Menu
▾
▴
[mxbb-commits] mx_music/includes music_cat.php, NONE, 1.1 music_comment.php, NONE, 1.1 music_comment_delete.php, NONE, 1.1 music_comment_edit.php, NONE, 1.1 music_delete.php, NONE, 1.1 music_download.php, NONE, 1.1 music_edit.php, NONE, 1.1 music_list.php, NONE, 1.1 music_modcp.php, NONE, 1.1 music_page.php, NONE, 1.1 music_rate.php, NONE, 1.1 music_song.php, NONE, 1.1 music_stream.php, NONE, 1.1 music_upload.php, NONE, 1.1
|
From: OryNider <ory...@us...> - 2007-06-06 20:33:00
|
Update of /cvsroot/mxbb/mx_music/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv6104/includes Added Files: music_cat.php music_comment.php music_comment_delete.php music_comment_edit.php music_delete.php music_download.php music_edit.php music_list.php music_modcp.php music_page.php music_rate.php music_song.php music_stream.php music_upload.php Log Message: --- NEW FILE: music_upload.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_upload.php,v 1.1 2007/06/06 20:32:53 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); if ( !defined('TEMPLATE_ROOT_PATH') ) { include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // } $music_root_path = $module_root_path . 'music_box/'; $song_image_path = $module_root_path . 'upload/song_image/'; // // Get general music information // if ( !$is_block ) { include($music_root_path . 'music_common.'.$phpEx); } else { include_once($music_root_path . 'music_common.'.$phpEx); } /* +---------------------------------------------------------- | Common Check +---------------------------------------------------------- */ // ------------------------------------ // Check the request // for this Upload script, we prefer POST to GET // ------------------------------------ if( isset($HTTP_POST_VARS['cat_id']) ) { $cat_id = intval($HTTP_POST_VARS['cat_id']); } else if( isset($HTTP_GET_VARS['cat_id']) ) { $cat_id = intval($HTTP_GET_VARS['cat_id']); } else { mx_message_die(GENERAL_ERROR, 'No categories specified'); } // ------------------------------------ // Get the current Category Info // ------------------------------------ $sql = "SELECT c.*, COUNT(s.song_id) AS count FROM ". MUSIC_CAT_TABLE ." AS c LEFT JOIN ". MUSIC_TABLE ." AS s ON c.cat_id = s.song_cat_id WHERE c.cat_id = '$cat_id' GROUP BY c.cat_id LIMIT 1"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $thiscat = $db->sql_fetchrow($result); $current_songs = $thiscat['count']; if (empty($thiscat)) { mx_message_die(GENERAL_ERROR, $lang['Category_not_exist']); } // ------------------------------------ // Check the permissions // ------------------------------------ $music_user_access = music_user_access($cat_id, $thiscat, 0, 1, 0, 0, 0, 0); // UPLOAD if ($music_user_access['upload'] == 0) { if (!$userdata['session_logged_in']) { mx_redirect(append_sid($mx_root_path . "login.php?redirect=" . this_mo_loginurl("music_mode=music_upload&cat_id=$cat_id"), true)); } else { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } /* +---------------------------------------------------------- | Upload Quota Check +---------------------------------------------------------- */ // ------------------------------------ // Check music Configuration Quota // ------------------------------------ if ($music_config['max_songs'] >= 0) { // // $current_songs was set at "Get the current Category Info" // if( $current_songs >= $music_config['max_songs'] ) { mx_message_die(GENERAL_MESSAGE, $lang['Music_reached_quota']); } } // ------------------------------------ // Check User Limit // ------------------------------------ $check_user_limit = FALSE; if( ($userdata['user_level'] != ADMIN) and ($userdata['session_logged_in']) ) { if ($music_user_access['moderator']) { if ($music_config['mod_songs_limit'] >= 0) { $check_user_limit = 'mod_songs_limit'; } } else { if ($music_config['user_songs_limit'] >= 0) { $check_user_limit = 'user_songs_limit'; } } } // Do the check here if ($check_user_limit != FALSE) { $sql = "SELECT COUNT(song_id) AS count FROM ". MUSIC_TABLE ." WHERE song_user_id = '". $userdata['user_id'] ."' AND song_cat_id = '$cat_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not count your song', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $own_songs = $row['count']; if( $own_songs >= $music_config[$check_user_limit] ) { mx_message_die(GENERAL_MESSAGE, $lang['User_reached_songs_quota']); } } /* +---------------------------------------------------------- | Main work here... +---------------------------------------------------------- */ if( !isset($HTTP_POST_VARS['song_title']) ) // is it not submitted? { // -------------------------------- // Build categories select // -------------------------------- $sql = "SELECT * FROM " . MUSIC_CAT_TABLE ." ORDER BY cat_order ASC"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query categories list', '', __LINE__, __FILE__, $sql); } $catrows = array(); while( $row = $db->sql_fetchrow($result) ) { $thiscat_access = music_user_access($row['cat_id'], $row, 0, 1, 0, 0, 0, 0); // UPLOAD if ($thiscat_access['upload'] == 1) { $catrows[] = $row; } } $select_cat = '<select name="cat_id">'; for ($i = 0; $i < count($catrows); $i++) { $select_cat .= '<option value="'. $catrows[$i]['cat_id'] .'" '; $select_cat .= ($cat_id == $catrows[$i]['cat_id']) ? 'selected="selected"' : ''; $select_cat .= '>'. $catrows[$i]['cat_title'] .'</option>'; } $select_cat .= '</select>'; // // Start output of page // $page_title = $lang['Music']; if ( !$is_block ) { include($mx_root_path . 'includes/page_header.'.$phpEx); } $template->set_filenames(array( 'body' => 'music_upload_body.tpl') ); $template->assign_vars(array( 'U_VIEW_CAT' => append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")), 'CAT_TITLE' => $thiscat['cat_title'], 'L_UPLOAD_SONG' => $lang['Upload_Song'], 'L_USERNAME' => $lang['Username'], 'L_SONG_TITLE' => $lang['Song_Title'], 'L_SONG_URL' => $lang['Song_url'], 'L_SONG_DESC' => $lang['Song_Desc'], 'L_SINGER' => $lang['Singer'], 'L_PLAIN_TEXT_ONLY' => $lang['Plain_text_only'], 'L_MAX_LENGTH' => $lang['Max_length'], 'S_SONG_DESC_MAX_LENGTH' => $music_config['desc_length'], 'L_UPLOAD_SONG_FROM_MACHINE' => $lang['Upload_song_from_machine'], 'L_SONG_IMAGE' => $lang['Song_image'], 'L_SONG_IMAGE_DESC' => $lang['Song_image_desc'], 'L_NO_IMAGE' => $lang['No_image'], 'L_UPLOAD_IMAGE' => $lang['Upload_image'], 'L_UPLOAD_TO_CATEGORY' => $lang['Upload_to_Category'], 'SELECT_CAT' => $select_cat, 'L_MAX_FILESIZE' => $lang['Max_file_size'], 'S_MAX_FILESIZE' => $music_config['max_file_size'], // Media Center 'L_ALLOWED_FILE' => $lang['Allowed_file'], 'S_MP3' => ($music_config['mp3_allowed'] == 1) ? 