Viewing file: admin_extensions.php (31.84 KB) -rw-rw-rw- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php /*************************************************************************** * admin_extensions.php * ------------------- * begin : Wednesday, Jan 09, 2002 * copyright : (C) 2002 Meik Sievertsen * email : acyd.burn@gmx.de * * $Id: admin_extensions.php,v 1.27 2004/10/31 16:46:58 acydburn Exp $ * ***************************************************************************/
/*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/
define('IN_PHPBB', true);
if( !empty($setmodules) ) { $filename = basename(__FILE__); $module['Extensions']['Extension_control'] = $filename . '?mode=extensions'; $module['Extensions']['Extension_group_manage'] = $filename . '?mode=groups'; $module['Extensions']['Forbidden_extensions'] = $filename . '?mode=forbidden'; return; }
// // Let's set the root dir for phpBB // $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx);
@include_once($phpbb_root_path . 'attach_mod/includes/constants.'.$phpEx);
if (!intval($attach_config['allow_ftp_upload'])) { if ( ($attach_config['upload_dir'][0] == '/') || ( ($attach_config['upload_dir'][0] != '/') && ($attach_config['upload_dir'][1] == ':') ) ) { $upload_dir = $attach_config['upload_dir']; } else { $upload_dir = '../' . $attach_config['upload_dir']; } } else { $upload_dir = $attach_config['download_path']; }
include($phpbb_root_path . 'attach_mod/includes/functions_selects.' . $phpEx); include($phpbb_root_path . 'attach_mod/includes/functions_admin.' . $phpEx);
// // Init Vars // $types_download = array(INLINE_LINK, PHYSICAL_LINK); $modes_download = array('inline', 'physical');
$types_category = array(IMAGE_CAT, STREAM_CAT, SWF_CAT); $modes_category = array($lang['Category_images'], $lang['Category_stream_files'], $lang['Category_swf_files']);
if(isset($HTTP_GET_VARS['size']) || isset($HTTP_POST_VARS['size'])) { $size = (isset($HTTP_POST_VARS['size'])) ? $HTTP_POST_VARS['size'] : $HTTP_GET_VARS['size']; } else { $size = ''; }
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) { $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; } else { $mode = ''; }
if( isset($HTTP_POST_VARS['e_mode']) || isset($HTTP_GET_VARS['e_mode']) ) { $e_mode = ( isset($HTTP_POST_VARS['e_mode']) ) ? $HTTP_POST_VARS['e_mode'] : $HTTP_GET_VARS['e_mode']; } else { $e_mode = ''; }
$submit = (isset($HTTP_POST_VARS['submit'])) ? TRUE : FALSE;
// // Get Attachment Config // $attach_config = array();
$sql = 'SELECT * FROM ' . ATTACH_CONFIG_TABLE; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query attachment information', '', __LINE__, __FILE__, $sql); }
while ($row = $db->sql_fetchrow($result)) { $attach_config[$row['config_name']] = trim($row['config_value']); }
// // Extension Management // if ($submit && $mode == 'extensions') { // // Change Extensions ? // $extension_change_list = ( isset($HTTP_POST_VARS['extension_change_list']) ) ? $HTTP_POST_VARS['extension_change_list'] : array(); $extension_explain_list = ( isset($HTTP_POST_VARS['extension_explain_list']) ) ? $HTTP_POST_VARS['extension_explain_list'] : array(); $group_select_list = ( isset($HTTP_POST_VARS['group_select']) ) ? $HTTP_POST_VARS['group_select'] : array();
// // Generate correct Change List // $extensions = array();
for ($i = 0; $i < count($extension_change_list); $i++) { $extensions['_' . $extension_change_list[$i]]['comment'] = stripslashes(htmlspecialchars($extension_explain_list[$i])); $extensions['_' . $extension_change_list[$i]]['group_id'] = intval($group_select_list[$i]); }
