mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-18 14:48:28 +01:00
Code Issues Releases Wiki Activity

Updates for permissions, sessions, lots of things ... note that _many_ things _do_not_work_ now ... I'm commiting them to stop people complaining about my holding on to everything :) There is _no_ update script at present for all these changes, you'll have to work out what's needed yourselves till I finish various things

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2673 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-07-14 14:45:26 +00:00
parent d03de47b51
commit 4bc4397f4a
14 changed files with 1317 additions and 1797 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

257
phpBB/common.php
View File

@ -8,7 +8,6 @@
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
@ -22,60 +21,23 @@
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
die('Hacking attempt');
}
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
// addslashes to vars if magic_quotes_gpc is off this is a security precaution
// to prevent someone trying to break out of a SQL statement.
//
function slash_input_data(&$data)
{
if ( is_array($data) )
{
while( list($k, $v) = each($data) )
{
$data[$k] = ( is_array($v) ) ? slash_input_data($v) : addslashes($v);
}
@reset($data);
}
return $data;
}
if ( !get_magic_quotes_gpc() )
{
$HTTP_GET_VARS = slash_input_data($HTTP_GET_VARS);
$HTTP_POST_VARS = slash_input_data($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = slash_input_data($HTTP_COOKIE_VARS);
}
//
// Define some basic configuration arrays this also prevents
// malicious rewriting of language and otherarray values via
// URI params
//
$board_config = array();
$userdata = array();
$theme = array();
$images = array();
$lang = array();
$gen_simple_header = FALSE;
require($phpbb_root_path . 'config.'.$phpEx);
if( !defined("PHPBB_INSTALLED") )
if ( !defined('PHPBB_INSTALLED') )
{
header("Location: install.$phpEx");
header('Location: install/install.'.$phpEx);
exit;
}
// Debug Level
define('DEBUG', 1); // Debugging on
//define('DEBUG', 0); // Debugging off
//
// Define some constants/variables
//
// User Levels <- Do not change the values of USER or ADMIN
define('ANONYMOUS', -1);
@ -83,55 +45,39 @@ define('USER', 0);
define('ADMIN', 1);
define('MOD', 2);
// User related
define('USER_ACTIVATION_NONE', 0);
define('USER_ACTIVATION_SELF', 1);
define('USER_ACTIVATION_ADMIN', 2);
define('USER_ACTIVATION_CLOSED', 3);
define('USER_AVATAR_NONE', 0);
define('USER_AVATAR_UPLOAD', 1);
define('USER_AVATAR_REMOTE', 2);
define('USER_AVATAR_GALLERY', 3);
// Group settings
define('GROUP_OPEN', 0);
define('GROUP_CLOSED', 1);
define('GROUP_HIDDEN', 2);
// Forum state
define('FORUM_UNLOCKED', 0);
define('FORUM_LOCKED', 1);
// Topic status
define('TOPIC_UNLOCKED', 0);
define('TOPIC_LOCKED', 1);
define('TOPIC_MOVED', 2);
define('TOPIC_WATCH_NOTIFIED', 1);
define('TOPIC_WATCH_UN_NOTIFIED', 0);
// Topic types
define('POST_NORMAL', 0);
define('POST_STICKY', 1);
define('POST_ANNOUNCE', 2);
define('POST_GLOBAL_ANNOUNCE', 3);
// SQL codes
define('BEGIN_TRANSACTION', 1);
define('END_TRANSACTION', 2);
// Error codes
define('GENERAL_MESSAGE', 200);
define('GENERAL_ERROR', 202);
define('CRITICAL_MESSAGE', 203);
define('CRITICAL_ERROR', 204);
define('MESSAGE', 200);
define('ERROR', 201);
// Private messaging
define('PRIVMSGS_READ_MAIL', 0);
@ -141,81 +87,41 @@ define('PRIVMSGS_SAVED_IN_MAIL', 3);
define('PRIVMSGS_SAVED_OUT_MAIL', 4);
define('PRIVMSGS_UNREAD_MAIL', 5);
// URL PARAMETERS
define('POST_TOPIC_URL', 't');
define('POST_CAT_URL', 'c');
define('POST_FORUM_URL', 'f');
define('POST_USERS_URL', 'u');
define('POST_POST_URL', 'p');
