Verzeichnisstruktur phpBB-3.1.0


Veröffentlicht
27.10.2014

So funktioniert es


Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück

Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis.
Auf den Verzeichnisnamen klicken, dies zeigt nur das Verzeichnis mit Inhalt an

(Beispiel Datei-Icons)

Auf das Icon klicken um den Quellcode anzuzeigen

acp_attachments.php

Zuletzt modifiziert: 09.10.2024, 12:52 - Dateigröße: 55.43 KiB


0001  <?php
0002  /**
0003  *
0004  * This file is part of the phpBB Forum Software package.
0005  *
0006  * @copyright (c) phpBB Limited <https://www.phpbb.com>
0007  * @license GNU General Public License, version 2 (GPL-2.0)
0008  *
0009  * For full copyright and license information, please see
0010  * the docs/CREDITS.txt file.
0011  *
0012  */
0013   
0014  /**
0015  * @ignore
0016  */
0017  if (!defined('IN_PHPBB'))
0018  {
0019      exit;
0020  }
0021   
0022  class acp_attachments
0023  {
0024      /** @var \phpbb\db\driver\driver_interface */
0025      protected $db;
0026   
0027      /** @var \phpbb\config\config */
0028      protected $config;
0029   
0030      /** @var ContainerBuilder */
0031      protected $phpbb_container;
0032   
0033      /** @var \phpbb\template\template */
0034      protected $template;
0035   
0036      /** @var \phpbb\user */
0037      protected $user;
0038   
0039      public $id;
0040      public $u_action;
0041      protected $new_config;
0042   
0043      function main($id, $mode)
0044      {
0045          global $db, $user, $auth, $template, $cache, $phpbb_container;
0046          global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;
0047   
0048          $this->id = $id;
0049          $this->db = $db;
0050          $this->config = $config;
0051          $this->template = $template;
0052          $this->user = $user;
0053          $this->phpbb_container = $phpbb_container;
0054   
0055          $user->add_lang(array('posting', 'viewtopic', 'acp/attachments'));
0056   
0057          $error = $notify = array();
0058          $submit = (isset($_POST['submit'])) ? true : false;
0059          $action = request_var('action', '');
0060   
0061          $form_key = 'acp_attach';
0062          add_form_key($form_key);
0063   
0064          if ($submit && !check_form_key($form_key))
0065          {
0066              trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
0067          }
0068   
0069          switch ($mode)
0070          {
0071              case 'attach':
0072                  $l_title = 'ACP_ATTACHMENT_SETTINGS';
0073              break;
0074   
0075              case 'extensions':
0076                  $l_title = 'ACP_MANAGE_EXTENSIONS';
0077              break;
0078   
0079              case 'ext_groups':
0080                  $l_title = 'ACP_EXTENSION_GROUPS';
0081              break;
0082   
0083              case 'orphan':
0084                  $l_title = 'ACP_ORPHAN_ATTACHMENTS';
0085              break;
0086   
0087              case 'manage':
0088                  $l_title = 'ACP_MANAGE_ATTACHMENTS';
0089              break;
0090   
0091              default:
0092                  trigger_error('NO_MODE', E_USER_ERROR);
0093              break;
0094          }
0095   
0096          $this->tpl_name = 'acp_attachments';
0097          $this->page_title = $l_title;
0098   
0099          $template->assign_vars(array(
0100              'L_TITLE'            => $user->lang[$l_title],
0101              'L_TITLE_EXPLAIN'    => $user->lang[$l_title . '_EXPLAIN'],
0102              'U_ACTION'            => $this->u_action)
0103          );
0104   
0105          switch ($mode)
0106          {
0107              case 'attach':
0108   
0109                  include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
0110   
0111                  $sql = 'SELECT group_name, cat_id
0112                      FROM ' . EXTENSION_GROUPS_TABLE . '
0113                      WHERE cat_id > 0
0114                      ORDER BY cat_id';
0115                  $result = $db->sql_query($sql);
0116   
0117                  $s_assigned_groups = array();
0118                  while ($row = $db->sql_fetchrow($result))
0119                  {
0120                      $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];
0121                      $s_assigned_groups[$row['cat_id']][] = $row['group_name'];
0122                  }
0123                  $db->sql_freeresult($result);
0124   
0125                  $l_legend_cat_images = $user->lang['SETTINGS_CAT_IMAGES'] . ' [' . $user->lang['ASSIGNED_GROUP'] . ': ' . ((!empty($s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE])) ? implode($user->lang['COMMA_SEPARATOR'], $s_assigned_groups[ATTACHMENT_CATEGORY_IMAGE]) : $user->lang['NO_EXT_GROUP']) . ']';
0126   
0127                  $display_vars = array(
0128                      'title'    => 'ACP_ATTACHMENT_SETTINGS',
0129                      'vars'    => array(
0130                          'legend1'                => 'ACP_ATTACHMENT_SETTINGS',
0131   
0132                          'img_max_width'            => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
0133                          'img_max_height'        => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
0134                          'img_link_width'        => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
0135                          'img_link_height'        => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0', 'type' => false, 'method' => false, 'explain' => false,),
0136   
0137                          'allow_attachments'        => array('lang' => 'ALLOW_ATTACHMENTS',        'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => false),
0138                          'allow_pm_attach'        => array('lang' => 'ALLOW_PM_ATTACHMENTS',    'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => false),
0139                          'upload_path'            => array('lang' => 'UPLOAD_DIR',            'validate' => 'wpath',    'type' => 'text:25:100', 'explain' => true),
0140                          'display_order'            => array('lang' => 'DISPLAY_ORDER',            'validate' => 'bool',    'type' => 'custom', 'method' => 'display_order', 'explain' => true),
0141                          'attachment_quota'        => array('lang' => 'ATTACH_QUOTA',            'validate' => 'string',    'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
0142                          'max_filesize'            => array('lang' => 'ATTACH_MAX_FILESIZE',    'validate' => 'string',    'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
0143                          'max_filesize_pm'        => array('lang' => 'ATTACH_MAX_PM_FILESIZE','validate' => 'string',    'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
0144                          'max_attachments'        => array('lang' => 'MAX_ATTACHMENTS',        'validate' => 'int:0:999',    'type' => 'number:0:999', 'explain' => false),
0145                          'max_attachments_pm'    => array('lang' => 'MAX_ATTACHMENTS_PM',    'validate' => 'int:0:999',    'type' => 'number:0:999', 'explain' => false),
0146                          'secure_downloads'        => array('lang' => 'SECURE_DOWNLOADS',        'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => true),
0147                          'secure_allow_deny'        => array('lang' => 'SECURE_ALLOW_DENY',        'validate' => 'int',    'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
0148                          'secure_allow_empty_referer'    => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => true),
0149                          'check_attachment_content'         => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => true),
0150   
0151                          'legend2'                    => $l_legend_cat_images,
0152                          'img_display_inlined'        => array('lang' => 'DISPLAY_INLINED',        'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => true),
0153                          'img_create_thumbnail'        => array('lang' => 'CREATE_THUMBNAIL',        'validate' => 'bool',    'type' => 'radio:yes_no', 'explain' => true),
0154                          'img_max_thumb_width'        => array('lang' => 'MAX_THUMB_WIDTH',        'validate' => 'int:0:999999999999999',    'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
0155                          'img_min_thumb_filesize'    => array('lang' => 'MIN_THUMB_FILESIZE',    'validate' => 'int:0:999999999999999',    'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
0156                          'img_imagick'                => array('lang' => 'IMAGICK_PATH',            'validate' => 'string',    'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
0157                          'img_max'                    => array('lang' => 'MAX_IMAGE_SIZE',        'validate' => 'int:0:9999',    'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
0158                          'img_link'                    => array('lang' => 'IMAGE_LINK_SIZE',        'validate' => 'int:0:9999',    'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
0159                      )
0160                  );
0161   
0162                  $this->new_config = $config;
0163                  $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config;
0164                  $error = array();
0165   
0166                  // We validate the complete config if whished
0167                  validate_config_vars($display_vars['vars'], $cfg_array, $error);
0168   
0169                  // Do not write values if there is an error
0170                  if (sizeof($error))
0171                  {
0172                      $submit = false;
0173                  }
0174   
0175                  // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
0176                  foreach ($display_vars['vars'] as $config_name => $null)
0177                  {
0178                      if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
0179                      {
0180                          continue;
0181                      }
