$value) { $$key=$value; } // // FUNCTIONS ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // function trigger_err($err="404") { global $TARGETS,$smarty,$_SESSION; define_smartyvars(); if ($TARGETS['content']) $smarty->assign("requested_page",$TARGETS['content']); if (file_exists("templates/_errors/".$_SESSION['langname']."/$err.tpl")) $smarty->_tpl_vars['targets']['content']="_errors/".$_SESSION['langname']."/$err.tpl"; else $smarty->_tpl_vars['targets']['content']="_errors/eng/$err.tpl"; $smarty->assign("error",$err); $smarty->display("index.tpl"); die(); } function define_smartyvars() { global $db_data,$show,$table,$location,$fileID,$QUERY_STRING,$parameters,$loc,$usershow, $page,$offset,$limit,$seek,$_SESSION,$DB_PREFIX,$order,$title,$headers,$TARGETS; global $smarty; $smarty->assign("db",$db_data); $smarty->assign("show",$show); $smarty->assign("table",$table); $smarty->assign("loc",$location); $smarty->assign("fileID",$fileID); $smarty->assign("QUERY_STRING",$QUERY_STRING); $smarty->assign("QUERY_PARAMS",$parameters); $smarty->assign("requested_page",$loc); $smarty->assign("usershow",$usershow); $smarty->assign("page",$page); // ALWAYS COPY PAGE-VAR TO SMARTY-OBJECT $smarty->assign("page_path",substr($page,0,strpos($page,"/"))); $smarty->assign("page_file",substr($page,strpos($page,"/")+1)); $smarty->assign("offset",$offset); $smarty->assign("limit",$limit); $smarty->assign("seek",$seek); $smarty->assign("current_user",$_SESSION['user']); $smarty->assign("last_visit",$_SESSION['last_visit']); $smarty->assign("visits",$_COOKIE['visits']); $smarty->assign("current_userID",$_SESSION['user']['ID']); $smarty->assign("current_usergroup",$_SESSION['user']['usergroup']); $smarty->assign("USER_AGENT",extract_browser()); $smarty->assign("PHP_SESSION",session_name()); $smarty->assign("PHP_SESSID",session_id()); if (strpos($order," DESC")!==false) $od=substr($order,0,strlen($order)-5); else $od=$order; $smarty->assign("sortrow",$od); // CLEAN ORDER_ROWNAME FROM ASC/DESC APPENDIX $smarty->assign("order",$order); $smarty->assign("title",$title); $smarty->assign("headers",$headers); $smarty->assign("targets",$TARGETS); } function order_check($tab="",$GROUP_OR_ORDER="ORDER",$DEFAULT="") { global $table,$order; if ($tab=="") $tab=$table; // GET TABLE FROM GLOBAL NAMESPACE IF NOT TRANSMITTED $o=trim($order); if (!$o) $o=$DEFAULT; // SET TO DEFAULT_VALUE if (strtoupper(substr($o,strlen($o)-5,5))==" DESC") { $o="`".substr($o,0,strlen($o)-5)."` DESC"; // ADD ` IF NOT TRANSMITTED } else if ($o{0}!=="`" && $o) { $o="`$o`"; } if ($tab && ($tab{0}!=="`")) $tab="`$tab`."; return ($o?"$GROUP_OR_ORDER BY $tab$o":""); // RETURN MYSQL_TERMFRAGMENT } function check_uservars($src) { global $VALID_USERVARS; foreach ($src as $key=>$value) { if (in_array(strtoupper($key),$VALID_USERVARS)) { // GET USERVALUE if (@in_array(strtoupper($key),$VALID_USERVARS) || !isset($VALID_USERVARS)) { debug($key." ACCEPTED AS USER_INPUT [$value]","note"); global $$key; $$key=$value; } } else if (substr($key,0,2)=="u_") { global $$key; $$key=$value; $_SESSION[$key]=$value; } else if (!$QUERIES) { // INTERPRET AS TABLE/ROW_DOUBLE if (!$value) {$value=$key;$key="";} if (!$key) $key="index"; // TAKE INDEX.TPL IF NO VARNAME HAS BEEN TRANSMITTED $QUERIES=Array($key,$value); } } if (!$QUERIES) { // $QUERIES=Array("index",""); } return $QUERIES; } function debug($message,$typ="note") { global $_DEBUG_OUT; if ($message=="hr") { $_DEBUG_OUT.="
"; } else if ($typ=="list") { $_DEBUG_OUT.="
