#!/usr/bin/perl
### SibSoft.net ###
use strict;
use CGI::Carp qw(fatalsToBrowser);
use lib '.';
use XFileConfig;
use Session;
$c->{ip_not_allowed}=~s/\./\\./g;
if($c->{ip_not_allowed} && $ENV{REMOTE_ADDR}=~/$c->{ip_not_allowed}/)
{
print"Content-type:text/html\n\n";
print"Your IP was banned by administrator";
exit;
}
my $ses = Session->new();
my $f = $ses->f;
my $op = $f->{op};
if($f->{design}=~/^(\d+)$/)
{
$ses->setCookie("design",$1,'+300d');
$ses->redirect($c->{site_url});
}
&ChangeLanguage if $f->{lang};
my $db= $ses->db;
&CheckAuth() unless $op eq 'login';
#if($ENV{HTTP_CGI_AUTHORIZATION} && $ENV{HTTP_CGI_AUTHORIZATION} =~ s/basic\s+//i)
#{
# &Login(undef,'instant');
# print($ses->{cgi_query}->header(-status=>403)),exit unless $ses->{user};
#}
my $utype = $ses->getUser ? ($ses->getUser->{premium} ? 'prem' : 'reg') : 'anon';
$c->{$_}=$c->{"$_\_$utype"} for qw(max_upload_files
disk_space
max_upload_filesize
download_countdown
max_downloads_number
captcha
ads
bw_limit
remote_url
direct_links
down_speed
max_rs_leech
add_download_delay
max_download_filesize
torrent_dl
torrent_dl_slots
video_embed
flash_upload
rar_info);
my $sub={
login => \&LoginPage,
news => \&News,
news_details => \&NewsDetails,
contact => \&Contact,
registration => \&Register,
register_save => \&RegisterSave,
resend_activation => \&ResendActivationCode,
upload_result => \&UploadResult,
download1 => \&Download1,
download2 => \&Download2,
page => \&Page,
forgot_pass => \&ForgotPass,
contact_send => \&ContactSend,
user_public => \&UserPublic,
payments => \&Payments,
checkfiles => \&CheckFiles,
catalogue => \&Catalogue,
change_lang => \&ChangeLanguage,
report_file => \&ReportFile,
report_file_send => \&ReportFileSend,
api_get_limits => \&APIGetLimits,
comment_add => \&CommentAdd,
cmt_del => \&CommentDel,
del_file => \&DelFile,
links => \&Links,
video_embed => \&VideoEmbed,
}->{ $op };
&$sub if $sub;
&PaymentComplete($1) if $ENV{QUERY_STRING}=~/payment_complete=(.+)/;
&RegisterConfirm if $f->{confirm_account};
$sub={
my_account => \&MyAccount,
my_referrals => \&MyReferrals,
my_files => \&MyFiles,
my_files_export => \&MyFilesExport,
my_reports => \&MyReports,
file_edit => \&FileEdit,
fld_edit => \&FolderEdit,
request_money => \&RequestMoney,
admin_files => \&AdminFiles,
admin_users => \&AdminUsers,
admin_user_edit => \&AdminUserEdit,
admin_users_add => \&AdminUsersAdd,
admin_servers => \&AdminServers,
admin_server_add => \&AdminServerAdd,
admin_server_save=> \&AdminServerSave,
admin_server_del => \&AdminServerDelete,
admin_settings => \&AdminSettings,
admin_news => \&AdminNews,
admin_news_edit => \&AdminNewsEdit,
admin_reports => \&AdminReports,
admin_update_srv_stats => \&AdminUpdateServerStats,
admin_server_import => \&AdminServerImport,
admin_mass_email => \&AdminMassEmail,
admin_downloads => \&AdminDownloads,
admin_downloads_all => \&AdminDownloadsAll,
admin_comments => \&AdminComments,
admin_payments => \&AdminPayments,
admin_stats => \&AdminStats,
admin_check_db_file => \&AdminCheckDBFile,
admin_check_file_db => \&AdminCheckFileDB,
admin_torrents => \&AdminTorrents,
admin_anti_hack => \&AdminAntiHack,
admin_user_referrals=> \&AdminUserReferrals,
moderator_files => \&ModeratorFiles,
logout => sub{$ses->Logout},
}->{ $op };
if($sub && $ses->getUser)
{
$ses->message("Access denied") if $op=~/^admin_/i && !$ses->getUser->{usr_adm} && $op!~/^(admin_reports|admin_comments)$/i;
&$sub;
}
elsif($sub)
{
$f->{redirect}=$ENV{REQUEST_URI};
&LoginPage;
}
else
{
&UploadForm;
}
sub LoginPage
{
if($f->{login})
{
&Login();
$f->{msg}=$ses->{lang}->{lang_login_pass_wrong} unless $ses->getUser;
}
$f->{login}||=$ses->getCookie('login');
sleep 1 if $f->{msg};
$ses->PrintTemplate("login.html",msg=>$f->{msg},login=>$f->{login},redirect=>$f->{redirect}||$ENV{HTTP_REFERER});
}
sub CheckAuth
{
my $sess_id = $ses->getCookie( $ses->{auth_cook} );
return undef unless $sess_id;
return undef if $f->{id}&&!$ses->{dc};
$ses->{user} = $db->SelectRow("SELECT u.*,
UNIX_TIMESTAMP(usr_premium_expire)-UNIX_TIMESTAMP() as exp_sec,
UNIX_TIMESTAMP()-UNIX_TIMESTAMP(last_time) as dtt
FROM Users u, Sessions s
WHERE s.session_id=?
AND s.usr_id=u.usr_id",$sess_id);
unless($ses->{user})
{
sleep 1;
return undef;
}
if($ses->{user}->{usr_status} eq 'BANNED')
{
delete $ses->{user};
$ses->message("Your account was banned by administrator.");
}
if($ses->{user}->{dtt}>30)
{
$db->Exec("UPDATE Sessions SET last_time=NOW() WHERE session_id=?",$sess_id);
$db->Exec("UPDATE Users SET usr_lastlogin=NOW(), usr_lastip=INET_ATON(?) WHERE usr_id=?", $ses->getIP, $ses->{user}->{usr_id} );
}
$ses->{user}->{premium}=1 if $ses->{user}->{exp_sec}>0;
if($c->{m_d} && $ses->{user}->{usr_mod})
{
$ses->{lang}->{usr_mod}=1;
$ses->{lang}->{m_d_f}=$c->{m_d_f};
$ses->{lang}->{m_d_a}=$c->{m_d_a};
$ses->{lang}->{m_d_c}=$c->{m_d_c};
}
#$ses->setCookie( $ses->{auth_cook} , $sess_id );
return $ses->{user};
}
sub Login
{
my ($no_redirect,$instant) = @_;
($f->{login}, $f->{password}) = split(':',$ses->decode_base64($ENV{HTTP_CGI_AUTHORIZATION})) if $instant;
$ses->{user} = $db->SelectRow("SELECT *, UNIX_TIMESTAMP(usr_premium_expire)-UNIX_TIMESTAMP() as exp_sec
FROM Users
WHERE usr_login=?
AND usr_password=ENCODE(?,?)", $f->{login}, $f->{password}, $c->{pasword_salt} );
unless($ses->{user})
{
sleep 1;
return undef;
}
$ses->{user}->{premium}=1 if $ses->{user}->{exp_sec}>0;
if($ses->{user}->{usr_status} eq 'PENDING')
{
my $id = $ses->{user}->{usr_id}."-".$ses->{user}->{usr_login};
delete $ses->{user};
$ses->message("Your account haven't confirmed yet.
Check your e-mail for confirm link or contact site administrator.
Or try to resend activation email");
}
if($ses->{user}->{usr_status} eq 'BANNED')
{
delete $ses->{user};
$ses->message("Your account was banned by administrator.");
}
return if $instant;
my $sess_id = $ses->randchar(16);
$db->Exec("DELETE FROM Sessions WHERE last_time + INTERVAL 5 DAY < NOW()");
$db->Exec("INSERT INTO Sessions (session_id,usr_id,last_time) VALUES (?,?,NOW())",$sess_id,$ses->{user}->{usr_id});
$db->Exec("UPDATE Users SET usr_lastlogin=NOW(), usr_lastip=INET_ATON(?) WHERE usr_id=?", $ses->getIP, $ses->{user}->{usr_id} );
$ses->setCookie( $ses->{auth_cook} , $sess_id, '+30d' );
$ses->setCookie('login',$f->{login},'+6M');
$ses->redirect( $f->{redirect} ) if $f->{redirect};
$ses->redirect( "$c->{site_url}/?op=my_files" ) unless $no_redirect;
return $ses->{user};
};
sub Register
{
my $msg = shift;
#my $rand = $ses->randchar(8);
#my %captcha = &GenerateCaptcha("rr$rand");
#&SecSave( 0, $ses->getIP(), $captcha{number}, $rand );
$c->{captcha}=1;
my %secure = $ses->SecSave( 0, 2 );
$f->{usr_login}=$ses->SecureStr($f->{usr_login});
$f->{usr_email}=$ses->SecureStr($f->{usr_email});
if($f->{aff_id}=~/^(\d+)$/i)
{
$ses->setCookie("aff",$1,'+14d');
}
$ses->PrintTemplate("registration.html",
#%captcha,
#'rand' => $rand,
%secure,
'usr_login' => $f->{usr_login},
'usr_email' => $f->{usr_email},
'usr_password' => $f->{usr_password},
'usr_password2' => $f->{usr_password2},
'coupons' => $c->{coupons},
'coupon_code' => $f->{coupon_code}||$f->{coupon},
'usr_pay_email' => $f->{usr_pay_email},
"pay_type_$f->{usr_pay_type}" => 1,
'msg' => $f->{msg}||$msg,
'paypal_email' => $c->{paypal_email},
'alertpay_email' => $c->{alertpay_email},
'webmoney_merchant_id'=> $c->{webmoney_merchant_id},
);
}
sub RegisterSave
{
$c->{captcha}=1;
&Register unless $ses->SecCheck( $f->{'rand'}, 0, $f->{code} );
&Register("Error: $ses->{lang}->{lang_login_too_short}") if length($f->{usr_login})<4;
&Register("Error: $ses->{lang}->{lang_login_too_long}") if length($f->{usr_login})>32;
&Register("Error: Invalid login: reserved word") if $f->{usr_login}=~/^(admin|images|captchas|files)$/;
&Register("Error: $ses->{lang}->{lang_invalid_login}") unless $f->{usr_login}=~/^[\w\-\_]+$/;
&Register("Error: Password contain bad symbols") if $f->{usr_password}=~/[<>"]/;
&Register("Error: $ses->{lang}->{lang_pass_too_short}") if length($f->{usr_password})<4;
&Register("Error: $ses->{lang}->{lang_pass_too_long}") if length($f->{usr_password})>32;
&Register("Error: $ses->{lang}->{lang_pass_dont_match}") if $f->{usr_password} ne $f->{usr_password2};
&Register("Error: $ses->{lang}->{lang_invalid_email}") unless $f->{usr_email}=~/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
&Register("Error: $ses->{lang}->{lang_mailhost_banned}") if $c->{mailhosts_not_allowed} && $f->{usr_email}=~/\@$c->{mailhosts_not_allowed}/i;
&Register("Error: $ses->{lang}->{lang_login_exist}") if $db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login});
&Register("Error: $ses->{lang}->{lang_email_exist}") if $db->SelectOne("SELECT usr_id FROM Users WHERE usr_email=?",$f->{usr_email});
my $confirm_key = $ses->randchar(8) if $c->{registration_confirm_email};
my $usr_status = $confirm_key ? 'PENDING' : 'OK';
my $premium_days=0;
$f->{coupon_code} = lc $f->{coupon_code};
my $aff = $ses->getCookie('aff')||0;
if($c->{coupons} && $f->{coupon_code})
{
my $hh;
for(split(/\|/,$c->{coupons}))
{
$hh->{lc($1)}=$2 if /^(.+?)=(\d+)$/;
}
$premium_days = $hh->{$f->{coupon_code}};
&Register("Invalid coupon code") unless $premium_days;
}
$db->Exec("INSERT INTO Users
SET usr_login=?,
usr_email=?,
usr_password=ENCODE(?,?),
usr_created=NOW(),
usr_premium_expire=NOW()+INTERVAL ? DAY,
usr_rapid_login=?,
usr_status=?,
usr_aff_id=?,
usr_pay_email=?,
usr_pay_type=?",$f->{usr_login},
$f->{usr_email},
$f->{usr_password},
$c->{pasword_salt},
$premium_days,
$confirm_key||'',
$usr_status,
$aff,
$f->{usr_pay_email}||'',
$f->{usr_pay_type}||'');
my $usr_id=$db->getLastInsertId;
$db->Exec("INSERT INTO Stats SET day=CURDATE(), registered=1 ON DUPLICATE KEY UPDATE registered=registered+1");
if($confirm_key)
{
my $t = $ses->CreateTemplate("registration_email.html");
$t->param( 'usr_login'=>$f->{usr_login}, 'usr_password'=>$f->{usr_password}, 'confirm_id'=>"$usr_id-$confirm_key" );
$c->{email_text}=1;
$ses->SendMail($f->{usr_email},$c->{email_from},"$c->{site_name} registration confirmation",$t->output);
$ses->message($ses->{lang}->{lang_account_created}) if $confirm_key;
}
my $err = $ses->ApplyPlugins('user_new', $f->{usr_login}, $f->{usr_password}, $f->{usr_email});
$ses->message("Registration complete but there were plugin errors:
$err") if $err;
$f->{login} = $f->{usr_login};
$f->{password} = $f->{usr_password};
&Login();
$ses->redirect( $c->{site_url} );
}
sub RegisterConfirm
{
my ($usr_id,$confirm_key)=split('-',$f->{confirm_account});
my $user = $db->SelectRow("SELECT *,DECODE(usr_password,?) as usr_password FROM Users WHERE usr_id=? AND usr_rapid_login=?",$c->{pasword_salt},$usr_id,$confirm_key);
unless($user)
{
sleep 1;
$ses->message("Invalid confirm code");
}
$ses->message("Account already confirmed") if $user->{usr_status} ne 'PENDING';
$db->Exec("UPDATE Users SET usr_status='OK', usr_rapid_login='' WHERE usr_id=?",$user->{usr_id});
$f->{login} = $user->{usr_login};
$f->{password} = $user->{usr_password};
&Login('no_redirect');
$ses->redirect( $c->{site_url}.'?msg=Account confirmed' );
}
sub ResendActivationCode
{
my ($adm_mode) = @_;
sleep(1) unless $adm_mode;
($f->{usr_id},$f->{usr_login}) = split(/-/,$f->{d});
my $user = $db->SelectRow("SELECT usr_id,usr_login,usr_email,usr_rapid_login,DECODE(usr_password,?) as usr_password
FROM Users
WHERE usr_id=?
