Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- ***************************************
- ** FreeTSP Version: 2.0 Multilingual **
- ***************************************
- ** http://www.freetsp.com
- ** Licence Info: GPL
- ** Copyright (C) 2017 FreeTSP v2.0 Multilingual
- ** A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
- ** Full Respects & Credits To Mindless & All The Team @ U232
- ** Project Leaders. Fireknight & Rushed.
- ** Project Founder: Krypto.
- **/
- //***********************************************//
- //** Start Turn Off Incidental Error Warnings **//
- //** **//
- //** If You Cannot Access php.ini **//
- //***********************************************//
- error_reporting(E_ALL);
- //----- To Turn Off Change The 1 To 0 -----//
- ini_set("display_errors", 1);
- //************************************************//
- //** Finish Turn Off Incidental Error Warnings **//
- //************************************************//
- //----- Start Execution Time -----//
- $qtme['start'] = microtime(true);
- //----- Finish Execution Time -----//
- //----- Start Server Time -----//
- global $FTSP_V2;
- $servertime = date('D, M j, Y, H:i:s', $FTSP_V2['$time_offset']); //----- 24 HR Clock 16:00:00 -----//
- //$servertime = date('D, M j, Y, g:i a ', $FTSP_V2['$time_offset']); //----- Anolog Clock 4:00PM -----//
- //----- Finish Server Time -----//
- //----- Strip Slashes By System -----//
- function cleanquotes(&$in)
- {
- if (is_array($in))
- {
- return array_walk($in, 'cleanquotes');
- }
- return $in = stripslashes($in);
- }
- if (get_magic_quotes_gpc())
- {
- array_walk($_GET, 'cleanquotes');
- array_walk($_POST, 'cleanquotes');
- array_walk($_COOKIE, 'cleanquotes');
- array_walk($_REQUEST, 'cleanquotes');
- }
- function local_user()
- {
- return $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR'];
- }
- function illegal_access($page, $class)
- {
- global $CURUSER, $lang;
- $page = $_SERVER['PHP_SELF'];
- if (get_user_class() < $class)
- {
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['gbl_msg_sub_illegal_access']}");
- $username = $CURUSER['username'];
- $userid = $CURUSER['id'];
- $msg = sqlesc("{$lang['gbl_msg_illegal_access1']}\n\n{$lang['gbl_msg_illegal_access2']}\n\n{$lang['gbl_msg_illegal_access3']}");
- sql_query("INSERT INTO messages (sender, receiver, added, subject, msg)
- VALUES (0, $userid, $added, $subject, $msg)") or sqlerr(__FILE__, __LINE__);
- write_stafflog ("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>$username.</a></strong> -- {$lang['gbl_stafflog_illegal_access']}$page");
- error_message_center("error",
- "{$lang['gbl_error']}",
- "<strong>$username</strong>{$lang['gbl_illegal_access']}");
- }
- }
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'function_config.php');
- require_once(FUNC_DIR . 'function_cleanup.php');
- require_once(FUNC_DIR . 'function_staffconfig.php');
- //----- Do Not Modify -- Versioning System -----//
- //----- This Will Help Identify Code For Support Issues At freetsp.info -----//
- function copyright()
- {
- global $FTSP_V2, $lang;
- echo("{$lang['gbl_text_powered_by']} <a href='http://www.freetsp.com'>" . FTSP . "{$lang['gbl_text_version']}{$FTSP_V2['$curversion']}</a> © <a href='http://www.freetsp.com'>" . FTSP . "</a> " . (date("Y") > 2010 ? "2010-" : "") . date("Y"));
- }
- //----- validip/getip Curtesy Of Manolete <manolete@myway.com> -----//
- //----- IP Validation -----//
- function validip($ip)