$message
"; } else { $_DEBUG_OUT.="
$typ: $message
"; } } if ($_SESSION['last_visit']=="first_visit") { $_SESSION['visits']=1; $_SESSION['last_visit']=$_COOKIE['last_visit']; } elseif (!$_SESSION['last_visit'] && !$_COOKIE['last_visit']) { // $_SESSION['show_help']=true; $_SESSION['last_visit']="first_visit"; $_SESSION['visits']=1; setcookie("visits",1,time()+3600*24*365); } elseif (!$_SESSION['last_visit']) { $_SESSION['last_visit']=$_COOKIE['last_visit']; setcookie("visits",$_COOKIE['visits']+1,time()+3600*24*365); } // INITIALIZE SMARTY // ///////////////////////////////////////////////////////////////////////////////////////////////// // // // // #if (is_superadmin()) $_DEBUG=true; // QUERY_PROCESSING ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // // DEFINE AND SET VALID GET_VARS ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // $VALID_USERVARS=Array("SHOW","PAGE","OFFSET","LIMIT","ORDER","ACTION","DO","CONFIRM","DATE","ADD","LANG"); //$VALID_USERVARS=Array(); // DETERMINE WHICH TABLE TO PROCESS AND WHICH TEMPLATE TO SHOW ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // if (function_exists("update_account")) { update_account(); } $QUERIES=check_uservars($_GET); check_uservars($_POST); if (!$_GET && !$_POST) { // $QUERIES=Array("trax/list","trax"); debug ("No site-location given. Using \"index.tpl\" and `pm_trax`","note"); } $user_target=$QUERIES[0]; // NOTE: USER_TARGET MUST ONLY CONTAIN OF ALPHANUMERIC AND SLASH! $show_full=$QUERIES[1]; if ($_SESSION['user']['ID'] && $_SESSION['user']['status']!=="ok") { $show_full="unlock/".$_SESSION['usergroup']."/".$_SESSION['user']['ID']; } if ($show_full{strlen($show_full)-1}=="/") $show_full=substr($show_full,0,strlen($show_full)-1); // remove_trailing_slash $userparams=explode("/",$show_full); if (!$show_full) { $buf=$SHOW_REDIRECT[strtoupper($show_full)]; if ($buf) $show_full=$buf; } if (sizeOf($QUERIES)>1) $user_target=$QUERIES[0]; if ($show_full{strlen($show_full)-1}=="/") $show_full=substr($show_full,0,strlen($show_full)-1); // remove_trailing_slash $params=explode("/",$show_full); $VALID_INSTRUCTIONS = Array ( "UNLINK","UPLOAD","EDIT","ALL","NEW","DISPLAY","PLAY","LOAD","SHOW_ALL","KILL","CLONE","RECOMMEND","DEADLINK","ID3","RSS","UNLOCK" ); if (in_array(strtoupper($params[0]),$VALID_INSTRUCTIONS)) { $INSTRUCTION=strtoupper($params[0]); $USERINSTRUCTION=$INSTRUCTION; $params=array_slice($params,1); // TRUNCATE ARRAY AND REMOVE INSTRUCTION FROM USERPARAMS $userparams=array_slice($userparams,1); // TRUNCATE ARRAY AND REMOVE INSTRUCTION FROM USERPARAMS } $LOCATION_ONLY=implode("/",$params); // STORY LOCATION AS STRING WITHOUT INSTRUCTION if ($INSTRUCTION=="RSS") { if ($limit<20) $limit=20; // $offset=0; } if ($INSTRUCTION=="NEW") { $INSTRUCTION="EDIT"; array_splice($params,1,0,"new"); // RECONSTRUCT PARAMS: ADD "NEW" AFTER SHOW_PARAMETER // TO FAKE CORRECT SYNTAX {$show}/new/[var/value][var2/value2].. } if ($INSTRUCTION=="PLAY" || $INSTRUCTION=="LOAD" || $INSTRUCTION=="DISPLAY") { if (is_numeric($params[0])) { // DEFINE SHOW => "TRAX" IF FIRST PARAMETER IS NUMERIC [TRACK WILL BE LOADED BY DEFAULT] array_splice($params,0,0,"trax"); } } if ($INSTRUCTION=="ALL") { $INSTRUCTION="SHOW_ALL"; } $show=$params[0]; $usershow=$userparams[0]; if (substr($show,0,strlen($DB_PREFIX))==$DB_PREFIX) { $show=translate($show,"table"); } $buf=$SHOW_REDIRECT[strtoupper($params[0])]; if ($buf) $show=$buf; $location=$show_full; debug("location: ".$location."
