plugin_run_result = Plugins::getInstance()->run('get_config_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
return $return;
@@ -759,7 +758,8 @@ function delete_olang($words = '', $lang = 'en', $plg_id = 0)
{
if (is_array($lang))
{
foreach ($lang as $index=>$current_lang) {
foreach ($lang as $index=>$current_lang)
{
$lang[$index] = $SQL->escape($lang[$index]);
}
$lang_sql = "(lang_id = '" . implode("' OR lang_id = '", $lang) . "')";
@@ -900,6 +900,7 @@ function klj_clean_old_files($from = 0)
{
@kleeja_unlink($row['folder'] . '/' . $row['name']);
}
//delete thumb
if (file_exists($row['folder'] . '/thumbs/' . $row['name']))
{

1
includes/functions_adm.php
View File

@@ -258,6 +258,7 @@ function build_search_query($search)
//if searched by a username
$usernamee = '';
if (! empty($search['username']) && (int) $config['user_system'] == 1)
{
$query = [

5
includes/functions_display.php
View File

@@ -671,6 +671,7 @@ function kleeja_style_info($style_name)
}
$t = array_map('trim', @explode('=', $m, 2));
// ':' mean something secondary as in sub-array
if (strpos($t[0], ':') !== false)
{
@@ -771,6 +772,7 @@ function is_browser($b)
$return = strpos(strtolower($u_agent), trim('applewebkit/' . $r)) !== false ? true : false;
break;
/**
* Mobile Phones are so popular those days, so we have to support them ...
* This is still in our test lab.
@@ -951,7 +953,8 @@ function time_zones()
*/
function configField($name, $type = 'text', $select_options = [])
{
switch ($type) {
switch ($type)
{
default:
case 'text':
return '<input type="text" id="kj_meta_seo_home_meta_keywords" name="' . $name . '"' .

2
includes/mime_types.php
View File

@@ -1232,5 +1232,3 @@ return [
'zsh' => 'text/x-scriptzsh',
// Add more MIME types here
];
?>

165
includes/mysqli.php
View File

@@ -9,7 +9,8 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
@@ -44,7 +45,8 @@ class KleejaDatabase
{
$port = 3306;
if (strpos($host, ':') !== false) {
if (strpos($host, ':') !== false)
{
$host = substr($host, 0, strpos($host, ':'));
$port = (int) substr($host, strpos($host, ':')+1);
}
@@ -56,12 +58,14 @@ class KleejaDatabase
$this->connect_id = @mysqli_connect($host, $db_username, $db_password, $db_name, $port);
//no error
if (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS')) {
if (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS'))
{
$this->show_errors = false;
}
if (! $this->connect_id) {
if (! $this->connect_id)
{
//loggin -> no database -> close connection
$this->close();
$this->error_msg('We can not connect to the server ...');
@@ -72,8 +76,10 @@ class KleejaDatabase
kleeja_log('[Connected] : ' . kleeja_get_page());
if (! defined('DISABLE_MYSQL_UTF8')) {
if (mysqli_set_charset($this->connect_id, 'utf8')) {
if (! defined('DISABLE_MYSQL_UTF8'))
{
if (mysqli_set_charset($this->connect_id, 'utf8'))
{
kleeja_log('[Set to UTF8] : --> ');
}
}
@@ -94,19 +100,22 @@ class KleejaDatabase
// close the connection
public function close()
{
if (! $this->is_connected()) {
if (! $this->is_connected())
{
return true;
}
// Commit any remaining transactions
if ($this->in_transaction) {
if ($this->in_transaction)
{
mysqli_commit($this->connect_id);
}
//loggin -> close connection
kleeja_log('[Closing connection] : ' . kleeja_get_page());
if (! is_resource($this->connect_id)) {
if (! is_resource($this->connect_id))
{
return true;
}
@@ -148,7 +157,8 @@ class KleejaDatabase
public function query($query, $transaction = false)
{
//no connection
if (! $this->is_connected()) {
if (! $this->is_connected())
{
return false;
}
@@ -157,13 +167,16 @@ class KleejaDatabase
//
unset($this->result);
if (! empty($query)) {
if (! empty($query))
{
//debug .. //////////////
$srartum_sql = get_microtime();
////////////////
if ($transaction && ! $this->in_transaction) {
if (! mysqli_autocommit($this->connect_id, false)) {
if ($transaction && ! $this->in_transaction)
{
if (! mysqli_autocommit($this->connect_id, false))
{
return false;
}
@@ -176,24 +189,33 @@ class KleejaDatabase
$this->debugr[$this->query_num+1] = [$query, sprintf('%.5f', get_microtime() - $srartum_sql)];
////////////////
if (! $this->result) {
if (! $this->result)
{
$this->error_msg('Error In query');
} else {
}
else
{
//let's debug it
kleeja_log('[Query] : --> ' . $query);
}
} else {
if ($this->in_transaction) {
}
else
{
if ($this->in_transaction)
{
$this->result = mysqli_commit($this->connect_id);
}
}
//is there any result
if ($this->result) {
if ($this->in_transaction) {
if ($this->result)
{
if ($this->in_transaction)
{
$this->in_transaction = false;
if (! mysqli_commit($this->connect_id)) {
if (! mysqli_commit($this->connect_id))
{
mysqli_rollback($this->connect_id);
return false;
}
@@ -201,8 +223,11 @@ class KleejaDatabase
$this->query_num++;
return $this->result;
} else {
if ($this->in_transaction) {
}
else
{
if ($this->in_transaction)
{
mysqli_rollback($this->connect_id);
