X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-usage.php;h=fa5f7747a01e1fbf60ef2a0ffc6ffcfd51fd1167;hb=4e828541f3977c085ef54d3490b3e0069eb09a06;hp=f5afcc325e1f71456f8b4a764573aba635fd886a;hpb=99cab54d086b044c882670ef9e051ba85bf9771f;p=mailer.git diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php index f5afcc325e..fa5f7747a0 100644 --- a/inc/modules/admin/what-usage.php +++ b/inc/modules/admin/what-usage.php @@ -32,76 +32,87 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); -$usage = "usage/"; -if (!empty($_GET['image'])) -{ - if ($_GET['type'] == "usage") - { - $file = PATH.$usage."usage.png"; - } - else - { +// Base directory (should be moved to database) +$usage = getConfig('usage_base')."/"; + +if (!empty($_GET['image'])) { + if ($_GET['type'] == "usage") { + $FQFN = sprintf("%s%s/usage.png", + constant('PATH'), + getConfig('usage_base') + ); + } else { if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\")); - $file = PATH.$usage.$_GET['type']."_usage_".$_GET['image'].".png"; + $FQFN = sprintf("%s%s/%s_usage_%s.png", + constant('PATH'), + getConfig('usage_base'), + SQL_ESCAPE($_GET['type']), + SQL_ESCAPE($_GET['image']) + ); } - if (file_exists($file)) - { - $image = imagecreatefrompng($file); + + if (FILE_READABLE($FQFN)) { + $image = imagecreatefrompng($FQFN); header("Content-type: image/png"); imagepng($image); imagedestroy($image); } exit(); -} - elseif (empty($_GET['usage'])) -{ - $file = PATH.$usage."index.html"; -} - else -{ - $file = sprintf("%s%susage_%s.html", - PATH, - $usage, +} elseif (empty($_GET['usage'])) { + $FQFN = sprintf("%s%s/index.html", + constant('PATH'), + getConfig('usage_base') + ); +} else { + $FQFN = sprintf("%s%s/usage_%s.html", + constant('PATH'), + getConfig('usage_base'), SQL_ESCAPE($_GET['usage']) ); } -if ($file !="") -{ - if (file_exists($file) && is_readable($file)) - { - $tmpl_file = implode("", file($file)); - $tmpl_file = addslashes($tmpl_file); - $tmpl_file = "\$content=\"".$tmpl_file."\";"; - eval($tmpl_file); - $content = str_replace("usage.png", URL."/modules.php?module=admin&what=".$GLOBALS['what']."&type=usage&image=usage", $content); - $content = str_replace("daily_usage_", URL."/modules.php?module=admin&what=".$GLOBALS['what']."&type=daily&image=", $content); - $content = str_replace("hourly_usage_", URL."/modules.php?module=admin&what=".$GLOBALS['what']."&type=hourly&image=", $content); - $content = str_replace("ctry_usage_", URL."/modules.php?module=admin&what=".$GLOBALS['what']."&type=ctry&image=", $content); - $content = str_replace("usage_", URL."/modules.php?module=admin&what=".$GLOBALS['what']."&usage=", str_replace(".html", "", $content)); - // Disabled due to too much trouble - //$content = str_replace("HREF=\"http://", "href=\"".URL."/modules.php?module=loader&url=http://", $content); - $test = strtolower($content); - $body_start = strpos($test, "
"); - if (($body_start > 0) && ($body_end > 0)) - { - $content = substr(substr($content, 0, $body_end), $body_start); - $content = substr($content, strpos($content, ">") + 1); - OUTPUT_HTML("