mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-19 07:08:09 +01:00
Code Issues Releases Wiki Activity

Off to the realm of Mordor we go

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@183 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-04-19 13:25:46 +00:00
parent 175d4a049f
commit 329b5e116b
6 changed files with 0 additions and 1492 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
phpBB/functions/auth.php
View File

@ -1,87 +0,0 @@
<?php
/***************************************************************************
* auth.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
/* Notes:
* auth() is going to become a very complex function and can take in a LARGE number of arguments.
* The currently included argements should be enough to handle any situation, however, if you need access to another
* the best option would be to create a global variable and access it that way if you can.
*
* auth() returns:
* TRUE if the user authorized
* FALSE if the user is not
*/
function auth($type, $db, $id = "", $user_ip = "")
{
global $userdata;
switch($type)
{
// Empty for the moment.
}
}
/*
* The following functions are used for getting user information. They are not related directly to auth()
*/
function get_userdata_from_id($userid, $db)
{
$sql = "SELECT * FROM ".USERS_TABLE." WHERE user_id = $userid";
if(!$result = $db->sql_query($sql))
{
$userdata = array("error" => "1");
return ($userdata);
}
if($db->sql_numrows($result))
{
$myrow = $db->sql_fetchrowset($result);
return($myrow[0]);
}
else
{
$userdata = array("error" => "1");
return ($userdata);
}
}
function get_userdata($username, $db) {
$sql = "SELECT * FROM ".USERS_TABLE." WHERE username = '$username' AND user_level != ".DELETED;
if(!$result = $db->sql_query($sql))
{
$userdata = array("error" => "1");
}
if($db->sql_numrows($result))
{
$myrow = $db->sql_fetchrowset($result);
return($myrow[0]);
}
else
{
$userdata = array("error" => "1");
return ($userdata);
}
}
?>

508
phpBB/functions/bbcode.php
View File

@ -1,508 +0,0 @@
<?php
/***************************************************************************
* bbcode.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
*
***************************************************************************/
define("BBCODE_UID_LEN", 10);
/**
* Does second-pass bbencoding. This should be used before displaying the message in
* a thread. Assumes the message is already first-pass encoded, and has the required
* "[uid:...]" tag as the very first thing in the text.
*/
function bbencode_second_pass($text, $uid)
{
//$uid_tag_length = strpos($text, ']') + 1;
//$uid = substr($text, 5, BBCODE_UID_LEN);
//$text = substr($text, $uid_tag_length);
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
$text = " " . $text;
// First: If there isn't a "[" and a "]" in the message, don't bother.
if (! (strpos($text, "[") && strpos($text, "]")) )
{
// Remove padding, return.
$text = substr($text, 1);
return $text;
}
// [CODE] and [/CODE] for posting code (HTML, PHP, C etc etc) in your posts.
$text = bbencode_second_pass_code($text, $uid);
// [list] and [list=x] for (un)ordered lists.
// unordered lists
$text = str_replace("[list:$uid]", '<UL>', $text);
// li tags
$text = str_replace("[*:$uid]", '<LI>', $text);
// ending tags
$text = str_replace("[/list:u:$uid]", '</UL>', $text);
$text = str_replace("[/list:o:$uid]", '</OL>', $text);
// Ordered lists
$text = preg_replace("/\[list=([a1]):$uid\]/si", '<OL TYPE="\1">', $text);
// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
$text = str_replace("[quote:$uid]", '<TABLE BORDER="0" ALIGN="CENTER" WIDTH="85%"><TR><TD><font size="-1">Quote:</font><HR></TD></TR><TR><TD><FONT SIZE="-1"><BLOCKQUOTE>', $text);
$text = str_replace("[/quote:$uid]", '</BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE>', $text);
// [b] and [/b] for bolding text.
$text = str_replace("[b:$uid]", '<B>', $text);
$text = str_replace("[/b:$uid]", '</B>', $text);
// [i] and [/i] for italicizing text.
$text = str_replace("[i:$uid]", '<I>', $text);
$text = str_replace("[/i:$uid]", '</I>', $text);
// [img]image_url_here[/img] code..
$text = str_replace("[img:$uid]", '<IMG SRC="', $text);
$text = str_replace("[/img:$uid]", '" BORDER="0"></IMG>', $text);
// Patterns and replacements for URL and email tags..
$patterns = array();
$replacements = array();
// [url]xxxx://www.phpbb.com[/url] code..
$patterns[0] = "#\[url\]([a-z]+?://){1}(.*?)\[/url\]#si";
$replacements[0] = '<A HREF="\1\2" TARGET="_blank">\1\2</A>';
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
$patterns[1] = "#\[url\](.*?)\[/url\]#si";
$replacements[1] = '<A HREF="http://\1" TARGET="_blank">\1</A>';
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
$patterns[2] = "#\[url=([a-z]+?://){1}(.*?)\](.*?)\[/url\]#si";
$replacements[2] = '<A HREF="\1\2" TARGET="_blank">\3</A>';
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
$patterns[3] = "#\[url=(.*?)\](.*?)\[/url\]#si";
$replacements[3] = '<A HREF="http://\1" TARGET="_blank">\2</A>';
// [email]user@domain.tld[/email] code..