- {
- if (!empty($ip) && $ip == long2ip(ip2long($ip)))
- {
- //----- Reserved IANA IPv4 Addresses -----//
- //----- http://www.iana.org/assignments/ipv4-address-space -----//
- $reserved_ips = array(array('0.0.0.0',
- '0.255.255.255'),
- array('10.0.0.0',
- '10.255.255.255'),
- array('127.0.0.0',
- '127.255.255.255'),
- array('169.254.0.0',
- '169.254.255.255'),
- array('172.16.0.0',
- '172.31.255.255'),
- array('192.0.2.0',
- '192.0.2.255'),
- array('192.168.0.0',
- '192.168.255.255'),
- array('255.255.255.0',
- '255.255.255.255'));
- foreach ($reserved_ips
- AS
- $r)
- {
- $min = ip2long($r[0]);
- $max = ip2long($r[1]);
- if ((ip2long($ip) >= $min) && (ip2long($ip) <= $max))
- {
- return false;
- }
- }
- return true;
- }
- else
- {
- return false;
- }
- }
- //----- Patched Function To Detect Real IP Address If It's Valid -----//
- function getip()
- {
- if (isset($_SERVER))
- {
- if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && validip($_SERVER['HTTP_X_FORWARDED_FOR']))
- {
- $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
- }
- elseif (isset($_SERVER['HTTP_CLIENT_IP']) && validip($_SERVER['HTTP_CLIENT_IP']))
- {
- $ip = $_SERVER['HTTP_CLIENT_IP'];
- }
- else
- {
- $ip = $_SERVER['REMOTE_ADDR'];
- }
- }
- else
- {
- if (getenv('HTTP_X_FORWARDED_FOR') && validip(getenv('HTTP_X_FORWARDED_FOR')))
- {
- $ip = getenv('HTTP_X_FORWARDED_FOR');
- }
- elseif (getenv('HTTP_CLIENT_IP') && validip(getenv('HTTP_CLIENT_IP')))
- {
- $ip = getenv('HTTP_CLIENT_IP');
- }
- else
- {
- $ip = getenv('REMOTE_ADDR');
- }
- }
- return $ip;
- }
- function db_connect ($autoclean = false)
- {
- global $FTSP_V2, $staff_pin_code;
- if (!@($GLOBALS["___mysqli_ston"] = mysqli_connect($FTSP_V2['mysqli_host'], $FTSP_V2['mysqli_user'], $FTSP_V2['mysqli_pass'], $FTSP_V2['mysqli_db'])))
- {
- switch (((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)))
- {
- case 1040:
- case 2002:
- if ($_SERVER['REQUEST_METHOD'] == "GET")
- {
- die("<html>
- <head><meta http-equiv='refresh' content='5 {$_SERVER['REQUEST_URI']}'></head>
- <body>
- <table width='100%' height='100%' border='0'>
- <tr>
- <td>
- <h3 align='center'>The Server Load is Very High at the moment. Retrying, please wait...</h3>
- </td>
- </tr>
- </table>
- </body>
- </html>");
- }
- else
- {
- die("Too many users. Please press the Refresh button in your Browser to retry.");
- }
- default:
- die('Unable to connect to the database [' . mysqli_connect_error() . ']');
- }
- }
- (mysqli_query($GLOBALS["___mysqli_ston"], "USE {$FTSP_V2['mysqli_db']}")) or die('db_connect: mysqli_select_db: ' + mysqli_connect_error());
- userlogin();
- if($FTSP_V2['$staff_pin_code'] == 'true')
- {
- update_staffcode();
- }
- if ($autoclean)
- {
- register_shutdown_function("autoclean");
- }
- }
- function userlogin()
- {
- global $FTSP_V2, $lang;
- unset($GLOBALS['CURUSER']);
- $dt = get_date_time();
- $ip = getip();
- $nip = ip2long($ip);
- $res = sql_query("SELECT *
- FROM bans
- WHERE '$nip' >= first
- AND '$nip' <= last") or sqlerr(__FILE__, __LINE__);
- if (mysqli_num_rows($res) > 0)
- {
- header("{$lang['gbl_forbidden']}");
- print("<html><body><h1>{$lang['gbl_403']}</h1>{$lang['gbl_unauth_ip']}</body></html>\n");
- die;
- }
- if (!$FTSP_V2['$site_online'] || empty($_COOKIE['uid']) || empty($_COOKIE['pass']))
- {
- return;
- }
- $id = isset($_COOKIE['uid']) ? intval($_COOKIE['uid']) : 0;
- if (!$id || strlen($_COOKIE['pass']) != 32)
- {
- return;
- }
