Nemcio/Kleeja
1
0
Fork 0
mirror of https://github.com/kleeja-official/kleeja.git synced 2025-12-16 04:59:42 +01:00
Code Issues Packages Projects Releases Activity

Merge pull request #214 from RouatbiH/master

Browse Source 
Fixes + Changes + Compatibility with PHP 8.x
This commit is contained in:
H.Rouatbi
2024-09-07 18:10:06 +01:00
committed by GitHub
parent 9350823dff 4cc46eec6d
commit fee0f895a3
48 changed files with 1572 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
admin/Masmak/admin_plugins.html
View File

@@ -249,10 +249,12 @@ function downloadPlugin(name, nextPlugins) {
this.fail();
}
setTimeout(function() {
var currentPlugin = nextPlugins.shift();
downloadPlugin(currentPlugin, nextPlugins);
}, 500);
if (nextPlugins.length > 0) {
setTimeout(function() {
var currentPlugin = nextPlugins.shift();
downloadPlugin(currentPlugin, nextPlugins);
}, 500);
}
})
.fail(function(data) {
var tryAgainMsg = '{lang.ERROR_TRY_AGAIN}';

2
admin/Masmak/admin_search.html
View File

@@ -30,7 +30,7 @@ function check_search_users_form(form)
var do_it = false;
if(form.username.value != '') {
do_it = true;
}else if(form.username.value != '') {
}else if(form.usermail.value != '') {
do_it = true;
}

4
admin/Masmak/admin_start.html
View File

@@ -314,8 +314,8 @@ function toggleStartBox(name, hide, current) {
<li class="list-group-item">
{lang.AFILES_SIZE_SPACE}
<br>
<div class="progress" style="width: 100%">
<div class="progress-bar" role="progressbar" aria-valuenow="{per1}" aria-valuemin="0" aria-valuemax="100">{per1}%</div>
<div class="progress">
<div class="progress-bar" role="progressbar" style="width: {per1}%;" aria-valuenow="{per1}" aria-valuemin="0" aria-valuemax="100">{per1}%</div>
</div>
</li>

11
admin/Masmak/admin_users.html
View File

@@ -268,10 +268,11 @@
<br>
<IF NAME="arr">
<ul class="list-group">
<IF NAME="no_results">
<div class="alert alert-info">{lang.NOTHING}</div>
<ELSE>
<ul class="list-group">
<LOOP NAME="arr">
<li class="list-group-item d-flex justify-content-between">
<div class="col col-md-auto">
<h3>{{name}} <IF LOOP="founder==1"><i class="fa fa-star text-warning" title="{lang.FOUNDER}" data-toggle="tooltip" style="font-size: medium;vertical-align: top;"></i></IF></h3>
@@ -292,12 +293,8 @@
</div>
</div>
</li>
</LOOP>
</ul>
<ELSE>
<div class="alert alert-info">{lang.NOTHING}</div>
</IF>

3
admin/index.php
View File

@@ -29,6 +29,9 @@ if (! $username)
{
is_array($plugin_run_result = Plugins::getInstance()->run('user_not_admin_admin_page', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
redirect(PATH . 'ucp.php?go=login&return=' . urlencode(ADMIN_PATH . '?cp=' . $go_to));
}else if(!user_can('enter_acp')){
$usrcp->logout_cp();
redirect($config['siteurl']);
}
//get language of admin

6
do.php
View File

@@ -92,7 +92,7 @@ if (ig('id') || ig('filename'))
$name = strlen($name) > 70 ? substr($name, 0, 70) . '...' : $name;
$fusername = $config['user_system'] == 1 && $file_info['fuserid'] > -1 ? $file_info['fusername'] : false;
$userfolder = $config['siteurl'] . ($config['mod_writer'] ? 'fileuser-' . $file_info['fuserid'] . '.html' : 'ucp.php?go=fileuser&amp;id=' . $file_info['fuserid']);
$isFileOwnerOfFounder = ($fusername == $usrcp->name() && $usrcp->name()) || $usrcp->get_data('founder')['founder'] == 1;
$isFileOwnerOfFounder = ($fusername == $usrcp->name() && $usrcp->name()) || ($usrcp->id() < 1 ? false : $usrcp->get_data('founder')['founder'] == 1);
if (ip('change_file_about') && $isFileOwnerOfFounder)
{
@@ -532,14 +532,14 @@ elseif (ig('down') || ig('downf') ||
{
list($a, $range) = explode('=', $_SERVER['HTTP_RANGE'], 2);
list($range) = explode(',', $range, 2);
list($range, $range_end) = explode('=', $range);
list($range, $range_end) = explode('-', $range, 2);
$range = round(floatval($range), 0);
$range_end = ! $range_end ? $size - 1 : round(floatval($range_end), 0);
$partial_length = $range_end - $range + 1;
header('HTTP/1.1 206 Partial Content');
header("Content-Length: $partial_length");
header('Content-Range: bytes ' . ($range - $range_end / $size));
header("Content-Range: bytes $range-$range_end/$size");
fseek($fp, $range);
}

10
go.php
View File

@@ -178,7 +178,7 @@ switch ($current_go_case)
if (empty($ERRORS))
{
$name = $NOT_USER ? (string) $SQL->escape(p('rname')) : $usrcp->name();
$text = (string) $SQL->escape(p('rtext'));
$text = (string) $SQL->real_escape(nl2br(p('rtext')));
$mail = $NOT_USER ? (string) strtolower(trim($SQL->escape(p('rmail')))) : $usrcp->mail();
$url = (string) ip('rid') ? $SQL->escape($url_id) : $SQL->real_escape(p('surl'));
$time = (int) time();
@@ -307,7 +307,7 @@ switch ($current_go_case)
if (empty($ERRORS))
{
$name = $NOT_USER ? (string) $SQL->escape(p('cname')) : $usrcp->name();
$text = (string) $SQL->escape(p('ctext'));
$text = (string) $SQL->real_escape(nl2br(p('ctext')));
$mail = $NOT_USER ? (string) strtolower(trim($SQL->escape(p('cmail')))) : $usrcp->mail();
$timee = (int) time();
$ip = get_ip();
@@ -413,6 +413,8 @@ switch ($current_go_case)
}
$SQL->freeresult($result);
} else {
kleeja_info($lang['NOT_FOUND']);
}
}
else
@@ -517,11 +519,11 @@ switch ($current_go_case)
//do some of the queue ..
if (preg_match('/:del_[a-z0-9]{0,3}calls:/i', $config['queue']))
{
klj_clean_old('call', (strpos(':del_allcalls:', $config['queue']) !== false ? 'all': 30));
klj_clean_old('call', (strpos($config['queue'], ':del_allcalls:') !== false ? 'all': 30));
}
elseif (preg_match('/:del_[a-z0-9]{0,3}reports:/i', $config['queue']))
{
klj_clean_old('reports', (strpos(':del_allreports:', $config['queue']) !== false ? 'all': 30));
klj_clean_old('reports', (strpos($config['queue'], ':del_allreports:') !== false ? 'all': 30));
}
elseif ((int) $config['del_f_day'] > 0)
{

9
includes/FetchFile.php
View File

@@ -127,13 +127,14 @@ class FetchFile
if ($result === false)
{
$error = true;
kleeja_log(sprintf("cUrl error (#%d): %s\n", curl_errno($ch), htmlspecialchars(curl_error($ch))));
}
curl_close($ch);
fclose($out);
return true;
return isset($error) ? false : true;
}
else
{
@@ -141,11 +142,13 @@ class FetchFile
if ($data === false)
{
$error = true;
kleeja_log(sprintf("FetchFile error (curl: #%d): %s\n", curl_errno($ch), htmlspecialchars(curl_error($ch))));
}
curl_close($ch);
return $data;
return isset($error) ? false : $data;
}
}

