Ich habe aufeinmal einen fehler bei meiner Website im Downloadbereich.
Error Code:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/include/images/usergallery/img_thumb_44.jpg) is not within the allowed path(s): (/var/www/vhosts/godlike-rpg.de/httpdocs:/tmp) in /var/www/vhosts/godlike-rpg.de/httpdocs/include/contents/downloads.php on line 209
ich weis da ist antscheinend ein error aber ich finde ihn nicht . >downloads.php on line 209<
meine suche wegen dem Error
Das habe ich unteranderem gefunden externer Link hab ich alles gemacht aber error immernoch da.
meine Downloads.php
<?php
# Script Copyright by: Manuel Staechele
# Support: www.ilch.de
# Ueberarbeitung copyright by honklords.de
# erstellt von Topolino
# seite: www.honklords.de
# Support auf www.honklords.de
defined ('main') or die ( 'no direct access' );
function get_cats_title ( $catsar ) {
$l = '';
foreach($catsar as $k => $v) {
if ( $k != '' AND $v != '' ) {
$l = $v.' :: '.$l;
}
}
return ($l);
}
$suchtpl =
$tpl = new tpl ($suchtpl,3);
$tpl->set ('size', 16);
if(isset($_GET['search']))
$tpl->set ('search', escape($_GET['search'],'string'));
else $tpl->set ('search', '');
$tpl->out(0);
function get_cats_urls ( $catsar ) {
$l = '';
foreach($catsar as $k => $v) {
if ( $k != '' AND $v != '' ) {
$l = '<a class="smalfont" href="index.php?downloads-'.$k.'">'.$v.'</a><b> » </b>'.$l;
}
}
return ($l);
}
function get_cats_array ( $cid , $ar ) {
if ( empty($cid) ) {
return ($ar);
} else {
$erg = db_query("SELECT cat,id,name FROM prefix_downcats WHERE id = ".$cid);
$row = db_fetch_assoc($erg);
$ar[$row['id']] = $row['name'];
return ( get_cats_array($row['cat'],$ar) );
}
if ( $r ) {
return ($l);
}
}
function get_download_size($file) {
$sizes = array(" Bytes", " KB", " MB", " GB", " TB", " PB", " EB", " ZB", " YB");
$size = @filesize($file); if ($size == 0) { return('n/a'); } else {
return (round($size/pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizes[$i]); }
}
function count_files ($cid) {
$zges = 0;
$e = db_query("SELECT id FROM prefix_downcats WHERE cat = ".$cid);
if ( db_num_rows($e) > 0 ) {
while ($r = db_fetch_assoc($e) ) {
$zges = $zges + count_files ( $r['id'] );
}
}
$zges = $zges + db_count_query("SELECT COUNT(*) FROM prefix_downloads WHERE cat = ".$cid);
return ( $zges );
}
function icUpload () {
$name = escape($_POST['name'],'string');
$version = escape($_POST['version'],'string');
$autor = escape($_POST['autor'],'string');
$surl = escape($_POST['surl'],'string');
$ssurl = escape($_POST['ssurl'],'string');
$ssurl1 = escape($_POST['ssurl1'],'string');
$ssurl2 = escape($_POST['ssurl2'],'string');
$url = ( empty($_POST['url']) ? '' : escape($_POST['url'],'string') );
$desc = escape($_POST['desc'],'string');
$descl = escape($_POST['descl'],'textarea');
if (empty($name)) {
return ('keinen Namen angegeben.');
}
if (empty($desc) or empty($descl)) {
return ('kein langer oder/und kein kurzer Text angegeben.');
}
if (empty($url) AND empty($_FILES['file']['name'])) {