AND usr_login=?",$c->{pasword_salt},$f->{usr_id},$f->{usr_login});
sleep(3) && $ses->message("Invalid ID") unless $user;
my $t = $ses->CreateTemplate("registration_email.html");
$t->param( 'usr_login'=>$user->{usr_login}, 'usr_password'=>$user->{usr_password}, 'confirm_id'=>"$user->{usr_id}-$user->{usr_rapid_login}" );
$c->{email_text}=1;
$ses->SendMail($user->{usr_email},$c->{email_from},"$c->{site_name} registration confirmation",$t->output);
$ses->redirect_msg("?op=admin_users","Activation email sent") if $adm_mode;
$ses->message("Activation email just resent.
To activate it follow the activation link sent to your e-mail.");
}
sub ForgotPass
{
if($f->{usr_login})
{
my $user = $db->SelectRow("SELECT *, DECODE(usr_password,?) as usr_password
FROM Users
WHERE usr_login=?
OR usr_email=?",$c->{pasword_salt},$f->{usr_login},$f->{usr_login});
$ses->message($ses->{lang}->{lang_no_login_email}) unless $user;
$c->{email_text}=1;
$ses->SendMail( $user->{usr_email}, $c->{email_from}, "$c->{site_name}: password reminder", "Login: $user->{usr_login}\nPassword: $user->{usr_password}" );
$ses->message($ses->{lang}->{lang_login_pass_sent});
}
$ses->PrintTemplate("forgot_pass.html");
}
sub UploadForm
{
$ses->message("Register on site to be able to upload files") if !$c->{enabled_anon} && !$ses->getUser;
my $type_filter = $utype eq 'prem' ? "AND srv_allow_premium=1" : "AND srv_allow_regular=1";
my $server = $db->SelectRow("SELECT * FROM Servers
WHERE srv_status='ON'
AND srv_disk+? <= srv_disk_max
$type_filter
ORDER BY srv_last_upload
LIMIT 1",$c->{max_upload_filesize}||100);
my $server_torrent = $db->SelectRow("SELECT * FROM Servers
WHERE srv_status='ON'
AND srv_disk+? <= srv_disk_max
$type_filter
AND srv_torrent=1
ORDER BY srv_last_upload
LIMIT 1",$c->{max_upload_filesize}||100);
$server = $db->SelectRow("SELECT * FROM Servers WHERE srv_id=?",$f->{srv_id}) if $ses->getUser && $ses->getUser->{usr_adm} && $f->{srv_id};
$ses->redirect('?op=admin_server_add') if !$server && $ses->getUser && $ses->getUser->{usr_adm};
$ses->message("We're sorry, there are no servers available for upload at the moment.
Refresh this page in some minutes.") unless $server;
$server->{srv_htdocs_url}=~s/\/(\w+)$//;
$server->{srv_tmp_url} = "$server->{srv_htdocs_url}/tmp";
$server_torrent->{srv_htdocs_url}=~s/\/(\w+)$//;
$server_torrent->{srv_tmp_url} = "$server_torrent->{srv_htdocs_url}/tmp";
my @url_fields = map{{ 'number'=>$_, 'enable_file_descr'=>$c->{enable_file_descr} }} (1..$c->{max_upload_files});
my ($rapid_login,$rapid_pass)=($ses->getUser->{usr_rapid_login},$ses->getUser->{usr_rapid_pass}) if $ses->getUser;
my $stats;
if($c->{show_server_stats})
{
$stats = $db->SelectRow("SELECT SUM(srv_files) as files_total, ROUND(SUM(srv_disk)/1073741824,2) as used_total FROM Servers");
$stats->{user_total} = $db->SelectOne("SELECT COUNT(*) FROM Users");
}
my $mmrr=$c->{"\x6d\x5f\x72"};
my ($leech_on,$leech_left_mb);
if($mmrr && $ses->getUser && $c->{max_rs_leech})
{
$leech_left_mb = $c->{max_rs_leech} - $db->SelectOne("SELECT ROUND(SUM(size)/1048576) FROM IP2RS WHERE created>NOW()-INTERVAL 24 HOUR AND (usr_id=? OR ip=INET_ATON(?))",$ses->getUserId,$ses->getIP);
$leech_on=1 if $leech_left_mb>0;
}
my $mmtt=$ses->iPlg('t');
my $mmtt_on = $mmtt && $c->{"\x74\x6f\x72\x72\x65\x6e\x74\x5f\x64\x6c"};
#$mmtt=0 unless $server_torrent->{srv_id};
my $tt_msg;
if($mmtt && !$server_torrent->{srv_id})
{
$mmtt_on=0;
$tt_msg.=$ses->{lang}->{lang_no_torrent_srv}."
";
}
if($mmtt && $c->{torrent_dl_slots} && $db->SelectOne("SELECT COUNT(*) FROM Torrents WHERE usr_id=? AND status='WORKING'",$ses->getUserId)>=$c->{torrent_dl_slots})
{
$mmtt_on=0;
$tt_msg.=$ses->{lang}->{lang_full_torr_slots}." ($c->{torrent_dl_slots})
";
}
my $mmff=$ses->iPlg('f');
my $mmff_on = $mmff && $c->{flash_upload};
my $exts = join ';', map{"*.$_"} split(/\|/,$c->{ext_allowed});
my $exts2 = join ':', map{"*.$_"} split(/\|/,$c->{ext_allowed});
$exts2||='*.*';
my @supported;
my $sites = {rs => 'Rapidshare.com',
mu => 'Megaupload.com',
hf => 'Hotfile.com',
nl => 'Netload.in',
mf => 'Mediafire.com',
fs => '4shared.com',
df => 'Depositfiles.com',
ff => 'Filefactory.com',
es => 'Easy-share.com',
sm => 'Filesonic.com',
ug => 'Uploading.com',
fe => 'Fileserve.com',
};
for(keys %$sites)
{
push @supported, $sites->{$_} if $c->{"$_\_logins"};
}
push @supported, '2shared.com';
my $supported_sites = join ', ', sort @supported;
my $data = $db->SelectARef("SELECT name,value FROM UserData WHERE usr_id=?",$ses->getUserId);
my @site_logins = map{ {name=>$_->{name},value=>$_->{value}} } grep{$_->{name}=~/_logins$/i && $_->{value}} @$data;
$ses->PrintTemplate("upload_form.html",
'ext_allowed' => $c->{ext_allowed},
'ext_not_allowed' => $c->{ext_not_allowed},
'max_upload_files' => $c->{max_upload_files},
'max_upload_files_rows' => $c->{max_upload_files}<=10 ? $c->{max_upload_files} : 10,
'max_upload_filesize' => $c->{max_upload_filesize},
'max_upload_filesize_bytes' => $c->{max_upload_filesize}*1024*1024,
'enable_file_descr'=> $c->{enable_file_descr},
'remote_url' => $c->{remote_url},
'srv_cgi_url' => $server->{srv_cgi_url},
'srv_tmp_url' => $server->{srv_tmp_url},
'srv_htdocs_url' => $server->{srv_htdocs_url},
'srv_torrent_cgi_url' => $server_torrent->{srv_cgi_url},
'srv_torrent_tmp_url' => $server_torrent->{srv_tmp_url},
'sess_id' => $ses->getCookie( $ses->{auth_cook} ),
'mmrr' => $mmrr,
'mmtt' => $mmtt,
'mmtt_on' => $mmtt_on,
'tt_msg' => $tt_msg,
'mmff' => $mmff,
'mmff_on' => $mmff_on,
'utype' => $utype,
'url_fields' => \@url_fields,
'rapid_login' => $rapid_login,
'rapid_pass' => $rapid_pass,
'supported_sites' => $supported_sites,
'exts' => $exts,
'exts2' => $exts2,
'leech_left_mb' => $leech_left_mb,
'leech_on' => $leech_on,
%{$stats},
'site_logins' => \@site_logins,
'max_rs_leech' => $c->{max_rs_leech},
);
}
sub UploadResult
{
my $fnames = &ARef($f->{'fn'});
my $status = &ARef($f->{'st'});
my @arr;exit if $c->{site_url}!~/\/\/(www\.|)$ses->{dc}/i || !$ses->{dc};
for(my $i=0;$i<=$#$fnames;$i++)
{
$fnames->[$i] = $ses->SecureStr($fnames->[$i]);
$status->[$i] = $ses->SecureStr($status->[$i]);
unless($status->[$i] eq 'OK')
{
push @arr, {file_name => $fnames->[$i],'error' => " $status->[$i]"};
next;
}
my $file = $db->SelectRow("SELECT f.*, s.srv_htdocs_url
FROM Files f, Servers s
WHERE f.file_code=?
AND f.srv_id=s.srv_id
AND f.file_created > NOW()-INTERVAL 15 MINUTE",$fnames->[$i]);
next unless $file;
$file->{file_size2} = $file->{file_size};
$file->{file_size} = $ses->makeFileSize($file->{file_size});
$file->{download_link} = $ses->makeFileLink($file);
$file->{delete_link} = "$file->{download_link}?killcode=$file->{file_del_id}";
if($c->{m_i} && $file->{file_name}=~/\.(jpg|jpeg|gif|png|bmp)$/i)
{
$ses->getThumbLink($file);
}
if($c->{m_v} && $c->{video_embed} && $file->{file_spec}=~/^V/)
{
my @fields=qw(vid vid_length vid_width vid_height vid_bitrate vid_audio_bitrate vid_audio_rate vid_codec vid_audio_codec vid_fps);
my @vinfo = split(/\|/,$file->{file_spec});
$file->{$fields[$_]}=$vinfo[$_] for (0..$#fields);
$file->{vid_width}||=400;
$file->{vid_height}||=300;
$file->{vid_height}+=24;
$file->{video_embed_code}=1;
}
push @arr, $file;
}
exit unless $ses->{cq} eq $c->{$ses->{xq}};
if($f->{link_rcpt}=~/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/ && $#arr>-1)
{
my $tmpl = $ses->CreateTemplate("confirm_email_user.html");
$tmpl->param('files' => \@arr);
$ses->SendMail( $f->{link_rcpt}, $c->{email_from}, "$c->{site_name}: File send notification", $tmpl->output() );
}
if($c->{deurl_site} && $c->{deurl_api_key})
{
require LWP::UserAgent;
my $ua = LWP::UserAgent->new(timeout => 5);
my $author = $ses->getUser ? $ses->getUser->{usr_login} : '';
for(@arr)
{
my $res = $ua->post("$c->{deurl_site}/",
{
op => 'api',
api_key => $c->{deurl_api_key},
url => $_->{download_link},
size => sprintf("%.01f",$_->{file_size2}/1048576),
author => $author,
}
)->content;
($_->{deurl}) = $res=~/^OK:(.+)$/;
}
}
if($ses->iPlg('w') && $c->{m_w} && $ses->getUser)
{
my $data = $db->SelectARef("SELECT name,value FROM UserData WHERE usr_id=?",$ses->getUserId);
my $udata;
$udata->{$_->{name}}=$_->{value} for @$data;
if($udata->{twitter_login} && $udata->{twitter_password})
{
require Net::Twitter::Lite;
my $nt = Net::Twitter::Lite->new(consumer_key => $c->{twit_consumer1},
consumer_secret => $c->{twit_consumer2},
access_token => $udata->{twitter_login},
access_token_secret => $udata->{twitter_password},
);
for(@arr)
{
my $descr = substr($_->{file_descr},0,100);
$descr="$descr " if $descr;
$descr.="$_->{file_name} " if $udata->{twitter_filename};
eval { $nt->update("$descr$_->{download_link}") };
die"Twitter error: $@" if $@;
}
}
}
if(-f "$c->{site_path}/catalogue.rss" && time-(lstat("$c->{site_path}/catalogue.rss"))[9]>3)
{
my $last = $db->SelectARef("SELECT file_code,file_name,file_descr,DATE_FORMAT(CONVERT_TZ(file_created, 'SYSTEM', '+0:00'),'%a, %d %b %Y %T GMT') as date FROM Files WHERE file_public=1 ORDER BY file_created DESC LIMIT 20");
for (@$last)
{
$_->{download_link} = $ses->makeFileLink($_);
$_->{download_link}=~s/\&/&/gs;
$_->{download_link}=$ses->SecureStr($_->{download_link});
$_->{file_name}=~s/\&/&/gs;
$_->{file_name}=$ses->SecureStr($_->{file_name});
}
my $tt = $ses->CreateTemplate("feed.rss");
$tt->param(list => $last);
open FILE, ">$c->{site_path}/catalogue.rss";
print FILE $tt->output;
close FILE;
}exit unless $ses->{dc};
$ses->ApplyPlugins('file_new',$_,$ses->db) for @arr;
$ses->PrintTemplate("upload_results.html",
'links' => \@arr,
);
}
sub AdminDownloads
{
my $list = $db->SelectARef("SELECT *, INET_NTOA(ip) as ip FROM IP2Files WHERE file_id=? ORDER BY created DESC".$ses->makePagingSQLSuffix($f->{page}),$f->{file_id});
my $total = $db->SelectOne("SELECT COUNT(*) FROM IP2Files WHERE file_id=?",$f->{file_id});
$ses->PrintTemplate("admin_downloads.html",
'list'=>$list,
'paging' => $ses->makePagingLinks($f,$total),
);
}
sub AdminDownloadsAll
{
$f->{usr_id}=$db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login}) if $f->{usr_login};
$f->{owner_id}=$db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{owner_login}) if $f->{owner_login};
my $filter_user = "AND i.usr_id=$f->{usr_id}" if $f->{usr_id}=~/^\d+$/;
my $filter_owner = "AND i.owner_id=$f->{owner_id}" if $f->{owner_id}=~/^\d+$/;
my $filter_ip = "AND i.ip=INET_ATON('$f->{ip}')" if $f->{ip}=~/^[\d\.]+$/;
my $list = $db->SelectARef("SELECT i.*, INET_NTOA(i.ip) as ip,
f.file_name, f.file_code,
u.usr_login
FROM (IP2Files i, Files f)
LEFT JOIN Users u ON i.usr_id = u.usr_id
WHERE i.file_id=f.file_id
$filter_user
$filter_owner
$filter_ip
ORDER BY created DESC".$ses->makePagingSQLSuffix($f->{page}));
my $total = $db->SelectOne("SELECT COUNT(*)
FROM IP2Files i
WHERE 1
$filter_user
$filter_owner
$filter_ip
");
for(@$list)
{
$_->{download_link} = $ses->makeFileLink($_);
$_->{money}= $_->{money} eq '0.0000' ? '' : "\$$_->{money}";
$_->{money}=~s/0+$//;
#$_->{referer}="http://$_->{referer}" unless $_->{referer}=~/^\//;
#$_->{referer} = CGI::Simple::Util::unescape($_->{referer});
#$_->{referer_txt} = length($_->{referer})>42 ? substr($_->{referer},0,42).'