12
includes/adm/a_configs.php
View File

@@ -99,7 +99,7 @@ if ($current_smt != 'all')
}
elseif ($current_smt == 'all')
{
$query['WHERE'] = "type <> 'groups' OR type = ''";
$query['WHERE'] = "(type <> 'groups' OR type = '') AND type <> '0'";
}
$result = $SQL->build($query);
@@ -214,15 +214,11 @@ while ($row=$SQL->fetch_array($result))
{
if (! file_exists(PATH . '.htaccess') && file_exists(PATH . 'htaccess.txt') && function_exists('rename'))
{
rename(PATH . 'htaccess.txt', PATH . '.htaccess');
if (! file_exists(PATH . '.htaccess'))
if (! rename(PATH . 'htaccess.txt', PATH . '.htaccess'))
{
chmod(PATH . '.htaccess', K_FILE_CHMOD);
chmod(PATH . 'htaccess.txt', K_FILE_CHMOD);
rename(PATH . 'htaccess.txt', PATH . '.htaccess');
}
//re-do after chmod
rename(PATH . 'htaccess.txt', PATH . '.htaccess');
}
}
}

18
includes/adm/c_files.php
View File

@@ -253,6 +253,12 @@ elseif ($current_smt == '')
{
//get search filter
$filter = get_filter(g('search_id'), 'file_search', false, 'filter_uid');
if (! $filter)
{
kleeja_admin_err($lang['ERROR_TRY_AGAIN'], true, $lang['ERROR'], true, basename(ADMIN_PATH) . '?cp=h_search', 1);
}
$deletelink = basename(ADMIN_PATH) . '?cp=' . basename(__file__, '.php') . '&deletefiles=' . g('search_id');
$is_search = true;
$query['WHERE'] = build_search_query(unserialize(htmlspecialchars_decode($filter['filter_value'])));
@@ -261,6 +267,10 @@ elseif ($current_smt == '')
{
$query['WHERE'] = 'f.time > ' . intval($_REQUEST['last_visit']);
}
else
{
$do_not_query_total_files = true;
}
//to-be-deleted
//it is becoming a headache for a big websites. We do not have the time to figure out a solution
@@ -269,10 +279,6 @@ elseif ($current_smt == '')
{
$query['ORDER BY'] = 'f.' . $SQL->escape($_REQUEST['order_by']);
}
else
{
$do_not_query_total_files = true;
}
if (! ig('search_id'))
{
@@ -280,10 +286,6 @@ elseif ($current_smt == '')
$img_types = ['gif','jpg','png','bmp','jpeg','GIF','JPG','PNG','BMP','JPEG'];
$query['WHERE'] = (empty($query['WHERE']) ? '' : $query['WHERE'] . ' AND ') . "f.type NOT IN ('" . implode("', '", $img_types) . "')";
}
else
{
$do_not_query_total_files = false;
}

3
includes/adm/e_calls.php
View File

@@ -85,7 +85,7 @@ if ($nums_rows > 0)
'id' => $row['id'],
'name' => $row['name'],
'mail' => $row['mail'],
'text' => htmlspecialchars($row['text']),
'text' => $row['text'],
'human_time' => kleeja_date($row['time']),
'time' => kleeja_date($row['time'], false),
'ip' => $row['ip'],
@@ -156,7 +156,6 @@ $page_nums = $Pager->print_nums(basename(ADMIN_PATH) . '?cp=' . basename
if (ip('submit'))
{
$text = ($SQL->affected() ? $lang['CALLS_UPDATED'] : $lang['NO_UP_CHANGE_S']);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . $action . '\'); check_msg_and_reports();", 2000);</script>' . "\n";
kleeja_admin_info($text, true, '', true, $action);
}

1
includes/adm/f_reports.php
View File

@@ -155,7 +155,6 @@ $page_nums = $Pager->print_nums(basename(ADMIN_PATH) . '?cp=' . basenam
if (ip('submit'))
{
$text = ($SQL->affected() ? $lang['REPORTS_UPDATED'] : $lang['NO_UP_CHANGE_S']);
$text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . $action . '\'); check_msg_and_reports();", 2000);</script>' . "\n";
kleeja_admin_info($text, true, '', true, $action);
}

6
includes/adm/j_plugins.php
View File

@@ -657,9 +657,6 @@ switch ($case):
{
if ($zip->extractTo(PATH . KLEEJA_PLUGINS_FOLDER))
{
// we dont need the zip file anymore
kleeja_unlink(PATH . 'cache/' . $plugin_name . '.zip');
// uploaded plugin's archive has different name, so we change it
rename(
PATH . KLEEJA_PLUGINS_FOLDER . '/' . trim($zip->getNameIndex(0), '/'),
@@ -668,6 +665,9 @@ switch ($case):
$zip->close();
// we dont need the zip file anymore
kleeja_unlink(PATH . 'cache/' . $plugin_name . '.zip');
// download or update msg
$adminAjaxContent = '1:::' . sprintf($lang[$is_update ? 'ITEM_UPDATED' : 'ITEM_DOWNLOADED'], $plugin_name);

2
includes/adm/k_ban.php
View File

@@ -101,6 +101,6 @@ if ($update_ban_content)
}
}
array_walk($banned_items, function (&$value, &$key) {
array_walk($banned_items, function (&$value, $key) {
$value = ['content' => $value, 'del_key' => md5($value), 'id' => $key+1];
});

5
includes/adm/p_check_update.php
View File

@@ -54,12 +54,13 @@ if ($current_smt == 'check')
//get data from kleeja github repo
if (! ($version_data = $cache->get('kleeja_repo_version')))
{
$version_data = [];
$github_data = FetchFile::make(KLEEJA_VERSION_CHECK_LINK)->setTimeOut(100)->get();
if (! empty($github_data))
{
$latest_release = json_decode($github_data, true);
$version_data = null;
if (json_last_error() === JSON_ERROR_NONE)
{
@@ -103,7 +104,7 @@ if ($current_smt == 'check')
}
$data = [
'version_number' => $version_data['version'],
'version_number' => isset($version_data['version']) ? $version_data['version'] : null,
'last_check' => time()
];

5
includes/adm/r_repair.php
View File

@@ -192,7 +192,7 @@ break;
//toggle admin start boxes
case 'toggle_start_box':
if (! kleeja_check_form_key_get('adm_start_actions', 3600))
if (! kleeja_check_form_key_get('adm_start_actions'))
{
header('HTTP/1.1 405 Method Not Allowed');
$adminAjaxContent = $lang['INVALID_FORM_KEY'];
@@ -200,7 +200,7 @@ case 'toggle_start_box':
else
{
$items = explode(':', $config['hidden_start_boxes']);
$items = array_filter($items);
$new_items = $items = array_filter($items);
$name = g('name');
$hide = g('toggle', 'int') == 1;
@@ -211,7 +211,6 @@ case 'toggle_start_box':
}
elseif ($hide)
{
$new_items = $items;
$new_items[] = $name;
}

6
includes/adm/start.php
View File

@@ -197,12 +197,12 @@ if (function_exists('fileperms') && ! defined('KLEEJA_NO_CONFIG_CHECK') && strto
}
//no htaccess
if (! file_exists(PATH . $config['foldername'] . '/.htaccess'))
if (is_dir(PATH . $config['foldername']) && ! file_exists(PATH . $config['foldername'] . '/.htaccess'))
{
$ADM_NOTIFICATIONS['htaccess_u'] = ['id' => 'htaccess_u', 'msg_type'=> 'error', 'title'=> $lang['WARN'], 'msg'=> sprintf($lang['NO_HTACCESS_DIR_UP'], $config['foldername'])];
}
if (! file_exists(PATH . $config['foldername'] . '/thumbs/.htaccess'))
if (is_dir(PATH . $config['foldername']) && ! file_exists(PATH . $config['foldername'] . '/thumbs/.htaccess'))
{
$ADM_NOTIFICATIONS['htaccess_t'] = ['id' => 'htaccess_t', 'msg_type'=> 'error', 'title'=> $lang['WARN'], 'msg'=> sprintf($lang['NO_HTACCESS_DIR_UP_THUMB'], $config['foldername'] . '/thumbs')];
}
@@ -215,7 +215,7 @@ if ((int) $config['klj_clean_files_from'] > 0)
}
//if there is no thumbs folder
if (! file_exists(PATH . $config['foldername'] . '/thumbs') && (int) $config['thumbs_imgs'] != 0)
if (is_dir(PATH . $config['foldername']) && ! file_exists(PATH . $config['foldername'] . '/thumbs') && (int) $config['thumbs_imgs'] != 0)
{
$ADM_NOTIFICATIONS['no_thumbs'] = ['id' => 'no_thumbs', 'msg_type'=> 'info', 'title'=> $lang['NOTE'], 'msg'=> sprintf($lang['NO_THUMB_FOLDER'], PATH . $config['foldername'] . '/thumbs')];
}