0182   
0183                      $this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
0184   
0185                      if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
0186                      {
0187                          $size_var = request_var($config_name, '');
0188                          $this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
0189                      }
0190   
0191                      if ($submit)
0192                      {
0193                          set_config($config_name, $config_value);
0194                      }
0195                  }
0196   
0197                  $this->perform_site_list();
0198   
0199                  if ($submit)
0200                  {
0201                      add_log('admin', 'LOG_CONFIG_ATTACH');
0202   
0203                      // Check Settings
0204                      $this->test_upload($error, $this->new_config['upload_path'], false);
0205   
0206                      if (!sizeof($error))
0207                      {
0208                          trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
0209                      }
0210                  }
0211   
0212                  $template->assign_var('S_ATTACHMENT_SETTINGS', true);
0213   
0214                  if ($action == 'imgmagick')
0215                  {
0216                      $this->new_config['img_imagick'] = $this->search_imagemagick();
0217                  }
0218   
0219                  // We strip eventually manual added convert program, we only want the patch
0220                  if ($this->new_config['img_imagick'])
0221                  {
0222                      // Change path separator
0223                      $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']);
0224                      $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
0225   
0226                      // Check for trailing slash
0227                      if (substr($this->new_config['img_imagick'], -1) !== '/')
0228                      {
0229                          $this->new_config['img_imagick'] .= '/';
0230                      }
0231                  }
0232   
0233                  $supported_types = get_supported_image_types();
0234   
0235                  // Check Thumbnail Support
0236                  if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format'])))
0237                  {
0238                      $this->new_config['img_create_thumbnail'] = 0;
0239                  }
0240   
0241                  $template->assign_vars(array(
0242                      'U_SEARCH_IMAGICK'        => $this->u_action . '&amp;action=imgmagick',
0243                      'S_THUMBNAIL_SUPPORT'    => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true)
0244                  );
0245   
0246                  // Secure Download Options - Same procedure as with banning
0247                  $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
0248   
0249                  $sql = 'SELECT *
0250                      FROM ' . SITELIST_TABLE;
0251                  $result = $db->sql_query($sql);
0252   
0253                  $defined_ips = '';
0254                  $ips = array();
0255   
0256                  while ($row = $db->sql_fetchrow($result))
0257                  {
0258                      $value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];
0259                      if ($value)
0260                      {
0261                          $defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';
0262                          $ips[$row['site_id']] = $value;
0263                      }
0264                  }
0265                  $db->sql_freeresult($result);
0266   
0267                  $template->assign_vars(array(
0268                      'S_SECURE_DOWNLOADS'    => $this->new_config['secure_downloads'],
0269                      'S_DEFINED_IPS'            => ($defined_ips != '') ? true : false,
0270                      'S_WARNING'                => (sizeof($error)) ? true : false,
0271   
0272                      'WARNING_MSG'            => implode('<br />', $error),
0273                      'DEFINED_IPS'            => $defined_ips,
0274   
0275                      'L_SECURE_TITLE'        => $user->lang['DEFINE_' . $allow_deny . '_IPS'],
0276                      'L_IP_EXCLUDE'            => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'],
0277                      'L_REMOVE_IPS'            => $user->lang['REMOVE_' . $allow_deny . '_IPS'])
0278                  );
0279   
0280                  // Output relevant options
0281                  foreach ($display_vars['vars'] as $config_key => $vars)
0282                  {
0283                      if (!is_array($vars) && strpos($config_key, 'legend') === false)
0284                      {
0285                          continue;
0286                      }
0287   
0288                      if (strpos($config_key, 'legend') !== false)
0289                      {
0290                          $template->assign_block_vars('options', array(
0291                              'S_LEGEND'        => true,
0292                              'LEGEND'        => (isset($user->lang[$vars])) ? $user->lang[$vars] : $vars)
0293                          );
0294   
0295                          continue;
0296                      }
0297   
0298                      $type = explode(':', $vars['type']);
0299   
0300                      $l_explain = '';
0301                      if ($vars['explain'] && isset($vars['lang_explain']))
0302                      {
0303                          $l_explain = (isset($user->lang[$vars['lang_explain']])) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain'];
0304                      }
0305                      else if ($vars['explain'])
0306                      {
0307                          $l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
0308                      }
0309   
0310                      $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
0311                      if (empty($content))
0312                      {
0313                          continue;
0314                      }
0315   
0316                      $template->assign_block_vars('options', array(
0317                          'KEY'            => $config_key,
0318                          'TITLE'            => $user->lang[$vars['lang']],
0319                          'S_EXPLAIN'        => $vars['explain'],
0320                          'TITLE_EXPLAIN'    => $l_explain,
0321                          'CONTENT'        => $content,
0322                          )
0323                      );
0324   
0325                      unset($display_vars['vars'][$config_key]);
0326                  }
0327   
0328              break;
0329   
0330              case 'extensions':
0331   
0332                  if ($submit || isset($_POST['add_extension_check']))
0333                  {
0334                      if ($submit)
0335                      {
0336                          // Change Extensions ?
0337                          $extension_change_list    = request_var('extension_change_list', array(0));
0338                          $group_select_list        = request_var('group_select', array(0));
0339   
0340                          // Generate correct Change List
0341                          $extensions = array();
0342   
0343                          for ($i = 0, $size = sizeof($extension_change_list); $i < $size; $i++)
0344                          {
0345                              $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i];
0346                          }
0347   
0348                          $sql = 'SELECT *
0349                              FROM ' . EXTENSIONS_TABLE . '
0350                              ORDER BY extension_id';
0351                          $result = $db->sql_query($sql);
0352   
0353                          while ($row = $db->sql_fetchrow($result))
0354                          {
0355                              if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])
0356                              {
0357                                  $sql = 'UPDATE ' . EXTENSIONS_TABLE . '
0358                                      SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '
0359                                      WHERE extension_id = ' . $row['extension_id'];
0360                                  $db->sql_query($sql);
0361   
0362                                  add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']);
0363                              }
0364                          }
0365                          $db->sql_freeresult($result);
0366   
0367                          // Delete Extension?
0368                          $extension_id_list = request_var('extension_id_list', array(0));
0369   
0370                          if (sizeof($extension_id_list))
0371                          {
0372                              $sql = 'SELECT extension
0373                                  FROM ' . EXTENSIONS_TABLE . '
0374                                  WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
0375                              $result = $db->sql_query($sql);
0376   
0377                              $extension_list = '';
0378                              while ($row = $db->sql_fetchrow($result))
0379                              {
0380                                  $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension'];
0381                              }
0382                              $db->sql_freeresult($result);
0383   
0384                              $sql = 'DELETE
0385                                  FROM ' . EXTENSIONS_TABLE . '
0386                                  WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
0387                              $db->sql_query($sql);
0388   
0389                              add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list);
0390                          }
0391                      }
0392   
0393                      // Add Extension?