$sql = "SELECT * FROM " . EXTENSIONS_TABLE . " ORDER BY ext_id";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Couldn\'t get Extension Informations.', '', __LINE__, __FILE__, $sql); }
if ( ($db->sql_numrows($result)) > 0 ) { $extension_row = $db->sql_fetchrowset($result);
for ($i = 0; $i < count($extension_row); $i++) { if ( ($extension_row[$i]['comment'] != $extensions['_' . $extension_row[$i]['ext_id']]['comment']) || (intval($extension_row[$i]['group_id']) != intval($extensions['_' . $extension_row[$i]['ext_id']]['group_id'])) ) { $sql = "UPDATE " . EXTENSIONS_TABLE . " SET comment = '" . $extensions['_' . $extension_row[$i]['ext_id']]['comment'] . "', group_id = " . $extensions['_' . $extension_row[$i]['ext_id']]['group_id'] . " WHERE ext_id = " . $extension_row[$i]['ext_id']; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Couldn\'t update Extension Informations', '', __LINE__, __FILE__, $sql); } } } }
// // Delete Extension ? // $extension_id_list = ( isset($HTTP_POST_VARS['extension_id_list']) ) ? $HTTP_POST_VARS['extension_id_list'] : array();
$extension_id_sql = implode(', ', $extension_id_list);
if ( $extension_id_sql != '' ) { $sql = 'DELETE FROM ' . EXTENSIONS_TABLE . ' WHERE ext_id IN (' . $extension_id_sql . ')';
if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not delete Extensions', '', __LINE__, __FILE__, $sql); }
} // // Add Extension ? // $extension = ( isset($HTTP_POST_VARS['add_extension']) ) ? trim(strip_tags($HTTP_POST_VARS['add_extension'])) : ''; $extension_explain = ( isset($HTTP_POST_VARS['add_extension_explain']) ) ? trim(strip_tags($HTTP_POST_VARS['add_extension_explain'])) : ''; $extension_group = ( isset($HTTP_POST_VARS['add_group_select']) ) ? intval($HTTP_POST_VARS['add_group_select']) : ''; $add = ( isset($HTTP_POST_VARS['add_extension_check']) ) ? TRUE : FALSE;
if ($extension != '' && $add) { $template->assign_vars(array( 'ADD_EXTENSION' => $extension, 'ADD_EXTENSION_EXPLAIN' => $extension_explain) ); if (!$error) { // // check extension // $sql = "SELECT extension FROM " . EXTENSIONS_TABLE; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query Extensions', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result);
if ( $num_rows > 0 ) { for ($i = 0; $i < $num_rows; $i++) { if (strtolower(trim($row[$i]['extension'])) == strtolower(trim($extension))) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Extension_exist'], strtolower(trim($extension))); } } } // // Extension Forbidden ? // if (!$error) { $sql = "SELECT extension FROM " . FORBIDDEN_EXTENSIONS_TABLE; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query Extensions', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result);
if ( $num_rows > 0 ) { for ($i = 0; $i < $num_rows; $i++) { if (strtolower(trim($row[$i]['extension'])) == strtolower(trim($extension))) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Unable_add_forbidden_extension'], strtolower(trim($extension))); } } } }
if (!$error) { $sql = "INSERT INTO " . EXTENSIONS_TABLE . " (group_id, extension, comment) VALUES (" . $extension_group . ", '" . strtolower(trim($extension)) . "', '" . trim($extension_explain) . "')"; if( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not add Extension', '', __LINE__, __FILE__, $sql); }
} } }
if (!$error) { $message = $lang['Attach_config_updated'] . '<br /><br />' . sprintf($lang['Click_return_attach_config'], '<a href="' . append_sid("admin_extensions.$phpEx?mode=extensions") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message); } }
if ($mode == 'extensions') { // // Extensions // $template->set_filenames(array( 'body' => 'admin/attach_extensions.tpl') );