$this->in_transaction = false;
}
@@ -220,62 +245,83 @@ class KleejaDatabase
{
$sql = '';
if (isset($query['SELECT']) && isset($query['FROM'])) {
if (isset($query['SELECT']) && isset($query['FROM']))
{
$sql = 'SELECT ' . $query['SELECT'] . ' FROM ' . $query['FROM'];
if (isset($query['JOINS'])) {
foreach ($query['JOINS'] as $cur_join) {
if (isset($query['JOINS']))
{
foreach ($query['JOINS'] as $cur_join)
{
$sql .= ' ' . key($cur_join) . ' ' . @current($cur_join) . ' ON ' . $cur_join['ON'];
}
}
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
if (! empty($query['GROUP BY'])) {
if (! empty($query['GROUP BY']))
{
$sql .= ' GROUP BY ' . $query['GROUP BY'];
}
if (! empty($query['HAVING'])) {
if (! empty($query['HAVING']))
{
$sql .= ' HAVING ' . $query['HAVING'];
}
if (! empty($query['ORDER BY'])) {
if (! empty($query['ORDER BY']))
{
$sql .= ' ORDER BY ' . $query['ORDER BY'];
}
if (! empty($query['LIMIT'])) {
if (! empty($query['LIMIT']))
{
$sql .= ' LIMIT ' . $query['LIMIT'];
}
} elseif (isset($query['INSERT'])) {
}
elseif (isset($query['INSERT']))
{
$sql = 'INSERT INTO ' . $query['INTO'];
if (! empty($query['INSERT'])) {
if (! empty($query['INSERT']))
{
$sql .= ' (' . $query['INSERT'] . ')';
}
$sql .= ' VALUES(' . $query['VALUES'] . ')';
} elseif (isset($query['UPDATE'])) {
if (isset($query['PARAMS']['LOW_PRIORITY'])) {
}
elseif (isset($query['UPDATE']))
{
if (isset($query['PARAMS']['LOW_PRIORITY']))
{
$query['UPDATE'] = 'LOW_PRIORITY ' . $query['UPDATE'];
}
$sql = 'UPDATE ' . $query['UPDATE'] . ' SET ' . $query['SET'];
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
} elseif (isset($query['DELETE'])) {
}
elseif (isset($query['DELETE']))
{
$sql = 'DELETE FROM ' . $query['DELETE'];
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
} elseif (isset($query['REPLACE'])) {
}
elseif (isset($query['REPLACE']))
{
$sql = 'REPLACE INTO ' . $query['INTO'];
if (! empty($query['REPLACE'])) {
if (! empty($query['REPLACE']))
{
$sql .= ' (' . $query['REPLACE'] . ')';
}
@@ -293,14 +339,18 @@ class KleejaDatabase
*/
public function freeresult($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
if ($query_id) {
if ($query_id)
{
mysqli_free_result($query_id);
return true;
} else {
}
else
{
return false;
}
}
@@ -325,7 +375,8 @@ class KleejaDatabase
*/
public function fetch_array($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
@@ -340,7 +391,8 @@ class KleejaDatabase
*/
public function num_rows($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
@@ -379,7 +431,8 @@ class KleejaDatabase
*/
public function real_escape($msg)
{
if (! $this->is_connected()) {
if (! $this->is_connected())
{
return false;
}
@@ -414,7 +467,8 @@ class KleejaDatabase
*/
private function error_msg($msg)
{
if (! $this->show_errors || (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS'))) {
if (! $this->show_errors || (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS')))
{
kleeja_log('MySQL: ' . $msg);
return false;
}
@@ -423,7 +477,8 @@ class KleejaDatabase
$error_sql = $this->connect_id ? @current($this->debugr[$this->query_num+1]) : '';
//some ppl want hide their table names
if (! defined('DEV_STAGE')) {
if (! defined('DEV_STAGE'))
{
$error_sql = preg_replace_callback("#\s{1,3}`*{$this->dbprefix}([a-z0-9]+)`*\s{1,3}#", function ($m) {
return ' <span style="color:blue">' . substr($m[1], 0, 1) . '</span> ';
}, $error_sql);
@@ -445,7 +500,8 @@ class KleejaDatabase
//is this error related to updating?
$updating_related = false;
if (strpos($error_msg, 'Unknown column') !== false) {
if (strpos($error_msg, 'Unknown column') !== false)
{
$updating_related = true;
}
@@ -457,12 +513,14 @@ class KleejaDatabase
$error_message .= " <a href='#' onclick='window.location.reload( false );'>click to Refresh this page ...</a><br />";
$error_message .= '<h2>Sorry , We encountered a MySQL error: ' . ($msg !='' ? $msg : '') . '</h2>';
if ($error_sql != '') {
if ($error_sql != '')
{
$error_message .= "<br />--[query]-------------------------- <br />$error_sql<br />---------------------------------<br /><br />";
}
$error_message .= "[$error_no : $error_msg] <br />";
if ($updating_related) {
if ($updating_related)
{
global $config;
$error_message .= '<br /><strong>Your Kleeja database might be old, try to update it now from: ' . rtrim($config['siteurl'], '/') . '/install</strong>';
$error_message .= "<br /><br><strong>If this error happened after installing a plugin, add <span style=\"background-color:#ccc; padding:2px\">define('STOP_PLUGINS', true);</span> to end of config.php file.</strong>";
@@ -490,9 +548,12 @@ class KleejaDatabase
*/
public function get_error()
{
if ($this->is_connected()) {
if ($this->is_connected())
{
return [@mysqli_errno($this->connect_id), @mysqli_error($this->connect_id)];
} else {
}
else
{
return [@mysqli_connect_errno(), @mysqli_connect_error()];
}
}

