<?php
include("config.php");
include("core.php");
connectdb();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$type1 = $_GET["type"];
$uid = getuid_sid($sid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">");
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
echo "<head>";
echo "<title>File Exchange</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
///////////////////////////////////////Ban check/Login check//////////////////////////////
if((islogged($sid)==false)||($uid==0)){
("Error!");
echo "<center><img src=\"images/notok.gif\" alt=\"\"/>You are not logged in<br/>";
echo "or your session has expired.<br/><br/>";
echo "
<form action=\"login.php\" method=\"get\">
<img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
<input id=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
<img src=\"images/key.gif\" alt=\"\"/>Enter password:<br/>
<input id=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\" maxlength=\"30\"/><br/>
<input id=\"inputButton\" type=\"submit\" value=\"Login\"/><br/>
</form>
<br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
<br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
</center>";
boxend();
echo "</font></body></html>";
exit();
}
if(isbanned($uid)){
echo "<img src=\"images/notok.gif\" alt=\"\"/><center>";
echo "You are presently banned!<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "</center>";
boxend();
echo "</font></body>";
echo "</html>";
exit();
}
//Page headers
/////////////////////////////////////////////Main Menu////////////////////////////////////////////
if($action=="main"){
("File Exchange");
echo "
<br/><br/>
<a href=\"share.php?type=audio&sid=$sid\">Audio</a><br/>
<a href=\"share.php?type=video&sid=$sid\">Video</a><br/>
<a href=\"share.php?type=image&sid=$sid\">Image</a><br/>
<a href=\"share.php?type=document&sid=$sid\">Document</a><br/>
<a href=\"share.php?type=archive&sid=$sid\">Archive</a><br/>
<a href=\"share.php?type=apps&sid=$sid\">Apps & Games</a><br/>
<a href=\"share.php?type=all&sid=$sid\">All Files</a><br/>
<br/><a href=\"search.php?action=files&sid=$sid\">Search</a>
<br/><a href=\"upload1.php?sid=$sid\">Upload</a><br/><br/>
<div class=\"cp\"><small>NETFEVER team does not own or claim copyrights of the files uploaded here.We recognize that the copyrights for these files belong with the owners, authors or publishers. You can download any file you want but we will not be liable for any kind of <i>damage</i> that this service may cause you. Use it at your risk.</small></div>
";
echo "<br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</body>";
//////////////////////////////Display file list////////////////////////////////////
if($action==""){
addonline(getuid_sid($sid),"Browsing $type1 files","");
$limit = 10;
if(empty($page)){
$page = 1;
}
$limitvalue = $page * $limit - ($limit);
switch($type1){
case "video" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='video' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='video'";
$iml = "<img src=\"../images/video.gif\" alt=\"\"/>";
$type2 = "Videos";
break;
case "image" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='image' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='image'";
$iml = "<img src=\"../images/pics.gif\" alt=\"\"/>";
$type2 = "Images";
break;
case "audio" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='audio' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='audio'";
$iml = "<img src=\"../images/music.gif\" alt=\"\"/>";
$type2 = "Sounds";
break;
case "document" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='document' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='document'";
$iml = "<img src=\"../images/doc.gif\" alt=\"\"/>";
$type2 = "Documents";
break;
case "archive" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='archive' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='archive'";
$iml = "<img src=\"../images/zip.gif\" alt=\"\"/>";
$type2 = "Archives";
break;
case "apps" :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads WHERE mime='apps' ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads WHERE mime='apps'";
$iml = "<img src=\"../images/ppt.gif\" alt=\"\"/>";
$type2 = "Applications";
break;
default :
$query = "SELECT filename, uid, dcount FROM ibwf_uploads ORDER BY id DESC LIMIT $limitvalue, $limit";
$query1 = "SELECT filename, uid FROM ibwf_uploads";
$iml = "<img src=\"../images/unknown.gif\" alt=\"\"/>";
$type2 = "All Files";
break;
}
$result = mysql_query($query) or die("Error: " . mysql_error());
$totalrows = mysql_num_rows(mysql_query($query1));
if($totalrows == 0){
echo("Nothing to Display!<br/>");
}
while($row = mysql_fetch_array($result)){
$usr = getnick_uid($row['uid']);