' : $_->{referer};
}
$ses->PrintTemplate("admin_downloads_all.html",
list =>$list,
usr_login => $f->{usr_login},
ip => $f->{ip},
paging => $ses->makePagingLinks($f,$total),
);
}
sub News
{
my $news = $db->SelectARef("SELECT n.*, DATE_FORMAT(n.created,'%M %dth, %Y') as created_txt,
COUNT(c.cmt_id) as comments
FROM News n
LEFT JOIN Comments c ON c.cmt_type=2 AND c.cmt_ext_id=n.news_id
WHERE n.created<=NOW()
GROUP BY n.news_id
ORDER BY n.created DESC".$ses->makePagingSQLSuffix($f->{page}));
my $total = $db->SelectOne("SELECT COUNT(*) FROM News WHERE created{site_url} = $c->{site_url};
$_->{news_text} =~s/\n/
/gs;
$_->{enable_file_comments} = $c->{enable_file_comments};
}
$ses->PrintTemplate("news.html",
'news' => $news,
'paging' => $ses->makePagingLinks($f,$total),
);
}
sub NewsDetails
{
my $news = $db->SelectRow("SELECT *, DATE_FORMAT(created,'%M %e, %Y at %r') as date
FROM News
WHERE news_id=? AND created<=NOW()",$f->{news_id});
$ses->message("No such news") unless $news;
$news->{news_text} =~s/\n/
/gs;
my $comments = &CommentsList(2,$f->{news_id});
$ses->{page_title} = $ses->{meta_descr} = $news->{news_title};
$ses->PrintTemplate("news_details.html",
%{$news},
'cmt_type' => 2,
'cmt_ext_id' => $news->{news_id},
'comments' => $comments,
'enable_file_comments' => $c->{enable_file_comments},
);
}
sub CommentsList
{
my ($cmt_type,$cmt_ext_id) = @_;
my $list = $db->SelectARef("SELECT *, INET_NTOA(cmt_ip) as ip, DATE_FORMAT(created,'%M %e, %Y at %r') as date
FROM Comments
WHERE cmt_type=?
AND cmt_ext_id=?
ORDER BY created",$cmt_type,$cmt_ext_id);
for (@$list)
{
$_->{cmt_text}=~s/\n/
/gs;
$_->{cmt_name} = "$_->{cmt_name}" if $_->{cmt_website};
if($ses->getUser && $ses->getUser->{usr_adm})
{
$_->{email} = $_->{cmt_email};
$_->{adm} = 1;
}
}
return $list;
}
sub ChangeLanguage
{
$ses->setCookie('lang',$f->{lang});
$ses->redirect($ENV{HTTP_REFERER}||$c->{site_url});
}
sub Page
{
my $tmpl = shift || $f->{tmpl};
$ses->{language}=$c->{default_language} unless -e "Templates/Pages/$ses->{language}/$tmpl.html";
&UploadForm unless -e "Templates/Pages/$ses->{language}/$tmpl.html";
$ses->PrintTemplate("Pages/$ses->{language}/$tmpl.html");
}
sub Contact
{
$c->{captcha}=1;
my %secure = $ses->SecSave( 1, 2 );
$f->{$_}=$ses->SecureStr($f->{$_}) for keys %$f;
$f->{email}||=$ses->getUser->{usr_email} if $ses->getUser;
$ses->PrintTemplate("contact.html",
%{$f},
%secure,
);
}
sub ContactSend
{
&Contact unless $ENV{REQUEST_METHOD} eq 'POST';
$c->{captcha}=1;
&Contact unless $ses->SecCheck( $f->{'rand'}, 1, $f->{code} );
$f->{msg}.="Email is not valid. " unless $f->{email} =~ /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
$f->{msg}.="Message required. " unless $f->{message};
&Contact if $f->{msg};
$f->{$_}=$ses->SecureStr($f->{$_}) for keys %$f;
$f->{message} = "You've got new message from $c->{site_name}.\n\nName: $f->{name}\nE-mail: $f->{email}\nIP: $ENV{REMOTE_ADDR}\n\n$f->{message}";
$c->{email_text}=1;
$ses->SendMail($c->{contact_email}, $c->{email_from}, "New message from $c->{site_name} contact form", $f->{message});
$ses->redirect("$c->{site_url}/?msg=Message sent successfully");
}
sub DelFile
{
my ($id,$del_id) = @_;
$id||=$f->{id};
$del_id||=$f->{del_id};
my $file = $db->SelectRow("SELECT * FROM Files f, Servers s
WHERE file_code=?
AND f.srv_id=s.srv_id",$id);
$ses->message('No such file exist') unless $file;
$ses->message('Server with this file is Offline') if $file->{srv_status} eq 'OFF';
unless($file->{file_del_id} eq $del_id)
{
sleep 2;
$ses->message('Wrong Delete ID')
}
if($f->{confirm} eq 'yes')
{
$ses->DeleteFile($file);
$ses->PrintTemplate("delete_file.html", 'status'=>$ses->{lang}->{lang_file_deleted});
}
else
{
$ses->PrintTemplate("delete_file.html",
'confirm' =>1,
'id' => $id,
'del_id' => $del_id,
'fname' => $file->{file_name},
);
}
}
sub AdminFiles
{
if($f->{del_code})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $file = $db->SelectRow("SELECT f.*, u.usr_aff_id
FROM Files f
LEFT JOIN Users u ON f.usr_id=u.usr_id
WHERE file_code=?",$f->{del_code});
$ses->message("No such file") unless $file;
$file->{del_money}=$c->{del_money_file_del};
$ses->DeleteFile($file);
if($f->{del_info})
{
$db->Exec("INSERT INTO DelReasons SET file_code=?, file_name=?, info=?",$file->{file_code},$file->{file_name},$f->{del_info});
}
$ses->redirect("$c->{site_url}/?op=admin_files");
}
if($f->{del_selected} && $f->{file_id})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
die"security error" unless $ENV{REQUEST_METHOD} eq 'POST';
my $files = $db->SelectARef("SELECT * FROM Files WHERE file_id IN (".join(',',@{&ARef($f->{file_id})}).")");
$_->{del_money}=$c->{del_money_file_del} for @$files;
$ses->DeleteFilesMass($files);
if($f->{del_info})
{
for(@$files)
{
$db->Exec("INSERT INTO DelReasons SET file_code=?, file_name=?, info=?",$_->{file_code},$_->{file_name},$f->{del_info});
}
}
$ses->redirect("$c->{site_url}/?op=admin_files");
}
if($f->{srv_id_to} && $f->{file_id})
{
my $server2 = $db->SelectRow("SELECT * FROM Servers WHERE srv_id=?",$f->{srv_id_to});
my $files = $db->SelectARef("SELECT * FROM Files WHERE file_id IN (".join(',',@{&ARef($f->{file_id})}).") AND srv_id<>? GROUP BY file_real",$f->{srv_id_to});
for(@$files)
{
$_->{file_real_id}||=$_->{file_id};
}
my %h;
push(@{$h{$_->{srv_id}}},$_) for @$files;
print"Content-type:text/html\n\n";
print"";
for my $srv_id (keys %h)
{
my $server = $db->SelectRow("SELECT * FROM Servers WHERE srv_id=?",$srv_id);
print"Transfer from server $server->{srv_id} - $server->{srv_name}
\n";
print"";
print"";
print""
}
print"
Back to Admin Files";
exit;
}
my $filter_files;
$f->{mass_search}=~s/\r//gs;
$f->{mass_search}=~s/\s+\n/\n/gs;
if($f->{mass_search})
{
my @arr;
push @arr,$1 while $f->{mass_search}=~/\/(\w{12})(\/|\n|$)/gs;
$filter_files = "AND file_code IN ('".join("','",@arr)."')";
}
$f->{sort_field}||='file_created';
$f->{sort_order}||='down';
$f->{per_page}||=$c->{items_per_page};
$f->{usr_id}=$db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login}) if $f->{usr_login};
my $filter_key = "AND (file_name LIKE '%$f->{key}%' OR file_code='$f->{key}')" if $f->{key};
my $filter_user = "AND f.usr_id='$f->{usr_id}'" if $f->{usr_id};
my $filter_server = "AND f.srv_id='$f->{srv_id}'" if $f->{srv_id}=~/^\d+$/;
my $filter_down_more = "AND f.file_downloads>$f->{down_more}" if $f->{down_more}=~/^\d+$/;
my $filter_down_less = "AND f.file_downloads<$f->{down_less}" if $f->{down_less}=~/^\d+$/;
my $filter_size_more = "AND f.file_size>".$f->{size_more}*1048576 if $f->{size_more}=~/^\d+$/;
my $filter_size_less = "AND f.file_size<".$f->{size_less}*1048576 if $f->{size_less}=~/^\d+$/;
my $filter_ip = "AND f.file_ip=INET_ATON('$f->{ip}')" if $f->{ip}=~/^\d+\.\d+\.\d+\.\d+$/;
my $files = $db->SelectARef("SELECT f.*, file_downloads*file_size as traffic,
INET_NTOA(file_ip) as file_ip,
u.usr_id, u.usr_login
FROM Files f
LEFT JOIN Users u ON f.usr_id = u.usr_id
WHERE 1
$filter_files
$filter_key
$filter_user
$filter_server
$filter_down_more
$filter_down_less
$filter_size_more
$filter_size_less
$filter_ip
".&makeSortSQLcode($f,'file_created').$ses->makePagingSQLSuffix($f->{page},$f->{per_page}) );
my $total = $db->SelectOne("SELECT COUNT(*) as total_count
FROM Files f
WHERE 1
$filter_files
$filter_key
$filter_user
$filter_server
$filter_down_more
$filter_down_less
$filter_size_more
$filter_size_less
$filter_ip
");
for(@$files)
{
$_->{site_url} = $c->{site_url};
my $file_name = $_->{file_name};
utf8::decode($file_name);
$_->{file_name_txt} = length($file_name)>$c->{display_max_filename} ? substr($file_name,0,$c->{display_max_filename}).'