0394                      $add_extension            = strtolower(request_var('add_extension', ''));
0395                      $add_extension_group    = request_var('add_group_select', 0);
0396                      $add                    = (isset($_POST['add_extension_check'])) ? true : false;
0397   
0398                      if ($add_extension && $add)
0399                      {
0400                          if (!sizeof($error))
0401                          {
0402                              $sql = 'SELECT extension_id
0403                                  FROM ' . EXTENSIONS_TABLE . "
0404                                  WHERE extension = '" . $db->sql_escape($add_extension) . "'";
0405                              $result = $db->sql_query($sql);
0406   
0407                              if ($row = $db->sql_fetchrow($result))
0408                              {
0409                                  $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);
0410                              }
0411                              $db->sql_freeresult($result);
0412   
0413                              if (!sizeof($error))
0414                              {
0415                                  $sql_ary = array(
0416                                      'group_id'    =>    $add_extension_group,
0417                                      'extension'    =>    $add_extension
0418                                  );
0419   
0420                                  $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
0421                                  add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension);
0422                              }
0423                          }
0424                      }
0425   
0426                      if (!sizeof($error))
0427                      {
0428                          $notify[] = $user->lang['EXTENSIONS_UPDATED'];
0429                      }
0430   
0431                      $cache->destroy('_extensions');
0432                  }
0433   
0434                  $template->assign_vars(array(
0435                      'S_EXTENSIONS'            => true,
0436                      'ADD_EXTENSION'            => (isset($add_extension)) ? $add_extension : '',
0437                      'GROUP_SELECT_OPTIONS'    => (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))
0438                  );
0439   
0440                  $sql = 'SELECT *
0441                      FROM ' . EXTENSIONS_TABLE . '
0442                      ORDER BY group_id, extension';
0443                  $result = $db->sql_query($sql);
0444   
0445                  if ($row = $db->sql_fetchrow($result))
0446                  {
0447                      $old_group_id = $row['group_id'];
0448                      do
0449                      {
0450                          $s_spacer = false;
0451   
0452                          $current_group_id = $row['group_id'];
0453                          if ($old_group_id != $current_group_id)
0454                          {
0455                              $s_spacer = true;
0456                              $old_group_id = $current_group_id;
0457                          }
0458   
0459                          $template->assign_block_vars('extensions', array(
0460                              'S_SPACER'        => $s_spacer,
0461                              'EXTENSION_ID'    => $row['extension_id'],
0462                              'EXTENSION'        => $row['extension'],
0463                              'GROUP_OPTIONS'    => $this->group_select('group_select[]', $row['group_id']))
0464                          );
0465                      }
0466                      while ($row = $db->sql_fetchrow($result));
0467                  }
0468                  $db->sql_freeresult($result);
0469   
0470              break;
0471   
0472              case 'ext_groups':
0473   
0474                  $template->assign_var('S_EXTENSION_GROUPS', true);
0475   
0476                  if ($submit)
0477                  {
0478                      $action = request_var('action', '');
0479                      $group_id = request_var('g', 0);
0480   
0481                      if ($action != 'add' && $action != 'edit')
0482                      {
0483                          trigger_error('NO_MODE', E_USER_ERROR);
0484                      }
0485   
0486                      if (!$group_id && $action == 'edit')
0487                      {
0488                          trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
0489                      }
0490   
0491                      if ($group_id)
0492                      {
0493                          $sql = 'SELECT *
0494                              FROM ' . EXTENSION_GROUPS_TABLE . "
0495                              WHERE group_id = $group_id";
0496                          $result = $db->sql_query($sql);
0497                          $ext_row = $db->sql_fetchrow($result);
0498                          $db->sql_freeresult($result);
0499   
0500                          if (!$ext_row)
0501                          {
0502                              trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
0503                          }
0504                      }
0505                      else
0506                      {
0507                          $ext_row = array();
0508                      }
0509   
0510                      $group_name = utf8_normalize_nfc(request_var('group_name', '', true));
0511                      $new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
0512   
0513                      if (!$group_name)
0514                      {
0515                          $error[] = $user->lang['NO_EXT_GROUP_NAME'];
0516                      }
0517   
0518                      // Check New Group Name
0519                      if ($new_group_name)
0520                      {
0521                          $sql = 'SELECT group_id
0522                              FROM ' . EXTENSION_GROUPS_TABLE . "
0523                              WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
0524                          if ($group_id)
0525                          {
0526                              $sql .= ' AND group_id <> ' . $group_id;
0527                          }
0528                          $result = $db->sql_query($sql);
0529   
0530                          if ($db->sql_fetchrow($result))
0531                          {
0532                              $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name);
0533                          }
0534                          $db->sql_freeresult($result);
0535                      }
0536   
0537                      if (!sizeof($error))
0538                      {
0539                          // Ok, build the update/insert array
0540                          $upload_icon    = request_var('upload_icon', 'no_image');
0541                          $size_select    = request_var('size_select', 'b');
0542                          $forum_select    = request_var('forum_select', false);
0543                          $allowed_forums    = request_var('allowed_forums', array(0));
0544                          $allow_in_pm    = (isset($_POST['allow_in_pm'])) ? true : false;
0545                          $max_filesize    = request_var('max_filesize', 0);
0546                          $max_filesize    = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
0547                          $allow_group    = (isset($_POST['allow_group'])) ? true : false;
0548   
0549                          if ($max_filesize == $config['max_filesize'])
0550                          {
0551                              $max_filesize = 0;
0552                          }
0553   
0554                          if (!sizeof($allowed_forums))
0555                          {
0556                              $forum_select = false;
0557                          }
0558   
0559                          $group_ary = array(
0560                              'group_name'    => $group_name,
0561                              'cat_id'        => request_var('special_category', ATTACHMENT_CATEGORY_NONE),
0562                              'allow_group'    => ($allow_group) ? 1 : 0,
0563                              'upload_icon'    => ($upload_icon == 'no_image') ? '' : $upload_icon,
0564                              'max_filesize'    => $max_filesize,
0565                              'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '',
0566                              'allow_in_pm'    => ($allow_in_pm) ? 1 : 0,
0567                          );
0568   
0569                          if ($action == 'add')
0570                          {
0571                              $group_ary['download_mode'] = INLINE_LINK;
0572                          }
0573   
0574                          $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';
0575                          $sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);
0576                          $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';
0577   
0578                          $db->sql_query($sql);
0579   
0580                          if ($action == 'add')
0581                          {
0582                              $group_id = $db->sql_nextid();
0583                          }
0584   
0585                          $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name;
0586                          add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);
0587                      }
0588   
0589                      $extension_list = request_var('extensions', array(0));
0590   
0591                      if ($action == 'edit' && sizeof($extension_list))
0592                      {
0593                          $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
0594                              SET group_id = 0
0595                              WHERE group_id = $group_id";
0596                          $db->sql_query($sql);
0597                      }
0598   
0599                      if (sizeof($extension_list))
0600                      {
0601                          $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
0602                              SET group_id = $group_id
0603                              WHERE " . $db->sql_in_set('extension_id', $extension_list);
0604                          $db->sql_query($sql);
0605                      }
0606   
0607                      $cache->destroy('_extensions');
0608   
0609                      if (!sizeof($error))
0610                      {
0611                          $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)];
0612                      }
0613                  }
0614   
0615                  $cat_lang = array(
0616                      ATTACHMENT_CATEGORY_NONE        => $user->lang['NO_FILE_CAT'],
0617                      ATTACHMENT_CATEGORY_IMAGE        => $user->lang['CAT_IMAGES'],
0618                      ATTACHMENT_CATEGORY_WM            => $user->lang['CAT_WM_FILES'],
0619                      ATTACHMENT_CATEGORY_RM            => $user->lang['CAT_RM_FILES'],
0620                      ATTACHMENT_CATEGORY_FLASH        => $user->lang['CAT_FLASH_FILES'],
0621                      ATTACHMENT_CATEGORY_QUICKTIME    => $user->lang['CAT_QUICKTIME_FILES'],
0622                  );
0623   
0624                  $group_id = request_var('g', 0);
0625                  $action = (isset($_POST['add'])) ? 'add' : $action;
0626   
0627                  switch ($action)
0628                  {
0629                      case 'delete':
0630   
0631                          if (confirm_box(true))
0632                          {
0633                              $sql = 'SELECT group_name