17
includes/phpass.php
View File

@@ -51,6 +51,7 @@ class PasswordHash
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime();
if (function_exists('getmypid'))
{
$this->random_state .= getmypid();
@@ -114,7 +115,8 @@ class PasswordHash
break;
}
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
}
while ($i < $count);
return $output;
}
@@ -138,6 +140,7 @@ class PasswordHash
}
$id = substr($setting, 0, 3);
// We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id !== '$P$' && $id !== '$H$')
{
@@ -170,7 +173,8 @@ class PasswordHash
do
{
$hash = md5($hash . $password, true);
} while (--$count);
}
while (--$count);
$output = substr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
@@ -218,7 +222,8 @@ class PasswordHash
$c1 |= $c2 >> 6;
$output .= $itoa64[$c1];
$output .= $itoa64[$c2 & 0x3f];
} while (1);
}
while (1);
return $output;
}
@@ -243,8 +248,10 @@ class PasswordHash
$random = $this->get_random_bytes(6);
}
$hash =
$this->crypt_private($password,
$this->gensalt_private($random));
$this->crypt_private(
$password,
$this->gensalt_private($random)
);
if (strlen($hash) === 34)
{

173
includes/sqlite.php
View File

@@ -9,7 +9,8 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
@@ -43,13 +44,19 @@ class KleejaDatabase
*/
public function __construct($location, $db_username, $db_password, $db_name, $dbprefix)
{
try {
if (class_exists('SQLite3')) {
try
{
if (class_exists('SQLite3'))
{
$this->connect_id = new SQLite3(PATH . $db_name, SQLITE3_OPEN_READWRITE);
} else {
}
else
{
$this->error_msg('SQLite3 extension is not installed in your server!');
}
} catch (Exception $e) {
}
catch (Exception $e)
{
//...
}
@@ -57,11 +64,13 @@ class KleejaDatabase
$this->dbname = $db_name;
//no error
if (defined('SQL_NO_ERRORS')) {
if (defined('SQL_NO_ERRORS'))
{
$this->show_errors = false;
}
if (! $this->connect_id) {
if (! $this->connect_id)
{
//loggin -> no database -> close connection
$this->close();
$this->error_msg('We can not connect to the sqlite database, check location or existence of the SQLite dirver ...');
@@ -88,19 +97,22 @@ class KleejaDatabase
// close the connection
public function close()
{
if (! $this->is_connected()) {
if (! $this->is_connected())
{
return true;
}
// Commit any remaining transactions
if ($this->in_transaction) {
if ($this->in_transaction)
{
$this->query('COMMIT;');
}
//loggin -> close connection
kleeja_log('[Closing connection] : ' . kleeja_get_page());
if (! is_resource($this->connect_id)) {
if (! is_resource($this->connect_id))
{
return true;
}
@@ -136,7 +148,8 @@ class KleejaDatabase
public function query($query, $transaction = false)
{
//no connection
if (! $this->is_connected()) {
if (! $this->is_connected())
{
return false;
}
@@ -145,7 +158,8 @@ class KleejaDatabase
//
unset($this->result);
if (strpos($query, 'CREATE TABLE') !== false || strpos($query, 'ALTER DATABASE') !== false) {
if (strpos($query, 'CREATE TABLE') !== false || strpos($query, 'ALTER DATABASE') !== false)
{
$sqlite_types = [
'/AUTO_INCREMENT/i' => '',
'/VARCHAR\s?(\\([0-9]+\\))?/i' => 'TEXT',
@@ -160,16 +174,19 @@ class KleejaDatabase
//todo extract keys and add as CREATE INDEX index_name ON table (column);
foreach ($sqlite_types as $old_type => $new_type) {
foreach ($sqlite_types as $old_type => $new_type)
{
$query = preg_replace($old_type, $new_type, $query);
}
}
if (! empty($query)) {
if (! empty($query))
{
//debug
$srartum_sql = get_microtime();
if ($transaction && ! $this->in_transaction) {
if ($transaction && ! $this->in_transaction)
{
$this->query('BEGIN;');
$this->in_transaction = true;
}
@@ -180,24 +197,33 @@ class KleejaDatabase
$this->debugr[$this->query_num+1] = [$query, sprintf('%.5f', get_microtime() - $srartum_sql)];
////////////////
if (! $this->result) {
if (! $this->result)
{
$this->error_msg('Error In query');
} else {
}
else
{
//let's debug it
kleeja_log('[Query] : --> ' . $query);
}
} else {
if ($this->in_transaction) {
}
else
{
if ($this->in_transaction)
{
$this->result = $this->connect_id->query('COMMIT;');
}
}
//is there any result
if ($this->result) {
if ($this->in_transaction) {
if ($this->result)
{
if ($this->in_transaction)
{
$this->in_transaction = false;
if (! $this->connect_id->query('COMMIT;')) {
if (! $this->connect_id->query('COMMIT;'))
{
$this->connect_id->query('ROLLBACK;');
return false;
}
@@ -205,8 +231,11 @@ class KleejaDatabase
$this->query_num++;
return $this->result;
} else {
if ($this->in_transaction) {
}
else
{
if ($this->in_transaction)
{
$this->connect_id->query('ROLLBACK;');
$this->in_transaction = false;
}
@@ -224,58 +253,78 @@ class KleejaDatabase
{
$sql = '';
if (isset($query['SELECT']) && isset($query['FROM'])) {
if (isset($query['SELECT']) && isset($query['FROM']))
{
$sql = 'SELECT ' . $query['SELECT'] . ' FROM ' . $query['FROM'];
if (isset($query['JOINS'])) {
foreach ($query['JOINS'] as $cur_join) {
if (isset($query['JOINS']))
{
foreach ($query['JOINS'] as $cur_join)
{
$sql .= ' ' . key($cur_join) . ' ' . current($cur_join) . ' ON ' . $cur_join['ON'];
}
}
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
if (! empty($query['GROUP BY'])) {
if (! empty($query['GROUP BY']))
{
$sql .= ' GROUP BY ' . $query['GROUP BY'];
}
if (! empty($query['HAVING'])) {
if (! empty($query['HAVING']))
{
$sql .= ' HAVING ' . $query['HAVING'];
}
if (! empty($query['ORDER BY'])) {
if (! empty($query['ORDER BY']))
{
$sql .= ' ORDER BY ' . $query['ORDER BY'];
}
if (! empty($query['LIMIT'])) {
if (! empty($query['LIMIT']))
{
$sql .= ' LIMIT ' . $query['LIMIT'];
}
} elseif (isset($query['INSERT'])) {
}
elseif (isset($query['INSERT']))
{
$sql = 'INSERT INTO ' . $query['INTO'];
if (! empty($query['INSERT'])) {
if (! empty($query['INSERT']))
{
$sql .= ' (' . $query['INSERT'] . ')';
}
$sql .= ' VALUES(' . $query['VALUES'] . ')';
} elseif (isset($query['UPDATE'])) {
}
elseif (isset($query['UPDATE']))
{
$sql = 'UPDATE ' . $query['UPDATE'] . ' SET ' . $query['SET'];
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
} elseif (isset($query['DELETE'])) {
}
elseif (isset($query['DELETE']))
{
$sql = 'DELETE FROM ' . $query['DELETE'];
if (! empty($query['WHERE'])) {
if (! empty($query['WHERE']))
{
$sql .= ' WHERE ' . $query['WHERE'];
}
} elseif (isset($query['REPLACE'])) {
}
elseif (isset($query['REPLACE']))
{
$sql = 'REPLACE INTO ' . $query['INTO'];
if (! empty($query['REPLACE'])) {
if (! empty($query['REPLACE']))
{
$sql .= ' (' . $query['REPLACE'] . ')';
}
@@ -293,14 +342,18 @@ class KleejaDatabase
*/
public function freeresult($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
if ($query_id) {
if ($query_id)
{
$query_id->finalize();
return true;
} else {
}
else
{
return false;
}
}
@@ -324,11 +377,13 @@ class KleejaDatabase
*/
public function fetch_array($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
if ($query_id && $query_id->numColumns() > 0) {
if ($query_id && $query_id->numColumns() > 0)
{
return $query_id->fetchArray(SQLITE3_ASSOC);
}
@@ -343,13 +398,15 @@ class KleejaDatabase
*/
public function num_rows($query_id = 0)
{
if (! $query_id) {
if (! $query_id)
{
$query_id = $this->result;
}
if ($query_id && $results = $query_id->numColumns()) {
if ($query_id && $results = $query_id->numColumns())
{
return $results;
}
@@ -418,7 +475,8 @@ class KleejaDatabase
*/
private function error_msg($msg)
{
if (! $this->show_errors || (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS'))) {
if (! $this->show_errors || (defined('SQL_NO_ERRORS') || defined('MYSQL_NO_ERRORS')))
{
kleeja_log('SQLite3: ' . $msg);
return false;
}
@@ -427,7 +485,8 @@ class KleejaDatabase
$error_sql = $this->connect_id ? @current($this->debugr[$this->query_num+1]) : '';
//some ppl want hide their table names
if (! defined('DEV_STAGE')) {
if (! defined('DEV_STAGE'))
{
$error_sql = preg_replace_callback("#\s{1,3}`*{$this->dbprefix}([a-z0-9]+)`*\s{1,3}#", function ($m) {
return ' <span style="color:blue">' . substr($m[1], 0, 1) . '</span> ';
}, $error_sql);
@@ -449,7 +508,8 @@ class KleejaDatabase
//is this error related to updating?
$updating_related = false;
if (strpos($error_msg, 'Unknown column') !== false || strpos($error_msg, 'no such table') !== false) {
if (strpos($error_msg, 'Unknown column') !== false || strpos($error_msg, 'no such table') !== false)
{
$updating_related = true;
}
@@ -461,12 +521,14 @@ class KleejaDatabase
$error_message .= " <a href='#' onclick='window.location.reload( false );'>click to Refresh this page ...</a><br />";
$error_message .= '<h2>Sorry , We encountered a MySQL error: ' . ($msg !='' ? $msg : '') . '</h2>';
if ($error_sql != '') {
if ($error_sql != '')
{
$error_message .= "<br />--[query]-------------------------- <br />$error_sql<br />---------------------------------<br /><br />";
}
$error_message .= "[$error_no : $error_msg] <br />";
if ($updating_related) {
if ($updating_related)
{
global $config;
$error_message .= '<br /><strong>Your Kleeja database might be old, try to update it now from: ' . rtrim($config['siteurl'], '/') . '/install</strong>';
$error_message .= "<br /><br><strong>If this error happened after installing a plugin, add <span style=\"background-color:#ccc; padding:2px\">define('STOP_PLUGINS', true);</span> to end of config.php file.</strong>";
@@ -494,9 +556,12 @@ class KleejaDatabase
*/
public function get_error()
{
if ($this->connect_id) {
if ($this->connect_id)
{
return [$this->connect_id->lastErrorCode(), $this->connect_id->lastErrorMsg()];
} else {
}
else
{
return [0, 'uknown-error-not-connected'];
}
}