' : $file_name;
utf8::encode($_->{file_name_txt});
$_->{file_size2} = $ses->makeFileSize($_->{file_size});
$_->{traffic} = $_->{traffic} ? $ses->makeFileSize($_->{traffic}) : '';
$_->{download_link} = $ses->makeFileLink($_);
$_->{file_downloads}||='';
$_->{file_last_download}='' unless $_->{file_downloads};
$_->{file_money} = $_->{file_money} eq '0.0000' ? '' : '$'.$_->{file_money};
$_->{file_money}=~s/0+$//;
}
my %sort_hash = &makeSortHash($f,['file_name','usr_login','file_downloads','file_money','file_size','traffic','file_created','file_last_download']);
my $servers = $db->SelectARef("SELECT srv_id,srv_name FROM Servers WHERE srv_status<>'OFF' ORDER BY srv_id");
$ses->PrintTemplate("admin_files.html",
'files' => $files,
'key' => $f->{key},
'usr_id' => $f->{usr_id},
'down_more' => $f->{down_more},
'down_less' => $f->{down_less},
'size_more' => $f->{size_more},
'size_less' => $f->{size_less},
"per_$f->{per_page}" => ' checked',
%sort_hash,
'paging' => $ses->makePagingLinks($f,$total),
'items_per_page' => $c->{items_per_page},
'servers' => $servers,
'usr_login' => $f->{usr_login},
);
}
sub ModeratorFiles
{
$ses->message("Access denied") if !$ses->getUser->{usr_adm} && !($c->{m_d} && $ses->getUser->{usr_mod} && $c->{m_d_f});
if($f->{del_selected} && $f->{file_id})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $files = $db->SelectARef("SELECT * FROM Files WHERE file_id IN (".join(',',@{&ARef($f->{file_id})}).")");
$_->{del_money}=$c->{del_money_file_del} for @$files;
$ses->DeleteFilesMass($files);
if($f->{del_info})
{
for(@$files)
{
$db->Exec("INSERT INTO DelReasons SET file_code=?, file_name=?, info=?",$_->{file_code},$_->{file_name},$f->{del_info});
}
}
$ses->redirect("$c->{site_url}/?op=moderator_files");
}
my $filter_files;
if($f->{mass_search})
{
my @arr;
push @arr,$1 while $f->{mass_search}=~/\/(\w{12})\//gs;
$filter_files = "AND file_code IN ('".join("','",@arr)."')";
}
$f->{per_page}||=$c->{items_per_page};
$f->{usr_id}=$db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login}) if $f->{usr_login};
my $filter_key = "AND (file_name LIKE '%$f->{key}%' OR file_code='$f->{key}')" if $f->{key};
my $filter_user = "AND f.usr_id='$f->{usr_id}'" if $f->{usr_id};
my $filter_ip = "AND f.file_ip=INET_ATON('$f->{ip}')" if $f->{ip}=~/^[\d\.]+$/;
my $files = $db->SelectARef("SELECT f.*,
INET_NTOA(file_ip) as file_ip,
u.usr_id, u.usr_login
FROM Files f
LEFT JOIN Users u ON f.usr_id = u.usr_id
WHERE 1
$filter_files
$filter_key
$filter_user
$filter_ip
ORDER BY file_created DESC
".$ses->makePagingSQLSuffix($f->{page},$f->{per_page}) );
my $total = $db->SelectOne("SELECT COUNT(*) as total_count
FROM Files f
WHERE 1
$filter_files
$filter_key
$filter_user
$filter_ip
");
for(@$files)
{
$_->{site_url} = $c->{site_url};
my $file_name = $_->{file_name};
utf8::decode($file_name);
$_->{file_name_txt} = length($file_name)>$c->{display_max_filename} ? substr($file_name,0,$c->{display_max_filename}).'
' : $file_name;
utf8::encode($_->{file_name_txt});
$_->{file_size2} = sprintf("%.01f Mb",$_->{file_size}/1048576);
$_->{download_link} = $ses->makeFileLink($_);
}
$ses->PrintTemplate("admin_files_moderator.html",
'files' => $files,
'key' => $f->{key},
'usr_id' => $f->{usr_id},
"per_$f->{per_page}" => ' checked',
'paging' => $ses->makePagingLinks($f,$total),
'items_per_page' => $c->{items_per_page},
'usr_login' => $f->{usr_login},
);
}
sub AdminUsers
{
if($f->{del_id})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $files = $db->SelectARef("SELECT srv_id,file_code,file_id,file_real,file_real_id FROM Files WHERE usr_id=?",$f->{del_id});
$ses->DeleteFilesMass($files);
$ses->DeleteUserDB($f->{del_id});
$ses->redirect("?op=admin_users");
}
if($f->{del_pending}=~/^\d+$/)
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $users = $db->SelectARef("SELECT * FROM Users WHERE usr_status='PENDING' AND usr_created{del_pending});
for my $user (@$users)
{
my $files = $db->SelectARef("SELECT srv_id,file_code,file_id,file_real,file_real_id FROM Files WHERE usr_id=?",$user->{usr_id});
$ses->DeleteFilesMass($files);
$ses->DeleteUserDB($user->{usr_id});
}
$ses->redirect_msg("?op=admin_users","Deleted users: ".($#$users+1));
}
if($f->{del_inactive}=~/^\d+$/)
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $users = $db->SelectARef("SELECT * FROM Users
WHERE usr_created{del_inactive},$f->{del_inactive});
for my $user (@$users)
{
my $files = $db->SelectARef("SELECT srv_id,file_code,file_id,file_real,file_real_id FROM Files WHERE usr_id=?",$user->{usr_id});
$ses->DeleteFilesMass($files);
$ses->DeleteUserDB($user->{usr_id});
}
$ses->redirect_msg("?op=admin_users","Deleted users: ".($#$users+1));
}
if($f->{del_users} && $f->{usr_id})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $users = $db->SelectARef("SELECT * FROM Users WHERE usr_id IN (".join(',',@{&ARef($f->{usr_id})}).")");
for my $user (@$users)
{
my $files = $db->SelectARef("SELECT srv_id,file_code,file_id,file_real,file_real_id FROM Files WHERE usr_id=?",$user->{usr_id});
$ses->DeleteFilesMass($files);
$ses->DeleteUserDB($user->{usr_id});
}
$ses->redirect("?op=admin_users");
}
if($f->{extend_premium_all})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
$db->Exec("UPDATE Users SET usr_premium_expire=usr_premium_expire + INTERVAL ? DAY WHERE usr_premium_expire>=NOW()",$f->{extend_premium_all});
$ses->redirect("?op=admin_users");
}
if($f->{resend_activation})
{
my $user = $db->SelectRow("SELECT usr_id,usr_login FROM Users WHERE usr_id=?",$f->{resend_activation});
$f->{d} = "$user->{usr_id}-$user->{usr_login}";
&ResendActivationCode(1);
}
if($f->{activate})
{
$db->Exec("UPDATE Users SET usr_status='OK', usr_rapid_login='' WHERE usr_id=?",$f->{activate});
$ses->redirect_msg("?op=admin_users","User activated");
}
$f->{sort_field}||='usr_created';
$f->{sort_order}||='down';
my $filter_key = "AND (usr_login LIKE '%$f->{key}%' OR usr_email LIKE '%$f->{key}%')" if $f->{key};
$filter_key = "AND usr_lastip=INET_ATON('$f->{key}')" if $f->{key}=~/^\d+\.\d+\.\d+\.\d+$/;
my $filter_prem= "AND usr_premium_expire>NOW()" if $f->{premium_only};
my $filter_money= "AND usr_money>=$f->{money}" if $f->{money}=~/^[\d\.]+$/;
my $users = $db->SelectARef("SELECT u.*,
INET_NTOA(usr_lastip) as usr_ip,
COUNT(f.file_id) as files,
SUM(f.file_size) as disk_used,
UNIX_TIMESTAMP(usr_premium_expire)-UNIX_TIMESTAMP() as exp_sec,
TO_DAYS(CURDATE())-TO_DAYS(usr_lastlogin) as last_visit
FROM Users u
LEFT JOIN Files f ON u.usr_id = f.usr_id
WHERE 1
$filter_key
$filter_prem
$filter_money
GROUP BY usr_id
".&makeSortSQLcode($f,'usr_created').$ses->makePagingSQLSuffix($f->{page}) );
my $totals = $db->SelectRow("SELECT COUNT(*) as total_count
FROM Users f WHERE 1
$filter_key
$filter_prem
$filter_money");
for(@$users)
{
$_->{site_url} = $c->{site_url};
$_->{disk_used} = $_->{disk_used} ? $ses->makeFileSize($_->{disk_used}) : '';
$_->{premium} = $_->{exp_sec}>0;
$_->{last_visit} = defined $_->{last_visit} ? "$_->{last_visit} $ses->{lang}->{lang_days_ago}" : $ses->{lang}->{lang_never};
substr($_->{usr_created},-3)='';
$_->{"status_$_->{usr_status}"}=1;
$_->{usr_money} = $_->{usr_money}=~/^[0\.]+$/ ? '' : '$'.$_->{usr_money};
$_->{usr_money}=~s/0+$//;
}
my %sort_hash = &makeSortHash($f,['usr_login','usr_email','files','usr_created','disk_used','last_visit','usr_money']);
$ses->PrintTemplate("admin_users.html",
'users' => $users,
%{$totals},
'key' => $f->{key},
'premium_only' => $f->{premium_only},
'money' => $f->{money},
%sort_hash,
'paging' => $ses->makePagingLinks($f,$totals->{total_count}),
);
}
sub AdminUserEdit
{
if($f->{save})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
$db->Exec("UPDATE Users
SET usr_login=?,
usr_email=?,
usr_premium_expire=?,
usr_status=?,
usr_money=?,
usr_disk_space=?,
usr_mod=?
WHERE usr_id=?",$f->{usr_login},$f->{usr_email},$f->{usr_premium_expire},$f->{usr_status},$f->{usr_money},$f->{usr_disk_space},$f->{usr_mod},$f->{usr_id});
$db->Exec("UPDATE Users SET usr_password=ENCODE(?,'$c->{pasword_salt}') WHERE usr_id=?",$f->{usr_password},$f->{usr_id}) if $f->{usr_password};
$ses->redirect("?op=admin_user_edit&usr_id=$f->{usr_id}");
}
my $user = $db->SelectRow("SELECT *, UNIX_TIMESTAMP(usr_premium_expire)-UNIX_TIMESTAMP() as exp_sec, DECODE(usr_password,'$c->{pasword_salt}') as usr_password
FROM Users WHERE usr_id=?
",$f->{usr_id});
my $transactions = $db->SelectARef("SELECT * FROM Transactions WHERE usr_id=? AND verified=1 ORDER BY created DESC",$f->{usr_id});
$_->{site_url}=$c->{site_url} for @$transactions;
my $payments = $db->SelectARef("SELECT * FROM Payments WHERE usr_id=? ORDER BY created DESC",$f->{usr_id});
my $referrals = $db->SelectARef("SELECT usr_id,usr_login,usr_created,usr_money,usr_aff_id
FROM Users
WHERE usr_aff_id=?
ORDER BY usr_created DESC
LIMIT 11",$f->{usr_id});
$referrals->[10]->{more}=1 if $#$referrals>9;
require Time::Elapsed;
my $et = new Time::Elapsed;
$ses->PrintTemplate("admin_user_form.html",
%{$user},
expire_elapsed => $user->{exp_sec}>0 ? $et->convert($user->{exp_sec}) : '',
transactions => $transactions,
payments => $payments,
"status_$user->{usr_status}" => ' selected',
referrals => $referrals,
m_d => $c->{m_d},
);
}
sub AdminUserReferrals
{
my $referrals = $db->SelectARef("SELECT usr_id,usr_login,usr_created,usr_money,usr_aff_id
FROM Users
WHERE usr_aff_id=?