"); // DEFINE TABLE ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // $table=translate($show); if ($_GET['u_searchterm']) $_POST['u_searchterm']=$_GET['u_searchterm']; if ($_POST['u_searchterm'] && ($show=="listen" || $show=="home")) { $table="pm_trax"; $show="trax"; } if ($table!==$_SESSION['table'] && !$_POST['u_searchterm'] || $show=="listen") { $u_searchterm=""; $_SESSION['table']=$table; } // CHANGE ORDER ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // if (is_array($auto_set)) { foreach ($auto_set as $pvar=>$value) { // $_SESSION[$pvar] = Array(); foreach ($value as $k=>$v) { // if (!isset($_SESSION[$pvar][$k])) // echo $pvar."[$k]=$v
"; // $_SESSION[$pvar][$k]=$v; } } } // SAVE AND RETRIEVE PERSISTENT_VARS [e.g. listing_offsets of different table_views] ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // $persistent_vars=Array("order","limit","stage","offset"); $b=$LOCATION_ONLY; foreach($persistent_vars as $k=>$v) { if (isset($_GET[$v])) { $_SESSION[$v][$b]=$_GET[$v]; } else if ($_SESSION[$v][$b]) { $$v=$_SESSION[$v][$b]; $smarty->assign($v,$$v); } if (isset($v)) debug($v.": ".$$v); } // USER - GET VARIABLES ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // //if (!$page) $page="index.tpl"; if (!isset($offset)) $offset=0; if (!isset($limit)) $limit=20; if (!isset($stage)) $stage=3; // DATABASE INTERFACE ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // $condition=""; $content_header=""; $t=translate($show); if (strtoupper($params[1])=="ID") $params=array_slice($params,1); // PREDEFINED QUERIES if (sizeOf($params)==2 && ($name_as_id[$t]) && !(is_numeric($params[1]))) { $sql="SELECT * FROM `$t` WHERE `".$name_as_id[$t]."`='".$params[1]."' OR `".$name_as_id[$t]."`='".str_replace("_"," ",$params[1])."' LIMIT 1;"; $q=mysql_query($sql); if (!$q) echo die($sql); $a=mysql_fetch_assoc($q); debug ("trying to take \"".$params[1]."\" as ".$name_as_id[$t]." for table `$t` > ".$a['ID']); if ($a['ID']) { array_splice($params,1,1,$a['ID']); } // take name as ID } if (is_numeric($params[1])) { // TAKE PARAMETER AS ID $params[2]=$params[1]; $params[1]="ID"; $seek="ID"; $fileID=$params[2]; $condition.=" AND `$t`.`ID`='$fileID'"; } else { if ($params[1]=="new") { $fileID="new"; $params=array_splice($params,1); } if (@in_array($t,$ALLOW_SHORTENED_SYNTAX) || !is_array($ALLOW_SHORTENED_SYNTAX)) { // expect shortened syntax: table/row $t2=translate($params[1]); if ($t2 && is_numeric($params[2]) && !($params[1]=="user" && in_array("usergroup",$params))) { // PARSE SHORTENED SYNTAX $buf=translate($params[1]); if ($buf) { $t=($t?"`$t`.":""); debug("parsed shortened syntax","note"); array_splice($params,1,2,Array("table",$buf,"row",$params[2])); // } debug($condition,"sql"); } } } else if ($params[0]=="overview") { $seek=$params[1]; $fileID=$params[2]; unset($params); } else if ($DB_MODE) { if ($t!==$DB_PREFIX."mixes" && $t!==$DB_PREFIX."trax" && $t!==$DB_PREFIX."answers") { if ($params[1]=="users") {$params[1]="user";$params[3]="usergroup";$params[4]="users";} if ($params[1]=="user") {$params[1]="user";$params[3]="usergroup";$params[4]="users";} if ($params[1]=="artists") {$params[1]="user";$params[3]="usergroup";$params[4]="artists";} if ($params[1]=="artist") {$params[1]="user";$params[3]="usergroup";$params[4]="artists";} } else { if ($params[1]=="artist" || $params[1]=="artists") { $params[1]="_artists"; } } } if (sizeOf($params)==2) { $seek=$params[1]; } else if (sizeOf($params)>1) { $t=$table; $where=Array(); $content_header.=translate($params[1],"table")." "; $PREDEFINED=Array(); for ($i=1;$i$params[$i+1]); debug("UserValue accepted: ".$params[$i]."=".$params[$i+1],"note"); $_GET[$params[$i]]=$params[$i+1]; $PREDEFINED[translate_column($params[$i],$t)]=$params[$i+1]; $condition.=" AND ".($t?"`$t`.":"")."`".translate_column($params[$i],$t)."`='".$params[$i+1]."'"; } debug("DEFINED CONDITION-FRAGMENT ".$condition."","sql"); debug("hr"); if ($t==$DB_PREFIX."comments" && $PREDEFINED["refID"]) { $sql="SELECT * FROM `$DB_PREFIX"."comments` WHERE `ID`='".$PREDEFINED["refID"]."'"; // CHECK WHETHER USER IS AUTHORIZED TO ANSWER TO THIS MAIL $sql.=" AND `table`='$DB_PREFIX"."users' AND `row`='".$_SESSION['user']['ID']."'"; $q=mysql_query($sql); if ($q) { $ref=mysql_fetch_assoc($q); if ($ref) { $sql2="SELECT * FROM `".$DB_PREFIX."users` WHERE `ID`='".$ref["_users"]."';"; $src=mysql_fetch_assoc(mysql_query($sql2)); $PREDEFINED["subject"]="RE: ".$ref['subject']; $PREDEFINED["text"]=chr(13).chr(10).chr(13).chr(10).chr(13).chr(10).str_pad("",50,"-").chr(13).chr(10).chr(13).chr(10)."[".$src['nick']."] schrieb:".chr(13).chr(10).chr(13).chr(10).$ref['text']; } } } } } if (sizeOf($params)>2 && $db_data) $headers['content']="