$template->assign_vars(array( 'L_EXTENSIONS_TITLE' => $lang['Manage_extensions'], 'L_EXTENSIONS_EXPLAIN' => $lang['Manage_extensions_explain'], 'L_SELECT' => $lang['Select'], 'L_EXPLANATION' => $lang['Explanation'], 'L_EXTENSION' => $lang['Extension'], 'L_EXTENSION_GROUP' => $lang['Extension_group'], 'L_ADD_NEW' => $lang['Add_new'], 'L_DELETE' => $lang['Delete'], 'L_CANCEL' => $lang['Cancel'], 'L_SUBMIT' => $lang['Submit'],
'S_CANCEL_ACTION' => append_sid("admin_extensions.$phpEx?mode=extensions"), 'S_ATTACH_ACTION' => append_sid("admin_extensions.$phpEx?mode=extensions")) );
if ($submit) { $template->assign_vars(array( 'S_ADD_GROUP_SELECT' => group_select('add_group_select', $extension_group)) ); } else { $template->assign_vars(array( 'S_ADD_GROUP_SELECT' => group_select('add_group_select')) ); }
$sql = "SELECT * FROM " . EXTENSIONS_TABLE . " ORDER BY group_id";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Couldn\'t get Extension informations', '', __LINE__, __FILE__, $sql); }
$extension_row = $db->sql_fetchrowset($result); $num_extension_row = $db->sql_numrows($result);
if ( $num_extension_row > 0 ) { $extension_row = sort_multi_array ($extension_row, 'group_name', 'ASC'); for ($i = 0; $i < $num_extension_row; $i++) { if ($submit) { $template->assign_block_vars('extension_row', array( 'EXT_ID' => $extension_row[$i]['ext_id'], 'EXTENSION' => $extension_row[$i]['extension'], 'EXTENSION_EXPLAIN' => $extension_explain_list[$i], 'S_GROUP_SELECT' => group_select('group_select[]', $group_select_list[$i])) ); } else { $template->assign_block_vars('extension_row', array( 'EXT_ID' => $extension_row[$i]['ext_id'], 'EXTENSION' => $extension_row[$i]['extension'], 'EXTENSION_EXPLAIN' => $extension_row[$i]['comment'], 'S_GROUP_SELECT' => group_select('group_select[]', $extension_row[$i]['group_id'])) ); } } }
}
// // Extension Groups // if ($submit && $mode == 'groups') { // // Change Extension Groups ? // $group_change_list = ( isset($HTTP_POST_VARS['group_change_list']) ) ? $HTTP_POST_VARS['group_change_list'] : array(); $extension_group_list = ( isset($HTTP_POST_VARS['extension_group_list']) ) ? $HTTP_POST_VARS['extension_group_list'] : array(); $group_allowed_list = ( isset($HTTP_POST_VARS['allowed_list']) ) ? $HTTP_POST_VARS['allowed_list'] : array(); $download_mode_list = ( isset($HTTP_POST_VARS['download_mode_list']) ) ? $HTTP_POST_VARS['download_mode_list'] : array(); $category_list = ( isset($HTTP_POST_VARS['category_list']) ) ? $HTTP_POST_VARS['category_list'] : array(); $upload_icon_list = ( isset($HTTP_POST_VARS['upload_icon_list']) ) ? $HTTP_POST_VARS['upload_icon_list'] : array(); $filesize_list = ( isset($HTTP_POST_VARS['max_filesize_list']) ) ? $HTTP_POST_VARS['max_filesize_list'] : array(); $size_select_list = ( isset($HTTP_POST_VARS['size_select_list']) ) ? $HTTP_POST_VARS['size_select_list'] : array();
$allowed_list = array();
for ($i = 0; $i < count($group_allowed_list); $i++) { for ($j = 0; $j < count($group_change_list); $j++) { if ($group_allowed_list[$i] == $group_change_list[$j]) { $allowed_list[$j] = '1'; } } }
for ($i = 0; $i < count($group_change_list); $i++) { $allowed = ( isset($allowed_list[$i]) ) ? '1' : '0'; $filesize_list[$i] = ( $size_select_list[$i] == 'kb' ) ? round($filesize_list[$i] * 1024) : ( ($size_select_list[$i] == 'mb') ? round($filesize_list[$i] * 1048576) : $filesize_list[$i] );