77
includes/style.php
View File

@@ -9,7 +9,8 @@
//no direct access
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit;
}
@@ -30,7 +31,8 @@ class kleeja_style
global $config, $THIS_STYLE_PATH_ABS, $STYLE_PATH_ADMIN_ABS, $DEFAULT_PATH_ADMIN_ABS;
if (! ($template_path = $this->template_exists($template_name, $style_path))) {
if (! ($template_path = $this->template_exists($template_name, $style_path)))
{
big_error('No Template !', 'Requested <b>"' . $template_name . '"</b> template doesnt exist!');
}
@@ -39,7 +41,8 @@ class kleeja_style
$html = "<!-- file generated by kleeja {kleeja.net} -->\n" . $html;
//use 'b' to force binary mode
if ($filename = @fopen(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php', 'wb')) {
if ($filename = @fopen(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php', 'wb'))
{
is_array($plugin_run_result = Plugins::getInstance()->run('style_load_template_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
@@ -67,10 +70,13 @@ class kleeja_style
$style_path = str_replace(DIRECTORY_SEPARATOR, '/', $style_path ?? '');
//admin template always begin with admin_
if (substr($template_name, 0, 6) == 'admin_') {
if (substr($template_name, 0, 6) == 'admin_')
{
$current_style_path = ! empty($style_path) ? $style_path : $STYLE_PATH_ADMIN_ABS;
$is_admin_template = true;
} else {
}
else
{
$current_style_path = ! empty($style_path) ? $style_path : $THIS_STYLE_PATH_ABS;
}
@@ -82,21 +88,29 @@ class kleeja_style
$is_tpl_exist = file_exists($template_path);
if (! $is_tpl_exist) {
if (trim($config['style_depend_on']) != '') {
if (! $is_tpl_exist)
{
if (trim($config['style_depend_on']) != '')
{
$template_path_alternative = str_replace('/' . $config['style'] . '/', '/' . $config['style_depend_on'] . '/', $template_path);
if (file_exists($template_path_alternative)) {
if (file_exists($template_path_alternative))
{
$template_path = $template_path_alternative;
$is_tpl_exist = true;
}
} elseif ($is_admin_template) {
}
elseif ($is_admin_template)
{
$template_path = $DEFAULT_PATH_ADMIN_ABS . $template_name . '.html';
$is_tpl_exist = true;
} elseif ($config['style'] != 'default' && ! $is_admin_template) {
}
elseif ($config['style'] != 'default' && ! $is_admin_template)
{
$template_path_alternative = str_replace('/' . $config['style'] . '/', '/default/', $template_path);
if (file_exists($template_path_alternative)) {
if (file_exists($template_path_alternative))
{
$template_path = $template_path_alternative;
$is_tpl_exist = true;
}
@@ -160,8 +174,10 @@ class kleeja_style
foreach ([
'NAME' => '', 'LOOP' => '', 'AND' => ' && ', 'OR' => ' || ', 'ISSET' => ' isset', 'EMPTY' => ' empty'
] as $attribute=>$separator) {
if (isset($atts[$attribute])) {
] as $attribute=> $separator)
{
if (isset($atts[$attribute]))
{
$haveParentheses = in_array($attribute, ['ISSET', 'EMPTY']);
$condition .= $separator . ($haveParentheses ? '(' : '') .
@@ -181,25 +197,30 @@ class kleeja_style
$char = [' eq ', ' lt ', ' gt ', ' lte ', ' gte ', ' neq ', '==', '!=', '>=', '<=', '<', '>'];
$reps = ['==', '<', '>', '<=', '>=', '!=', '==', '!=', '>=', '<=', '<', '>'];
if (trim($condition) == '') {
if (trim($condition) == '')
{
return '';
}
$con = str_replace('$this->vars', '[----this-vars----]', $condition);
if (preg_match('/(.*)(' . implode('|', $char) . ')(.*)/i', $con, $arr)) {
if (preg_match('/(.*)(' . implode('|', $char) . ')(.*)/i', $con, $arr))
{
$arr[1] = trim($arr[1]);
$var1 = $arr[1][0] != '$' ? call_user_func(['kleeja_style', '_var_callback'], (! $is_loop ? '{' . $arr[1] . '}' : '{{' . $arr[1] . '}}')) : $arr[1];
$opr = str_replace($char, $reps, $arr[2]);
$var2 = trim($arr[3]);
//check for type
if (strpos($var2, '$')!==0 && ! preg_match('/[0-9]/', $var2)) {
if (strpos($var2, '$')!==0 && ! preg_match('/[0-9]/', $var2))
{
$var2 = '"' . str_replace('"', '\"', $var2) . '"';
}
$con = "$var1 $opr $var2";
} elseif ($con[0] !== '$' && strpos($con, '(') === false) {
}
elseif ($con[0] !== '$' && strpos($con, '(') === false)
{
$con = call_user_func(['kleeja_style', '_var_callback'], (! $is_loop ? '{' . $con . '}' : '{{' . $con . '}}'));
}
@@ -216,7 +237,8 @@ class kleeja_style
{
$variable = call_user_func(['kleeja_style', '_var_callback'], $matches);
if (strpos($matches[0], '{lang') !== false || strpos($matches[0], '{olang') !== false) {
if (strpos($matches[0], '{lang') !== false || strpos($matches[0], '{olang') !== false)
{
return '<?=' . $variable . ' ?? \'' . $matches[0] . '\'?>';
}
@@ -231,13 +253,15 @@ class kleeja_style
*/
protected function _var_callback($matches)
{
if (! is_array($matches)) {
if (! is_array($matches))
{
preg_match(kleeja_style::reg('var'), $matches, $matches);
}
$var = trim(! empty($matches[2]) ? str_replace('.', '\'][\'', $matches[2]) : '');
if (empty($var)) {
if (empty($var))
{
return '';
}
@@ -278,7 +302,8 @@ class kleeja_style
$attributes = [];
for ($i = 0; $i < count($attribute[1]); $i++) {
for ($i = 0; $i < count($attribute[1]); $i++)
{
$att = strtoupper($attribute[1][$i]);
$attributes[$att] = preg_replace_callback(kleeja_style::reg('var'), ['kleeja_style', '_var_callback'], $attribute[2][$i]);
@@ -310,7 +335,8 @@ class kleeja_style
$this->vars = $GLOBALS;
//is there ?
if (! file_exists(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php') || ! $this->caching) {
if (! file_exists(PATH . 'cache/tpl_' . $this->re_name_tpl($template_name, $style_path) . '.php') || ! $this->caching)
{
$this->_load_template($template_name, $style_path);
}
@@ -338,9 +364,12 @@ class kleeja_style
ob_start();
if ($eval_on) {
if ($eval_on)
{
eval(' ?' . '>' . $parsed_html . '<' . '?php ');
} else {
}
else
{
$path = PATH . 'cache/tpl_' . md5($parsed_html) . '.php';
file_put_contents($path, $parsed_html);
include_once $path;