227
includes/functions.php
View File

@@ -25,7 +25,7 @@ function kleeja_detecting_bots()
global $SQL, $dbprefix, $config;
// get information ..
$agent = $SQL->escape($_SERVER['HTTP_USER_AGENT']);
$agent = $SQL->escape($_SERVER['HTTP_USER_AGENT'] ?? '');
$time = time();
//for stats
@@ -250,11 +250,7 @@ function send_mail($to, $body, $subject, $fromAddress, $fromName, $bcc = '')
$body = str_replace(["\n", "\0"], ["\r\n", ''], $body);
// Change the line breaks used in the headers according to OS
if (strtoupper(substr(PHP_OS, 0, 3)) == 'MAC')
{
$headers = str_replace("\r\n", "\r", $headers);
}
elseif (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN')
if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN' && version_compare(PHP_VERSION, '8.0.0', '<'))
{
$headers = str_replace("\r\n", "\n", $headers);
}
@@ -393,214 +389,7 @@ function kleeja_unlink($filePath, $cache_file = false)
*/
function get_mime_for_header($ext)
{
$mime_types = [
'323' => 'text/h323',
'rar' => 'application/x-rar-compressed',
'acx' => 'application/internet-property-stream',
'ai' => 'application/postscript',
'aif' => 'audio/x-aiff',
'aifc' => 'audio/x-aiff',
'aiff' => 'audio/x-aiff',
'asf' => 'video/x-ms-asf',
'asr' => 'video/x-ms-asf',
'asx' => 'video/x-ms-asf',
'au' => 'audio/basic',
'avi' => 'video/x-msvideo',
'axs' => 'application/olescript',
'bas' => 'text/plain',
'bcpio' => 'application/x-bcpio',
'bin' => 'application/octet-stream',
'bmp' => 'image/bmp', // this is not a good mime, but it work anyway
//"bmp" => "image/x-ms-bmp", # @see bugs.php.net/47359
'c' => 'text/plain',
'cat' => 'application/vnd.ms-pkiseccat',
'cdf' => 'application/x-cdf',
'cer' => 'application/x-x509-ca-cert',
'class' => 'application/octet-stream',
'clp' => 'application/x-msclip',
'cmx' => 'image/x-cmx',
'cod' => 'image/cis-cod',
'psd' => 'image/psd',
'cpio' => 'application/x-cpio',
'crd' => 'application/x-mscardfile',
'crl' => 'application/pkix-crl',
'crt' => 'application/x-x509-ca-cert',
'csh' => 'application/x-csh',
'css' => 'text/css',
'dcr' => 'application/x-director',
'der' => 'application/x-x509-ca-cert',
'dir' => 'application/x-director',
'dll' => 'application/x-msdownload',
'dms' => 'application/octet-stream',
'doc' => 'application/msword',
'dot' => 'application/msword',
'dvi' => 'application/x-dvi',
'dxr' => 'application/x-director',
'eps' => 'application/postscript',
'etx' => 'text/x-setext',
'evy' => 'application/envoy',
'exe' => 'application/octet-stream',
'fif' => 'application/fractals',
'flr' => 'x-world/x-vrml',
'gif' => 'image/gif',
'gtar' => 'application/x-gtar',
'gz' => 'application/x-gzip',
'h' => 'text/plain',
'hdf' => 'application/x-hdf',
'hlp' => 'application/winhlp',
'hqx' => 'application/mac-binhex40',
'hta' => 'application/hta',
'htc' => 'text/x-component',
'htm' => 'text/html',
'html' => 'text/html',
'htt' => 'text/webviewhtml',
'ico' => 'image/x-icon',
'ief' => 'image/ief',
'iii' => 'application/x-iphone',
'ins' => 'application/x-internet-signup',
'isp' => 'application/x-internet-signup',
'jfif' => 'image/pipeg',
'jpe' => 'image/jpeg',
'jpeg' => 'image/jpeg',
'jpg' => 'image/jpeg',
'png' => 'image/png',
'js' => 'application/x-javascript',
'latex' => 'application/x-latex',
'lha' => 'application/octet-stream',
'lsf' => 'video/x-la-asf',
'lsx' => 'video/x-la-asf',
'lzh' => 'application/octet-stream',
'm13' => 'application/x-msmediaview',
'm14' => 'application/x-msmediaview',
'm3u' => 'audio/x-mpegurl',
'man' => 'application/x-troff-man',
'mdb' => 'application/x-msaccess',
'me' => 'application/x-troff-me',
'mht' => 'message/rfc822',
'mhtml' => 'message/rfc822',
'mid' => 'audio/mid',
'mny' => 'application/x-msmoney',
'mov' => 'video/quicktime',
'movie' => 'video/x-sgi-movie',
'mp2' => 'video/mpeg',
'mp3' => 'audio/mpeg',
'mp4' => 'video/mp4',
'm4a' => 'audio/mp4',
'mpa' => 'video/mpeg',
'mpe' => 'video/mpeg',
'mpeg' => 'video/mpeg',
'mpg' => 'video/mpeg',
'amr' => 'audio/3gpp',
'mpp' => 'application/vnd.ms-project',
'mpv2' => 'video/mpeg',
'ms' => 'application/x-troff-ms',
'mvb' => 'application/x-msmediaview',
'nws' => 'message/rfc822',
'oda' => 'application/oda',
'p10' => 'application/pkcs10',
'p12' => 'application/x-pkcs12',
'p7b' => 'application/x-pkcs7-certificates',
'p7c' => 'application/x-pkcs7-mime',
'p7m' => 'application/x-pkcs7-mime',
'p7r' => 'application/x-pkcs7-certreqresp',
'p7s' => 'application/x-pkcs7-signature',
'pbm' => 'image/x-portable-bitmap',
'pdf' => 'application/pdf',
'pfx' => 'application/x-pkcs12',
'pgm' => 'image/x-portable-graymap',
'pko' => 'application/ynd.ms-pkipko',
'pma' => 'application/x-perfmon',
'pmc' => 'application/x-perfmon',
'pml' => 'application/x-perfmon',
'pmr' => 'application/x-perfmon',
'pmw' => 'application/x-perfmon',
'pnm' => 'image/x-portable-anymap',
'pot' => 'application/vnd.ms-powerpoint',
'ppm' => 'image/x-portable-pixmap',
'pps' => 'application/vnd.ms-powerpoint',
'ppt' => 'application/vnd.ms-powerpoint',
'prf' => 'application/pics-rules',
'ps' => 'application/postscript',
'pub' => 'application/x-mspublisher',
'qt' => 'video/quicktime',
'ra' => 'audio/x-pn-realaudio',
'ram' => 'audio/x-pn-realaudio',
'ras' => 'image/x-cmu-raster',
'rgb' => 'image/x-rgb',
'rmi' => 'audio/mid',
'roff' => 'application/x-troff',
'rtf' => 'application/rtf',
'rtx' => 'text/richtext',
'swf' => 'application/x-shockwave-flash',
'scd' => 'application/x-msschedule',
'sct' => 'text/scriptlet',
'setpay' => 'application/set-payment-initiation',
'setreg' => 'application/set-registration-initiation',
'sh' => 'application/x-sh',
'shar' => 'application/x-shar',
'sit' => 'application/x-stuffit',
'snd' => 'audio/basic',
'spc' => 'application/x-pkcs7-certificates',
'spl' => 'application/futuresplash',
'src' => 'application/x-wais-source',
'sst' => 'application/vnd.ms-pkicertstore',
'stl' => 'application/vnd.ms-pkistl',
'stm' => 'text/html',
'svg' => 'image/svg+xml',
'sv4cpio' => 'application/x-sv4cpio',
'sv4crc' => 'application/x-sv4crc',
't' => 'application/x-troff',
'tar' => 'application/x-tar',
'tcl' => 'application/x-tcl',
'tex' => 'application/x-tex',
'texi' => 'application/x-texinfo',
'texinfo' => 'application/x-texinfo',
'tgz' => 'application/x-compressed',
'tif' => 'image/tiff',
'tiff' => 'image/tiff',
'tr' => 'application/x-troff',
'trm' => 'application/x-msterminal',
'tsv' => 'text/tab-separated-values',
'txt' => 'text/plain',
'uls' => 'text/iuls',
'ustar' => 'application/x-ustar',
'vcf' => 'text/x-vcard',
'vrml' => 'x-world/x-vrml',
'wav' => 'audio/x-wav',
'wcm' => 'application/vnd.ms-works',
'wdb' => 'application/vnd.ms-works',
'wks' => 'application/vnd.ms-works',
'wmf' => 'application/x-msmetafile',
'wps' => 'application/vnd.ms-works',
'wri' => 'application/x-mswrite',
'wrl' => 'x-world/x-vrml',
'wrz' => 'x-world/x-vrml',
'xaf' => 'x-world/x-vrml',
'xbm' => 'image/x-xbitmap',
'xla' => 'application/vnd.ms-excel',
'xlc' => 'application/vnd.ms-excel',
'xlm' => 'application/vnd.ms-excel',
'xls' => 'application/vnd.ms-excel',
'xlt' => 'application/vnd.ms-excel',
'xlw' => 'application/vnd.ms-excel',
'xof' => 'x-world/x-vrml',
'xpm' => 'image/x-xpixmap',
'xwd' => 'image/x-xwindowdump',
'z' => 'application/x-compress',
'zip' => 'application/zip',
'3gpp' => 'video/3gpp',
'3gp' => 'video/3gpp',
'3gpp2' => 'video/3gpp2',
'3g2' => 'video/3gpp2',
'midi' => 'audio/midi',
'pmd' => 'application/x-pmd',
'jar' => 'application/java-archive',
'jad' => 'text/vnd.sun.j2me.app-descriptor',
'apk' => 'application/vnd.android.package-archive',
'mkv' => 'video/x-matroska',
'm3u' => 'text/plain',
//add more mime here
];
$mime_types = include __DIR__.'/mime_types.php';
//return mime
$ext = strtolower($ext);
@@ -698,7 +487,7 @@ function get_config($name)
$result = $SQL->build($query);
$v = $SQL->fetch($result);
$return = $v['value'];
$return = isset($v['value']) ? $v['value'] : NULL;
is_array($plugin_run_result = Plugins::getInstance()->run('get_config_func', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
return $return;
@@ -968,10 +757,14 @@ function delete_olang($words = '', $lang = 'en', $plg_id = 0)
if (! empty($lang))
{
$lang_sql = "lang_id = '" . $SQL->escape($lang) . "'";
if(is_array($lang))
{
$lang_sql = "(lang_id = '" . implode("' AND lang_id = '", $SQL->escape($lang)) . "')";
foreach ($lang as $index=>$current_lang) {
$lang[$index] = $SQL->escape($lang[$index]);
}
$lang_sql = "(lang_id = '" . implode("' OR lang_id = '", $lang) . "')";
} else {
$lang_sql = "lang_id = '" . $SQL->escape($lang) . "'";
}
$delete_query['WHERE'] .= (empty($delete_query['WHERE']) ? '' : ' AND ') . $lang_sql;

