sibtracker/system/images.php
2019-05-18 13:46:03 +08:00

59 lines
2.1 KiB
PHP

<?PHP
@session_start ();
@error_reporting ( E_ALL ^ E_NOTICE );
@ini_set ( 'display_errors', true );
@ini_set ( 'html_errors', false );
@ini_set ( 'error_reporting', E_ALL ^ E_NOTICE );
define ( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -7 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
extract ( $_REQUEST, EXTR_SKIP );
require SYSTEM_DIR . "/data/config.php";
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . "/data/dbconfig.php";
require_once SYSTEM_DIR . "/inc/include/functions.inc.php";
check_xss ();
if ($_COOKIE['dle_skin']) {
if (@is_dir ( ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'] )) {
$config['skin'] = $_COOKIE['dle_skin'];
}
}
include_once ROOT_DIR . '/language/' . $config['langs'] . '/adminpanel.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
}
$cache->set( "usergroup", $user_group );
$db->free();
}
include_once SYSTEM_DIR . '/modules/sitelogin.php';
if (! $is_logged) {die ( "<br><br><br><br><center>$lang[err_notlogged]</center>" );}
if (! $user_group[$member_id['user_group']]['allow_image_upload'] and $member_id['user_group'] != 1) {die ( "<br><br><br><br><center>$lang[err_noupload]</center>" );}
$_REQUEST['news_id'] = (intval ( $_REQUEST['add_id'] )) ? intval ( $_REQUEST['add_id'] ) : '0';
$_REQUEST['action'] = "quick";
$_REQUEST['author'] = $member_id['name'];
if ( $_REQUEST['news_id'] ) {
$row = $db->super_query( "SELECT id, autor, approve FROM " . PREFIX . "_post WHERE id = '".intval($_REQUEST['news_id'])."'" );
if ( !$row['id'] OR $row['approve'] OR $row['autor'] != $member_id['name'] ) die( "Hacking attempt!" );
}
$action = "quick";
$author = $member_id['name'];
define( 'LOGGED_IN', true );
require_once SYSTEM_DIR . '/inc/files.php';
?>