26
includes/up_helpers/thumbs.php
View File

@@ -123,10 +123,14 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
imagecopyresampled(
$temp_gdim,
$source_gdim,
0, 0,
0, 0,
$temp_width, $temp_height,
$source_width, $source_height
0,
0,
0,
0,
$temp_width,
$temp_height,
$source_width,
$source_height
);
// Copy cropped region from temporary image into the desired GD image
@@ -137,9 +141,12 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
imagecopy(
$desired_gdim,
$temp_gdim,
0, 0,
$x0, $y0,
$dw, $dh
0,
0,
$x0,
$y0,
$dw,
$dh
);
// Create thumbnail
@@ -237,18 +244,21 @@ function helper_thumb_imagick($name, $ext, $filename, $new_w, $new_h)
$im->getImageWidth(),
$im->getImageHeight(),
$new_w,
$new_h);
$new_h
);
//an exception for gif image
//generating thumb with 10 frames only, big gif is a devil
if ($ext == 'gif')
{
$i = 0;
//$gif_new = new Imagick();
foreach ($im as $frame)
{
$frame->thumbnailImage($thumb_w, $thumb_h);
$frame->setImagePage($thumb_w, $thumb_h, 0, 0);
// $gif_new->addImage($frame->getImage());
if ($i >= 10)
{

1
includes/up_helpers/watermark.php
View File

@@ -182,6 +182,7 @@ function helper_watermark_imagick($name, $ext, $logo)
if ($ext == 'gif')
{
$i = 0;
//$gif_new = new Imagick();
foreach ($im as $frame)
{

109
includes/up_methods/defaultUploader.php
View File

@@ -9,7 +9,8 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
@@ -234,7 +235,8 @@ class defaultUploader implements KleejaUploader
// show del code link box
$extra_del = '';
if ($config['del_url_file']) {
if ($config['del_url_file'])
{
$extra_del = get_up_tpl_box(
'del_file_code',
[
@@ -245,13 +247,15 @@ class defaultUploader implements KleejaUploader
}
//show imgs
if ($is_img) {
if ($is_img)
{
$img_html_result = '';
// get default thumb dimensions
$thmb_dim_w = $thmb_dim_h = 150;
if (strpos($config['thmb_dims'], '*') !== false) {
if (strpos($config['thmb_dims'], '*') !== false)
{
list($thmb_dim_w, $thmb_dim_h) = array_map('trim', explode('*', $config['thmb_dims']));
}
@@ -276,7 +280,8 @@ class defaultUploader implements KleejaUploader
// watermark on image
if ($config['write_imgs'] != 0 && in_array($fileInfo['fileExtension'], ['gif', 'png', 'jpg', 'jpeg', 'bmp'])) {
if ($config['write_imgs'] != 0 && in_array($fileInfo['fileExtension'], ['gif', 'png', 'jpg', 'jpeg', 'bmp']))
{
helper_watermark($fileInfo['saveToFolder'] . '/' . $fileInfo['generatedFileName'], $fileInfo['fileExtension']);
}
@@ -302,7 +307,9 @@ class defaultUploader implements KleejaUploader
htmlspecialchars($fileInfo['originalFileName']) . '</div>' . "\n" .
$img_html_result
);
} else {
}
else
{
//then show other files
$else_html_result = get_up_tpl_box(
'file',
@@ -356,28 +363,34 @@ class defaultUploader implements KleejaUploader
// check folder our real folder
if (! file_exists($current_uploading_folder)) {
if (! make_folder($current_uploading_folder)) {
if (! file_exists($current_uploading_folder))
{
if (! make_folder($current_uploading_folder))
{
$this->addErrorMessage($lang['CANT_DIR_CRT']);
}
}
if ($return_now) {
if ($return_now)
{
return;
}
// is captcha on, and there is uploading going on
if ($captcha_enabled) {
if ($captcha_enabled)
{
//captcha is wrong
if (! kleeja_check_captcha()) {
if (! kleeja_check_captcha())
{
$this->addErrorMessage($lang['WRONG_VERTY_CODE']);
return;
}
}
// to prevent flooding, user must wait, waiting-time is grapped from Kleeja settings, admin is exceptional
if (! user_can('enter_acp') && user_is_flooding($current_user_id)) {
if (! user_can('enter_acp') && user_is_flooding($current_user_id))
{
$this->addErrorMessage(sprintf(
$lang['YOU_HAVE_TO_WAIT'],
$config['usersectoupload']
@@ -387,8 +400,10 @@ class defaultUploader implements KleejaUploader
//detect flooding, TODO fix it or remove it
if (isset($_SESSION['FIILES_NOT_DUPLI'])) {
if (! empty($_SESSION['FIILES_NOT_DUPLI']) && $_SESSION['FIILES_NOT_DUPLI'] == sha1(serialize(array_column($_FILES, 'name')))) {
if (isset($_SESSION['FIILES_NOT_DUPLI']))
{
if (! empty($_SESSION['FIILES_NOT_DUPLI']) && $_SESSION['FIILES_NOT_DUPLI'] == sha1(serialize(array_column($_FILES, 'name'))))
{
unset($_SESSION['FIILES_NOT_DUPLI']);
$this->addErrorMessage($lang['U_R_FLOODER']);
@@ -397,7 +412,8 @@ class defaultUploader implements KleejaUploader
}
// flooding code, making sure every ok session is cleared
if (sizeof($_FILES) > 0) {
if (sizeof($_FILES) > 0)
{
$_SESSION['FIILES_NOT_DUPLI'] = sha1(serialize(array_column($_FILES, 'name')));
}
@@ -405,16 +421,20 @@ class defaultUploader implements KleejaUploader
//now close session to let user open any other page in Kleeja
session_write_close();
if (! empty($_FILES['file']['tmp_name'])) {
if (! empty($_FILES['file']['tmp_name']))
{
$_FILES['file'][0] = $_FILES['file'];
}
// loop the uploaded files
for ($i=0; $i<=$this->getUploadFieldsLimit(); $i++) {
for ($i=0; $i<=$this->getUploadFieldsLimit(); $i++)
{
//no file!
if (empty($_FILES['file_' . $i . '_']['tmp_name']) && empty($_FILES['file'][$i]['tmp_name'])) {