2
includes/functions_adm.php
View File

@@ -193,7 +193,7 @@ function get_filter($item, $filter_type = false, $just_value = false, $get_by =
if ($just_value)
{
return $v['filter_value'];
return $v['filter_value'] ?? '';
}
return $v;

1236
includes/mime_types.php Normal file
View File

File diff suppressed because it is too large Load Diff

3
includes/mysqli.php
View File

@@ -52,6 +52,7 @@ class KleejaDatabase
$this->dbprefix = $dbprefix;
$this->dbname = $db_name;
mysqli_report(MYSQLI_REPORT_OFF);
$this->connect_id = @mysqli_connect($host, $db_username, $db_password, $db_name, $port);
//no error
@@ -419,7 +420,7 @@ class KleejaDatabase
}
list($error_no, $error_msg) = $this->get_error();
$error_sql = @current($this->debugr[$this->query_num+1]);
$error_sql = $this->connect_id ? @current($this->debugr[$this->query_num+1]) : '';
//some ppl want hide their table names
if (! defined('DEV_STAGE')) {

100
includes/phpass.php
View File

@@ -2,10 +2,10 @@
//
// Portable PHP password hashing framework.
//
// Version 0.1 / genuine.
// Version 0.5.4 / genuine.
//
// Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
// the public domain.
// the public domain. Revised in subsequent years, still public domain.
//
// There's absolutely no warranty.
//
@@ -24,7 +24,6 @@
// Obviously, since this code is in the public domain, the above are not
// requirements (there can be none), but merely suggestions.
//
// @version $Id: phpass.php 1551 2010-07-25 22:09:47Z saanina $
//no for directly open
if (! defined('IN_COMMON'))
@@ -51,14 +50,18 @@ class PasswordHash
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime() . getmypid();
$this->random_state = microtime();
if (function_exists('getmypid'))
{
$this->random_state .= getmypid();
}
}
public function get_random_bytes($count)
{
$output = '';
if (($fh = @fopen('/dev/urandom', 'rb')))
if (@is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb')))
{
$output = fread($fh, $count);
fclose($fh);
@@ -71,7 +74,7 @@ class PasswordHash
for ($i = 0; $i < $count; $i += 16)
{
$this->random_state = md5(microtime() . $this->random_state);
$output .= pack('H*', md5($this->random_state));
$output .= md5($this->random_state, true);
}
$output = substr($output, 0, $count);
@@ -119,7 +122,7 @@ class PasswordHash
public function gensalt_private($input)
{
$output = '$P$';
$output .= $this->itoa64[min($this->iteration_count_log2 + ((PHP_VERSION >= '5') ? 5 : 3), 30)];
$output .= $this->itoa64[min($this->iteration_count_log2 + 5, 30)];
$output .= $this->encode64($input, 6);
return $output;
@@ -129,12 +132,14 @@ class PasswordHash
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
if (substr($setting, 0, 2) === $output)
{
$output = '*1';
}
if (substr($setting, 0, 3) != '$P$')
$id = substr($setting, 0, 3);
// We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id !== '$P$' && $id !== '$H$')
{
return $output;
}
@@ -150,33 +155,22 @@ class PasswordHash
$salt = substr($setting, 4, 8);
if (strlen($salt) != 8)
if (strlen($salt) !== 8)
{
return $output;
}
// We're kind of forced to use MD5 here since it's the only
// cryptographic primitive available in all versions of PHP
// currently in use. To implement our own low-level crypto
// in PHP would result in much worse performance and
// We were kind of forced to use MD5 here since it's the only
// cryptographic primitive that was available in all versions
// of PHP in use. To implement our own low-level crypto in PHP
// would have resulted in much worse performance and
// consequently in lower iteration counts and hashes that are
// quicker to crack (by non-PHP code).
if (PHP_VERSION >= '5')
$hash = md5($salt . $password, true);
do
{
$hash = md5($salt . $password, true);
do
{
$hash = md5($hash . $password, true);
} while (--$count);
}
else
{
$hash = pack('H*', md5($salt . $password));
do
{
$hash = pack('H*', md5($hash . $password));
} while (--$count);
}
$hash = md5($hash . $password, true);
} while (--$count);
$output = substr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
@@ -184,24 +178,6 @@ class PasswordHash
return $output;
}
public function gensalt_extended($input)
{
$count_log2 = min($this->iteration_count_log2 + 8, 24);
// This should be odd to not reveal weak DES keys, and the
// maximum valid value is (2**24 - 1) which is odd anyway.
$count = (1 << $count_log2) - 1;
$output = '_';
$output .= $this->itoa64[$count & 0x3f];
$output .= $this->itoa64[($count >> 6) & 0x3f];
$output .= $this->itoa64[($count >> 12) & 0x3f];
$output .= $this->itoa64[($count >> 18) & 0x3f];
$output .= $this->encode64($input, 3);
return $output;
}
public function gensalt_blowfish($input)
{
// This one needs to use a different order of characters and a
@@ -215,7 +191,7 @@ class PasswordHash
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$output = '$2a$';
$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
$output .= chr((int)(ord('0') + $this->iteration_count_log2 / 10));
$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
$output .= '$';
@@ -251,26 +227,12 @@ class PasswordHash
{
$random = '';
if (CRYPT_BLOWFISH == 1 && ! $this->portable_hashes)
if (CRYPT_BLOWFISH === 1 && ! $this->portable_hashes)
{
$random = $this->get_random_bytes(16);
$hash = crypt($password, $this->gensalt_blowfish($random));
if (strlen($hash) == 60)
{
return $hash;
}
}
if (CRYPT_EXT_DES == 1 && ! $this->portable_hashes)
{
if (strlen($random) < 3)
{
$random = $this->get_random_bytes(3);
}
$hash = crypt($password, $this->gensalt_extended($random));
if (strlen($hash) == 20)
if (strlen($hash) === 60)
{
return $hash;
}
@@ -284,7 +246,7 @@ class PasswordHash
$this->crypt_private($password,
$this->gensalt_private($random));
if (strlen($hash) == 34)
if (strlen($hash) === 34)
{
return $hash;
}
@@ -299,11 +261,15 @@ class PasswordHash
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
if ($hash[0] === '*')
{
$hash = crypt($password, $stored_hash);
}
return $hash == $stored_hash;
// This is not constant-time. In order to keep the code simple,
// for timing safety we currently rely on the salts being
// unpredictable, which they are at least in the non-fallback
// cases (that is, when we use /dev/urandom and bcrypt).
return $hash === $stored_hash;
}
}

