/* Decoded by unphp.net */ ?>super_query("SELECT * FROM " . PREFIX . "_static_files WHERE id ='{$id}'"); $row_news = $db->super_query("SELECT id, name FROM " . PREFIX . "_static WHERE id ='{$row['static_id']}'"); if (isset($row_news['id']) and $row_news['id']) { if ($config['allow_alt_url']) $full_link = $config['http_home_url'] . $row_news['name'] . ".html"; else $full_link = $config['http_home_url'] . "index.php?do=static&page=" . $row_news['name']; } else { $perm = false; } } else { $row = $db->super_query("SELECT * FROM " . PREFIX . "_files WHERE id ='{$id}'"); if (isset($row['news_id']) and $row['news_id'] and !$viewonline) { $row_news = $db->super_query("SELECT id, autor, date, category, alt_name, approve, access FROM " . PREFIX . "_post LEFT JOIN " . PREFIX . "_post_extras ON (" . PREFIX . "_post.id=" . PREFIX . "_post_extras.news_id) WHERE id ='{$row['news_id']}'"); if ($row_news['id']) { $row_news['date'] = strtotime($row_news['date']); if ($config['allow_alt_url']) { if ($config['seo_type'] == 1 or $config['seo_type'] == 2) { if ($row_news['category'] and $config['seo_type'] == 2) { $full_link = $config['http_home_url'] . get_url($row_news['category']) . "/" . $row_news['id'] . "-" . $row_news['alt_name'] . ".html"; } else { $full_link = $config['http_home_url'] . $row_news['id'] . "-" . $row_news['alt_name'] . ".html"; } } else { $full_link = $config['http_home_url'] . date('Y/m/d/', $row_news['date']) . $row_news['alt_name'] . ".html"; } } else { $full_link = $config['http_home_url'] . "index.php?newsid=" . $row_news['id']; } $options = news_permission($row_news['access']); if (isset($options[$member_id['user_group']]) and $options[$member_id['user_group']] and $options[$member_id['user_group']] != 3) $perm = true; if (isset($options[$member_id['user_group']]) and $options[$member_id['user_group']] == 3) $perm = false; if ($config['no_date'] and !$config['news_future'] and !$user_group[$member_id['user_group']]['allow_all_edit']) { if ($row_news['date'] > $_TIME) { $perm = false; } } $cat_list = explode(',', $row_news['category']); if (count($cat_list)) { $allow_list = explode(',', $user_group[$member_id['user_group']]['allow_cats']); $not_allow_cats = explode(',', $user_group[$member_id['user_group']]['not_allow_cats']); foreach ($cat_list as $element) { if ($allow_list[0] != "all" and !in_array($element, $allow_list)) $perm = false; if ($not_allow_cats[0] != "" and in_array($element, $not_allow_cats)) $perm = false; } } if (!$row_news['approve'] and $member_id['name'] != $row_news['autor'] and !$user_group[$member_id['user_group']]['allow_all_edit']) $perm = false; } else $perm = false; } elseif (!isset($row['news_id']) or !$row['news_id']) { $perm = false; } } if (!$perm) { header("HTTP/1.1 403 Forbidden"); die("You don't have access to download this file"); } if (!$row['name'] or !$row['onserver']) { header("HTTP/1.1 403 Forbidden"); die("Access denied"); } $file_name = pathinfo($row['onserver']); if ($viewonline AND in_array($file_name['extension'], $onlineview_ext)) { $config['files_antileech'] = false; $user_group[$member_id['user_group']]['allow_files'] = true; } else $viewonline = false; if (!$user_group[$member_id['user_group']]['allow_files']) { header("HTTP/1.1 403 Forbidden"); die("Access denied"); } if ($config['files_antileech']) { function reset_url($url) { $url = (string)$url; $value = str_replace("http://", "", $url); $value = str_replace("https://", "", $value); $value = str_replace("www.", "", $value); $value = explode("/", $value); $value = reset($value); return $value; } $_SERVER['HTTP_REFERER'] = reset_url($_SERVER['HTTP_REFERER']); $_SERVER['HTTP_HOST'] = reset_url($_SERVER['HTTP_HOST']); if ($_SERVER['HTTP_HOST'] != $_SERVER['HTTP_REFERER']) { header("HTTP/1.1 403 Forbidden"); header("Location: " . $full_link); die("Access denied!!!

Please visit {$config['http_home_url']}"); } } if ($row['is_public']) $uploaded_path = 'public_files/'; else $uploaded_path = 'files/'; $file = new download($uploaded_path . $row['onserver'], $row['name'], $row['driver']); if ($user_group[$member_id['user_group']]['max_downloads'] and !$viewonline) { $today_time = strtotime('today midnight'); if( $today_time ) { $db->query("DELETE FROM " . USERPREFIX . "_downloads_log WHERE date < '{$today_time}'"); } $_IP = $db->safesql($_IP); if ($is_logged and $member_id['user_id']) { $where = "user_id ='{$member_id['user_id']}'"; } else { $where = "ip ='{$_IP}'"; } $down_log = $db->super_query("SELECT id FROM " . USERPREFIX . "_downloads_log WHERE file_id ='{$id}' AND {$where}"); if (isset($down_log['id']) and $down_log['id']) $downloaded = true; else $downloaded = false; if (!$downloaded) { $down_log = $db->super_query("SELECT count(*) as count FROM " . USERPREFIX . "_downloads_log WHERE {$where}"); if ($down_log['count'] >= $user_group[$member_id['user_group']]['max_downloads']) { header("HTTP/1.0 301 Moved Permanently"); header("Location: ?do=download&mode=error"); die("Redirect"); } if ($is_logged and $member_id['user_id']) { $db->query("INSERT INTO " . USERPREFIX . "_downloads_log (user_id, file_id, date) VALUES('{$member_id['user_id']}', '{$id}', '{$_TIME}')"); } else { $db->query("INSERT INTO " . USERPREFIX . "_downloads_log (ip, file_id, date) VALUES('{$_IP}', '{$id}', '{$_TIME}')"); } } } if (isset($_REQUEST['area']) and $_REQUEST['area'] == "static") { if ($config['files_count'] and !$file->range) { $db->query("UPDATE " . PREFIX . "_static_files SET dcount=dcount+1 WHERE id ='$id'"); } } else { if ($config['files_count'] and !$file->range) { $db->query("UPDATE " . PREFIX . "_files SET dcount=dcount+1 WHERE id ='$id'"); } } $db->close(); session_write_close(); $file->download_file(); die(); }