Removed the unused streaming functions/templates
[squasher.git] / squasher.php
index 2e71b8f66db2550d7975ddd3c1711e2ea5c7ded6..cfd2ade437535c65a6b34a9e17e4b7b2a56e46af 100644 (file)
@@ -20,7 +20,7 @@ if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
 
 $squashweb->set_root($basedir);
 
-if (@$_GET['f'] || @$_GET['d']  || @$_GET['show_all']==true || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
+if (@$_GET['f'] || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
        $getdeepfiles=true;
        $populate=false;
 } else {
@@ -40,12 +40,12 @@ if (@$_GET['f']) {
 }
 
 if (@$_GET['f']) {
-       $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".$_GET['f']."'";
+       $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
        $f_r = mysql_query($f_q);
        $f_o = mysql_fetch_object($f_r);
 
        //log downloads
-       @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".$_GET['f']."','{$f_o->file}','download','".$_SESSION['creds']['user_id']."','".$_SESSION['creds']['user_name']."','".$_SERVER['REMOTE_ADDR']."',NOW())");
+       @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
 
        $_hpath_arr=explode("/", $f_o->file);
        $file=array_pop($_hpath_arr); //Remove filename
@@ -62,27 +62,15 @@ if (@$_GET['f']) {
        //get the config of requested file
        $request = $squashweb->get_config($_GET['f']);
 
-       //------------------------------------
-       //-check-file-and-request-type--start-
-       //------------------------------------
-       if (strpos($request['mime'],'ideo') && isset($_GET['d'])) { //embed video
-               $squashweb->embed_video($_GET['f']);
-       }
-       elseif (strpos($request['mime'],'ideo') && isset($_GET['x'])) { //show stream playlist
-               $squashweb->create_playlist($_GET['f'],$_GET['x'],$request[2]);
-       }
-       else {  //show requested file
-       #       header('Cache-control: private');
-               header('Content-Disposition: attachment; filename="'.$request[2].'"');
-               header("Content-Type: ".$request['mime']);
-               if ($request[3])header('Content-Length: '.$request[3]);
-               #@ob_flush();
-               @flush();
-               $squashweb->print_files($request['path'], $request[2]);
-       }
-       //---------------------------------
-       //-check-file-and-request-type-end-
-       //---------------------------------
+       //show requested file
+       #header('Cache-control: private');
+       header('Content-Disposition: attachment; filename="'.$request[2].'"');
+       header("Content-Type: ".$request['mime']);
+       if ($request[3])
+               header('Content-Length: '.$request[3]);
+       #@ob_flush();
+       @flush();
+       $squashweb->print_files($request['path'], $request[2]);
 
 } elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
        if ($_SESSION['creds']['user_level'] > 99) {
@@ -118,7 +106,7 @@ if (@$_GET['f']) {
        }
 } elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
 
-       require_once("smarty/Smarty.class.php");
+       require_once(SQUASHER_SMARTY);
 
        $smarty = new Smarty;
 
@@ -148,7 +136,7 @@ if (@$_GET['f']) {
                $squashweb->remove_users($_POST['u']);
        if ($type=="new")
                $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
-       require_once("smarty/Smarty.class.php");
+       require_once(SQUASHER_SMARTY);
 
        $smarty = new Smarty;
 
@@ -169,7 +157,7 @@ if (@$_GET['f']) {
        $logtype=@$_GET['logtype'];
        if (!$logtype)
                $logtype = 'all';
-       require_once("smarty/Smarty.class.php");
+       require_once(SQUASHER_SMARTY);
 
        $smarty = new Smarty;
 
@@ -184,7 +172,7 @@ if (@$_GET['f']) {
 } else {
        //show overview
 
-       require_once("smarty/Smarty.class.php");
+       require_once(SQUASHER_SMARTY);
 
        $smarty = new Smarty;
 
@@ -265,10 +253,7 @@ if (@$_GET['f']) {
        $smarty->assign('subfolders', $subs);
 
        //if(@$_GET[debug]) print_r($configs);
-       if (!@$_GET['newtpl'])
-               $smarty->display('index.tpl'); //Display normal template
-       else
-               $smarty->display('wip_massdelete.tpl'); //Display Work In Progress template
+       $smarty->display('index.tpl'); //Display normal template
 
 }
 // vim: syntax=php ts=4 sw=4 sts=4 sr noet