Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //////////////////////////
- // phuct uploads //
- // objects.php //
- //////////////////////////
- class database {
- function connect()
- {
- // if ( $_SERVER["REMOTE_ADDR"] == "127.0.0.1" ) { $domain = "localhost"; }
- //else{
- //$domain = "mysql.rypedesigns.com";
- //}
- $dbuser = "rypesrealm";
- $dbpass = "password!";
- $dbname = "rypesrealm";
- $dbhost = "mysql.rypesrealm.com";
- $this->id = mysql_connect($dbhost, $dbuser, $dbpass) or die("<br />Failed onConnect(DB); printing report..<br />" . mysql_error());
- mysql_select_db($dbname, $this->id) or die ("<br />Failed onSelect('{$dbname}'); printing report..<br />" . mysql_error());
- return $this->id;
- } // end connect()
- function query($query_inp, $results = false, $result_name = false)
- {
- global $DB;
- if ( $this->qcount == 0 || $this->qcount == false ){
- $this->qcount = 1;
- } else {
- ++$this->qcount;
- }
- $result = @mysql_query($query_inp, $this->id);
- if ( $result !== false && $result !== NULL ){
- $this->error = NULL;
- $this->last_query = $query_inp;
- if ( !isset($result_name) || $result_name == false ){
- $this->result = $result; }
- else{ $this->$result_name = $result; }
- if ( $results == true || $results == "1" ){ $result_count = 0;
- $this->count_query = preg_replace('/LIMIT(\s*)(\d*\s*,)?(\s*)(\d*)/', '', $query_inp);
- $count_result = @mysql_query($this->count_query, $this->id);
- while ( $row = mysql_fetch_row($count_result) )
- { $result_count++; }
- $this->results = $result_count;
- return @mysql_query($query_inp, $this->id);
- } else {
- return true;
- }
- } else {
- $this->error = mysql_error();
- $this->last_query = $query_inp;
- return $this->result = false;
- }
- } // end query
- } // end DB
- $DB = new database();
- $DB->connect();
- class user {
- }
- $user = new user();
- class prescripts{
- function logout(){
- setcookie("id", '', time()+1, "/uploads", "rypesrealm.com");
- setcookie("username", '', time()+1, "/uploads", "rypesrealm.com");
- setcookie("password", '', time()+1, "/uploads", "rypesrealm.com");
- setcookie("time", '', time()+1, "/uploads", "rypesrealm.com");
- unset($_SESSION);
- }
- function login(){
- global $DB, $user;
- if ( $_POST['username'] && $_POST['password'] ){
- $username = $_POST['username'];
- $password = md5($_POST['password']);
- $DB->query("SELECT * FROM `phuct_users` WHERE `username` = '{$username}' AND `password` = '{$password}'");
- $user_row = @mysql_fetch_array($DB->result, MYSQL_ASSOC);
- $row_id = $user_row['id'];
- $row_username = $user_row['username'];
- $row_password = $user_row['password'];
- if ( $DB->error == NULL && $user_row !== false && $password == $row_password ){
- if ( $_POST['setcookie'] == "true" ){
- setcookie("id", $row_id, time()+3600, "/uploads", "rypesrealm.com");
- setcookie("username", $row_username, time()+3600, "/uploads", "rypesrealm.com");
- setcookie("password", $row_password, time()+3600, "/uploads", "rypesrealm.com");
- setcookie("time", time(), time()+3600, "/uploads", "rypesrealm.com");
- }
- // $GLOBALS['user']['id'] = $id;
- // $GLOBALS['user']['name'] = $username;
- // $GLOBALS['user']['password'] = $password;
- // $GLOBALS['user']['logged_in'] = true;
- $user->id = $id;
- $user->username = $username;
- $user->password = $password;
- $user->logged_in = true;
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $_SESSION['password'] = $password;
- return true;
- } else {
- unset($_SESSION);
- $user->logged_in = false;
- return false;
- }
- }
- }
- function verify_user($id = false, $password = false){
- global $user, $DB;
- if ( $this->setcookie >= 1 ) return false;
- $setcookie = false; //FIX THIS addslashes($_POST);
- /* if ( isset($id) && isset($password) && $id !== false && $password !== false ){
- $column = "id";
- $id = $id;
- $password = md5($password);
- } else {
- */
- if ( isset($_COOKIE['id']) && isset($_COOKIE['password']) ){
- $column = "id";
- $id = $_COOKIE['id'];
- $password = $_COOKIE['password'];
- } elseif ( isset($_POST['username']) && isset($_POST['password']) ) {
- $setcookie = true;
- $column = "username";
- $id = $_POST['username'];
- $password = md5($_POST['password']);
- } else {
- return false;
- }
- // }
- $DB->query("SELECT * FROM `phuct_users` WHERE `{$column}` = '{$id}' AND `password` = '{$password}'");
- $user_row = @mysql_fetch_array($DB->result, MYSQL_ASSOC);
- $id = $user_row['id'];
- $username = $user_row['username'];
- $password = $user_row['password'];
- if ( $DB->error == NULL && $user_row !== false && $password == $_COOKIE['password'] ){
- $user->id = $id;
- $user->username = $username;
- $user->password = $password;
- $user->logged_in = true;
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $_SESSION['password'] = $password;
- return true;