2
includes/sqlite.php
View File

@@ -424,7 +424,7 @@ class KleejaDatabase
}
list($error_no, $error_msg) = $this->get_error();
$error_sql = @current($this->debugr[$this->query_num+1]);
$error_sql = $this->connect_id ? @current($this->debugr[$this->query_num+1]) : '';
//some ppl want hide their table names
if (! defined('DEV_STAGE')) {

2
includes/style.php
View File

@@ -194,7 +194,7 @@ class kleeja_style
$var2 = trim($arr[3]);
//check for type
if ($var2[0] != '$' && ! preg_match('/[0-9]/', $var2)) {
if (strpos($var2, '$')!==0 && ! preg_match('/[0-9]/', $var2)) {
$var2 = '"' . str_replace('"', '\"', $var2) . '"';
}

4
includes/up_helpers/others.php
View File

@@ -302,14 +302,14 @@ function user_is_flooding($user_id = '-1')
}
//if the value is zero (means that the function is disabled) then return false immediately
if (($user_id == '-1' && $config['guestsectoupload'] == 0) || $user_id != '-1' && $config['usersectoupload'] == 0)
if ($config['usersectoupload'] == 0)
{
return false;
}
//In my point of view I see 30 seconds is not bad rate to stop flooding ..
//even though this minimum rate sometime isn't enough to protect Kleeja from flooding attacks
$time = time() - ($user_id == '-1' ? $config['guestsectoupload'] : $config['usersectoupload']);
$time = time() - $config['usersectoupload'];
$query = [
'SELECT' => 'f.time',

55
includes/up_helpers/thumbs.php
View File

@@ -47,55 +47,48 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
//if there is imagick lib, then we should use it
if (function_exists('phpversion') && phpversion('imagick'))
{
$ext = strtolower(trim($ext));
if (empty($ext))
{
$ext = strtolower(preg_replace('/^.*\./', '', $source_path));
}
helper_thumb_imagick($source_path, $ext, $dest_image, $dw, $dh);
return null;
}
//get file info
list($source_width, $source_height, $source_type) = [false, false, false];
if (function_exists('getimagesize'))
{
list($source_width, $source_height, $source_type) = getimagesize($source_path);
}
if (! function_exists('imagecreatefromjpeg'))
if (! function_exists('imagecreatefromjpeg') || ! function_exists('getimagesize'))
{
return null;
}
$source_gdim = null;
$ext = strtolower(trim($ext));
if (empty($ext))
//get file info
list($source_width, $source_height, $source_type) = getimagesize($source_path);
$source_gdim = false;
switch ($source_type)
{
$ext = strtolower(preg_replace('/^.*\./', '', $source_path));
}
switch ($ext)
{
case 'gif':
case IMAGETYPE_GIF:
$source_gdim = imagecreatefromgif($source_path);
break;
case 'jpg':
case 'jpeg':
case IMAGETYPE_JPEG:
$source_gdim = imagecreatefromjpeg($source_path);
break;
case 'png':
case IMAGETYPE_PNG:
$source_gdim = imagecreatefrompng($source_path);
break;
case 'bmp':
if (! defined('BMP_CLASS_INCLUDED'))
case IMAGETYPE_BMP:
if (! function_exists('imagecreatefrombmp'))
{
include dirname(__file__) . '/BMP.php';
define('BMP_CLASS_INCLUDED', true);
}
$source_gdim = imagecreatefrombmp($source_path);
@@ -103,8 +96,10 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
break;
}
$source_width = ! $source_width ? imagesx($source_gdim) : $source_width;
$source_height = ! $source_height ? imagesy($source_gdim) : $source_height;
if (! $source_gdim)
{
return null;
}
$source_aspect_ratio = $source_width / $source_height;
$desired_aspect_ratio = $dw / $dh;
@@ -173,9 +168,7 @@ function helper_thumb($source_path, $ext, $dest_image, $dw, $dh)
default:
// Unsupported format
$return = false;
break;
$return = false;
}
@imagedestroy($desired_gdim);

64
includes/up_helpers/watermark.php
View File

@@ -44,12 +44,12 @@ function helper_watermark($name, $ext)
if (file_exists(dirname(__FILE__) . '/../../images/watermark.png'))
{
$logo_path= dirname(__FILE__) . '/../../images/watermark.png';
$src_logo = imagecreatefrompng($logo_path);
$src_logo = @imagecreatefrompng($logo_path);
}
elseif (file_exists(dirname(__FILE__) . '/../../images/watermark.gif'))
{
$logo_path= dirname(__FILE__) . '/../../images/watermark.gif';
$src_logo = imagecreatefromgif($logo_path);
$src_logo = @imagecreatefromgif($logo_path);
}
//no watermark pic
@@ -64,40 +64,46 @@ function helper_watermark($name, $ext)
helper_watermark_imagick($name, $ext, $logo_path);
return;
}
//now, lets work and detect our image extension
list($bwidth, $bheight, $src_img_type) = getimagesize($name);
$src_img = false;
switch ($src_img_type)
{
case IMAGETYPE_GIF:
//$src_img = imagecreatefromgif($name);
return;
//now, lets work and detect our image extension
if (strpos($ext, 'jp') !== false)
{
$src_img = @imagecreatefromjpeg($name);
}
elseif (strpos($ext, 'png') !== false)
{
$src_img = @imagecreatefrompng($name);
}
elseif (strpos($ext, 'gif') !== false)
{
return;
// $src_img = @imagecreatefromgif($name);
}
elseif (strpos($ext, 'bmp') !== false)
{
if (! defined('BMP_CLASS_INCLUDED'))
{
include dirname(__file__) . '/BMP.php';
define('BMP_CLASS_INCLUDED', true);
}
break;
$src_img = imagecreatefrombmp($name);
case IMAGETYPE_JPEG:
$src_img = imagecreatefromjpeg($name);
break;
case IMAGETYPE_PNG:
$src_img = imagecreatefrompng($name);
break;
case IMAGETYPE_BMP:
if (! function_exists('imagecreatefrombmp'))
{
include dirname(__file__) . '/BMP.php';
}
$src_img = imagecreatefrombmp($name);
break;
}
else
if (! $src_img)
{
return;
}
//detect width, height for the image
$bwidth = @imagesx($src_img);
$bheight = @imagesy($src_img);
//detect width, height for the watermark image
$lwidth = @imagesx($src_logo);
$lheight = @imagesy($src_logo);