$sql = "UPDATE " . EXTENSION_GROUPS_TABLE . " SET group_name = '" . $extension_group_list[$i] . "', cat_id = " . $category_list[$i] . ", allow_group = " . $allowed . ", download_mode = " . $download_mode_list[$i] . ", upload_icon = '" . $upload_icon_list[$i] . "', max_filesize = " . $filesize_list[$i] . " WHERE group_id = " . $group_change_list[$i]; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Couldn\'t update Extension Groups Informations', '', __LINE__, __FILE__, $sql); } } // // Delete Extension Groups // $group_id_list = ( isset($HTTP_POST_VARS['group_id_list']) ) ? $HTTP_POST_VARS['group_id_list'] : array();
$group_id_sql = implode(', ', $group_id_list);
if ($group_id_sql != '') { $sql = 'DELETE FROM ' . EXTENSION_GROUPS_TABLE . ' WHERE group_id IN (' . $group_id_sql . ')';
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not delete Extension Groups', '', __LINE__, __FILE__, $sql); }
// // Set corresponding Extensions to a pending Group // $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' SET group_id = 0 WHERE group_id IN (' . $group_id_sql . ')';
if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not assign Extensions to Pending Group.', '', __LINE__, __FILE__, $sql); }
} // // Add Extensions ? // $extension_group = ( isset($HTTP_POST_VARS['add_extension_group']) ) ? trim(strip_tags($HTTP_POST_VARS['add_extension_group'])) : ''; $download_mode = ( isset($HTTP_POST_VARS['add_download_mode']) ) ? $HTTP_POST_VARS['add_download_mode'] : ''; $cat_id = ( isset($HTTP_POST_VARS['add_category']) ) ? $HTTP_POST_VARS['add_category'] : ''; $upload_icon = ( isset($HTTP_POST_VARS['add_upload_icon']) ) ? $HTTP_POST_VARS['add_upload_icon'] : ''; $filesize = ( isset($HTTP_POST_VARS['add_max_filesize']) ) ? $HTTP_POST_VARS['add_max_filesize'] : ''; $size_select = ( isset($HTTP_POST_VARS['add_size_select']) ) ? $HTTP_POST_VARS['add_size_select'] : ''; $is_allowed = ( isset($HTTP_POST_VARS['add_allowed']) ) ? '1' : '0'; $add = ( isset($HTTP_POST_VARS['add_extension_group_check']) ) ? TRUE : FALSE;
if ($extension_group != '' && $add) { // // check Extension Group // $sql = 'SELECT group_name FROM ' . EXTENSION_GROUPS_TABLE; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query Extension Groups Table', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result);
if ( $num_rows > 0 ) { for ($i = 0; $i < $num_rows; $i++) { if ($row[$i]['group_name'] == $extension_group) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Extension_group_exist'], $extension_group); } } } if (!$error) { $filesize = ( $size_select == 'kb' ) ? round($filesize * 1024) : ( ($size_select == 'mb') ? round($filesize * 1048576) : $filesize ); $sql = "INSERT INTO " . EXTENSION_GROUPS_TABLE . " (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, forum_permissions) VALUES ('" . $extension_group . "', " . $cat_id . ", " . $is_allowed . ", " . $download_mode . ", '" . $upload_icon . "', " . $filesize . ", '')"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not add Extension Group', '', __LINE__, __FILE__, $sql); } }
}
if (!$error) { $message = $lang['Attach_config_updated'] . '<br /><br />' . sprintf($lang['Click_return_attach_config'], '<a href="' . append_sid("admin_extensions.$phpEx?mode=groups") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message); } }
if ($mode == 'groups') { // // Extension Groups // $template->set_filenames(array( 'body' => 'admin/attach_extension_groups.tpl') );
if ((empty($size)) && (!$submit)) { $max_add_filesize = $attach_config['max_filesize']; $size = ($max_add_filesize >= 1048576) ? 'mb' : ( ($max_add_filesize >= 1024) ? 'kb' : 'b' ); }
if ($max_add_filesize >= 1048576) { $max_add_filesize = round($max_add_filesize / 1048576 * 100) / 100; } else if ( $max_add_filesize >= 1024) { $max_add_filesize = round($max_add_filesize / 1024 * 100) / 100; }