$patterns[4] = "#\[email\](.*?)\[/email\]#si";
$replacements[4] = '<A HREF="mailto:\1">\1</A>';
$text = preg_replace($patterns, $replacements, $text);
// Remove our padding from the string..
$text = substr($text, 1);
return $text;
} // bbencode_second_pass()
function make_bbcode_uid()
{
// Unique ID for this message..
$uid = md5(uniqid(rand()));
$uid = substr($uid, 0, BBCODE_UID_LEN);
return $uid;
}
function bbencode_first_pass($text, $uid)
{
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
$text = " " . $text;
// [CODE] and [/CODE] for posting code (HTML, PHP, C etc etc) in your posts.
$text = bbencode_first_pass_pda($text, $uid, '[code]', '[/code]', '', true, '');
// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
$text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, '');
// [list] and [list=x] for (un)ordered lists.
$open_tag = array();
$open_tag[0] = "[list]";
// unordered..
$text = bbencode_first_pass_pda($text, $uid, $open_tag, "[/list]", "[/list:u]", false, 'replace_listitems');
$open_tag[0] = "[list=1]";
$open_tag[1] = "[list=a]";
// ordered.
$text = bbencode_first_pass_pda($text, $uid, $open_tag, "[/list]", "[/list:o]", false, 'replace_listitems');
// [b] and [/b] for bolding text.
$text = preg_replace("#\[b\](.*?)\[/b\]#si", "[b:$uid]\\1[/b:$uid]", $text);
// [i] and [/i] for italicizing text.
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
$text = preg_replace("#\[img\](.*?)\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
// Remove our padding from the string..
$text = substr($text, 1);
// Add the uid tag to the start of the string..
//$text = '[uid=' . $uid . ']' . $text;
return $text;
} // bbencode_first_pass()
/**
* $text - The text to operate on.
* $uid - The UID to add to matching tags.
* $open_tag - The opening tag to match. Can be an array of opening tags.
* $close_tag - The closing tag to match.
* $close_tag_new - The closing tag to replace with.
* $mark_lowest_level - boolean - should we specially mark the tags that occur
* at the lowest level of nesting? (useful for [code], because
* we need to match these tags first and transform HTML tags
* in their contents..
* $func - This variable should contain a string that is the name of a function.
* That function will be called when a match is found, and passed 2
* parameters: ($text, $uid). The function should return a string.
* This is used when some transformation needs to be applied to the
* text INSIDE a pair of matching tags. If this variable is FALSE or the
* empty string, it will not be executed.
* If open_tag is an array, then the pda will try to match pairs consisting of
* any element of open_tag followed by close_tag. This allows us to match things
* like [list=A]...[/list] and [list=1]...[/list] in one pass of the PDA.
*
* NOTES: - this function assumes the first character of $text is a space.
* - every opening tag and closing tag must be of the [...] format.
*/
function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_new, $mark_lowest_level, $func)
{
$open_tag_count = 0;
$open_tag_length = array();
if (!$close_tag_new || ($close_tag_new == ''))
{
$close_tag_new = $close_tag;
}
$close_tag_length = strlen($close_tag);
$close_tag_new_length = strlen($close_tag_new);
$uid_length = strlen($uid);
$use_function_pointer = ($func && ($func != ''));
$stack = array();
if (is_array($open_tag))
{
if (0 == count($open_tag))
{
// No opening tags to match, so return.
return $text;
}
for ($i = 0; $i < count($open_tag); $i++)
{
++$open_tag_count;
$open_tag_length[$i] = strlen($open_tag[$i]);
}
}
else
{
// only one opening tag. make it into a 1-element array.
$open_tag_temp = $open_tag;
$open_tag = array();
$open_tag[0] = $open_tag_temp;
$open_tag_length[0] = strlen($open_tag[0]);
$open_tag_count = 1;
}
// Start at the 2nd char of the string, looking for opening tags.
$curr_pos = 1;
while ($curr_pos && ($curr_pos < strlen($text)))
{
$curr_pos = strpos($text, "[", $curr_pos);
// If not found, $curr_pos will be 0, and the loop will end.
if ($curr_pos)
{
// We found a [. It starts at $curr_pos.
// check if it's a starting or ending tag.
$found_start = false;
$which_start_tag = -1;
for ($i = 0; $i < $open_tag_count; $i++)
{
$possible_start = substr($text, $curr_pos, $open_tag_length[$i]);
if (0 == strcasecmp($open_tag[$i], $possible_start))
{
$found_start = true;
$which_start_tag = $i;
break;
}
}
if ($found_start)
{
// We have an opening tag.
// Push its position and length on to the stack, and then keep going to the right.