if (! isset($_FILES['file_' . $i . '_'], $_FILES['file'][$i])) {
if (empty($_FILES['file_' . $i . '_']['tmp_name']) && empty($_FILES['file'][$i]['tmp_name']))
{
if (! isset($_FILES['file_' . $i . '_'], $_FILES['file'][$i]))
{
continue;
}
@@ -428,8 +448,10 @@ class defaultUploader implements KleejaUploader
$upload_max_size = ini_get('upload_max_filesize');
if ($error !== UPLOAD_ERR_OK) {
switch ($error) {
if ($error !== UPLOAD_ERR_OK)
{
switch ($error)
{
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$this->addErrorMessage(
@@ -469,7 +491,6 @@ class defaultUploader implements KleejaUploader
$this->addErrorMessage(sprintf($lang['CANT_UPLAOD'], htmlspecialchars($filename)));
break;
}
}
@@ -482,7 +503,8 @@ class defaultUploader implements KleejaUploader
// well, no file uploaded, ask user to choose a file before submit
if ($this->total_uploaded_files == 0 && sizeof($this->messages) == 0) {
if ($this->total_uploaded_files == 0 && sizeof($this->messages) == 0)
{
$this->addErrorMessage($lang['CHOSE_F']);
}
}
@@ -512,7 +534,8 @@ class defaultUploader implements KleejaUploader
$fileInfo['currentUserId'] = $current_user_id;
if (! isset($_FILES['file_' . $fieldNumber . '_']) && isset($_FILES['file'][$fieldNumber])) {
if (! isset($_FILES['file_' . $fieldNumber . '_']) && isset($_FILES['file'][$fieldNumber]))
{
$_FILES['file_' . $fieldNumber . '_'] = $_FILES['file'][$fieldNumber];
}
@@ -521,7 +544,8 @@ class defaultUploader implements KleejaUploader
? urldecode(str_replace([';',','], '', $_FILES['file_' . $fieldNumber . '_']['name']))
: '';
if (empty($fileInfo['originalFileName'])) {
if (empty($fileInfo['originalFileName']))
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
return;
}
@@ -546,7 +570,8 @@ class defaultUploader implements KleejaUploader
// file exists before? change it a little
if (file_exists($current_uploading_folder . '/' . $fileInfo['generatedFileName'])) {
if (file_exists($current_uploading_folder . '/' . $fileInfo['generatedFileName']))
{
$fileInfo['generatedFileName'] = change_filename_decoding(
$fileInfo['generatedFileName'],
$fieldNumber,
@@ -559,9 +584,11 @@ class defaultUploader implements KleejaUploader
// now, let process it
if (! in_array(strtolower($fileInfo['fileExtension']), array_keys($this->getAllowedFileExtensions()))) {
if (! in_array(strtolower($fileInfo['fileExtension']), array_keys($this->getAllowedFileExtensions())))
{
// guest
if ($current_user_id == '-1') {
if ($current_user_id == '-1')
{
$this->addErrorMessage(
sprintf($lang['FORBID_EXT'], $fileInfo['fileExtension'])
. '<br> <a href="' . ($config['mod_writer'] ? 'register.html' : 'ucp.php?go=register') .
@@ -569,24 +596,29 @@ class defaultUploader implements KleejaUploader
);
}
// a member
else {
else
{
$this->addErrorMessage(sprintf($lang['FORBID_EXT'], $fileInfo['fileExtension']));
}
}
// bad chars in the filename
elseif (preg_match("#[\\\/\:\*\?\<\>\|\"]#", $fileInfo['generatedFileName'])) {
elseif (preg_match("#[\\\/\:\*\?\<\>\|\"]#", $fileInfo['generatedFileName']))
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check file extension for bad stuff
elseif (ext_check_safe($_FILES['file_' . $fieldNumber . '_']['name']) == false) {
elseif (ext_check_safe($_FILES['file_' . $fieldNumber . '_']['name']) == false)
{
$this->addErrorMessage(sprintf($lang['WRONG_F_NAME'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check the mime-type for the file
elseif (check_mime_type($_FILES['file_' . $fieldNumber . '_']['type'], $fileInfo['fileExtension'], $_FILES['file_' . $fieldNumber . '_']['tmp_name']) == false) {
elseif (check_mime_type($_FILES['file_' . $fieldNumber . '_']['type'], $fileInfo['fileExtension'], $_FILES['file_' . $fieldNumber . '_']['tmp_name']) == false)
{
$this->addErrorMessage(sprintf($lang['NOT_SAFE_FILE'], htmlspecialchars($_FILES['file_' . $fieldNumber . '_']['name'])));
}
// check file size
elseif ($this->getAllowedFileExtensions()[$fileInfo['fileExtension']] > 0 && $fileInfo['fileSize'] >= $this->getAllowedFileExtensions()[$fileInfo['fileExtension']]) {
elseif ($this->getAllowedFileExtensions()[$fileInfo['fileExtension']] > 0 && $fileInfo['fileSize'] >= $this->getAllowedFileExtensions()[$fileInfo['fileExtension']])
{
$this->addErrorMessage(
sprintf(
$lang['SIZE_F_BIG'],
@@ -600,19 +632,24 @@ class defaultUploader implements KleejaUploader
$this->addErrorMessage($lang['TOTAL_SIZE_EXCEEDED']);
}
// no errors, so upload it
else {
else
{
is_array($plugin_run_result = Plugins::getInstance()->run('defaultUploader_uploadTypeFile_2nd', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
// now, upload the file
$file = move_uploaded_file($_FILES['file_' . $fieldNumber . '_']['tmp_name'], $current_uploading_folder . '/' . $fileInfo['generatedFileName']);
if ($file) {
if ($file)
{
$this->saveToDatabase($fileInfo);
if ($remaining_storage != -1)
{
$remaining_storage -= $fileInfo['fileSize'];
}
} else {
}
else
{
$this->addErrorMessage(sprintf($lang['CANT_UPLAOD'], $fileInfo['originalFileName']));
}
}