- } else {
- unset($_SESSION);
- $user->logged_in = false;
- return false;
- }
- }
- function verify($parameters = false){
- global $root, $DB, $modules;
- if ( !isset($_COOKIE['id']) || !isset($_COOKIE['password']) ){
- $modules->user_forms();
- }
- }
- function send_login(){
- global $DB, $user;
- if ( $_POST['username'] && $_POST['password'] ) {
- $password = md5($_POST['password']);
- addslashes($_POST);
- $username = $_POST['username'];
- $page = $_POST['page'];
- if ( $_POST['previous_page'] ){ $pagelink = $_POST['previous_page']; } else { $pagelink = $page; }
- $query = "SELECT * FROM `phuct_users` WHERE `username` = '{$username}' AND `password` = '{$password}'";
- $DB->query($query);
- $user_row = @mysql_fetch_array($DB->result, MYSQL_ASSOC);
- $id = $user_row['id'];
- // if ( $pre_header == false || !isset($pre_header) ) return;
- if ( $DB->error == NULL && $user_row !== false ){
- setcookie("id", $id);
- setcookie("username", $username);
- setcookie("password", $password);
- $this->id = $id;
- $this->username = $username;
- $this->password = $password;
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $_SESSION['password'] = $password;
- return;
- }
- }
- }
- function download_file($file_id = false){
- global $user, $DB, $root;
- if ( isset($_GET['file_id']) && is_numeric($_GET['file_id']) ) { $file_id = $_GET['file_id']; }
- else{ $file_id = $file_id; }
- $DB->query("SELECT * FROM `phuct_uploads` WHERE `id` = {$file_id} LIMIT 1");
- $error = $DB->error;
- $file = mysql_fetch_array($DB->result);
- $file_dls = $file['downloads'] + 1;
- $DB->query("UPDATE `phuct_uploads` SET `downloads` = '{$file_dls}' WHERE `id` = '{$file['id']}' AND `username` = '{$file['username']}' LIMIT 1");
- $filename = $file['filename'];
- $file_url = "http://www.rypesrealm.com/uploads/uploads/" . $filename;
- $file_path = $root . "uploads/" . $filename;
- if ( !isset($error) && $filename ){
- $this->file_url = $file_url;
- dl_file($file_path);
- }
- }
- } // end prescripts()
- $prescripts = new prescripts();
- class secure_modules{
- function login(){
- global $user, $DB, $modules, $secure_modules;
- if ( $user->logged_in !== true )
- { return $modules->user_forms(); }
- else{ return $this->my_account(); }
- }
- function remove_file(){
- global $DB, $user, $modules, $root;
- $id = $_GET['id'];
- if ( is_numeric($id) ){
- $DB->query("SELECT * FROM `phuct_uploads` WHERE `id` = '{$id}' AND `uid` = '{$user->id}' AND `username` = '{$user->username}'", '1');
- if ( !isset($DB->error) && isset($DB->results) && $DB->results >= 1 ){
- $row = mysql_fetch_array($DB->result, MYSQL_ASSOC);
- $DB->query("DELETE FROM `phuct_uploads` WHERE `id` = '{$id}' AND `uid` = '{$user->id}' AND `username` = '{$user->username}' LIMIT 1");
- $filepath = $root . "uploads/" . $row['filename'];
- // print_r($row);
- // $query = "DELETE FROM `phuct_uploads` WHERE `id` = '{$id}' AND `uid` = '{$user->id}' AND `username` = '{$user->username}' LIMIT 1";
- if ( !isset($DB->error) && file_exists($filepath) )
- { unlink($filepath);
- echo "<h2>success!</h2>" . $row['filename'] . " removal complete."; }
- else{ echo "<h2>error!</h2>failed to delete " . $row['filename'] . "!<br />" . $DB->error; }
- } else {
- echo "<h2>error!</h2>" . $row['filename'] . " (id = $id) is either not owned by you, or doesn't exist.";
- }
- }
- }
- function upload(){
- global $user, $DB, $modules, $root;
- if ( $user->logged_in !== true ) return $modules->user_forms();
- //$file = $root . "frontend/upload_form.php";
- // return str_replace('replaceme', $user->username, read_file($file));
- include($root . 'frontend/upload_form.php');
- }
- function upload_handler(){
- global $DB, $user, $functions, $root;
- if ( $user->logged_in !== true ) return $this->user_forms();
- echo "<div align=\"center\" style=\"width: {$GLOBALS['content_width']}\"><br /><br />";
- foreach ( $_POST as $key => $val ){
- $_POST[$key] = addslashes($val);
- }
- if ( isset($_POST['title']) && $_POST['title'] !== "file title" )
- { $title = $_POST['title']; }
- else{ $title = pathinfo($_FILES['uploaded_file']['name']);
- $title = $title['filename']; }
- $username = $_POST['username'];
- $fileinfo = pathinfo($_FILES['uploaded_file']['name']);
- $extension = $fileinfo['extension'];
- $filename = preg_replace('~..~', '', $fileinfo['filename']);
- $filename = preg_replace('~./~', '', $fileinfo['filename']);
- $filename = $filename . "." . $fileinfo['extension'];
- $temp_file = $_FILES['uploaded_file']['tmp_name'];
- $file_home = $root . "uploads/" . basename($filename);
- $uploads_folder = $root . "uploads/";
- $thumbnail_folder = $root . "uploads/thumbnails/";
- $exists = file_exists($file_home);
- if ( isset($_FILES['uploaded_file']['name']) && $exists == false ){