define('POST_GROUPS_URL', 'g');
// Session parameters
define('SESSION_METHOD_COOKIE', 100);
define('SESSION_METHOD_GET', 101);
// Page numbers for session handling
define('PAGE_INDEX', 0);
define('PAGE_LOGIN', -1);
define('PAGE_SEARCH', -2);
define('PAGE_REGISTER', -3);
define('PAGE_PROFILE', -4);
define('PAGE_VIEWONLINE', -6);
define('PAGE_VIEWMEMBERS', -7);
define('PAGE_FAQ', -8);
define('PAGE_POSTING', -9);
define('PAGE_PRIVMSGS', -10);
define('PAGE_GROUPCP', -11);
define('PAGE_TOPIC_OFFSET', 5000);
// Auth settings
define('AUTH_LIST_ALL', 0);
define('AUTH_ALL', 0);
define('AUTH_REG', 1);
define('AUTH_ACL', 2);
define('AUTH_MOD', 3);
define('AUTH_ADMIN', 5);
define('AUTH_VIEW', 1);
define('AUTH_READ', 2);
define('AUTH_POST', 3);
define('AUTH_REPLY', 4);
define('AUTH_EDIT', 5);
define('AUTH_DELETE', 6);
define('AUTH_ANNOUNCE', 7);
define('AUTH_STICKY', 8);
define('AUTH_POLLCREATE', 9);
define('AUTH_VOTE', 10);
define('AUTH_ATTACH', 11);
// Table names
define('AUTH_ACCESS_TABLE', $table_prefix.'auth_access');
define('ACL_GROUPS_TABLE', $table_prefix.'auth_groups');
define('ACL_OPTIONS_TABLE', $table_prefix.'auth_options');
define('ACL_PREFETCH_TABLE', $table_prefix.'auth_prefetch');
define('ACL_USERS_TABLE', $table_prefix.'auth_users');
define('BANLIST_TABLE', $table_prefix.'banlist');
define('CATEGORIES_TABLE', $table_prefix.'categories');
define('CATEGORIES_TABLE', $table_prefix.'categories'); //
define('CONFIG_TABLE', $table_prefix.'config');
define('DISALLOW_TABLE', $table_prefix.'disallow');
define('DISALLOW_TABLE', $table_prefix.'disallow'); //
define('FORUMS_TABLE', $table_prefix.'forums');
define('FORUMS_WATCH_TABLE', $table_prefix.'forums_watch');
define('GROUPS_TABLE', $table_prefix.'groups');
define('ICONS_TABLE', $table_prefix.'icons');
define('LOG_ADMIN_TABLE', $table_prefix.'log_admin');
define('LOG_MOD_TABLE', $table_prefix.'log_moderators');
define('POSTS_TABLE', $table_prefix.'posts');
define('POSTS_TEXT_TABLE', $table_prefix.'posts_text');
define('PRIVMSGS_TABLE', $table_prefix.'privmsgs');
define('PRIVMSGS_TEXT_TABLE', $table_prefix.'privmsgs_text');
define('PRIVMSGS_IGNORE_TABLE', $table_prefix.'privmsgs_ignore');
define('PRUNE_TABLE', $table_prefix.'forum_prune');
define('RANKS_TABLE', $table_prefix.'ranks');
define('SEARCH_TABLE', $table_prefix.'search_results');
define('SEARCH_WORD_TABLE', $table_prefix.'search_wordlist');
define('SEARCH_MATCH_TABLE', $table_prefix.'search_wordmatch');
define('SESSIONS_TABLE', $table_prefix.'sessions');
define('SMILIES_TABLE', $table_prefix.'smilies');
define('THEMES_TABLE', $table_prefix.'themes');
define('THEMES_NAME_TABLE', $table_prefix.'themes_name');
define('STYLES_TABLE', $table_prefix.'styles');
define('STYLES_TPL_TABLE', $table_prefix.'styles_template');
define('STYLES_CSS_TABLE', $table_prefix.'styles_theme');
define('STYLES_IMAGE_TABLE', $table_prefix.'styles_imageset');
define('TOPICS_TABLE', $table_prefix.'topics');
define('TOPICS_RATINGS_TABLE', $table_prefix.'topics_rating');
define('TOPICS_WATCH_TABLE', $table_prefix.'topics_watch');
define('USER_GROUP_TABLE', $table_prefix.'user_group');
define('USERS_TABLE', $table_prefix.'users');
@ -224,81 +130,41 @@ define('VOTE_DESC_TABLE', $table_prefix.'vote_desc');
define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');
include($phpbb_root_path . 'includes/template.'.$phpEx);
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
include($phpbb_root_path . 'includes/auth.'.$phpEx);
include($phpbb_root_path . 'includes/functions.'.$phpEx);
switch($dbms)
if ( !get_magic_quotes_gpc() )
{
case 'mysql':
include($phpbb_root_path . 'db/mysql.'.$phpEx);
break;
case 'mysql4':