5
includes/up_methods/defaultUploader.php
View File

@@ -367,7 +367,7 @@ class defaultUploader implements KleejaUploader
if (! user_can('enter_acp') && user_is_flooding($current_user_id)) {
$this->addErrorMessage(sprintf(
$lang['YOU_HAVE_TO_WAIT'],
$current_user_id == '-1' ? $config['guestsectoupload'] : $config['usersectoupload']
$config['usersectoupload']
));
return;
}
@@ -514,7 +514,8 @@ class defaultUploader implements KleejaUploader
}
// get the extension of file
$fileInfo['fileExtension'] = strtolower(array_pop(explode('.', $fileInfo['originalFileName'])));
$originalFileName = explode('.', $fileInfo['originalFileName']);
$fileInfo['fileExtension'] = strtolower(array_pop($originalFileName));
// them the size

37
includes/usr.php
View File

@@ -57,7 +57,7 @@ class usrcp
global $SQL, $dbprefix, $config, $userinfo;
$userinfo = [
'id' => 0,
'id' => -1,
'group_id' => 2,
];
@@ -114,15 +114,6 @@ class usrcp
return false;
}
//Avoid dfining constants again for admin panel login
if (! $loginadm) {
define('USER_ID', $row['id']);
define('GROUP_ID', $row['group_id']);
define('USER_NAME', $row['name']);
define('USER_MAIL', $row['mail']);
define('LAST_VISIT', $row['last_visit']);
}
//all user fileds info
$userinfo = $row;
@@ -151,6 +142,9 @@ class usrcp
unset($pass);
return true;
} else {
//guest
define('USER_ID', $userinfo['id']);
define('GROUP_ID', $userinfo['group_id']);
return false;
}
}
@@ -394,27 +388,22 @@ class usrcp
//if not expire
if (($hashed_expire == sha1(md5($config['h_key'] . $hashed_password) . $expire_at)) && ($expire_at > time())) {
if (user_can('enter_acp', $group_id)) {
if (! empty($u_info)) {
$userinfo = unserialize(base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
$user_data = $this->data($user_id, $hashed_password, true, $expire_at);
} else {
if (! empty($u_info)) {
$userinfo = unserialize(base64_decode($u_info));
$userinfo['group_id'] = $group_id;
$userinfo['password'] = $hashed_password;
define('USER_ID', $userinfo['id']);
define('GROUP_ID', $userinfo['group_id']);
define('USER_NAME', $userinfo['name']);
define('USER_MAIL', $userinfo['mail']);
define('LAST_VISIT', $userinfo['last_visit']);
$user_data = true;
}
}
}
if ($user_data == false) {
$this->logout();
} else {
define('USER_ID', $userinfo['id']);
define('GROUP_ID', $userinfo['group_id']);
define('USER_NAME', $userinfo['name']);
define('USER_MAIL', $userinfo['mail']);
define('LAST_VISIT', $userinfo['last_visit']);
return $user_data;
}
} else {

14
install/includes/default_values.php
View File

@@ -81,15 +81,15 @@ $config_values[] = ['thmb_dims', '100*100', '', 0, 0, 0];
$config_values[] = ['style', 'bootstrap', '', 0, '0', 0, 0];
$config_values[] = ['new_version', '', '', 0, 0, 0];
$config_values[] = ['db_version', KLEEJA_DB_VERSION, '', 0, 0, 0];
$config_values[] = ['last_online_time_update', time(), '', 0, 0, 1];
$config_values[] = ['klj_clean_files_from', '0', '', 0, 0, 1];
$config_values[] = ['last_online_time_update', time(), '', 0, 0, 0];
$config_values[] = ['klj_clean_files_from', '0', '', 0, 0, 0];
$config_values[] = ['style_depend_on', '', '', 0, 0, 0];
$config_values[] = ['most_user_online_ever', '', '', 0, 0, 1];
$config_values[] = ['expand_menu', '0', '', 0, 0, 1];
$config_values[] = ['firstime', '0', '', 0, 0, 1];
$config_values[] = ['most_user_online_ever', '', '', 0, 0, 0];
$config_values[] = ['expand_menu', '0', '', 0, 0, 0];
$config_values[] = ['firstime', '0', '', 0, 0, 0];
$config_values[] = ['ftp_info', '', '', 0, 0, 0];
$config_values[] = ['queue', '', '', 0, 0, 1];
$config_values[] = ['default_group', '3', '', 0, 0, 1];
$config_values[] = ['queue', '', '', 0, 0, 0];
$config_values[] = ['default_group', '3', '', 0, 0, 0];
//
// Extensions

2
install/includes/install_sqls.php
View File

@@ -217,7 +217,7 @@ CREATE TABLE `{$dbprefix}filters` (
$install_sqls['stats_insert'] = "INSERT INTO `{$dbprefix}stats` VALUES (0,0,1,0,0," . time() . ",0,0,0,0,'',0,0,0,0,'','','','')";
$install_sqls['users_insert'] = "INSERT INTO `{$dbprefix}users` (`id`,`name`,`group_id`,`password`,`password_salt`,`mail`,`founder`,`clean_name`) VALUES (1,'" . $user_name . "', 1, '" . $user_pass . "','" . $user_salt . "', '" . $user_mail . "', 1,'" . $clean_name . "')";
$install_sqls['TeamMsg_insert'] = "INSERT INTO `{$dbprefix}call` (`name`,`text`,`mail`,`time`,`ip`) VALUES ('" . $SQL->escape($lang['KLEEJA_TEAM_MSG_NAME']) . "', '" . $SQL->escape($lang['KLEEJA_TEAM_MSG_TEXT']) . "','info@kleeja.net', " . time() . ", '127.0.0.1')";
$install_sqls['TeamMsg_insert'] = "INSERT INTO `{$dbprefix}call` (`name`,`text`,`mail`,`time`,`ip`) VALUES ('" . $SQL->escape($lang['KLEEJA_TEAM_MSG_NAME']) . "', '" . $SQL->real_escape(nl2br($lang['KLEEJA_TEAM_MSG_TEXT'])) . "','info@kleeja.net', " . time() . ", '127.0.0.1')";
$install_sqls['groups_insert'] = "INSERT INTO `{$dbprefix}groups` (`group_id`, `group_name`, `group_is_default`, `group_is_essential`) VALUES
(1, '{lang.ADMINS}', 0, 1),
(2, '{lang.GUESTS}', 0, 1),

9
install/install.php
View File

@@ -194,8 +194,7 @@ case 'data' :
|| empty(p('username')) || empty(p('password')) || empty(p('password2')) || empty(p('email')))
{
echo $lang['EMPTY_FIELDS'];
echo $footer_inst;
echo gettpl('footer.html');
exit();
}
@@ -203,16 +202,14 @@ case 'data' :
if (! empty(p('password')) && ! empty(p('password2')) && p('password') != p('password2'))
{
echo $lang['PASS_NEQ_PASS2'];
echo $footer_inst;
echo gettpl('footer.html');
exit();
}
if (strpos(p('email'), '@') === false)
{
echo $lang['WRONG_EMAIL'];
echo $footer_inst;
echo gettpl('footer.html');
exit();
}

2
install/style/data.html
View File

@@ -51,7 +51,7 @@
<td>
<select name="time_zone" id="time_zone" style="text-align:left;direction:ltr">
{{foreach(time_zones() as $z=>$t):}}
<option value="{{echo $z}}" {{if($z=='Asia/Buraydah'):}}selected="selected"{{endif;}}>{{echo $z}} (GMT{{echo $t < 0 ? $t : '+' . $t}}</option>
<option value="{{echo $z}}" {{if($z=='Asia/Buraydah'):}}selected="selected"{{endif;}}>{{echo $z}} (GMT{{echo $t < 0 ? $t : '+' . $t}})</option>
{{endforeach}}
</select>
</td>