$viewgroup = get_var(POST_GROUPS_URL, 0);
$template->assign_vars(array( 'L_EXTENSION_GROUPS_TITLE' => $lang['Manage_extension_groups'], 'L_EXTENSION_GROUPS_EXPLAIN' => $lang['Manage_extension_groups_explain'], 'L_EXTENSION_GROUP' => $lang['Extension_group'], 'L_ADD_NEW' => $lang['Add_new'], 'L_ALLOWED' => $lang['Allowed'], 'L_DELETE' => $lang['Delete'], 'L_CANCEL' => $lang['Cancel'], 'L_SUBMIT' => $lang['Submit'], 'L_SPECIAL_CATEGORY' => $lang['Special_category'], 'L_DOWNLOAD_MODE' => $lang['Download_mode'], 'L_UPLOAD_ICON' => $lang['Upload_icon'], 'L_MAX_FILESIZE' => $lang['Max_groups_filesize'], 'L_ALLOWED_FORUMS' => $lang['Allowed_forums'], 'L_FORUM_PERMISSIONS' => $lang['Ext_group_permissions'],
'ADD_GROUP_NAME' => ( isset($submit) ) ? $extension_group : '', 'MAX_FILESIZE' => $max_add_filesize,
'S_FILESIZE' => size_select('add_size_select', $size), 'S_ADD_DOWNLOAD_MODE' => download_select('add_download_mode'), 'S_SELECT_CAT' => category_select('add_category'), 'S_CANCEL_ACTION' => append_sid("admin_extensions.$phpEx?mode=groups"), 'S_ATTACH_ACTION' => append_sid("admin_extensions.$phpEx?mode=groups")) );
$sql = "SELECT * FROM " . EXTENSION_GROUPS_TABLE;
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Couldn\'t get Extension Group informations', '', __LINE__, __FILE__, $sql); }
$extension_group = $db->sql_fetchrowset($result); $num_extension_group = $db->sql_numrows($result);
for ($i = 0; $i < $num_extension_group; $i++) { // // Format the filesize // if ( $extension_group[$i]['max_filesize'] == 0 ) { $extension_group[$i]['max_filesize'] = $attach_config['max_filesize']; }
$size_format = ($extension_group[$i]['max_filesize'] >= 1048576) ? 'mb' : ( ($extension_group[$i]['max_filesize'] >= 1024) ? 'kb' : 'b' );
if ( $extension_group[$i]['max_filesize'] >= 1048576) { $extension_group[$i]['max_filesize'] = round($extension_group[$i]['max_filesize'] / 1048576 * 100) / 100; } else if($extension_group[$i]['max_filesize'] >= 1024) { $extension_group[$i]['max_filesize'] = round($extension_group[$i]['max_filesize'] / 1024 * 100) / 100; }
$s_allowed = ($extension_group[$i]['allow_group'] == 1) ? 'checked="checked"' : ''; $template->assign_block_vars('grouprow', array( 'GROUP_ID' => $extension_group[$i]['group_id'], 'EXTENSION_GROUP' => $extension_group[$i]['group_name'], 'UPLOAD_ICON' => $extension_group[$i]['upload_icon'],
'S_ALLOW_SELECTED' => $s_allowed, 'S_SELECT_CAT' => category_select('category_list[]', $extension_group[$i]['group_id']), 'S_DOWNLOAD_MODE' => download_select('download_mode_list[]', $extension_group[$i]['group_id']), 'S_FILESIZE' => size_select('size_select_list[]', $size_format), 'MAX_FILESIZE' => $extension_group[$i]['max_filesize'], 'CAT_BOX' => ( $viewgroup == $extension_group[$i]['group_id'] ) ? $lang['Decollapse'] : $lang['Collapse'], 'U_VIEWGROUP' => ( $viewgroup == $extension_group[$i]['group_id'] ) ? append_sid("admin_extensions.$phpEx?mode=groups") : append_sid("admin_extensions.$phpEx?mode=groups&" . POST_GROUPS_URL . "=" . $extension_group[$i]['group_id']), 'U_FORUM_PERMISSIONS' => append_sid("admin_extensions.$phpEx?mode=$mode&e_mode=perm&e_group=" . $extension_group[$i]['group_id'])) );
if ($viewgroup && $viewgroup == $extension_group[$i]['group_id']) { $sql = "SELECT comment, extension FROM " . EXTENSIONS_TABLE . " WHERE group_id = " . $viewgroup;
if (!$result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Couldn\'t get Extension informations', '', __LINE__, __FILE__, $sql); }