return ('Keine Datei oder Link angegeben.');
}
if (!empty ($_FILES['file']['name']) ) {
$rtype = trim(ic_mime_type ($_FILES['file']['tmp_name']));
$fname = escape($_FILES['file']['name'],'string');
$fende = preg_replace("/.+\.([a-zA-Z]+)$/", "\\1", $fname);
$fende = strtolower($fende);
if ( $_FILES['file']['size'] > 2097000 ) { # 2 mb (2 097 152)
return ('Die Datei darf NICHT grösser als 2 MBytes sein.');
}
if (
($fende != 'rar' AND $fende != 'zip' AND $fende != 'tar')
OR (
$rtype != 'application/x-rar' AND
$rtype != 'application/x-zip' AND
$rtype != 'application/x-tar')
) {
return ('Die Datei darf nur die Endungen: .zip, .tar oder .rar haben.');
}
$fname = str_replace ('.'.$fende, '', $fname);
$fname = preg_replace("/[^a-zA-Z0-9]/", "", $fname);
$fname = $fname.'.'.$fende;
if (file_exists( 'include/downs/downloads/user_upload/'.$fname ) ) {
return ('Die Datei existiert bereits und kann nicht überschrieben werden.');
}
if ( move_uploaded_file($_FILES['file']['tmp_name'], 'include/downs/downloads/user_upload/'.$fname) ) {
$url = 'include/downs/downloads/user_upload/'.$fname;
@chmod($url, 0777);
}
}
if (empty($url)) {
return ('Keine Datei oder Link angegeben');
}
db_query("INSERT INTO prefix_downloads (`time`,`cat`,`creater`,`version`,`url`,surl,`ssurl`,`ssurl1`,`ssurl2`,`name`,`desc`,`descl`,pos) VALUES (NOW(),-1,'".$autor."','".$version."','".$url."','".$surl."','".$ssurl."','".$ssurl1."','".$ssurl2."','".$name."','".$desc."','".$descl."','0')");
return (true);
}
switch ( $menu->get(1) ) {
default :
$cid = ( $menu->get(1) ? escape($menu->get(1), 'integer') : 0 );
$erg = db_query("SELECT cat,name FROM prefix_downcats WHERE id = ".$cid." ORDER BY pos");
if ( db_num_rows($erg) > 0 ) {
$row = db_fetch_assoc($erg);
$array = get_cats_array($row['cat'],'');
if ( !empty($array) ) {
$titelzw = get_cats_title($array);
$namezw = get_cats_urls($array);
} else {
$titelzw = '';
$namezw = '';
}
$cattitle = ':: '.$titelzw.$row['name'];
$catname = '<b> » </b>'.$namezw.$row['name'];
} else {
$cattitle = '';
$catname = '';
}
$title = $allgAr['title'].' :: Downloads '.$cattitle;
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads</a>'.$catname;
$design = new design ( $title , $hmenu );
$design->header();
$tpl = new tpl ('downloads' );
require_once('include/contents/downloadsinfo.php');
$tpl->set('cid', $cid);
$erg = db_query("SELECT id,name,`desc` FROM prefix_downcats WHERE cat = ".$cid." AND recht >= ".$_SESSION['authright']." ORDER BY pos");
if ( db_num_rows($erg) > 0 ) {
$tpl->out(1); $class = 'Cnorm';
while ($row = db_fetch_assoc($erg) ) {
$row['files'] = count_files($row['id']);
$class = ( $class == 'Cmite' ? 'Cnorm' : 'Cmite' );
$row['class'] = $class;
$tpl->set_ar_out($row,2);
}
$tpl->out(3);
}
# sortierung festlegen
$sortierung = 'pos ASC';
$DOM = 'ASC';
$POM = 'ASC';
$DAM = 'ASC';
switch ($menu->get(2)) {
case 'positionDESC' : $sortierung = 'pos DESC'; break;
case 'positionASC' : $sortierung = 'pos ASC'; $POM = 'DESC'; break;