1
lang/ar/acp.php
View File

@@ -186,7 +186,6 @@ return [
'ADM_UNWANTED_FILES' => 'يبدوا انك قمت بالترقية من نسخة سابقة وبسبب اختلاف اسماء بعض الملفات ستلاحظ وجود ازرار متكررة بلوحة التحكم . <br /> لحل المشكلة قم بإزالة كافة الملفات في المسار "includes/adm" واعادة رفعها من جديد. ايضا قم بحذف ملف admin.php من المجلد الرئيسي اذا وجد.',
'HTML_URLS_ENABLED_NO_HTCC' => 'لقد قمت بتفعيل روابط الهتمل ولكنك نسيت أن تقوم بإعادة تسمية الملف htaccess.txt في مجلد كليجا الرئيسي ليصبح ".htaccess". اذا لم تفهم شيئاً من هذا الكلام قم بالسؤال في الدعم الفني لكليجا او قم بتعطيل روابط الهتمل .',
'PLUGIN_CONFIRM_ADD' => 'انتبه, الاضافات هي تعديلات برمجية على كليجا و قد تكون ضارة أحياناً , لذا ان كنت غير متأكد من مصدر الإضافة ولم تقم بتحميلها من موقع كليجا فالافضل ان تراجع نفسك الآن . ',
'LOADING' => 'جاري التنفيذ',
'WELCOME' => 'مرحباً',
'ENABLE_CAPTCHA' => 'تفعيل كود الامان بكليجا',
'NO_THUMB_FOLDER' => 'يبدو ان المصغرات مُفعلة لديك ولكن في نفس الوقت مجلد %s غير متوفر مما يمنع عملية انشاء المصغرات, قم بإنشاء المجلد.',

1
lang/ar/common.php
View File

@@ -218,6 +218,7 @@ return [
'ALL_FILES' => 'عدد جميع الملفات',
'ALL_IMAGES' => 'عدد جميع الصور',
'WAIT_LOADING' => 'فضلاً انتظر جاري رفع الملفات .....',
'LOADING' => 'جاري التنفيذ',
'NOTICECLOSED' => 'تنبيه : المركز في وضع الصيانة',
'UNKNOWN' => 'غير معروف',
'WE_UPDATING_KLEEJA_NOW' => 'الموقع مغلق للتطوير والترقية لاخر نسخة , لذا يرجى الصبر ...',

1
lang/en/acp.php
View File

@@ -184,7 +184,6 @@ return [
'ADM_UNWANTED_FILES' => 'You seem to have upgraded from a previous version, and because some file names are different now, you\'ll notice duplicated buttons in control panel. </ br> to solve this, remove all the files in "includes/adm" directory and re-upload them.',
'HTML_URLS_ENABLED_NO_HTCC' => 'you have enabled the rewrite URLs, but you seem to have forgot to rename .htaccess.txt in Kleeja\'s root directory to ".htaccess", however, if you don\'t know what I\'m talking about, go ask for Kleeja\'s support or simply disable the rewrite urls feature.',
'PLUGIN_CONFIRM_ADD' => 'Caution: plugins make changes to Kleeja functionality, and they could be harmful at times. so be sure to check the plugin source and make sure that it is an official Kleeja plugin.',
'LOADING' => 'Loading',
'WELCOME' => 'Welcome',
'ENABLE_CAPTCHA' => 'Enable Captcha in Kleeja',
'NO_THUMB_FOLDER' => 'It seems you enabled Thumbs but in same time the folder %s does not exist! create it.',

1
lang/en/common.php
View File

@@ -220,6 +220,7 @@ return [
'NO_FILE_USER' => 'No files were found in the account!',
'SHOWFILESBYIP' => 'Show files by IP',
'WAIT_LOADING' => 'Please wait, the files are being uploaded to the server...',
'LOADING' => 'Loading',
'NOTICECLOSED' => 'Note: website is in maintenance mode!',
'UNKNOWN' => 'Unknown',
'WE_UPDATING_KLEEJA_NOW' => 'Closed for maintenance, Check back soon...',

1
lang/fa/acp.php
View File

@@ -186,7 +186,6 @@ return [
'ADM_UNWANTED_FILES' => 'ظاهرا شما از نسخه قديمي بروز رساني کرده ايد و به دليل تفاوت نوع فايل ها شما با مشکل دوگانگي فايل مواجه ميشويد. </ br> براي رفع اين مشکل , کليه ي فايل هاي پوشه "includes/adm" را پاک کرده و مجددا اپلود نماييد.',
'HTML_URLS_ENABLED_NO_HTCC' => 'شما ادرس دهي بر اساس قوانين htaccess را انتخا کرده ايد. اما ظاهرا وارد کردن قوانين را فراموش کرده ايد. براي اطلاعات بيشتر به سايت پشتيبان مراجعه نماييد.',
'PLUGIN_CONFIRM_ADD' => 'اخطار!!! اين افزونه تغييراتي در اسکريپت اصلي خواهد داد و اين ممکن است براي امنيت در اينده خطر ساز باشد, لذا از صحت افزونه اطمينان حاصل کنيد.',
'LOADING' => 'در حال بارگذاري',
'WELCOME' => 'خوش امديد',
'ENABLE_CAPTCHA' => 'فعال کردن کپچا در کليجا!',
'NO_THUMB_FOLDER' => 'ظاهرا شما قابليت تصاوير بند انگشتي را فعال کرديد, اما پوشه %s موجو نميباشد.ان را به صورت دستي ايجاد کنيد.',

4
lang/fa/common.php
View File

@@ -218,6 +218,7 @@ return [
'ALL_FILES' => 'مجموع فایل ها',
'ALL_IMAGES' => 'مجموع تصاویر',
'WAIT_LOADING' => 'لطفا صبر کنید, فایل ها در حال اپلود شدن بر روی سرور میباشند !',
'LOADING' => 'در حال بارگذاري',
'NOTICECLOSED' => 'توجه : وبسایت بسته است',
'UNKNOWN' => 'نامشخص',
'WE_UPDATING_KLEEJA_NOW' => 'برای پاره ای از تغییرات سایت بسته میباشد, به زودی باز خواهیم گشت.',
@@ -279,4 +280,7 @@ return [
'EMAIL_CHANGE_REQ_PASS' => 'برای تغییر ایمیل خود ، باید گذرواژه فعلی خود را تایپ کنید.',
'DRAG_AND_DROP' => 'برای بارگذاری یک پرونده اینجا را بکشید و رها کنید&hellip;',
'OR_MANUAL_SELECT' => 'یا برای انتخاب دستی <em>اینجا را کلیک کنید</em>.',
'ABOUT_FILE' => 'اطلاعات فایل',
'FILE_NO_INFO' => 'اطلاعاتی در مورد این فایل یافت نشد',
'SAVE' => 'ذخیره',
];

10
styles/bootstrap/css/bootstrap.min.css vendored
View File

File diff suppressed because one or more lines are too long

2
styles/bootstrap/download.html
View File

@@ -117,7 +117,7 @@ about_edit_save.onclick = () => {
about_content.style.display = '';
edit_textarea.style.display = 'none';
about_edit_save.innerHTML = '{lang.EDIT}';
ajaxRemote('POST', '{{config.siteurl}}do.php?id={id}', 'change_file_about=1&about=' + edit_textarea.value, (request) => {})
ajaxRemote('POST', '{config.siteurl}do.php?id={id}', 'change_file_about=1&about=' + edit_textarea.value, (request) => {})
break;

1
styles/bootstrap/footer.html
View File

@@ -38,6 +38,7 @@
<script type="text/javascript" src="{STYLE_PATH}js/jquery.min.js"></script>
<script type="text/javascript" src="{STYLE_PATH}js/popper.min.js"></script>
<script type="text/javascript" src="{STYLE_PATH}js/bootstrap.min.js"></script>
<script type="text/javascript" src="{STYLE_PATH}js/script.js"></script>