ORDER BY usr_created DESC
".$ses->makePagingSQLSuffix($f->{page}),$f->{usr_id});
my $total = $db->SelectOne("SELECT COUNT(*) FROM Users WHERE usr_aff_id=?",$f->{usr_id});
my $user = $db->SelectRow("SELECT usr_id,usr_login FROM Users WHERE usr_id=?",$f->{usr_id});
$ses->PrintTemplate("admin_user_referrals.html",
referrals => $referrals,
'paging' => $ses->makePagingLinks($f,$total),
%{$user},
);
}
sub AdminTorrents
{
if($f->{del_torrent})
{
my $torr = $db->SelectRow("SELECT * FROM Torrents WHERE sid=?",$f->{del_torrent});
$ses->redirect("$c->{site_url}/?op=admin_torrents") unless $torr;
my $res = $ses->api2($torr->{srv_id},{
op => 'torrent_delete',
sid => $f->{del_torrent},
});
$ses->message("Error1:$res") unless $res eq 'OK';
$db->Exec("DELETE FROM Torrents WHERE sid=? AND status='WORKING'",$f->{del_torrent});
$ses->redirect("$c->{site_url}/?op=admin_torrents")
}
if($f->{'kill'})
{
$ses->api2($f->{srv_id},{op => 'torrent_kill'});
$ses->redirect("$c->{site_url}/?op=admin_torrents");
}
my $servers = $db->SelectARef("SELECT * FROM Servers WHERE srv_torrent=1");
for(@$servers)
{
my $res = $ses->api2($_->{srv_id},{ op => 'torrent_status' });
$_->{active}=1 if $res eq 'ON';
}
my $torrents = $db->SelectARef("SELECT t.*, UNIX_TIMESTAMP()-UNIX_TIMESTAMP(t.created) as working,
u.usr_login
FROM Torrents t, Users u
WHERE t.status='WORKING'
AND t.usr_id=u.usr_id
ORDER BY created DESC
");
for my $t (@$torrents)
{
my @files = split("\n",$t->{files});
$t->{file_list} = join('
',map{/^(.+):(\d+)$/;"$1 (".sprintf("%.1f Mb",$2/1048576)."<\/i>)"}@files );
$t->{file_list} =~ s/'/\\'/g;
$t->{title}=$files[0];
$t->{title}=~s/^(.+?)\/.+/$1/;
$t->{title}=~s/:\d+$//;
($t->{done},$t->{total},$t->{down_speed},$t->{up_speed})=split(':',$t->{progress});
$t->{percent}=sprintf("%.01f", 100*$t->{done}/$t->{total} );
$t->{done} = sprintf("%.0f", $t->{done}/1048576 );
$t->{total} = sprintf("%.0f", $t->{total}/1048576 );
$t->{working} = $t->{working}>3600*3 ? sprintf("%.1f hours",$t->{working}/3600) : sprintf("%.0f mins",$t->{working}/60)
}
$ses->PrintTemplate("admin_torrents.html",
torrents => $torrents,
servers => $servers,
);
}
sub AdminServers
{
my $servers = $db->SelectARef("SELECT s.*
FROM Servers s
ORDER BY srv_created
");
for(@$servers)
{
$_->{srv_disk_percent} = sprintf("%.01f",100*$_->{srv_disk}/$_->{srv_disk_max});
$_->{srv_disk} = sprintf("%.01f",$_->{srv_disk}/1073741824);
$_->{srv_disk_max} = int $_->{srv_disk_max}/1073741824;
my @a;
push @a,"Regular" if $_->{srv_allow_regular};
push @a,"Premium" if $_->{srv_allow_premium};
$_->{user_types} = join '
', @a;
}
$ses->PrintTemplate("admin_servers.html",
'servers' => $servers,
);
}
sub AdminServerAdd
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $server;
if($f->{srv_id})
{
$server = $db->SelectRow("SELECT * FROM Servers WHERE srv_id=?",$f->{srv_id});
$server->{srv_disk_max}/=1024*1024*1024;
$server->{"s_$server->{srv_status}"}=' selected';
}
elsif(!$db->SelectOne("SELECT srv_id FROM Servers LIMIT 1"))
{
$server->{srv_cgi_url} = $c->{site_cgi};
$server->{srv_htdocs_url} = "$c->{site_url}/files";
}
$server->{srv_allow_regular}=$server->{srv_allow_premium}=1 unless $f->{srv_id};
$ses->PrintTemplate("admin_server_form.html",
%{$server},
'mmtt' => $ses->iPlg('t'),
);
}
sub AdminServerSave
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my (@tests,@arr);
my $allow_save=1;
require LWP::UserAgent;
my $ua = LWP::UserAgent->new(timeout => 15,agent=>'Opera/9.51 (Windows NT 5.1; U; en)');
$f->{srv_cgi_url}=~s/\/$//;
$f->{srv_htdocs_url}=~s/\/$//;
$ses->message("Server with same cgi-bin URL / htdocs URL already exist in DB") if !$f->{srv_id} && $db->SelectOne("SELECT srv_id FROM Servers WHERE srv_cgi_url=? OR srv_htdocs_url=?",$f->{srv_cgi_url},$f->{srv_htdocs_url});
# max disk usage
push @tests, 'max disk usage: ERROR' if !$f->{srv_disk_max} || $f->{srv_disk_max}<=0;
$f->{srv_allow_regular}||=0;
$f->{srv_allow_premium}||=0;
$f->{srv_torrent}||=0;
my @sflds = qw(srv_name srv_ip srv_cgi_url srv_htdocs_url srv_disk_max srv_status srv_key srv_allow_regular srv_allow_premium srv_torrent);
$f->{srv_disk_max}*=1024*1024*1024;
if($f->{srv_id})
{
my @dat = map{$f->{$_}}@sflds;
push @dat, $f->{srv_id};
$db->Exec("UPDATE Servers SET ".join(',',map{"$_=?"}@sflds)." WHERE srv_id=?", @dat );
$c->{srv_status} = $f->{srv_status};
my $data = join('~',map{"$_:$c->{$_}"}qw(site_url site_cgi max_upload_files max_upload_filesize ip_not_allowed srv_status));
$ses->api2($f->{srv_id},{op=>'update_conf',data=>$data});
}
my $fs_key = $db->SelectOne("SELECT srv_key FROM Servers WHERE srv_id=?",$f->{srv_id}) if $f->{srv_id};
# api.cgi multiple tests
my $res = $ses->api($f->{srv_cgi_url}, {op => 'test', fs_key=>$fs_key, site_cgi=>$c->{site_cgi}} );
if($res=~/^OK/)
{
push @tests, 'api.cgi: OK';
$res=~s/^OK:(.*?)://;
$f->{srv_ip} = $1;
push @tests, split(/\|/,$res);
}
else
{
push @tests, "api.cgi: ERROR ($res)";
}
# upload.cgi
$res = $ua->get("$f->{srv_cgi_url}/upload.cgi?mode=test");
push @tests, $res->content eq 'XFS' ? 'upload.cgi: OK' : "upload.cgi: ERROR (problems with link)";
# upload_status.cgi
#my $res = $ua->get("$f->{srv_cgi_url}/upload_status.cgi?mode=test");
#push @tests, $res->content eq 'XFS' ? 'upload_status.cgi: OK' : "upload_status.cgi: ERROR (problems with link)";
# htdocs URL accessibility
$res = $ua->get("$f->{srv_htdocs_url}/index.html");
push @tests, $res->content eq 'XFS' ? 'htdocs URL accessibility: OK' : "htdocs URL accessibility: ERROR (should see XFS on link)";
for(@tests)
{
$allow_save=0 if /ERROR/;
push @arr, {'text' => $_,
'class'=> /ERROR/ ? 'err' : 'ok'
};
}
unless($allow_save)
{
$f->{srv_disk_max}/=1024*1024*1024;
$ses->PrintTemplate("admin_server_form.html",
'tests' => \@arr,
%{$f},
"s_$f->{srv_status}" => ' selected',
);
}
unless($f->{srv_id})
{
$f->{srv_key} = $c->{fs_key} = $ses->randchar(8);
$c->{srv_status} = $f->{srv_status};
#my @sflds = qw(srv_name srv_ip srv_cgi_url srv_htdocs_url srv_key srv_disk_max srv_status srv_allow_regular srv_allow_premium srv_torrent);
$db->Exec("INSERT INTO Servers SET srv_created=CURDATE(), ".join(',',map{"$_=?"}@sflds), map{$f->{$_}}@sflds );
my $data = join('~',map{"$_:$c->{$_}"}qw(fs_key dl_key site_url site_cgi max_upload_files max_upload_filesize ext_allowed ext_not_allowed ip_not_allowed srv_status));
my $res = $ses->api($f->{srv_cgi_url},{op=>'update_conf',data=>$data});
$ses->message("Server created. But was unable to update FS config.
Probably fs_key was not epty. Update fs_key manually and save Site Settings to sync.($res)") unless $res eq 'OK';
}
$ses->redirect('?op=admin_servers');
}
sub AdminCheckDBFile
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
$|++;
print"Content-type:text/html\n\n";
print"Starting DB-File consistancy check...
";
my $servers = $db->SelectARef("SELECT * FROM Servers WHERE srv_status<>'OFF' ");
my $deleted_db=0;
for my $s (@$servers)
{
print"Server $s->{srv_name} (ID=$s->{srv_id})
";
my $cx=0;
while( my $files=$db->Select("SELECT file_id, file_real_id, file_real
FROM Files
WHERE srv_id=? LIMIT $cx,100",$s->{srv_id}) )
{
$cx+=100;
$files=&ARef($files);
$_->{file_real_id}||=$_->{file_id} for @$files;
my $list = join ':', map{ "$_->{file_real_id}-$_->{file_real}" } @$files;
my $res = $ses->api($s->{srv_cgi_url},
{
fs_key => $s->{srv_key},
op => 'check_files',
list => $list,
}
);
$ses->AdminLog("Error when requesting API.
$res") unless $res=~/^OK/;
my ($codes) = $res=~/^OK:(.*)$/;
my $ids = join ',', map{"'$_'"} split(/\,/,$codes);
if($ids)
{
my $list = $db->SelectARef("SELECT * FROM Files WHERE file_real IN ($ids)");
$ses->DeleteFilesMass($list);
$deleted_db+=$#$list+1;
}
print"+";
}
print"
Files removed from DB: $deleted_db
";
}
print"DONE.
Back to site";
print"";
exit;
}
sub AdminCheckFileDB
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
$|++;
print"Content-type:text/html\n\n";
print"Starting File-DB consistancy check...
";
my $servers = $db->SelectARef("SELECT * FROM Servers WHERE srv_status<>'OFF' ");
my $deleted_db=0;
for my $s (@$servers)
{
print"Server $s->{srv_name} (ID=$s->{srv_id})
";
my $res = $ses->api2($s->{srv_id}, { op => 'check_files_reverse' } );
#$ses->AdminLog("Error when requesting API check_files_reverse.
$res") unless $res=~/^OK:/;
#$res=~/^OK:(.*)$/ ? print" OK. Found & fixed bad files2: $1
" : print" Error: $res";
print"
";
}
print"DONE.
Back to site";
print"";
exit;
}
sub AdminUpdateServerStats
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my $servers = $db->SelectARef("SELECT * FROM Servers WHERE srv_status<>'OFF' ");
for my $s (@$servers)
{
my $res = $ses->api($s->{srv_cgi_url},
{
fs_key => $s->{srv_key},
op => 'get_file_stats',
}
);
$ses->message("Error when requesting API.
$res") unless $res=~/^OK/;
my ($files,$size) = $res=~/^OK:(\d+):(\d+)$/;
$ses->message("Invalid files,size values: ($files)($size)") unless $files=~/^\d+$/ && $size=~/^\d+$/;
my $file_count = $db->SelectOne("SELECT COUNT(*) FROM Files WHERE srv_id=?",$s->{srv_id});
$db->Exec("UPDATE Servers SET srv_files=?, srv_disk=? WHERE srv_id=?",$file_count,$size,$s->{srv_id});
}
$ses->redirect('?op=admin_servers');
}
sub AdminServerImport
{
if($f->{'import'})
{
my $usr_id = $db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login});
$ses->message("No such user '$f->{usr_login}'") unless $usr_id;
my $res = $ses->api2($f->{srv_id},{op=>'import_list_do','usr_id'=>$usr_id,'pub'=>$f->{pub}});
$ses->message("Error happened: $res") unless $res=~/^OK/;
$res=~/^OK:(\d+)/;
$ses->message("$1 files were completely imported to system");
}
my $res = $ses->api2($f->{srv_id},{op=>'import_list'});
$ses->message("Error when requesting API.