$extension = $db->sql_fetchrowset($result); $num_extension = $db->sql_numrows($result);
for ($j = 0; $j < $num_extension; $j++) { $template->assign_block_vars('grouprow.extensionrow', array( 'EXPLANATION' => $extension[$j]['comment'], 'EXTENSION' => $extension[$j]['extension']) ); } } } }
// // Forbidden Extensions // if ($submit && $mode == 'forbidden') { // // Store new forbidden extension or delete selected forbidden extensions // $extension = ( isset($HTTP_POST_VARS['extension_id_list']) ) ? $HTTP_POST_VARS['extension_id_list'] : array();
$extension_id_sql = implode(', ', $extension);
if( $extension_id_sql != '' ) { $sql = "DELETE FROM " . FORBIDDEN_EXTENSIONS_TABLE . " WHERE ext_id IN (" . $extension_id_sql . ")";
if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not delete forbidden extensions', '', __LINE__, __FILE__, $sql); } } $extension = ( isset($HTTP_POST_VARS['add_extension']) ) ? trim(strip_tags($HTTP_POST_VARS['add_extension'])) : ''; $add = ( isset($HTTP_POST_VARS['add_extension_check']) ) ? TRUE : FALSE; if ($extension != '' && $add) { // // Check Extension // $sql = "SELECT extension FROM " . FORBIDDEN_EXTENSIONS_TABLE;
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query forbidden extensions', '', __LINE__, __FILE__, $sql); }
$row = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result); if( $num_rows > 0 ) { for ($i = 0; $i < $num_rows; $i++) { if ($row[$i]['extension'] == $extension) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Forbidden_extension_exist'], $extension); } } } // Check, if extension is allowed if (!$error) { $sql = "SELECT extension FROM " . EXTENSIONS_TABLE;
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query extensions', '', __LINE__, __FILE__, $sql); }
$row = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result); if( $num_rows > 0 ) { for ($i = 0; $i < $num_rows; $i++) { if (strtolower(trim($row[$i]['extension'])) == strtolower(trim($extension))) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= '<br />'; } $error_msg .= sprintf($lang['Extension_exist_forbidden'], $extension); } } } }
if (!$error) { $sql = "INSERT INTO " . FORBIDDEN_EXTENSIONS_TABLE . " (extension) VALUES ('" . trim($extension) . "')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not add forbidden extension', '', __LINE__, __FILE__, $sql); } } }
if (!$error) { $message = $lang['Attach_config_updated'] . '<br /><br />' . sprintf($lang['Click_return_attach_config'], '<a href="' . append_sid("admin_extensions.$phpEx?mode=forbidden") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message); }
}
if ($mode == 'forbidden') { $template->set_filenames(array( 'body' => 'admin/attach_forbidden_extensions.tpl') );
$template->assign_vars(array( 'S_ATTACH_ACTION' => append_sid('admin_extensions.' . $phpEx . '?mode=forbidden'),
'L_EXTENSIONS_TITLE' => $lang['Manage_forbidden_extensions'], 'L_EXTENSIONS_EXPLAIN' => $lang['Manage_forbidden_extensions_explain'], 'L_EXTENSION' => $lang['Extension'], 'L_ADD_NEW' => $lang['Add_new'], 'L_DELETE' => $lang['Delete']) );
$sql = "SELECT * FROM " . FORBIDDEN_EXTENSIONS_TABLE . " ORDER BY extension"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get forbidden extension informations', '', __LINE__, __FILE__, $sql); }
$extensionrow = $db->sql_fetchrowset($result); $num_extensionrow = $db->sql_numrows($result);
if ( $num_extensionrow > 0 ) { for ($i = 0; $i < $num_extensionrow; $i++) { if (!strstr($extensionrow[$i]['extension'], 'php')) { $template->assign_block_vars('extensionrow', array( 'EXTENSION_ID' => $extensionrow[$i]['ext_id'], 'EXTENSION_NAME' => $extensionrow[$i]['extension']) ); } } } }