Suchfilter: $content_header
"; if ($seek!=="ID") $condition.=mysql_generate_match($table,$u_searchterm,"FULLTEXT"); // HTTP AUTHENTIFICATION // // @include("include/php_auth.inc.php"); // LOGIN_LOGOUT // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // $action = $_REQUEST['action']; if ($INSTRUCTION=="UNLINK") { $action="unlink"; $INSTRUCTION="UPLOAD"; } if ($action && function_exists("perform_action")) { perform_action($action,$fileID,$table); } if ($_GET['do']) { // TRIES TO EXECUTE REMOTE FILE AND TRANSMITS GIVEN PARAMETERS TO THE CALLED FUNCTION // THE FILE NEEDS TO CONTAIN A FUNCTION NAMED "QMS_FUNCTION_$NAME" $buf=explode(",",$_GET['do']); $fname=$buf[0]; $trunc=array_slice($buf,1); $trunc=implode('","',$trunc); $filename="script/_actions/".$buf[0].".php"; $default_filename="script/_actions/default.php"; if (file_exists($filename)) { require_once($filename); eval('if (function_exists("qms_function_'.$fname.'")) qms_function_'.$fname.'("'.$trunc.'"); else echo "function \''.$fname.'\' not found";'); } elseif (file_exists($default_filename)) { require_once($default_filename); eval('if (function_exists("qms_function_'.$fname.'")) qms_function_'.$fname.'("'.$trunc.'"); else echo "function \''.$fname.'\' not found";'); } else { perform_action("do",$_GET['do']); } } if ($_COOKIE['auto_nick'] && $_COOKIE['auto_pass'] && !$_POST['u_login_nick'] && !$_POST['u_login_pass'] && !$_SESSION['user']['ID']) { // AUTOLOGIN $_POST['u_login_nick']=$_COOKIE['auto_nick']; $_POST['u_login_pass']=$_COOKIE['auto_pass']; } if ($_POST['u_login_nick'] && $_POST['u_login_pass']) { $smarty->clear_assign("current_user"); $smarty->clear_assign("current_userID"); $res=login(); if (!$res) { $a=array("title"=>"Logindaten"); array_push($errors,$a); $smarty->assign("error_txt","Die eingegebenen Login-Daten sind leider nicht gültig. Bitte erneut eingeben."); debug("LOGIN FAILED for ".$_POST['u_login_nick']."/".$_POST['u_login_pass'],"error"); } } // SHOW OR HIDE HELP if (isset($_GET['help'])) { $_SESSION['show_help']=($_GET['help']=="true"); } // CLEANUP DATABASE // PROCESS FORM_DATA SENT VIA HTTP AND USE TMP_FORM TO PERFORM VALIDATION // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // $filter="u_reg_"; if ($action=="kill_tmp_form") { // CLEANUP SESSION FROM OLD FORM_VALUES foreach($_SESSION as $key=>$value) { if (substr($key,0,strlen($filter))==$filter) unset($_SESSION[$key]); } unset($_SESSION['tmp_form']); } else if ($_POST) { require_once("include/formCheck.inc.php"); $src=$_POST; if ($src['filter']) $filter=$src['filter']; if ($src['table']) $table=$src['table']; $buf=Array(); if ($_SESSION['tmp_form']) { foreach($_SESSION['tmp_form'] as $key=>$value) { if ($value['type']=="checkbox") { if ($value['required']=="yes" && $_POST[$value['name']]=="no") array_push($errors,$value); } else if ($value['validate']) { if ($_POST[$value['validate']]!==$_POST[$value['name']]) array_push($errors,$value); } } foreach($_POST as $key=>$value) { if ((substr($key,0,strlen($filter))==$filter) || !$filter) { if (isset($_SESSION['tmp_form'][$key]) && isset($_POST[$key])) { $err=formCheck($_SESSION['tmp_form'][$key],$value); if ($err) array_push($errors,$_SESSION['tmp_form'][$key]); // } else if (strpos(",".$_POST['_required_fields'].",",$key)!==false && (!$value)) { // $buf=Array("name"=>$key,"value"=>$value,"title"=>$key); // array_push($errors,$key); } } } } } // INSTRUCTIONS // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // if ($_POST['action']) { if (file_exists("script/".$_POST['action'].".php")) $_POST['action'].=".php"; require_once("script/".$_POST['action']); } // LOAD DATABASE INTERFACE // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // if ($INSTRUCTION=="CLONE") { // if ($confirm && $seek=="ID") { if ($seek=="ID") { $fileID=clone_entry($table,$fileID); $INSTRUCTION=""; } else { $TARGETS['sidebar']="_sys/clone_confirm.tpl"; } } if ($INSTRUCTION=="EDIT" || $INSTRUCTION=="UPLOAD") { $t=translate($show); if ((!$_SESSION['usergroup'] && in_array($t,$CREATE_ALLOWED["DEFAULT"])) || (@in_array($t,$CREATE_ALLOWED[$_SESSION['usergroup']]) || is_admin()) ) { include("script/_data/edit_table.php"); if ($INSTRUCTION=="UPLOAD" && is_readable("templates/_edit/upload.tpl")) { $TARGETS['content']="_edit/upload.tpl"; } else if ($fileID=="new" && is_readable("templates/_new/$show.tpl")) { $TARGETS['content']="_new/$show.tpl"; } else if (is_readable("templates/_edit/$show.tpl")) { $TARGETS['content']="_edit/$show.tpl"; } else { if ($fileID) debug("\"".$show."/new.tpl\" not found"); debug("\"_edit/$show.tpl\" not found"); debug("loading standard editing_template: \"_edit/default.tpl\"","load"); $TARGETS['content']="_edit/default.tpl"; } } else { $TARGETS['content']="errors/login.tpl"; } } else if ($show) { // CHECK WHETHER EXTERNAL SCRIPT EXISTS AND EXECUTE IF SO // // // // if (file_exists("script/_data/$show.php")) { debug("loading \"script/_data/$show.php\"
","load"); $db_data=require("script/_data/$show.php"); debug("hr"); } else if (file_exists("script/_data/default.php")) { debug("script/_data/$show.php not found"); debug("loading standard table_interface: \"script/_data/default.php\"","load"); $db_data=require("script/_data/default.php"); debug("hr"); } else { debug("loading standard table_interface \"script/_data/default.php\" failed!","error"); } if ($table==$DB_PREFIX."trax") { $src="data"; if (!$db_data[$src]) $src="current"; else { foreach($db_data[$src] as $k => $v) { $db_data[$src][$k]['file_size']=getTrackSize($db_data[$src][$k]); if ($db_data[$src][$k]['file']) $db_data[$src][$k]['file']=rel2abs($v['file']); if ($db_data[$src][$k]['downloadurl']) $db_data[$src][$k]['downloadurl']=rel2abs($v['downloadurl']); } } } if ($INSTRUCTION=="PLAY") { if (function_exists("play_entry")) { play_entry($table,$fileID); } } else if ($INSTRUCTION=="DISPLAY") { $ref=$db_data['data'][0]; $f=$ref['picurl']; if (!$f) $f=$ref['pic']; if (!$f) $f=$ref['image']; if (!$f) $f=$ref['file']; if (!$f) $f=$ref['imageurl']; if (!$f) $f=$ref['url']; if (!$ext) { $ext=substr($f,strrpos($f,".")); } switch (strtoupper($ext)) { case ".JPG": $img=imagecreatefromjpeg($f); break; case ".JPEG": $img=imagecreatefromjpeg($f); break; case ".PNG": $img=imagecreatefrompng($f); break; case ".GIF": $img=imagecreatefromgif($f); break; default: $img=0; } if (strtoupper($ext)=="GIF") { header("Content-type: image/gif"); header('Content-Disposition: inline; filename="'.$fileID.'.gif"'); imagegif($img, "", 100); } else { header("Content-type: image/jpeg"); header('Content-Disposition: inline; filename="'.$fileID.'.jpg"'); imagejpeg($img, "", 100); } die(); } else if ($INSTRUCTION=="RSS") { define_smartyvars(); if ($table==$DB_PREFIX."trax" || $table==$DB_PREFIX."mixes" || $table==$DB_PREFIX."charts") { header("Content-Type: application/podcast+rss+xml; charset=utf-8"); header('Content-Disposition: inline; filename="'.$show.'.xml"'); } else { header("Content-Type: text/xml; charset=utf-8"); // header('Content-Disposition: inline; filename="'.$show.'.xml"'); } if (file_exists("templates/_sys/rss.tpl")) { echo $smarty->display("_sys/rss.tpl"); } elseif (file_exists("templates/rss.tpl")) { echo $smarty->display("rss.tpl"); } die(); // header("Content-Type: MIME Type: application/podcast+rss+xml; charset=utf-8"); // header('Content-Disposition: inline; filename="pulsar_charts_'.$chart_mode.'.xml"'); } else if ($INSTRUCTION=="LOAD") { if (function_exists("load_entry")) load_entry($table,$fileID); } // SHOW TITLE OF CURRENT PAGE // // // if (sizeOf($db_data['data'])>1) { $title="".ucfirst(translate($table,"table"))." | "; } else if (is_array($db_data['data'])) { if ($db_data['data'][0]) { $title="".ucfirst(translate($table,"table"))." | "; if ($db_data['data'][0]['_styles']) $title.="".$db_data['data'][0]['stylename']." | "; } } if ($fileID && $seek=="ID") { $buf=$db_data['data'][0]['_users']; if (!$buf) $buf=$db_data['data'][0]['_artists']; $title.="".$db_data['data'][0]['nick']." | "; if ($table==$DB_PREFIX."trax") $title.="".$db_data['data'][0]['name'].""; } if ($seek=="_users" || $seek=="artist" || $seek=="user") $title.="".$db_data['data'][0]['nick'].""; // DEFINE MAIN TEMPLATE // // // // if (!is_readable("templates/general.tpl")) { if ($seek=="ID") { if (is_readable("templates/_show/$show.tpl")) { $TARGETS['content']="_show/$show.tpl"; } else if ($db_data) { debug("\"_show/$show.tpl\" not found"); $TARGETS['content']="_show/default.tpl"; } $TARGETS['comments']="comments.tpl"; } else { if (file_exists("templates/_list/$show.tpl")) { $TARGETS['content']="_list/$show.tpl"; } else if ($db_data) { $TARGETS['content']="_list/default.tpl"; } } } // $title=$db_data['title']; if ($db_data) { debug("data [$table] mounted
","success"); // GET ALL COMMENTS AND VOTINGS POINTING TO THE RESPECTIVE DATABASE_ENTRY // // // // if (is_array($db_data['data'])) { // COUNT VIEWS if (function_exists("countviews")) countviews($table,$fileID); foreach($db_data['data'] as $key=>$value){ getAuthorized($db_data['data'][$key],$table); $buf=Array("usergroup"=>$_SESSION['usergroup'],"user"=>$_SESSION['user']['ID'],"_users"=>$_SESSION['user']['ID'],"table"=>$table,"row"=>$value['ID']); $sql=mysql_generate_select($DB_PREFIX."bookmarks",$buf,"`ID`",true); $votesql="SELECT ".$DB_PREFIX."voting.*,".$DB_PREFIX."votes.`name` as `grade` FROM `".$DB_PREFIX."voting`,`".$DB_PREFIX."votes` WHERE `_users`='".$_SESSION['user']['ID']."' AND ".$DB_PREFIX."voting.`table`='".$table."' AND `row`='".$value['ID']."' AND `".$DB_PREFIX."voting`.`score`=`".$DB_PREFIX."votes`.`score` AND `".$DB_PREFIX."voting`.`table`=`".$DB_PREFIX."votes`.`table` AND `".$DB_PREFIX."votes`.`_lang`='".$_SESSION['lang']."';"; $q=mysql_query($votesql); if ($q) { $buf=mysql_fetch_assoc($q); $db_data['data'][$key]['voted_for']=$buf; getSQLtable($sql,$db_data['data'][$key]['bookmarks']); // LOAD BOOKMARK IF FOUND $buf=Array("table"=>$table,"row"=>$value['ID']); $sql=mysql_generate_select($DB_PREFIX."bookmarks",$buf,"`ID`",true); $db_data['data'][$key]['num_bookmarks']=mysql_num_rows(mysql_query($sql)); if ($table==$DB_PREFIX."users") { $prio=updatePriority($table,$value['ID']); $db_data['data'][$key]['priority']=$prio; $db_data['data'][$key]['trax_votes']=$prio['voting_num']; if ($prio['voting_num']) $db_data['data'][$key]['trax_average']=100*$prio['voting_total']/$prio['voting_num']; } else if ($table==$DB_PREFIX."trax") { $prio=updatePriority($table,$value['ID']); if ($INSTRUCTION=="ID3" && $db_data['data'][$key]['editable']) { $db_data['data'][$key]['id3']=id3tag($value['ID'],"update"); } else if ($seek=="ID") { $db_data['data'][$key]['id3']=id3tag($value['ID'],"read"); } } } if (@in_array($table,$SHOW_VOTES) || !is_array($SHOW_VOTES)) { if ($seek=="ID") { // GET _ALL_ DETAILS FOR SINGLE_ITEM_VIEW! $fields="*"; $sql=" SELECT ".$DB_PREFIX."voting.*,".$DB_PREFIX."votes.`name` AS votename FROM `".$DB_PREFIX."voting`,`".$DB_PREFIX."votes` WHERE (".$DB_PREFIX."votes.`score`=".$DB_PREFIX."voting.`score` AND ".$DB_PREFIX."votes.`_lang`='".$_SESSION['lang']."') AND (`row`='$fileID' AND ".$DB_PREFIX."voting.`table`='$table' AND ".$DB_PREFIX."votes.`table`=".$DB_PREFIX."voting.`table`) ORDER BY `date` DESC; "; getSQLtable($sql,$buf); debug("retrieving votes for $table:$fileID","load"); debug("$sql","sql"); $acc_score=0; $voters=""; foreach($buf as $k2 => $v2) { if ($v2['_users']) { $buf[$k2]['author']=mysql_fetch_assoc(mysql_query("SELECT * FROM `".$DB_PREFIX."users` WHERE `ID`='".$v2['_users']."';")); if ($v2['score']>1) $voters.="`".$DB_PREFIX."voting`._users=".$buf[$k2]['author']['ID']." OR "; } else if ($v2['usergroup']) { // $buf[$k2]['author']=mysql_fetch_assoc(mysql_query("SELECT * FROM `".$DB_PREFIX.$v2['usergroup']."` WHERE `ID`='".$v2['user']."';")); $buf[$k2]['author']=mysql_fetch_assoc(mysql_query("SELECT * FROM `".$DB_PREFIX."artists` WHERE `ID`='".$v2['user']."';")); $buf[$k2]['author']['usergroup']=$v2['usergroup']; if ($v2['score']>1) $voters.="`".$DB_PREFIX."voting`.user=".$buf[$k2]['author']['ID']." OR "; } $acc_score+=$v2['score']; debug("vote ".$v2['score']." ".$v2['votename']." [".$buf[$k2]['author']['nick']." #".$buf[$k2]['author']['ID']."]"); } debug("hr"); if ($voters) { $sql= "SELECT `".$DB_PREFIX."voting`.* , COUNT(*) AS `count`, SUM( `".$DB_PREFIX."voting`.`score` ) AS `score` FROM `".$DB_PREFIX."voting`,`$table` WHERE `$table`.`ID`=".$DB_PREFIX."voting.row AND `$table`.`status`='ok' AND ".$DB_PREFIX."voting.table = '$table' AND ".$DB_PREFIX."voting.row <> '$fileID' AND ( ".substr($voters,0,strlen($voters)-3)." ) GROUP BY `".$DB_PREFIX."voting`.`table` , `".$DB_PREFIX."voting`.`row` ORDER BY `".$DB_PREFIX."voting`.`score` DESC,`count` DESC LIMIT 10 "; /* $sql= "SELECT * , COUNT(*) AS `count`, SUM( `score` ) AS `score` FROM `".$DB_PREFIX."voting` WHERE ".$DB_PREFIX."voting.table = '$table' AND ".$DB_PREFIX."voting.row <> '$fileID' AND ( ".substr($voters,0,strlen($voters)-3)." ) GROUP BY `table` , `row` ORDER BY `score` DESC LIMIT 10 "; */ getSQLtable($sql,$db_data['tips']); debug($sql,"sql"); debug("recommendations loaded [".sizeOf($db_data['tips'])." found]","load"); } else { debug("no votes found, therefore no reccommendations need to be loaded","note"); } $db_data['data'][$key]['voting']=$buf; $db_data['data'][$key]['votes']=sizeOf($buf); if (sizeOf($buf)) $db_data['data'][$key]['average']=$acc_score/sizeOf($buf); } else if (function_exists("getVotes")) { getVotes($db_data['data'][$key],$table); } } if ($table!==$DB_PREFIX."comments" && $table!==$DB_PREFIX."artists" && function_exists("getComments")) { getComments($db_data['data'][$key],$table,$seek=="ID"); } } } } else if (!$table) { $TARGETS['content']="_content/".$show.".tpl"; } else if (!$INSTRUCTION) { $TARGETS['content']="general.tpl"; } } if ($action=="unlink" && $confirm=="yes") { $file_fields=Array("file","downloadurl","picurl","refurl","image","pic","URL"); if ($db_data['data']['status']=="deleted" || !isset($db_data['data']['status'])) { foreach($db_data['data'] as $k=>$v) { if (in_array($k,$file_fields) && $v) { if (@unlink($v)) { mysql_query("UPDATE `$table` SET `".$k."`='' WHERE `ID`='".$db_data['data']['ID']."';"); debug("entry \"".$db_data['data']['ID'].".$k\" unlinked","success"); } else { debug("error while unlinking entry \"".$db_data['data']['ID'].".$k\"","error"); } } } } } /* if (!$db_data['data']) { $_SESSION['order'][$show_full]=""; $order=""; debug("invalid ORDER-parameter. setting to NULL","error"); } */ // USER_PING AND ONLINE_USER_LIST // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // ASSIGN SMARTY VARIABLES // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // if ($order) { if (is_array($order)) $order = $order[$location]; if (strpos($order,"DESC")==false) $toggle.=" DESC"; $smarty->assign("order_dir",strpos($order,"DESC")==false); $smarty->assign("order_toggle",(strpos($order," DESC")!==false?substr($order,0,strlen($order)-5):$order." DESC")); } foreach ($_GET as $k=>$v) { $smarty->assign($k, $v); // ASSIGN ALL VARIABLES SENT VIA POST TO SMARTY if (substr($k,0,2)=="u_") { $_SESSION[$k]=$v; // ASSIGN VARS TO SESSION IF U_ PREFIX } } foreach ($_POST as $k=>$v) { $smarty->assign($k, $v); if (substr($k,0,2)=="u_") { $_SESSION[$k]=$v; // echo $k."=".$v."
"; // ASSIGN ALL USER_INPUTS SENT VIA "POST" WITH SESSION VARIABLE } } foreach ($_SESSION as $k=>$v) { $smarty->assign($k, $v); // ASSIGN ALL SESSION_VARIABLES WITH SMARTY } if (isset($_POST)) $smarty->assign("_POST", $_POST); // MAKE _POST-VARIABLES ACCESSIBLE FROM SMARTY if (!$_SESSION['user']) { $smarty->clear_assign("current_user"); $smarty->clear_assign("current_userID"); } $smarty->assign("PHP_SELF","http://web22.h788.serverid.net/pulsar_records/v2_alpha/".$PHP_SELF); function extract_browser() { $buf=getenv('HTTP_USER_AGENT'); $search=Array("Firefox","MSIE"); foreach($search as $key=>$value) { if (strpos($buf,$value)!==false) return $value; } return false; } // MAKE RECEIVED DATA REQUESTED BY USER ACCESSIBLE FROM TEMPLATE // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // if (!file_exists("templates/".$TARGETS['content'])) { if (file_exists("templates/".$show_full.".tpl")) $TARGETS['content']=$show_full.".tpl"; // TAKE REALPATH IF NO CONTENT_TEMPLATE WAS FOUND } if (!file_exists("templates/".$TARGETS['content'])) { if ($INSTRUCTION=="EDIT") header("Location: http://pulsar.cc/?new/user&message=Um diese Aktion ausführen zu können, bitte vorher einloggen oder registrieren."); else trigger_err(); } else if ($TARGETS['content']!=="index") { // CALLING INDEX WOULD RESULT IN AN ENDLESS LOOP $TARGETS['content']=$TARGETS['content']; } foreach ($TARGETS as $k=>$v) { debug("target $k -> $v
