\n"); fclose($file); } if(file_exists($data_dir."translation.dat")){ include($data_dir."translation.dat"); }else{ unset($pa_translated_texts); } } ob_start();require("setup_texts.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var1=="admin"){ error_reporting(0); if(isset($_COOKIE['p_pass'])){ $p_pass=$_COOKIE['p_pass']; } if(isset($_COOKIE['p_user'])){ $p_user=$_COOKIE['p_user']; } if(isset($_COOKIE['p_actdir'])){ $p_actdir=$_COOKIE['p_actdir']; } if(isset($_POST['p_user'])){ $p_user=$_POST['p_user']; } if(isset($_POST['p_pass'])){ $p_pass=$_POST['p_pass']; } if(isset($_POST['p_dir'])){ $p_dir=conv_in($_POST['p_dir']); } if(isset($_GET['p_dir'])){ $p_dir=conv_in($_GET['p_dir']); } if(isset($_POST['p_file_name'])){ $p_file_name=conv_in($_POST['p_file_name']); } if(isset($_GET['p_file_name'])){ $p_file_name=conv_in($_GET['p_file_name']); } if($var2=="login"){ if( !($ftp_error=ftp_check_login($p_user,$p_pass)) ){ /*set cookie*/ setcookie("p_user",$p_user); setcookie("p_pass",$p_pass); setcookie("p_actdir",""); $p_actdir=""; ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; }else{ ob_start();require("setup.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } } if($var2=="chdir"){ $p_actdir=$p_dir; setcookie("p_actdir",$p_actdir); ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var2=="mkdir"){ $ftp_error=ftp_setup_mkdir($p_user,$p_pass,$p_actdir,$p_dir); ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var2=="rmdir"){ $ftp_error=ftp_setup_rmdir($p_user,$p_pass,$p_actdir,$p_dir); ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var2=="delete"){ $ftp_error=ftp_setup_delete($p_user,$p_pass,$p_actdir,$p_file_name); ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var2=="upload"){ $uploaddir = $cache_dir; if (move_uploaded_file($_FILES['p_file']['tmp_name'], $uploaddir . conv_in($_FILES['p_file']['name']))) { $ftp_error=ftp_setup_put_file($p_user,$p_pass,$p_actdir,$uploaddir . conv_in($_FILES['p_file']['name']),conv_in($_FILES['p_file']['name'])); /*deleted from cache*/ unlink($uploaddir . $_FILES['p_file']['name']); } else { $ftp_error="Possible file upload attack!"; } ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } if($var2=="uploadzip"){ $uploaddir = $cache_dir; if (move_uploaded_file($_FILES['p_file']['tmp_name'], $uploaddir . conv_in($_FILES['p_file']['name']))) { $ftp_error=ftp_setup_put_zip_file($p_user,$p_pass,$p_actdir,$uploaddir . conv_in($_FILES['p_file']['name']),conv_in($_FILES['p_file']['name'])); /*deleted from cache*/ unlink($uploaddir . $_FILES['p_file']['name']); } else { $ftp_error="Possible file upload attack!"; } ob_start();require("setup_admin.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents); return; } } ob_start();require("setup.inc");$contents = ob_get_contents();ob_end_clean();theme_generate_setup_page($contents);}/**********************************************************//****************** FTP Functions *************************//**********************************************************/function create_dir($conn,$remote_directory){ $dir=split("/", $remote_directory); $path=""; $result = true; error_reporting(0); for ($i=1;$i0){ if (zip_entry_open($zip, $zip_entry, "rb")) { $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry)); $ft=fopen($tmp,"wb"); if($ft){ fwrite($ft,$buf,zip_entry_filesize($zip_entry)); fclose($ft); }else{ ftp_close($conn);return "unable to open temporary file"; } if(!ftp_put($conn,$ftp_server_photos_dir.$p_actdir.zip_entry_name($zip_entry),$tmp,FTP_BINARY)){ $result=create_dir($conn,$ftp_server_photos_dir.$p_actdir.dirname(zip_entry_name($zip_entry))); if(!$result){ ftp_close($conn);return "Unable to create directory ".dirname(zip_entry_name($zip_entry))." on ftp server";} if(!ftp_put($conn,$ftp_server_photos_dir.