- $query = "INSERT INTO `phuct_uploads` (`uid`, `username`, `title`, `filename`, `extension`) VALUES ('" . $user->id . "', '{$username}', '{$title}', '{$filename}', '{$extension}')";
- $DB->query($query);
- if ( !isset($DB->error) && move_uploaded_file($temp_file, $file_home) ){
- if ( file_exists($thumbnail_folder . $filename) !== true && $extension == "jpeg" || $extension == "jpg" || $extension == "gif" || $extension == "png" || $extension == "bmp" ) {
- $functions->image->load($uploads_folder . $filename);
- $functions->image->resizeToWidth(220);
- $functions->image->save($thumbnail_folder . $filename);
- }
- echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action complete</span></h4><h2>upload successful</h2>{$filename} has been uploaded to <a href=\"uploads/" . rawurlencode($filename) . "\">uploads/{$filename}</a>";
- } else {
- echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action failed</span></h4><h2 class=\"error\">error!</h2>there was an error executing the SQL query: " . $DB->error;
- }
- }
- elseif ( $_FILES['uploaded_file']['name'] == NULL ){ echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action failed</span></h4><h2 class=\"error\">error!</h2>you haven't selected a file!"; }
- else { echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action failed</span></h4><h2 class=\"error\">error!</h2>upload failed: {$filename} -> {$file_home} already exists on the server!"; }
- echo "</div>";
- return;
- } // end upload_handler()
- function my_account($parameters = false){
- global $root, $DB, $user;
- if ( $user->logged_in !== true )
- { return $this->login(); }
- $DB->query("SELECT SUM(`downloads`) FROM `phuct_uploads` WHERE `uid` = {$user->id}");
- $total_downloads = mysql_fetch_array($DB->result);
- $total_downloads = $total_downloads["SUM(`downloads`)"];
- echo "
- <div align=\"center\" style=\"text-align: left; width: ".$GLOBALS['content_width']."\">
- <br />
- <h4 class=\"folder_box\" style=\"padding-bottom: 0px; text-align: left\"><span class=\"folder_name\">my account</span></h4>
- <h2 style=\"border-top: 1px solid #004477; border-left: 0px solid #004477; padding-left: 0px; margin-bottom: 4px; padding-bottom: 0px\"><a href=\"?act=browse&subact=search&subinput={$user->username}\" class=\"light_bloo\">{$user->username}</a> -- logged in as</h2>
- <a href=\"?act=logout\" class=\"orange\">Logout</a>
- <h4 class=\"folder_box\" style=\"padding-bottom: 0px; text-align: left\"><span class=\"folder_name\" style=\"margin-left: 64px\">my stats</span></h4>
- <div align=\"center\" class=\"folder\" style=\"text-align: left; border-top: 1px solid #004477; border-left: 0px solid #004477\" width=\"1%\">
- <b>total downloads: {$total_downloads} <br />
- uploads: 24 <br />
- average rating: n/a
- </div>
- ";
- $DB->query("SELECT * FROM `phuct_uploads` WHERE `uid` = '{$user->id}' AND `username` = '{$user->username}'");
- if ( !isset($DB->error) ){
- echo '
- <br />
- <h4 class=\"folder_box\" style="padding-bottom: 0px; text-align: left"><span class="folder_name" style="margin-left: 96px">my uploads</span></h4>
- <div align="center" style="text-align: left; margin-left: 0px; padding-left: 0px; padding-top: 8px; border-top: 1px solid #004477; border-left: 0px solid #004477" width="1%">
- <table cellspacing="1" cellpadding="4" width="100%" style="background-color: transparent; text-align: left" align="center">
- <tr>
- <td class="bloo_bar" width="1%">ID</td>
- <td class="bloo_bar">Title</td>
- <td class="bloo_bar">Filename</td>
- <td class="bloo_bar" width="1%">DLs</td>
- <td class="bloo_bar" width="1%">Delete</td>
- </tr>
- ';
- while ( $row = mysql_fetch_array($DB->result, MYSQL_ASSOC) ){
- echo "<tr>
- <td class=\"row3\" style=\"padding: 8px\">{$row['id']}</td>
- <td class=\"row2\" style=\"padding: 8px\"><a href=\"uploads/{$row['filename']}\" class=\"light_bloo\" style=\"font-weight: normal\">{$row['title']}</a></td>
- <td class=\"rowHover2\" style=\"padding: 8px\"><a href=\"uploads/{$row['filename']}\" class=\"light\" style=\"font-weight: normal\">{$row['filename']}</a></td>
- <td class=\"row3\" style=\"padding: 8px\">{$row['downloads']}</td>
- <td class=\"row3\" style=\"padding: 8px\">[ <a onClick=\"confirm_delete('{$row['filename']}', 'index.php?secure_act=remove_file&id={$row['id']}', 'void')\" href=\"javascript:void(0)\" class=\"orange\">X</a> ]</td>
- </tr>
- ";
- }
- echo "
- </table>
- <br /><br />
- </div>
- </div>
- ";
- }
- }
- }
- $secure_modules = new secure_modules();
- class modules {
- function login(){
- global $user;
- if ( $user->logged_in == true ){
- echo "<div align=\"center\" style=\"width: ".$GLOBALS['content_width']."\">
- <h4 class=\"folder_box\"><span class=\"folder_name\">action complete</span></h4>
- <h2>login successful</h2>
- you are logged in as {$user->username}!