- $res = sql_query("SELECT u.*, ann_main.subject AS curr_ann_subject, ann_main.body AS curr_ann_body, ann_main.expires AS curr_ann_expires
- FROM users AS u
- LEFT JOIN announcement_main AS ann_main ON ann_main.main_id = u.curr_ann_id
- WHERE u.id = $id AND u.enabled = 'yes' AND u.status = 'confirmed'") or sqlerr(__FILE__, __LINE__);
- $row = mysqli_fetch_array($res);
- if (!$row)
- {
- return;
- }
- $sec = hash_pad($row['secret']);
- if ($_COOKIE['pass'] !== $row['passhash'])
- {
- return;
- }
- //----- If curr_ann_id > 0 But curr_ann_body IS NULL, Then Force A Refresh -----//
- if (($row['curr_ann_id'] > 0) AND ($row['curr_ann_body'] == NULL))
- {
- $row['curr_ann_id'] = 0;
- $row['curr_ann_last_check'] = "0";
- }
- // If Elapsed > 10 Minutes, Force An Announcement Refresh. -----//
- if (($row['curr_ann_last_check'] != "0") AND ($row['curr_ann_last_check']) < (time($dt) - 600))
- {
- $row['curr_ann_last_check'] = "0";
- }
- if (($row['curr_ann_id'] == 0) AND ($row['curr_ann_last_check'] == "0"))
- { //----- Force An Immediate Check... -----//
- $query = sprintf("SELECT m.*, p.process_id FROM announcement_main AS m
- LEFT JOIN announcement_process AS p ON m.main_id = p.main_id
- AND p.user_id = %s
- WHERE p.process_id IS NULL
- OR p.status = 0
- ORDER BY m.main_id ASC
- LIMIT 1",
- sqlesc($row['id']));
- $result = sql_query($query);
- if (mysqli_num_rows($result))
- {
- //----- Main Result Set Exists -----//
- $ann_row = mysqli_fetch_assoc($result);
- $query = $ann_row['sql_query'];
- //----- Ensure It Only Selects... -----//
- if (!preg_match("/\\ASELECT.+?FROM.+?WHERE.+?\\z/", $query)) die();
- //----- The Following Line Modifies The Query To Only Return The Current User -----//
- //----- Row If The Existing Query Matches Any Attributes. -----//
- $query .= " AND u.id = " . sqlesc($row['id']) . " LIMIT 1";
- $result = sql_query($query);
- if (mysqli_num_rows($result))
- {
- //----- Announcement Valid For Member -----//
- $row['curr_ann_id'] = $ann_row['main_id'];
- //----- Create Three Row Elements To Hold Announcement Subject, Body And Expiry Date. -----//
- $row['curr_ann_subject'] = $ann_row['subject'];
- $row['curr_ann_body'] = $ann_row['body'];
- $row['curr_ann_expires'] = $ann_row['expires'];
- //----- Create Additional Set For Main UPDATE Query. -----//
- $add_set = ", curr_ann_id = " . sqlesc($ann_row['main_id']);
- $status = 2;
- }
- else
- //----- Announcement Not Valid For Member... -----//
- {
- $add_set = ", curr_ann_last_check = " . sqlesc($dt);
- $status = 1;
- }
- //----- Create Or Set Status Of Process -----//
- if ($ann_row['process_id'] === NULL)
- {
- //----- Insert Process Result Set Status = 1 (Ignore) -----//
- $query = sprintf("INSERT INTO announcement_process (main_id, user_id, status)
- VALUES (%s, %s, %s)", sqlesc($ann_row['main_id']), sqlesc($row['id']), sqlesc($status));
- }
- else
- //----- Update Process Result Set Status = 2 (Read) -----//
- {
- $query = sprintf("UPDATE announcement_process
- SET status = %s
- WHERE process_id = %s", sqlesc($status), sqlesc($ann_row['process_id']));
- }
- sql_query($query);
- }
- else
- //----- No Main Result Set. Set Last Update To Now... -----//
- {
- $add_set = ", curr_ann_last_check = " . sqlesc($dt);
- }
- unset($result);
- unset($ann_row);
- }
- $time = time();
- if ($time - $row['last_access_numb'] < 300)
- {
- $onlinetime = time() - $row['last_access_numb'];
- $userupdate[] = "onlinetime = onlinetime + " . sqlesc($onlinetime);