$p_actdir.zip_entry_name($zip_entry),$tmp,FTP_BINARY)){ftp_close($conn);return "Unable to upload file ".zip_entry_name($zip_entry);} } zip_entry_close($zip_entry); } }else{ $result=create_dir($conn,$ftp_server_photos_dir.$p_actdir.zip_entry_name($zip_entry)); if(!$result){ ftp_close($conn);return "Unable to create directory $p_dir on ftp server"; } } } }else{ ftp_close($conn);return "Not a zip file or not supported format!"; } }else{ ftp_close($conn);return "No ZIP-Support in PHP installed!"; } $result=ftp_close($conn); return "";}function ftp_check_login($p_user,$p_pass){ /*create test file, upload and thest if it comes to the right directory*/ global $ftp_server,$ftp_server_photos_dir,$album_dir,$cache_dir; $conn=ftp_connect($ftp_server); if (!$conn ){ return "Unable to connect to the server $ftp_server"; } $result = ftp_login($conn,$p_user,$p_pass); if(!$result){ ftp_close($conn); return "Username or password invalid!"; } $result = ftp_pasv($conn,true); if(!$result){ ftp_close($conn); return "Unable to setup passive mode on ftp server"; }/*reading install script and doing what to do is*/ $result=ftp_chdir($conn,$ftp_server_photos_dir."."); if(!$result){ ftp_close($conn); return "Unable to change to directory $ftp_server_photos_dir$p_actdir on ftp server"; } $test=md5(time()); $f=fopen($cache_dir.".test","w"); fwrite($f,$test); fclose($f); if(!ftp_put($conn,".test",$cache_dir.".test",FTP_BINARY)){ftp_close($conn); return "Unable to upload file testfile!";} $ff=file($album_dir.".test"); if($ff[0]!=$test){ ftp_close($conn); return "Ftp-server photos directory points to another directory not to the photos"; } $result=ftp_delete($conn,".test"); $result=ftp_close($conn); return ""; }function my_cmp($a,$b){ if($a['type']==$b['type']){ if($a['name']==$b['name']) return 0; return ($a['name'] < $b['name']) ? -1 : 1; } if($a['type']=="dir") return -1; return 1;}function ftp_get_files($actdir){ global $album_dir; $files=Array(); $dir=$album_dir.$actdir; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { $f=Array(); if( filetype($dir . $file)=="dir" ){ $f['type']="dir"; }else{ $f['type']="file"; } $f['name']=$file; $f['size']=filesize($dir."/".$file)." B"; if(is_image($file)){ list($width,$height)=getimagesize($dir."/".$file); $f['image_size']=$width." x ".$height; } if(function_exists('posix_getpwuid')){ $ow=posix_getpwuid(fileowner($dir."/".$file)); $f['owner']=$ow['name']; }else{ $f['owner']=fileowner($dir."/".$file); } if(function_exists('posix_getgrgid')){ $gr=posix_getgrgid(filegroup($dir."/".$file)); $f['group']=$gr['name']; }else{ $f['group']=filegroup($dir."/".$file); } $f['time']=date("d.m.Y H:i:s",filectime($dir."/".$file)); if($f['type']=="dir" && $f['name']!=".." && $f['name']!="."){ $f['func']="remove_dir"; }else if($f['type']=="file"){ $f['func']="delete"; } $files[]=$f; } closedir($dh); } } if(is_array($files)) usort($files,"my_cmp"); return $files;}/**********************************************************//**************END FTP Functions *************************//**********************************************************/function write_log(){global $logs_enabled,$logs_exclude,$cmd,$var1,$logs_filename,$cache_dir,$passwd,$comment_name; if($logs_enabled=="true"){ $strings=explode(";",$logs_exclude); $found="false"; $host=gethostbyaddr($_SERVER['REMOTE_ADDR']); foreach($strings as $num=>$string){ if(strlen($string)>0) if(strstr($host,$string))$found="true"; } if($found=="false"){ $file_log=fopen($cache_dir.$logs_filename,"a"); fwrite($file_log,date("D.M.j G:i:s")."|".$cmd."|".$var1."|".$comment_name."|".$host."|".$passwd."