function get_logs($type='all'){
$q="SELECT log.* FROM log WHERE log.user_id != '1' and ip != '87.233.211.2' ";
- if($_SESSION[creds][user_id] == 1)$q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
+ if($_SESSION['creds']['user_id'] == 1)$q="SELECT log.* FROM log WHERE log.user_id != 'x' ";
switch($type){
case "delete":
$q.= " and log.action = 'delete'";
$order=" order by log.log_id desc ";
$r = mysql_query($q.$today.$order);
while($a = mysql_fetch_array($r)){
- $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{$a[ip]}' group by users.user_name";
+ $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{".$a['ip']."}' group by users.user_name";
$ru = mysql_query($qu);
- $a[users_from_ip]=" | ";
- while($au = mysql_fetch_array($ru))$a[users_from_ip].=$au[user_name]." | ";
+ $a['users_from_ip']=" | ";
+ while($au = mysql_fetch_array($ru))$a['users_from_ip'].=$au['user_name']." | ";
$return['today'][$a['log_id']]=$a;
}
$r = mysql_query($q.$yesterday.$order);
while($a = mysql_fetch_array($r)){
- $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{$a[ip]}' group by users.user_name";
+ $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{".$a['ip']."}' group by users.user_name";
$ru = mysql_query($qu);
- $a[users_from_ip]=" | ";
- while($au = mysql_fetch_array($ru))$a[users_from_ip].=$au[user_name]." | ";
+ $a['users_from_ip']=" | ";
+ while($au = mysql_fetch_array($ru))$a['users_from_ip'].=$au['user_name']." | ";
$return['yesterday'][$a['log_id']]=$a;
}
$r = mysql_query($q.$lastweek.$order);
while($a = mysql_fetch_array($r)){
- $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{$a[ip]}' group by users.user_name";
+ $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{".$a['ip']."}' group by users.user_name";
$ru = mysql_query($qu);
- $a[users_from_ip]=" | ";
- while($au = mysql_fetch_array($ru))$a[users_from_ip].=$au[user_name]." | ";
+ $a['users_from_ip']=" | ";
+ while($au = mysql_fetch_array($ru))$a['users_from_ip'].=$au['user_name']." | ";
$return['lastweek'][$a['log_id']]=$a;
}
$r = mysql_query($q.$older.$order);
while($a = mysql_fetch_array($r)){
- $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{$a[ip]}' group by users.user_name";
+ $qu="select users.user_name from users left join log on users.user_id = log.user_id where log.ip='{".$a['ip']."}' group by users.user_name";
$ru = mysql_query($qu);
- $a[users_from_ip]=" | ";
- while($au = mysql_fetch_array($ru))$a[users_from_ip].=$au[user_name]." | ";
+ $a['users_from_ip']=" | ";
+ while($au = mysql_fetch_array($ru))$a['users_from_ip'].=$au['user_name']." | ";
$return['older'][$a['log_id']]=$a;
}
}
function insert_users($submitted,$admin_level){
- $q = "INSERT INTO users (user_name,user_pass,user_level) values ('".$submitted[u][user_name]."','".md5($submitted[u][user_pass])."','".$submitted[u][user_level]."')";
+ $q = "INSERT INTO users (user_name,user_pass,user_level) values ('".$submitted['u']['user_name']."','".md5($submitted['u']['user_pass'])."','".$submitted['u']['user_level']."')";
$r = mysql_query($q);
}
function update_users($submitted){
- $q = "UPDATE users SET user_name = '".$submitted[u][user_name]."', user_pass = '".md5($submitted[u][user_pass])."', user_level = '".$submitted[u][user_level]."' WHERE user_id = '".$submitted[u][user_id]."'";
+ $q = "UPDATE users SET user_name = '".$submitted['u']['user_name']."', user_pass = '".md5($submitted['u']['user_pass'])."', user_level = '".$submitted['u']['user_level']."' WHERE user_id = '".$submitted['u']['user_id']."'";
$r = mysql_query($q);
}
function disable_users($submitted){
- $q = "UPDATE users SET user_name = '".$submitted[u][user_name]."', user_pass = '', user_level = '".$submitted[u][user_level]."' WHERE user_id = '".$submitted[u][user_id]."'";
+ $q = "UPDATE users SET user_name = '".$submitted['u']['user_name']."', user_pass = '', user_level = '".$submitted['u']['user_level']."' WHERE user_id = '".$submitted['u']['user_id']."'";
$r = mysql_query($q);
}
function remove_users($submitted){
