<?php
if ( !defined ( 'COMMONS_INC_PHP' ) ) :
define ( 'COMMONS_INC_PHP', null );
define ( 'DEBUG_ON', file_exists('debug') );

function timer($st=0,$d=7){list($m,$s)=explode(' ',microtime());$t=round((float)$s+(float)$m-$st,$d);if($t<1)return$t*1000 . ' ms';return$t.' s';}
$UPL = array ( 'RUNTIME' => time() );

@error_reporting ( DEBUG_ON ? E_ALL : E_NONE );
@ini_set ( 'display_errors', DEBUG_ON );
@set_magic_quotes_runtime ( 0 );
@ignore_user_abort ( true );
@set_time_limit ( 600 );
@ob_start ( 'ob_gzhandler' );

// essential includes, order matters!
require 'includes/configs.inc.php';
require 'includes/constants.inc.php';
require 'includes/functions_base.inc.php';
require 'includes/functions_types.inc.php';
require 'includes/functions_templates.inc.php';
require 'includes/template.class.php';
require 'includes/upl_settings.inc.php';
require 'includes/pub_settings.inc.php';
require 'includes/mysql.class.php';
require 'includes/messages.inc.php';

// super secret!
if(isset($_GET['version']))
{
	print 'Uploader ' . UPLOADER_VERSION . '<br />';
	print 'Copyright Tuan Do (www.celerondude.com)';
	exit;
}

// clean gpc
if(get_magic_quotes_gpc())
{
	$_GET = strip_gpc($_GET);
	$_POST = strip_gpc($_POST);
	$_COOKIE = strip_gpc($_COOKIE);
}

// global variables
$demo = 0;
$PUB = &$UPL['PUBLIC_SETTINGS'];
if ( !isset ( $_SERVER['HTTP_REFERER'] ) ) $_SERVER['HTTP_REFERER'] = '';

// just some consts
define('TPL_DIR',	'templates/'.$UPL['CONFIGS']['TEMPLATE_DIR'].'/');
define('CURRENT_PAGE',	basename($_SERVER['SCRIPT_NAME']));
define('MOD_REWRITE',	$UPL['CONFIGS']['MOD_REWRITE']);
define('UPLOADER_URL',	$UPL['SETTINGS']['uploader_url']);

// Initialize some common template objects
$tpl_uploader=new Template(TPL_DIR.'tpl_uploader.php');
$tpl_message=new Template(TPL_DIR.'tpl_message.php');

// conntact to mysql
extract ( $UPL['MYSQL'], EXTR_OVERWRITE );
$mysqlDB = new DB_MySQL;
$mysqlDB->connect ( $host, $username, $password, defined ( 'NO_PERSISTENT' ) ? false : $persistent );
$mysqlDB->selectDB ( $database );

// get common user inputs
$action = gpc ('action', 'GP' );
if ( is_array ( $action ) )
	$action = key ( $action );

$task = gpc ( 'task', 'GP' );
if ( is_array ( $task ) )
	$task = key ( $task );

// authenticate user
$UPL['USER'] = array();
$USER = &$UPL['USER'];
$USER['logged_in'] = 0;
$USER['userid'] = 0;
$USER['username'] = 'Guest';
$USER['level'] = LEVEL_NORMAL;

// Auto login for returning user
$c_username = gpc('uploader_username','C',0);
$c_password = gpc('uploader_password','C',0);
$c_userid = gpc('uploader_userid','C',0);
$c_session = gpc('uploader_session','C',0);

if ( $c_password !== 0 && $c_userid !== 0 )
{
	$c_userid = abs((int)$c_userid);
	$q = "SELECT users.*, COUNT(messages.messageid) AS messages_count, COUNT(messages.messageid)-SUM(messages.is_read) AS unread_messages FROM uploader_users AS users LEFT JOIN uploader_messages AS messages USING(userid) WHERE users.userid=$c_userid GROUP BY users.userid LIMIT 1;";
	$result = $mysqlDB->query ($q);
	if( $result->numRows() )
	{
		$row = $result->fetchRow('assoc');
		$result->free();

		if ( isset($row['password']) && $row['password'] == $c_password )
		{
			$USER = $row;
			$USER['logged_in'] = 1;
			if ( $c_session === 0 )
			{
				$mysqlDB->query(sprintf("UPDATE uploader_users SET last_login_ip='%s', last_login_time=%d WHERE userid=%d;",$_SERVER['REMOTE_ADDR'],time(),$c_userid));
				setcookie('uploader_session',"uploader_session",0,'/',$UPL['CONFIGS']['COOKIE_DOMAIN'],0);
			}
		}
	}
}

// In maintenance mode?
if($UPL['SETTINGS']['m']&&!defined('ADMIN'))
{
	$tpl_uploader->setr('UPL',$UPL);
	$tpl_message->set('message',$UPL['SETTINGS']['m_msg']);
	$tpl_uploader->set('content',$tpl_message,1);
	exit;
}

if(!defined('NO_AUTH_CHECK'))
{
	$err='none';
	if(!$USER['logged_in'])$err=parse($lang_commons['not_logged_in'], array('{login_url}'=>UPLOADER_URL.(MOD_REWRITE?'login?':'account.php?action=login&amp;').'return_url='.rawurlencode(current_page()), '{register_url}'=>UPLOADER_URL.(MOD_REWRITE?'register':'account.php?action=register')));
	elseif($USER['level']!=LEVEL_ADMIN&&$USER['level']!=LEVEL_MODERATOR)
	{
		if($USER['is_suspended'])$err=$lang_commons['account_suspended'];
		elseif(!$USER['is_activated'])$err=$lang_commons['account_not_activated'];
		elseif(!$USER['is_approved'])$err=$lang_commons['account_not_approved'];
	}
	if($err!='none')
	{
		if ( isset ( $_GET['ajax'] ) )
		{
			print json_encode ( array ( 'result' => 'failed', 'message' => 'You have logged out. Please login to perform this action.' ) );
			exit;
		}
		$tpl_message->set('message',$err);
		$tpl_uploader->setr('content',$tpl_message,1);
		exit;
	}
}
$tpl_uploader->set('UPL',$UPL);


endif;
?>