echo "$iml<a href=\"share.php?action=viewdetails&file=".$row['filename']."&sid=$sid\">".$row['filename']."</a><br/>Uploaded by: <a href=\"index.php?action=viewuser&who=".$row['uid']."&sid=$sid\">$usr</a><br/>Viewed/Downloaded: ".$row['dcount']." times<br/>";
}
if($page != 1){
$pageprev = $page-1;
echo("[<a href=\"share.php?sid=$sid&type=$type1&page=$pageprev\">Previous</a>]<br/> ");
}
$pagenext = $page+1;
$numofpages = ceil($totalrows / $limit);
if($page<$numofpages){
echo("<br/>[<a href=\"share.php?sid=$sid&type=$type1&page=$pagenext\">Next</a>]");
}
/*
for($i = 1; $i <= $numofpages; $i++){
if($i == $page){
echo("[$i]");
}else{
echo("[<a href=\"share.php?sid=$sid&type=$type1&page=$i\">$i</a>] ");
}
}
if(($totalrows - ($limit * $page)) > 0){
$pagenext = $page+1;
}
*/
mysql_free_result($result);
echo "<br/><b>Files uploaded in this category: </b>$totalrows<br/>";
echo "Page $page of $numofpages<br/>";
echo "Jump to page:<form action=\"share.php\" method=\"get\">";
echo "<input id=\"inputText\" type=\"text\" format=\"*n\" name=\"page\" size=\"3\"/><br/>";
echo "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
echo "<input type=\"hidden\" name=\"type\" value=\"$type1\"/>";
echo "<input id=\"inputButton\" type=\"submit\" value=\"Go\"/></form>";
echo "<br/><a href=\"search.php?action=files&sid=$sid\">Search</a>";
echo "<br/><a href=\"upload1.php?sid=$sid\">Upload</a><br/>";
echo "To upload files, your phone/browser should be XHTML/HTML compliant.<br/>";
echo "<a href=\"share.php?action=main&sid=$sid\">Back to File Exchange</a></br>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
/////////////////////////////////////////////Delete File(Mods only)////////////////////////////////////////////
if($action=="delete"){
$filename=$_GET['filename'];
("Deleting File");
if (ismod(getuid_sid($sid))){
$blah1=unlink("$ucdir/$filename");
$blah2=mysql_query("DELETE FROM ibwf_uploads WHERE filename='".$filename."'");
$deleter=getnick_uid(getuid_sid($sid));
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>$deleter</b> deleted file ".$filename." from Uploads Center', actdt='".time()."'");
if($blah1&&$blah2){
echo "<p>File was successfully deleted! <a href=\"share.php?sid=$sid\">Go back</a></p>";
exit();
}
else {
echo "<p>There was some error! The file could not be deleted, please contact an administrator to manually delete the file. <a href=\"share.php?sid=$sid\">Go back</a></p>";
}
} else{
echo "You are not a moderator!";
}
}
//////////////////////////////////View a file////////////////////////////////////////
if($action=="viewdetails"){
if (ismod(getuid_sid($sid))){
$del = "<a href=\"share.php?action=delete&filename=$file&sid=$sid\">[DELETE]</a>";
}
$file=$_GET['file'];
$details = mysql_fetch_array(mysql_query("SELECT * FROM ibwf_uploads WHERE filename = '".$file."'"));
("File Information");
echo "<p><b>File ID:</b> $details[0]<br/>";
echo "<b>Uploaded by:</b> <a href=\"index.php?action=viewuser&who=$details[1]&sid=$sid\">".getnick_uid($details[1])."</a><br/>";
echo "<b>Filename:</b> $details[2]<br/>";
echo "<b>Filesize:</b> $details[4]<br/>";
echo "<b>File category:</b> $details[8]<br/>";
if(($details[1]==getuid_sid($sid)) || ismod(getuid_sid($sid))){
$blah="<a href=\"share.php?action=edit&sid=$sid&file=$details[2]\">Edit</a>";
}
echo "<b>Uploader's comment:</b>$blah<br/> ".parsepm($details[10], $sid)."<br/>";
echo "<a href=\"share.php?action=comments&fileid=$details[0]&sid=$sid\">Downloader's Comments</a><br/>";
echo "<b>Uploaded on:</b> $details[3]<br/>";
echo "<b>Uploaded through:</b> $details[6]<br/>";
echo "<b>Uploaded from:</b> $details[5]<br/>";
if (isowner(getuid_sid($sid))){
echo "<b>Phone Number:</b> $details[7]<br/>";
}
echo "<b>Viewed/Downloaded:</b> $details[9] times <br/>";
mysql_query("UPDATE ibwf_uploads SET dcount=$details[9]+1 WHERE filename='".$file."'");
echo "<a href=\"$ucdir/$file\">Download this file</a><br/>";
if (ismod(getuid_sid($sid))){
echo "<a href=\"share.php?action=delete&filename=$file&sid=$sid\">Delete this file</a>";
}
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
}
/////////////////////////////Edit uploader's comment(mod and uploader only)////////////////////
if ($action=="edit"){
$file = $_GET["file"];
("Edit Comment");
$detail = mysql_fetch_array(mysql_query("SELECT uid, description FROM ibwf_uploads WHERE filename='".$file."'"));
if(($detail[0]==getuid_sid($sid)) || ismod(getuid_sid($sid))){
echo "Edit comment for $file<br/><form action=\"share.php?action=edt&file=$file&sid=$sid\" method=\"post\"><input id=\"inputText\" type=\"text\" name=\"comment\" value=\"$detail[1]\" maxlength=\"255\"/>";
echo "<br/><input id=\"inputButton\" type=\"submit\" name=\"Submit\"/></form>";
}else{
echo "You are not authorised to edit this file's comment!<a href=\"share.php?action=viewdetails&sid=$sid&file=$file\">Go Back</a></div></div></font></body></html>";