if ($e_mode == 'perm') { $group = get_var('e_group', 0);
$add_forum = (isset($HTTP_POST_VARS['add_forum'])) ? TRUE : FALSE; $delete_forum = (isset($HTTP_POST_VARS['del_forum'])) ? TRUE : FALSE;
if (isset($HTTP_POST_VARS['close_perm'])) { $e_mode = ''; } }
// Add Forums if ($add_forum && $e_mode == 'perm' && $group) { $add_forums_list = ( isset($HTTP_POST_VARS['entries']) ) ? $HTTP_POST_VARS['entries'] : array(); $add_all_forums = FALSE;
for ($i = 0; $i < count($add_forums_list); $i++) { if ($add_forums_list[$i] == GPERM_ALL) { $add_all_forums = TRUE; } }
// If we add ALL FORUMS, we are able to overwrite the Permissions if ($add_all_forums) { $sql = "UPDATE " . EXTENSION_GROUPS_TABLE . " SET forum_permissions = '' WHERE group_id = " . $group; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not update Permissions', '', __LINE__, __FILE__, $sql); } }
// Else we have to add Permissions if (!$add_all_forums) { $sql = "SELECT forum_permissions FROM " . EXTENSION_GROUPS_TABLE . " WHERE group_id = " . intval($group) . " LIMIT 1"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Group Permissions from ' . EXTENSION_GROUPS_TABLE, '', __LINE__, __FILE__, $sql); }
$row = $db->sql_fetchrow($result);
if (trim($row['forum_permissions']) == '') { $auth_p = array(); } else { $auth_p = auth_unpack($row['forum_permissions']); } // Generate array for Auth_Pack, do not add doubled forums for ($i = 0; $i < count($add_forums_list); $i++) { if (!in_array($add_forums_list[$i], $auth_p)) { $auth_p[] = $add_forums_list[$i]; } }
$auth_bitstream = auth_pack($auth_p); $sql = "UPDATE " . EXTENSION_GROUPS_TABLE . " SET forum_permissions = '" . $auth_bitstream . "' WHERE group_id = " . $group; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not update Permissions', '', __LINE__, __FILE__, $sql); } }
}
// Delete Forums if ($delete_forum && $e_mode == 'perm' && $group) { $delete_forums_list = ( isset($HTTP_POST_VARS['entries']) ) ? $HTTP_POST_VARS['entries'] : array();
// Get the current Forums $sql = "SELECT forum_permissions FROM " . EXTENSION_GROUPS_TABLE . " WHERE group_id = " . intval($group) . " LIMIT 1"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Group Permissions from ' . EXTENSION_GROUPS_TABLE, '', __LINE__, __FILE__, $sql); }
$row = $db->sql_fetchrow($result);
$auth_p2 = auth_unpack(trim($row['forum_permissions'])); $auth_p = array();
// Generate array for Auth_Pack, delete the chosen ones for ($i = 0; $i < count($auth_p2); $i++) { if (!in_array($auth_p2[$i], $delete_forums_list)) { $auth_p[] = $auth_p2[$i]; } }
$auth_bitstream = ( count($auth_p) > 0 ) ? auth_pack($auth_p) : '';
$sql = "UPDATE " . EXTENSION_GROUPS_TABLE . " SET forum_permissions = '" . $auth_bitstream . "' WHERE group_id = " . $group; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not update Permissions', '', __LINE__, __FILE__, $sql); } }
// Display the Group Permissions Box for configuring it if ($e_mode == 'perm' && $group) { $template->set_filenames(array( 'perm_box' => 'admin/extension_groups_permissions.tpl') ); $sql = "SELECT group_name, forum_permissions FROM " . EXTENSION_GROUPS_TABLE . " WHERE group_id = " . intval($group) . " LIMIT 1"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Group Name from ' . EXTENSION_GROUPS_TABLE, '', __LINE__, __FILE__, $sql); }
$row = $db->sql_fetchrow($result); $group_name = $row['group_name']; $allowed_forums = trim($row['forum_permissions']);
$forum_perm = array();
