2001-02-24 00:31:58 +00:00
|
|
|
<?php
|
2001-04-20 07:30:45 +00:00
|
|
|
/***************************************************************************
|
|
|
|
|
* common.php
|
|
|
|
|
* -------------------
|
|
|
|
|
* begin : Saturday, Feb 23, 2001
|
|
|
|
|
* copyright : (C) 2001 The phpBB Group
|
|
|
|
|
* email : support@phpbb.com
|
|
|
|
|
*
|
2001-02-24 00:31:58 +00:00
|
|
|
* $Id$
|
2001-04-20 07:30:45 +00:00
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
***************************************************************************/
|
2001-02-24 00:31:58 +00:00
|
|
|
|
2001-08-30 22:20:23 +00:00
|
|
|
/***************************************************************************
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
***************************************************************************/
|
|
|
|
|
|
2001-08-09 22:21:55 +00:00
|
|
|
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
|
|
|
|
|
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
// addslashes to vars if magic_quotes_gpc is off
|
|
|
|
|
// this is a security precaution to prevent someone
|
|
|
|
|
// trying to break out of a SQL statement.
|
|
|
|
|
//
|
|
|
|
|
if( !get_magic_quotes_gpc() )
|
|
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_GET_VARS) )
|
2001-08-09 22:21:55 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k, $v) = each($HTTP_GET_VARS) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_GET_VARS[$k]) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
|
|
|
|
|
{
|
|
|
|
|
$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
|
|
|
|
|
}
|
|
|
|
|
@reset($HTTP_GET_VARS[$k]);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$HTTP_GET_VARS[$k] = addslashes($v);
|
2001-08-12 23:22:54 +00:00
|
|
|
}
|
|
|
|
|
}
|
2001-09-17 19:30:25 +00:00
|
|
|
@reset($HTTP_GET_VARS);
|
2001-08-09 22:21:55 +00:00
|
|
|
}
|
|
|
|
|
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_POST_VARS) )
|
2001-08-09 22:21:55 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k, $v) = each($HTTP_POST_VARS) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_POST_VARS[$k]) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
|
|
|
|
|
{
|
|
|
|
|
$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
|
|
|
|
|
}
|
|
|
|
|
@reset($HTTP_POST_VARS[$k]);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$HTTP_POST_VARS[$k] = addslashes($v);
|
2001-08-12 23:22:54 +00:00
|
|
|
}
|
|
|
|
|
}
|
2001-09-17 19:30:25 +00:00
|
|
|
@reset($HTTP_POST_VARS);
|
2001-08-09 22:21:55 +00:00
|
|
|
}
|
|
|
|
|
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_COOKIE_VARS) )
|
2001-08-09 22:21:55 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k, $v) = each($HTTP_COOKIE_VARS) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
if( is_array($HTTP_COOKIE_VARS[$k]) )
|
2001-08-12 23:22:54 +00:00
|
|
|
{
|
2001-09-17 19:30:25 +00:00
|
|
|
while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
|
|
|
|
|
{
|
|
|
|
|
$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
|
|
|
|
|
}
|
|
|
|
|
@reset($HTTP_COOKIE_VARS[$k]);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$HTTP_COOKIE_VARS[$k] = addslashes($v);
|
2001-08-12 23:22:54 +00:00
|
|
|
}
|
|
|
|
|
}
|
2001-09-17 19:30:25 +00:00
|
|
|
@reset($HTTP_COOKIE_VARS);
|
2001-08-09 22:21:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2001-04-19 13:30:47 +00:00
|
|
|
//
|
2001-07-13 16:14:37 +00:00
|
|
|
// Define some basic configuration arrays this also prevents
|
2001-07-14 17:30:21 +00:00
|
|
|