$match = array("pos" => $curr_pos, "tag" => $which_start_tag);
bbcode_array_push($stack, $match);
++$curr_pos;
}
else
{
// check for a closing tag..
$possible_end = substr($text, $curr_pos, $close_tag_length);
if (0 == strcasecmp($close_tag, $possible_end))
{
// We have an ending tag.
// Check if we've already found a matching starting tag.
if (sizeof($stack) > 0)
{
// There exists a starting tag.
$curr_nesting_depth = sizeof($stack);
// We need to do 2 replacements now.
$match = bbcode_array_pop($stack);
$start_index = $match['pos'];
$which_start_tag = $match['tag'];
$start_length = $open_tag_length[$which_start_tag];
$start_tag = $open_tag[$which_start_tag];
// everything before the opening tag.
$before_start_tag = substr($text, 0, $start_index);
// everything after the opening tag, but before the closing tag.
$between_tags = substr($text, $start_index + $start_length, $curr_pos - $start_index - $start_length);
// Run the given function on the text between the tags..
if ($use_function_pointer)
{
$between_tags = $func($between_tags, $uid);
}
// everything after the closing tag.
$after_end_tag = substr($text, $curr_pos + $close_tag_length);
// Mark the lowest nesting level if needed.
if ($mark_lowest_level && ($curr_nesting_depth == 1))
{
$text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$curr_nesting_depth:$uid]";
$text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$curr_nesting_depth:$uid]";
}
else
{
$text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$uid]";
$text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$uid]";
}
$text .= $after_end_tag;
// Now.. we've screwed up the indices by changing the length of the string.
// So, if there's anything in the stack, we want to resume searching just after it.
// otherwise, we go back to the start.
if (sizeof($stack) > 0)
{
$match = bbcode_array_pop($stack);
$curr_pos = $match['pos'];
bbcode_array_push($stack, $match);
++$curr_pos;
}
else
{
$curr_pos = 1;
}
}
else
{
// No matching start tag found. Increment pos, keep going.
++$curr_pos;
}
}
else
{
// No starting tag or ending tag.. Increment pos, keep looping.,
++$curr_pos;
}
}
}
} // while
return $text;
} // bbencode_first_pass_pda()
/**
* Does second-pass bbencoding of the [code] tags. This includes
* running htmlspecialchars() over the text contained between
* any pair of [code] tags that are at the first level of
* nesting. Tags at the first level of nesting are indicated
* by this format: [code:1:$uid] ... [/code:1:$uid]
* Other tags are in this format: [code:$uid] ... [/code:$uid]
*/
function bbencode_second_pass_code($text, $uid)
{
$code_start_html = '<TABLE BORDER="0" ALIGN="CENTER" WIDTH="85%"><TR><TD><font size="-1">Code:</font><HR></TD></TR><TR><TD><FONT SIZE="-1"><PRE>';
$code_end_html = '</PRE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE>';
// First, do all the 1st-level matches. These need an htmlspecialchars() run,
// so they have to be handled differently.
$match_count = preg_match_all("#\[code:1:$uid\](.*?)\[/code:1:$uid\]#si", $text, $matches);
for ($i = 0; $i < $match_count; $i++)
{
$before_replace = $matches[1][$i];
$after_replace = $matches[1][$i];
$after_replace = htmlspecialchars($after_replace);
$str_to_match = "[code:1:$uid]" . $before_replace . "[/code:1:$uid]";
$replacement = $code_start_html;
$replacement .= $after_replace;
$replacement .= $code_end_html;
$text = str_replace($str_to_match, $replacement, $text);
}
// Now, do all the non-first-level matches. These are simple.
$text = str_replace("[code:$uid]", $code_start_html, $text);
$text = str_replace("[/code:$uid]", $code_end_html, $text);
return $text;
} // bbencode_second_pass_code()
/**
* Rewritten by Nathan Codding - Feb 6, 2001.
* - Goes through the given string, and replaces xxxx://yyyy with an HTML <a> tag linking
* to that URL
* - Goes through the given string, and replaces www.xxxx.yyyy[zzzz] with an HTML <a> tag linking
* to http://www.xxxx.yyyy[/zzzz]
* - Goes through the given string, and replaces xxxx@yyyy with an HTML mailto: tag linking
* to that email address
* - Only matches these 2 patterns either after a space, or at the beginning of a line
*
* Notes: the email one might get annoying - it's easy to make it more restrictive, though.. maybe
* have it require something like xxxx@yyyy.zzzz or such. We'll see.
*/
function make_clickable($text)
{
// pad it with a space so we can match things at the start of the 1st line.
$ret = " " . $text;
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, or comma.
$ret = preg_replace("#([\n ])([a-z]+?)://([^, \n\r]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// yyyy contains either alphanum, "-", or "."
// zzzz is optional.. will contain everything up to the first space, newline, or comma.
// This is slightly restrictive - it's not going to match stuff like "forums.foo.com"
// This is to keep it from getting annoying and matching stuff that's not meant to be a link.