- <br />
- you can now access <a href=\"?secure_act=my_account\">your account</a>.
- </div>
- ";
- } else {
- echo "<div align=\"center\" style=\"width: ".$GLOBALS['content_width']."\">
- <h4 class=\"folder_box\"><span class=\"folder_name\">action error</span></h4>
- <h2>login failed</h2>
- your username or password is incorrect.
- </div>
- ";
- }
- }
- function logout(){
- echo
- '
- <div align="center" style="width: '.$GLOBALS['content_width'].'">
- <br /><br />
- <h4 class="folder_box"><span class="folder_name">action successful</span></h4>
- <h2>logged out</h2>
- you\'ve been successfully logged out.
- </div>
- ';
- return;
- }
- function register(){
- global $DB, $user;
- echo "<div align=\"center\" style=\"width: ".$GLOBALS['content_width']."\">";
- if ( isset($_POST['username']) && isset($_POST['password']) && $_POST['password'] == $_POST['password_check'] ) {
- $password = md5($_POST['password']);
- addslashes($_POST);
- $username = $_POST['username'];
- $time = time();
- $query = "INSERT INTO `phuct_users` (`username`, `password`, `date_joined`) VALUES ('{$username}', '{$password}', '{$time}')";
- $DB->query($query);
- if ( $DB->error == NULL ){
- echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action successful</span></h4><h2>registration complete</h2>your username: {$username} <br><br> you can now <a href=\"?secure_act=my_account\">login</a>.</a></div>";
- return;
- } else {
- echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action error</span></h4><h2>registration error</h2>" . $DB->error . "</div>";
- return;
- }
- } else {
- echo "<h4 class=\"folder_box\"><span class=\"folder_name\">action error</span></h4><h2>registration unsuccessful</h2>there was a problem with your registration.</div>";
- return;
- }
- } // end register();
- function memberlist($parameters = false){
- global $DB, $user;
- echo
- '
- <div align="center" style="text-align: left; width: '.$GLOBALS["content_width"].'">
- <br />
- ';
- $margins[0] = "32px";
- $margins[1] = "64px";
- $margins[2] = "96px";
- $margins[3] = "128px";
- $i = 0;
- $DB->query('SELECT * FROM `phuct_users`');
- $new_result = $DB->result;
- while ( $row = mysql_fetch_array($new_result, MYSQL_ASSOC) ){
- $date = date('m.d.y', $row['date_joined']);
- $DB->query("SELECT COUNT(*) FROM `phuct_uploads` WHERE `uid` = '".$row['id']."'");
- $uploads = mysql_fetch_row($DB->result);
- $uploads = $uploads[0];
- $DB->query("SELECT SUM(`downloads`) FROM `phuct_uploads` WHERE `uid` = {$row['id']}");
- $total_downloads = mysql_fetch_array($DB->result);
- $total_downloads = $total_downloads["SUM(`downloads`)"];
- echo "<h4 class=\"folder_box\" style=\"padding-bottom: 0px; text-align: left\"><span class=\"folder_name\" style=\"margin-left: {$margins[$i]}\">member [#{$row['id']}]</span></h4>";
- // echo '<h4>joined on '.$date.'</h4>';
- echo '<h2 style="margin-bottom: 4px">'.$row['username'].'</h2>';
- echo 'uploads: ' . $uploads . '<br />';
- echo 'downloads: ' . $total_downloads . '<br />';
- echo 'joined: ' . $date. '<br />';
- echo '<br /><br />';
- if ( ++$i >= 3 ) $i = 0;
- }
- echo '</div>';
- }
- function list_files(){
- global $root;
- $files = scan_dir($root);
- print_r($files);
- if ( $files == false ) echo $root . "uploads/ could not be scanned!";
- foreach ( $files as $key => $val ){
- echo "$key => $val<br />";
- }
- }
- function browse($parameters = false){
- global $root, $DB;
- require($root . "backend/modules/browse.php");
- return;
- }
- function browser($parameters = false){
- global $root, $DB;
- if ( isset($_GET['file_type']) ) { $viewing = $_GET['file_type'] . "s"; }
