<?php/**** @ This file is created by http://DeZender.Net* @ deZender (PH

1. <?php
2. /**
3. *
4. * @ This file is created by http://DeZender.Net
5. * @ deZender (PHP7 Decoder for ionCube Encoder)
6. *
7. * @ Version : 4.1.0.1
8. * @ Author : DeZender
9. * @ Release on : 29.08.2020
10. * @ Official site : http://DeZender.Net
11. *
12. */
13.  
14. global $rowCollection;
15. global $do;
16. $action = $action ?: strip_tags($_GET['action']);
17. $collectionAction = $action;
18. $mainAltCollection = '';
19.  
20. if ($do == 'dle_collections_download') {
21. if (!$is_logged) {
22. $member_id['user_group'] = 5;
23. }
24.  
25. require_once DLEPlugins::Check(ENGINE_DIR . '/classes/download.class.php');
26. $id = intval($_REQUEST['id']);
27. $perm = true;
28. $full_link = $config['http_home_url'];
29. $row = $db->super_query('SELECT id, name, onserver FROM ' . PREFIX . ('_dle_collections_files WHERE id=\'' . $id . '\''));
30.  
31. if ($row['id'] != $id) {
32. $perm = false;
33. }
34.  
35. if (!$perm) {
36. header('HTTP/1.1 403 Forbidden');
37. exit('You don\'t have access to download this file');
38. }
39.  
40. $url = parse_url($row['onserver']);
41. $file_path = dirname(LazyDev\Collections\Helper::cleanDir($url['path']));
42. $file_name = pathinfo($url['path']);
43. $file_ext = totranslit($file_name['extension'], true, false);
44. $file_name = totranslit($file_name['basename'], false);
45. if ($file_path && ($file_path != '.')) {
46. $file_name = $file_path . '/' . $file_name;
47. }
48.  
49. if (stripos($file_name, '.php') !== false) {
50. header('HTTP/1.1 403 Forbidden');
51. exit('Access denied');
52. }
53.  
54. if (!$user_group[$member_id['user_group']]['allow_files']) {
55. header('HTTP/1.1 403 Forbidden');
56. exit('Access denied');
57. }
58.  
59. if ($config['files_antileech']) {
60. $_SERVER['HTTP_REFERER'] = LazyDev\Collections\Helper::resetUrl($_SERVER['HTTP_REFERER']);
61. $_SERVER['HTTP_HOST'] = LazyDev\Collections\Helper::resetUrl($_SERVER['HTTP_HOST']);
62.  
63. if ($_SERVER['HTTP_HOST'] != $_SERVER['HTTP_REFERER']) {
64. header('HTTP/1.1 403 Forbidden');
65. header('Location: ' . $full_link);
66. exit('Access denied!!!<br /><br />Please visit <a href="' . $config['http_home_url'] . '">' . $config['http_home_url'] . '</a>');
67. }
68. }
69.  
70. $file = new download(ROOT_DIR . '/uploads/dle_collections/' . $file_name, $row['name'], $config['files_force'], intval($user_group[$member_id['user_group']]['files_max_speed']));
71. $db->close();
72. session_write_close();
73. $file->download_file();
74. exit();
75. }
76. else if ($action == 'main') {
77. $collectionAction = $action;
78. $collectionsConfigVar['number_collections'] = $collectionsConfigVar['number_collections'] ?: 10;
79.  
80. if (0 < $cstart) {
81. $cstart = ($cstart - 1) * $collectionsConfigVar['number_collections'];
82. }
83.  
84. $cacheIdPage = intval($_GET['cstart']);
85. $collectionCache = LazyDev\Collections\Cache::get('collections_' . $cacheIdPage);
86.  
87. if ($collectionCache) {
88. $tpl->result['content'] = $collectionCache;
89.  
90. if ($collectionsConfigVar['redirect']) {
91. $count_all = $db->super_query('SELECT COUNT(*) as count FROM ' . PREFIX . '_dle_collections WHERE approve')['count'];
92. LazyDev\Collections\Collections::redirect($count_all, '/' . $collectionsConfigVar['url'] . '/', $cacheIdPage, $collectionsConfigVar['number_collections']);
93. }
94. }
95. else {
96. $orderColl = 'position ASC';
97.  
98. if ($collectionsConfigVar['sort_coll'] == 'by_position_asc') {
99. $orderColl = 'position ASC';
100. }
101. else if ($collectionsConfigVar['sort_coll'] == 'by_position_desc') {
102. $orderColl = 'position DESC';
103. }
104. else if ($collectionsConfigVar['sort_coll'] == 'title') {
105. $orderColl = 'name ASC';
106. }
107. else if ($collectionsConfigVar['sort_coll'] == 'by_count_desc') {
108. $orderColl = 'count DESC';
109. }
110. else if ($collectionsConfigVar['sort_coll'] == 'by_count_asc') {
111. $orderColl = 'count ASC';
112. }
113. else if ($collectionsConfigVar['sort_coll'] == 'by_date_desc') {
114. $orderColl = 'date DESC';
115. }
116. else if ($collectionsConfigVar['sort_coll'] == 'by_date_asc') {
117. $orderColl = 'date ASC';
118. }
119.  
120. $sqlCollections = $db->query('SELECT c.*, (SELECT COUNT(*) as count FROM ' . PREFIX . '_dle_collections_news WHERE collectionId=c.id) as count FROM ' . PREFIX . ('_dle_collections c WHERE approve GROUP BY c.id ORDER BY fixed DESC, ' . $orderColl . ' LIMIT ' . $cstart . ', ' . $collectionsConfigVar['number_collections']));
121. $count_all = $db->super_query('SELECT COUNT(*) as count FROM ' . PREFIX . '_dle_collections WHERE approve')['count'];
122.  
123. if ($collectionsConfigVar['redirect']) {
124. LazyDev\Collections\Collections::redirect($count_all, '/' . $collectionsConfigVar['url'] . '/', $cacheIdPage, $collectionsConfigVar['number_collections']);
125. }
126.  
127. $newsCount = $cstart;
128. $idArrayCollections = [];
129. $tpl->load_template('lazydev/dle_collections/main/collections.tpl');
130.  
131. while ($row = $db->get_row($sqlCollections)) {
132. $idArrayCollections[] = $row['id'];
133. $newsCount++;
134. $tpl->set('{name}', stripslashes($row['name']));
135.  
136. if ($row['title']) {
137. $tpl->set('{title}', stripslashes($row['title']));
138. $tpl->set_block('\'\\[title\\](.*?)\\[/title\\]\'si', '\\1');
139. $tpl->set_block('\'\\[not-title\\](.*?)\\[/not-title\\]\'si', '');
140. }
141. else {
142. $tpl->set('{title}', '');
143. $tpl->set_block('\'\\[title\\](.*?)\\[/title\\]\'si', '');
144. $tpl->set_block('\'\\[not-title\\](.*?)\\[/not-title\\]\'si', '\\1');
145. }
146.  
147. $row['description'] = stripslashes($row['description']);
148. ........................................................................
149. .............................................
150. .....................