$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^, \n\r]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: before the @ sign, the only valid characters are the alphanums and "-", "_", or ".".
// After the @ sign, we accept anything up to the first space, linebreak, or comma.
$ret = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([^, \n\r]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret);
// Remove our padding..
$ret = substr($ret, 1);
return($ret);
}
/**
* This is used to change a [*] tag into a [*:$uid] tag as part
* of the first-pass bbencoding of [list] tags. It fits the
* standard required in order to be passed as a variable
* function into bbencode_first_pass_pda().
*/
function replace_listitems($text, $uid)
{
$text = str_replace("[*]", "[*:$uid]", $text);
return $text;
}
/**
* Escapes the "/" character with "\/". This is useful when you need
* to stick a runtime string into a PREG regexp that is being delimited
* with slashes.
*/
function escape_slashes($input)
{
$output = str_replace('/', '\/', $input);
return $output;
}
/**
* This function does exactly what the PHP4 function array_push() does
* however, to keep phpBB compatable with PHP 3 we had to come up with our own
* method of doing it.
*/
function bbcode_array_push(&$stack, $value) {
$stack[] = $value;
return(sizeof($stack));
}
/**
* This function does exactly what the PHP4 function array_pop() does
* however, to keep phpBB compatable with PHP 3 we had to come up with our own
* method of doing it.
*/
function bbcode_array_pop(&$stack) {
$arrSize = count($stack);
$x = 1;
while(list($key, $val) = each($stack))
{
if($x < count($stack))
{
$tmpArr[] = $val;
}
else
{
$return_val = $val;
}
$x++;
}
$stack = $tmpArr;
return($return_val);
}
?>

96
phpBB/functions/error.php
View File

@ -1,96 +0,0 @@
<?php
/***************************************************************************
* error.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
function error_die($error_code, $error_msg = "", $line = "", $file = "")
{
global $db, $template, $phpEx, $default_lang;
global $table_bgcolor, $color1;
global $starttime, $phpbbversion;
if(!defined("HEADER_INC"))
{
if(!empty($default_lang))
{
include('language/lang_'.$default_lang.'.'.$phpEx);
}
else
{
include('language/lang_english.'.$phpEx);
}
include('includes/page_header.'.$phpEx);
}
if(!$error_msg)
{
switch($error_code)
{
case GENERAL_ERROR:
if(!$error_msg)
{
$error_msg = "An Error Occured";
}
break;
case SQL_CONNECT:
$db_error = $db->sql_error();
$error_msg .= "<br />SQL connect error - " . $db_error["message"];
break;
case BANNED:
$error_msg = "You have been banned from this forum.";
break;
case SQL_QUERY:
$db_error = $db->sql_error();
$error_msg .= "<br />SQL query error - ".$db_error["message"];
break;
case SESSION_CREATE:
$error_msg = "Error creating session. Could not log you in. Please go back and try again.";
break;
case NO_POSTS:
$error_msg = "There are no posts in this forum. Click on the <b>Post New Topic</b> link on this page to post one.";
break;
case LOGIN_FAILED:
$error_msg = "Login Failed. You have specified an incorrect/inactive username or invalid password, please go back and try again.";
break;
}
}
if(DEBUG)
{
if($line != "" && $file != "")
$error_msg .= "<br /><br /><u>DEBUG INFO</u></br /><br>Line: ".$line."<br />File: ".$file;
}
$template->set_filenames(array("error_body" => "error_body.tpl"));
$template->assign_vars(array("ERROR_MESSAGE" => $error_msg));
$template->pparse("error_body");
include('includes/page_tail.'.$phpEx);
exit();
}
?>

420
phpBB/functions/functions.php
View File

@ -1,420 +0,0 @@
<?php
/***************************************************************************
* functions.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
function get_db_stat($db, $mode)
{
switch($mode){
case 'postcount':
$sql = 'SELECT count(*) AS total FROM '.POSTS_TABLE;
break;
case 'usercount':
$sql = 'SELECT count(*) AS total
FROM '. USERS_TABLE .'
WHERE user_id != '.ANONYMOUS.'
AND user_level != '.DELETED;
break;
case 'newestuser':
$sql = 'SELECT user_id, username
FROM '.USERS_TABLE.'
WHERE user_id != ' . ANONYMOUS. '
AND user_level != '. DELETED .'
ORDER BY user_id DESC LIMIT 1';
break;
case 'usersonline':
$sql = "SELECT COUNT(*) AS online FROM ".SESSIONS_TABLE;
break;
}
if(!$result = $db->sql_query($sql))
{
return 'ERROR';
}
else
{
$row = $db->sql_fetchrow($result);
if($mode == 'newestuser')
{
return($row);
}
else if($mode == "usersonline")
{
return ($row['online']);
}
else
{
return($row['total']);
}
}
}
function make_jumpbox($db)
{
global $l_jumpto, $l_noforums, $l_nocategories;
$sql = "SELECT c.*
FROM ".CATEGORIES_TABLE." c, ".FORUMS_TABLE." f
WHERE f.cat_id = c.cat_id
GROUP BY c.cat_id, c.cat_title, c.cat_order
ORDER BY c.cat_order";
if(!$q_categories = $db->sql_query($sql))
{
$db_error = $db->sql_error();
error_die(SQL_QUERY, "Couldn't obtain category list.", __LINE__, __FILE__);
}
$total_categories = $db->sql_numrows();
if($total_categories)
{
$category_rows = $db->sql_fetchrowset($q_categories);
$limit_forums = "";
$sql = "SELECT *
FROM ".FORUMS_TABLE."