if ($allowed_forums == '') { $forum_perm[0]['forum_id'] = 0; $forum_perm[0]['forum_name'] = $lang['Perm_all_forums']; } else { $forum_p = array(); $act_id = 0; $forum_p = auth_unpack($allowed_forums); $sql = "SELECT forum_id, forum_name FROM " . FORUMS_TABLE . " WHERE forum_id IN (" . implode(', ', $forum_p) . ")"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Forum Names', '', __LINE__, __FILE__, $sql); }
while ($row = $db->sql_fetchrow($result)) { $forum_perm[$act_id]['forum_id'] = $row['forum_id']; $forum_perm[$act_id]['forum_name'] = $row['forum_name']; $act_id++; } }
for ($i = 0; $i < count($forum_perm); $i++) { $template->assign_block_vars('allow_option_values', array( 'VALUE' => $forum_perm[$i]['forum_id'], 'OPTION' => $forum_perm[$i]['forum_name']) ); }
$template->assign_vars(array( 'L_GROUP_PERMISSIONS_TITLE' => sprintf($lang['Group_permissions_title'], trim($group_name)), 'L_GROUP_PERMISSIONS_EXPLAIN' => $lang['Group_permissions_explain'], 'L_REMOVE_SELECTED' => $lang['Remove_selected'], 'L_CLOSE_WINDOW' => $lang['Close_window'], 'L_ADD_FORUMS' => $lang['Add_forums'], 'L_ADD_SELECTED' => $lang['Add_selected'], 'L_RESET' => $lang['Reset'], 'A_PERM_ACTION' => append_sid("admin_extensions.$phpEx?mode=groups&e_mode=perm&e_group=$group")) );
$forum_option_values = array(GPERM_ALL => $lang['Perm_all_forums']);
$sql = "SELECT forum_id, forum_name FROM " . FORUMS_TABLE;
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Forums', '', __LINE__, __FILE__, $sql); }
while ($row = $db->sql_fetchrow($result)) { $forum_option_values[intval($row['forum_id'])] = $row['forum_name']; }
@reset($forum_option_values); while (list($value, $option) = each($forum_option_values)) { $template->assign_block_vars('forum_option_values', array( 'VALUE' => $value, 'OPTION' => $option) ); }
$template->assign_var_from_handle('GROUP_PERMISSIONS_BOX', 'perm_box');
$empty_perm_forums = array();
$sql = "SELECT forum_id, forum_name FROM " . FORUMS_TABLE . " WHERE auth_attachments < " . AUTH_ADMIN;
if ( !($f_result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not get Forums.', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($f_result)) { $forum_id = $row['forum_id'];
$sql = "SELECT forum_permissions FROM " . EXTENSION_GROUPS_TABLE . " WHERE allow_group = 1 ORDER BY group_name ASC";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not query Extension Groups.', '', __LINE__, __FILE__, $sql); }
$rows = $db->sql_fetchrowset($result); $num_rows = $db->sql_numrows($result);
$found_forum = FALSE;
for ($i = 0; $i < $num_rows; $i++) { $allowed_forums = auth_unpack(trim($rows[$i]['forum_permissions'])); if ( (in_array($forum_id, $allowed_forums)) || (trim($rows[$i]['forum_permissions']) == '') ) { $found_forum = TRUE; break; } }
if (!$found_forum) { $empty_perm_forums[$forum_id] = $row['forum_name']; } }
@reset($empty_perm_forums); $message = ''; while (list($forum_id, $forum_name) = each($empty_perm_forums)) { $message .= ( $message == '' ) ? $forum_name : '<br />' . $forum_name; }
if (count($empty_perm_forums) > 0) { $template->set_filenames(array( 'perm_reg_header' => 'error_body.tpl') ); $template->assign_vars(array( 'ERROR_MESSAGE' => $lang['Note_admin_empty_group_permissions'] . $message) ); $template->assign_var_from_handle('PERM_ERROR_BOX', 'perm_reg_header'); } }
if ($error) { $template->set_filenames(array( 'reg_header' => 'error_body.tpl') ); $template->assign_vars(array( 'ERROR_MESSAGE' => $error_msg) ); $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); }
$template->assign_vars(array( 'ATTACH_VERSION' => sprintf($lang['Attachment_version'], $attach_config['attach_version'])) );
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
?>
|