0634                                  FROM ' . EXTENSION_GROUPS_TABLE . "
0635                                  WHERE group_id = $group_id";
0636                              $result = $db->sql_query($sql);
0637                              $group_name = (string) $db->sql_fetchfield('group_name');
0638                              $db->sql_freeresult($result);
0639   
0640                              $sql = 'DELETE
0641                                  FROM ' . EXTENSION_GROUPS_TABLE . "
0642                                  WHERE group_id = $group_id";
0643                              $db->sql_query($sql);
0644   
0645                              // Set corresponding Extensions to a pending Group
0646                              $sql = 'UPDATE ' . EXTENSIONS_TABLE . "
0647                                  SET group_id = 0
0648                                  WHERE group_id = $group_id";
0649                              $db->sql_query($sql);
0650   
0651                              add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);
0652   
0653                              $cache->destroy('_extensions');
0654   
0655                              trigger_error($user->lang['EXTENSION_GROUP_DELETED'] . adm_back_link($this->u_action));
0656                          }
0657                          else
0658                          {
0659                              confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0660                                  'i'            => $id,
0661                                  'mode'        => $mode,
0662                                  'group_id'    => $group_id,
0663                                  'action'    => 'delete',
0664                              )));
0665                          }
0666   
0667                      break;
0668   
0669                      case 'edit':
0670   
0671                          if (!$group_id)
0672                          {
0673                              trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
0674                          }
0675   
0676                          $sql = 'SELECT *
0677                              FROM ' . EXTENSION_GROUPS_TABLE . "
0678                              WHERE group_id = $group_id";
0679                          $result = $db->sql_query($sql);
0680                          $ext_group_row = $db->sql_fetchrow($result);
0681                          $db->sql_freeresult($result);
0682   
0683                          $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums']));
0684   
0685                      // no break;
0686   
0687                      case 'add':
0688   
0689                          if ($action == 'add')
0690                          {
0691                              $ext_group_row = array(
0692                                  'group_name'    => utf8_normalize_nfc(request_var('group_name', '', true)),
0693                                  'cat_id'        => 0,
0694                                  'allow_group'    => 1,
0695                                  'allow_in_pm'    => 1,
0696                                  'upload_icon'    => '',
0697                                  'max_filesize'    => 0,
0698                              );
0699   
0700                              $forum_ids = array();
0701                          }
0702   
0703                          $extensions = array();
0704   
0705                          $sql = 'SELECT *
0706                              FROM ' . EXTENSIONS_TABLE . "
0707                              WHERE group_id = $group_id
0708                                  OR group_id = 0
0709                              ORDER BY extension";
0710                          $result = $db->sql_query($sql);
0711                          $extensions = $db->sql_fetchrowset($result);
0712                          $db->sql_freeresult($result);
0713   
0714                          if ($ext_group_row['max_filesize'] == 0)
0715                          {
0716                              $ext_group_row['max_filesize'] = (int) $config['max_filesize'];
0717                          }
0718   
0719                          $max_filesize = get_formatted_filesize($ext_group_row['max_filesize'], false, array('mb', 'kb', 'b'));
0720                          $size_format = $max_filesize['si_identifier'];
0721                          $ext_group_row['max_filesize'] = $max_filesize['value'];
0722   
0723                          $img_path = $config['upload_icons_path'];
0724   
0725                          $filename_list = '';
0726                          $no_image_select = false;
0727   
0728                          $imglist = filelist($phpbb_root_path . $img_path);
0729   
0730                          if (!empty($imglist['']))
0731                          {
0732                              $imglist = array_values($imglist);
0733                              $imglist = $imglist[0];
0734   
0735                              foreach ($imglist as $key => $img)
0736                              {
0737                                  if (!$ext_group_row['upload_icon'])
0738                                  {
0739                                      $no_image_select = true;
0740                                      $selected = '';
0741                                  }
0742                                  else
0743                                  {
0744                                      $selected = ($ext_group_row['upload_icon'] == $img) ? ' selected="selected"' : '';
0745                                  }
0746   
0747                                  if (strlen($img) > 255)
0748                                  {
0749                                      continue;
0750                                  }
0751   
0752                                  $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . htmlspecialchars($img) . '</option>';
0753                              }
0754                          }
0755   
0756                          $i = 0;
0757                          $assigned_extensions = '';
0758                          foreach ($extensions as $num => $row)
0759                          {
0760                              if ($row['group_id'] == $group_id && $group_id)
0761                              {
0762                                  $assigned_extensions .= ($i) ? ', ' . $row['extension'] : $row['extension'];
0763                                  $i++;
0764                              }
0765                          }
0766   
0767                          $s_extension_options = '';
0768                          foreach ($extensions as $row)
0769                          {
0770                              $s_extension_options .= '<option' . ((!$row['group_id']) ? ' class="disabled"' : '') . ' value="' . $row['extension_id'] . '"' . (($row['group_id'] == $group_id && $group_id) ? ' selected="selected"' : '') . '>' . $row['extension'] . '</option>';
0771                          }
0772   
0773                          $template->assign_vars(array(
0774                              'IMG_PATH'                => $img_path,
0775                              'ACTION'                => $action,
0776                              'GROUP_ID'                => $group_id,
0777                              'GROUP_NAME'            => $ext_group_row['group_name'],
0778                              'ALLOW_GROUP'            => $ext_group_row['allow_group'],
0779                              'ALLOW_IN_PM'            => $ext_group_row['allow_in_pm'],
0780                              'UPLOAD_ICON_SRC'        => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'],
0781                              'EXTGROUP_FILESIZE'        => $ext_group_row['max_filesize'],
0782                              'ASSIGNED_EXTENSIONS'    => $assigned_extensions,
0783   
0784                              'S_CATEGORY_SELECT'            => $this->category_select('special_category', $group_id, 'category'),
0785                              'S_EXT_GROUP_SIZE_OPTIONS'    => size_select_options($size_format),
0786                              'S_EXTENSION_OPTIONS'        => $s_extension_options,
0787                              'S_FILENAME_LIST'            => $filename_list,
0788                              'S_EDIT_GROUP'                => true,
0789                              'S_NO_IMAGE'                => $no_image_select,
0790                              'S_FORUM_IDS'                => (sizeof($forum_ids)) ? true : false,
0791   
0792                              'U_EXTENSIONS'        => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;mode=extensions"),
0793                              'U_BACK'            => $this->u_action,
0794   
0795                              'L_LEGEND'            => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'])
0796                          );
0797   
0798                          $s_forum_id_options = '';
0799   
0800                          /** @todo use in-built function **/
0801   
0802                          $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id
0803                              FROM ' . FORUMS_TABLE . '
0804                              ORDER BY left_id ASC';
0805                          $result = $db->sql_query($sql, 600);
0806   
0807                          $right = $cat_right = $padding_inc = 0;
0808                          $padding = $forum_list = $holding = '';
0809                          $padding_store = array('0' => '');
0810   
0811                          while ($row = $db->sql_fetchrow($result))
0812                          {
0813                              if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))
0814                              {
0815                                  // Non-postable forum with no subforums, don't display
0816                                  continue;
0817                              }
0818   
0819                              if (!$auth->acl_get('f_list', $row['forum_id']))
0820                              {
0821                                  // if the user does not have permissions to list this forum skip
0822                                  continue;
0823                              }
0824   
0825                              if ($row['left_id'] < $right)
0826                              {
0827                                  $padding .= '&nbsp; &nbsp;';
0828                                  $padding_store[$row['parent_id']] = $padding;
0829                              }
0830                              else if ($row['left_id'] > $right + 1)
0831                              {
0832                                  $padding = empty($padding_store[$row['parent_id']]) ? '' : $padding_store[$row['parent_id']];
0833                              }
0834   
0835                              $right = $row['right_id'];
0836   
0837                              $selected = (in_array($row['forum_id'], $forum_ids)) ? ' selected="selected"' : '';
0838   
0839                              if ($row['left_id'] > $cat_right)
0840                              {
0841                                  // make sure we don't forget anything
0842                                  $s_forum_id_options .= $holding;
0843                                  $holding = '';
0844                              }
0845   
0846                              if ($row['right_id'] - $row['left_id'] > 1)
0847                              {
0848                                  $cat_right = max($cat_right, $row['right_id']);
0849   
0850                                  $holding .= '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