'MP3,' : '', 'S_WAV' => ($music_config['wav_allowed'] == 1) ? 'WAV,' : '', 'S_WMA' => ($music_config['wma_allowed'] == 1) ? 'WMA,' : '', 'S_WMV' => ($music_config['wmv_allowed'] == 1) ? 'WMV,' : '', 'S_MIDI' => ($music_config['mid_allowed'] == 1) ? 'MIDI,' : '', 'S_RAM' => ($music_config['ram_allowed'] == 1) ? 'RAM,' : '', 'S_AU' => ($music_config['au_allowed'] == 1) ? 'AU,' : '', 'S_MPEG' => ($music_config['mpeg_allowed'] == 1) ? 'MPEG,' : '', 'S_AVI' => ($music_config['avi_allowed'] == 1) ? 'AVI,' : '', 'S_SWF' => ($music_config['swf_allowed'] == 1) ? 'SWF,' : '', 'S_QT' => ($music_config['qt_allowed'] == 1) ? 'QT,' : '', 'S_RM' => ($music_config['rm_allowed'] == 1) ? 'RM,' : '', // Media Center 'L_UPLOAD_NO_TITLE' => $lang['Upload_no_title'], 'L_UPLOAD_NO_FILE' => $lang['Upload_no_file'], 'L_UPLOAD_BOTH_FILE' => $lang['Upload_both_file'], 'L_DESC_TOO_LONG' => $lang['Desc_too_long'], 'L_RESET' => $lang['Reset'], 'L_SUBMIT' => $lang['Submit'], 'NAV_SEP' => $lang['Nav_Separator'], 'NAV_DOT' => '•', 'MUSIC_VERSION' => '2' . $music_config['music_version'], 'L_INDEX' => '<<', 'U_INDEX' => append_sid($mx_root_path . "index.".$phpEx), 'L_MUSIC_INDEX' => $lang['Music'], 'L_MUSIC' => $lang['Music'], 'U_MUSIC' => append_sid(this_mo_mxurl()), 'U_MX_MUSIC' => append_sid(this_mo_portalurl()), 'S_MUSIC_ACTION' => append_sid(this_mo_mxurl("music_mode=music_upload&cat_id=$cat_id")), ) ); // // Generate the page // $template->pparse('body'); if ( !$is_block ) { include($mx_root_path . 'includes/page_tail.'.$phpEx); } } else { // -------------------------------- // Check posted info // -------------------------------- $song_title = str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['song_title']))); $song_url = str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['song_url']))); $image_system = str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['image_system']))); $song_desc = str_replace("\'", "''", htmlspecialchars(substr(trim($HTTP_POST_VARS['song_desc']), 0, $music_config['desc_length']))); $song_singer = str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['song_singer']))); $song_username = (!$userdata['session_logged_in']) ? substr(str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['song_username']))), 0, 32) : str_replace("'", "''", $userdata['username']); if( empty($song_title) ) { mx_message_die(GENERAL_ERROR, $lang['Missed_song_title']); } // -------------------------------- // Check username for guest posting // -------------------------------- if (!$userdata['session_logged_in']) { if ($song_username != '') { $result = validate_username($song_username); if ( $result['error'] ) { mx_message_die(GENERAL_MESSAGE, $result['error_msg']); } } } // -------------------------------- // Get File Upload Info // -------------------------------- $filetype = $HTTP_POST_FILES['song_file']['type']; $filesize = $HTTP_POST_FILES['song_file']['size']; $filetmp = $HTTP_POST_FILES['song_file']['tmp_name']; // -------------------------------- // Get Song Image Upload Info // -------------------------------- $imagetype = ( !empty($HTTP_POST_FILES['song_image']['type']) ) ? $HTTP_POST_FILES['song_image']['type'] : ''; $imagesize = ( !empty($HTTP_POST_FILES['song_image']['size']) ) ? $HTTP_POST_FILES['song_image']['size'] : 0; $imagetmp = ( !empty($HTTP_POST_FILES['song_image']['tmp_name']) ) ? $HTTP_POST_FILES['song_image']['tmp_name'] : ''; // -------------------------------- // Check image size // -------------------------------- if( $image_system == '1' ) { if( $imagesize > $music_config['max_image_size'] ) { mx_message_die(GENERAL_MESSAGE, $lang['Bad_upload_image_size']); } } // -------------------------------- // Check image type // -------------------------------- if( $image_system == '1' ) { switch ($imagetype) { case 'image/jpeg': case 'image/jpg': case 'image/pjpeg': $song_imagetype = '.jpg'; break; case 'image/gif': $song_imagetype = '.gif'; break; case 'image/png': case 'image/x-png': $song_imagetype = '.png'; break; default: mx_message_die(GENERAL_ERROR, $lang['Not_allowed_image_type']); } } // -------------------------------- // Prepare variables // -------------------------------- $song_time = time(); $song_user_id = $userdata['user_id']; $song_user_ip = $userdata['session_ip']; // -------------------------------- // Check file size // -------------------------------- if( empty($song_url) ) { if( ($filesize == 0) or ($filesize > $music_config['max_file_size']) ) { mx_message_die(GENERAL_MESSAGE, $lang['Bad_upload_file_size']); } } // -------------------------------- // Check file type // -------------------------------- if( empty($song_url) ) { switch ($filetype) { case 'audio/mpeg': case 'audio/x-mpeg': case 'audio/mp3': case 'audio/mpg': if ($music_config['mp3_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.mp3'; break; case 'audio/wav': if ($music_config['wav_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.wav'; break; case 'audio/x-ms-wma': if ($music_config['wma_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.wma'; break; // // Extra extensions // case 'video/x-ms-wmv': if ($music_config['wmv_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.wmv'; break; case 'video/mpeg': if ($music_config['mpeg_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.mpeg'; break; case 'video/avi': case 'video/x-msvideo': if ($music_config['avi_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.avi'; break; case 'application/x-shockwave-flash': if ($music_config['swf_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.swf'; break; case 'video/quicktime': if ($music_config['qt_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.qt'; break; case 'audio/x-midi': case 'audio/mid': case 'audio/midi': if ($music_config['mid_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.mid'; break; case 'audio/x-pn-realaudio': if ($music_config['ram_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.ram'; break; case 'audio/basic': if ($music_config['au_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.au'; break; case 'audio/vnd.rn-realmedia': case 'application/vnd.rn-realmedia': case 'video/vnd.rn-realvideo': case 'application/vnd': if ($music_config['rm_allowed'] == 0) { mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } $song_filetype = '.rm'; break; // End extra default: mx_message_die(GENERAL_ERROR, $lang['Not_allowed_file_type']); } } // -------------------------------- // Generate filename // -------------------------------- srand((double)microtime()*1000000); // for older than version 4.2.0 of PHP do { $song_filename = md5(uniqid(rand())) . $song_filetype; } while( file_exists(MUSIC_UPLOAD_PATH . $song_filename) ); // -------------------------------- // Generate imagename // -------------------------------- if( $image_system == '1' ) { do { $song_imagename = md5(uniqid(rand())) . $song_imagetype; } while( file_exists($song_image_path . $song_imagename) ); } // -------------------------------- // Move this file to upload directory // -------------------------------- if( empty($song_url) ) { $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; if ( @$ini_val('open_basedir') != '' ) { if ( @phpversion() < '4.0.3' ) { mx_message_die(GENERAL_ERROR, 'open_basedir is set and your PHP version does not allow move_uploaded_file<br /><br />Please contact your server admin', '', __LINE__, __FILE__); } $move_file = 'move_uploaded_file'; } else { $move_file = 'copy'; } $move_file($filetmp, MUSIC_UPLOAD_PATH . $song_filename); @chmod(MUSIC_UPLOAD_PATH . $song_filename, 0777); } // -------------------------------- // Move song image to directory // -------------------------------- if( $image_system == '1' ) { if( !empty($HTTP_POST_FILES['song_image']['tmp_name']) ) { $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; if ( @$ini_val('open_basedir') != '' ) { if ( @phpversion() < '4.0.3' ) { message_die(GENERAL_ERROR, 'open_basedir is set and your PHP version does not allow move_uploaded_file<br /><br />Please contact your server admin', '', __LINE__, __FILE__); } $move_file = 'move_uploaded_file'; } else { $move_file = 'copy'; } $move_file($imagetmp, $song_image_path . $song_imagename); @chmod($song_image_path . $song_imagename, 0777); } } // -------------------------------- // Check its image size // -------------------------------- if( $image_system == '1' ) { if( !empty($HTTP_POST_FILES['song_image']['size']) ) { $image_size = getimagesize($song_image_path . $song_imagename); $image_width = $image_size[0]; $image_height = $image_size[1]; if ( ($image_width > $music_config['max_image_width']) or ($image_height > $music_config['max_image_height']) ) { @unlink($song_image_path . $song_imagename); message_die(GENERAL_ERROR, 'Your uploaded image size is too big'); } } } // -------------------------------- // Check song Approval // -------------------------------- $song_approval = ($thiscat['cat_approval'] == 0) ? 1 : 0; // -------------------------------- // Insert into DB // -------------------------------- $sql = "INSERT INTO ". MUSIC_TABLE ." (song_filename, song_imagename, song_title, song_url, song_desc, song_singer, song_user_id, song_user_ip, song_username, song_time, song_cat_id, song_approval) VALUES ('$song_filename', '$song_imagename', '$song_title', '$song_url', '$song_desc', '$song_singer', '$song_user_id', '$song_user_ip', '$song_username', '$song_time', '$cat_id', '$song_approval')"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not insert new entry', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Complete... now send a message to user // -------------------------------- if ($thiscat['cat_approval'] == 0) { $message = $lang['Music_upload_successful']; } else { $message = $lang['Music_upload_need_approval']; } if ($thiscat['cat_approval'] == 0) { $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . '">') ); } //$message .= $sql; $message .= "<br /><br />" . sprintf($lang['Click_return_category'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . "\">", "</a>"); $message .= "<br /><br />" . sprintf($lang['Click_return_music_index'], "<a href=\"" . append_sid(this_mo_mxurl()) . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_delete.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_delete.php,v 1.1 2007/06/06 20:32:40 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); if ( !defined('TEMPLATE_ROOT_PATH') ) { include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // } $music_root_path = $module_root_path . 'music_box/'; // // Get general music information // if ( !$is_block ) { include($music_root_path . 'music_common.'.$phpEx); } else { include_once($music_root_path . 'music_common.'.$phpEx); } // ------------------------------------ // Check the request // ------------------------------------ if( isset($HTTP_GET_VARS['song_id']) ) { $song_id = intval($HTTP_GET_VARS['song_id']); } else if( isset($HTTP_POST_VARS['song_id']) ) { $song_id = intval($HTTP_POST_VARS['song_id']); } else { mx_message_die(GENERAL_ERROR, 'No songs specified'); } // ------------------------------------ // Get this song info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_TABLE ." WHERE song_id = '$song_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query song information', '', __LINE__, __FILE__, $sql); } $thissong = $db->sql_fetchrow($result); $cat_id = $thissong['song_cat_id']; $user_id = $thissong['song_user_id']; $song_filename = $thissong['song_filename']; if( empty($thissong) ) { mx_message_die(GENERAL_ERROR, $lang['Song_not_exist']); } // ------------------------------------ // Get the current Category Info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_CAT_TABLE ." WHERE cat_id = '$cat_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $thiscat = $db->sql_fetchrow($result); if (empty($thiscat)) { mx_message_die(GENERAL_ERROR, $lang['Category_not_exist']); } // ------------------------------------ // Check the permissions // ------------------------------------ $music_user_access = music_user_access($cat_id, $thiscat, 0, 0, 0, 0, 0, 1); // DELETE if ($music_user_access['delete'] == 0) { if (!$userdata['session_logged_in']) { mx_redirect(append_sid($mx_root_path . "login.php?redirect=" . this_mo_loginurl("music_mode=music_delete&song_id=$song_id"), true)); } else { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } else { if( (!$music_user_access['moderator']) or ($userdata['user_level'] != ADMIN) ) { if ($thissong['song_user_id'] != $userdata['user_id']) { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } } /* +---------------------------------------------------------- | Main work here... +---------------------------------------------------------- */ if( !isset($HTTP_POST_VARS['confirm']) ) { // -------------------------------- // If user give up deleting... // -------------------------------- if( isset($HTTP_POST_VARS['cancel']) ) { mx_redirect(append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id"))); exit; } // // Start output of page // $page_title = $lang['Music']; if ( !$is_block ) { include($mx_root_path . 'includes/page_header.'.