case 'downsDESC' : $sortierung = 'downs DESC'; break;
case 'downsASC' : $sortierung = 'downs ASC'; $DOM = 'DESC'; break;
case 'dateDESC' : $sortierung = 'time DESC'; break;
case 'dateASC' : $sortierung = 'time ASC'; $DAM = 'DESC'; break;
}
$tpl->set ('POM', $POM);
$tpl->set ('DOM', $DOM);
$tpl->set ('DAM', $DAM);
$erg = db_query("select id,name,version,ssurl,ssurl1,ssurl2,`desc`,downs,DATE_FORMAT(time,'%d.%m.%Y') as datum from prefix_downloads WHERE cat = ".$cid." ORDER BY ".$sortierung);
if ( db_num_rows($erg) > 0 ) {
$tpl->out(4); $class = 'Cnorm';
while($row = db_fetch_assoc($erg) ) {
# smal screenshot url
$row['ssurl'] = ( (file_exists($row['ssurl']) AND $row['ssurl'] != '') ? '<img src="'.$row['ssurl'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:3px;" />' : '' );
$row['ssurl1'] = ( (file_exists($row['ssurl1']) AND $row['ssurl1'] != '') ? '<img src="'.$row['ssurl1'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:3px;" />' : '' );
$row['ssurl2'] = ( (file_exists($row['ssurl2']) AND $row['ssurl2'] != '') ? '<img src="'.$row['ssurl2'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:3px;" />' : '' );
$class = ( $class == 'Cmite' ? 'Cnorm' : 'Cmite' );
$row['class'] = $class;
$tpl->set_ar_out($row,5);
}
$tpl->out(6);
}
if ( $cid == 0 AND $allgAr['archiv_down_userupload'] == 1 AND loggedin() AND is_writeable ( 'include/downs/downloads/user_upload' ) ) {
$tpl->out(7);
}
$design->footer();
break;
case 'show' :
$fid = escape($menu->get(2), 'integer');
$erg = db_query("SELECT prefix_downloads.cat,ssurl,ssurl1,ssurl2,surl,url,hits,vote_klicks,vote_wertung,prefix_downloads.name,version,creater,downs,descl,drecht,prefix_downloads.id,DATE_FORMAT(time,'%d.%m.%Y') as datum FROM prefix_downloads LEFT JOIN prefix_downcats ON prefix_downcats.id = prefix_downloads.cat WHERE prefix_downloads.id = ".$fid." AND (".$_SESSION['authright']." <= prefix_downcats.recht OR (prefix_downloads.cat = 0 AND prefix_downcats.recht IS NULL)) ORDER by prefix_downloads.name ASC"); // ORDER by prefix_downloads.name ASC -> hinzugefügt = sortiert nach Namen aufsteigend -> DESC Absteigend
if (@db_num_rows($erg) <> 1) {
$title = $allgAr['title'].' :: Downloads ';
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads</a>';
$design = new design ( $title , $hmenu );
$design->header();
echo 'Der Download wurde nicht gefunden';
$design->footer(1);
}
# kommentar add
if ((loggedin() OR chk_antispam ('downloads')) AND !empty($_POST['name']) AND !empty($_POST['text'])) {
$_POST['text'] = escape($_POST['text'],'textarea');
$_POST['name'] = escape($_POST['name'],'string');
db_query("INSERT INTO `prefix_koms` VALUES ('',".$fid.",'dloads','".$_POST['name']."','".$_POST['text']."')");
}
# kommentar loeschen
if ($menu->getA(3) == 'd' AND is_numeric($menu->getE(3)) AND has_right(-9, 'archiv-downloads')) {
$kommentar_id = escape($menu->getE(3),'integer');
db_query("DELETE FROM `prefix_koms`WHERE uid = ".$fid." AND cat = 'dloads' AND id = ".$kommentar_id)OR die('dl22');
}
$row = db_fetch_assoc($erg);