\n"); fclose($file_log); } }}function generate_theme($var1){ if($var1=="style_css"){ theme_get_style_css(); return; }}/****************************************//* Start Program v0. *//****************************************//*ob_start*/if(isset($_GET['cmd'])){ $cmd=$_GET['cmd'];}if(isset($_GET['var1'])){ $var1=$_GET['var1'];}if(isset($_GET['var2'])){ $var2=$_GET['var2'];}if(isset($_GET['var3'])){ $var3=$_GET['var3'];}if(isset($_GET['var4'])){ $var4=$_GET['var4'];}if(isset($_POST['cmd'])){ $cmd=$_POST['cmd'];}if(isset($_POST['var1'])){ $var1=$_POST['var1'];}if(isset($_POST['var2'])){ $var2=$_POST['var2'];}if(isset($_POST['var3'])){ $var3=$_POST['var3'];}if(isset($_POST['var4'])){ $var4=$_POST['var4'];}$p=$_POST['p'];if($cmd!="album" &&$cmd!="phpinfo" &&$cmd!="thmb" &&$cmd!="image" &&$cmd!="imageview" &&$cmd!="setup" &&$cmd!="delcache" &&$cmd!="logo" &&$cmd!="theme" &&$cmd!="dir_logo" &&//$cmd!="system_check" &&$cmd!="setquality"){$cmd="album";}read_settings();require($themes_dir."engines/".$site_engine."/engine.php");require("language.php");/*if(file_exists($themes_dir.$site_theme."/theme.php")){ include($themes_dir.$site_theme."/theme.php");}else{ include($themes_dir."Flowing_Dark"."/theme.php");}*/theme_initialize();if($cmd=="setquality"){ $quality=$var1; setcookie("phpAlbum_quality",$quality,time()+60*60*24*365); $cmd="album";$var1=$var2;$var2="";$var3="";}else{ if(isset($_COOKIE["phpAlbum_quality"])){ $quality=$_COOKIE["phpAlbum_quality"]; }else{ $quality=$quality_settings[0][6]*0+$quality_settings[1][6]*1+$quality_settings[2][6]*2; } if($quality_settings[$quality][5]==0){ $quality=$quality_settings[0][6]*0+$quality_settings[1][6]*1+$quality_settings[2][6]*2; setcookie("phpAlbum_quality",$quality,time()+60*60*24*365); } if($quality != 0 && $quality != 1 && $quality!= 2 ){ $quality=0; setcookie("phpAlbum_quality",$quality,time()+60*60*24*365); }}if(strstr($var1,"..")){ $var1="";}if(isset($_COOKIE['comment_name'])){ $comment_name=$_COOKIE['comment_name'];}if(isset($_COOKIE['comment_email'])){ $comment_email=$_COOKIE['comment_email'];}$thumb_size=$quality_settings[$quality][0];$thumb_quality=$quality_settings[$quality][1];$passwd=$_COOKIE["phpAlbum_passwd"];if (isset($p)){ $passwd.="_".$p."_"; if($cookie_password_hours>0){ setcookie("phpAlbum_passwd",$passwd,time()+60*60*$cookie_password_hours); }else{ setcookie("phpAlbum_passwd",$passwd); }}/*is cachable then try to loade from cache*//*if (isset( $_SERVER["HTTP_IF_MODIFIED_SINCE"] ) ){ header('HTTP/1.0 304 Not Modified'); exit; }*/$passwd_req=get_password_for_cmd($cmd,$var1);if($passwd_req!="" && !strstr($passwd,$passwd_req) ){ /*need a password */ //generate_header(); generate_password_page($cmd,$var1,$var2); //generate_footer(); return;}$this_is_cachable=false; if(is_cachable($cmd,$var1)) { $this_is_cachable=true; if(is_cached($cache_dir,$cmd,$var1,$var2,$var3,$quality)) { load_from_cache($cache_dir,$cmd,$var1,$var2,$var3,$quality); //echo "
Loaded from cache"; return; }}/*header("Last-Modified: ".date("D, d M Y H:i:s T",time()) ); *//*testing for php-info*/$cache_this_doc=true;if($this_is_cachable){ob_start();}/*testing for password */if($cmd=="phpinfo"){ phpinfo();}else if($cmd=="album"){ write_log(); $cache_this_doc=generate_album($album_dir,$var1,$thumb_size,$thumb_quality,$quality,$passwd,$var3); }else if($cmd=="thmb"){ generate_thumb($var1,$thumb_size,$thumb_quality); }else if($cmd=="image"){ if(is_movie($var1) || is_audio($var1)){ write_log(); } $cache_this_doc=generate_image($var1,$quality);/* original photos, videos and audios should not be cached.*/}else if($cmd=="imageview"){ write_log(); generate_image_view($var1,$quality,$var3); }else if($cmd=="setup"){ generate_setup_page();}else if($cmd=="system_check"){ generate_system_check();}else if($cmd=="delcache"){ delete_cache($cache_dir); echo "Cache Deleted!";}else if($cmd=="theme"){ generate_theme($var1);}else if($cmd=="logo"){ theme_generate_logo();}else if($cmd=="dir_logo"){ theme_generate_dir_logo($var1,$var2);}else{ //include("header.inc"); echo "File Not Found";}/*caching output*/if($this_is_cachable){ if(is_cachable($cmd,$var1) && $cache_this_doc){ cache_document($cache_dir,$cmd,$var1,$var2,$var3,$quality); } ob_end_flush();}?>