- }
- //----- Start Hide Staff IP Address by Fireknight -----//
- if ($row['class'] >= UC_MODERATOR)
- {
- $ip = '127.0.0.1';
- }
- //----- End Hide Staff IP Address by Fireknight -----//
- $add_set = (isset($add_set))?$add_set:'';
- $userupdate[] = "last_access_numb = " . sqlesc($time);
- $userupdate[] = "last_access = " . sqlesc($dt);
- $userupdate[] = "ip = " . sqlesc($ip) . $add_set;
- sql_query("UPDATE users
- SET " . implode(", ", $userupdate) . "
- WHERE id = {$row['id']}");
- $row['ip'] = $ip;
- //----- Start Temp Demote By Retro 1 of 3 -----//
- if ($row['override_class'] < $row['class'])
- {
- $row['class'] = $row['override_class']; //----- Override Class And Save In Global Array Below. -----//
- }
- //----- Finish Temp Demote By Retro 1 of 3 -----//
- $GLOBALS['CURUSER'] = $row;
- }
- function update_staffcode()
- {
- global $FTSP_V2;
- $now = time();
- $res = sql_query("SELECT value_u
- FROM avps
- WHERE arg = 'lastcleantime'");
- $row = mysqli_fetch_array($res);
- $update = $row[0];
- if ($update + $FTSP_V2['$autoclean_interval'] > $now)
- {
- //----- Do Nothing -----//
- }
- else
- {
- staffcode(true);
- }
- }
- function autoclean()
- {
- global $FTSP_V2;
- $now = time();
- $docleanup = 0;
- $res = sql_query("SELECT value_u
- FROM avps
- WHERE arg = 'lastcleantime'");
- $row = mysqli_fetch_array($res);
- if (!$row)
- {
- sql_query("INSERT INTO avps (arg, value_u)
- VALUES ('lastcleantime', $now)");
- return;
- }
- $ts = $row[0];
- if ($ts + $FTSP_V2['$autoclean_interval'] > $now)
- {
- return;
- }
- sql_query("UPDATE avps
- SET value_u = $now
- WHERE arg = 'lastcleantime'
- AND value_u = $ts");
- if (mysqli_affected_rows($GLOBALS["___mysqli_ston"]))
- {
- return;
- }
- docleanup(true);
- }
- function unesc($x)
- {
- if (get_magic_quotes_gpc())
- {
- return stripslashes($x);
- }
- return $x;
- }
- function mksize($bytes)
- {
- $bytes = max(0, $bytes);
- //----- Kilobytes 1024^1 -----//
- if ($bytes < 1024000)
- {
- return number_format($bytes / 1024, 2) . ' KB';
- }
- //----- Megabytes 1024^2 -----//
- elseif ($bytes < 1048576000)
- {
- return number_format($bytes / 1048576, 2) . ' MB';
- }
- //----- Gigebytes 1024^3 -----//
- elseif ($bytes < 1073741824000)
- {
- return number_format($bytes / 1073741824, 2) . ' GB';
- }
- //----- Terabytes 1024^4 -----//
- elseif ($bytes < 1099511627776000)
- {
- return number_format($bytes / 1099511627776, 3) . ' TB';
- }
- //----- Petabytes 1024^5 -----//
- elseif ($bytes < 1125899906842624000)
- {
- return number_format($bytes / 1125899906842624, 3) . ' PB';
- }
- //----- Exabytes 1024^6 -----//
- elseif ($bytes < 1152921504606846976000)
- {
- return number_format($bytes / 1152921504606846976, 3) . ' EB';
- }
- //----- Zettabyres 1024^7 -----//
- elseif ($bytes < 1180591620717411303424000)
- {
- return number_format($bytes / 1180591620717411303424, 3) . ' ZB';
- }
- //----- Yottabytes 1024^8 -----//
- else
- {
- return number_format($bytes / 1208925819614629174706176, 3) . ' YB';
- }
- }
- function mksizeint($bytes)
- {
- $bytes = max(0, $bytes);
- if ($bytes < 1000)
- {
- return floor($bytes) . " B";
- }
- elseif ($bytes < 1000 * 1024)
- {
- return floor($bytes / 1024) . " kB";
- }
- elseif ($bytes < 1000 * 1048576)
- {
- return floor($bytes / 1048576) . " MB";
- }
- elseif ($bytes < 1000 * 1073741824)
- {
- return floor($bytes / 1073741824) . " GB";
- }
- else
- {
- return floor($bytes / 1099511627776) . " TB";
- }