$res") unless $res=~/^OK/;
my ($data) = $res=~/^OK:(.*)$/;
my @files;
for(split(/:/,$data))
{
/^(.+?)\-(\d+)$/;
push @files, {name=>$1,size=>sprintf("%.02f Mb",$2/1048576)};
}
$ses->PrintTemplate("admin_server_import.html",
'files' => \@files,
'srv_id' => $f->{srv_id},
);
}
sub AdminServerDelete
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
if($f->{password})
{
$f->{login}=$ses->getUser->{usr_login};
$ses->message("Wrong password") unless &Login('no_redirect');
}
else
{
$ses->PrintTemplate("confirm_password.html",
'msg'=>"Delete File Server and all files on it?",
'btn'=>"DELETE",
'op'=>'admin_server_del',
'id'=>$f->{srv_id});
}
my $srv = $db->SelectRow("SELECT * FROM Servers WHERE srv_id=?",$f->{id});
$ses->message("No such server") unless $srv;
my $res = $ses->api($srv->{srv_cgi_url},
{
fs_key => $srv->{srv_key},
op => 'expire_sym',
hours => 0,
}
);
my $files = $db->SelectARef("SELECT srv_id,file_id,file_real,file_real_id FROM Files WHERE srv_id=?",$srv->{srv_id});
$ses->DeleteFilesMass($files);
$db->Exec("DELETE FROM Servers WHERE srv_id=?",$srv->{srv_id});
$ses->redirect('?op=admin_servers');
}
sub AdminSettings
{
if($f->{save})
{
$ses->message("Not allowed in Demo mode") if $c->{demo_mode};
my @fields = qw(license_key
site_name
enable_file_descr
enable_file_comments
ext_allowed
ext_not_allowed
ip_not_allowed
fnames_not_allowed
captcha_mode
email_from
contact_email
symlink_expire
items_per_page
payment_plans
paypal_email
alertpay_email
item_name
currency_code
link_format
enable_catalogue
pre_download_page
bw_limit_days
registration_confirm_email
mailhosts_not_allowed
sanitize_filename
bad_comment_words
add_filename_postfix
image_mod
mp3_mod
mp3_mod_no_download
mp3_mod_autoplay
recaptcha_pub_key
recaptcha_pri_key
coupons
tla_xml_key
m_i
m_v
m_r
m_w
m_s
m_d
m_a
m_d_f
m_d_a
m_d_c
m_s_reg
m_v_page
m_i_width
m_i_height
m_i_resize
m_i_wm_position
m_i_wm_image
m_i_wm_padding
m_i_hotlink_orig
m_u
webmoney_merchant_id
webmoney_secret_key
ping_google_sitemaps
deurl_site
deurl_api_key
smscoin_id
show_last_news_days
link_ip_logic
daopay_app_id
cashu_merchant_id
paypal_subscription
m_h
m_h_login
m_h_password
m_v_width
m_v_height
m_n
rs_logins
mu_logins
nl_logins
hf_logins
mf_logins
fs_logins
df_logins
ff_logins
es_logins
sm_logins
ug_logins
fe_logins
payout_systems
m_e
m_e_vid_width
m_e_vid_quality
m_e_audio_bitrate
m_b
enabled_anon
max_upload_files_anon
max_upload_filesize_anon
max_downloads_number_anon
download_countdown_anon
captcha_anon
ads_anon
add_download_delay_anon
bw_limit_anon
remote_url_anon
direct_links_anon
down_speed_anon
max_download_filesize_anon
video_embed_anon
flash_upload_anon
files_expire_access_anon
file_dl_delay_anon
mp3_embed_anon
rar_info_anon
enabled_reg
max_upload_files_reg
disk_space_reg
max_upload_filesize_reg
max_downloads_number_reg
download_countdown_reg
captcha_reg
ads_reg
add_download_delay_reg
bw_limit_reg
remote_url_reg
direct_links_reg
down_speed_reg
max_download_filesize_reg
max_rs_leech_reg
torrent_dl_reg
torrent_dl_slots_reg
video_embed_reg
flash_upload_reg
files_expire_access_reg
file_dl_delay_reg
mp3_embed_reg
rar_info_reg
enabled_prem
max_upload_files_prem
disk_space_prem
max_upload_filesize_prem
max_downloads_number_prem
download_countdown_prem
captcha_prem
ads_prem
add_download_delay_prem
bw_limit_prem
remote_url_prem
direct_links_prem
down_speed_prem
max_download_filesize_prem
max_rs_leech_prem
torrent_dl_prem
torrent_dl_slots_prem
video_embed_prem
flash_upload_prem
files_expire_access_prem
file_dl_delay_prem
mp3_embed_prem
rar_info_prem
tier_sizes
tier1_countries
tier2_countries
tier1_money
tier2_money
tier3_money
image_mod_no_download
video_mod_no_download
external_links
show_server_stats
clean_ip2files_days
anti_dupe_system
two_checkout_sid
plimus_contract_id
moneybookers_email
max_money_last24
sale_aff_percent
referral_aff_percent
min_payout
del_money_file_del
convert_money
convert_days
money_filesize_limit
dl_money_anon
dl_money_reg
dl_money_prem
);
my @fields_fs = qw(site_url
site_cgi
ext_allowed
ext_not_allowed
ip_not_allowed
dl_key
m_i
m_v
m_r
m_i_width
m_i_height
m_i_resize
m_i_wm_position
m_i_wm_image
m_i_wm_padding
m_i_hotlink_orig
m_h
m_h_login
m_h_password
rs_logins
mu_logins
nl_logins
hf_logins
mf_logins
fs_logins
df_logins
ff_logins
es_logins
sm_logins
ug_logins
fe_logins
m_e
m_e_vid_width
m_e_vid_quality
m_e_audio_bitrate
m_b
enabled_anon
max_upload_files_anon
max_upload_filesize_anon
remote_url_anon
enabled_reg
max_upload_files_reg
max_upload_filesize_reg
remote_url_reg
enabled_prem
max_upload_files_prem
max_upload_filesize_prem
remote_url_prem
);
$f->{payment_plans}=~s/\s//gs;
$f->{item_name} = $ses->{cgi_query}->url_encode($f->{item_name});
my $conf;
open(F,"$c->{cgi_path}/XFileConfig.pm")||$ses->message("Can't read XFileConfig");
$conf.=$_ while ;
close F;
$f->{ip_not_allowed}=~s/\r//gs;
my @ips=grep{/^[\d\.]+$/}split(/\n/,$f->{ip_not_allowed});
if($#ips>-1 && open(F,"$c->{site_path}/.htaccess"))
{
my @arr=;
@arr=grep{$_!~/deny from/i}@arr;
unshift @arr,"deny from $_\n" for @ips;
close F;
if( open(F,">$c->{site_path}/.htaccess") )
{
print F @arr;
close F;
}
}
$f->{external_links}=~s/\r//gs;
$f->{external_links}=~s/\n/~/gs;
$f->{external_links}=~s/'/'/gs;
$f->{ip_not_allowed}=~s/\r//gs;
$f->{ip_not_allowed}=~s/\n/|/gs;
$f->{ip_not_allowed}=~s/\|{2,99}/|/gs;
$f->{ip_not_allowed}=~s/\|$//gs;
$f->{ip_not_allowed}=~s/\*/\\d+/gs;
$f->{ip_not_allowed}="^($f->{ip_not_allowed})\$" if $f->{ip_not_allowed};
$f->{fnames_not_allowed}=~s/\r//gs;
$f->{fnames_not_allowed}=~s/\n/|/gs;
$f->{fnames_not_allowed}=~s/\|{2,99}/|/gs;
$f->{fnames_not_allowed}=~s/\|$//gs;
$f->{fnames_not_allowed}="($f->{fnames_not_allowed})" if $f->{fnames_not_allowed};
$f->{mailhosts_not_allowed}=~s/\r//gs;
$f->{mailhosts_not_allowed}=~s/\n/|/gs;
$f->{mailhosts_not_allowed}=~s/\|{2,99}/|/gs;
$f->{mailhosts_not_allowed}=~s/\|$//gs;
$f->{mailhosts_not_allowed}="($f->{mailhosts_not_allowed})" if $f->{mailhosts_not_allowed};
$f->{bad_comment_words}=~s/\r//gs;
$f->{bad_comment_words}=~s/\n/|/gs;
$f->{bad_comment_words}=~s/\|{2,99}/|/gs;
$f->{bad_comment_words}=~s/\|$//gs;
$f->{bad_comment_words}="($f->{bad_comment_words})" if $f->{bad_comment_words};
$f->{coupons}=~s/\r//gs;
$f->{coupons}=~s/\n/|/gs;
$f->{coupons}=~s/\|{2,99}/|/gs;
$f->{coupons}=~s/\|$//gs;
for(qw(rs mu nl hf mf fs df ff es sm ug))
{
$f->{"$_\_logins"}=~s/\r//gs;
$f->{"$_\_logins"}=~s/\n/|/gs;
$f->{"$_\_logins"}=~s/\|{2,99}/|/gs;
$f->{"$_\_logins"}=~s/\|$//gs;
}
for my $x (@fields)
{
my $val = $f->{$x};
$conf=~s/$x\s*=>\s*('.*?')\s*,/"$x => '$val',"/e;
}
open(F,">$c->{cgi_path}/XFileConfig.pm")||$ses->message("Can't write XFileConfig");
print F $conf;
close F;
$f->{site_url}=$c->{site_url};
$f->{site_cgi}=$c->{site_cgi};
$f->{dl_key} =$c->{dl_key};
my $data = join('~',map{"$_:$f->{$_}"}@fields_fs);
my $servers = $db->SelectARef("SELECT * FROM Servers WHERE srv_status<>'OFF'");
$|++;
print"Content-type:text/html\n\nHave ".($#$servers+1)." servers to update.
";
my $failed=0;
for(@$servers)
{
print"ID=$_->{srv_id} $_->{srv_name}...";
my $res = $ses->api($_->{srv_cgi_url},{ fs_key=>$_->{srv_key}, op=>'update_conf', data=>$data });
if($res eq 'OK')
{
print"OK
";
}
else
{
print"FAILED!
";
$failed++;
}
#$ses->message("Can't update config for server ID: $_->{srv_id}:$res") unless $res eq 'OK';
}
print"
Done.
$failed servers failed to update.
Back to Site Settings";
print"" unless $failed;
print"";
exit;
#print $ses->redirect('?op=admin_settings');
}
$c->{ip_not_allowed}=~s/[\^\(\)\$\\]//g;
$c->{ip_not_allowed}=~s/\|/\n/g;
$c->{ip_not_allowed}=~s/d\+/*/g;
$c->{fnames_not_allowed}=~s/[\^\(\)\$\\]//g;
$c->{fnames_not_allowed}=~s/\|/\n/g;
$c->{mailhosts_not_allowed}=~s/[\^\(\)\$\\]//g;
$c->{mailhosts_not_allowed}=~s/\|/\n/g;
$c->{bad_comment_words}=~s/[\^\(\)\$\\]//g;
$c->{bad_comment_words}=~s/\|/\n/g;
$c->{coupons}=~s/\|/\n/g;
$c->{"link_format$c->{link_format}"}=' selected';
$c->{"enp_$_"}=$ses->iPlg($_) for split('',$ses->{plug_lett});
#die $c->{"enp_h"};
$c->{tier_sizes}||='0|10|100';
$c->{tier1_countries}||='US|CA';
$c->{tier1_money}||='1|2|3';
$c->{tier2_countries}||='DE|FR|GB';
$c->{tier2_money}||='1|2|3';
$c->{tier3_money}||='1|2|3';
$c->{"lil_$c->{link_ip_logic}"}=' checked';
$c->{external_links}=~s/~/\n/gs;
$c->{"m_i_wm_position_$c->{m_i_wm_position}"}=1;
$c->{m_m} = $ses->iPlg('m');
$c->{cliid} = $ses->{cliid};
$c->{"m_v_page_".$c->{m_v_page}}=1;
for(qw(rs mu nl hf mf fs df ff es sm ug))
{
$c->{"$_\_logins"}=~s/\|/\n/g;
}
if($c->{tla_xml_key})
{
my $chmod = (stat("$c->{cgi_path}/Templates/text-link-ads.html"))[2] & 07777;
my $chmod_txt = sprintf("%04o", $chmod);
$c->{tla_msg}="Set chmod 666 to this file: Templates/text-link-ads.html" unless $chmod_txt eq '0666';
}
#push @{$f->{cookies}}, cookie(-name=>'admhash',-value=>$passcook,-expire=>'+30m');
$ses->PrintTemplate("admin_settings.html",
%{$c},
"captcha_$c->{captcha_mode}" => ' checked',
'item_name' => $ses->{cgi_query}->url_decode($c->{item_name}),
);
}
sub MyReports
{
$ses->message("Not allowed") unless $c->{m_s};
$ses->message("Premium account required") if !$ses->getUser->{premium} && !$c->{m_s_reg};
my @d1 = $ses->getTime();
$d1[2]='01';
my @d2 = $ses->getTime();
my $day1 = $f->{date1}=~/^\d\d\d\d-\d\d-\d\d$/ ? $f->{date1} : "$d1[0]-$d1[1]-$d1[2]";
my $day2 = $f->{date2}=~/^\d\d\d\d-\d\d-\d\d$/ ? $f->{date2} : "$d2[0]-$d2[1]-$d2[2]";
my $list = $db->SelectARef("SELECT *, DATE_FORMAT(day,'%e') as day2
FROM Stats2
WHERE usr_id=?
AND day>=?
AND day<=?
ORDER BY day",$ses->getUserId,$day1,$day2);
$ses->message("Not enough reports data") if $#$list<0;
my %totals;
my (@days,@profit_dl,@profit_sales,@profit_refs);
for my $x (@$list)
{
$x->{profit_total} = $x->{profit_dl}+$x->{profit_sales}+$x->{profit_refs};
for(qw(profit_dl profit_sales profit_refs profit_total))
{
$x->{$_}=~s/\.?0+$//;
}
$totals{"sum_$_"}+=$x->{$_} for qw(downloads sales profit_dl profit_sales profit_refs profit_total);
}
my $divlines = $#$list-1;
$divlines=1 if $divlines<1;
my $xml = $ses->CreateTemplate("my_reports.xml");
$xml->param(list=>$list, divlines=>$divlines);
my $data_xml = $xml->output;
$data_xml=~s/[\n\r]+//g;
$data_xml=~s/\s{2,16}/ /g;
$ses->PrintTemplate("my_reports.html",
list => $list,
date1 => $day1,
date2 => $day2,
%totals,
data_xml => $data_xml,
);
}
sub AdminStats
{
my @d1 = $ses->getTime(time-10*24*3600);
my @d2 = $ses->getTime();
my $day1 = $f->{date1}=~/^\d\d\d\d-\d\d-\d\d$/ ? $f->{date1} : "$d1[0]-$d1[1]-$d1[2]";
my $day2 = $f->{date2}=~/^\d\d\d\d-\d\d-\d\d$/ ? $f->{date2} : "$d2[0]-$d2[1]-$d2[2]";
my $list = $db->SelectARef("SELECT *, ROUND(bandwidth/1048576) as bandwidth, DATE_FORMAT(day,'%b%e') as x
FROM Stats
WHERE day>=?