0851                              }
0852                              else
0853                              {
0854                                  $s_forum_id_options .= $holding . '<option value="' . $row['forum_id'] . '"' . (($row['forum_type'] == FORUM_POST) ? ' class="sep"' : '') . $selected . '>' . $padding . $row['forum_name'] . '</option>';
0855                                  $holding = '';
0856                              }
0857                          }
0858   
0859                          if ($holding)
0860                          {
0861                              $s_forum_id_options .= $holding;
0862                          }
0863   
0864                          $db->sql_freeresult($result);
0865                          unset($padding_store);
0866   
0867                          $template->assign_vars(array(
0868                              'S_FORUM_ID_OPTIONS'    => $s_forum_id_options)
0869                          );
0870   
0871                      break;
0872                  }
0873   
0874                  $sql = 'SELECT *
0875                      FROM ' . EXTENSION_GROUPS_TABLE . '
0876                      ORDER BY allow_group DESC, allow_in_pm DESC, group_name';
0877                  $result = $db->sql_query($sql);
0878   
0879                  $old_allow_group = $old_allow_pm = 1;
0880                  while ($row = $db->sql_fetchrow($result))
0881                  {
0882                      $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false;
0883   
0884                      $template->assign_block_vars('groups', array(
0885                          'S_ADD_SPACER'        => $s_add_spacer,
0886                          'S_ALLOWED_IN_PM'    => ($row['allow_in_pm']) ? true : false,
0887                          'S_GROUP_ALLOWED'    => ($row['allow_group']) ? true : false,
0888   
0889                          'U_EDIT'        => $this->u_action . "&amp;action=edit&amp;g={$row['group_id']}",
0890                          'U_DELETE'        => $this->u_action . "&amp;action=delete&amp;g={$row['group_id']}",
0891   
0892                          'GROUP_NAME'    => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'],
0893                          'CATEGORY'        => $cat_lang[$row['cat_id']],
0894                          )
0895                      );
0896   
0897                      $old_allow_group = $row['allow_group'];
0898                      $old_allow_pm = $row['allow_in_pm'];
0899                  }
0900                  $db->sql_freeresult($result);
0901   
0902              break;
0903   
0904              case 'orphan':
0905   
0906                  if ($submit)
0907                  {
0908                      $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array();
0909                      $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array();
0910                      $post_ids = request_var('post_id', array('' => 0));
0911   
0912                      if (sizeof($delete_files))
0913                      {
0914                          $sql = 'SELECT *
0915                              FROM ' . ATTACHMENTS_TABLE . '
0916                              WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
0917                                  AND is_orphan = 1';
0918                          $result = $db->sql_query($sql);
0919   
0920                          $delete_files = array();
0921                          while ($row = $db->sql_fetchrow($result))
0922                          {
0923                              phpbb_unlink($row['physical_filename'], 'file');
0924   
0925                              if ($row['thumbnail'])
0926                              {
0927                                  phpbb_unlink($row['physical_filename'], 'thumbnail');
0928                              }
0929   
0930                              $delete_files[$row['attach_id']] = $row['real_filename'];
0931                          }
0932                          $db->sql_freeresult($result);
0933                      }
0934   
0935                      if (sizeof($delete_files))
0936                      {
0937                          $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '
0938                              WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));
0939                          $db->sql_query($sql);
0940   
0941                          add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));
0942                          $notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode($user->lang['COMMA_SEPARATOR'], $delete_files));
0943                      }
0944   
0945                      $upload_list = array();
0946                      foreach ($add_files as $attach_id)
0947                      {
0948                          if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id]))
0949                          {
0950                              $upload_list[$attach_id] = $post_ids[$attach_id];
0951                          }
0952                      }
0953                      unset($add_files);
0954   
0955                      if (sizeof($upload_list))
0956                      {
0957                          $template->assign_var('S_UPLOADING_FILES', true);
0958   
0959                          $sql = 'SELECT forum_id, forum_name
0960                              FROM ' . FORUMS_TABLE;
0961                          $result = $db->sql_query($sql);
0962   
0963                          $forum_names = array();
0964                          while ($row = $db->sql_fetchrow($result))
0965                          {
0966                              $forum_names[$row['forum_id']] = $row['forum_name'];
0967                          }
0968                          $db->sql_freeresult($result);
0969   
0970                          $sql = 'SELECT forum_id, topic_id, post_id, poster_id
0971                              FROM ' . POSTS_TABLE . '
0972                              WHERE ' . $db->sql_in_set('post_id', $upload_list);
0973                          $result = $db->sql_query($sql);
0974   
0975                          $post_info = array();
0976                          while ($row = $db->sql_fetchrow($result))
0977                          {
0978                              $post_info[$row['post_id']] = $row;
0979                          }
0980                          $db->sql_freeresult($result);
0981   
0982                          // Select those attachments we want to change...
0983                          $sql = 'SELECT *
0984                              FROM ' . ATTACHMENTS_TABLE . '
0985                              WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '
0986                                  AND is_orphan = 1';
0987                          $result = $db->sql_query($sql);
0988   
0989                          $files_added = $space_taken = 0;
0990                          while ($row = $db->sql_fetchrow($result))
0991                          {
0992                              $post_row = $post_info[$upload_list[$row['attach_id']]];
0993   
0994                              $template->assign_block_vars('upload', array(
0995                                  'FILE_INFO'        => sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
0996                                  'S_DENIED'        => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
0997                                  'L_DENIED'        => (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
0998                              );
0999   
1000                              if (!$auth->acl_get('f_attach', $post_row['forum_id']))
1001                              {
1002                                  continue;
1003                              }
1004   
1005                              // Adjust attachment entry
1006                              $sql_ary = array(
1007                                  'in_message'    => 0,
1008                                  'is_orphan'        => 0,
1009                                  'poster_id'        => $post_row['poster_id'],
1010                                  'post_msg_id'    => $post_row['post_id'],
1011                                  'topic_id'        => $post_row['topic_id'],
1012                              );
1013   
1014                              $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
1015                                  SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
1016                                  WHERE attach_id = ' . $row['attach_id'];
1017                              $db->sql_query($sql);
1018   
1019                              $sql = 'UPDATE ' . POSTS_TABLE . '
1020                                  SET post_attachment = 1
1021                                  WHERE post_id = ' . $post_row['post_id'];
1022                              $db->sql_query($sql);
1023   
1024                              $sql = 'UPDATE ' . TOPICS_TABLE . '
1025                                  SET topic_attachment = 1
1026                                  WHERE topic_id = ' . $post_row['topic_id'];
1027                              $db->sql_query($sql);
1028   
1029                              $space_taken += $row['filesize'];
1030                              $files_added++;
1031   
1032                              add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
1033                          }
1034                          $db->sql_freeresult($result);
1035   
1036                          if ($files_added)
1037                          {
1038                              set_config_count('upload_dir_size', $space_taken, true);
1039                              set_config_count('num_files', $files_added, true);
1040                          }
1041                      }
1042                  }
1043   
1044                  $template->assign_vars(array(
1045                      'S_ORPHAN'        => true)
1046                  );
1047   
1048                  // Just get the files with is_orphan set and older than 3 hours
1049                  $sql = 'SELECT *
1050                      FROM ' . ATTACHMENTS_TABLE . '
1051                      WHERE is_orphan = 1
1052                          AND filetime < ' . (time() - 3*60*60) . '
1053                      ORDER BY filetime DESC';
1054                  $result = $db->sql_query($sql);
1055   
1056                  while ($row = $db->sql_fetchrow($result))
1057                  {
1058                      $template->assign_block_vars('orphan', array(
1059                          'FILESIZE'            => get_formatted_filesize($row['filesize']),
1060                          'FILETIME'            => $user->format_date($row['filetime']),
1061                          'REAL_FILENAME'        => utf8_basename($row['real_filename']),
1062                          'PHYSICAL_FILENAME'    => utf8_basename($row['physical_filename']),
1063                          'ATTACH_ID'            => $row['attach_id'],
1064                          'POST_IDS'            => (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
1065                          'U_FILE'            => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))
1066                      );
1067                  }
1068                  $db->sql_freeresult($result);
1069   
1070              break;
1071   
1072              case 'manage':
1073   
1074                  if ($submit)
1075                  {
1076                      $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array();
1077   
1078                      if (sizeof($delete_files))
1079                      {
1080                          // Select those attachments we want to delete...