- }
- function deadtime()
- {
- global $FTSP_V2;
- return time() - floor($FTSP_V2['$announce_interval'] * 1.3);
- }
- function mkprettytime($s)
- {
- if ($s < 0)
- {
- $s = 0;
- }
- $t = array();
- foreach (array("60:sec",
- "60:min",
- "24:hour",
- "0:day")
- AS
- $x)
- {
- $y = explode(":", $x);
- if ($y[0] > 1)
- {
- $v = $s % $y[0];
- $s = floor($s / $y[0]);
- }
- else
- {
- $v = $s;
- }
- $t[$y[1]] = $v;
- }
- if ($t['day'])
- {
- return $t['day'] . "d " . sprintf("%02d:%02d:%02d", $t['hour'], $t['min'], $t['sec']);
- }
- if ($t['hour'])
- {
- return sprintf("%d:%02d:%02d", $t['hour'], $t['min'], $t['sec']);
- }
- return sprintf("%d:%02d", $t['min'], $t['sec']);
- }
- function mkglobal($vars)
- {
- if (!is_array($vars))
- {
- $vars = explode(":", $vars);
- }
- foreach ($vars
- AS
- $v)
- {
- if (isset($_GET[$v]))
- {
- $GLOBALS[$v] = unesc($_GET[$v]);
- }
- elseif (isset($_POST[$v]))
- {
- $GLOBALS[$v] = unesc($_POST[$v]);
- }
- else
- {
- return 0;
- }
- }
- return 1;
- }
- function validfilename($name)
- {
- return preg_match('/^[^\0-\x1f:\\\\\/?*\xff#<>|]+$/si', $name);
- }
- function validemail($email)
- {
- return preg_match('/^[\w.-]+@([\w.-]+\.)+[a-z]{2,6}$/is', $email);
- }
- function sqlesc($x)
- {
- return "'" . ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $x) : ((trigger_error("[Err", E_USER_ERROR)) ? "" : "")) . "'";
- }
- function sqlwildcardesc ($x)
- {
- return str_replace(array("%",
- "_"), array("\\%",
- "\\_"), ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $x) : ((trigger_error("", E_USER_ERROR)) ? "" : "")));
- }
- function urlparse($m)
- {
- $t = $m[0];
- if (preg_match(',^\w+://,', $t))
- {
- return "<a href='$t'>$t</a>";
- }
- return "<a href='http://$t'>$t</a>";
- }
- function parsedescr($d, $html)
- {
- if (!$html)
- {
- $d = htmlspecialchars($d);
- $d = str_replace("\n", "\n<br />", $d);
- }
- return $d;
- }
- function site_header ($title = "", $msgalert = true)
- {
- global $FTSP_V2, $CURUSER, $FREETSP;
- $ss_uri = "";
- $lang = load_language('func_main');
- if (!$FTSP_V2['$site_online'])
- {
- die("{$lang['err_site_down']}<br />");
- }
- if ($title == "")
- {
- $title = $FTSP_V2['$site_name'] . (isset($_GET['ftsp']) ? " (" . FTSP . " $curversion)" : '');
- }
- else
- {
- $title = $FTSP_V2['$site_name'] . (isset($_GET['ftsp']) ? " (" . FTSP . " $curversion)" : '') . " :: " . htmlspecialchars($title);
- }
- if ($CURUSER)
- {
- $ss_a = @mysqli_fetch_array(sql_query("SELECT uri
- FROM stylesheets
- WHERE id = {$CURUSER['stylesheet']}
- AND active = 'yes'"));
- if ($ss_a)
- {
- $ss_uri = $ss_a['uri'];
- }
- }
- if (!$ss_uri)
- {
- ($r = sql_query("SELECT uri
- FROM stylesheets
- WHERE id = 1")) or die(mysqli_error());
- ($a = mysqli_fetch_array($r)) or die(mysqli_error());
- $ss_uri = $a['uri'];
- }
- if (!stripos($_SERVER['REQUEST_URI'], 'setpin.php') && !stripos($_SERVER['REQUEST_URI'], 'helpdesk.php') && !stripos($_SERVER['REQUEST_URI'], 'takelogin.php')){
- notset();}
- if (!stripos($_SERVER['REQUEST_URI'], 'helpdesk.php')&& !stripos($_SERVER['REQUEST_URI'], 'messages.php')){
- locked();}
- if ($msgalert && $CURUSER)
- {
- $res = sql_query("SELECT COUNT(id)
- FROM messages
- WHERE receiver = {$CURUSER['id']} && unread = 'yes'") or die("{$lang['err_oops']}");
- $arr = mysqli_fetch_row($res);
- $unread = $arr[0];
- }
- if ($CURUSER)
- {
- $FREETSP['language'] = isset($CURUSER['language']) ? "{$CURUSER['language']}" : $FREETSP['language'];
- }