- elseif ( $_GET['subact'] == "search" && isset($_GET['subinput']) ) { $viewing = "% ".$_GET['subinput']." %"; }
- else { $viewing = "everything"; }
- $file_types["program"]["0"] = "exe";
- $file_types["program"]["1"] = "msi";
- $file_types["program"]["2"] = "zip";
- $file_types["program"]["3"] = "rar";
- $file_types["image"]["0"] = "jpeg";
- $file_types["image"]["1"] = "jpg";
- $file_types["image"]["2"] = "gif";
- $file_types["image"]["3"] = "bmp";
- $file_types["image"]["4"] = "png";
- $file_types["audio"]["0"] = "mp3";
- $file_types["audio"]["1"] = "wma";
- $file_types["video"]["0"] = "wmv";
- $file_types["video"]["1"] = "mpeg";
- $file_types["video"]["2"] = "mpg";
- $file_types["video"]["3"] = "avi";
- $file_types["video"]["4"] = "mk4";
- $file_types["video"]["5"] = "mp4";
- $DB->query('SELECT DISTINCT `extension` FROM `phuct_uploads` ORDER BY `extension`');
- $i = 0;
- while ( $row = mysql_fetch_row($DB->result) ){
- $file_extensions["$i"] = $row[0];
- $i++;
- }
- $sort_menu = sort_by_menu($file_types);
- $type_links = file_type_links($file_types);
- if ( !isset($_GET['subinput']) ) {
- $search_string = "ex: rype";
- } else {
- $search_string = $_GET['subinput'];
- }
- echo "
- <div align=\"center\">
- <br />
- <table cellspacing=\"0\" cellpadding=\"0\" style=\"width: 100%; border-bottom: 6px solid #0085CC\">
- <tr>
- <td valign=\"bottom\" style=\"vertical-align: bottom; padding: 0px 0px 0px 0px; border-bottom: 6px solid #0085CC\">
- <form action=\"\" method=\"GET\">
- <input type=\"hidden\" name=\"subact\" value=\"search\">
- <input type=\"hidden\" name=\"act\" value=\"browse\">
- <h4 class=\"folder_box\" style=\"margin-bottom: 0px; border-bottom: 0px solid #050505; border-color: #0085CC\"><span class=\"folder_name\" style=\"width: 300px; border-color: #0085CC; margin-left: 15%; margin-bottom: 0px\"><input type=\"text\" name=\"subinput\" value=\"{$search_string}\" maxlength=\"24\" size=\"16\" onClick=\"this.value=''\" style=\"height: 100%; padding: 5px\"><input type=\"submit\" value=\"Search\" style=\"height: 100%; padding: 5px\"></span><span class=\"folder_name\" style=\"border-color: #0085CC; margin-right: 0px; margin-bottom: 0px\">viewing <font color=\"#CCCCCC\">{$viewing}</font></span></h4>
- <!-- <h2 style=\"margin-bottom: 0px; padding: 0px; border-top: 0px solid #0085CC; font-size: 1px; line-height: 1px\"></h2> -->
- </form>
- </td>
- <td style=\"width: 250px; padding: 0px 0px 0px 0px; border-bottom: 6px solid #0085CC\">
- <h4 class=\"folder_box\" style=\"margin-bottom: 0px; border-bottom: 0px solid #050505; border-color: #0085CC\"><span class=\"folder_name\" style=\"border-color: #0085CC; margin-left: 15%; margin-bottom: 0px\">info panel</span></h4>
- <h2 style=\"margin-bottom: 0px; padding: 0px; border-top: 0px solid #0085CC; font-size: 1px; line-height: 1px\"></h2>
- </td>
- </tr>
- <tr>
- <td style=\"width: auto; background-color: #212426; padding: 0px 0px 0px 0px; vertical-align: top\" valign=\"top\">
- ";
- $parameters = $_GET;
- $parameters['order_by'] = $_GET['order_by'];
- $parameters['order_dir'] = $_GET['order_dir'];
- $order_by_value =& $parameters['order_by'];
- $field_columns[0] = "id";
- $field_columns[1] = "username";
- $field_columns[2] = "filename";
- $field_columns[3] = "rating";
- $field_columns[5] = "extension";
- $field_columns[6] = "size";
- $field_columns[7] = "date";
- $results_per_page = 40;
- $field_columns = array_flip($field_columns);
- if ( $order_by_value == NULL || $order_by_value == "" ) $order_by_value = "id";
- if ( $_GET['page'] && is_numeric($_GET['page']) ){