AND day<=?",$day1,$day2);
$ses->message("Not enough stat data") if $#$list<1;
my $dxp=sprintf("%.01f",100/$#$list);
my ($max_up,$max_dl,$max_reg,$max_pay,$max_bw);
for(@$list)
{
$max_up= $_->{uploads} if $_->{uploads}>$max_up;
$max_dl= $_->{downloads} if $_->{downloads}>$max_dl;
$max_reg=$_->{registered} if $_->{registered}>$max_reg;
$max_bw= $_->{bandwidth} if $_->{bandwidth}>$max_bw;
$max_pay=$_->{paid} if $_->{paid}>$max_pay;
}
$max_up||=1;
$max_dl||=1;
$max_bw||=1;
$max_reg||=1;
$max_pay||=1;
my $url="http://chart.apis.google.com/chart?cht=lc&chco=303030&chls=1,1,0&chs=500x200&chxt=x,y&chg=$dxp,25";
my $up_url=$url."&chtt=File+uploads&chd=t:".join(',', map{sprintf("%.01f",100*$_->{uploads}/$max_up)}@$list );
$up_url.="&chxl=0:|".join('|', map{$_->{x}}@$list )."|1:|0|".int($max_up/4)."|".int($max_up/2)."|".int(3*$max_up/4)."|$max_up";
my $dl_url=$url."&chtt=File+downloads&chd=t:".join(',', map{sprintf("%.01f",100*$_->{downloads}/$max_dl)}@$list );
$dl_url.="&chxl=0:|".join('|', map{$_->{x}}@$list )."|1:|0|".int($max_dl/4)."|".int($max_dl/2)."|".int(3*$max_dl/4)."|$max_dl";
my $reg_url=$url."&chtt=New+users&chd=t:".join(',', map{sprintf("%.01f",100*$_->{registered}/$max_reg)}@$list );
$reg_url.="&chxl=0:|".join('|', map{$_->{x}}@$list )."|1:|0|".int($max_reg/4)."|".int($max_reg/2)."|".int(3*$max_reg/4)."|$max_reg";
my $bw_url=$url."&chtt=Bandwidth,+Mb&chd=t:".join(',', map{sprintf("%.01f",100*$_->{bandwidth}/$max_bw)}@$list );
$bw_url.="&chxl=0:|".join('|', map{$_->{x}}@$list )."|1:|0|".int($max_bw/4)."|".int($max_bw/2)."|".int(3*$max_bw/4)."|$max_bw";
my $pay_url=$url."&chtt=Payments+received&chd=t:".join(',', map{sprintf("%.01f",100*$_->{paid}/$max_pay)}@$list );
$pay_url.="&chxl=0:|".join('|', map{$_->{x}}@$list )."|1:|0|".int($max_pay/4)."|".int($max_pay/2)."|".int(3*$max_pay/4)."|$max_pay";
$ses->PrintTemplate("admin_stats.html",
'up_url' => $up_url,
'dl_url' => $dl_url,
'reg_url' => $reg_url,
'bw_url' => $bw_url,
'pay_url' => $pay_url,
'date1' => $day1,
'date2' => $day2,
);
}
sub AdminComments
{
$ses->message("Access denied") if !$ses->getUser->{usr_adm} && !($c->{m_d} && $ses->getUser->{usr_mod} && $c->{m_d_c});
if($f->{del_selected} && $f->{cmt_id})
{
$db->Exec("DELETE FROM Comments WHERE cmt_id IN (".join(',',@{&ARef($f->{cmt_id})}).")");
$ses->redirect("?op=admin_comments");
}
if($f->{rr})
{
$ses->redirect( &CommentRedirect(split(/-/,$f->{rr})) );
}
my $filter;
$filter="WHERE c.cmt_ip=INET_ATON('$f->{ip}')" if $f->{ip};
$filter="WHERE c.usr_id=$f->{usr_id}" if $f->{usr_id};
$filter="WHERE c.cmt_name LIKE '%$f->{key}%' OR c.cmt_email LIKE '%$f->{key}%' OR c.cmt_text LIKE '%$f->{key}%'" if $f->{key};
my $list = $db->SelectARef("SELECT c.*, INET_NTOA(c.cmt_ip) as ip, u.usr_login, u.usr_id
FROM Comments c
LEFT JOIN Users u ON c.usr_id=u.usr_id
$filter
ORDER BY created DESC".$ses->makePagingSQLSuffix($f->{page},$f->{per_page}));
my $total = $db->SelectOne("SELECT COUNT(*) FROM Comments c $filter");
$ses->PrintTemplate("admin_comments.html",
'list' => $list,
'key' => $f->{key},
'paging' => $ses->makePagingLinks($f,$total),
);
}
sub AdminPayments
{
if($f->{export_file} && $f->{pay_id})
{
my $list = $db->SelectARef("SELECT p.*, u.usr_id, u.usr_pay_email, u.usr_pay_type
FROM Payments p, Users u
WHERE id IN (".join(',',@{&ARef($f->{pay_id})}).")
AND status='PENDING'
AND p.usr_id=u.usr_id");
my $date = sprintf("%d-%d-%d",&getTime());
print qq{Content-Type: application/octet-stream\n};
print qq{Content-Disposition: attachment; filename="paypal-mass-pay-$date.txt"\n};
print qq{Content-Transfer-Encoding: binary\n\n};
for my $x (@$list)
{
next unless $x->{usr_pay_type} =~ /paypal/i;
print"$x->{usr_pay_email}\t$x->{amount}\t$c->{currency_code}\tmasspay_$x->{usr_id}\tPayment\r\n";
}
exit;
}
if($f->{mark_paid} && $f->{pay_id})
{
$db->Exec("UPDATE Payments SET status='PAID' WHERE id IN (".join(',',@{&ARef($f->{pay_id})}).")" );
$ses->redirect_msg("$c->{site_url}/?op=admin_payments","Selected payments marked as Paid");
}
if($f->{mark_rejected} && $f->{pay_id})
{
$db->Exec("UPDATE Payments SET status='REJECTED' WHERE id IN (".join(',',@{&ARef($f->{pay_id})}).")" );
$ses->redirect_msg("$c->{site_url}/?op=admin_payments","Selected payments marked as Rejected");
}
my $list = $db->SelectARef("SELECT p.*, u.usr_login, u.usr_email, u.usr_pay_email, u.usr_pay_type
FROM Payments p, Users u
WHERE status='PENDING'
AND p.usr_id=u.usr_id
ORDER BY created");
# for(@$list)
# {
# $_->{"info_$_->{usr_pay_type}"} = $_->{usr_pay_email};
# }
my $amount_sum = $db->SelectOne("SELECT SUM(amount) FROM Payments WHERE status='PENDING'");
$ses->PrintTemplate("admin_payments.html",
'list' => $list,
'amount_sum' => $amount_sum,
'paypal_email' => $c->{paypal_email},
'alertpay_email' => $c->{alertpay_email},
'webmoney_merchant_id'=> $c->{webmoney_merchant_id},
);
}
sub MyAccount
{
if($f->{twitter1})
{
require Net::Twitter::Lite;
my $nt = Net::Twitter::Lite->new(consumer_key => $c->{twit_consumer1},
consumer_secret => $c->{twit_consumer2} );
my $url = $nt->get_authorization_url(callback => "$c->{site_url}/?op=my_account&twitter2=1");
$ses->setCookie('tw_token',$nt->request_token);
$ses->setCookie('tw_token_secret',$nt->request_token_secret);
$ses->redirect($url);
}
if($f->{twitter2})
{
use Net::Twitter::Lite;
my $nt = Net::Twitter::Lite->new(consumer_key => 'Ib9LtBjGpyKhrBKFgnJqag',
consumer_secret => '3n8VdCQjgw4Qi9aMnxlzrm5KCw4Fsv6RlTlcIS5QO4g');
$nt->request_token( $ses->getCookie('tw_token') );
$nt->request_token_secret( $ses->getCookie('tw_token') );
my($access_token, $access_token_secret, $user_id, $screen_name) = $nt->request_access_token(verifier => $f->{oauth_verifier});
if($access_token && $access_token_secret)
{
$db->Exec("INSERT INTO UserData SET usr_id=?, name=?, value=?
ON DUPLICATE KEY UPDATE value=?",$ses->getUserId, 'twitter_login', $access_token, $access_token);
$db->Exec("INSERT INTO UserData SET usr_id=?, name=?, value=?
ON DUPLICATE KEY UPDATE value=?",$ses->getUserId, 'twitter_password', $access_token_secret, $access_token_secret);
}
}
if($f->{twitter_stop})
{
$db->Exec("DELETE FROM UserData WHERE usr_id=? AND name IN ('twitter_login','twitter_password')",$ses->getUserId);
$ses->redirect('?op=my_account');
}
if($f->{settings_save})
{
$ses->message("Not allowed in Demo mode!") if $c->{demo_mode} && $ses->getUser->{usr_adm};
my $user=$db->SelectRow("SELECT usr_login,DECODE(usr_password,?) as usr_password,usr_email FROM Users WHERE usr_id=?",$c->{pasword_salt},$ses->getUserId);
if($f->{usr_login} && $user->{usr_login}=~/^\d+$/ && $f->{usr_login} ne $user->{usr_login})
{
$f->{usr_login}=$ses->SecureStr($f->{usr_login});
$ses->message("Error: Login should contain letters") if $f->{usr_login}=~/^\d+$/;
$ses->message("Error: $ses->{lang}->{lang_login_too_short}") if length($f->{usr_login})<4;
$ses->message("Error: $ses->{lang}->{lang_login_too_long}") if length($f->{usr_login})>32;
$ses->message("Error: Invalid login: reserved word") if $f->{usr_login}=~/^(admin|images|captchas|files)$/;
$ses->message("Error: $ses->{lang}->{lang_invalid_login}") unless $f->{usr_login}=~/^[\w\-\_]+$/;
$ses->message("Error: $ses->{lang}->{lang_login_exist}") if $db->SelectOne("SELECT usr_id FROM Users WHERE usr_login=?",$f->{usr_login});
$db->Exec("UPDATE Users SET usr_login=? WHERE usr_id=?",$f->{usr_login},$ses->getUserId);
}
if($f->{usr_email} ne $ses->getUser->{usr_email})
{
$ses->message("This email already in use") if $db->SelectOne("SELECT usr_id FROM Users WHERE usr_id<>? AND usr_email=?", $ses->getUserId, $f->{usr_email} );
$ses->message("Error: Invalid e-mail") unless $f->{usr_email}=~/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
$db->Exec("UPDATE Users SET usr_email=? WHERE usr_id=?",$f->{usr_email},$ses->getUserId);
$f->{msg}.=$ses->{lang}->{lang_email_changed_ok}.'
';
$user->{usr_email_new} = $f->{usr_email};
}
if($f->{password_new} && $f->{password_new2})
{
$ses->message("New password is too short") if length($f->{password_new})<4;
$ses->message("New passwords do not match") unless $f->{password_new} eq $f->{password_new2};
$db->Exec("UPDATE Users SET usr_password=ENCODE(?,?) WHERE usr_id=?", $f->{password_new}, $c->{pasword_salt}, $ses->getUserId );
$f->{msg}=$ses->{lang}->{lang_pass_changed_ok}.'
';
$user->{usr_password_new} = $f->{password_new};
}
$db->Exec("UPDATE Users
SET usr_pay_email=?,
usr_pay_type=?,
usr_direct_downloads=?,
usr_rapid_login=?,
usr_rapid_pass=?
WHERE usr_id=?",$f->{usr_pay_email}||'',
$f->{usr_pay_type}||'',
$f->{usr_direct_downloads}||0,
$f->{usr_rapid_login}||'',
$f->{usr_rapid_pass}||'',
$ses->getUserId);
$f->{msg}.=$ses->{lang}->{lang_sett_changed_ok};
my @custom_fields = qw(
twitter_filename
);
for(qw(rs mu nl hf mf fs df ff es sm ug fe))
{
push @custom_fields, "$_\_logins";
}
for( @custom_fields )
{
$db->Exec("INSERT INTO UserData
SET usr_id=?, name=?, value=?
ON DUPLICATE KEY UPDATE value=?