- require_once(STYLES_DIR . $ss_uri . DIRECTORY_SEPARATOR . 'theme_function.php');
- require_once(STYLES_DIR . $ss_uri . DIRECTORY_SEPARATOR . 'site_header.php');
- global $lang;
- //----- Start Temp Demote By Retro 2 of 3 -----//
- if ($CURUSER['override_class'] != 255 && $CURUSER) //----- Second Condition Needed So That This Box Is Not Displayed For Non Members/logged Out Members -----//
- {
- //-- To Display 'HERE' As A Buton --//
- temp_demote_message("warn",
- "{$lang['gbl_warning']}",
- "{$lang['gbl_text_run_low']}<a class='btn' href='{$FTSP_V2['$site_url']}/restoreclass.php'><strong>{$lang['gbl_text_here']}</strong></a>
- {$lang['gbl_text_restore']}");
- //----- To Display 'HERE' As A Link -----//
- /*
- temp_demote_message("warn",
- "{$lang['gbl_warning']}",
- "{$lang['gbl_text_run_low']}<a class='altlink_notice' href='{$FTSP_V2['$site_url']}/restoreclass.php'><strong>{$lang['gbl_text_here']}</strong></a>
- {$lang['gbl_text_restore']}");
- */
- }
- //----- Finish Temp Demote By Retro 2 of 3 -----//
- if (isset($unread) && !empty($unread))
- {
- //-- Uncomment To Use The Old Style PM Notification --//
- /*
- print("<table border='0' cellspacing='0' cellpadding='10'>
- <tr>
- <td class='old_pm_bg'>\n
- <a href='{$FTSP_V2['$site_url']}/messages.php'>
- <span class='old_pm_text'>{$lang['gbl_text_you_have']}$unread{$lang['gbl_text_msg']}" . ($unread > 1 ? "{$lang['gbl_text_msg_1']}" : "") . "!
- </span>
- </a>
- </td>
- </tr>
- </table>\n");
- */
- //-- Comment Out To Use The Old Style PM Notification --//
- //----- To Change the Color of class='emphasis' in css/notifications.css -----//
- print("<div align='center'>
- <div class='silver mail round small inset'>
- <p>
- <strong>{$lang['gbl_text_mail']}</strong><br />
- <a href='{$FTSP_V2['$site_url']}/messages.php'> <span class='emphasis'>{$lang['gbl_text_you_have']}$unread{$lang['gbl_text_msg']}" . ($unread > 1 ? "{$lang['gbl_text_msg_1']}" : "") . "</span>
- </a>
- </p>
- <div class='shadow-out'></div>
- </div>
- </div><br />");
- }
- //----- Start Announcement Message Display -----//
- $res = sql_query("SELECT created
- FROM announcement_main
- WHERE 1 = 1");
- while ($arr = mysqli_fetch_assoc($res))
- if ($arr['created'] >= $CURUSER['added'])
- {
- $ann_subject = trim($CURUSER['curr_ann_subject']);
- $ann_body = trim($CURUSER['curr_ann_body']);
- $ann_expires = trim($CURUSER['curr_ann_expires']);
- if ((!empty($ann_subject)) AND (!empty($ann_body)))
- {
- //----- Uncomment To Use Basic Square Announcement Box -----//
- /*
- print("<table border='1' width='600' cellspacing='0' cellpadding='5'>
- <tr>
- <td class='colhead' align='center'>
- <span class='announcement'>{$lang['gbl_table_announcement']} :-
- $ann_subject
- </span>
- </td>
- </tr>
- <tr>
- <td class='rowhead'>" . format_comment($ann_body) . "
- <br /><hr />
- {$lang['gbl_table_expire']}:- $ann_expires :-
- (" . mkprettytime(strtotime($ann_expires) - gmtime()) . "{$lang['gbl_table_to_go']})
- <br /><hr />
- {$lang['gbl_table_click']}
- <a href='{$FTSP_V2['$site_url']}/clear_announcement.php'><strong>{$lang['gbl_table_here']}</strong></a>{$lang['gbl_table_clear']}
- </td>
- </tr>
- </table>");
- */
- //----- Comment Out To Use A Different Announcement Box -----//
- print("<div align='center'>
- <div class='silver box tip inset'>
- <p><strong>
- <span class='olive round inset'>{$lang['gbl_table_announcement']} :- $ann_subject</span>
- </strong>
- <br /><strong>" . format_comment($ann_body) . "</strong>
- </p><hr />
- <span class='emphasis'>{$lang['gbl_table_expire']}:- $ann_expires :-
- (" . mkprettytime(strtotime($ann_expires) - gmtime()) . "{$lang['gbl_table_to_go']})</span>
- <br /><hr />
- <div class='medium'>
- <a class='btn' href='{$FTSP_V2['$site_url']}/clear_announcement.php'>{$lang['gbl_table_click']}{$lang['gbl_table_here']}{$lang['gbl_table_clear']}</a>
- </div>
- <div class='shadow-out'></div>
- </div>
- </div><br />");
- //----- Uncomment To Use New Square Announcement Box -----//
- /*
- print("<div align='center'>
- <div class='silver box inset'>
- <div align='center'>
- <img src='css/icons/tip.png' width='48' height='48' border='0' alt='' title='' />
- </div>
- <p><strong>
- <span class='olive round inset'>{$lang['gbl_table_announcement']} :- $ann_subject</span></strong>
- <br /><strong>" . format_comment($ann_body) . "</strong>
- </p><hr />
- <span class='emphasis'>{$lang['gbl_table_expire']}:- $ann_expires :-
- (" . mkprettytime(strtotime($ann_expires) - gmtime()) . "{$lang['gbl_table_to_go']})</span>
- <br /><hr />
- <div class='medium'>
- <a class='btn' href='{$FTSP_V2['$site_url']}/clear_announcement.php'>{$lang['gbl_table_click']}{$lang['gbl_table_here']}{$lang['gbl_table_clear']}</a>
- </div>
- <div class='shadow-out'></div>
- </div>
- </div><br />");
- */
- site_footer();
- die();
- }
- }
- //----- Finish Announcement Message Display -----//
- }
- function site_footer()
- {
- global $FTSP_V2, $CURUSER, $FREETSP;
- $ss_uri="";
- if ($CURUSER)
- {
- $ss_a = @mysqli_fetch_array(sql_query("SELECT uri
- FROM stylesheets
- WHERE id = {$CURUSER['stylesheet']}"));
- if ($ss_a)
- {
- $ss_uri = $ss_a['uri'];
- }
- }
- if (!$ss_uri)
- {
- ($r = sql_query("SELECT uri
- FROM stylesheets
- WHERE id = 1")) or die(mysqli_error());
- ($a = mysqli_fetch_array($r)) or die(mysqli_error());
- $ss_uri = $a['uri'];
- }
- require_once(STYLES_DIR . $ss_uri . DIRECTORY_SEPARATOR . 'theme_function.php');
- require_once(STYLES_DIR . $ss_uri . DIRECTORY_SEPARATOR . 'site_footer.php');
- }
- /*function mksecret($len = 20)
- {
- $ret = "";
- for ($i = 0;
- $i < $len;
- $i++)
- {
- $ret .= chr(mt_rand(0, 255));
- }
- return $ret;
- }*/
- function mksecret($len = 20)
- {
- $ret = "";
- $chars = 'qwertyuiopasdfghjklzxcvbnm0123456789QWERTYUIOPASDFGHJKLZXCVBNM';
- $num = strlen($chars);
- for ($i = 0;
- $i < $len;
- $i++)
- {
- $char = mt_rand(0, $num - 1);
- $ret .= $chars[$char];
- }
- return $ret;
- }
- function httperr($code = 404)
- {
- global $lang;
- header("{$lang['gbl_404']}");
- print("<h1>{$lang['gbl_not_found']}</h1>\n");
- print("<p>{$lang['gbl_sorry']}</p>\n");
- exit();
- }
- function gmtime()
- {
- return strtotime(get_date_time());
- }
- function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff)
- {
- setcookie("uid", $id, $expires, "/");
- setcookie("pass", $passhash, $expires, "/");
- if ($updatedb)
- {
- sql_query("UPDATE users
- SET last_login = NOW()
- WHERE id = $id");
- }
- }
- function logoutcookie()
- {
- setcookie("uid", "", 0x7fffffff, "/");
- setcookie("pass", "", 0x7fffffff, "/");
- }
- function logged_in()
- {
- global $CURUSER, $FTSP_V2;
- if (!$CURUSER)
- {
- header("Location: {$FTSP_V2['$site_url']}/login.php?returnto=" . urlencode($_SERVER['REQUEST_URI']));
- exit();
- }
- }
- function status_change($id)
- {
- sql_query("UPDATE announcement_process
- SET status = 0
- WHERE user_id = " . sqlesc($id) . "
- AND status = 1");
- }
- function hashit($var, $addtext = "")
- {
- //----- I Would Suggest That You Change The Literal Text To Something That Only You Know (unique For Each Community Installing This Function). -----//
- return md5("This Text " . $addtext . $var . $addtext . " is added to muddy the water...");
- }
- //----- Returns The Current Time In GMT In MySQL Compatible Format. -----//
- function get_date_time($timestamp = 0)
- {
- if ($timestamp)
- {
- return date("Y-m-d H:i:s", $timestamp);
- }
- else
- {
- return gmdate("Y-m-d H:i:s");
- }
- }
- function sqlerr($file = '', $line = '')
- {
- global $lang;
- error_message("error",
- "{$lang['gbl_sql_error']}",
- "" . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . ($file != '' && $line != '' ? "in $file, line $line" : "") . "");
- }
- /*function charset()
- {
- global $CURUSER, $FREETSP;
- $lang_charset = $CURUSER['language'];
- switch ($lang_charset)
- {
- case ($lang_charset == 2):
- return "ISO-8859-1";
- case ($lang_charset == 3):
- return "ISO-8859-15";
- default:
- return "UTF-8";
- }
- }*/
- function load_language($file = '')
- {
- $lang="";
- global $CURUSER, $FREETSP;
- if (!isset($GLOBALS['CURUSER']) OR empty($GLOBALS['CURUSER']['language']))
- {
- if (!file_exists(LANG_DIR . "{$FREETSP['language']}/lang_{$file}.php"))
- {
- error_message_center("error",
- "Error",
- "Can\'t Find Language Files");
- }
- require_once (LANG_DIR . "{$FREETSP['language']}/lang_{$file}.php");
- return $lang;
- }
- if (!file_exists(LANG_DIR . "{$CURUSER['language']}/lang_{$file}.php"))
- {
- error_message_center("error",
- "Error",
- "Can\'t Find Language Files");
- }
- else
- {
- require_once LANG_DIR . "{$CURUSER['language']}/lang_{$file}.php";
- }
- return $lang;
- }
- //----- Coldfusion Tbdev -----//
- function htmlsafechars($txt = '')
- {
- $txt = preg_replace("/&(?!#[0-9]+;)(?:amp;)?/s", '&', $txt);
- $txt = str_replace(array("<",
- ">",
- '"',
- "'"
- ) , array("<",
- ">",
- """,
- '''
- ) ,
- $txt);
- return $txt;
- }
- //----- SQL Query Count -----//
- $qtme['querytime'] = 0;
- function sql_query($querytme)
- {
- global $queries, $qtme, $querytime, $query_stat;
- $qtme = isset($qtme) && is_array($qtme) ? $qtme : array();
- $qtme['query_stat'] = isset($qtme['query_stat']) && is_array($qtme['query_stat']) ? $qtme['query_stat'] : array();
- $queries++;
- $query_start_time = microtime(true); //----- Start Time -----//
- $result = mysqli_query($GLOBALS["___mysqli_ston"], $querytme);
- $query_end_time = microtime(true); //----- End Time -----//
- $query_time = ($query_end_time - $query_start_time);
- $querytime = $querytime + $query_time;
- $qtme['querytime'] = (isset($qtme['querytime']) ? $qtme['querytime'] : 0) + $query_time;
- $query_time = substr($query_time, 0, 8);
- $qtme['query_stat'][] = array('seconds' => $query_time,
- 'query' => $querytme);
- return $result;
- }
- if (file_exists(ROOT_DIR . "install/index.php")) {
- echo("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
- \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
- <html xmlns='http://www.w3.org/1999/xhtml'>
- <head>
- <title>Warning</title>
- </head>
- <body>
- <div style='font-size : 33px; color : white; background-color : red; text-align : center;'>Even Though The Intaller Is Locked<br />For Your Sites Security Please - Delete Or Rename The Install Directory, <br />Then Refresh Your Browser.</div>
- </body>
- </html>");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement