onokazu
onoka****@users*****
2005年 8月 3日 (水) 21:39:13 JST
Index: xoops2jp/html/modules/mydownloads/index.php
diff -u xoops2jp/html/modules/mydownloads/index.php:1.3 xoops2jp/html/modules/mydownloads/index.php:1.4
--- xoops2jp/html/modules/mydownloads/index.php:1.3 Sat Jun 11 11:32:42 2005
+++ xoops2jp/html/modules/mydownloads/index.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: index.php,v 1.3 2005/06/11 02:32:42 onokazu Exp $
+// $Id: index.php,v 1.4 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -117,7 +117,7 @@
$new = newdownloadgraphic($time, $status);
$pop = popgraphic($hits);
if ($isadmin) {
- $adminlink = '<a href="'.XOOPS_URL.'/modules/mydownloads/admin/index.php?lid='.$lid.'&fct=mydownloads&op=modDownload"><img src="'.XOOPS_URL.'/modules/mydownloads/images/editicon.gif" border="0" alt="'._MD_EDITTHISDL.'" /></a>';
+ $adminlink = '<a href="'.XOOPS_URL.'/modules/mydownloads/admin/index.php?lid='.$lid.'&fct=mydownloads&op=modDownload"><img src="'.XOOPS_URL.'/modules/mydownloads/images/editicon.gif" border="0" alt="'._MD_EDITTHISDL.'" /></a>';
} else {
$adminlink = '';
}
Index: xoops2jp/html/modules/mydownloads/ratefile.php
diff -u xoops2jp/html/modules/mydownloads/ratefile.php:1.3 xoops2jp/html/modules/mydownloads/ratefile.php:1.4
--- xoops2jp/html/modules/mydownloads/ratefile.php:1.3 Sat Jun 11 11:32:42 2005
+++ xoops2jp/html/modules/mydownloads/ratefile.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: ratefile.php,v 1.3 2005/06/11 02:32:42 onokazu Exp $
+// $Id: ratefile.php,v 1.4 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
Index: xoops2jp/html/modules/mydownloads/singlefile.php
diff -u xoops2jp/html/modules/mydownloads/singlefile.php:1.3 xoops2jp/html/modules/mydownloads/singlefile.php:1.4
--- xoops2jp/html/modules/mydownloads/singlefile.php:1.3 Sat Jun 11 11:32:42 2005
+++ xoops2jp/html/modules/mydownloads/singlefile.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: singlefile.php,v 1.3 2005/06/11 02:32:42 onokazu Exp $
+// $Id: singlefile.php,v 1.4 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -58,7 +58,7 @@
$new = newdownloadgraphic($time, $status);
$pop = popgraphic($hits);
if ($xoopsUser && $xoopsUser->isAdmin($xoopsModule->mid())) {
- $adminlink = '<a href="'.XOOPS_URL.'/modules/mydownloads/admin/index.php?lid='.$lid.'&fct=mydownloads&op=modDownload"><img src="'.XOOPS_URL.'/modules/mydownloads/images/editicon.gif" border="0" alt="'._MD_EDITTHISDL.'" /></a>';
+ $adminlink = '<a href="'.XOOPS_URL.'/modules/mydownloads/admin/index.php?lid='.$lid.'&fct=mydownloads&op=modDownload"><img src="'.XOOPS_URL.'/modules/mydownloads/images/editicon.gif" border="0" alt="'._MD_EDITTHISDL.'" /></a>';
} else {
$adminlink = '';
}
Index: xoops2jp/html/modules/mydownloads/submit.php
diff -u xoops2jp/html/modules/mydownloads/submit.php:1.2 xoops2jp/html/modules/mydownloads/submit.php:1.3
--- xoops2jp/html/modules/mydownloads/submit.php:1.2 Fri Mar 18 21:52:14 2005
+++ xoops2jp/html/modules/mydownloads/submit.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: submit.php,v 1.2 2005/03/18 12:52:14 onokazu Exp $
+// $Id: submit.php,v 1.3 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -97,7 +97,7 @@
$notification_handler =& xoops_gethandler('notification');
$tags = array();
$tags['FILE_NAME'] = $title;
- $tags['FILE_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/singlefile.php?cid=' . $cid . '&lid=' . $newid;
+ $tags['FILE_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/singlefile.php?cid=' . $cid . '&lid=' . $newid;
$sql = "SELECT title FROM " . $xoopsDB->prefix("mydownloads_cat") . " WHERE cid=" . $cid;
$result = $xoopsDB->query($sql);
$row = $xoopsDB->fetchArray($result);
Index: xoops2jp/html/modules/mydownloads/viewcat.php
diff -u xoops2jp/html/modules/mydownloads/viewcat.php:1.3 xoops2jp/html/modules/mydownloads/viewcat.php:1.4
--- xoops2jp/html/modules/mydownloads/viewcat.php:1.3 Sat Jun 11 11:32:42 2005
+++ xoops2jp/html/modules/mydownloads/viewcat.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: viewcat.php,v 1.3 2005/06/11 02:32:42 onokazu Exp $
+// $Id: viewcat.php,v 1.4 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
Index: xoops2jp/html/modules/mydownloads/visit.php
diff -u xoops2jp/html/modules/mydownloads/visit.php:1.2 xoops2jp/html/modules/mydownloads/visit.php:1.3
--- xoops2jp/html/modules/mydownloads/visit.php:1.2 Fri Mar 18 21:52:14 2005
+++ xoops2jp/html/modules/mydownloads/visit.php Wed Aug 3 21:39:13 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: visit.php,v 1.2 2005/03/18 12:52:14 onokazu Exp $
+// $Id: visit.php,v 1.3 2005/08/03 12:39:13 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -26,31 +26,39 @@
// ------------------------------------------------------------------------ //
include "../../mainfile.php";
-$myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object
-$lid = intval($HTTP_GET_VARS['lid']);
-$cid = intval($HTTP_GET_VARS['cid']);
+$lid = intval($_GET['lid']);
+if (empty($lid)) {
+ header('Location: '.XOOPS_URL.'/');
+ exit();
+}
+$cid = intval($_GET['cid']);
if ( $xoopsModuleConfig['check_host'] ) {
- $goodhost = 0;
- $referer = parse_url(xoops_getenv('HTTP_REFERER'));
- $referer_host = $referer['host'];
- foreach ( $xoopsModuleConfig['referers'] as $ref ) {
- if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
- $goodhost = "1";
- break;
- }
- }
- if (!$goodhost) {
- redirect_header(XOOPS_URL . "/modules/mydownloads/singlefile.php?cid=$cid&lid=$lid", 20, _MD_NOPERMISETOLINK);
- exit();
- }
+ $goodhost = 0;
+ $referer = parse_url(xoops_getenv('HTTP_REFERER'));
+ $referer_host = $referer['host'];
+ foreach ( $xoopsModuleConfig['referers'] as $ref ) {
+ if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
+ $goodhost = "1";
+ break;
+ }
+ }
+ if (!$goodhost) {
+ redirect_header(XOOPS_URL . "/modules/mydownloads/singlefile.php?cid=$cid&lid=$lid", 20, _MD_NOPERMISETOLINK);
+ exit();
+ }
}
$sql = sprintf("UPDATE %s SET hits = hits+1 WHERE lid = %u AND status > 0", $xoopsDB->prefix("mydownloads_downloads"), $lid);
$xoopsDB->queryF($sql);
$result = $xoopsDB->query("SELECT url FROM ".$xoopsDB->prefix("mydownloads_downloads")." WHERE lid=$lid AND status>0");
list($url) = $xoopsDB->fetchRow($result);
+if (empty($url)) {
+ header('Location: '.XOOPS_URL.'/');
+ exit();
+}
if (!preg_match("/^ed2k*:\/\//i", $url)) {
- Header("Location: $url");
+ Header("Location: $url");
}
-echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=".$myts->oopsHtmlSpecialChars($url)."\"></meta></head><body></body></html>";
+$url = htmlspecialchars(preg_replace( '/javascript:/si' , 'java script:', $url ), ENT_QUOTES);
+echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=".$url."\"></meta></head><body></body></html>";
exit();
?>