- $parameters['page'] = $_GET['page']; $query_start = (( $parameters['page'] - 1 ) * $results_per_page + 1); }
- else{ $query_start = 0; }
- if ( $parameters['order_dir'] == "ASC" || $parameters['order_dir'] == "DESC" ){ $order_dir = $parameters['order_dir']; }
- else { $order_dir = "DESC"; }
- if ( $parameters['order_by'] ) { $order_by = "ORDER BY `{$parameters['order_by']}` {$order_dir}"; }
- else{ $order_by = "ORDER BY `id` {$order_dir}"; }
- if ( $parameters['subact'] == "search" && strlen($parameters['subinput']) >= 2 ){
- //$DB->query("SELECT COUNT(*) FROM `phuct_uploads` WHERE `username` LIKE '%{$parameters['subinput']}%' OR `filename` LIKE '%{$parameters['subinput']}%' {$order_by}");
- //$sql_results = mysql_fetch_row($DB->result);
- //$sql_results = $sql_results[0];
- $DB->query("SELECT * FROM `phuct_uploads` WHERE `username` LIKE '%{$parameters['subinput']}%' OR `filename` LIKE '%{$parameters['subinput']}%' OR `title` LIKE '%{$parameters['subinput']}%' {$order_by} LIMIT {$query_start}, {$results_per_page}", true);
- } elseif ( isset($file_types["{$parameters['file_type']}"]) || isset($parameters['extension']) && strlen($parameters['extension']) >= 1 ){
- //$DB->query("SELECT COUNT(*) FROM `phuct_uploads` WHERE `{$parameters['subact']}` = {$parameters['subinput']} {$order_by}");
- //$sql_results = mysql_fetch_row($DB->result);
- //$sql_results = $sql_results[0];
- $extension_count = count($file_types["{$parameters['file_type']}"]);
- $query_conditionals = "WHERE";
- $or = " OR";
- $i = 1;
- foreach ( $file_types["{$parameters['file_type']}"] as $key => $val ){
- $query_conditionals .= " `extension` = '{$val}'{$or}";
- if ( ++$i == $extension_count ) $or = "";
- }
- $DB->query("SELECT * FROM `phuct_uploads` {$query_conditionals} {$order_by} LIMIT {$query_start}, {$results_per_page}", true);
- } else {
- //$DB->query("SELECT COUNT(*) FROM `phuct_uploads` {$order_by}");
- //$sql_results = mysql_fetch_row($DB->result);
- //$sql_results = $sql_results[0];
- $DB->query("SELECT * FROM `phuct_uploads` {$order_by} LIMIT {$query_start}, {$results_per_page}", true);
- }
- // echo $DB->last_query;
- $page_links = 10;
- $pages = ( $sql_results / $results_per_page ) + 1;
- $i = 1;
- if ( strpos($pages, '.') !== false ){
- $dec_pos = strpos($pages, '.');
- $pages = substr($pages, 0, $dec_pos);
- }
- $pages_str = "<a href=\"?" . http_edit_query("page", $i) . "\" class=\"orange\">{$i}</a>";
- $i++;
- while ( $i <= $pages ){
- $pages_str .= ", <a href=\"?" . http_edit_query("page", $i) . "\" class=\"orange\">{$i}</a>";
- if ( $i >= $page_links ) break;
- $i++;
- }
- if ( $i < $pages ) $pages_str .= " .. <a href=\"?" . http_edit_query("page", $pages) . "\" class=\"orange\">{$pages}</a>";
- // $results = '. $sql_results .' $pages = '. $pages .' $pages_str = '. $pages_str .' $query_start = '. $query_start.'
- $order_classes["id"] = "bloo_bar";
- $order_classes["username"] = "bloo_bar";
- $order_classes["filename"] = "bloo_bar";
- $order_classes["rating"] = "bloo_bar";
- $order_classes["extension"]= "bloo_bar";
- $order_classes["size"] = "bloo_bar";
- $order_classes["date"] = "bloo_bar";
- $order_classes["$order_by_value"] = "orange_bar";
- echo '
- <table cellpadding="0" cellspacing="1" style="margin: 0px 0px 0px 0px; padding: 0px 0px 0px 0px; background-color: #090909; color: #CCCCCC" width="100%" height="100%">
- <!--
- <tr>
- <td colspan="8" class="row1" style="height: 30px; vertical-align: middle; text-align: center; font-weight: bold; font-family: Arial, Tahoma, Verdana; middle; padding: 4px; font-size: 14px">
- browsing '. $DB->results .' results over '. $pages .' page(s) : '.$pages_str.'