- $q = "DELETE FROM users WHERE user_id = '".$submitted[u][user_id]."'";
+ $q = "DELETE FROM users WHERE user_id = '".$submitted['u']['user_id']."'";
$r = mysql_query($q);
}
$o = mysql_fetch_object($r);
if ($o->result){
- foreach ($submitted[m] AS $path => $access){
+ foreach ($submitted['m'] AS $path => $access){
$p_q = "SELECT count(*) result FROM user_rights WHERE user_id = '".$submitted['edited_user']."' AND folder_path = '".$path."'";
$p_r = mysql_query($p_q);
$p_o = mysql_fetch_object($p_r);
#Update DB
$q="delete from file_hash where file_hash = '{$h}'";
mysql_query($q);
- $q="insert into log (hash,file,action,user_id,user_name,ip,date) values ('{$h}','{$filepath}','delete','".$s['user_id']."','".$s['user_name']."','".$_SERVER[REMOTE_ADDR]."',NOW())";
+ $q="insert into log (hash,file,action,user_id,user_name,ip,date) values ('{$h}','{$filepath}','delete','".$s['user_id']."','".$s['user_name']."','".$_SERVER['REMOTE_ADDR']."',NOW())";
mysql_query($q);
#Send debug mail
<?php
-if (!$_SESSION[creds][validated] && !isset($_GET['f']))exit();
+if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))exit();
require_once("squasher.class.php");
}
//update folder rights if form is submitted
-if($submitted['edited_user'] > 0 && $submitted['formtype'] == 'folderrights') $squashweb->update_rights($submitted,$_SESSION[creds][user_level]);
+if($submitted['edited_user'] > 0 && $submitted['formtype'] == 'folderrights') $squashweb->update_rights($submitted,$_SESSION['creds']['user_level']);
//set folder rights
if (isset($_GET['f']) && $_GET['f']!=NULL){
$squashweb->give_rights(2);
}else{
- $squashweb->give_rights($_SESSION[creds][user_id]);
+ $squashweb->give_rights($_SESSION['creds']['user_id']);
}
if (isset($_GET['f']) && $_GET['f']!=NULL){
$f_o = mysql_fetch_object($f_r);
//log downloads
- @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".$_GET['f']."','{$f_o->file}','download','".$_SESSION[creds][user_id]."','".$_SESSION[creds][user_name]."','".$_SERVER[REMOTE_ADDR]."',NOW())");
+ @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".$_GET['f']."','{$f_o->file}','download','".$_SESSION['creds']['user_id']."','".$_SESSION['creds']['user_name']."','".$_SERVER['REMOTE_ADDR']."',NOW())");
$_hpath_arr=explode("/",$f_o->file);
$file=array_pop($_hpath_arr); //Remove filename
//---------------------------------
}elseif ($tools=="hide" && isset($_GET['h'])){
- if ($_SESSION[creds][user_level] > 99){
+ if ($_SESSION['creds']['user_level'] > 99){
$request = $squashweb->get_config($_GET['h']);
$handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
- fwrite($handle, 'hidden by '.$_SESSION[creds][user_name]);
+ fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
fclose($handle);
$path=substr($request['path'],strlen($basedir));
header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
}
}elseif ($tools=="unhide" && isset($_GET['h'])){
- if ($_SESSION[creds][user_level] > 99){
+ if ($_SESSION['creds']['user_level'] > 99){
$request = $squashweb->get_config($_GET['h']);
@unlink($request['path'].'/'.$request[2].'.hidden');
$path=substr($request['path'],strlen($basedir));
header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
}
}elseif ($tools=="delete" && isset($_GET['h'])){
- if ($_SESSION[creds][user_level] > 99){
+ if ($_SESSION['creds']['user_level'] > 99){
if ($_GET['h'] == "multiple"){
$h_post = $_POST['h'];
foreach ($h_post as $h_key => $h){
$request = $squashweb->get_config($h);
- $squashweb->delete_file($h,$_SESSION[creds]);
+ $squashweb->delete_file($h,$_SESSION['creds']);
}
}else{
$h = $_GET['h'];
$request = $squashweb->get_config($h);
- $squashweb->delete_file($h,$_SESSION[creds]);
+ $squashweb->delete_file($h,$_SESSION['creds']);
}
$path=substr($request['path'],strlen($basedir));
header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
}
-}elseif ($_GET['tools']=='access' && $_SESSION[creds][user_level] > 100){
+}elseif ($_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100){
require_once("smarty/Smarty.class.php");
$smarty = new Smarty;