# umfrage einen hoch zaehlen ...
if ( $menu->getA(3) == 'z' AND is_numeric($menu->getE(3)) AND !isset ($_SESSION['downDoVote'][$row['id']]) AND loggedin() ) {
$_SESSION['downDoVote'][$row['id']] = 'o';
$row['vote_wertung'] = round ( ( ( $row['vote_wertung'] * $row['vote_klicks'] ) + $menu->getE(3) ) / ( $row['vote_klicks'] + 1 ) , 3 );
$row['vote_klicks']++;
db_query("UPDATE prefix_downloads SET vote_wertung = ".$row['vote_wertung'].", vote_klicks = ".$row['vote_klicks']." WHERE id = ".$row['id']);
}
if ( !isset ($_SESSION['downDoKlick'][$row['id']]) ) {
$_SESSION['downDoKlick'][$row['id']] = 'o';
db_query("UPDATE prefix_downloads SET hits = hits +1 WHERE id = ".$fid);
}
$cid = $row['cat'];
$erg1 = db_query("SELECT id,cat,name FROM prefix_downcats WHERE id = ".$cid);
if ( db_num_rows($erg1) > 0 ) {
$row1 = db_fetch_assoc($erg1);
$array = get_cats_array($row1['cat'],'');
if ( !empty($array) ) {
$titelzw = get_cats_title($array);
$namezw = get_cats_urls($array);
} else {
$titelzw = '';
$namezw = '';
}
$cattitle = ':: '.$titelzw.$row1['name'].' :: '.$row['name'].' '.$row['version'];
$catname = '<b> » </b>'.$namezw.'<a class="smalfont" href="index.php?downloads-'.$row1['id'].'">'.$row1['name'].'</a><b> » </b>'.$row['name'].' '.$row['version'];
} else {
$cattitle = '';
$catname = '';
}
$tpl = new tpl ('downloads_show' );
$drecht = $row['drecht'];
if ( $_SESSION['authright'] <= $drecht ) {
$row['downlink'] = '<a href="index.php?downloads-down-'.$row['id'].'"><img src="include/images/buttons/download.gif" alt="Download" border="0"></a>';
} else {
$row['downlink'] = '<a href="index.php?downloads-error"><img src="include/images/buttons/download.gif" alt="Download" border="0"></a>';
}
$row['ssurl'] = ( $row['ssurl'] != '' ? '<img src="'.$row['ssurl'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:5px;" />' : '' );
$row['ssurl1'] = ( $row['ssurl1'] != '' ? '<img src="'.$row['ssurl1'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:5px;" />' : '' );
$row['ssurl2'] = ( $row['ssurl2'] != '' ? '<img src="'.$row['ssurl2'].'" alt="'.$row['name'].' '.$row['version'].'" title="'.$row['name'].' '.$row['version'].'" style="float:left; border: none; padding-right:5px;" />' : '' );
$row['surl'] = ( empty($row['surl']) ? '' : ' <a href="'.$row['surl'].'" target="_blank"><img src="include/images/buttons/demo.gif" alt="Demo/Screenshot" border="0"></a>' );
$row['size'] = get_download_size($row['url']);
$row['descl'] = bbcode($row['descl']);
$row['version_kl'] = (empty($row['version'])?'':'('.$row['version'].')');
$title = $allgAr['title'].' :: Downloads '.$cattitle;
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads</a>'.$catname;
$design = new design ( $title , $hmenu );
$design->header();
$row['uname'] = get_n($_SESSION['authid']);
$row['ANTISPAM'] = (loggedin()?'':get_antispam ('downloads', 0));
$tpl->set_ar_out($row,0);
# kommentar show
$erg2 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = ".$row['id']." AND cat = 'dloads' ORDER BY id DESC");
$ergAnz1 = db_num_rows($erg2);
if ( $ergAnz1 == 0 ) {
echo '<br /><br /> <b>'.$lang['nocomments'].'</b><br />';
$tpl->out(1);
} else {
$tpl->out(1);
$zahl = $ergAnz1;
while ($row2 = db_fetch_assoc($erg2)) {