exit();
}
}
//////////////////////////////////////////Display downloders' comments//////////////////////////
else if ($action=="comments"){
$fileid = $_GET["fileid"];
$uid = getuid_sid($sid);
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM iw_comup WHERE fileid='".$fileid."'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT fileid, commenter, comment, time, id FROM iw_comup WHERE fileid='".$fileid."' ORDER BY time DESC LIMIT $limit_start, $items_per_page";
("File Comments");
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
if(isonline($item[1]))
{
$iml = "<img src=\"../images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"../images/ofl.gif\" alt=\"-\"/>";
}
$snick = getnick_uid($item[1]);
$lnk = "$iml<a href=\"index.php?action=viewuser&who=$item[1]&sid=$sid\">$snick</a>";
$bs = date("d/m/y h:i:s A",$item[3] + addhours());
echo "$lnk<br/>";
if(ismod($uid))
{
$delnk = "<a href=\"share.php?action=delcmnt&sid=$sid&fileid=$item[4]\">[x]</a>";
}else{
$delnk = "";
}
$text = parsepm($item[2]);
echo "$text<br/>$bs $delnk<br/>";
}
}
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"share.php?action=$action&page=$ppage&sid=$sid&fileid=$fileid\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"share.php?action=$action&page=$npage&sid=$sid&fileid=$fileid\">Next»</a>";
}
echo "<br/>Page $page of $num_pages<br/>";
if($num_pages>2){
$rets = "<form action=\"share.php\" method=\"get\">Jump to page<input name=\"pg\" format=\"*N\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"fileid\" value=\"$fileid\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input id=\"inputButton\" type=\"submit\" value=\"Go\"/>";
$rets .= "</form>";
}
echo $rets;
echo "</p>";
////// UNTILL HERE >>
echo "<p align=\"center\">";
echo "<a href=\"share.php?action=addcmnt&sid=$sid&fileid=$fileid\">";
echo "Add your comment</a></p>";
}
////////////////////////////////////Post a comment(downloaders)////////////////////
else if ($action=="addcmnt"){
$fileid = $_GET['fileid'];
("Post Comment");
echo "<p><form action=\"share.php?action=postcmnt&sid=$sid\" method=\"post\">Text:<br/><input id=\"inputText\" type=\"text\" name=\"msgtxt\" maxlength=\"500\"/><br/>";
echo "<input type=\"hidden\" name=\"fileid\" value=\"$fileid\"/>";
echo "<input id=\"inputButton\" type=\"submit\" name=\"submit\" value=\"Post\"/></form></p>";
}
/////////////////////////////////delcmnt
else if($action=="delcmnt")
{
("Delete Comment");
$fileid = $_GET["fileid"];
addonline(getuid_sid($sid),"Deleting comment","");
echo "<p align=\"center\">";
if(ismod(getuid_sid($sid)))
{
$res = mysql_query("DELETE FROM iw_comup WHERE id='".$fileid."'");
if($res)
{
echo "<img src=\"../images/ok.gif\" alt=\"o\"/>Message Deleted From Comment List<br/>";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>You can't delete this message";
}
echo "<br/><br/>";
echo "<br/><a href=\"share.php?sid=$sid\">Uploads Center</a></p>";
}
///////////////////////////////////////postcmnt//////////////////////////////////
else if($action=="postcmnt"){
$fileid = $_POST["fileid"];
$msgtxt = $_POST["msgtxt"];
$uid = getuid_sid($sid);
addonline(getuid_sid($sid),"Commenting a file","");
("Posting Comment");
echo "<p align=\"center\">";
$crdate = time();
//$uid = getuid_sid($sid);
$res = false;
if(trim($msgtxt)!="")
{
$res = mysql_query("INSERT INTO iw_comup SET fileid='".$fileid."', commenter='".$uid."', time='".$crdate."', comment='".$msgtxt."'");
}
if($res)
{
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Message Posted Successfully";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Error Posting Message";
}
echo "<br/><a href=\"share.php?sid=$sid\">File Exchange</a><br/>";
echo "</p>";
}
///////////////////////////////////////////////Edit uploaders comment mod and uploader only////////////////
if ($action=="edt"){
$file = $_GET["file"];
("Edit Comment");
$comment=$_POST['comment'];
$detail = mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_uploads WHERE filename='".$file."'"));
if(($detail[0]==getuid_sid($sid)) || ismod(getuid_sid($sid))){
$blah = mysql_query("UPDATE ibwf_uploads SET description='".$comment."' WHERE filename='".$file."'");
$doer = getnick_uid(getuid_sid($sid));
$blah1 = mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>$doer</b> edited comments for file ".$file." at File Exchange', actdt='".time()."'");
if($blah){
echo "Success in editing the comment!";
}
else{
echo "Failure!!! Couldn't edit comment. Possible network congestion in database server. Try again later.";
}
}
else{
echo "You are not authorised to edit this file's comment!<a href=\"share.php?action=viewdetails&sid=$sid&file=$file\">Go Back</a></font></body></html>";
exit();
}
echo "<br/><a href=\"share.php?sid=$sid\">Uploads Center</a></p>";
}
?>
</font></body></html>