ORDER BY cat_id, forum_order";
if(!$q_forums = $db->sql_query($sql))
{
error_die(SQL_QUERY, "Couldn't obtain forums information.", __LINE__, __FILE__);
}
$total_forums = $db->sql_numrows($q_forums);
$forum_rows = $db->sql_fetchrowset($q_forums);
$boxstring = '';
for($i = 0; $i < $total_categories; $i++)
{
$boxstring .= "<option value=\"-1\">&nbsp;</option>\n";
$boxstring .= "<option value=\"-1\">".stripslashes($category_rows[$i]["cat_title"])."</OPTION>\n";
$boxstring .= "<option value=\"-1\">----------------</OPTION>\n";
if($total_forums)
{
for($y = 0; $y < $total_forums; $y++)
{
if( $forum_rows[$y]["cat_id"] == $category_rows[$i]["cat_id"] )
{
$name = stripslashes($forum_rows[$y]["forum_name"]);
$boxstring .= "<option value=\"".$forum_rows[$y]["forum_id"]."\">$name</OPTION>\n";
}
}
}
else
{
$boxstring .= "<option value=\"-1\">-- ! No Forums ! --</option>\n";
}
}
}
else
{
$boxstring .= "<option value=\"-1\">-- ! No Categories ! --</option>\n";
}
return($boxstring);
}
function language_select($default, $name="language", $dirname="language/")
{
global $phpEx;
$dir = opendir($dirname);
$lang_select = "<select name=\"$name\">\n";
while ($file = readdir($dir))
{
if (ereg("^lang_", $file))
{
$file = str_replace("lang_", "", $file);
$file = str_replace(".$phpEx", "", $file);
$file == $default ? $selected = " SELECTED" : $selected = "";
$lang_select .= " <option$selected>$file\n";
}
}
$lang_select .= "</select>\n";
closedir($dir);
return $lang_select;
}
function theme_select($default, $db)
{
$sql = "SELECT theme_id, theme_name FROM ".THEMES_TABLE." ORDER BY theme_name";
if($result = $db->sql_query($sql))
{
$num = $db->sql_numrows($result);
$rowset = $db->sql_fetchrowset($result);
$theme_select = "<select name=\"theme\">\n";
for($i = 0; $i < $num; $i++)
{
if((stripslashes($rowset[$i]["theme_name"]) == $default) || ($rowset[$i]["theme_id"] == $default))
{
$selected = " SELECTED";
}
else
{
$selected = "";
}
$theme_select .= "\t<option value=\"".$rowset[$i]["theme_id"]."\"$selected>".stripslashes($rowset[$i]["theme_name"])."</option>\n";
}
$theme_select .= "</select>\n";
}
else
{
$theme_select = "<select name=\"theme\"><option value=\"-1\">Error in theme_select</option></select>";
}
return($theme_select);
}
//
// Initialise user settings on page load
//
function init_userprefs($userdata)
{
global $override_user_theme;
global $bgcolor, $table_bgcolor, $textcolor, $category_title, $table_header;
global $color1, $color2, $header_image, $newtopic_image;
global $reply_locked_image, $reply_image, $linkcolor, $vlinkcolor;
global $default_lang, $date_format, $sys_timezone;
if(!$override_user_theme)
{
if($userdata['user_id'] != ANONYMOUS || $userdata['user_id'] != DELETED)
{
$theme = setuptheme($userdata["user_theme"]);
}
else
{
$theme = setuptheme($default_theme);
}
}
else
{
$theme = setuptheme($override_user_theme);
}
if($theme)
{
$bgcolor = $theme["bgcolor"];
$table_bgcolor = $theme["table_bgcolor"];
$textcolor = $theme["textcolor"];
$category_title = $theme["category_title"];
$table_header = $theme["table_header"];
$color1 = $theme["color1"];
$color2 = $theme["color2"];
$header_image = $theme["header_image"];
$newtopic_image = $theme["newtopic_image"];
$reply_locked_image = $theme["reply_locked_image"];
$reply_image = $theme["reply_image"];
$linkcolor = $theme["linkcolor"];
$vlinkcolor = $theme["vlinkcolor"];
}
if($userdata["user_lang"] != "")
{
$default_lang = $userdata["user_lang"];
}
if($userdata["user_dateformat"] != "")
{
$date_format = $userdata["user_dateformat"];
}
if($userdata["user_timezone"])
{
$sys_timezone = $userdata["user_timezone"];
}
// Include the appropriate language file ... if it exists.
if(!strstr($PHP_SELF, "admin"))
{
if(file_exists('language/lang_'.$default_lang.'.'.$phpEx))
{
include('language/lang_'.$default_lang.'.'.$phpEx);
}
}
else
{
if(strstr($PHP_SELF, "topicadmin"))
{
include('language/lang_'.$default_lang.'.'.$phpEx);
}
else
{
include('../language/lang_'.$default_lang.'.'.$phpEx);
}
}
return;
}
function setuptheme($theme)
{
global $db;
$sql = "SELECT *
FROM ".THEMES_TABLE."