$phpEx); } $template->set_filenames(array( 'body' => 'confirm_body.tpl') ); $template->assign_vars(array( 'MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Music_delete_confirm'], 'L_NO' => $lang['No'], 'L_YES' => $lang['Yes'], 'S_CONFIRM_ACTION' => append_sid(this_mo_mxurl("music_mode=music_delete&song_id=$song_id")), ) ); // // Generate the page // $template->pparse('body'); if ( !$is_block ) { include($mx_root_path . 'includes/page_tail.'.$phpEx); } } else { // -------------------------------- // It's confirmed. First delete all comments // -------------------------------- $sql = "DELETE FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_song_id = '$song_id'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete related comments', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Delete all ratings // -------------------------------- $sql = "DELETE FROM ". MUSIC_RATE_TABLE ." WHERE rate_song_id = '$song_id'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete related ratings', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Delete File // -------------------------------- @unlink(MUSIC_UPLOAD_PATH . $thissong['song_filename']); // -------------------------------- // Delete DB entry // -------------------------------- $sql = "DELETE FROM ". MUSIC_TABLE ." WHERE song_id = '$song_id'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete DB entry', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Complete... now send a message to user // -------------------------------- $message = $lang['Songs_deleted_successfully']; $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . '">') ); $message .= "<br /><br />" . sprintf($lang['Click_return_category'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . "\">", "</a>"); $message .= "<br /><br />" . sprintf($lang['Click_return_music_index'], "<a href=\"" . append_sid(this_mo_mxurl()) . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_comment_edit.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_comment_edit.php,v 1.1 2007/06/06 20:32:38 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); if ( !defined('TEMPLATE_ROOT_PATH') ) { include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // } $music_root_path = $module_root_path . 'music_box/'; // // Get general music information // if ( !$is_block ) { include($music_root_path . 'music_common.'.$phpEx); } else { include_once($music_root_path . 'music_common.'.$phpEx); } // ------------------------------------ // Check feature enabled // ------------------------------------ if( $music_config['comment'] == 0 ) { mx_message_die(GENERAL_MESSAGE, $lang['Not_Authorised']); } // ------------------------------------ // Check the request // ------------------------------------ if( isset($HTTP_GET_VARS['comment_id']) ) { $comment_id = intval($HTTP_GET_VARS['comment_id']); } else if( isset($HTTP_POST_VARS['comment_id']) ) { $comment_id = intval($HTTP_POST_VARS['comment_id']); } else { mx_message_die(GENERAL_ERROR, 'No comment_id specified'); } // ------------------------------------ // Get the comment info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_id = '$comment_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query this comment information', '', __LINE__, __FILE__, $sql); } $thiscomment = $db->sql_fetchrow($result); if( empty($thiscomment) ) { mx_message_die(GENERAL_ERROR, 'This comment does not exist'); } // ------------------------------------ // Get $song_id from $comment_id // ------------------------------------ $sql = "SELECT comment_id, comment_song_id FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_id = '$comment_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query comment and song information', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $song_id = $row['comment_song_id']; // ------------------------------------ // Get this song info // ------------------------------------ $sql = "SELECT s.*, u.user_id, u.username, COUNT(c.comment_id) as comments_count FROM ". MUSIC_TABLE ." AS s LEFT JOIN ". USERS_TABLE ." AS u ON s.song_user_id = u.user_id LEFT JOIN ". MUSIC_COMMENT_TABLE ." AS c ON s.song_id = c.comment_song_id WHERE song_id = '$song_id' GROUP BY s.song_id LIMIT 1"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query song information', '', __LINE__, __FILE__, $sql); } $thissong = $db->sql_fetchrow($result); $cat_id = $thissong['song_cat_id']; $user_id = $thissong['song_user_id']; $total_comments = $thissong['comments_count']; $comments_per_page = $board_config['posts_per_page']; $song_filename = $thissong['song_filename']; if( empty($thissong) ) { mx_message_die(GENERAL_ERROR, $lang['Song_not_exist']); } // ------------------------------------ // Get the current Category Info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_CAT_TABLE ." WHERE cat_id = '$cat_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $thiscat = $db->sql_fetchrow($result); if (empty($thiscat)) { mx_message_die(GENERAL_ERROR, $lang['Category_not_exist']); } // ------------------------------------ // Check the permissions // ------------------------------------ $music_user_access = music_user_access($thissong['song_cat_id'], $thiscat, 0, 0, 0, 1, 1, 0); if( ($music_user_access['comment'] == 0) or ($music_user_access['edit'] == 0) ) { if (!$userdata['session_logged_in']) { mx_redirect(append_sid($mx_root_path . "login.php?redirect=" . this_mo_loginurl("music_mode=music_comment_edit&comment_id=$comment_id"), true)); } else { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } else { if( (!$music_user_access['moderator']) or ($userdata['user_level'] != ADMIN) ) { if ($thiscomment['comment_user_id'] != $userdata['user_id']) { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } } /* +---------------------------------------------------------- | Main work here... +---------------------------------------------------------- */ if( !isset($HTTP_POST_VARS['comment']) ) { /* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Comments Screen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ if( ($thissong['song_user_id'] == MUSIC_GUEST) or ($thissong['username'] == '') ) { $poster = ($thissong['song_username'] == '') ? $lang['Guest'] : $thissong['song_username']; } else { $poster = '<a href="'. append_sid($phpbb_root_path . "profile.$phpEx?mode=viewprofile&". POST_USERS_URL .'='. $thissong['user_id']) .'">'. $thissong['username'] .'</a>'; } // // Start output of page // $page_title = $lang['Music']; if ( !$is_block ) { include($mx_root_path . 'includes/page_header.'.