","list"); } $buf=strtoupper($show); if ($INSTRUCTION=="KILL") { if ($confirm && $seek=="ID") { kill_entry($table,$fileID); } else { $TARGETS['sidebar']="_sys/kill_confirm.tpl"; } } else if ($INSTRUCTION=="UNLOCK") { $TARGETS['content']="_sys/unlock.tpl"; $TARGETS['sidebar']="quickie/blog.tpl"; } else if ($INSTRUCTION=="DEADLINK") { if ($_POST['confirm'] && $_POST['fileID'] && $_POST['show']) { if (strtoupper($_SESSION['captcha'])!==strtoupper($_POST["entered_captcha"]) || !$_SESSION['captcha']) array_push($errors,Array("text"=>"Please re-enter verification-code")); if (sizeOf($errors)<1) { $ref=mysql_fetch_assoc(mysql_query("SELECT * FROM `$table` WHERE `ID`='$fileID'")); notifications($table,$fileID,"deadlink"); $user=getAuthor($ref); $sender=$_SESSION['user']; $ref['table']=$_POST['table']; if (file_exists("templates/_sys/".$_SESSION['langname']."/notify/$show"."_deadlink.tpl")) { notify("_sys/".$_SESSION['langname']."/notify/$show"."_deadlink_own",$user,$sender,$_POST['u_rec_comment'],$ref); } else { notify("_sys/".$_SESSION['langname']."/notify/default_deadlink_own",$user,$sender,$_POST['u_rec_comment'],$ref); } $TARGETS['sidebar']="_sys/deadlink_reported.tpl"; } else { $TARGETS['sidebar']="_sys/deadlink.tpl"; } } else { $TARGETS['sidebar']="_sys/deadlink.tpl"; $TARGETS['comments']=""; } } else if ($INSTRUCTION=="RECOMMEND") { if ($_POST['confirm'] && $_POST['fileID'] && $_POST['show']) { if (strtoupper($_SESSION['captcha'])!==strtoupper($_POST["entered_captcha"]) || !$_SESSION['captcha']) array_push($errors,Array("text"=>"Please re-enter verification-code")); if (sizeOf($errors)<1) { $ref=mysql_fetch_assoc(mysql_query("SELECT * FROM `$table` WHERE `ID`='$fileID'")); notifications($table,$fileID,"recommend"); $user=Array("name"=>$_POST['u_rec_recipient'],"email"=>$_POST['u_rec_email']); $ref['table']=$_POST['table']; if (file_exists("templates/_sys/".$_SESSION['langname']."/notify/$show"."_recommend.tpl")) { notify("_sys/".$_SESSION['langname']."/notify/$show"."_recommend",$user,$_POST['u_rec_sender'],$_POST['u_rec_comment'],$ref); } else { notify("_sys/".$_SESSION['langname']."/notify/default_recommend",$user,$_POST['u_rec_sender'],$_POST['u_rec_comment'],$ref); } $TARGETS['sidebar']="_sys/entry_recommended.tpl"; } else { $TARGETS['sidebar']="_sys/recommend.tpl"; } } else { $TARGETS['sidebar']="_sys/recommend.tpl"; $TARGETS['comments']=""; } } else if ($INSTRUCTION=="EDIT" || $INSTRUCTION=="UPLOAD") { $TARGETS['sidebar']=($QUICKIE_TARGETS['edit'][$buf]?$QUICKIE_TARGETS['edit'][$buf]:$QUICKIE_TARGETS['edit']['DEFAULT']); } else if ($fileID) { $TARGETS['sidebar']=($QUICKIE_TARGETS['show'][$buf]?$QUICKIE_TARGETS['show'][$buf]:$QUICKIE_TARGETS['show']['DEFAULT']); } else { $TARGETS['sidebar']=($QUICKIE_TARGETS['list'][$buf]?$QUICKIE_TARGETS['list'][$buf]:$QUICKIE_TARGETS['list']['DEFAULT']); } if ($action=="unlink") { $TARGETS['sidebar']="_sys/unlink.tpl"; } if ($_DEBUG) { if ($_SESSION['user']['access']<>"superadmin") { // $_DEBUG_OUT="you must be logged in as admin to view the debugging output"; } else { $_DEBUG_OUT="DEBUGGING MODE ON:


" .$_DEBUG_OUT; $smarty->assign("_DEBUG_OUT",$_DEBUG_OUT); } $smarty->assign("_DEBUG_OUT",$_DEBUG_OUT); } $_SESSION['SESSION']=$_SESSION; // ERROR_PROCESSING // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // if (sizeOf($errors)>0) { $smarty->assign("errors",$errors); $smarty->assign("errmsg",$errmsg); } else if ($_POST['success']) { $target="Location: http://".$_SERVER['HTTP_HOST'] .dirname($_SERVER['PHP_SELF']) .$_POST['success']; // das scheint mir zum echten servernamen aufzulšsen // deshalb manueller wert // vorerst wieder deaktiviert /* $target="Location: http://www.roomsunited.com/de/" .$_POST['success'] ."/index.php?page=".$_POST['success']."&ID=".$myid; */ header($target); } // OUTPUT // ////////////////////////////////////////////////////////////////////////////////////////////////// // // // // display it // HTML-OUT if ($page) { if (!file_exists("templates/".$page) && substr($page,strlen($page)-4,4)!==".tpl") $page.=".tpl"; } else { $page="index.tpl"; } if (!$show) { // $TARGETS['content']="list.tpl"; } if ($show=="listen") { processTables(); } define_smartyvars(); if ($show=="pool" && !$_SESSION['user']['ID']) { trigger_err("908"); } if (is_array($LISTING_BLOCKED) && $INSTRUCTION!=="EDIT") { if ((in_array($table,$LISTING_BLOCKED)) && (!is_superadmin()) && !(strpos($TARGETS['content'],"_list") || strpos($TARGETS['content'],"_show"))) { trigger_err("911"); } } define_smartyvars($smarty); if (file_exists("templates/".$page)) { echo $smarty->display($page); } else { trigger_err("404"); } if (!$_POST) { // unset($_SESSION['tmp_form']); } if (!$_POST && $INSTRUCTION!=="EDIT" && $_SESSION['tmp_form_location']!==$table) { unset($_SESSION['tmp_form']); $_SESSION['tmp_form_location']=$table; } ?>