1081                          $sql = 'SELECT real_filename
1082                              FROM ' . ATTACHMENTS_TABLE . '
1083                              WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
1084                                  AND is_orphan = 0';
1085                          $result = $db->sql_query($sql);
1086                          while ($row = $db->sql_fetchrow($result))
1087                          {
1088                              $deleted_filenames[] = $row['real_filename'];
1089                          }
1090                          $db->sql_freeresult($result);
1091   
1092                          if ($num_deleted = delete_attachments('attach', $delete_files))
1093                          {
1094                              if (sizeof($delete_files) != $num_deleted)
1095                              {
1096                                  $error[] = $user->lang['FILES_GONE'];
1097                              }
1098                              add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $deleted_filenames));
1099                              $notify[] = sprintf($user->lang['LOG_ATTACHMENTS_DELETED'], implode($user->lang['COMMA_SEPARATOR'], $deleted_filenames));
1100                          }
1101                          else
1102                          {
1103                              $error[] = $user->lang['NO_FILES_TO_DELETE'];
1104                          }
1105                      }
1106                  }
1107   
1108                  if ($action == 'stats')
1109                  {
1110                      $this->handle_stats_resync();
1111                  }
1112   
1113                  $stats_error = $this->check_stats_accuracy();
1114   
1115                  if ($stats_error)
1116                  {
1117                      $error[] = $stats_error;
1118                  }
1119   
1120                  $template->assign_vars(array(
1121                      'S_MANAGE'        => true,
1122                  ));
1123   
1124                  $start        = request_var('start', 0);
1125   
1126                  // Sort keys
1127                  $sort_days    = request_var('st', 0);
1128                  $sort_key    = request_var('sk', 't');
1129                  $sort_dir    = request_var('sd', 'd');
1130   
1131                  // Sorting
1132                  $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1133                  $sort_by_text = array('f' => $user->lang['FILENAME'], 't' => $user->lang['FILEDATE'], 's' => $user->lang['FILESIZE'], 'x' => $user->lang['EXTENSION'], 'd' => $user->lang['DOWNLOADS'],'p' => $user->lang['ATTACH_POST_TYPE'], 'u' => $user->lang['AUTHOR']);
1134                  $sort_by_sql = array('f' => 'a.real_filename', 't' => 'a.filetime', 's' => 'a.filesize', 'x' => 'a.extension', 'd' => 'a.download_count', 'p' => 'a.in_message', 'u' => 'u.username');
1135   
1136                  $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
1137                  gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
1138   
1139                  $min_filetime = ($sort_days) ? (time() - ($sort_days * 86400)) : '';
1140                  $limit_filetime = ($min_filetime) ? " AND a.filetime >= $min_filetime " : '';
1141                  $start = ($sort_days && isset($_POST['sort'])) ? 0 : $start;
1142   
1143                  $attachments_per_page = (int) $config['topics_per_page'];
1144   
1145                  $stats = $this->get_attachment_stats($limit_filetime);
1146                  $num_files = $stats['num_files'];
1147                  $total_size = $stats['upload_dir_size'];
1148   
1149                  // Make sure $start is set to the last page if it exceeds the amount
1150                  $pagination = $phpbb_container->get('pagination');
1151                  $start = $pagination->validate_start($start, $attachments_per_page, $num_files);
1152   
1153                  // If the user is trying to reach the second half of the attachments list, fetch it starting from the end
1154                  $store_reverse = false;
1155                  $sql_limit = $attachments_per_page;
1156   
1157                  if ($start > $num_files / 2)
1158                  {
1159                      $store_reverse = true;
1160   
1161                      // Select the sort order. Add time sort anchor for non-time sorting cases
1162                      $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') : '';
1163                      $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') . $sql_sort_anchor;
1164                      $sql_limit = $pagination->reverse_limit($start, $sql_limit, $num_files);
1165                      $sql_start = $pagination->reverse_start($start, $sql_limit, $num_files);
1166                  }
1167                  else
1168                  {
1169                      // Select the sort order. Add time sort anchor for non-time sorting cases
1170                      $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') : '';
1171                      $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') . $sql_sort_anchor;
1172                      $sql_start = $start;
1173                  }
1174   
1175                  $attachments_list = array();
1176   
1177                  // Just get the files
1178                  $sql = 'SELECT a.*, u.username, u.user_colour, t.topic_title
1179                      FROM ' . ATTACHMENTS_TABLE . ' a
1180                      LEFT JOIN ' . USERS_TABLE . ' u ON (u.user_id = a.poster_id)
1181                      LEFT JOIN ' . TOPICS_TABLE . " t ON (a.topic_id = t.topic_id)
1182                      WHERE a.is_orphan = 0
1183                          $limit_filetime
1184                      ORDER BY $sql_sort_order";
1185                  $result = $db->sql_query_limit($sql, $sql_limit, $sql_start);
1186   
1187                  $i = ($store_reverse) ? $sql_limit - 1 : 0;
1188   
1189                  // Store increment value in a variable to save some conditional calls
1190                  $i_increment = ($store_reverse) ? -1 : 1;
1191                  while ($attachment_row = $db->sql_fetchrow($result))
1192                  {
1193                      $attachments_list[$i] = $attachment_row;
1194                      $i = $i + $i_increment;
1195                  }
1196                  $db->sql_freeresult($result);
1197   
1198                  $base_url = $this->u_action . "&amp;$u_sort_param";
1199                  $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_files, $attachments_per_page, $start);
1200   
1201                  $template->assign_vars(array(
1202                      'TOTAL_FILES'        => $num_files,
1203                      'TOTAL_SIZE'        => get_formatted_filesize($total_size),
1204   
1205                      'S_LIMIT_DAYS'        => $s_limit_days,
1206                      'S_SORT_KEY'        => $s_sort_key,
1207                      'S_SORT_DIR'        => $s_sort_dir)
1208                  );
1209   
1210                  // Grab extensions
1211                  $extensions = $cache->obtain_attach_extensions(true);
1212   
1213                  for ($i = 0, $end = sizeof($attachments_list); $i < $end; ++$i)
1214                  {
1215                      $row = $attachments_list[$i];
1216   
1217                      $row['extension'] = strtolower(trim((string) $row['extension']));
1218                      $comment = ($row['attach_comment'] && !$row['in_message']) ? str_replace(array("\n", "\r"), array('<br />', "\n"), $row['attach_comment']) : '';
1219                      $display_cat = $extensions[$row['extension']]['display_cat'];
1220                      $l_downloaded_viewed = ($display_cat == ATTACHMENT_CATEGORY_NONE) ? 'DOWNLOAD_COUNTS' : 'VIEWED_COUNTS';
1221   
1222                      $template->assign_block_vars('attachments', array(
1223                          'ATTACHMENT_POSTER'    => get_username_string('full', (int) $row['poster_id'], (string) $row['username'], (string) $row['user_colour'], (string) $row['username']),
1224                          'FILESIZE'            => get_formatted_filesize((int) $row['filesize']),
1225                          'FILETIME'            => $user->format_date((int) $row['filetime']),
1226                          'REAL_FILENAME'        => (!$row['in_message']) ? utf8_basename((string) $row['real_filename']) : '',
1227                          'PHYSICAL_FILENAME'    => utf8_basename((string) $row['physical_filename']),
1228                          'EXT_GROUP_NAME'    => (!empty($extensions[$row['extension']]['group_name'])) ? $user->lang['EXT_GROUP_' . $extensions[$row['extension']]['group_name']] : '',
1229                          'COMMENT'            => $comment,
1230                          'TOPIC_TITLE'        => (!$row['in_message']) ? (string) $row['topic_title'] : '',
1231                          'ATTACH_ID'            => (int) $row['attach_id'],
1232                          'POST_ID'            => (int) $row['post_msg_id'],
1233                          'TOPIC_ID'            => (int) $row['topic_id'],
1234                          'POST_IDS'            => (!empty($post_ids[$row['attach_id']])) ? (int) $post_ids[$row['attach_id']] : '',
1235   
1236                          'L_DOWNLOAD_COUNT'    => $user->lang($l_downloaded_viewed, (int) $row['download_count']),
1237   
1238                          'S_IN_MESSAGE'        => (bool) $row['in_message'],
1239   
1240                          'U_VIEW_TOPIC'        => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&amp;p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}",
1241                          'U_FILE'            => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))
1242                      );
1243                  }
1244   
1245              break;
1246          }
1247   
1248          if (sizeof($error))
1249          {
1250              $template->assign_vars(array(
1251                  'S_WARNING'        => true,
1252                  'WARNING_MSG'    => implode('<br />', $error))
1253              );
1254          }
1255   
1256          if (sizeof($notify))
1257          {
1258              $template->assign_vars(array(
1259                  'S_NOTIFY'        => true,
1260                  'NOTIFY_MSG'    => implode('<br />', $notify))
1261              );
1262          }
1263      }
1264   
1265      /**
1266      * Get attachment file count and size of upload directory
1267      *
1268      * @param $limit string    Additional limit for WHERE clause to filter stats by.