$phpEx); } $template->set_filenames(array( 'body' => 'music_comment_body.tpl') ); $template->assign_block_vars('switch_comment_post', array()); $template->assign_vars(array( 'CAT_TITLE' => $thiscat['cat_title'], 'U_VIEW_CAT' => append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")), 'U_SONG' => append_sid(this_mo_mxurl("music_mode=music_song&song_id=$song_id")), 'SONG_TITLE' => $thissong['song_title'], 'POSTER' => $poster, 'SONG_TIME' => create_date($board_config['default_dateformat'], $thissong['song_time'], $board_config['board_timezone']), 'SONG_VIEW' => $thissong['song_view_count'], 'SONG_COMMENTS' => $total_comments, 'S_MESSAGE' => $thiscomment['comment_text'], 'L_SONG_TITLE' => $lang['Song_Title'], 'L_POSTER' => $lang['Poster'], 'L_POSTED' => $lang['Posted'], 'L_VIEW' => $lang['View'], 'L_COMMENTS' => $lang['Comments'], 'L_POST_YOUR_COMMENT' => $lang['Post_your_comment'], 'L_MESSAGE' => $lang['Message'], 'L_USERNAME' => $lang['Username'], 'L_COMMENT_NO_TEXT' => $lang['Comment_no_text'], 'L_COMMENT_TOO_LONG' => $lang['Comment_too_long'], 'L_MAX_LENGTH' => $lang['Max_length'], 'S_MAX_LENGTH' => $music_config['desc_length'], 'L_SUBMIT' => $lang['Submit'], 'S_MUSIC_ACTION' => append_sid(this_mo_mxurl("music_mode=music_comment_edit&comment_id=$comment_id")) ) ); // // Generate the page // $template->pparse('body'); if ( !$is_block ) { include($mx_root_path . 'includes/page_tail.'.$phpEx); } } else { /* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Comment Submited ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ $comment_text = str_replace("\'", "''", htmlspecialchars(substr(trim($HTTP_POST_VARS['comment']), 0, $music_config['desc_length']))); if( empty($comment_text) ) { mx_message_die(GENERAL_ERROR, $lang['Comment_no_text']); } // -------------------------------- // Prepare variables // -------------------------------- $comment_edit_time = time(); $comment_edit_user_id = $userdata['user_id']; // -------------------------------- // Update the DB // -------------------------------- $sql = "UPDATE ". MUSIC_COMMENT_TABLE ." SET comment_text = '$comment_text', comment_edit_time = '$comment_edit_time', comment_edit_count = comment_edit_count + 1, comment_edit_user_id = '$comment_edit_user_id' WHERE comment_id = '$comment_id'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update comment data', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Complete... now send a message to user // -------------------------------- $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(this_mo_mxurl("music_mode=music_comment&comment_id=$comment_id")) . '#'.$comment_id.'">') ); $message = $lang['Stored'] . "<br /><br />" . sprintf($lang['Click_view_message'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_comment&comment_id=$comment_id")) . "#$comment_id\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_music_index'], "<a href=\"" . append_sid(this_mo_mxurl()) . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_cat.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_cat.php,v 1.1 2007/06/06 20:32:33 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); if ( !defined('TEMPLATE_ROOT_PATH') ) { include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // } $music_root_path = $module_root_path . 'music_box/'; // // Get general music information // include_once($music_root_path . 'music_common.'.$phpEx); // ------------------------------------ // Check the request // ------------------------------------ if( isset($HTTP_POST_VARS['cat_id']) ) { $cat_id = intval($HTTP_POST_VARS['cat_id']); } else if( isset($HTTP_GET_VARS['cat_id']) ) { $cat_id = intval($HTTP_GET_VARS['cat_id']); } else { mx_message_die(GENERAL_ERROR, 'No categories specified'); } // // END check request // // ------------------------------------ // Get this cat info // ------------------------------------ $sql = "SELECT c.*, COUNT(s.song_id) AS count FROM ". MUSIC_CAT_TABLE ." AS c LEFT JOIN ". MUSIC_TABLE ." AS s ON c.cat_id = s.song_cat_id WHERE c.cat_id <> 0 GROUP BY c.cat_id ORDER BY cat_order"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $thiscat = array(); // this category $catrows = array(); // all categories for jumpbox while( $row = $db->sql_fetchrow($result) ) { $music_user_access = music_user_access($row['cat_id'], $row, 1, 0, 0, 0, 0, 0); // VIEW if ($music_user_access['view'] == 1) { $catrows[] = $row; if( $row['cat_id'] == $cat_id ) { $thiscat = $row; $auth_data = music_user_access($cat_id, $row, 1, 1, 1, 1, 1, 1); // ALL $total_songs = $thiscat['count']; } } } if (empty($thiscat)) { mx_message_die(GENERAL_MESSAGE, $lang['Category_not_exist']); } // // END cat info // // ------------------------------------ // Check permissions // ------------------------------------ if( !$auth_data['view'] ) { if (!$userdata['session_logged_in']) { mx_redirect(append_sid($mx_root_path . "login.php?redirect=" . this_mo_loginurl("music_mode=music_cat&cat_id=$cat_id"), true)); } else { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } if ( $auth_data['upload'] ) { $enable_soung_upload_switch = true; $template->assign_block_vars('enable_soung_upload', array()); } // // END check permissions // // ------------------------------------ // Build Auth List // ------------------------------------ $auth_key = array_keys($auth_data); $auth_list = ''; for ($i = 0; $i < (count($auth_data) - 1); $i++) // ignore MODERATOR in this loop { // // we should skip a loop if RATE and COMMENT is disabled // if( ( ($music_config['rate'] == 0) and ($auth_key[$i] == 'rate') ) or ( ($music_config['comment'] == 0) and ($auth_key[$i] == 'comment') ) ) { continue; } $auth_list .= ($auth_data[$auth_key[$i]] == 1) ? $lang['Music_'. $auth_key[$i] .'_can'] : $lang['Music_'. $auth_key[$i] .'_cannot']; $auth_list .= '<br />'; } // add Moderator Control Panel here if( ($userdata['user_level'] == ADMIN) or ($auth_data['moderator'] == 1) ) { $auth_list .= sprintf($lang['Music_moderate_can'], '<a href="'. append_sid(this_mo_mxurl("music_mode=music_modcp&cat_id=$cat_id")) .'">', '</a>'); } // // END Auth List // // ------------------------------------ // Build Moderators List // ------------------------------------ $grouprows = array(); $moderators_list = ''; if ($thiscat['cat_moderator_groups'] != '') { // Get the namelist of moderator usergroups $sql = "SELECT group_id, group_name, group_type, group_single_user FROM " . GROUPS_TABLE . " WHERE group_single_user <> 1 AND group_type <> ". GROUP_HIDDEN ." AND group_id IN (". $thiscat['cat_moderator_groups'] .") ORDER BY group_name ASC"; if ( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not get group list', '', __LINE__, __FILE__, $sql); } while( $row = $db->sql_fetchrow($result) ) { $grouprows[] = $row; } if( count($grouprows) > 0 ) { for ($j = 0; $j < count($grouprows); $j++) { $group_link = '<a href="'. append_sid($phpbb_root_path . "groupcp.