WHERE theme_id = '$theme'";
if(!$result = $db->sql_query($sql))
return(0);
if(!$myrow = $db->sql_fetchrow($result))
return(0);
return($myrow);
}
function tz_select($default)
{
global $board_tz;
if(!isset($default))
{
$default == $board_tz;
}
$tz_select = "<select name=\"timezone\">";
$tz_array = array(
"-12" => "(GMT -12:00 hours) Eniwetok, Kwajalein",
"-11" => "(GMT -11:00 hours) Midway Island, Samoa",
"-10" => "(GMT -10:00 hours) Hawaii",
"-9" => "(GMT -9:00 hours) Alaska",
"-8" => "(GMT -8:00 hours) Pacific Time (US & Canada)",
"-7" => "(GMT -7:00 hours) Mountain Time (US & Canada)",
"-6" => "(GMT -6:00 hours) Central Time (US & Canada), Mexico City",
"-5" => "(GMT -5:00 hours) Eastern Time (US & Canada), Bogota, Lima, Quito",
"-4" => "(GMT -4:00 hours) Atlantic Time (Canada), Caracas, La Paz",
"-3.5" => "(GMT -3:30 hours) Newfoundland",
"-3" => "(GMT -3:00 hours) Brazil, Buenos Aires, Georgetown",
"-2" => "(GMT -2:00 hours) Mid-Atlantic, Ascension Is., St. Helena, ",
"-1" => "(GMT -1:00 hours) Azores, Cape Verde Islands",
"0" => "(GMT) Casablanca, Dublin, Edinburgh, London, Lisbon, Monrovia",
"+1" => "(GMT +1:00 hours) CET, Berlin, Brussels, Copenhagen, Madrid, Paris, Rome",
"+2" => "(GMT +2:00 hours) EET, Kaliningrad, South Africa, Warsaw",
"+3" => "(GMT +3:00 hours) Baghdad, Kuwait, Riyadh, Moscow, St. Petersburg, Volgograd, Nairobi",
"+3.5" => "(GMT +3:30 hours) Tehran",
"+4" => "(GMT +4:00 hours) Abu Dhabi, Baku, Muscat, Tbilisi",
"+4.5" => "(GMT +4:30 hours) Kabul",
"+5" => "(GMT +5:00 hours) Ekaterinburg, Islamabad, Karachi, Tashkent",
"+5.5" => "(GMT +5:30 hours) Bombay, Calcutta, Madras, New Delhi",
"+6" => "(GMT +6:00 hours) Almaty, Colombo, Dhaka",
"+7" => "(GMT +7:00 hours) Bangkok, Hanoi, Jakarta",
"+8" => "(GMT +8:00 hours) Beijing, Perth, Singapore, Hong Kong, Chongqing, Urumqi, Taipei",
"+9" => "(GMT +9:00 hours) Tokyo, Seoul, Osaka, Sapporo, Yakutsk",
"+9.5" => "(GMT +9:30 hours) Adelaide, Darwin",
"+10" => "(GMT +10:00 hours) EAST (East Australian Standard), Guam, Papua New Guinea, Vladivostok",
"+11" => "(GMT +11:00 hours) Magadan, Solomon Islands, New Caledonia",
"+12" => "(GMT +12:00 hours) Auckland, Wellington, Fiji, Kamchatka, Marshall Island");
while(list($offset, $zone) = each($tz_array))
{
if($offset == $default)
{
$selected = " SELECTED";
}
else
{
$selected = "";
}
$tz_select .= "\t<option value=\"$offset\"$selected>$zone</option>\n";
}
$tz_select .= "</select>\n";
return($tz_select);
}
function validate_username(&$username, $db)
{
$username = trim($username);
$username = strip_tags($username);
$username = htmlspecialchars($username);
if(empty($username))
{
return(FALSE);
}
$valid_name = TRUE;
$sql = "SELECT LOWER(username) FROM ".USERS_TABLE." WHERE username = '$username'";
if($result = $db->sql_query($sql))
{
if( ($numrows = $db->sql_numrows($result) ) > 0)
{
$valid_name = FALSE;
}
}
$sql = "SELECT disallow_username FROM ".DISALLOW_TABLE." WHERE disallow_username = '$username'";
if($result = $db->sql_query($sql))
{
if(($numrows = $db->sql_numrows($result)) > 0)
{
$valid_name = FALSE;
}
}
return($valid_name);
}
function generate_activation_key()
{
$chars = array(
"a","A","b","B","c","C","d","D","e","E","f","F","g","G","h","H","i","I","j","J",
"k","K","l","L","m","M","n","N","o","O","p","P","q","Q","r","R","s","S","t","T",
"u","U","v","V","w","W","x","X","y","Y","z","Z","1","2","3","4","5","6","7","8",
"9","0"
);
$max_elements = count($chars) - 1;
srand((double)microtime()*1000000);
$act_key = $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key .= $chars[rand(0,$max_elements)];
$act_key_md = md5($act_key);
return($act_key_md);
}
function encode_ip($dotquad_ip)
{
$ip_sep = explode(".", $dotquad_ip);
$return = sprintf("%02x%02x%02x%02x", $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
//return (( $ip_sep[0] * 0xFFFFFF + $ip_sep[0] ) + ( $ip_sep[1] * 0xFFFF + $ip_sep[1] ) + ( $ip_sep[2] * 0xFF + $ip_sep[2] ) + ( $ip_sep[3] ) );
