1 |
<?php |
<> |
1 |
<?php // $Id: modules.php,v 1.5 2003/11/07 17:20:50 EllselAn Exp $ |
2 |
|
= |
|
|
3 |
/************************************************************************/ |
<> |
2 |
/**********************************************************************/ |
4 |
/* PHP-NUKE: Advanced Content Management System
*/ |
|
3 |
/* vkpMx 2.0 Content Management System Platform
*/ |
5 |
/* ============================================ */ |
|
4 |
/* ================================================================== */ |
6 |
/* */ |
|
5 |
/* Copyright (C) 2003 by the vkpMx & pragmaMx Developer Team */ |
7 |
/* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com) */ |
|
6 |
/* email: team@pragmamx.org */ |
8 |
/* http://phpnuke.org
*/ |
|
7 |
/* homepage: http://www.maax-design.de
*/ |
9 |
/*
*/ |
|
8 |
/* further sites: http://www.pragmaMx.org, http://www.guggemahier.de, */ |
10 |
/* This program is free software. You can redistribute it and/or modify */ |
|
9 |
/* http://www.marx-city.de, http://www.genutec-studios.de, */ |
11 |
/* it under the terms of the GNU General Public License as published by */ |
|
10 |
/* http://www.shiba-design.de, http://www.power-maax.de */ |
12 |
/* the Free Software Foundation; either version 2 of the License. */ |
|
11 |
/* ================================================================== */ |
|
|
|
12 |
/* The vkpMx is distributed free of charge by maax-design.de. */ |
|
|
|
13 |
/* The use of this system is allowed until copyright information */ |
|
|
|
14 |
/* is shown perspicuous visible and correcty on all system pages. */ |
|
|
|
15 |
/* Sales, rent out and the use of single code parts from this */ |
|
|
|
16 |
/* system
must be allowed by
maax-design.de.
*/ |
13 |
/************************************************************************/ |
|
17 |
/**********************************************************************/ |
|
|
|
18 |
define("mxModFileLoaded","1"); |
|
|
|
19 |
if(!defined("MX_TIME")) { |
|
|
|
20 |
$vstarttime = explode(" ",microtime()); |
|
|
|
21 |
define("MX_TIME",(float)$vstarttime[1] + (float)$vstarttime[0]); |
|
|
|
22 |
unset($vstarttime); |
|
|
|
23 |
} |
|
|
|
24 |
// nur zum initialisieren der Variablen, wird durch das Modul überschrieben |
|
|
|
25 |
$GLOBALS['index'] = 0; |
14 |
|
= |
26 |
|
15 |
require_once("mainfile.php"); |
|
27 |
require_once("mainfile.php"); |
16 |
|
|
28 |
|
17 |
if (isset($name)) { |
<> |
29 |
if (!isset($_REQUEST['name'])) { |
|
|
|
30 |
mxErrorScreen("Sorry, you can't access this file directly, parameter
'name' is required...", _ACCESSDENIED); |
18 |
|
|
31 |
} |
19 |
$result = sql_query("select active, view from ".$prefix."_modules where title='$name'", $dbi); |
|
32 |
|
20 |
list($mod_active, $view) = sql_fetch_row($result, $dbi); |
|
33 |
$name = $_REQUEST['name']; |
21 |
if (($mod_active == 1) OR ($mod_active == 0 AND is_admin($admin) OR ($name == "Content"))) { |
|
34 |
$op = (isset($_REQUEST['op'])) ? $_REQUEST['op'] : "modload"; |
22 |
if (!isset($mop)) { $mop="modload"; } |
|
35 |
$mop = (isset($_REQUEST['mop'])) ? $_REQUEST['mop'] : "modload"; |
23 |
if (!isset($file)) { $file="index"; } |
|
36 |
$mod_file = (isset($_REQUEST['mod_file'])) ? $_REQUEST['mod_file'] : "index"; |
24 |
if (ereg("\.\.",$name) || ereg("\.\.",$file)) { |
|
37 |
$file = (isset($_REQUEST['file'])) ? $_REQUEST['file'] : "index"; |
25 |
echo "You are so cool..."; |
|
38 |
$func = (isset($_REQUEST['func'])) ? $_REQUEST['func'] : ""; |
26 |
} else { |
|
39 |
|
27 |
if ($view == 0) { |
|
40 |
if (strtolower(substr($file, 0, 6)) == "https:" |
28 |
$modpath="modules/$name/$file.php"; |
|
41 |
|| strtolower(substr($file, 0, 5)) == "http:" |
29 |
if (file_exists($modpath)) { |
|
42 |
|| ereg("\.\.",$file) |
30 |
include($modpath); |
|
43 |
|| ereg("\.\.",$mod_file) |
31 |
} else { |
|
44 |
|| ereg("\.\.", $mop)) { |
32 |
die ("Sorry, such file doesn't exist..."); |
|
45 |
mxYoubad("Bad Request"); |
33 |
} |
|
46 |
die(); |
34 |
} |
|
47 |
} |
35 |
if ($view == 1 AND is_user($user) || is_admin($admin)) { |
|
|
|
36 |
$modpath="modules/$name/$file.php"; |
|
|
|
37 |
if (file_exists($modpath)) { |
|
|
|
38 |