$phpEx?". POST_GROUPS_URL .'='. $grouprows[$j]['group_id']) .'">'. $grouprows[$j]['group_name'] .'</a>'; $moderators_list .= ($moderators_list == '') ? $group_link : ', ' . $group_link; } } } if( empty($moderators_list) ) { $moderators_list = $lang['None']; } // // END Moderator List // // ------------------------------------ // Build the thumbnail page // ------------------------------------ if( isset($HTTP_GET_VARS['start']) ) { $start = intval($HTTP_GET_VARS['start']); } else if( isset($HTTP_POST_VARS['start']) ) { $start = intval($HTTP_POST_VARS['start']); } else { $start = 0; } if( isset($HTTP_GET_VARS['sort_method']) ) { switch ($HTTP_GET_VARS['sort_method']) { case 'song_time': $sort_method = 'song_time'; break; case 'song_title': $sort_method = 'song_title'; break; case 'song_singer': $sort_method = 'song_singer'; break; case 'username': $sort_method = 'username'; break; case 'song_view_count': $sort_method = 'song_view_count'; break; case 'rating': $sort_method = 'rating'; break; case 'comments': $sort_method = 'comments'; break; case 'new_comment': $sort_method = 'new_comment'; break; default: $sort_method = $music_config['sort_method']; } } else if( isset($HTTP_POST_VARS['sort_method']) ) { switch ($HTTP_POST_VARS['sort_method']) { case 'song_time': $sort_method = 'song_time'; break; case 'song_title': $sort_method = 'song_title'; break; case 'song_singer': $sort_method = 'song_singer'; break; case 'username': $sort_method = 'username'; break; case 'song_view_count': $sort_method = 'song_view_count'; break; case 'rating': $sort_method = 'rating'; break; case 'comments': $sort_method = 'comments'; break; case 'new_comment': $sort_method = 'new_comment'; break; default: $sort_method = $music_config['sort_method']; } } else { $sort_method = $music_config['sort_method']; } if( isset($HTTP_GET_VARS['sort_order']) ) { switch ($HTTP_GET_VARS['sort_order']) { case 'ASC': $sort_order = 'ASC'; break; case 'DESC': $sort_order = 'DESC'; break; default: $sort_order = $music_config['sort_order']; } } else if( isset($HTTP_POST_VARS['sort_order']) ) { switch ($HTTP_POST_VARS['sort_order']) { case 'ASC': $sort_order = 'ASC'; break; case 'DESC': $sort_order = 'DESC'; break; default: $sort_order = $music_config['sort_order']; } } else { $sort_order = $music_config['sort_order']; } $songs_per_page = $music_config['rows_per_page'] * $music_config['cols_per_page']; if ($total_songs > 0) { $limit_sql = ($start == 0) ? $songs_per_page : $start .','. $songs_per_page; $song_approval_sql = 'AND s.song_approval = 1'; if ($thiscat['cat_approval'] != MUSIC_USER) { if( ($userdata['user_level'] == ADMIN) or (($auth_data['moderator'] == 1) and ($thiscat['cat_approval'] == MUSIC_MOD)) ) { $song_approval_sql = ''; } } $sql = "SELECT s.song_id, s.song_title, s.song_desc, s.song_singer, s.song_user_id, s.song_user_ip, s.song_username, s.song_time, s.song_cat_id, s.song_view_count, s.song_lock, s.song_approval, u.user_id, u.username, r.rate_song_id, AVG(r.rate_point) AS rating, COUNT(DISTINCT c.comment_id) AS comments, MAX(c.comment_id) as new_comment FROM ". MUSIC_TABLE ." AS s LEFT JOIN ". USERS_TABLE ." AS u ON s.song_user_id = u.user_id LEFT JOIN ". MUSIC_RATE_TABLE ." AS r ON s.song_id = r.rate_song_id LEFT JOIN ". MUSIC_COMMENT_TABLE ." AS c ON s.song_id = c.comment_song_id WHERE s.song_cat_id = '$cat_id' $song_approval_sql GROUP BY s.song_id ORDER BY $sort_method $sort_order LIMIT $limit_sql"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query songs information', '', __LINE__, __FILE__, $sql); } // // Update the music view counter // $sql = "UPDATE " . MUSIC_CAT_TABLE . " SET cat_views = cat_views + 1 WHERE cat_id = $cat_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Could not update music views.", '', __LINE__, __FILE__, $sql); } $songrow = array(); while( $row = $db->sql_fetchrow($result) ) { $songrow[] = $row; } for ($i = 0; $i < count($songrow); $i += $music_config['cols_per_page']) { $template->assign_block_vars('songrow', array()); for ($j = $i; $j < ($i + $music_config['cols_per_page']); $j++) { if( $j >= count($songrow) ) { break; } if(!$songrow[$j]['rating']) { $songrow[$j]['rating'] = $lang['Not_rated']; } else { $songrow[$j]['rating'] = round($songrow[$j]['rating'], 2); } $approval_link = ''; if ($thiscat['cat_approval'] != MUSIC_USER) { if( ($userdata['user_level'] == ADMIN) or (($auth_data['moderator'] == 1) and ($thiscat['cat_approval'] == MUSIC_MOD)) ) { $approval_mode = ($songrow[$j]['song_approval'] == 0) ? 'approval' : 'unapproval'; $approval_link .= '<a href="'. append_sid(this_mo_mxurl("music_mode=music_modcp&mode=$approval_mode&song_id=". $songrow[$j]['song_id'])) .'">'; $approval_link .= ($songrow[$j]['song_approval'] == 0) ? '<b>'. $lang['Approve'] .'</b>' : $lang['Unapprove']; $approval_link .= '</a>'; } } $template->assign_block_vars('songrow.songcol', array( 'U_SONG' => append_sid(this_mo_mxurl("music_mode=music_page&song_id=". $songrow[$j]['song_id'])), 'DESC' => $songrow[$j]['song_desc'], 'APPROVAL' => $approval_link, ) ); if( ($songrow[$j]['user_id'] == MUSIC_GUEST) or ($songrow[$j]['username'] == '') ) { $song_poster = ($songrow[$j]['song_username'] == '') ? $lang['Guest'] : $songrow[$j]['song_username']; } else { $song_poster = '<a href="'. append_sid($phpbb_root_path . "profile.$phpEx?mode=viewprofile&". POST_USERS_URL .'='. $songrow[$j]['user_id']) .'">'. $songrow[$j]['username'] .'</a>'; } $template->assign_block_vars('songrow.song_detail', array( 'TITLE' => '<a href="'. append_sid(this_mo_mxurl("music_mode=music_page&song_id=". $songrow[$j]['song_id'])) . '">' . $songrow[$j]['song_title'] . '</a>', 'SINGER' => $songrow[$j]['song_singer'], 'POSTER' => $song_poster, 'TIME' => create_date($board_config['default_dateformat'], $songrow[$j]['song_time'], $board_config['board_timezone']), 'VIEW' => $songrow[$j]['song_view_count'], 'RATING' => ($music_config['rate'] == 1) ? ( '<a href="'. append_sid(this_mo_mxurl("music_mode=music_rate&song_id=". $songrow[$j]['song_id']) . '">' . $songrow[$j]['rating'] . '</a>')) : '', 'COMMENTS' => ($music_config['comment'] == 1) ? ( '<a href="'. append_sid(this_mo_mxurl("music_mode=music_comment&song_id=". $songrow[$j]['song_id'])) . '">' . $songrow[$j]['comments'] . '</a>' ) : '', 'EDIT' => ( ( $auth_data['edit'] and ($songrow[$j]['song_user_id'] == $userdata['user_id']) ) or ($auth_data['moderator'] and ($thiscat['cat_edit_level'] != MUSIC_ADMIN) ) or ($userdata['user_level'] == ADMIN) ) ? '<a href="'. append_sid(this_mo_mxurl("music_mode=music_edit&song_id=". $songrow[$j]['song_id'])) . '">' . $lang['Edit_song'] . '</a>' : '', 'DELETE' => ( ( $auth_data['delete'] and ($songrow[$j]['song_user_id'] == $userdata['user_id']) ) or ($auth_data['moderator'] and ($thiscat['cat_delete_level'] != MUSIC_ADMIN) ) or ($userdata['user_level'] == ADMIN) ) ? '<a href="'. append_sid(this_mo_mxurl("music_mode=music_delete&song_id=". $songrow[$j]['song_id'])) . '">' . $lang['Delete_song'] . '</a>' : '', 'MOVE' => ($auth_data['moderator']) ? '<a href="'. append_sid(this_mo_mxurl("music_mode=music_modcp&mode=move&song_id=". $songrow[$j]['song_id'])) .'">'. $lang['Move'] .'</a>' : '', 'LOCK' => ($auth_data['moderator']) ? '<a href="'. append_sid(this_mo_mxurl("music_mode=music_modcp&mode=". (($songrow[$j]['song_lock'] == 0) ? 'lock' : 'unlock') ."&song_id=". $songrow[$j]['song_id'])) .'">'. (($songrow[$j]['song_lock'] == 0) ? $lang['Lock'] : $lang['Unlock']) .'</a>' : '', 'IP' => ($userdata['user_level'] == ADMIN) ? $lang['IP_Address'] . ': <a href="http://www.nic.com/cgi-bin/whois.cgi?query=' . decode_ip($songrow[$j]['song_user_ip']) . '" target="_blank">' . decode_ip($songrow[$j]['song_user_ip']) .'</a><br />' : '' ) ); } } $template->assign_vars(array( 'PAGINATION' => generate_pagination(append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id&sort_method=$sort_method&sort_order=$sort_order")), $total_songs, $songs_per_page, $start), 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $songs_per_page ) + 1 ), ceil( $total_songs / $songs_per_page )) ) ); } else { $template->assign_block_vars('no_songs', array()); } // // END thumbnails table // // ------------------------------------ // Build Jumpbox - based on $catrows which was created at the top of this file // ------------------------------------ $music_jumpbox = '<form name="jumpbox" action="'. append_sid(this_mo_mxurl("music_mode=music_cat")) .'" method="get">'; $music_jumpbox .= $lang['Jump_to'] . ': <select name="cat_id" onChange="forms[\'jumpbox\'].submit()">'; for ($i = 0; $i < count($catrows); $i++) { $music_jumpbox .= '<option value="'. $catrows[$i]['cat_id'] .'"'; $music_jumpbox .= ($catrows[$i]['cat_id'] == $cat_id) ? 'selected="selected"' : ''; $music_jumpbox .= '>' . $catrows[$i]['cat_title'] .'</option>'; } $music_jumpbox .= '</select>'; $music_jumpbox .= ' <input type="submit" class="liteoption" value="'. $lang['Go'] .'" />'; $music_jumpbox .= '<input type="hidden" name="sid" value="'. $userdata['session_id'] .'" />'; $music_jumpbox .= '</form>'; // // END build jumpbox // // ------------------------------------ // additional sorting options // ------------------------------------ $sort_rating_option = ''; $sort_comments_option = ''; if( $music_config['rate'] == 1 ) { $sort_rating_option = '<option value="rating" '; $sort_rating_option .= ($sort_method == 'rating') ? 'selected="selected"' : ''; $sort_rating_option .= '>' . $lang['Rating'] .'</option>'; } if( $music_config['comment'] == 1 ) { $sort_comments_option = '<option value="comments" '; $sort_comments_option .= ($sort_method == 'comments') ? 'selected="selected"' : ''; $sort_comments_option .= '>' . $lang['Comments'] .'</option>'; $sort_new_comment_option = '<option value="new_comment" '; $sort_new_comment_option .= ($sort_method == 'new_comment') ? 'selected="selected"' : ''; $sort_new_comment_option .= '>' . $lang['New_Comment'] .'</option>'; } // // Start output of page // $page_title = $lang['Music']; if ( !$is_block ) { include($mx_root_path . 'includes/page_header.'.$phpEx); } $template->set_filenames(array( 'body' => 'music_cat_body.tpl') ); $template->assign_vars(array( 'U_VIEW_CAT' => append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")), 'CAT_TITLE' => $thiscat['cat_title'], 'L_MODERATORS' => $lang['Moderators'], 'MODERATORS' => $moderators_list, 'U_UPLOAD_SONG' => append_sid(this_mo_mxurl("music_mode=music_upload&cat_id=$cat_id")), 'UPLOAD_SONG_IMG' => $mx_images['upload_song'], 'L_UPLOAD_SONG' => $lang['Upload_Song'], 'L_CATEGORY' => $lang['Category'], 'L_NO_SONGS' => $lang['No_Songs'], 'S_COLS' => $music_config['cols_per_page'], 'S_COL_WIDTH' => (100/$music_config['cols_per_page']) . '%', 'L_VIEW' => $lang['View'], 'L_POSTER' => $lang['Poster'], 'L_POSTED' => $lang['Posted'], 'L_RATING' => $lang['Rating'], 'L_COMMENTS' => $lang['Comments'], 'MUSIC_JUMPBOX' => $music_jumpbox, 'S_MUSIC_ACTION' => append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")), 'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'], 'L_ORDER' => $lang['Order'], 'L_SORT' => $lang['Sort'], 'L_TIME' => $lang['Time'], 'L_SONG_TITLE' => $lang['Song_Title'], 'L_SINGER' => $lang['Singer'], 'L_USERNAME' => $lang['Sort_Username'], 'SORT_TIME' => ($sort_method == 'song_time') ? 'selected="selected"' : '', 'SORT_SONG_TITLE' => ($sort_method == 'song_title') ? 'selected="selected"' : '', 'SORT_SINGER' => ($sort_method == 'song_singer') ? 'selected="selected"' : '', 'SORT_USERNAME' => ($sort_method == 'song_user_id') ? 'selected="selected"' : '', 'SORT_VIEW' => ($sort_method == 'song_view_count') ? 'selected="selected"' : '', 'SORT_RATING_OPTION' => $sort_rating_option, 'SORT_COMMENTS_OPTION' => $sort_comments_option, 'SORT_NEW_COMMENT_OPTION' => $sort_new_comment_option, 'L_ASC' => $lang['Sort_Ascending'], 'L_DESC' => $lang['Sort_Descending'], 'SORT_ASC' => ($sort_order == 'ASC') ? 'selected="selected"' : '', 'SORT_DESC' => ($sort_order == 'DESC') ? 'selected="selected"' : '', 'NAV_SEP' => $lang['Nav_Separator'], 'NAV_DOT' => '•', 'MUSIC_VERSION' => '2' . $music_config['music_version'], 'L_INDEX' => '<<', 'U_INDEX' => append_sid($mx_root_path . "index.".$phpEx), 'L_MUSIC_INDEX' => $lang['Music'], 'L_MUSIC' => $lang['Music'], 'U_MUSIC' => append_sid(this_mo_mxurl()), 'U_MX_MUSIC' => append_sid(this_mo_portalurl()), 'S_AUTH_LIST' => $auth_list) ); // // Generate the page // $template->pparse('body'); if ( !$is_block ) { include($mx_root_path . 'includes/page_tail.'.$phpEx); } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_modcp.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_modcp.php,v 1.1 2007/06/06 20:32:46 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // [...1048 lines suppressed...] } $message = $lang['Songs_deleted_successfully'] .'<br /><br />'. sprintf($lang['Click_return_category'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . "\">", "</a>") .'<br /><br />'. sprintf($lang['Click_return_modcp'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_modcp&cat_id=$cat_id")) . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_music_index'], "<a href=\"" . append_sid(this_mo_mxurl()) . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } } else { mx_message_die(GENERAL_ERROR, 'Invalid_mode'); } } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_comment_delete.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_comment_delete.php,v 1.1 2007/06/06 20:32:36 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); if ( !defined('TEMPLATE_ROOT_PATH') ) { include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // } $music_root_path = $module_root_path . 'music_box/'; // // Get general music information // if ( !$is_block ) { include($music_root_path . 'music_common.'.$phpEx); } else { include_once($music_root_path . 'music_common.'.$phpEx); } // ------------------------------------ // Check feature enabled // ------------------------------------ if( $music_config['comment'] == 0 ) { mx_message_die(GENERAL_MESSAGE, $lang['Not_Authorised']); } // ------------------------------------ // Check the request // ------------------------------------ if( isset($HTTP_GET_VARS['comment_id']) ) { $comment_id = intval($HTTP_GET_VARS['comment_id']); } else if( isset($HTTP_POST_VARS['comment_id']) ) { $comment_id = intval($HTTP_POST_VARS['comment_id']); } else { mx_message_die(GENERAL_ERROR, 'No comment_id specified'); } // ------------------------------------ // Get the comment info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_id = '$comment_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query this comment information', '', __LINE__, __FILE__, $sql); } $thiscomment = $db->sql_fetchrow($result); if( empty($thiscomment) ) { mx_message_die(GENERAL_ERROR, 'This comment does not exist'); } // ------------------------------------ // Get $song_id from $comment_id // ------------------------------------ $sql = "SELECT comment_id, comment_song_id FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_id = '$comment_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query comment and song information', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); if( empty($row) ) { mx_message_die(GENERAL_ERROR, 'This comment does not exist'); } $song_id = $row['comment_song_id']; // ------------------------------------ // Get this song info // ------------------------------------ $sql = "SELECT s.*, u.user_id, u.username, COUNT(c.comment_id) as comments_count FROM ". MUSIC_TABLE ." AS s LEFT JOIN ". USERS_TABLE ." AS u ON s.song_user_id = u.user_id LEFT JOIN ". MUSIC_COMMENT_TABLE ." AS c ON s.song_id = c.comment_song_id WHERE song_id = '$song_id' GROUP BY s.song_id LIMIT 1"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query song information', '', __LINE__, __FILE__, $sql); } $thissong = $db->sql_fetchrow($result); $cat_id = $thissong['song_cat_id']; $user_id = $thissong['song_user_id']; $total_comments = $thissong['comments_count']; $comments_per_page = $board_config['posts_per_page']; $song_filename = $thissong['song_filename']; if( empty($thissong) ) { mx_message_die(GENERAL_ERROR, $lang['Song_not_exist']); } // ------------------------------------ // Get the current Category Info // ------------------------------------ $sql = "SELECT * FROM ". MUSIC_CAT_TABLE ." WHERE cat_id = '$cat_id'"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $thiscat = $db->sql_fetchrow($result); if (empty($thiscat)) { mx_message_die(GENERAL_ERROR, $lang['Category_not_exist']); } // ------------------------------------ // Check the permissions // ------------------------------------ $music_user_access = music_user_access($thissong['song_cat_id'], $thiscat, 0, 0, 0, 1, 0, 1); if( ($music_user_access['comment'] == 0) or ($music_user_access['delete'] == 0) ) { if (!$userdata['session_logged_in']) { mx_redirect(append_sid($mx_root_path . "login.php?redirect=" . this_mo_loginurl("music_mode=music_comment_delete&comment_id=$comment_id"), true)); } else { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } else { if( (!$music_user_access['moderator']) or ($userdata['user_level'] != ADMIN) ) { if ($thiscomment['comment_user_id'] != $userdata['user_id']) { mx_message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } } /* +---------------------------------------------------------- | Main work here... +---------------------------------------------------------- */ if( !isset($HTTP_POST_VARS['confirm']) ) { /* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Confirm Screen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ // -------------------------------- // If user give up deleting... // -------------------------------- if( isset($HTTP_POST_VARS['cancel']) ) { mx_redirect(append_sid(this_mo_mxurl("music_mode=music_comment&comment_id=$comment_id"))); exit; } // // Start output of page // $page_title = $lang['Music']; if ( !$is_block ) { include($mx_root_path . 'includes/page_header.'.$phpEx); } $template->set_filenames(array( 'body' => 'confirm_body.tpl') ); $template->assign_vars(array( 'MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Comment_delete_confirm'], 'L_NO' => $lang['No'], 'L_YES' => $lang['Yes'], 'S_CONFIRM_ACTION' => append_sid(this_mo_mxurl("music_mode=music_comment_delete&comment_id=$comment_id")), ) ); // // Generate the page // $template->pparse('body'); if ( !$is_block ) { include($mx_root_path . 'includes/page_tail.'.$phpEx); } } else { /* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Do the deleting ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ $sql = "DELETE FROM ". MUSIC_COMMENT_TABLE ." WHERE comment_id = '$comment_id'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete this comment', '', __LINE__, __FILE__, $sql); } // -------------------------------- // Complete... now send a message to user // -------------------------------- $message = $lang['Deleted']; $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . '">') ); $message .= "<br /><br />" . sprintf($lang['Click_return_category'], "<a href=\"" . append_sid(this_mo_mxurl("music_mode=music_cat&cat_id=$cat_id")) . "\">", "</a>"); $message .= "<br /><br />" . sprintf($lang['Click_return_music_index'], "<a href=\"" . append_sid(this_mo_mxurl()) . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } // +------------------------------------------------------+ // | Powered by Music Online 2.0 (c) 2003 Cf Manager | // +------------------------------------------------------+ ?> --- NEW FILE: music_edit.php --- <?php /** * * @package mxBB Portal Module - mx_music * @version $Id: music_edit.php,v 1.1 2007/06/06 20:32:43 orynider Exp $ * @copyright (c) 2003 [ory...@rd..., OryNider] mxBB Development Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ // MX if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Let's i... [truncated message content] |