return($return);
}
function decode_ip($int_ip)
{
$hexipbang = explode(".",chunk_split($int_ip, 2, "."));
return hexdec($hexipbang[0]).".".hexdec($hexipbang[1]).".".hexdec($hexipbang[2]).".".hexdec($hexipbang[3]);
//return sprintf( "%d.%d.%d.%d", ( ( $int_ip >> 24 ) & 0xFF ), ( ( $int_ip >> 16 ) & 0xFF ), ( ( $int_ip >> 8 ) & 0xFF ), ( ( $int_ip ) & 0xFF ) );
}
//
// Create date/time from format and timezone
//
function create_date($format, $gmepoch, $tz)
{
return (gmdate($format, $gmepoch + (3600 * $tz)));
}
?>

26
phpBB/functions/post.php
View File

@ -1,26 +0,0 @@
'<?php
/***************************************************************************
*
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
?>

355
phpBB/functions/sessions.php
View File

@ -1,355 +0,0 @@
<?php
/***************************************************************************
* sessions.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
//
// session_begin()
//
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
function session_begin($user_id, $user_ip, $page_id, $session_length, $login = 0, $password = "")
{
global $db;
global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
global $HTTP_COOKIE_VARS;
$current_time = time();
$expiry_time = $current_time - $session_length;
$int_ip = encode_ip($user_ip);
//
// Initial ban check against IP and userid
//
$sql = "SELECT ban_ip, ban_userid
FROM ".BANLIST_TABLE."
WHERE (ban_ip = '$int_ip' OR ban_userid = '$user_id')
AND (ban_start < $current_time AND ban_end > $current_time )";
$result = $db->sql_query($sql);
if (!$result)
{
error_die(SQL_QUERY, "Couldn't obtain ban information.", __LINE__, __FILE__);
}
$ban_info = $db->sql_fetchrow($result);
//
// Check for user and ip ban ...
//
if($ban_info['ban_ip'] || $ban_info['ban_userid'])
{
error_die(AUTH_BANNED);
}
else
{
if($user_id == ANONYMOUS)
{
$login = 0;
}
$sql = "UPDATE ".SESSIONS_TABLE."
SET session_user_id = $user_id, session_time = $current_time, session_page = $page_id, session_logged_in = $login
WHERE (session_id = ".$HTTP_COOKIE_VARS[$cookiename]['sessionid'].")
AND (session_ip = '$int_ip')";
$result = $db->sql_query($sql);
if(!$result || !$db->sql_affectedrows())
{
mt_srand( (double) microtime() * 1000000);
$session_id = mt_rand();
$sql = "INSERT INTO ".SESSIONS_TABLE."
(session_id, session_user_id, session_time, session_ip, session_page, session_logged_in)
VALUES
($session_id, $user_id, $current_time, '$int_ip', $page_id, $login)";
$result = $db->sql_query($sql);
if(!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error creating new session : session_begin", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
setcookie($cookiename."[sessionid]", $session_id, $session_length, $cookiepath, $cookiedomain, $cookiesecure);
}
else
{
$session_id = $HTTP_COOKIE_VARS[$cookiename]['sessionid'];
}
if(!empty($password) && AUTOLOGON)
{
setcookie($cookiename."[useridref]", $password, $cookielife, $cookiepath, $cookiedomain, $cookiesecure);
}
setcookie($cookiename."[userid]", $user_id, $cookielife, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename."[sessionstart]", $current_time, $cookielife, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename."[sessiontime]", $current_time, $session_length, $cookiepath, $cookiedomain, $cookiesecure);
}
return $session_id;
} // session_begin
//
// Checks for a given user session, tidies session
// table and updates user sessions at each page refresh
//
function session_pagestart($user_ip, $thispage_id, $session_length)
{
global $db;
global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
global $HTTP_COOKIE_VARS;
unset($userdata);
$current_time = time();
$int_ip = encode_ip($user_ip);
//
// Delete expired sessions
//
$expiry_time = $current_time - $session_length;
$sql = "DELETE FROM ".SESSIONS_TABLE."