95
includes/usr.php
View File

@@ -9,7 +9,8 @@
//no for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
@@ -33,7 +34,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('data_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $login_status;
}
@@ -48,7 +50,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('auth_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if ($return_now) {
if ($return_now)
{
return $auth_status;
}
@@ -73,18 +76,24 @@ class usrcp
'LIMIT' => '1'
];
if ($hashed) {
if ($hashed)
{
$query['WHERE'] = 'id=' . intval($name) . " and password='" . $SQL->escape($pass) . "'";
} else {
}
else
{
$query['WHERE'] = "clean_name='" . $SQL->real_escape($this->cleanusername($name)) . "'";
}
is_array($plugin_run_result = Plugins::getInstance()->run('qr_select_usrdata_n_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
$result = $SQL->build($query);
if ($SQL->num_rows($result)) {
while ($row=$SQL->fetch_array($result)) {
if (empty($row['password'])) {
if ($SQL->num_rows($result))
{
while ($row=$SQL->fetch_array($result))
{
if (empty($row['password']))
{
//more security
return false;
}
@@ -92,10 +101,13 @@ class usrcp
$phppass = $hashed ? $pass : $pass . $row['password_salt'];
//CHECK IF IT'S MD5 PASSWORD
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT')) {
if (strlen($row['password']) == '32' && empty($row['password_salt']) && defined('CONVERTED_SCRIPT'))
{
$passmd5 = md5($pass);
////update old md5 hash to phpass hash
if ($row['password'] == $passmd5) {
if ($row['password'] == $passmd5)
{
////new salt
$new_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7);
////new password hash
@@ -111,12 +123,15 @@ class usrcp
];
$SQL->build($update_query);
} else { //if the password is wrong
}
else //if the password is wrong
{
return false;
}
}
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false)) {
if (($phppass != $row['password'] && $hashed) || ($this->kleeja_hash_password($phppass, $row['password']) != true && $hashed == false))
{
return false;
}
@@ -131,13 +146,15 @@ class usrcp
$user_y = base64_encode(serialize(['id'=>$row['id'], 'name'=>$row['name'], 'mail'=>$row['mail'], 'last_visit'=>$row['last_visit']]));
if (! $hashed && ! $loginadm) {
if (! $hashed && ! $loginadm)
{
$hash_key_expire = sha1(md5($config['h_key'] . $row['password']) . $expire);
$this->kleeja_set_cookie('ulogu', $this->en_de_crypt($row['id'] . '|' . $row['password'] . '|' . $expire . '|' . $hash_key_expire . '|' . $row['group_id'] . '|' . $user_y), $expire);
}
//if last visit > 1 minute then update it
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60) {
if (empty($row['last_visit']) || time() - $row['last_visit'] > 60)
{
$this->last_visit = time();
$update_last_visit = [
'UPDATE' => "{$dbprefix}users",
@@ -154,7 +171,9 @@ class usrcp
unset($pass);
return true;
} else {
}
else
{
return false;
}
}
@@ -167,7 +186,8 @@ class usrcp
{
global $dbprefix, $SQL;
if (! $user_id) {
if (! $user_id)
{
$user_id = $this->id();
}
@@ -233,7 +253,8 @@ class usrcp
is_array($plugin_run_result = Plugins::getInstance()->run('logout_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
//acp
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN'])) {
if (user_can('enter_acp') && ! empty($_SESSION['ADMINLOGIN']))
{
$this->logout_cp();
}
@@ -254,7 +275,8 @@ class usrcp
{
is_array($plugin_run_result = Plugins::getInstance()->run('logout_cp_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
if (! empty($_SESSION['ADMINLOGIN'])) {
if (! empty($_SESSION['ADMINLOGIN']))
{
unset($_SESSION['ADMINLOGIN'], $_SESSION['USER_SESS'] /*, $_SESSION['LAST_VISIT']*/);
}
@@ -272,7 +294,8 @@ class usrcp
['a','a','a','a','a','a','a','a','a','a','e','e','e','e','e','e','e','i','i','i','i','i','i','i','i','o','o','o','o','o','o','o','o','o','o','o','u','u','u','u','u','u','c','c','n','n','y','e']
];
if (empty($arabic_t)) {
if (empty($arabic_t))
{
//Arabic chars must be stay in utf8 format, so we encoded them
$arabic_t = unserialize(base64_decode('YToyOntpOjA7YToxMjp7aTowO3M6Mjoi2KMiO2k6MTtzOjI6ItilIjtpOjI7czoyOiLYpCI7aTozO3M6Mjoi2YAiO2k6NDtzOjI6Itm' .
'LIjtpOjU7czoyOiLZjCI7aTo2O3M6Mjoi2Y8iO2k6NztzOjI6ItmOIjtpOjg7czoyOiLZkCI7aTo5O3M6Mjoi2ZIiO2k6MTA7czoyOiLYoiI7aToxMTtzOjI6ItimIjt9aToxO' .
@@ -321,7 +344,8 @@ class usrcp
//
//when user add define('FORCE_COOKIES', true) in config.php we will make our settings of cookies
//
if (defined('FORCE_COOKIES')) {
if (defined('FORCE_COOKIES'))
{
$config['cookie_domain'] = ! empty($_SERVER['HTTP_HOST']) ? strtolower($_SERVER['HTTP_HOST']) : (! empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : @getenv('SERVER_NAME'));
$config['cookie_domain'] = str_replace('www.', '.', substr($config['cookie_domain'], 0, strpos($config['cookie_domain'], ':')));
$config['cookie_path'] = '/';
@@ -344,22 +368,27 @@ class usrcp
global $config;
static $txt = [];
if (empty($txt)) {
if (empty($config['h_key'])) {
if (empty($txt))
{
if (empty($config['h_key']))
{
$config['h_key'] = sha1(microtime());
}
$chars = str_split($config['h_key']);
foreach (range('a', 'z') as $k=>$v) {
if (! isset($chars[$k])) {
foreach (range('a', 'z') as $k=>$v)
{
if (! isset($chars[$k]))
{
break;
}
$txt[$v] = $chars[$k] . $k . '-';
}
}
switch ($type) {
switch ($type)
{
case 1:
$data = str_replace('=', '_', base64_encode($data));
$data = strtr($data, $txt);
@@ -405,14 +434,17 @@ class usrcp
];
//if login up
if ($this->kleeja_get_cookie('ulogu')) {
if ($this->kleeja_get_cookie('ulogu'))
{
$user_data = false;
list($user_id, $hashed_password, $expire_at, $hashed_expire, $group_id, $u_info) = @explode('|', $this->en_de_crypt($this->kleeja_get_cookie('ulogu'), 2));
//if not expire
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time())) {
if (! empty($u_info)) {
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time()))
{
if (! empty($u_info))
{
$userinfo = unserialize(base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
@@ -420,9 +452,12 @@ class usrcp
}
}
if ($user_data == false) {
if ($user_data == false)
{
$this->logout();
} else {
}
else
{
$this->user_id = $userinfo['id'];
$this->group_id = $userinfo['group_id'];
$this->user_name = $userinfo['name'];

4
index.php
View File

@@ -54,8 +54,10 @@ $action = $config['siteurl'];
$uploadingMethodClassBaseName = basename($uploadingMethodClass, '.php');
$uploader = new $uploadingMethodClassBaseName;
if (! $uploader instanceof KleejaUploader) {
if (! $uploader instanceof KleejaUploader)
{
kleeja_err('Your upload Method class is not implemented our KleejaUploader Interface');
exit;
}

1
install/includes/functions_install.php
View File

@@ -113,6 +113,7 @@ function kleeja_eval($code)
* @param mixed $pass
* @param mixed $nm
* @param mixed $prf
* @param mixed $type
*/
function do_config_export($srv, $usr, $pass, $nm, $prf, $type = 'mysqli')
{

6
install/includes/install_sqls.php
View File

@@ -8,12 +8,14 @@
*/
// not for directly open
if (! defined('IN_COMMON')) {
if (! defined('IN_COMMON'))
{
exit();
}
if (empty($install_sqls) || ! is_array($install_sqls)) {
if (empty($install_sqls) || ! is_array($install_sqls))
{
$install_sqls = [];
}

4
install/includes/update_schema.php
View File

@@ -36,4 +36,8 @@ $update_schema[9]['sql'] = [
$update_schema[10]['sql'] = [
'about_files' => "ALTER TABLE `{$dbprefix}files` ADD `about` LONGTEXT NULL DEFAULT NULL AFTER `real_filename`;",
'enable_multipart' => "INSERT INTO `{$dbprefix}groups_data` (`group_id`, `name`, `value`) SELECT `group_id`, 'enable_multipart', 1 FROM `{$dbprefix}groups`;",
'user_storage_size' => "ALTER TABLE `{$dbprefix}users` ADD `storage_size` bigint(20) NOT NULL DEFAULT '0' AFTER `hash_key`;",
'group_max_storage' => "INSERT INTO `{$dbprefix}groups_data` (`group_id`, `name`, `value`) SELECT `group_id`, 'max_storage', 0 FROM `{$dbprefix}groups`;",
'multipart_config' => 'INSERT INTO `' . $dbprefix . 'config` (`name`, `value`, `option`, `display_order`, `type`, `plg_id`, `dynamic`) VALUES (\'enable_multipart\', 1, \'<label>{lang.YES}<input type=\"radio\" id=\"enable_multipart\" name=\"enable_multipart\" value=\"1\" <IF NAME=\"con.enable_multipart==1\"> checked=\"checked\"</IF> /></label>\r\n <label>{lang.NO}<input type=\"radio\" id=\"enable_multipart\" name=\"enable_multipart\" value=\"0\" <IF NAME=\"con.enable_multipart==0\"> checked=\"checked\"</IF> /></label>\', 45, \'groups\', 0, 0);',
'max_storage_config' => 'INSERT INTO `' . $dbprefix . 'config` (`name`, `value`, `option`, `display_order`, `type`, `plg_id`, `dynamic`) VALUES (\'max_storage\', 0, \'<input type=\"text\" id=\"max_storage\" name=\"max_storage\" value=\"{con.max_storage}\" size=\"20\" style=\"direction:ltr\" />\', 11, \'groups\', 0, 0);',
];