- <div id="previewDiv" align="center" style="background-color: transparent; display: none"> </div>
- </td>
- </tr>
- -->
- ';
- $i = 1;
- $row_i = 1;
- $col_i = 1;
- if ( $parameters["view"] == "list" ) {
- echo '
- <tr>
- <td class="'.$order_classes["id"].'" style="text-align: center" width="3%"><a href="?'. http_edit_query("order_by", "id") .'" class="black">id</a></td>
- <td class="'.$order_classes["username"].'"><a href="?'. http_edit_query("order_by", "username") .'" class="black">username</a></td>
- <td class="'.$order_classes["filename"].'"><a href="?'. http_edit_query("order_by", "filename") .'" class="black">filename</a></td>
- <td class="'.$order_classes["rating"].'" style="width: 200px"><a href="?'. http_edit_query("order_by", "rating") .'" class="black">rating</a></td>
- <td class="'.$order_classes["extension"].'" style="width: 10%"><a href="?'. http_edit_query("order_by", "extension") .'" class="black">ext</a></td>
- <td class="'.$order_classes["size"].'" style="width: 10%"><a href="?'. http_edit_query("order_by", "size") .'" class="black">size</a></td>
- <td class="'.$order_classes["date"].'" style="width: 10%"><a href="?'. http_edit_query("order_by", "date") .'" class="black">date</a></td>
- </tr>
- ';
- while ( $row = mysql_fetch_array($DB->result, MYSQL_ASSOC) ){
- $i = $query_start + 1;
- $style = 1;
- if ( $style >= 3 ) $style = 1;
- $style_str = "row" . $style;
- $size = size($row['size']);
- $rating = 100 - $row['rating'];
- $bar_width = 100 - $row['rating'];
- $rating_width = $row['rating'];
- $cell_styles[0] = $style_str;
- $cell_styles[1] = $style_str;
- $cell_styles[2] = $style_str;
- $cell_styles[3] = $style_str;
- $cell_styles[4] = $style_str;
- $cell_styles[5] = $style_str;
- $cell_styles[6] = $style_str;
- $cell_styles[7] = $style_str;
- $selected_column = $field_columns["$order_by_value"];
- if ( $row['rating'] == "9999" ) { $rating = NULL; $bar_width = 0; $rating_width = "98"; }
- if ( $selected_column !== NULL ) $cell_styles["$selected_column"] = "row3";
- // echo $selected_column . " - " . ${2} . $$selected_column;
- $col_i = 0;
- echo "
- <tr class=\"rowHover{$style}\">
- <td class=\"{$cell_styles[$col_i++]}\" align=\"center\" style=\"padding-right: 4px\">{$i}</td>
- <td class=\"{$cell_styles[$col_i++]}\"><a href=\"?act=browse&subact=search&subinput={$row['username']}\" class=\"orange\">". $row['username'] ."</a></td>
- <td class=\"{$cell_styles[$col_i++]}\"><a href=\"?act=replayer&rid={$row['rid']}\">". $row['filename'] ."</td>
- <td class=\"{$cell_styles[$col_i++]}\" style=\"padding: 0px 8px 0px 6px; text-align: center\" align=\"center\"><div align=\"right\" style=\"white-space: nowrap; background-image: url('images/tile_rating.gif'); background-position: center; background-repeat: repeat-x; background-color: #252525; padding: 0px; border: 1px solid #202020; width: 100%; text-align: right; height: 11px\"><div align=\"right\" style=\"white-space: nowrap; height: 100%; line-height: 100%; width: 100%; background-image: url('images/rating_gradient.gif'); background-repeat: no-repeat; background-position: center right; text-align: right; padding: 0px; font-size: 11px\"> <div style=\"white-space: nowrap; display: inline; height: 100%; line-height: 100%; float: right; background-color: #353539; width: {$rating_width}%\" align=\"right\"> </div></div></div></td>
- <td class=\"{$cell_styles[$col_i++]}\"><a href=\"?act=browse&subact=type&subinput={$row['type']}\">". $row['extension'] ."</a></td>
- <td class=\"{$cell_styles[$col_i++]}\"><a href=\"?act=browse&subact=level&subinput={$row['level']}\">". $row['size'] ."</a></td>
- <td class=\"{$cell_styles[$col_i++]}\"><a href=\"?act=browse&subact=game&subinput={$row['game']}\">". $row['date'] ."</a></td>
- </tr>
- ";
- $i++;
- $style++;
- }
- } else { // $DB->query("SELECT * FROM `thps_replays` LIMIT 0, 49", true);
- $style_i = 1;
- $styles["1"] = "file_r1";
- $styles["2"] = "file_r2";
- $styles["3"] = $styles["1"];
- $styles["4"] = $styles["2"];
- $width_1 = 1;
- $widths["1"] = "12";
- $widths["2"] = "13";
- $widths["3"] = "12";
- $widths["4"] = "13";
- $cols_per_row = 8;
- $i = 1;
- $title_str_limit = 16;
- echo '
- ';
- while ( $row = mysql_fetch_array($DB->result, MYSQL_ASSOC) ){
- $style_alt = $style_i + 1;
- if ( $col_i == 1 ) { echo "<tr>"; }
- if ( $row['title'] == NULL ){ $title = preg_replace('/[\_@\^\%\$\#]/', ' ', pathinfo($row['filename'], PATHINFO_FILENAME)); }
- else{ $title = $row['title']; }
- $long_title = $title;