include($phpbb_root_path . 'db/mysql4.'.$phpEx);
break;
case 'postgres':
include($phpbb_root_path . 'db/postgres7.'.$phpEx);
break;
case 'mssql':
include($phpbb_root_path . 'db/mssql.'.$phpEx);
break;
case 'oracle':
include($phpbb_root_path . 'db/oracle.'.$phpEx);
break;
case 'msaccess':
include($phpbb_root_path . 'db/msaccess.'.$phpEx);
break;
case 'mssql-odbc':
include($phpbb_root_path . 'db/mssql-odbc.'.$phpEx);
break;
$HTTP_GET_VARS = slash_input_data($HTTP_GET_VARS);
$HTTP_POST_VARS = slash_input_data($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = slash_input_data($HTTP_COOKIE_VARS);
}
// Make the database connection.
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
if ( !$db->db_connect_id )
{
message_die(CRITICAL_ERROR, "Could not connect to the database");
}
$board_config = array();
$userdata = array();
$theme = array();
$images = array();
$lang = array();
//
// Mozilla navigation bar
// Default items that should be valid on all pages.
// Defined here and not in page_header.php so they can be redefined in the code
// Include files
//
$nav_links['top'] = array (
'url' => append_sid($phpbb_root_dir."index.".$phpEx),
'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
);
$nav_links['search'] = array (
'url' => append_sid($phpbb_root_dir."search.".$phpEx),
'title' => $lang['Search']
);
$nav_links['help'] = array (
'url' => append_sid($phpbb_root_dir."faq.".$phpEx),
'title' => $lang['FAQ']
);
$nav_links['author'] = array (
'url' => append_sid($phpbb_root_dir."memberlist.".$phpEx),
'title' => $lang['Memberlist']
);
require($phpbb_root_path . 'includes/template.'.$phpEx);
require($phpbb_root_path . 'includes/session.'.$phpEx);
require($phpbb_root_path . 'includes/functions.'.$phpEx);
require($phpbb_root_path . 'db/' . $dbms . '.'.$phpEx);
$session = new session();
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false);
//
// Obtain and encode users IP
// Obtain users IP, not encoded in 2.2
//
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
if ( $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] != '' || $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'] != '' )
{
$user_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$x_ip = ( !empty($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']) ) ? $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] : $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'];
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
if ( preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/', $x_ip, $ip_list) )
{
$private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
$private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/');
$user_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
@ -308,18 +174,14 @@ else
}
//
// Setup forum wide options, if this fails
// then we output a CRITICAL_ERROR since
// Setup forum wide options, if this fails we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not query config information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
while($row = $db->sql_fetchrow($result))
while ( $row = $db->sql_fetchrow($result) )
{
$board_config[$row['config_name']] = $row['config_value'];
}
@ -329,7 +191,26 @@ while($row = $db->sql_fetchrow($result))
//
if ( $board_config['board_disable'] && !defined('IN_ADMIN') && !defined('IN_LOGIN') )
{
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
$message = ( !empty($board_config['board_disable_msg']) ) ? $board_config['board_disable_msg'] : 'Board_disable';
message_die(MESSAGE, $message, 'Information');
}
//
// addslashes to vars if magic_quotes_gpc is off this is a security precaution
// to prevent someone trying to break out of a SQL statement.