4
install/install.php
View File

@@ -195,6 +195,7 @@ case 'data' :
{
echo $lang['EMPTY_FIELDS'];
echo gettpl('footer.html');
exit();
}
@@ -203,6 +204,7 @@ case 'data' :
{
echo $lang['PASS_NEQ_PASS2'];
echo gettpl('footer.html');
exit();
}
@@ -210,6 +212,7 @@ case 'data' :
{
echo $lang['WRONG_EMAIL'];
echo gettpl('footer.html');
exit();
}
@@ -417,6 +420,7 @@ break;
case 'end' :
echo gettpl('end.html');
//for safe ..
//@rename("install.php", "install.lock");
break;

4
install/style/update_end.html
View File

@@ -10,8 +10,8 @@
{{if($GLOBALS['complete_update']):}}
<div class="hr"></div>
<div class="notice">
<h6><img src="style/images/info2.png" class="img" alt="" /> {{echo $lang['INST_NOTES_UPDATE']}} :</h6>
<p><img src="style/images/inst_notes.png" class="img" alt="" />{{echo $lang['INST_NOTE_RC6_TO_1.0.0']}}</p>
<h6><img src="style/images/info2.png" class="img" alt="" /> {{echo $lang['KLEEJA_TEAM_MSG_NAME']}}</h6>
<p><img src="style/images/inst_notes.png" class="img" alt="" />{{echo $lang['KLEEJA_TEAM_MSG_TEXT']}}</p>
</div>
{{else:}}
<div class="notice TN">

50
install/update.php
View File

@@ -19,7 +19,8 @@ define('IN_COMMON', true);
define('STOP_PLUGINS', true);
define('PATH', '../');
if (file_exists(PATH . 'config.php')) {
if (file_exists(PATH . 'config.php'))
{
include_once PATH . 'config.php';
}
@@ -27,9 +28,12 @@ include_once PATH . 'includes/plugins.php';
include_once PATH . 'includes/functions.php';
include_once PATH . 'includes/functions_alternative.php';
if (isset($dbtype) && $dbtype == 'sqlite') {
if (isset($dbtype) && $dbtype == 'sqlite')
{
include PATH . 'includes/sqlite.php';
} else {
}
else
{
include PATH . 'includes/mysqli.php';
}
@@ -44,7 +48,8 @@ $SQL = new KleejaDatabase($dbserver, $dbuser, $dbpass, $dbname, $dbprefix);
//
$config['db_version'] = inst_get_config('db_version');
if ($config['db_version'] == false) {
if ($config['db_version'] == false)
{
$SQL->query("INSERT INTO `{$dbprefix}config` (`name` ,`value`) VALUES ('db_version', '')");
}
@@ -55,7 +60,8 @@ $IN_UPDATE = true;
/**
* print header
*/
if (! ip('action_file_do')) {
if (! ip('action_file_do'))
{
echo gettpl('header.html');
}
@@ -63,7 +69,8 @@ if (! ip('action_file_do')) {
/**
* Navigation ..
*/
switch (g('step', 'str', 'action_file')) {
switch (g('step', 'str', 'action_file'))
{
default:
case 'update_now':
@@ -79,7 +86,8 @@ case 'update_now':
sort($available_db_updates);
if (! sizeof($available_db_updates)) {
if (! sizeof($available_db_updates))
{
$update_msgs_arr[] = '<span style="color:green;">' . $lang['INST_UPDATE_CUR_VER_IS_UP'] . '</span>';
$complete_update = false;
}
@@ -87,34 +95,43 @@ case 'update_now':
//
//is there any sqls
//
if ($complete_update) {
if ($complete_update)
{
//loop through available updates
foreach ($available_db_updates as $db_update_version) {
foreach ($available_db_updates as $db_update_version)
{
$SQL->hideErrors();
//sqls
if (isset($update_schema[$db_update_version]['sql'])
&& sizeof($update_schema[$db_update_version]['sql']) > 0) {
&& sizeof($update_schema[$db_update_version]['sql']) > 0)
{
$err = '';
$complete_update = true;
foreach ($update_schema[$db_update_version]['sql'] as $name=>$sql_content) {
foreach ($update_schema[$db_update_version]['sql'] as $name=>$sql_content)
{
$err = '';
$SQL->query($sql_content);
$err = $SQL->get_error();
if (strpos($err[1], 'Duplicate') !== false || $err[0] == '1062' || $err[0] == '1060') {
if (strpos($err[1], 'Duplicate') !== false || $err[0] == '1062' || $err[0] == '1060')
{
$complete_update = false;
}
}
}
//functions
if ($complete_update) {
if (isset($update_schema[$db_update_version]['functions']) && sizeof($update_schema[$db_update_version]['functions']) > 0) {
foreach ($update_schema[$db_update_version]['functions'] as $n) {
if (is_callable($n)) {
if ($complete_update)
{
if (isset($update_schema[$db_update_version]['functions']) && sizeof($update_schema[$db_update_version]['functions']) > 0)
{
foreach ($update_schema[$db_update_version]['functions'] as $n)
{
if (is_callable($n))
{
$n();
}
}
@@ -123,6 +140,7 @@ case 'update_now':
$sql = "UPDATE `{$dbprefix}config` SET `value` = '" . KLEEJA_DB_VERSION . "' WHERE `name` = 'db_version'";
$SQL->query($sql);
$update_msgs_arr[] = '<span style="color:green;">' . $lang['INST_UPDATE_IS_FINISH'] . '</span>';
}
}

2
lang/fa/common.php
View File

@@ -45,7 +45,7 @@ return [
'VERTY_CODE' => 'کد امنیتی:',
'NOTE_CODE' => 'حروف و اعدادی که در شکل می بینید دقیقا وارد کنید',
'WRONG_EMAIL' => 'آدرس پست الکترونیک اشتباه است!',
'WRONG_NAME' => 'نام کاربری باید حداقل 4 حرف باشد!', # CHECK
'WRONG_NAME' => 'نام کاربری باید حداقل 4 حرف باشد!', // CHECK
'EXIST_NAME' => 'این نام قبلا توسط کسی انتخاب شده است.',
'EXIST_EMAIL' => 'این ایمیل قبلا توسط شخصی در سیستم ما ثبت شده است!',
'WRONG_VERTY_CODE' => 'کد امنیتی نادرست است!',

7
ucp.php
View File

@@ -343,11 +343,13 @@ switch (g('go'))
$start = $Pager->getStartRow();
$your_fileuser = $config['siteurl'] . ($config['mod_writer'] ? 'fileuser-' . $usrcp->id() . '.html' : 'ucp.php?go=fileuser&amp;id=' . $usrcp->id());
if($user_himself)
{
$used_storage = $userinfo['storage_size'];
$max_storage = $d_groups[$usrcp->group_id()]['configs']['max_storage'];
$is_limited = $max_storage>0;
if($is_limited)
{
$storage_per = ($used_storage*100)/$max_storage;
@@ -378,6 +380,7 @@ switch (g('go'))
//set page title
$titlee = $lang['FILEUSER'] . ': ' . $user_name;
//there is result ? show them
if ($nums_rows != 0)
{
@@ -816,6 +819,7 @@ switch (g('go'))
$ERRORS = [];
is_array($plugin_run_result = Plugins::getInstance()->run('submit_get_pass', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
//check for form key
if (! kleeja_check_form_key('get_pass'))
{
@@ -914,7 +918,8 @@ switch (g('go'))
exit;
break;;
break;
;
//
//add your own code here