1269      * @return array Returns array with stats: num_files and upload_dir_size
1270      */
1271      public function get_attachment_stats($limit = '')
1272      {
1273          $sql = 'SELECT COUNT(a.attach_id) AS num_files, SUM(a.filesize) AS upload_dir_size
1274              FROM ' . ATTACHMENTS_TABLE . " a
1275              WHERE a.is_orphan = 0
1276                  $limit";
1277          $result = $this->db->sql_query($sql);
1278          $row = $this->db->sql_fetchrow($result);
1279          $this->db->sql_freeresult($result);
1280   
1281          return array(
1282              'num_files'            => (int) $row['num_files'],
1283              'upload_dir_size'    => (float) $row['upload_dir_size'],
1284          );
1285      }
1286   
1287      /**
1288      * Set config attachment stat values
1289      *
1290      * @param $stats array    Array of config key => value pairs to set.
1291      * @return null
1292      */
1293      public function set_attachment_stats($stats)
1294      {
1295          foreach ($stats as $key => $value)
1296          {
1297              $this->config->set($key, $value, true);
1298          }
1299      }
1300   
1301      /**
1302      * Check accuracy of attachment statistics.
1303      *
1304      * @return bool|string    Returns false if stats are correct or error message
1305      *    otherwise.
1306      */
1307      public function check_stats_accuracy()
1308      {
1309          // Get fresh stats.
1310          $stats = $this->get_attachment_stats();
1311   
1312          // Get current files stats
1313          $num_files = (int) $this->config['num_files'];
1314          $total_size = (float) $this->config['upload_dir_size'];
1315   
1316          if (($num_files != $stats['num_files']) || ($total_size != $stats['upload_dir_size']))
1317          {
1318              $u_resync = $this->u_action . '&amp;action=stats';
1319   
1320              return $this->user->lang(
1321                  'FILES_STATS_WRONG',
1322                  (int) $stats['num_files'],
1323                  get_formatted_filesize($stats['upload_dir_size']),
1324                  '<a href="' . $u_resync . '">',
1325                  '</a>'
1326              );
1327          }
1328          return false;
1329      }
1330   
1331      /**
1332      * Handle stats resync.
1333      *
1334      * @return null
1335      */
1336      public function handle_stats_resync()
1337      {
1338          if (!confirm_box(true))
1339          {
1340              confirm_box(false, $this->user->lang['RESYNC_FILES_STATS_CONFIRM'], build_hidden_fields(array(
1341                  'i'            => $this->id,
1342                  'mode'        => 'manage',
1343                  'action'    => 'stats',
1344              )));
1345          }
1346          else
1347          {
1348              $this->set_attachment_stats($this->get_attachment_stats());
1349              $log = $this->phpbb_container->get('log');
1350              $log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_RESYNC_FILES_STATS');
1351          }
1352   
1353      }
1354   
1355      /**
1356      * Build Select for category items
1357      */
1358      function category_select($select_name, $group_id = false, $key = '')
1359      {
1360          global $db, $user;
1361   
1362          $types = array(
1363              ATTACHMENT_CATEGORY_NONE        => $user->lang['NO_FILE_CAT'],
1364              ATTACHMENT_CATEGORY_IMAGE        => $user->lang['CAT_IMAGES'],
1365              ATTACHMENT_CATEGORY_WM            => $user->lang['CAT_WM_FILES'],
1366              ATTACHMENT_CATEGORY_RM            => $user->lang['CAT_RM_FILES'],
1367              ATTACHMENT_CATEGORY_FLASH        => $user->lang['CAT_FLASH_FILES'],
1368              ATTACHMENT_CATEGORY_QUICKTIME    => $user->lang['CAT_QUICKTIME_FILES'],
1369          );
1370   
1371          if ($group_id)
1372          {
1373              $sql = 'SELECT cat_id
1374                  FROM ' . EXTENSION_GROUPS_TABLE . '
1375                  WHERE group_id = ' . (int) $group_id;
1376              $result = $db->sql_query($sql);
1377   
1378              $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id'];
1379   
1380              $db->sql_freeresult($result);
1381          }
1382          else
1383          {
1384              $cat_type = ATTACHMENT_CATEGORY_NONE;
1385          }
1386   
1387          $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1388   
1389          foreach ($types as $type => $mode)
1390          {
1391              $selected = ($type == $cat_type) ? ' selected="selected"' : '';
1392              $group_select .= '<option value="' . $type . '"' . $selected . '>' . $mode . '</option>';
1393          }
1394   
1395          $group_select .= '</select>';
1396   
1397          return $group_select;
1398      }
1399   
1400      /**
1401      * Extension group select
1402      */
1403      function group_select($select_name, $default_group = false, $key = '')
1404      {
1405          global $db, $user;
1406   
1407          $group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
1408   
1409          $sql = 'SELECT group_id, group_name
1410              FROM ' . EXTENSION_GROUPS_TABLE . '
1411              ORDER BY group_name';
1412          $result = $db->sql_query($sql);
1413   
1414          $group_name = array();
1415          while ($row = $db->sql_fetchrow($result))
1416          {
1417              $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];
1418              $group_name[] = $row;
1419          }
1420          $db->sql_freeresult($result);
1421   
1422          $row['group_id'] = 0;
1423          $row['group_name'] = $user->lang['NOT_ASSIGNED'];
1424          $group_name[] = $row;
1425   
1426          for ($i = 0; $i < sizeof($group_name); $i++)
1427          {
1428              if ($default_group === false)
1429              {
1430                  $selected = ($i == 0) ? ' selected="selected"' : '';
1431              }
1432              else
1433              {
1434                  $selected = ($group_name[$i]['group_id'] == $default_group) ? ' selected="selected"' : '';
1435              }
1436   
1437              $group_select .= '<option value="' . $group_name[$i]['group_id'] . '"' . $selected . '>' . $group_name[$i]['group_name'] . '</option>';
1438          }
1439   
1440          $group_select .= '</select>';
1441   
1442          return $group_select;
1443      }
1444   
1445      /**
1446      * Search Imagick
1447      */
1448      function search_imagemagick()
1449      {
1450          $imagick = '';
1451   
1452          $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : '';
1453   
1454          $magic_home = getenv('MAGICK_HOME');
1455   
1456          if (empty($magic_home))
1457          {
1458              $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
1459              $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
1460   
1461              $locations = array_merge($path_locations, $locations);
1462   
1463              foreach ($locations as $location)
1464              {
1465                  // The path might not end properly, fudge it
1466                  if (substr($location, -1) !== '/')
1467                  {
1468                      $location .= '/';
1469                  }
1470   
1471                  if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000)
1472                  {
1473                      $imagick = str_replace('\\', '/', $location);
1474                      continue;
1475                  }
1476              }
1477          }
1478          else
1479          {
1480              $imagick = str_replace('\\', '/', $magic_home);
1481          }
1482   
1483          return $imagick;
1484      }
1485   
1486      /**
1487      * Test Settings
1488      */
1489      function test_upload(&$error, $upload_dir, $create_directory = false)
1490      {
1491          global $user, $phpbb_root_path;
1492   
1493          // Does the target directory exist, is it a directory and writable.