",$ses->getUserId, $_, $f->{$_}||'', $f->{$_}||'');
}
$ses->ApplyPlugins('user_edit',$user);
}
&CheckAuth();
my $user = $ses->getUser;
my $totals = $db->SelectRow("SELECT COUNT(*) as total_files, SUM(file_size) as total_size FROM Files WHERE usr_id=?",$ses->getUserId);
$totals->{total_size} = sprintf("%.02f",$totals->{total_size}/1024**3);
my $disk_space = sprintf("%.0f GB",$c->{disk_space}/1024);
$user->{premium_expire} = $db->SelectOne("SELECT DATE_FORMAT(usr_premium_expire,'%e %M %Y') FROM Users WHERE usr_id=?",$ses->getUserId);
if($c->{bw_limit_days} && $c->{bw_limit})
{
my $bw = $db->SelectOne("SELECT SUM(size) FROM IP2Files WHERE ip=INET_ATON(?) AND created > NOW()-INTERVAL ? DAY",$ses->getIP,$c->{bw_limit_days});
$user->{traffic_left} = sprintf("%.0f", $c->{bw_limit}-$bw/1024**2 );
}
my $data = $db->SelectARef("SELECT * FROM UserData WHERE usr_id=?",$user->{usr_id});
$user->{$_->{name}}=$_->{value} for @$data;
$user->{usr_money}=~s/\.?0+$//;
$user->{login_change}=1 if $user->{usr_login}=~/^\d+$/;
my $referrals = $db->SelectOne("SELECT COUNT(*) FROM Users WHERE usr_aff_id=?",$ses->getUserId);
my @payout_list = map{ {name=>$_,checked=>($_ eq $ses->getUser->{usr_pay_type})} } split(/\s*\,\s*/,$c->{payout_systems});
$ses->PrintTemplate("my_account.html",
%{$user},
'msg' => $f->{msg},
'remote_url' => $c->{remote_url},
%{$totals},
'disk_space' => $disk_space,
#"pay_type_".$ses->getUser->{usr_pay_type} => 1,
'paypal_email' => $c->{paypal_email},
'payout_list' => \@payout_list,
'alertpay_email' => $c->{alertpay_email},
'webmoney_merchant_id'=> $c->{webmoney_merchant_id},
'm_w' => $c->{m_w},
'referrals' => $referrals,
);
}
sub MyReferrals
{
my $list = $db->SelectARef("SELECT usr_login, usr_created, usr_money, UNIX_TIMESTAMP(usr_premium_expire)-UNIX_TIMESTAMP() as dt
FROM Users WHERE usr_aff_id=? ORDER BY usr_created DESC".$ses->makePagingSQLSuffix($f->{page}),$ses->getUserId);
my $total = $db->SelectOne("SELECT COUNT(*) FROM Users WHERE usr_aff_id=?",$ses->getUserId);
for(@$list)
{
$_->{prem}=1 if $_->{dt}>0;
$_->{usr_money}=~s/\.?0+$//;
}
$ses->PrintTemplate("my_referrals.html",
list => $list,
paging => $ses->makePagingLinks($f,$total),
);
}
sub MyFiles
{
if($f->{del_code})
{
my $file = $db->SelectRow("SELECT * FROM Files WHERE file_code=? AND usr_id=?",$f->{del_code},$ses->getUserId);
$ses->message("Security error: not_owner") unless $file;
$ses->DeleteFile($file);
$ses->redirect("?op=my_files");
}
if($f->{del_selected} && $f->{file_id})
{
my $files = $db->SelectARef("SELECT * FROM Files WHERE usr_id=? AND file_id IN (".join(',',@{&ARef($f->{file_id})}).")",$ses->getUserId);
$|=1;
print"Content-type:text/html\n\n\n\n";
$ses->DeleteFilesMass($files,'nb');
print"";
exit;
#$ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
}
if($f->{set_public} && $f->{file_id})
{
$f->{set_public} = $f->{set_public} eq 'true' ? 1 : 0;
$db->Exec("UPDATE Files SET file_public=? WHERE usr_id=? AND file_id=?",$f->{set_public},$ses->getUserId,$f->{file_id});
my $style = $f->{set_public} ? 'pub' : '';
print"Content-type:text/html\n\n";
print"\$\$('td$f->{file_id}').className='$style';";
exit;
}
if($f->{set_public_multi} && $f->{file_id})
{
$db->Exec("UPDATE Files SET file_public=1 WHERE usr_id=? AND file_id IN (".join(',',@{&ARef($f->{file_id})}).")",$ses->getUserId);
$ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
}
#if($f->{set_private} && $f->{file_id})
#{
# $db->Exec("UPDATE Files SET file_public=0 WHERE usr_id=? AND file_id IN (".join(',',@{&ARef($f->{file_id})}).")",$ses->getUserId);
# $ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
#}
if($f->{create_new_folder})
{
$f->{create_new_folder} = $ses->SecureStr($f->{create_new_folder});
$ses->message("Invalid folder name!") unless $f->{create_new_folder};
$ses->message("Invalid parent folder") if $f->{fld_id} && !$db->SelectOne("SELECT fld_id FROM Folders WHERE usr_id=? AND fld_id=?",$ses->getUserId,$f->{fld_id});
$ses->message("You have can't have more than 1024 folders") if $db->SelectOne("SELECT COUNT(*) FROM Folders WHERE usr_id=?",$ses->getUserId)>=1024;
$db->Exec("INSERT INTO Folders SET usr_id=?, fld_parent_id=?, fld_name=?",$ses->getUserId,$f->{fld_id},$f->{create_new_folder});
$ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
}
if($f->{del_folder})
{
my $fld = $db->SelectRow("SELECT * FROM Folders WHERE usr_id=? AND fld_id=?",$ses->getUserId,$f->{del_folder});
$ses->message("Invalid ID") unless $fld;
sub delFolder
{
my ($fld_id)=@_;
my $subf = $db->SelectARef("SELECT * FROM Folders WHERE usr_id=? AND fld_parent_id=?",$ses->getUserId,$fld_id);
for(@$subf)
{
&delFolder($_->{fld_id});
}
my $files = $db->SelectARef("SELECT * FROM Files WHERE usr_id=? AND file_fld_id=?",$ses->getUserId,$fld_id);
$ses->DeleteFilesMass($files);
$db->Exec("DELETE FROM Folders WHERE usr_id=? AND fld_id=?",$ses->getUserId,$fld_id);
}
&delFolder($f->{del_folder});
$ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
}
if(defined $f->{to_folder} && $f->{file_id})
{
my $fld_id = $db->SelectOne("SELECT fld_id FROM Folders WHERE usr_id=? AND fld_id=?",$ses->getUserId,$f->{to_folder})||0;
$db->Exec("UPDATE Files SET file_fld_id=? WHERE usr_id=? AND file_id IN (".join(',',@{&ARef($f->{file_id})}).")",$fld_id,$ses->getUserId);
$ses->redirect("$c->{site_url}/?op=my_files&fld_id=$f->{fld_id}");
}
if($f->{add_my_acc})
{
print"Content-type:text/html\n\n";
my $file = $db->SelectRow("SELECT * FROM Files WHERE file_code=? AND file_public=1",$f->{add_my_acc});
print("Invalid file"),exit unless $file;
my $code = $ses->randchar(12);
while($db->SelectOne("SELECT file_id FROM Files WHERE file_code=?",$code)){$code = $ses->randchar(12);}
$db->Exec("INSERT INTO Files
SET file_name=?, usr_id=?, srv_id=?, file_descr=?, file_public=?, file_code=?, file_real=?, file_real_id=?, file_del_id=?, file_size=?,
file_password=?, file_ip=INET_ATON(?), file_md5=?, file_spec=?, file_created=NOW(), file_last_download=NOW()",
$file->{file_name},
$ses->getUserId,
$file->{srv_id},
'',
1,
$code,
$file->{file_real},
$file->{file_real_id}||$file->{file_id},
$file->{file_del_id},
$file->{file_size},
'',
$ses->getIP,
$file->{file_md5},
$file->{file_spec}||'',
);
$db->Exec("UPDATE Servers SET srv_files=srv_files+1 WHERE srv_id=?",$file->{srv_id});
print $ses->{lang}->{lang_added_to_account};
exit;
}
if($f->{del_torrent})
{
my $torr = $db->SelectRow("SELECT * FROM Torrents WHERE sid=? AND usr_id=?",$f->{del_torrent},$ses->getUserId);
$ses->redirect("$c->{site_url}/?op=my_files") unless $torr;
my $res = $ses->api2($torr->{srv_id},{
op => 'torrent_delete',
sid => $f->{del_torrent},
});
$ses->message("Error1:$res") unless $res eq 'OK';
$db->Exec("DELETE FROM Torrents WHERE sid=? AND status='WORKING'",$f->{del_torrent});
$ses->redirect("$c->{site_url}/?op=my_files")
}
$f->{sort_field}||='file_created';
$f->{sort_order}||='down';
$f->{fld_id}||=0;
my ($files,$total);
my $folders=[];
my $curr_folder = $db->SelectRow("SELECT * FROM Folders WHERE fld_id=?",$f->{fld_id}) if $f->{fld_id};
$curr_folder ||= {};
$ses->message("Invalid folder id") if $f->{fld_id} && $curr_folder->{usr_id}!=$ses->getUserId;
if($f->{key})
{
$files = $db->SelectARef(q{SELECT *, DATE(file_created) as created,
(SELECT COUNT(*) FROM Comments WHERE cmt_type=1 AND file_id=cmt_ext_id) as comments
FROM Files
WHERE usr_id=?
AND (file_name LIKE CONCAT('%',?,'%') OR file_descr LIKE CONCAT('%',?,'%'))
ORDER BY file_created DESC}.$ses->makePagingSQLSuffix($f->{page}),$ses->getUserId,$f->{key},$f->{key});
$total = $db->SelectOne("SELECT COUNT(*) FROM Files WHERE usr_id=? AND (file_name LIKE CONCAT('%',?,'%') OR file_descr LIKE CONCAT('%',?,'%'))",$ses->getUserId,$f->{key},$f->{key});
}
else
{
$files = $db->SelectARef("SELECT f.*, DATE(f.file_created) as created,
(SELECT COUNT(*) FROM Comments WHERE cmt_type=1 AND file_id=cmt_ext_id) as comments
FROM Files f
WHERE f.usr_id=?
AND f.file_fld_id=?
".&makeSortSQLcode($f,'file_created').$ses->makePagingSQLSuffix($f->{page}),$ses->getUserId,$f->{fld_id});
$total = $db->SelectOne("SELECT COUNT(*) FROM Files WHERE usr_id=? AND file_fld_id=?", $ses->getUserId, $f->{fld_id} );
$folders = $db->SelectARef("SELECT f.*, COUNT(ff.file_id) as files_num
FROM Folders f
LEFT JOIN Files ff ON f.fld_id=ff.file_fld_id
WHERE f.usr_id=?
AND fld_parent_id=?
GROUP BY fld_id
ORDER BY fld_name",$ses->getUserId,$f->{fld_id});
}
unshift @$folders, {fld_id=>$curr_folder->{fld_parent_id},fld_name=>' . . '} if $f->{fld_id};
my %sort_hash = &makeSortHash($f,['file_name','file_downloads','comments','file_size','file_public','file_created']);
my $totals = $db->SelectRow("SELECT COUNT(*) as total_files, SUM(file_size) as total_size FROM Files WHERE usr_id=?",$ses->getUserId);
$totals->{total_size} = $totals->{total_size}<1048576 ? sprintf("%.01f Kb",$totals->{total_size}/1024) : sprintf("%.01f Mb",$totals->{total_size}/1048576);
for(@$files)
{
$_->{site_url} = $c->{site_url};
$_->{file_size} = $ses->makeFileSize($_->{file_size});
my $file_descr = $_->{file_descr};
utf8::decode($file_descr);
$_->{file_descr} = length($file_descr)>48 ? substr($file_descr,0,48).'
' : $file_descr;
utf8::encode($_->{file_descr});
my $file_name = $_->{file_name};
utf8::decode($file_name);
$_->{file_name_txt} = length($file_name)>$c->{display_max_filename} ? substr($file_name,0,$c->{display_max_filename}).'
' : $file_name;
utf8::encode($_->{file_name_txt});
$_->{download_link} = $ses->makeFileLink($_);
$_->{file_downloads}||='';
$_->{comments}||='';
}
my $allfld = $db->SelectARef("SELECT * FROM Folders WHERE usr_id=? ORDER BY fld_name",$ses->getUserId);
my $fh;
push @{$fh->{$_->{fld_parent_id}}},$_ for @$allfld;
my @folders_tree = &buildTree($fh,0,0);
my $torrents=[];
if($ses->iPlg('t'))
{
$torrents = $db->SelectARef("SELECT *, UNIX_TIMESTAMP()-UNIX_TIMESTAMP(created) as working
FROM Torrents
WHERE usr_id=?
AND status='WORKING' ",$ses->getUserId);
for my $t (@$torrents)
{
my @files = split("\n",$t->{files});
$t->{file_list} = join('
',map{/^(.+):(\d+)$/;"$1 (".sprintf("%.1f Mb",$2/1048576)."<\/i>)"}@files );
$t->{file_list} =~ s/'/\\'/g;
$t->{title}=$files[0];
$t->{title}=~s/\/.+$//;
$t->{title}=~s/:\d+$//;
($t->{done},$t->{total},$t->{down_speed},$t->{up_speed})=split(':',$t->{progress});
$t->{percent}=sprintf("%.01f", 100*$t->{done}/$t->{total} );
$t->{done} = sprintf("%.1f", $t->{done}/1048576 );
$t->{total} = sprintf("%.1f", $t->{total}/1048576 );
$t->{working} = $t->{working}>3600*3 ? sprintf("%.1f hours",$t->{working}/3600) : sprintf("%.0f mins",$t->{working}/60)
}
}
$ses->PrintTemplate("my_files.html",
'files' => $files,
'folders' => $folders,
'folders_tree' => \@folders_tree,
'folder_id' => $f->{fld_id},
'folder_name' => $curr_folder->{fld_name},
'fld_descr' => $curr_folder->{fld_descr},
'key' => $f->{key},
'disk_space' => $c->{disk_space},
'paging' => $ses->makePagingLinks($f,$total),
'torrents' => $torrents,
enable_file_comments => $c->{enable_file_comments},
%{$totals},
%sort_hash,
);
}
sub buildTree
{
my ($fh,$parent,$depth)=@_;
my @tree;
for my $x (@{$fh->{$parent}})
{
$x->{pre}=' 'x$depth;
push @tree, $x;
push @tree, &buildTree($fh,$x->{fld_id},$depth+1);
}
return @tree;
}
sub MyFilesExport
{
my $filter;
if($f->{file_id})
{
my $ids = join ',', grep{/^\d+$/}@{ARef($f->{file_id})};
$filter="AND file_id IN ($ids)" if $ids;
}
else
{
$filter="AND file_fld_id='$f->{fld_id}'" if $f->{fld_id}=~/^\d+$/;
}
my $list = $db->SelectARef("SELECT * FROM Files f, Servers s
WHERE usr_id=?
AND f.srv_id=s.srv_id
$filter
ORDER BY file_name",$ses->getUserId);
print $ses->{cgi_query}->header( -type => 'text/html',
-expires => '-1d',
-charset => $c->{charset});
my (@list,@list_bb,@list_html);
for my $file (@$list)
{
$file->{download_link} = $ses->makeFileLink($file);
if($c->{image_mod} && $file->{file_name}=~/\.(jpg|jpeg|gif|png|bmp)$/i)
{
$ses->getThumbLink($file);
}
else
{
$file->{fsize} = $ses->makeFileSize($file->{file_size});
}
push @list, $file->{download_link};
push @list_bb, $file->{thumb_url} ? "[URL=$file->{download_link}][IMG]$file->{thumb_url}\[\/IMG]\[\/URL]" : "[URL=$file->{download_link}]$file->{file_name} - $file->{fsize}\[\/URL]";
push @list_html, $file->{thumb_url} ? qq[<\/a>"] : qq[$file->{file_name} - $file->{fsize}<\/a>];
}
print"";
print"Download links