111
styles/bootstrap/index_body.html
View File

@@ -131,12 +131,51 @@
</IF>
</div>
<script>
function copyText(e) {
const button = e.target;
const copyText = button.closest('.form-group').querySelector('textarea');
copyText.select();
document.execCommand("copy");
// Store original button text
const originalButtonText = button.textContent;
// Disable button while text is being copied
button.disabled = true;
// Change button text to "Copied!"
button.textContent = "✔️";
// Wait for 3 seconds and then change button text back to original
setTimeout(function() {
button.textContent = originalButtonText;
button.disabled = false;
}, 3000);
}
function convertSize(size) {
if (size > 1024 * 1024 * 1024) {
size = Math.round(size / (1024 * 1024 * 1024) * 10) / 10 + " Gb";
} else if (size > 1024 * 1024) {
size = Math.round(size / (1024 * 1024) * 10) / 10 + '';
if (!size.match(/\./)) size += '.0';
size += ' Mb';
} else if (size > 1024) {
size = Math.round(size / 1024 * 10) / 10 + " Kb";
} else {
size = size + " Bytes";
}
return size;
}
let uploadForm = document.getElementById('uploader');
let uploadProgress = document.getElementById('uploadProgress');
let progressHolder = document.getElementById('progressHolder');
let loadbox = document.getElementById('loadbox');
let fileCount = {config.filesnum};
let uploaded = 0, uploadSpeed = 0, lastUploadTime = 0;
let stats = document.getElementById('uploaderstats');
let speed = document.getElementById('uploaderspeed');
uploadForm.onsubmit = e => {
e.preventDefault();
@@ -151,37 +190,85 @@
if (! haveFiles) {
return false;
}
var xhttp = new XMLHttpRequest();
xhttp.open("POST", "{action}", true);
xhttp.onerror = e=> {
uploadProgress.classList.add("bg-danger");
loadbox.innerHTML = "{lang.ERROR_TRY_AGAIN}";
}
xhttp.upload.onprogress = e => {
let endUploadTime = Date.now();
uploadSpeed = ((e.loaded - uploaded) * 1000) / ((endUploadTime - lastUploadTime) * 1024);
if (!lastUploadTime) lastUploadTime = Date.now();
let elapsed = Date.now() - lastUploadTime;
const percent = e.lengthComputable ? (e.loaded / e.total) * 100 : 0;
uploadProgress.style.width = percent.toFixed(2) + '%';
uploadProgress.textContent = percent.toFixed(2) + '%';
uploaded = e.loaded;
lastUploadTime = endUploadTime;
console.log(uploadSpeed);
uploadProgress.setAttribute("aria-valuenow", percent.toFixed(0));
if (elapsed > 1000) {
uploadSpeed = (e.loaded - uploaded);
speed.innerHTML = convertSize(uploadSpeed)+"/s";
uploaded = e.loaded;
lastUploadTime = Date.now();
}
let humanSent = convertSize(e.loaded);
let humanSize = convertSize(e.total);
self.humanSize = humanSize;
let newHTML = humanSent + " / " + humanSize + " (" + percent.toFixed(2) + "%) complete";
stats.innerHTML = newHTML;
};
xhttp.onreadystatechange = function () {
xhttp.onreadystatechange = function (e) {
if (this.readyState == 4 && this.status == 200) {
let response = JSON.parse(this.response);
loadbox.innerHTML = '';
speed.style.display = 'none';
try {
var response = JSON.parse(this.response);
} catch (err) {
stats.style.display = 'none';
console.error("Server returned some ugly/empty JSON");
return xhttp.onerror(e);
}
uploadProgress.classList.add("bg-success");
let newHTML = self.humanSize + " complete";
stats.innerHTML = newHTML;
html = "<div class=\"card mb-5\">\n<ul class=\"list-group list-group-flush\">\n";
loadbox.remove();
response.forEach(element => {
loadbox.innerHTML += element.i + '<hr><br>';
typeclass = element.t == 'index_info' ? '' : ' list-group-item-danger';
html += "<li class=\"list-group-item"+typeclass+"\">\n"+element.i+"</li>";
});
html += "</ul>";
speed.insertAdjacentHTML("afterend", html);
// Add buttons after the new textareas
const formGroups = document.querySelectorAll(".form-group");
formGroups.forEach(formGroup => {
const textarea = formGroup.querySelector("textarea");
if (textarea) {
const button = document.createElement("button");
button.innerHTML = "📋";
button.classList.add("btn", "btn-primary", "btn-sm", "mt-2");
button.addEventListener("click", copyText);
textarea.insertAdjacentElement("afterend", button);
}
});
}
else if (this.readyState == 4 && this.status != 200)
{
speed.style.display = stats.style.display = 'none';
console.error("Server returned bad status");
return xhttp.onerror(e);
}
};
let formd = new FormData(uploadForm);
formd.append('submitr', true);
formd.append('ajax', true);
progressHolder.style.display = '';
progressHolder.style.display = stats.style.display = speed.style.display = '';
xhttp.open("POST", "{action}", true);
xhttp.send(formd);
return false;
}
</script>
</script>

8
styles/bootstrap/js/bootstrap.min.js vendored
View File

File diff suppressed because one or more lines are too long

4
styles/bootstrap/js/jquery.min.js vendored
View File

File diff suppressed because one or more lines are too long

5
styles/bootstrap/js/popper.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

6
styles/bootstrap/progress.html
View File

@@ -1,4 +1,6 @@
<div class="progress" id="progressHolder" style="display: none;text-align: center;height: 20px;">
<div class="progress-bar" id="uploadProgress" role="progressbar" style="width: 0%;" aria-valuenow="25"
<div class="progress-bar" id="uploadProgress" role="progressbar" style="width: 0%;" aria-valuenow="0"
aria-valuemin="0" aria-valuemax="100">0%</div>
</div>
</div>
<div id="uploaderstats" style="display: none;text-align: center;">0 Kb / 0 Kb (100%) complete</div>
<div id="uploaderspeed" style="display: none;text-align: center;">0 Kb/s</div>

18
ucp.php
View File

@@ -378,7 +378,7 @@ switch (g('go'))
$result = $SQL->build($query);
$i = ($currentPage * $perpage) - $perpage;
$tdnumi = $num = $files_num = $imgs_num = 0;
$tdnumi = $num = $files_num = $imgs_num = $sizes = 0;
while ($row=$SQL->fetch_array($result))
{
++$i;
@@ -423,7 +423,7 @@ switch (g('go'))
kleeja_info($lang['INVALID_FORM_KEY']);
}
if ($_POST['del_' . $row['id']])
if (isset($_POST['del_' . $row['id']]))
{
//delete from folder ..
@kleeja_unlink($row['folder'] . '/' . $row['name']);
@@ -655,7 +655,8 @@ switch (g('go'))
$user_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7);
$mail = $new_mail ? "mail='" . $SQL->escape(strtolower(trim(p('pmail')))) . "'" : '';
$showmyfile = p('show_my_filecp', 'int') != $show_my_filecp ? ($mail == '' ? '': ',') . "show_my_filecp='" . p('show_my_filecp', 'int') . "'" : '';
$pass = ! empty(p('ppass_new')) ? ($showmyfile != '' || $mail != '' ? ',' : '') . "password='" . $usrcp->kleeja_hash_password($SQL->escape(p('ppass_new')) . $user_salt) .
$insertnewpass = $usrcp->kleeja_hash_password($SQL->escape(p('ppass_new')) . $user_salt);
$pass = ! empty(p('ppass_new')) ? ($showmyfile != '' || $mail != '' ? ',' : '') . "password='" . $insertnewpass .
"', password_salt='" . $user_salt . "'" : '';
$id = (int) $usrcp->id();
@@ -675,8 +676,17 @@ switch (g('go'))
{
$text = $lang['DATA_CHANGED_O_LO'];
$SQL->build($update_query);
}
//Need to update cookies
$prev_cookie = @explode('|', $usrcp->en_de_crypt($usrcp->kleeja_get_cookie('ulogu'), 2));
$prev_cookie[1] = !empty(p('ppass_new')) ? $insertnewpass : $prev_cookie[1];
$prev_cookie[3] = sha1(md5($config['h_key'] . $prev_cookie[1]) . $prev_cookie[2]);
$usinfo = unserialize(base64_decode($prev_cookie[5]));
$mail = $new_mail ? $SQL->escape(strtolower(trim(p('pmail')))) : $usinfo['mail'];
$prev_cookie[5] = base64_encode(serialize(['id'=>$prev_cookie[0], 'name'=>$usinfo['name'], 'mail'=>$mail, 'last_visit'=>$usinfo['last_visit']]));
$usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt(implode('|',$prev_cookie)), $prev_cookie[2]);
}
kleeja_info($text, '', true, $action);
}
}//else submit