WHERE session_time < $expiry_time";
$result = $db->sql_query($sql);
if(!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error clearing sessions table : session_pagestart", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
if(isset($HTTP_COOKIE_VARS[$cookiename]['userid']))
{
//
// userid exists so go ahead and grab all
// data in preparation
//
$userid = $HTTP_COOKIE_VARS[$cookiename]['userid'];
$sql = "SELECT u.*, s.session_id, s.session_time, s.session_logged_in, b.ban_ip, b.ban_userid
FROM ".USERS_TABLE." u
LEFT JOIN ".BANLIST_TABLE." b ON ( (b.ban_ip = '$int_ip' OR b.ban_userid = u.user_id)
AND ( b.ban_start < $current_time AND b.ban_end > $current_time ) )
LEFT JOIN ".SESSIONS_TABLE." s ON ( u.user_id = s.session_user_id AND s.session_ip = '$int_ip' )
WHERE u.user_id = $userid";
$result = $db->sql_query($sql);
if (!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error doing DB query userdata row fetch : session_pagestart", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
$userdata = $db->sql_fetchrow($result);
}
if($userdata['user_id'] != ''){ // The ID in the cookie was really in the DB.
//
// Check for user and ip ban ...
//
if($userdata['ban_ip'] || $userdata['ban_userid'])
{
error_die(BANNED);
}
//
// Now, check to see if a session exists.
// If it does then update it, if it doesn't
// then create one.
//
if(isset($HTTP_COOKIE_VARS[$cookiename]['sessionid']))
{
//
// Is the id the same as that in the cookie?
// If it is then we see if it needs updating
//
if($HTTP_COOKIE_VARS[$cookiename]['sessionid'] == $userdata['session_id'])
{
//
// Only update session DB a minute or so after last update
//
if($current_time - $userdata['session_time'] > 60)
{
$sql = "UPDATE ".SESSIONS_TABLE."
SET session_time = '$current_time', session_page = '$thispage_id'
WHERE (session_id = ".$userdata['session_id'].")
AND (session_ip = '$int_ip')
AND (session_user_id = ".$userdata['user_id'].")";
$result = $db->sql_query($sql);
if(!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error updating sessions table : session_pagestart", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
else
{
//
// Update was success, send current time to cookie
// and return userdata
//
setcookie($cookiename."[sessiontime]", $current_time, $session_length, $cookiepath, $cookiedomain, $cookiesecure);
return $userdata;
} // if (affectedrows)
} // if (current_time)
//
// We didn't need to update session
// so just return userdata
//
return $userdata;
} // if (cookie session_id = DB session id)
} // if session_id cookie set
//
// If we reach here then we have a valid
// user_id set in the cookie but no
// active session. So, try and create
// new session (uses AUTOLOGON to determine
// if user should be logged back on automatically)
//
if(AUTOLOGON && isset($HTTP_COOKIE_VARS[$cookiename]['useridref']))
{
if($HTTP_COOKIE_VARS[$cookiename]['useridref'] == $userdata['user_password'])
{
$autologon = 1;
$password = $userdata['user_password'];
$userdata['session_logged_in'] = 1;
}
else
{
$autologon = 0;
$password = "";
$userdata['session_logged_in'] = 0;
}
}
else
{
$autologon = 0;
$password = "";
$userdata['session_logged_in'] = 0;
}
$result = session_begin($userdata['user_id'], $user_ip, $thispage_id, $session_length, $autologon, $password);
if(!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error creating ".$userdata['user_id']." session : session_pagestart", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
}
else
{
//
// No userid cookie exists so we'll
// set up a new anonymous session
//
$result = session_begin(ANONYMOUS, $user_ip, $thispage_id, $session_length, 0);
if(!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Error creating anonymous session : session_pagestart", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
$userdata['session_logged_in'] = 0;
}
return $userdata;
} // session_check()
//
// session_end closes out a session
// deleting the corresponding entry
// in the sessions table
//
function session_end($session_id, $user_id)
{
global $db;
global $cookiename, $cookiedomain, $cookiepath, $cookiesecure, $cookielife;
$current_time = time();
$sql = "DELETE FROM ".SESSIONS_TABLE."
WHERE (session_user_id = $user_id)
AND (session_id = $session_id)";
$result = $db->sql_query($sql, $db);
if (!$result)
{
if(DEBUG)
{
error_die(SQL_QUERY, "Couldn't delete user session : session_eng()", __LINE__, __FILE__);
}
else
{
error_die(SESSION_CREATE);
}
}
setcookie($cookiename."[sessionid]", "");
setcookie($cookiename."[sessionend]", $current_time, $cookielife, $cookiepath, $cookiedomain, $cookiesecure);
return true;
} // session_end()
?>