1494          if ($create_directory)
1495          {
1496              if (!file_exists($phpbb_root_path . $upload_dir))
1497              {
1498                  @mkdir($phpbb_root_path . $upload_dir, 0777);
1499                  phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE);
1500              }
1501          }
1502   
1503          if (!file_exists($phpbb_root_path . $upload_dir))
1504          {
1505              $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);
1506              return;
1507          }
1508   
1509          if (!is_dir($phpbb_root_path . $upload_dir))
1510          {
1511              $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);
1512              return;
1513          }
1514   
1515          if (!phpbb_is_writable($phpbb_root_path . $upload_dir))
1516          {
1517              $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);
1518              return;
1519          }
1520      }
1521   
1522      /**
1523      * Perform operations on sites for external linking
1524      */
1525      function perform_site_list()
1526      {
1527          global $db, $user;
1528          global $request;
1529   
1530          if (isset($_REQUEST['securesubmit']))
1531          {
1532              // Grab the list of entries
1533              $ips = request_var('ips', '');
1534              $ip_list = array_unique(explode("\n", $ips));
1535              $ip_list_log = implode(', ', $ip_list);
1536   
1537              $ip_exclude = (int) $request->variable('ipexclude', false, false, \phpbb\request\request_interface::POST);
1538   
1539              $iplist = array();
1540              $hostlist = array();
1541   
1542              foreach ($ip_list as $item)
1543              {
1544                  if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))
1545                  {
1546                      // Don't ask about all this, just don't ask ... !
1547                      $ip_1_counter = $ip_range_explode[1];
1548                      $ip_1_end = $ip_range_explode[5];
1549   
1550                      while ($ip_1_counter <= $ip_1_end)
1551                      {
1552                          $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
1553                          $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
1554   
1555                          if ($ip_2_counter == 0 && $ip_2_end == 254)
1556                          {
1557                              $ip_2_counter = 256;
1558                              $ip_2_fragment = 256;
1559   
1560                              $iplist[] = "'$ip_1_counter.*'";
1561                          }
1562   
1563                          while ($ip_2_counter <= $ip_2_end)
1564                          {
1565                              $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
1566                              $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
1567   
1568                              if ($ip_3_counter == 0 && $ip_3_end == 254)
1569                              {
1570                                  $ip_3_counter = 256;
1571                                  $ip_3_fragment = 256;
1572   
1573                                  $iplist[] = "'$ip_1_counter.$ip_2_counter.*'";
1574                              }
1575   
1576                              while ($ip_3_counter <= $ip_3_end)
1577                              {
1578                                  $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
1579                                  $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
1580   
1581                                  if ($ip_4_counter == 0 && $ip_4_end == 254)
1582                                  {
1583                                      $ip_4_counter = 256;
1584                                      $ip_4_fragment = 256;
1585   
1586                                      $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
1587                                  }
1588   
1589                                  while ($ip_4_counter <= $ip_4_end)
1590                                  {
1591                                      $iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
1592                                      $ip_4_counter++;
1593                                  }
1594                                  $ip_3_counter++;
1595                              }
1596                              $ip_2_counter++;
1597                          }
1598                          $ip_1_counter++;
1599                      }
1600                  }
1601                  else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))
1602                  {
1603                      $iplist[] = "'" . trim($item) . "'";
1604                  }
1605                  else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))
1606                  {
1607                      $hostlist[] = "'" . trim($item) . "'";
1608                  }
1609                  else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))
1610                  {
1611                      $hostlist[] = "'" . trim($item) . "'";
1612                  }
1613              }
1614   
1615              $sql = 'SELECT site_ip, site_hostname
1616                  FROM ' . SITELIST_TABLE . "
1617                  WHERE ip_exclude = $ip_exclude";
1618              $result = $db->sql_query($sql);
1619   
1620              if ($row = $db->sql_fetchrow($result))
1621              {
1622                  $iplist_tmp = array();
1623                  $hostlist_tmp = array();
1624                  do
1625                  {
1626                      if ($row['site_ip'])
1627                      {
1628                          if (strlen($row['site_ip']) > 40)
1629                          {
1630                              continue;
1631                          }
1632   
1633                          $iplist_tmp[] = "'" . $row['site_ip'] . "'";
1634                      }
1635                      else if ($row['site_hostname'])
1636                      {
1637                          if (strlen($row['site_hostname']) > 255)
1638                          {
1639                              continue;
1640                          }
1641   
1642                          $hostlist_tmp[] = "'" . $row['site_hostname'] . "'";
1643                      }
1644                      // break;
1645                  }
1646                  while ($row = $db->sql_fetchrow($result));
1647   
1648                  $iplist = array_unique(array_diff($iplist, $iplist_tmp));
1649                  $hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));
1650                  unset($iplist_tmp);
1651                  unset($hostlist_tmp);
1652              }
1653              $db->sql_freeresult($result);
1654   
1655              if (sizeof($iplist))
1656              {
1657                  foreach ($iplist as $ip_entry)
1658                  {
1659                      $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)
1660                          VALUES ($ip_entry$ip_exclude)";
1661                      $db->sql_query($sql);
1662                  }
1663              }
1664   
1665              if (sizeof($hostlist))
1666              {
1667                  foreach ($hostlist as $host_entry)
1668                  {
1669                      $sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_hostname, ip_exclude)
1670                          VALUES ($host_entry$ip_exclude)";
1671                      $db->sql_query($sql);
1672                  }
1673              }
1674   
1675              if (!empty($ip_list_log))
1676              {
1677                  // Update log
1678                  $log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';
1679                  add_log('admin', $log_entry, $ip_list_log);
1680              }
1681   
1682              trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1683          }
1684          else if (isset($_POST['unsecuresubmit']))
1685          {
1686              $unip_sql = request_var('unip', array(0));
1687   
1688              if (sizeof($unip_sql))
1689              {
1690                  $l_unip_list = '';
1691   
1692                  // Grab details of ips for logging information later
1693                  $sql = 'SELECT site_ip, site_hostname
1694                      FROM ' . SITELIST_TABLE . '
1695                      WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1696                  $result = $db->sql_query($sql);
1697   
1698                  while ($row = $db->sql_fetchrow($result))
1699                  {
1700                      $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);
1701                  }
1702                  $db->sql_freeresult($result);
1703   
1704                  $sql = 'DELETE FROM ' . SITELIST_TABLE . '
1705                      WHERE ' . $db->sql_in_set('site_id', $unip_sql);
1706                  $db->sql_query($sql);
1707   
1708                  add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);
1709              }
1710   
1711              trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCCESS'] . adm_back_link($this->u_action));
1712          }
1713      }
1714   
1715      /**
1716      * Write display_order config field
1717      */
1718      function display_order($value, $key = '')
1719      {
1720          $radio_ary = array(0 => 'DESCENDING', 1 => 'ASCENDING');
1721   
1722          return h_radio('config[display_order]', $radio_ary, $value, $key);
1723      }
1724   
1725      /**
1726      * Adjust all three max_filesize config vars for display
1727      */
1728      function max_filesize($value, $key = '')
1729      {
1730          // Determine size var and adjust the value accordingly
1731          $filesize = get_formatted_filesize($value, false, array('mb', 'kb', 'b'));
1732          $size_var = $filesize['si_identifier'];
1733          $value = $filesize['value'];
1734   
1735          // size="8" and maxlength="15" attributes as a fallback for browsers that do not support type="number" yet.
1736          return '<input type="number" id="' . $key . '" size="8" maxlength="15" min="0" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';
1737      }
1738   
1739      /**
1740      * Write secure_allow_deny config field
1741      */
1742      function select_allow_deny($value, $key = '')
1743      {
1744          $radio_ary = array(1 => 'ORDER_ALLOW_DENY', 0 => 'ORDER_DENY_ALLOW');
1745   
1746          return h_radio('config[' . $key . ']', $radio_ary, $value, $key);
1747      }
1748   
1749  }
1750