// malicious rewriting of language and otherarray values via
|
|
|
|
|
// URI params
|
2001-04-19 13:30:47 +00:00
|
|
|
//
|
2001-05-03 22:10:23 +00:00
|
|
|
$board_config = Array();
|
|
|
|
|
$userdata = Array();
|
|
|
|
|
$theme = Array();
|
|
|
|
|
$images = Array();
|
2001-05-27 16:40:25 +00:00
|
|
|
$lang = Array();
|
2001-10-16 11:12:32 +00:00
|
|
|
$gen_simple_header = FALSE;
|
2001-04-19 13:30:47 +00:00
|
|
|
|
2001-10-09 23:28:31 +00:00
|
|
|
@include($phpbb_root_path . 'config.'.$phpEx);
|
|
|
|
|
|
|
|
|
|
if( !defined("PHPBB_INSTALLED") )
|
|
|
|
|
{
|
|
|
|
|
header("Location: install.$phpEx");
|
|
|
|
|
}
|
|
|
|
|
|
2001-07-13 16:14:37 +00:00
|
|
|
include($phpbb_root_path . 'includes/constants.'.$phpEx);
|
2001-07-24 11:39:00 +00:00
|
|
|
include($phpbb_root_path . 'includes/template.'.$phpEx);
|
2001-07-13 16:14:37 +00:00
|
|
|
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
|
|
|
|
|
include($phpbb_root_path . 'includes/auth.'.$phpEx);
|
|
|
|
|
include($phpbb_root_path . 'includes/functions.'.$phpEx);
|
|
|
|
|
include($phpbb_root_path . 'includes/db.'.$phpEx);
|
2001-04-19 13:30:47 +00:00
|
|
|
|
2001-07-06 17:47:10 +00:00
|
|
|
//
|
2001-05-27 16:40:25 +00:00
|
|
|
// Obtain and encode users IP
|
2001-07-06 17:47:10 +00:00
|
|
|
//
|
|
|
|
|
if(!empty($HTTP_CLIENT_IP))
|
|
|
|
|
{
|
2001-09-25 18:18:47 +00:00
|
|
|
$client_ip = ( ereg("[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+", $HTTP_CLIENT_IP) ) ? $HTTP_CLIENT_IP : $REMOTE_ADDR;
|
2001-07-06 17:47:10 +00:00
|
|
|
}
|
2001-07-06 22:57:32 +00:00
|
|
|
else if(!empty($HTTP_X_FORWARDED_FOR))
|
2001-07-06 17:47:10 +00:00
|
|
|
{
|
2001-09-25 18:18:47 +00:00
|
|
|
$client_ip = ( ereg("^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)", $HTTP_X_FORWARDED_FOR, $ip_list) ) ? $ip_list[0] : $REMOTE_ADDR;
|
2001-07-06 17:47:10 +00:00
|
|
|
}
|
|
|
|
|
else if(!empty($HTTP_PROXY_USER))
|
|
|
|
|
{
|
2001-09-25 18:18:47 +00:00
|
|
|
$client_ip = ( ereg("[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+", $HTTP_PROXY_USER) ) ? $HTTP_PROXY_USER : $REMOTE_ADDR;
|
2001-07-06 17:47:10 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$client_ip = $REMOTE_ADDR;
|
|
|
|
|
}
|
|
|
|
|
$user_ip = encode_ip($client_ip);
|
|
|
|
|
|
2001-05-03 22:10:23 +00:00
|
|
|
//
|
2001-07-07 00:17:51 +00:00
|
|
|
// Setup forum wide options, if this fails
|
|
|
|
|
// then we output a CRITICAL_ERROR since
|
|
|
|
|
// basic forum information is not available
|
2001-05-03 22:10:23 +00:00
|
|
|
//
|
2001-03-21 23:25:03 +00:00
|
|
|
$sql = "SELECT *
|
2001-07-03 00:32:27 +00:00
|
|
|
FROM " . CONFIG_TABLE;
|
2001-02-24 00:31:58 +00:00
|
|
|
if(!$result = $db->sql_query($sql))
|
|
|
|
|
{
|
2001-07-03 22:50:56 +00:00
|
|
|
message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
|
2001-02-24 00:31:58 +00:00
|
|
|
}
|
2001-04-20 07:30:45 +00:00
|
|
|
else
|
2001-02-24 00:31:58 +00:00
|
|
|
{
|
2001-07-03 00:32:27 +00:00
|
|
|
while($row = $db->sql_fetchrow($result))
|
|
|
|
|
{
|
2001-09-08 18:24:34 +00:00
|
|
|
$board_config[$row['config_name']] = $row['config_value'];
|
2001-07-03 00:32:27 +00:00
|
|
|
}
|
2001-02-24 00:31:58 +00:00
|
|
|
}
|
2001-06-30 21:04:37 +00:00
|
|
|
|
2001-09-17 19:30:25 +00:00
|
|
|
if( $board_config['board_disable'] && !defined("IN_ADMIN") )
|
2001-07-03 00:32:27 +00:00
|
|
|
{
|
2001-09-25 18:18:47 +00:00
|
|
|
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
|
2001-07-03 00:32:27 +00:00
|
|
|
}
|
2001-06-30 21:04:37 +00:00
|
|
|
|
2001-09-09 12:40:42 +00:00
|
|
|
?>
|