include($modpath); |
|
|
|
39 |
} else { |
|
48 |
|
40 |
die ("Sorry, such file doesn't exist..."); |
|
49 |
/// Ausgabe der Informationen des vkp-Developer-Team |
41 |
} |
|
50 |
/// Das Entfernen der Zeilen verhindert nicht die Ausgabe, |
42 |
} elseif ($view == 1 AND !is_user($user) || !is_admin($admin)) { |
|
51 |
/// zerstört aber das Layout der Seite |
43 |
$pagetitle = "- "._ACCESSDENIED.""; |
|
52 |
if ($name == 'mxcredit') { |
44 |
include("header.php"); |
|
53 |
include("header.php"); |
45 |
title("$sitename: "._ACCESSDENIED.""); |
|
|
|
46 |
OpenTable(); |
|
54 |
OpenTable(); |
47 |
echo "<center><b>"._RESTRICTEDAREA."</b><br><br>" |
|
55 |
echo "<div align='left' style='height: 530px; overflow: auto; width: 100%;'>"; |
48 |
.""._MODULEUSERS."" |
|
56 |
echo mxInfo(); |
49 |
.""._GOBACK.""; |
|
57 |
echo "</div>"; |
50 |
CloseTable(); |
|
58 |
CloseTable(); |
51 |
include("footer.php"); |
|
59 |
include("footer.php"); |
52 |
die(); |
|
60 |
die(); |
53 |
} |
|
61 |
} |
54 |
if ($view == 2 AND is_admin($admin)) { |
|
62 |
|
55 |
$modpath="modules/$name/$file.php"; |
|
63 |
$isseradmin = mxIsAdmin(); // ist Admin ? |
56 |
if (file_exists($modpath)) { |
|
64 |
$isseruser = mxIsUser(); // ist User ? |
57 |
include($modpath); |
|
65 |
|
|
|
|
66 |
//// phpBB2 port to VKP |
|
|
|
67 |
$GLOBALS["nukeuser"] = ($isseruser) ? base64_decode(mxSessionGetVar("user")) : ""; |
|
|
|
68 |
//// end phpBB2 port to VKP |
58 |
} else { |
|
69 |
|
59 |
die ("Sorry, such file doesn't exist..."); |
|
70 |
$qry = "select mid, title, active, view from ".$prefix."_modules where title='".mxAddSlashesForSQL($name)."'"; |
|
|
|
71 |
$result = sql_query($qry); |
|
|
|
72 |
if (!is_resource($result)) { |
|
|
|
73 |
$msg = ($isseradmin) ? "Unable to select from Database (table:
".$prefix."_modules)!" :
"<b>"._MODULENOTACTIVE."</b><br>"; |
|
|
|
74 |
mxErrorScreen($msg); |
60 |
} |
|
75 |
} |
61 |
} elseif ($view == 2 AND !is_admin($admin)) { |
|
76 |
|
62 |
$pagetitle = "- "._ACCESSDENIED.""; |
|
77 |
list($mod_id, $mod_title, $mod_active, $mod_view) = sql_fetch_row($result); |
63 |
include("header.php"); |
|
78 |
$modfile = "modules/".$mod_title."/".$file.".php"; // $mod_title verwenden wegen Gross/Kleinschreibung |
64 |
title("$sitename: "._ACCESSDENIED.""); |
|
79 |
$file = (@file_exists($modfile)) ? $file : "index"; |
|
|
|
80 |
$modfile = "modules/".$mod_title."/".$file.".php"; |
65 |
OpenTable(); |
|
81 |
|
66 |
echo "<center><b>"._RESTRICTEDAREA."</b><br><br>" |
|
82 |
if ((($mod_active != 1) && (!$isseradmin) && ($mod_title != "Content")) || empty($mod_id)) { |
67 |
.""._MODULESADMINS."" |
|
83 |
mxErrorScreen("<b>"._MODULENOTACTIVE."</b><br>", _MODULENOTACTIVE); |
68 |
.""._GOBACK.""; |
|
84 |
} |
|
|
|
85 |
else if (!@file_exists($modfile)) { |
|
|
|
86 |
$msg = ($isseradmin) ? "Sorry, the file '$modfile' doesn't exist!" :
"Sorry, such file doesn't exist..."; |
|
|
|
87 |
mxErrorScreen($msg); |
69 |
CloseTable(); |
|
88 |
} |
70 |
include("footer.php"); |
|
89 |
else if ($mod_view == 2 && !$isseradmin) { |
|
|
|
90 |
mxErrorScreen("<b>"._RESTRICTEDAREA."</b><br><br>"._MODULESADMINS."",
_ACCESSDENIED); |
71 |
die(); |
|
91 |
} |
|
|
|
92 |
else if ($mod_view == 1 && !$isseradmin && !$isseruser) { |
|
|
|
93 |
mxErrorScreen("<b>"._RESTRICTEDAREA."</b><br><br>"._MODULEUSERS."",
_ACCESSDENIED); |
72 |
} |
|
94 |
} |
|
|
|
95 |
else if ($mod_view == 1 && !$isseradmin && !mxModuleAllowed($mod_title)) { |
|
|
|
96 |
mxErrorScreen("<b>"._GROUPRESTRICTEDAREA."</b><br>",
_ACCESSDENIED); |
73 |
} |
= |
97 |
} |
74 |
} else { |
<> |
98 |
else { |
75 |
include("header.php"); |
|
99 |
unset($isseradmin); |
76 |
OpenTable(); |
|
100 |
unset($isseruser); |
77 |
echo "<center>"._MODULENOTACTIVE."<br><br>" |
|
101 |
unset($result); |
78 |
.""._GOBACK."</center>"; |
|
|
|
79 |
CloseTable(); |
|
102 |
unset($mod_view); |
80 |
include("footer.php"); |
|
103 |
unset($mod_active); |
81 |
} |
|
104 |
unset($mod_title); |
82 |
} else { |
|
105 |
unset($mod_id); |
83 |
die ("Sorry, you can't access this file directly..."); |
|
106 |
include_once($modfile); |
84 |
} |
|
107 |
} |
85 |
|
= |
108 |
|
86 |
?> |
|
109 |
?> |