- $smarty->assign('user_level',$_SESSION[creds][user_level]);
- $smarty->assign('user_name',$_SESSION[creds][user_name]);
- $smarty->assign('users',$squashweb->get_users($_SESSION[creds][user_level]));
+ $smarty->assign('user_level',$_SESSION['creds']['user_level']);
+ $smarty->assign('user_name',$_SESSION['creds']['user_name']);
+ $smarty->assign('users',$squashweb->get_users($_SESSION['creds']['user_level']));
$smarty->assign('edited_user',$_GET['user']);
$tree = $squashweb->show_rights_tree($path,0,$_GET['user']);
- $smarty->assign('style',$tree[style]);
- $smarty->assign('layout',$tree[layout]);
+ $smarty->assign('style',$tree['style']);
+ $smarty->assign('layout',$tree['layout']);
- $smarty->assign('debug',$vars[debug]);
+ $smarty->assign('debug',$vars['debug']);
$smarty->assign('folderrights',$squashweb->folderrights());
$smarty->assign('userrights',$squashweb->userrights());
$smarty->display('admin.tpl');
-}elseif ($_GET['tools']=='users' && $_SESSION[creds][user_level] > 100){
+}elseif ($_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100){
-if ($submitted[type]=="update"){$squashweb->update_users($submitted);}
-if ($submitted[type]=="disable"){$squashweb->disable_users($submitted);}
-if ($submitted[type]=="delete"){$squashweb->remove_users($submitted);}
-if ($submitted[type]=="new"){$squashweb->insert_users($submitted,$_SESSION[creds][user_level]);}
+if ($submitted['type']=="update"){$squashweb->update_users($submitted);}
+if ($submitted['type']=="disable"){$squashweb->disable_users($submitted);}
+if ($submitted['type']=="delete"){$squashweb->remove_users($submitted);}
+if ($submitted['type']=="new"){$squashweb->insert_users($submitted,$_SESSION['creds']['user_level']);}
require_once("smarty/Smarty.class.php");
$smarty = new Smarty;
- $smarty->assign('user_level',$_SESSION[creds][user_level]);
- $smarty->assign('user_name',$_SESSION[creds][user_name]);
- $smarty->assign('users',$squashweb->get_users($_SESSION[creds][user_level]));
+ $smarty->assign('user_level',$_SESSION['creds']['user_level']);
+ $smarty->assign('user_name',$_SESSION['creds']['user_name']);
+ $smarty->assign('users',$squashweb->get_users($_SESSION['creds']['user_level']));
- if ($_SESSION[creds][user_level] > 199){
+ if ($_SESSION['creds']['user_level'] > 199){
$smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
}else{
$smarty->assign('user_levels', array(55 => 'user' ) );
}
- $smarty->assign('debug',$vars[debug]);
+ $smarty->assign('debug',$vars['debug']);
$smarty->display('udmin.tpl');
-}elseif ($_GET['tools']=='logs' && $_SESSION[creds][user_level] > 100){
+}elseif ($_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100){
$logtype=($_GET['logtype']) ? $_GET['logtype'] : 'all';
require_once("smarty/Smarty.class.php");
$smarty = new Smarty;
- $smarty->assign('user_level',$_SESSION[creds][user_level]);
- $smarty->assign('user_name',$_SESSION[creds][user_name]);
+ $smarty->assign('user_level',$_SESSION['creds']['user_level']);
+ $smarty->assign('user_name',$_SESSION['creds']['user_name']);
$smarty->assign('logtype',$logtype);
$smarty->assign('logs',$squashweb->get_logs($logtype));
$basepath[$bpath]=$value;
}
}
-$smarty->assign('debug',$vars[debug]);
-$smarty->assign('user_level',$_SESSION[creds][user_level]);
-$smarty->assign('user_name',$_SESSION[creds][user_name]);
+$smarty->assign('debug',$vars['debug']);
+$smarty->assign('user_level',$_SESSION['creds']['user_level']);
+$smarty->assign('user_name',$_SESSION['creds']['user_name']);
$smarty->assign('folderrights',$squashweb->folderrights());
$smarty->assign('squashed',$configs);
$smarty->assign('subfolders',$subs);
//if($vars[debug])print_r($configs);
-if(!$vars[newtpl])$smarty->display('index.tpl'); //Display normal template
-if($vars[newtpl])$smarty->display('wip_massdelete.tpl'); //Display Work In Progress template
+if(!$vars['newtpl'])$smarty->display('index.tpl'); //Display normal template
+if($vars['newtpl'])$smarty->display('wip_massdelete.tpl'); //Display Work In Progress template
}
?>