$row2['text'] = bbcode(trim($row2['text']));
if (has_right(-9, 'archiv-downloads')) {
$row2['text'] .= '<a href="index.php?downloads-show-'.$row['id'].'-d'.$row2['id'].'"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
$tpl->set_ar_out(array('name' => $row2['name'], 'text' => $row2['text'], 'zahl' => $zahl ),2);
$zahl--;
}
}
$tpl->out(3);
# kommentar show ende
$design->footer();
break;
case 'down' :
$fid = $menu->get(2);
$erg = db_query("SELECT drecht FROM prefix_downloads LEFT JOIN prefix_downcats ON prefix_downcats.id = prefix_downloads.cat WHERE prefix_downloads.id = ".$fid." AND (".$_SESSION['authright']." <= prefix_downloads.drecht OR (prefix_downloads.cat = 0 AND prefix_downcats.recht IS NULL))");
if (@db_num_rows($erg) <> 1) {
$title = $allgAr['title'].' :: Downloads ';
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads</a>';
$design = new design ( $title , $hmenu );
$design->header();
echo $lang['nopermission'];
$design->footer(1);
}
$recht = @db_result(db_query("SELECT `recht` FROM `prefix_downcats` LEFT JOIN `prefix_downloads` ON `prefix_downcats`.`id` = `prefix_downloads`.`cat` WHERE `prefix_downloads`.`id` = $fid"),0);
$recht = (is_int($recht)?$recht:0);
if (has_right($recht)) {
$row = db_fetch_assoc(db_query("SELECT url FROM prefix_downloads WHERE id = ".$fid));
$url = iurlencode($row['url']);
} else {
$url = 'http://'.$_SERVER["HTTP_HOST"].dirname($_SERVER["SCRIPT_NAME"]).'/index.php?downloads';
}
db_query("UPDATE prefix_downloads SET downs = downs +1 WHERE id = ".$fid);
header('location: '.$url);
break;
case 'upload' :
if ( $allgAr['archiv_down_userupload'] == 1 AND loggedin() AND is_writeable ( 'include/downs/downloads/user_upload' ) ) {
$title = $allgAr['title'].' :: Downloads :: User - Upload';
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads</a><b> » </b>User - Upload';
$design = new design ( $title , $hmenu );
$design->header();
$re = icUpload();
if ($re === true) {
echo 'Erfolgreich eingetragen! ... ein Moderator oder Admin dieser Seite wird den Download in nächster Zeit freischalten.';
} else {
echo '<b>Error:</b><br />'.$re;
}
$design->footer();
}
break;
case 'error' :
$title = $allgAr['title'].' :: Downloads Error';
$hmenu = '<a class="smalfont" href="index.php?downloads">Downloads Error</a>';
$design = new design ( $title , $hmenu );
$design->header();
echo '<table width="100%" class="border" border="0" cellspacing="2" cellpadding="3" align="center">
<tr><td class="Chead" align="center"><b>Sie haben leider nicht die nötigen Rechte um diesen Download nutzen zu können.</b></td>
</tr><tr class="Cdark"><td align="center"><a href="javascript:history.back();"><u>Zurück</u></a> oder <a href="/index.php"><u>Auf die Startseite</u></a></td></tr></table>';
$design->footer();
break;
}
?>
was ich alles geändert hab:
Kommentare bei dem Downloads mit Antispam
3 Vorschaubilder
unten eine Suchfunktion eingebaut
Was ich instaliert habe (Downloadbereich):
Modifiziertes Download script (1.1 H) 1.1 DownloadLink: externer Link
Mehrere Fehler Links:
godlike-rpg.de/index.php?downloads-9
godlike-rpg.de/index.php?downloads-18
hoffe es kann mir einer Helfen
Mfg Brezel
verwendete ilchClan Version: 1.1
betroffene Homepage: godlike-rpg.de