- if ( strlen($title) > $title_str_limit ) $title = substr($title, 0, $title_str_limit) . "..";
- $extension = pathinfo($row['filename']);
- $extension = $extension['extension'];
- if ( $extension == "jpg" || $extension == "jpeg" || $extension == "gif" || $extension == "bmp" || $extension == "png" ){ $preview_string = "<!-- :: <a onclick=\"previewFile('" . $row['filename'] . "')\" href=\"javascript:void(0)\" class=\"orange\">view</a>-->"; }
- else{ $preview_string = NULL; }
- echo "
- <td onclick=\"showdetails(".$row['id'].")\" align=\"center\" class=\"". $styles["$style_i"] ."\" style=\"text-align: center; font-size: 11px\" width=\"{$widths[$width_i]}%\" onmouseover=\"this.className='". $styles["$style_i"] ."_hover'\" onmouseout=\"this.className='". $styles["$style_i"] ."'\">
- <a class=\"orange\" href=\"?prescript=download_file&file_id={$row['id']}\" title=\"Save [".$row['filename']."] as..\"><div class=\"filecell\" align=\"center\" style=\"margin-left: auto; margin-right: auto; margin-bottom: 5px; width: 32px; height: 42px; line-height: 42px; vertical-align: middle; background-image: url('images/icon_generic.gif'); background-repeat: no-repeat; color: #404040\">{$i}</div></a>
- <a class=\"orange\" onclick=\"showDetails(".$row['id'].")\" href=\"javascript::void(0)\" title=\"show details for [".$long_title."]\">" . $title . "</a>{$preview_string}
- <br /><a class=\"light\" href=\"?act=browse&subact=search&subinput={$row['username']}\">{$row['username']}</a>
- </td>
- ";
- /*
- <a class=\"orange\" href=\"uploads/{$row['filename']}\" title=\"open [".$long_title."]\" target=\"_blank\">" . $title . "</a>{$preview_string}
- <br /><a class=\"light\" href=\"?act=browse&subact=search&subinput={$row['username']}\">{$row['username']}</a>
- </td>
- */
- if ( $col_i == $cols_per_row ) { echo "</tr>"; }
- if ( ++$width_i > 2 ) { $width_i = 1; }
- if ( ++$style_i > 2 || $col_i == $cols_per_row ) { $style_i = 1; }
- if ( $col_i == $cols_per_row ) { $col_i = 0; }
- $i++;
- $col_i++;
- }
- }
- echo '
- <!-- 212426
- <tr style="background-color: #333d42">
- <td colspan="8" style="background-color: #333d42; height: auto; border: 0px"></td>
- </tr>
- -->
- </table>
- </td>
- <td valign="top" style="width: 220px; background-color: #181818; text-align: left; vertical-align: top; padding: 12px 15px 12px 15px">
- <div id="txtHint"><b>
- <a href="javascript::void(0)" class="white">
- <div align="center" style="background-color: #003366; color: #EEEEEE; border: 2px solid #121212; height 30px; padding: 5px; font-weight: bold; font-size: 16px; font-family: \'Trebuchet MS\', Arial, Tahoma; width: 220px; margin: 8px 0px 8px 0px">
- <span style="text-align: center; font-size: 14px; width: 100%"><-- select a file to dl</span>
- </div>
- </a>
- </b>
- click on the text title of any file to view it\'s information in this panel.
- </div>
- </td>
- </tr>
- </table>
- </div>
- ';
- return;
- }
- function user_forms($parameters = false){
- global $root, $DB;
- // echo read_file($root . "frontend/user_forms.php");
- require($root . "frontend/user_forms.php");
- }
- function send_login($pre_header = false){
- global $DB, $user;
- if ( $_POST['username'] && $_POST['password'] ) {
- $password = md5($_POST['password']);
- addslashes($_POST);
- $username = $_POST['username'];
- $page = $_POST['page'];
- if ( $_POST['previous_page'] ){ $pagelink = $_POST['previous_page']; } else { $pagelink = $page; }
- $query = "SELECT * FROM `phuct_users` WHERE `username` = '{$username}' AND `password` = '{$password}'";
- $DB->query($query);
- $user_row = @mysql_fetch_array($DB->result, MYSQL_ASSOC);
- $id = $user_row['id'];
- // if ( $pre_header == false || !isset($pre_header) ) return;
- if ( $DB->error == NULL && $user_row !== false ){
- if ( $pre_header == true || $pre_header == "1" ){
- setcookie("id", $id);
- setcookie("username", $username);
- setcookie("password", $password);
- return;
- }
- echo "<h2>success!</h2><div align=\"center\">Successfully logged in as {$username}! <br><br> Click <a href=\"?page={$pagelink}\">here</a> to return to ".str_replace("_", " ", $pagelink).".</a></div>";
- } else {
- echo "<h2 class=\"error\">error!</h2><div align=\"center\">Login failed. Please try again.</div>";
- echo $this->user_forms();
- }
- } else {
- echo "<h2 class=\"error\">error!</h2><div align=\"center\">Login failed. Please try again.</div>";
- echo $this->user_forms();
- }
- return;
- } // end send_login();
- }
- $modules = new modules();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement