PK
l> Upload/PK
+>% Upload/.htaccessDirectoryIndex index.php index.html
RewriteEngine On
# Pages
RewriteRule ^page/(.*)$ index.php?cstart=$1 [L]
# News Link
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$ index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6 [L]
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$ index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5 [L]
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$ engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5 [L]
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$ index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4 [L]
RewriteRule ^([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$ index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 [L]
RewriteRule ^([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$ index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 [L]
RewriteRule ^([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$ engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 [L]
RewriteRule ^([^.]+)/([0-9]+)-(.*).html(/?)+$ index.php?newsid=$2&seourl=$3&seocat=$1 [L]
RewriteRule ^page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$ index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 [L]
RewriteRule ^page,([0-9]+),([0-9]+)-(.*).html(/?)+$ index.php?newsid=$2&news_page=$1&seourl=$3 [L]
RewriteRule ^print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$ engine/print.php?news_page=$1&newsid=$2&seourl=$3 [L]
RewriteRule ^([0-9]+)-(.*).html(/?)+$ index.php?newsid=$1&seourl=$2 [L]
# Day
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$ index.php?year=$1&month=$2&day=$3 [L]
RewriteRule ^([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$ index.php?year=$1&month=$2&day=$3&cstart=$4 [L]
# Month
RewriteRule ^([0-9]{4})/([0-9]{2})(/?)+$ index.php?year=$1&month=$2 [L]
RewriteRule ^([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$ index.php?year=$1&month=$2&cstart=$3 [L]
# Year
RewriteRule ^([0-9]{4})(/?)+$ index.php?year=$1 [L]
RewriteRule ^([0-9]{4})/page/([0-9]+)(/?)+$ index.php?year=$1&cstart=$2 [L]
# Tags
RewriteRule ^tags/([^/]*)(/?)+$ index.php?do=tags&tag=$1 [L]
RewriteRule ^tags/([^/]*)/page/([0-9]+)(/?)+$ index.php?do=tags&tag=$1&cstart=$2 [L]
# Users
RewriteRule ^user/([^/]*)/rss.xml$ engine/rss.php?subaction=allnews&user=$1 [L]
RewriteRule ^user/([^/]*)(/?)+$ index.php?subaction=userinfo&user=$1 [L]
RewriteRule ^user/([^/]*)/page/([0-9]+)(/?)+$ index.php?subaction=userinfo&user=$1&cstart=$2 [L]
RewriteRule ^user/([^/]*)/news(/?)+$ index.php?subaction=allnews&user=$1 [L]
RewriteRule ^user/([^/]*)/news/page/([0-9]+)(/?)+$ index.php?subaction=allnews&user=$1&cstart=$2 [L]
RewriteRule ^user/([^/]*)/news/rss.xml(/?)+$ engine/rss.php?subaction=allnews&user=$1 [L]
# Last News
RewriteRule ^lastnews/(/?)+$ index.php?do=lastnews [L]
RewriteRule ^lastnews/page/([0-9]+)(/?)+$ index.php?do=lastnews&cstart=$1 [L]
# Catalog
RewriteRule ^catalog/([^/]*)/rss.xml$ engine/rss.php?catalog=$1 [L]
RewriteRule ^catalog/([^/]*)(/?)+$ index.php?catalog=$1 [L]
RewriteRule ^catalog/([^/]*)/page/([0-9]+)(/?)+$ index.php?catalog=$1&cstart=$2 [L]
# New Posts
RewriteRule ^newposts(/?)+$ index.php?subaction=newposts [L]
RewriteRule ^newposts/page/([0-9]+)(/?)+$ index.php?subaction=newposts&cstart=$1 [L]
# Static Pages
RewriteRule ^favorites(/?)+$ index.php?do=favorites [L]
RewriteRule ^favorites/page/([0-9]+)(/?)+$ index.php?do=favorites&cstart=$1 [L]
RewriteRule ^rules.html$ index.php?do=rules [L]
RewriteRule ^feedback.html$ index.php?do=feedback [L]
RewriteRule ^register.html$ index.php?do=register [L]
RewriteRule ^statistics.html$ index.php?do=stats [L]
RewriteRule ^addnews.html$ index.php?do=addnews [L]
RewriteRule ^rss.xml$ engine/rss.php [L]
RewriteRule ^sitemap.xml$ uploads/sitemap.xml [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^.]+)/page/([0-9]+)(/?)+$ index.php?do=cat&category=$1&cstart=$2 [L]
RewriteRule ^([^.]+)/?$ index.php?do=cat&category=$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^.]+)/rss.xml$ engine/rss.php?do=cat&category=$1 [L]
RewriteRule ^page,([0-9]+),([^/]+).html$ index.php?do=static&page=$2&news_page=$1 [L]
RewriteRule ^print:([^/]+).html$ engine/print.php?do=static&page=$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^/]+).html$ index.php?do=static&page=$1 [L]
PK
Ju>]p8 Upload/admin.php\r\n";
foreach ( $options as $value => $description ) {
$output .= "
{$metatags['title']}
HTML;
if ($config['allow_rss']) $metatags .= <<
Access Denied
!
دسترسي نداريد |
قدرت گرفته از ديتالايف انجين فارسي.
تمامي حقوق براي سيستم مديريت محتواي ديتالايف انجين محفوظ است.
|
PK
h"?ζ4 4 Upload/engine/init.phpDatalife Engine Farsi v9.3 - InstallationDatalife Engine not installed. Please run install.php (Install)" );
require_once ENGINE_DIR . '/classes/mysql.php';
require_once ENGINE_DIR . '/data/dbconfig.php';
require_once ENGINE_DIR . '/modules/functions.php';
require_once ENGINE_DIR . '/modules/gzip.php';
$Timer = new microTimer ( );
$Timer->start ();
check_xss ();
$cron = false;
$_TIME = time () + ($config['date_adjust'] * 60);
$cron_time = get_vars ( "cron" );
if (date ( "Y-m-d", $cron_time ) != date ( "Y-m-d", $_TIME )) $cron = 2;
elseif ($config['cache_count'] and (($cron_time + (3600 * 2)) < $_TIME)) $cron = 1;
if ($cron) include_once ENGINE_DIR . '/modules/cron.php';
if (isset ( $_REQUEST['year'] )) $year = intval ( $_GET['year'] ); else $year = '';
if (isset ( $_REQUEST['month'] )) $month = @$db->safesql ( strip_tags ( str_replace ( '/', '', $_GET['month'] ) ) ); else $month = '';
if (isset ( $_REQUEST['day'] )) $day = @$db->safesql ( strip_tags ( str_replace ( '/', '', $_GET['day'] ) ) ); else $day = '';
if (isset ( $_REQUEST['user'] )) $user = @$db->safesql ( strip_tags ( str_replace ( '/', '', urldecode ( $_GET['user'] ) ) ) ); else $user = '';
if (isset ( $_REQUEST['news_name'] )) $news_name = @$db->safesql ( strip_tags ( str_replace ( '/', '', $_GET['news_name'] ) ) ); else $news_name = '';
if (isset ( $_REQUEST['newsid'] )) $newsid = intval ( $_GET['newsid'] ); else $newsid = 0;
if (isset ( $_REQUEST['cstart'] )) $cstart = intval ( $_GET['cstart'] ); else $cstart = 0;
if (isset ( $_REQUEST['news_page'] )) $news_page = intval ( $_GET['news_page'] ); else $news_page = 0;
if (isset ( $_REQUEST['catalog'] )) $catalog = @$db->safesql ( substr ( strip_tags ( str_replace ( '/', '', urldecode ( $_GET['catalog'] ) ) ), 0, 3 ) ); else $catalog = '';
if (isset ( $_REQUEST['category'] )) {
if (substr ( $_GET['category'], - 1, 1 ) == '/') $_GET['category'] = substr ( $_GET['category'], 0, - 1 );
$category = explode ( '/', $_GET['category'] );
$category = end ( $category );
$category = $db->safesql ( strip_tags ( $category ) );
} else $category = '';
$PHP_SELF = $config['http_home_url'] . "index.php";
$pm_alert = "";
$ajax = "";
$allow_comments_ajax = false;
$_DOCUMENT_DATE = false;
$user_query = "";
$js_array = array ();
$metatags = array (
'title' => $config['home_title'],
'description' => $config['description'],
'keywords' => $config['keywords'],
'header_title' => "" );
$user_group = get_vars ( "usergroup" );
if (! $user_group) {
$user_group = array ();
$db->query ( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row () ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = stripslashes($value);
}
}
set_vars ( "usergroup", $user_group );
$db->free ();
}
$cat_info = get_vars ( "category" );
if (! is_array ( $cat_info )) {
$cat_info = array ();
$db->query ( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row () ) {
$cat_info[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$cat_info[$row['id']][$key] = stripslashes ( $value );
}
}
set_vars ( "category", $cat_info );
$db->free ();
}
$banned_info = get_vars ( "banned" );
if (! is_array ( $banned_info )) {
$banned_info = array ();
$db->query ( "SELECT * FROM " . USERPREFIX . "_banned" );
while ( $row = $db->get_row () ) {
if ($row['users_id']) {
$banned_info['users_id'][$row['users_id']] = array (
'users_id' => $row['users_id'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
} else {
if (count ( explode ( ".", $row['ip'] ) ) == 4)
$banned_info['ip'][$row['ip']] = array (
'ip' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date']
);
elseif (strpos ( $row['ip'], "@" ) !== false)
$banned_info['email'][$row['ip']] = array (
'email' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
else $banned_info['name'][$row['ip']] = array (
'name' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
}
}
set_vars ( "banned", $banned_info );
$db->free ();
}
$category_skin = "";
if ($category != '') $category_id = get_ID ( $cat_info, $category );
else $category_id = false;
if ($category_id) $category_skin = $cat_info[$category_id]['skin'];
if ($news_name != '' or $newsid) {
$allow_sql_skin = false;
foreach ( $cat_info as $cats ) {
if ($cats['skin'] != '') $allow_sql_skin = true;
}
if ($allow_sql_skin) {
if (! $newsid) $sql_skin = $db->super_query ( "SELECT category FROM " . PREFIX . "_post where month(date) = '$month' AND year(date) = '$year' AND dayofmonth(date) = '$day' AND alt_name ='$news_name'" );
else $sql_skin = $db->super_query ( "SELECT category FROM " . PREFIX . "_post where id = '$newsid' AND approve" );
$base_skin = explode ( ',', $sql_skin['category'] );
$category_skin = $cat_info[$base_skin[0]]['skin'];
unset ( $sql_skin );
unset ( $base_skin );
}
}
if (isset($_GET['do']) AND $_GET['do'] == "static") {
$name = $db->safesql ( $_GET['page'] );
$static_result = $db->super_query ( "SELECT * FROM " . PREFIX . "_static WHERE name='$name'" );
$category_skin = $static_result['template_folder'];
}
if ($category_skin != "") {
$category_skin = trim( totranslit($category_skin, false, false) );
if ($category_skin != '' AND @is_dir ( ROOT_DIR . '/templates/' . $category_skin )) {
$config['skin'] = $category_skin;
}
} elseif (isset ( $_REQUEST['action_skin_change'] )) {
$_REQUEST['skin_name'] = trim( totranslit($_REQUEST['skin_name'], false, false) );
if ($_REQUEST['skin_name'] != '' AND @is_dir ( ROOT_DIR . '/templates/' . $_REQUEST['skin_name'] ) ) {
$config['skin'] = $_REQUEST['skin_name'];
set_cookie ( "dle_skin", $_REQUEST['skin_name'], 365 );
}
} elseif (isset ( $_COOKIE['dle_skin'] ) ) {
$_COOKIE['dle_skin'] = trim( totranslit($_COOKIE['dle_skin'], false, false) );
if ($_COOKIE['dle_skin'] != '' AND @is_dir ( ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'] )) {
$config['skin'] = $_COOKIE['dle_skin'];
}
}
if (isset ( $config["lang_" . $config['skin']] ) and $config["lang_" . $config['skin']] != '') {
if ( file_exists( ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng' ) ) {
include_once ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng';
} else die("Language file not found");
} else {
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
}
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
$smartphone_detected = false;
if( isset( $_REQUEST['action'] ) and $_REQUEST['action'] == "mobiledisable" ) $_SESSION['mobile_disable'] = 1;
if( isset( $_REQUEST['action'] ) and $_REQUEST['action'] == "mobile" ) { $_SESSION['mobile_enable'] = 1; $_SESSION['mobile_disable'] = 0;}
if( !isset( $_SESSION['mobile_disable'] ) ) $_SESSION['mobile_disable'] = 0;
if( !isset( $_SESSION['mobile_enable'] ) ) $_SESSION['mobile_enable'] = 0;
if ( $config['allow_smartphone'] AND !$_SESSION['mobile_disable'] ) {
if ( check_smartphone() ) {
if ( @is_dir ( ROOT_DIR . '/templates/smartphone' ) ) {
$config['skin'] = "smartphone";
$smartphone_detected = true;
$config['allow_comments_wysiwyg'] = "no";
}
}
}
require_once ENGINE_DIR . '/classes/templates.class.php';
$tpl = new dle_template ( );
$tpl->dir = ROOT_DIR . '/templates/' . $config['skin'];
define ( 'TEMPLATE_DIR', $tpl->dir );
if (isset ( $_POST['set_new_sort'] ) and $config['allow_change_sort']) {
$allowed_sort = array (
'date',
'rating',
'news_read',
'comm_num',
'title' );
$find_sort = str_replace ( ".", "", totranslit ( $_POST['set_new_sort'] ) );
$direction_sort = str_replace ( ".", "", totranslit ( $_POST['set_direction_sort'] ) );
if (in_array ( $_POST['dlenewssortby'], $allowed_sort )) {
if ($_POST['dledirection'] == "desc" or $_POST['dledirection'] == "asc") {
$_SESSION[$find_sort] = $_POST['dlenewssortby'];
$_SESSION[$direction_sort] = $_POST['dledirection'];
$_SESSION['dle_no_cache'] = "1";
}
}
}
if ($config['allow_registration'] == "yes") {
include_once ENGINE_DIR . '/modules/sitelogin.php';
if ( isset( $banned_info['ip'] ) ) $blockip = check_ip ( $banned_info['ip'] ); else $blockip = false;
if (($is_logged AND $member_id['banned'] == "yes") OR $blockip) include_once ENGINE_DIR . '/modules/banned.php';
if ($is_logged) {
set_cookie ( "dle_newpm", $member_id['pm_unread'], 365 );
if ($member_id['pm_unread'] > intval ( $_COOKIE['dle_newpm'] ) AND !$smartphone_detected) {
include_once ENGINE_DIR . '/modules/pm_alert.php';
}
}
if ($is_logged and $user_group[$member_id['user_group']]['time_limit']) {
if ($member_id['time_limit'] != "" and (intval ( $member_id['time_limit'] ) < $_TIME)) {
$db->query ( "UPDATE " . USERPREFIX . "_users set user_group='{$user_group[$member_id['user_group']]['rid']}', time_limit='' WHERE user_id='$member_id[user_id]'" );
$member_id['user_group'] = $user_group[$member_id['user_group']]['rid'];
}
}
}
if (!$is_logged) $member_id['user_group'] = 5;
$tpl->load_template( 'login.tpl' );
$tpl->set( '{registration-link}', $PHP_SELF . "?do=register" );
$tpl->set( '{lostpassword-link}', $PHP_SELF . "?do=lostpassword" );
$tpl->set( '{logout-link}', $PHP_SELF . "?action=logout" );
$tpl->set( '{admin-link}', $config['http_home_url'] . $config['admin_path'] . "?mod=main" );
$tpl->set( '{login}', $member_id['name'] );
$tpl->set( '{pm-link}', $PHP_SELF . "?do=pm" );
$tpl->set( '{new-pm}', $member_id['pm_unread'] );
$tpl->set( '{all-pm}', $member_id['pm_all'] );
if( $user_group[$member_id['user_group']]['icon'] ) $tpl->set( '{group-icon}', "" );
else $tpl->set( '{group-icon}', "" );
if ($member_id['favorites']) {
$tpl->set( '{favorite-count}', count(explode("," ,$member_id['favorites'])) );
}
else $tpl->set( '{favorite-count}', '0' );
if( $member_id['foto'] ) $tpl->set( '{foto}', $config['http_home_url'] . "uploads/fotos/" . $member_id['foto'] );
else $tpl->set( '{foto}', "{THEME}/images/noavatar.png" );
if ( $user_group[$member_id['user_group']]['allow_admin'] ) {
$tpl->set( '[admin-link]', "" );
$tpl->set( '[/admin-link]', "" );
} else {
$tpl->set_block( "'\\[admin-link\\](.*?)\\[/admin-link\\]'si", "" );
}
if ($config['allow_alt_url'] == "yes") {
$tpl->set( '{profile-link}', $config['http_home_url'] . "user/" . urlencode ( $member_id['name'] ) . "/" );
$tpl->set( '{stats-link}', $config['http_home_url'] . "statistics.html" );
$tpl->set( '{addnews-link}', $config['http_home_url'] . "addnews.html" );
$tpl->set( '{favorites-link}', $config['http_home_url'] . "favorites/" );
$tpl->set( '{newposts-link}', $config['http_home_url'] . "newposts/" );
} else {
$tpl->set( '{profile-link}', $PHP_SELF . "?subaction=userinfo&user=" . urlencode ( $member_id['name'] ) );
$tpl->set( '{stats-link}', $PHP_SELF . "?do=stats" );
$tpl->set( '{addnews-link}', $PHP_SELF . "?do=addnews" );
$tpl->set( '{favorites-link}', $PHP_SELF . "?do=favorites" );
$tpl->set( '{newposts-link}', $PHP_SELF . "?subaction=newposts" );
}
$tpl->compile( 'login_panel' );
$tpl->clear();
if ($config['site_offline'] == "yes") include_once ENGINE_DIR . '/modules/offline.php';
if ($config['rss_informer']) include_once ENGINE_DIR . '/modules/rssinform.php';
require_once ROOT_DIR . '/engine/engine.php';
if ($config['allow_votes'] == "yes") include_once ENGINE_DIR . '/modules/vote.php';
if ( !defined('BANNERS') ) {
if ($config['allow_banner']) include_once ENGINE_DIR . '/modules/banners.php';
}
if ($config['allow_tags']) include_once ENGINE_DIR . '/modules/tagscloud.php';
?>PK
R>Rsq q Upload/engine/opensearch.phpdir = ROOT_DIR . '/templates';
define( 'TEMPLATE_DIR', $tpl->dir );
$tpl->load_template( 'opensearch.tpl' );
$tpl->set( '{path}', $config['http_home_url'] );
$tpl->compile( 'main' );
header( 'Content-type: application/xml' );
echo $tpl->result['main'];
?>PK
?V6 6 Upload/engine/preview.phpquery ( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row () ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}
}
set_vars ( "usergroup", $user_group );
$db->free ();
}
if( $_COOKIE['dle_skin'] ) {
$_COOKIE['dle_skin'] = trim( totranslit($_COOKIE['dle_skin'], false, false) );
if( $_COOKIE['dle_skin'] != '' AND @is_dir( ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'] ) ) {
$config['skin'] = $_COOKIE['dle_skin'];
}
}
if( $config["lang_" . $config['skin']] ) {
if ( file_exists( ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng' ) ) {
include_once ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng';
} else die("Language file not found");
} else {
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
}
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
if ($config['allow_registration'] == "yes") {
include_once ENGINE_DIR . '/modules/sitelogin.php';
}
if (!$is_logged) $member_id['user_group'] = 5;
if ( !$user_group[$member_id['user_group']]['allow_html'] ) {
$config['allow_site_wysiwyg'] = "no";
$_POST['short_story'] = strip_tags ($_POST['short_story']);
$_POST['full_story'] = strip_tags ($_POST['full_story']);
}
$tpl = new dle_template( );
$tpl->allow_php_include = false;
$tpl->dir = ROOT_DIR . '/templates/' . $config['skin'];
@header( "Cache-Control: no-cache, must-revalidate, max-age=0" );
@header( "Expires: 0" );
@header( "Content-type: text/html; charset=" . $config['charset'] );
$tpl->load_template( 'preview.css' );
echo <<
HTML;
$tpl->clear();
echo <<
HTML;
$result_cat = $db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row( $result_cat ) ) {
$cat[$row['id']] = $row['name'];
$cat_icon[$row['id']] = $row['icon'];
$cat_alt_name[$row['id']] = $row['alt_name'];
$cat_parentid[$row['id']] = $row['parentid'];
}
$db->free( $result_cat );
include_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
if( $config['allow_site_wysiwyg'] == "yes" ) {
$title = stripslashes( $parse->process( $_POST['title'] ) );
$parse->allow_code = false;
$full_story = $parse->process( $_POST['full_story'] );
$short_story = $parse->process( $_POST['short_story'] );
$full_story = $parse->BB_Parse( $full_story );
$short_story = $parse->BB_Parse( $short_story );
} else {
$full_story = $parse->process( $_POST['full_story'] );
$short_story = $parse->process( $_POST['short_story'] );
$title = stripslashes( $parse->process( $_POST['title'] ) );
$full_story = $parse->BB_Parse( $full_story, false );
$short_story = $parse->BB_Parse( $short_story, false );
}
if( is_array( $_REQUEST['catlist'] ) ) $catlist = $_REQUEST['catlist'];
else $catlist = array ();
if( ! count( $catlist ) ) {
$my_cat = "---";
$my_cat_link = "---";
} else {
$my_cat = array ();
$my_cat_link = array ();
foreach ( $catlist as $element ) {
if( $element ) {
$my_cat[] = $cat[$element];
$my_cat_link[] = "{$cat[$element]}";
}
}
$my_cat = stripslashes( implode( ', ', $my_cat ) );
$my_cat_link = stripslashes( implode( ', ', $my_cat_link ) );
}
$dle_module = "main";
if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
else $tpl->load_template('shortstory.tpl');
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
$tpl->set('[short-preview]', "");
$tpl->set('[/short-preview]', "");
$tpl->set_block("'\\[full-preview\\](.*?)\\[/full-preview\\]'si","");
$tpl->set_block("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","");
$tpl->set( '{title}', $title );
$tpl->set( '{views}', 0 );
$date = time () + ($config['date_adjust'] * 60);
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set( '[link]', "" );
$tpl->set( '[/link]', "" );
$tpl->set( '{comments-num}', 0 );
$tpl->set( '[full-link]', "" );
$tpl->set( '[/full-link]', "" );
$tpl->set( '[com-link]', "" );
$tpl->set( '[/com-link]', "" );
$tpl->set( '[day-news]', "");
$tpl->set( '[/day-news]', "");
$tpl->set( '{rating}', "" );
$tpl->set( '{author}', "--" );
$tpl->set( '{approve}', "" );
$tpl->set( '{category}', $my_cat );
$tpl->set( '{favorites}', '' );
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set( '{edit-date}', "" );
$tpl->set( '{editor}', "" );
$tpl->set( '{edit-reason}', "" );
$tpl->set_block( "'\\[edit-date\\](.*?)\\[/edit-date\\]'si", "" );
$tpl->set_block( "'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si", "" );
$tpl->set_block( "'\\[complaint\\](.*?)\\[/complaint\\]'si", "" );
if( $cat_icon[$category[0]] != "" ) {
$tpl->set( '{category-icon}', $cat_icon[$category[0]] );
} else {
$tpl->set( '{category-icon}', "{THEME}/dleimages/no_icon.gif" );
}
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
if ( $_POST['news_fixed'] ) {
$tpl->set( '[fixed]', "" );
$tpl->set( '[/fixed]', "" );
$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );
} else {
$tpl->set( '[not-fixed]', "" );
$tpl->set( '[/not-fixed]', "" );
$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
}
$tpl->set( '[mail]', "" );
$tpl->set( '[/mail]', "" );
$tpl->set( '{news-id}', "ID Unknown" );
$tpl->set( '{php-self}', $PHP_SELF );
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is", "\\2", $tpl->copy_template );
$tpl->set_block( "'\\[edit\\].*?\\[/edit\\]'si", "" );
$tpl->set_block( "'{banner_(.*?)}'si", "" );
$xfieldsaction = "templatereplacepreview";
$xfieldsinput = $tpl->copy_template;
include (ENGINE_DIR . '/inc/xfields.php');
$tpl->copy_template = $xfieldsoutput;
$tpl->set( '{short-story}', stripslashes( $short_story ) );
$tpl->set( '{full-story}', stripslashes( $full_story ) );
$tpl->copy_template = "";
$tpl->compile( 'shortstory' );
$tpl->result['shortstory'] = str_replace( "[hide]", "", str_replace( "[/hide]", "", $tpl->result['shortstory']) );
$tpl->result['shortstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['shortstory'] );
echo $tpl->result['shortstory'];
$dle_module = "showfull";
if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
else $tpl->load_template('fullstory.tpl');
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
$tpl->copy_template = str_replace('[full-preview]', "", $tpl->copy_template);
$tpl->copy_template = str_replace('[/full-preview]', "", $tpl->copy_template);
$tpl->copy_template = preg_replace("'\\[short-preview\\](.*?)\\[/short-preview\\]'si","", $tpl->copy_template);
$tpl->copy_template = preg_replace("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","", $tpl->copy_template);
if( strlen( $full_story ) < 13 AND strpos( $tpl->copy_template, "{short-story}" ) === false ) {
$full_story = $short_story;
}
$tpl->set( '{title}', $title );
$tpl->set( '{views}', 0 );
$tpl->set( '{poll}', '' );
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set( '[link]', "" );
$tpl->set( '[/link]', "" );
$tpl->set( '{comments-num}', 0 );
$tpl->set( '[full-link]', "" );
$tpl->set( '[/full-link]', "" );
$tpl->set( '[com-link]', "" );
$tpl->set( '[/com-link]', "" );
$tpl->set( '[day-news]', "");
$tpl->set( '[/day-news]', "");
$tpl->set( '{rating}', "" );
$tpl->set( '{author}', "--" );
$tpl->set( '{category}', $my_cat );
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set( '{related-news}', "" );
if( $cat_icon[$category[0]] != "" ) {
$tpl->set( '{category-icon}', $cat_icon[$category[0]] );
} else {
$tpl->set( '{category-icon}', "{THEME}/dleimages/no_icon.gif" );
}
$tpl->set( '{edit-date}', "" );
$tpl->set( '{editor}', "" );
$tpl->set( '{edit-reason}', "" );
$tpl->set_block( "'\\[edit-date\\](.*?)\\[/edit-date\\]'si", "" );
$tpl->set_block( "'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si", "" );
$tpl->set( '{pages}', '' );
$tpl->set( '{favorites}', '' );
$tpl->set( '[mail]', "" );
$tpl->set( '[/mail]', "" );
$tpl->set( '{news-id}', "ID Unknown" );
$tpl->set( '{php-self}', $PHP_SELF );
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
$tpl->set_block( "'\\[complaint\\](.*?)\\[/complaint\\]'si", "" );
if ( $_POST['news_fixed'] ) {
$tpl->set( '[fixed]', "" );
$tpl->set( '[/fixed]', "" );
$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );
} else {
$tpl->set( '[not-fixed]', "" );
$tpl->set( '[/not-fixed]', "" );
$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
}
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is", "\\2", $tpl->copy_template );
$tpl->set_block( "'\\[edit\\].*?\\[/edit\\]'si", "" );
$tpl->set( '[print-link]', "" );
$tpl->set( '[/print-link]', "" );
$tpl->set_block( "'{banner_(.*?)}'si", "" );
$xfieldsaction = "templatereplacepreview";
$xfieldsinput = $tpl->copy_template;
include (ENGINE_DIR . '/inc/xfields.php');
$tpl->copy_template = $xfieldsoutput;
$tpl->set( '{short-story}', stripslashes( $short_story ) );
$tpl->set( '{full-story}', stripslashes( $full_story ) );
$tpl->copy_template = "";
$tpl->compile( 'fullstory' );
$tpl->result['fullstory'] = str_replace( "[hide]", "", str_replace( "[/hide]", "", $tpl->result['fullstory']) );
$tpl->result['fullstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['fullstory'] );
echo $tpl->result['fullstory'];
echo <<
HTML;
?>PK
y?3 Upload/engine/print.phpdir = ROOT_DIR . '/templates';
define( 'TEMPLATE_DIR', $tpl->dir );
$cat_info = get_vars( "category" );
if( ! $cat_info ) {
$cat_info = array ();
$db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row() ) {
$cat_info[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$cat_info[$row['id']][$key] = $value;
}
}
set_vars( "category", $cat_info );
$db->free();
}
$user_group = get_vars( "usergroup" );
if( ! $user_group ) {
$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}
}
set_vars( "usergroup", $user_group );
$db->free();
}
if( ! $is_logged ) {
$member_id['user_group'] = 5;
}
$PHP_SELF = $config['http_home_url'] . "index.php";
if( isset( $_REQUEST['year'] ) ) $year = intval( $_GET['year'] );else $year = '';
if( isset( $_REQUEST['month'] ) ) $month = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['month'] ) ) ); else $month = '';
if( isset( $_REQUEST['day'] ) ) $day = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['day'] ) ) ); else $day = '';
if( isset( $_REQUEST['user'] ) ) $user = @$db->safesql( strip_tags( str_replace( '/', '', urldecode( $_GET['user'] ) ) ) ); else $user = '';
if( isset( $_REQUEST['news_name'] ) ) $news_name = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['news_name'] ) ) ); else $news_name = '';
if( isset( $_REQUEST['newsid'] ) ) $newsid = intval( $_GET['newsid'] ); else $newsid = 0;
if( isset( $_REQUEST['cstart'] ) ) $cstart = intval( $_GET['cstart'] ); else $cstart = 0;
if( isset( $_REQUEST['news_page'] ) ) $news_page = intval( $_GET['news_page'] ); else $news_page = 0;
$category = '';
if ($config['rss_informer']) include_once ENGINE_DIR . '/modules/rssinform.php';
$config['allow_cache'] = false;
$view_template = "print";
include_once ENGINE_DIR . '/engine.php';
$tpl->result['content'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['content'] );
echo $tpl->result['content'];
?>PK
0?0' Upload/engine/rss.phpdir = ROOT_DIR . '/templates';
define( 'TEMPLATE_DIR', $tpl->dir );
$cat_info = get_vars( "category" );
if( ! $cat_info ) {
$cat_info = array ();
$db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row() ) {
$cat_info[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$cat_info[$row['id']][$key] = $value;
}
}
set_vars( "category", $cat_info );
$db->free();
}
$user_group = get_vars( "usergroup" );
if( ! $user_group ) {
$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}
}
set_vars( "usergroup", $user_group );
$db->free();
}
$member_id['user_group'] = 5;
if( isset( $_REQUEST['year'] ) ) $year = intval( $_GET['year'] ); else $year = '';
if( isset( $_REQUEST['month'] ) ) $month = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['month'] ) ) ); else $month = '';
if( isset( $_REQUEST['day'] ) ) $day = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['day'] ) ) ); else $day = '';
if( isset( $_REQUEST['user'] ) ) $user = @$db->safesql( strip_tags( str_replace( '/', '', urldecode( $_GET['user'] ) ) ) ); else $user = '';
if( isset( $_REQUEST['news_name'] ) ) $news_name = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['news_name'] ) ) ); else $news_name = '';
if( isset( $_REQUEST['newsid'] ) ) $newsid = intval( $_GET['newsid'] ); else $newsid = 0;
if( isset( $_REQUEST['news_page'] ) ) $news_page = intval( $_GET['news_page'] ); else $news_page = 0;
if( isset( $_REQUEST['category'] ) ) $category = @$db->safesql( strip_tags( str_replace( '/', '', $_GET['category'] ) ) ); else $category = '';
if (isset ( $_REQUEST['catalog'] )) $catalog = @$db->safesql ( substr ( strip_tags ( str_replace ( '/', '', urldecode ( $_GET['catalog'] ) ) ), 0, 3 ) ); else $catalog = '';
if( isset( $_REQUEST['category'] ) ) {
if( substr( $_GET['category'], - 1, 1 ) == '/' ) $_GET['category'] = substr( $_GET['category'], 0, - 1 );
$category = explode( '/', $_GET['category'] );
$category = end( $category );
$category = $db->safesql( strip_tags( $category ) );
} else
$category = '';
if( $category != '' ) $category_id = get_ID( $cat_info, $category );
else $category_id = false;
$view_template = "rss";
$config['allow_cache'] = true;
$config['allow_banner'] = false;
$config['rss_number'] = intval( $config['rss_number'] );
$config['rss_format'] = intval( $config['rss_format'] );
$cstart = 0;
if ( $user ) $config['allow_cache'] = false;
if( $_GET['subaction'] == 'allnews' ) $config['home_title'] = $lang['show_user_news'] . ' ' . htmlspecialchars( $user ) . " - " . $config['home_title'];
elseif( $_GET['do'] == 'cat' ) $config['home_title'] = stripslashes( $cat_info[$category_id]['name'] ) . " - " . $config['home_title'];
$rss_content = <<
{$config['home_title']}
{$config['http_home_url']}
fa
{$config['home_title']}
DataLife Engine
XML;
if( $config['site_offline'] == "yes" or ! $config['allow_rss'] ) {
$rss_content .= <<
RSS in offline mode
RSS in offline mode
undefined
DataLife Engine
DataLife Engine
XML;
} else {
if( $config['rss_format'] == 1 ) {
$tpl->template = <<
{title}
{rsslink}
{rsslink}
{rssauthor}
{rssdate}
XML;
} elseif( $config['rss_format'] == 2 ) {
$rss_content = <<
{$config['home_title']}
{$config['http_home_url']}
fa
{$config['home_title']}
{$config['http_home_url']}yandexlogo.gif
{$config['home_title']}
{$config['http_home_url']}
DataLife Engine
XML;
$tpl->template = <<
{title}
{rsslink}
{short-story}
{category}
{rssauthor}
{rssdate}
{full-story}
XML;
} else {
$tpl->template = <<
{title}
{rsslink}
{rsslink}
{short-story}
{category}
{rssauthor}
{rssdate}
XML;
}
$tpl->copy_template = $tpl->template;
include_once ENGINE_DIR . '/engine.php';
$rss_content .= $tpl->result['content'];
}
$rss_content .= '';
header( 'Content-type: application/xml' );
echo $rss_content;
?>PK
݂> Upload/engine/ajax/PK
j?O " Upload/engine/ajax/addcomments.phpquery( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = stripslashes($value);
}
}
set_vars( "usergroup", $user_group );
$db->free();
}
//####################################################################################################################
// IP
//####################################################################################################################
$banned_info = get_vars ( "banned" );
if (! is_array ( $banned_info )) {
$banned_info = array ();
$db->query ( "SELECT * FROM " . USERPREFIX . "_banned" );
while ( $row = $db->get_row () ) {
if ($row['users_id']) {
$banned_info['users_id'][$row['users_id']] = array (
'users_id' => $row['users_id'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
} else {
if (count ( explode ( ".", $row['ip'] ) ) == 4)
$banned_info['ip'][$row['ip']] = array (
'ip' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date']
);
elseif (strpos ( $row['ip'], "@" ) !== false)
$banned_info['email'][$row['ip']] = array (
'email' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
else $banned_info['name'][$row['ip']] = array (
'name' => $row['ip'],
'descr' => stripslashes ( $row['descr'] ),
'date' => $row['date'] );
}
}
set_vars ( "banned", $banned_info );
$db->free ();
}
if( $config["lang_" . $_REQUEST['skin']] ) {
if ( file_exists( ROOT_DIR . '/language/' . $config["lang_" . $_REQUEST['skin']] . '/website.lng' ) ) {
@include_once (ROOT_DIR . '/language/' . $config["lang_" . $_REQUEST['skin']] . '/website.lng');
} else die("Language file not found");
} else {
@include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
}
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
require_once ENGINE_DIR . '/modules/sitelogin.php';
if( ! $is_logged ) {
$member_id['user_group'] = 5;
}
if ( check_ip ( $banned_info['ip'] ) ) die("error");
$tpl = new dle_template( );
$tpl->dir = ROOT_DIR . '/templates/' . $_REQUEST['skin'];
define( 'TEMPLATE_DIR', $tpl->dir );
$ajax_adds = true;
$_POST['name'] = convert_unicode( $_POST['name'], $config['charset'] );
$_POST['mail'] = convert_unicode( $_POST['mail'], $config['charset'] );
$_POST['comments'] = convert_unicode( $_POST['comments'], $config['charset'] );
require_once ENGINE_DIR . '/modules/addcomments.php';
if( $CN_HALT != TRUE ) {
include_once ENGINE_DIR . '/classes/comments.class.php';
$comments = new DLE_Comments( $db, 1, 1 );
$comments->query = "SELECT " . PREFIX . "_comments.id, post_id, " . PREFIX . "_comments.user_id, date, autor as gast_name, " . PREFIX . "_comments.email as gast_email, text, ip, is_register, name, " . USERPREFIX . "_users.email, news_num, comm_num, user_group, reg_date, signature, foto, fullname, land, icq, xfields FROM " . PREFIX . "_comments LEFT JOIN " . USERPREFIX . "_users ON " . PREFIX . "_comments.user_id=" . USERPREFIX . "_users.user_id WHERE " . PREFIX . "_comments.post_id = '$post_id' order by id DESC";
$comments->build_comments('comments.tpl', 'ajax' );
}
if( $_POST['editor_mode'] == "wysiwyg" ) {
$clear_value = "tinyMCE.execInstanceCommand('comments', 'mceSetContent', false, '', false)";
} else {
$clear_value = "form.comments.value = '';";
}
if( $CN_HALT ) {
$stop = implode( '
', $stop );
$tpl->result['content'] = "";
} else {
$tpl->result['content'] = "".$tpl->result['content']."
";
$tpl->result['content'] .= <<
var timeval = new Date().getTime();
var form = document.getElementById('dle-comments-form');
{$clear_value}
HTML;
}
$tpl->result['content'] = str_replace( '{THEME}', $config['http_home_url'] . 'templates/' . $_REQUEST['skin'], $tpl->result['content'] );
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $tpl->result['content'];
?>PK
N?wNF F $ Upload/engine/ajax/adminfunction.phpquery( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = stripslashes($value);
}
}
set_vars( "usergroup", $user_group );
$db->free();
}
if(!$user_group[$member_id['user_group']]['allow_admin'] OR ($member_id['user_group'] != 1 AND $_REQUEST['action'] != "sendnotice") ) { die ("error"); }
$selected_language = $config['langs'];
if (isset( $_COOKIE['selected_language'] )) {
$_COOKIE['selected_language'] = trim(totranslit( $_COOKIE['selected_language'], false, false ));
if ($_COOKIE['selected_language'] != "" AND @is_dir ( ROOT_DIR . '/language/' . $_COOKIE['selected_language'] )) {
$selected_language = $_COOKIE['selected_language'];
}
}
if ( file_exists( ROOT_DIR.'/language/'.$selected_language.'/adminpanel.lng' ) ) {
require_once ROOT_DIR.'/language/'.$selected_language.'/adminpanel.lng';
} else die("Language file not found");
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
$buffer = "";
@header("Content-type: text/html; charset=".$config['charset']);
if ($_REQUEST['action'] == "clearcache") {
$fdir = opendir( ENGINE_DIR . '/cache/system/' );
while ( $file = readdir( $fdir ) ) {
if( $file != '.' and $file != '..' and $file != '.htaccess' ) {
@unlink( ENGINE_DIR . '/cache/system/' . $file );
}
}
clear_cache();
$buffer = "
".$lang['clear_cache']."";
}
if ($_REQUEST['action'] == "clearsubscribe") {
$db->query("TRUNCATE TABLE " . PREFIX . "_subscribe");
$buffer = "
".$lang['clear_subscribe']."";
}
if ($_REQUEST['action'] == "sendnotice") {
$row = $db->super_query( "SELECT id FROM " . PREFIX . "_notice WHERE user_id = '{$member_id['user_id']}'" );
$notice = $db->safesql( convert_unicode($_POST['notice'], $config['charset']) );
if( $row['id'] ) {
$db->query( "UPDATE " . PREFIX . "_notice SET notice='{$notice}' WHERE user_id = '{$member_id['user_id']}'" );
} else {
$db->query( "INSERT INTO " . PREFIX . "_notice (user_id, notice) values ('{$member_id['user_id']}', '$notice')" );
}
$buffer = "
".$lang['saved']."";
}
if ($_REQUEST['action'] == "deletemodules") {
$id = intval($_REQUEST['id']);
if ( $id ) {
$db->query( "DELETE FROM " . PREFIX . "_admin_sections WHERE id = '{$id}'" );
$buffer = 'ok';
}
}
echo $buffer;
?>PK
?Ut? ? Upload/engine/ajax/allvotes.phpquery( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = stripslashes($value);
}
}
set_vars( "usergroup", $user_group );
$db->free();
}
$_REQUEST['dle_skin'] = totranslit($_REQUEST['dle_skin'], false, false);
if( $_REQUEST['dle_skin'] ) {
if( @is_dir( ROOT_DIR . '/templates/' . $_REQUEST['dle_skin'] ) ) {
$config['skin'] = $_REQUEST['dle_skin'];
}
}
if( $config["lang_" . $config['skin']] ) {
if ( file_exists( ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng' ) ) {
include_once ROOT_DIR . '/language/' . $config["lang_" . $config['skin']] . '/website.lng';
} else die("Language file not found");
} else {
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
}
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
require_once ENGINE_DIR . '/modules/sitelogin.php';
if( !$is_logged ) $member_id['user_group'] = 5;
$vote_skin = $config['skin'];
$_TIME = time () + ($config['date_adjust'] * 60);
$nick = $db->safesql($member_id['name']);
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$sql_result = $db->query( "SELECT * FROM " . PREFIX . "_vote" );
$content = "";
while ( $row = $db->get_row( $sql_result ) ) {
$title = stripslashes( $row['title'] );
$body = stripslashes( $row['body'] );
$body = explode( "
", $body );
$max = $row['vote_num'];
$db->query( "SELECT answer, count(*) as count FROM " . PREFIX . "_vote_result WHERE vote_id='{$row['id']}' GROUP BY answer" );
$answer = array ();
while ( $row1 = $db->get_row() ) {
$answer[$row1['answer']]['count'] = $row1['count'];
}
$pn = 0;
$entry = "";
$allow_vote = true;
$disable = $lang['vote_disable'];
if ($row['start'] AND $_TIME < $row['start'] ) $allow_vote = false;
if ($row['end'] AND $_TIME > $row['end'] ) $allow_vote = false;
if ( !$row['approve'] ) $allow_vote = false;
if ($user_group[$member_id['user_group']]['allow_vote']) {
if( $is_logged ) $row2 = $db->super_query( "SELECT count(*) as count FROM " . PREFIX . "_vote_result WHERE vote_id='{$row['id']}' AND name='$nick'" );
else $row2 = $db->super_query( "SELECT count(*) as count FROM " . PREFIX . "_vote_result WHERE vote_id='{$row['id']}' AND ip='$_IP'" );
if( $row2['count'] OR count( explode( ".", $_IP ) ) != 4 ) { $disable = $lang['vote_disable_1']; $allow_vote = false; }
} else { $disable = $lang['vote_not_allow']; $allow_vote = false; }
for($i = 0; $i < sizeof( $body ); $i ++) {
++ $pn;
if( $pn > 5 ) $pn = 1;
$num = $answer[$i]['count'];
if( ! $num ) $num = 0;
if( $max != 0 ) $proc = (100 * $num) / $max;
else $proc = 0;
$proc = round( $proc, 2 );
if( $i == 0 ) $sel = "checked=\"checked\"";
else $sel = "";
if ( $allow_vote )
$radio = "
";
else
$radio = " ";
$entry .= "
{$radio} | $body[$i] - $num ($proc%)
|
";
}
$entry = "
";
if ( $allow_vote ) $button = "
";
else $button = "
{$disable}";
$content .= <<
HTML;
}
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo "";
?>PK
?> > Upload/engine/ajax/antivirus.php $value) {
$filecontents[$name] = explode("|", trim($value));
$this->track_files[$filecontents[$name][0]] = $filecontents[$name][1];
}
$this->snap = true;
}
}
function scan_files( $dir, $snap = false )
{
$this->checked_folders[] = $dir . $this->dir_split . $file;
if ( $dh = @opendir( $dir ) )
{
while ( false !== ( $file = readdir($dh) ) )
{
if ( $file == '.' or $file == '..' or $file == '.svn' or $file == '.DS_store' )
{
continue;
}
if ( is_dir( $dir . $this->dir_split . $file ) )
{
if ($dir != ROOT_DIR)
$this->scan_files( $dir . $this->dir_split . $file, $snap );
}
else
{
if ($this->snap OR $snap) $templates = "|tpl|js|lng"; else $templates = "";
if ( preg_match( "#.*\.(php|cgi|pl|perl|php3|php4|php5|php6".$templates.")#i", $file ) )
{
$folder = str_replace(ROOT_DIR, ".",$dir);
$file_size = filesize($dir . $this->dir_split . $file);
$file_crc = md5_file($dir . $this->dir_split . $file);
$file_date = date("d.m.Y H:i:s", filectime($dir . $this->dir_split . $file));
if ($snap) {
$this->snap_files[] = array( 'file_path' => $folder . $this->dir_split . $file,
'file_crc' => $file_crc );
} else {
if ($this->snap) {
if ($this->track_files[$folder . $this->dir_split . $file] != $file_crc AND !in_array($folder . $this->dir_split . $file, $this->cache_files))
$this->bad_files[] = array( 'file_path' => $folder . $this->dir_split . $file,
'file_name' => $file,
'file_date' => $file_date,
'type' => 1,
'file_size' => $file_size );
} else {
if (!in_array($folder . $this->dir_split . $file, $this->good_files))
$this->bad_files[] = array( 'file_path' => $folder . $this->dir_split . $file,
'file_name' => $file,
'file_date' => $file_date,
'type' => 0,
'file_size' => $file_size );
}
}
}
}
}
}
}
}
$antivirus = new antivirus();
if ($_REQUEST['folder'] == "lokal"){
$antivirus->scan_files( ROOT_DIR."/backup" );
$antivirus->scan_files( ROOT_DIR."/engine" );
$antivirus->scan_files( ROOT_DIR."/language" );
$antivirus->scan_files( ROOT_DIR."/templates" );
$antivirus->scan_files( ROOT_DIR."/uploads" );
$antivirus->scan_files( ROOT_DIR."/upgrade" );
$antivirus->scan_files( ROOT_DIR );
} elseif ($_REQUEST['folder'] == "snap") {
$antivirus->scan_files( ROOT_DIR."/backup", true );
$antivirus->scan_files( ROOT_DIR."/engine", true );
$antivirus->scan_files( ROOT_DIR."/language", true );
$antivirus->scan_files( ROOT_DIR."/templates", true );
$antivirus->scan_files( ROOT_DIR."/uploads", true );
$antivirus->scan_files( ROOT_DIR."/upgrade", true );
$antivirus->scan_files( ROOT_DIR, true );
$filecontents = "";
foreach( $antivirus->snap_files as $idx => $data )
{
$filecontents .= $data['file_path']."|".$data['file_crc']."\r\n";
}
$filehandle = fopen(ENGINE_DIR.'/data/snap.db', "w+");
fwrite($filehandle, $filecontents);
fclose($filehandle);
@chmod(ENGINE_DIR.'/data/snap.db', 0666);
} else {
$antivirus->snap = false;
$antivirus->scan_files( ROOT_DIR."/backup" );
$antivirus->scan_files( ROOT_DIR."/engine" );
$antivirus->scan_files( ROOT_DIR."/language" );
$antivirus->scan_files( ROOT_DIR."/templates" );
$antivirus->scan_files( ROOT_DIR."/uploads" );
$antivirus->scan_files( ROOT_DIR."/upgrade" );
$antivirus->scan_files( ROOT_DIR );
}
@header("Content-type: text/html; charset=".$config['charset']);
if (count($antivirus->bad_files)) {
echo <<
{$lang['anti_result']} |
{$lang['anti_file']} |
{$lang['anti_size']} |
{$lang['addnews_date']} |
|
HTML;
foreach( $antivirus->bad_files as $idx => $data )
{
if ($data['file_size'] < 50000) $color = "
";
elseif ($data['file_size'] < 100000) $color = "";
else $color = "";
$data['file_size'] = formatsize ($data['file_size']);
if ($data['type']) $type = $lang['anti_modified']; else $type = $lang['anti_not'];
$data['file_path'] = preg_replace("/([0-9]){10}_/", "*****_", $data['file_path']);
echo <<
{$color}{$data['file_path']} |
{$color}{$data['file_size']} |
{$color}{$data['file_date']} |
{$color}{$type} |
|
HTML;
}
}
elseif ($_REQUEST['folder'] == "snap") {
echo <<
{$lang['anti_creates']} |
HTML;
}
else {
echo <<
{$lang['anti_notfound']} |
HTML;
}
echo <<
|
HTML;
?>PK
C>9\5,1 1 Upload/engine/ajax/bbcode.php
";
$smilies = explode(",", $config['smilies']);
foreach($smilies as $smile)
{
$i++; $smile = trim($smile);
$output .= " | ";
if ($i%4 == 0) $output .= "
";
}
$output .= "
";
if ($addtype == "addnews") {
$addform = "document.ajaxnews".$id;
$startform = "dleeditnews".$id;
$code = <<
HTML;
}
else {
$addform = "document.getElementById( 'dlemasscomments' )";
$startform = "dleeditcomments".$id;
if ($user_group[$member_id['user_group']]['allow_url'])
{
$url_link = "
";
}
else {$url_link = "";}
if ($user_group[$member_id['user_group']]['allow_image'])
{
$image_link = "
";
}
else $image_link = "";
$code = <<
{$url_link}
{$image_link}
HTML;
}
$script_code = @file_get_contents(ENGINE_DIR."/classes/js/bbcodes.js");
$script_code .= <<
HTML;
$bb_code = <<
" ) !== false ) {
$tpl->result['content'] = str_replace ( "", $tpl->result['comments'], $tpl->result['content'] );
} else {
$tpl->result['content'] .= $tpl->result['comments'];
}
$this->db->free( $sql_result );
}
function build_navigation( $template, $alternative_link, $link ) {
global $tpl, $config, $lang;
if( $this->total_comments <= $this->comments_per_pages ) return;
if( isset( $_GET['cstart'] ) ) $this->cstart = intval( $_GET['cstart'] );
if( !$this->cstart OR $this->cstart < 0 ) $this->cstart = 1;
$tpl->load_template( $template );
//----------------------------------
//
//----------------------------------
if( $this->cstart > 1 ) {
$prev = $this->cstart - 1;
if( $config['allow_alt_url'] == "yes" AND $alternative_link) {
$url = str_replace ("{page}", $prev, $alternative_link );
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "\\1" );
} else $tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "\\1" );
} else {
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "\\1" );
$no_prev = TRUE;
}
//----------------------------------
//
//----------------------------------
if( $this->comments_per_pages ) {
$enpages_count = @ceil( $this->total_comments / $this->comments_per_pages );
$pages = "";
if( $enpages_count <= 10 ) {
for($j = 1; $j <= $enpages_count; $j ++) {
if( $j != $this->cstart ) {
if( $config['allow_alt_url'] == "yes" AND $alternative_link ) {
$url = str_replace ("{page}", $j, $alternative_link );
$pages .= "$j ";
} else $pages .= "$j ";
} else {
$pages .= "$j ";
}
}
} else {
$start = 1;
$end = 10;
$nav_prefix = "{$lang['nav_trennen']} ";
if( $this->cstart > 0 ) {
if( $this->cstart > 6 ) {
$start = $this->cstart - 4;
$end = $start + 8;
if( $end >= $enpages_count ) {
$start = $enpages_count - 9;
$end = $enpages_count - 1;
$nav_prefix = "";
} else
$nav_prefix = "{$lang['nav_trennen']} ";
}
}
if( $start >= 2 ) {
if( $config['allow_alt_url'] == "yes" AND $alternative_link) {
$url = str_replace ("{page}", "1", $alternative_link );
$pages .= "1 {$lang['nav_trennen']} ";
} else $pages .= "1 {$lang['nav_trennen']} ";
}
for($j = $start; $j <= $end; $j ++) {
if( $j != $this->cstart ) {
if( $config['allow_alt_url'] == "yes" AND $alternative_link) {
$url = str_replace ("{page}", $j, $alternative_link );
$pages .= "$j ";
} else $pages .= "$j ";
} else {
$pages .= "$j ";
}
}
if( $this->cstart != $enpages_count ) {
if( $config['allow_alt_url'] == "yes" AND $alternative_link) {
$url = str_replace ("{page}", $enpages_count, $alternative_link );
$pages .= $nav_prefix . "{$enpages_count}";
} else $pages .= $nav_prefix . "{$enpages_count}";
} else
$pages .= "{$enpages_count} ";
}
$tpl->set( '{pages}', $pages );
}
//----------------------------------
//
//----------------------------------
if( $this->cstart < $enpages_count ) {
$next_page = $this->cstart + 1;
if( $config['allow_alt_url'] == "yes" AND $alternative_link ) {
$url = str_replace ("{page}", $next_page, $alternative_link );
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "\\1" );
} else $tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "\\1" );
} else {
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "\\1" );
$no_next = TRUE;
}
$tpl->compile( 'commentsnavigation' );
$tpl->clear();
if ( strpos ( $tpl->result['content'], "" ) !== false ) {
$tpl->result['content'] = str_replace ( "", $tpl->result['commentsnavigation'], $tpl->result['content'] );
} else {
$tpl->result['content'] .= $tpl->result['commentsnavigation'];
}
}
}
?>PK
C>aj ( Upload/engine/classes/download.class.php "", 'new_name' => "", 'type' => "", 'size' => "", 'resume' => "", 'max_speed' => "" );
var $range = 0;
function download($path, $name = "", $resume = 0, $max_speed = 0) {
$name = ($name == "") ? substr( strrchr( "/" . $path, "/" ), 1 ) : $name;
$name = explode( "/", $name );
$name = end( $name );
$file_size = @filesize( $path );
$this->properties = array ('old_name' => $path, 'new_name' => $name, 'type' => "application/force-download", 'size' => $file_size, 'resume' => $resume, 'max_speed' => $max_speed );
if( $this->properties['resume'] ) {
if( isset( $_SERVER['HTTP_RANGE'] ) ) {
$this->range = $_SERVER['HTTP_RANGE'];
$this->range = str_replace( "bytes=", "", $this->range );
$this->range = str_replace( "-", "", $this->range );
} else {
$this->range = 0;
}
if( $this->range > $this->properties['size'] ) $this->range = 0;
} else {
$this->range = 0;
}
}
function download_file() {
if( $this->range ) {
header( $_SERVER['SERVER_PROTOCOL'] . " 206 Partial Content" );
} else {
header( $_SERVER['SERVER_PROTOCOL'] . " 200 OK" );
}
header( "Pragma: public" );
header( "Expires: 0" );
header( "Cache-Control:" );
header( "Cache-Control: public" );
header( "Content-Description: File Transfer" );
header( "Content-Type: " . $this->properties["type"] );
header( 'Content-Disposition: attachment; filename="' . $this->properties['new_name'] . '";' );
header( "Content-Transfer-Encoding: binary" );
if( $this->properties['resume'] ) header( "Accept-Ranges: bytes" );
if( $this->range ) {
header( "Content-Range: bytes {$this->range}-" . ($this->properties['size'] - 1) . "/" . $this->properties['size'] );
header( "Content-Length: " . ($this->properties['size'] - $this->range) );
} else {
header( "Content-Length: " . $this->properties['size'] );
}
@ini_set( 'max_execution_time', 0 );
@set_time_limit();
$this->_download( $this->properties['old_name'], $this->range );
}
function _download($filename, $range = 0) {
@ob_end_clean();
if( ($speed = $this->properties['max_speed']) > 0 ) $sleep_time = (8 / $speed) * 1e6;
else $sleep_time = 0;
$handle = fopen( $filename, 'rb' );
fseek( $handle, $range );
if( $handle === false ) {
return false;
}
while ( ! feof( $handle ) ) {
print( fread( $handle, 1024 * 8 ) );
ob_flush();
flush();
usleep( $sleep_time );
}
fclose( $handle );
return true;
}
}
?>PK
>8 &