//
function slash_input_data(&$data)
{
if ( is_array($data) )
{
while ( list($k, $v) = each($data) )
{
$data[$k] = ( is_array($v) ) ? slash_input_data($v) : addslashes($v);
}
@reset($data);
}
return $data;
}
?>

33
phpBB/faq.php
View File

@ -28,16 +28,21 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_FAQ);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
//
// Configure style, language, etc.
//
$session->configure($userdata);
//
// Load the appropriate faq file
//
if( isset($HTTP_GET_VARS['mode']) )
if ( isset($HTTP_GET_VARS['mode']) )
{
switch( $HTTP_GET_VARS['mode'] )
{
@ -69,7 +74,7 @@ $faq_block_titles = array();
for($i = 0; $i < count($faq); $i++)
{
if( $faq[$i][0] != '--' )
if ( $faq[$i][0] != '--' )
{
$faq_block[$j][$counter]['id'] = $counter_2;
$faq_block[$j][$counter]['question'] = $faq[$i][0];
@ -91,14 +96,6 @@ for($i = 0; $i < count($faq); $i++)
//
// Lets build a page ...
//
$page_title = $l_title;
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'faq_body.tpl')
);
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'L_FAQ_TITLE' => $l_title,
'L_BACK_TO_TOP' => $lang['Back_to_top'])
@ -106,7 +103,7 @@ $template->assign_vars(array(
for($i = 0; $i < count($faq_block); $i++)
{
if( count($faq_block[$i]) )
if ( count($faq_block[$i]) )
{
$template->assign_block_vars('faq_block', array(
'BLOCK_TITLE' => $faq_block_titles[$i])
@ -121,6 +118,7 @@ for($i = 0; $i < count($faq_block); $i++)
$row_class = ( !($j % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('faq_block.faq_row', array(
'ROW_COUNT' => $j,
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FAQ_QUESTION' => $faq_block[$i][$j]['question'],
@ -130,6 +128,7 @@ for($i = 0; $i < count($faq_block); $i++)
);
$template->assign_block_vars('faq_block_link.faq_row_link', array(
'ROW_COUNT' => $j,
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FAQ_LINK' => $faq_block[$i][$j]['question'],
@ -140,7 +139,13 @@ for($i = 0; $i < count($faq_block); $i++)
}
}
$template->pparse('body');
$page_title = $l_title;
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'faq_body.html')
);
make_jumpbox('viewforum.'.$phpEx, $forum_id);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

84
phpBB/groupcp.php
View File

@ -111,8 +111,8 @@ function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_GROUPCP);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
@ -166,7 +166,7 @@ if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
@ -179,7 +179,7 @@ if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
$message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
$sql = "UPDATE " . GROUPS_TABLE . "
@ -187,7 +187,7 @@ if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
}
$template->assign_vars(array(
@ -196,7 +196,7 @@ if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
$message = $lang['Group_type_updated'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
@ -217,7 +217,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
AND ug.group_id = g.group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
@ -234,7 +234,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
$message = $lang['Already_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
} while ( $row = $db->sql_fetchrow($result) );
}
@ -246,19 +246,19 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
$message = $lang['This_closed_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
message_die(MESSAGE, $lang['No_groups_exist']);
}
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES ($group_id, " . $userdata['user_id'] . ", 1)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql);
message_die(ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql);
}
$sql = "SELECT u.user_email, u.username, u.user_lang, g.group_name
@ -267,7 +267,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
AND g.group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql);
message_die(ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql);
}
$moderator = $db->sql_fetchrow($result);
@ -298,7 +298,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
$message = $lang['Group_joined'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending']) && $group_id )
{
@ -322,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
AND group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql);
}
if ( $userdata['user_level'] != ADMIN && $userdata['user_level'] == MOD )
@ -334,7 +334,7 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
AND aa.auth_mod = 1";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
@ -344,7 +344,7 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
WHERE user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
}
@ -355,7 +355,7 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
$message = $lang['Usub_success'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
else
{
@ -437,7 +437,7 @@ else if ( $group_id )
}
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql);
}
if ( $group_info = $db->sql_fetchrow($result) )
@ -467,7 +467,7 @@ else if ( $group_id )
$message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
if ( isset($HTTP_POST_VARS['add']) )
@ -479,7 +479,7 @@ else if ( $group_id )
WHERE username = '" . str_replace("\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql);
message_die(ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
@ -490,7 +490,7 @@ else if ( $group_id )
$message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
if ( $row['user_id'] == ANONYMOUS )
@ -501,7 +501,7 @@ else if ( $group_id )
$message = $lang['Could_not_anon_user'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
$sql = "SELECT ug.user_id, u.user_level
@ -511,7 +511,7 @@ else if ( $group_id )
AND ug.group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql);
}
if ( !($db->sql_fetchrow($result)) )
@ -520,7 +520,7 @@ else if ( $group_id )
VALUES (" . $row['user_id'] . ", $group_id, 0)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql);
}
if ( $row['user_level'] != ADMIN && $row['user_level'] != MOD && $group_info['auth_mod'] )
@ -530,7 +530,7 @@ else if ( $group_id )
WHERE user_id = " . $row['user_id'];
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
@ -543,7 +543,7 @@ else if ( $group_id )
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($group_sql)) )
{
message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
message_die(ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
}
$group_name_row = $db->sql_fetchrow($result);
@ -578,7 +578,7 @@ else if ( $group_id )
$message = $lang['User_is_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
}
else
@ -604,7 +604,7 @@ else if ( $group_id )
AND user_level NOT IN (" . MOD . ", " . ADMIN . ")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
@ -629,7 +629,7 @@ else if ( $group_id )
ORDER BY ug.user_id, ug.group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
@ -659,7 +659,7 @@ else if ( $group_id )
AND user_level NOT IN (" . ADMIN . ")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
}
@ -672,7 +672,7 @@ else if ( $group_id )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql);
}
//
@ -682,7 +682,7 @@ else if ( $group_id )
{
if ( !($result = $db->sql_query($sql_select)) )
{
message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
}
$email_addresses = '';
@ -699,7 +699,7 @@ else if ( $group_id )
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($group_sql)) )
{
message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
message_die(ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
}
$group_name_row = $db->sql_fetchrow($result);
@ -734,7 +734,7 @@ else if ( $group_id )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
message_die(MESSAGE, $lang['No_groups_exist']);
}
//
@ -746,12 +746,12 @@ else if ( $group_id )
AND group_single_user = 0";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if ( !($group_info = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
message_die(MESSAGE, $lang['Group_not_exist']);
}
//
@ -762,7 +762,7 @@ else if ( $group_id )
WHERE user_id = " . $group_info['group_moderator'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
}
$group_moderator = $db->sql_fetchrow($result);
@ -779,7 +779,7 @@ else if ( $group_id )
ORDER BY u.username";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
}
$group_members = $db->sql_fetchrowset($result);
@ -795,7 +795,7 @@ else if ( $group_id )
ORDER BY u.username";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql);
}
$modgroup_pending_list = $db->sql_fetchrowset($result);
@ -1153,7 +1153,7 @@ else
ORDER BY g.group_name, ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
@ -1192,7 +1192,7 @@ else
ORDER BY g.group_name";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
$s_group_list_opt = '';
@ -1261,7 +1261,7 @@ else
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
message_die(MESSAGE, $lang['No_groups_exist']);
}
}

391
phpBB/index.php
View File

@ -8,7 +8,6 @@
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
@ -28,15 +27,21 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
$viewcat = ( !empty($HTTP_GET_VARS[POST_CAT_URL]) ) ? $HTTP_GET_VARS[POST_CAT_URL] : -1;
//
// Configure style, language, etc.
//
$session->configure($userdata);
if( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
$viewcat = ( !empty($HTTP_GET_VARS['c']) ) ? intval($HTTP_GET_VARS['c']) : -1;
$forum_id = ( !empty($HTTP_GET_VARS['f']) ) ? intval($HTTP_GET_VARS['f']) : 0;
if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
{
$mark_read = ( isset($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : $HTTP_GET_VARS['mark'];
}
@ -48,46 +53,41 @@ else
//
// Handle marking posts
//
if( $mark_read == 'forums' )
if ( $mark_read == 'forums' )
{
if( $userdata['session_logged_in'] )
if ( $userdata['user_id'] != ANONYMOUS )
{
setcookie($board_config['cookie_name'] . '_f_all', time(), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
}
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="3;url=' .append_sid("index.$phpEx") . '">')
'META' => '<meta http-equiv="refresh" content="3;url=' . "index.$phpEx$SID" . '">')
);
$message = $lang['Forums_marked_read'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a> ');
message_die(GENERAL_MESSAGE, $message);
$message = $lang['Forums_marked_read'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a> ');
message_die(MESSAGE, $message);
}
//
// End handle marking posts
//
$tracking_topics = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t"]) : array();
$tracking_forums = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_f"]) : array();
$tracking_topics = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
$tracking_forums = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array();
//
// If you don't use these stats on your index you may want to consider
// removing them
//
$total_posts = get_db_stat('postcount');
//$total_users = get_db_stat('usercount');
//$newest_userdata = get_db_stat('newestuser');
//$newest_user = $newest_userdata['username'];
//$newest_uid = $newest_userdata['user_id'];
$total_users = $board_config['num_users'];
$newest_user = $board_config['newest_username'];
$newest_uid = $board_config['newest_user_id'];
if( $total_posts == 0 )
if ( $total_posts == 0 )
{
$l_total_post_s = $lang['Posted_articles_zero_total'];
}
else if( $total_posts == 1 )
else if ( $total_posts == 1 )
{
$l_total_post_s = $lang['Posted_article_total'];
}
@ -96,11 +96,11 @@ else
$l_total_post_s = $lang['Posted_articles_total'];
}
if( $total_users == 0 )
if ( $total_users == 0 )
{
$l_total_user_s = $lang['Registered_users_zero_total'];
}
else if( $total_users == 1 )
else if ( $total_users == 1 )
{
$l_total_user_s = $lang['Registered_user_total'];
}
@ -110,43 +110,191 @@ else
}
/*
switch ( SQL_LAYER )
{
case 'oracle':
break;
default:
$sql = "SELECT f1.*, p.post_time, p.post_username, u.username, u.user_id
FROM ((( " . FORUMS_TABLE . " f1
LEFT JOIN " . FORUMS_TABLE . " f2
LEFT JOIN " . POSTS_TABLE . " p ON p.post_id = f2.forum_last_post_id )
LEFT JOIN " . USERS_TABLE . " u ON u.user_id = p.poster_id )
WHERE f1.forum_left_id BETWEEN f2.forum_left_id AND f2.forum_right_id
ORDER BY f2.forum_id";
break;
}
$result = $db->sql_query($sql);
$forum_data = array();
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$forum_data[] = $row;
}
while ( $row = $db->sql_fetchrow($result) );
$total_forums = sizeof($forum_data);
}
if ( $total_forums > 1 )
{
$last_forum_right_id = 0;
for( $i = 0; $i < $total_forums; $i++)
{
$row_forum_id = $forum_data[$i]['forum_id'];
//
// A non-postable forum on the index is treated as a category
//
if ( $forum_data[$i]['forum_status'] == 2 || $row_forum_id == $forum_id )
{
$template->assign_block_vars('catrow', array(
'CAT_ID' => $forum_id,
'CAT_DESC' => $forum_data[$i]['forum_name'],
'U_VIEWCAT' => "index.$phpEx?$SID&amp;" . POST_FORUM_URL . "=$forum_id")
);
$current_parent = $row_forum_id;
}
else
{
if ( $forum_data[$i]['parent_id'] == $current_parent )
{
if ( $acl->get_acl($row_forum_id, 'forum', 'list') )
{
if ( $forum_data[$i]['forum_status'] == FORUM_LOCKED )
{
$folder_image = $theme['forum_locked'];
$folder_alt = $lang['Forum_locked'];
}
else
{
$unread_topics = false;
if ( $userdata['user_id'] != ANONYMOUS )
{
if ( !empty($new_topic_data[$row_forum_id]) )
{
$forum_last_post_time = 0;
while( list($check_topic_id, $check_post_time) = @each($new_topic_data[$row_forum_id]) )
{
if ( empty($tracking_topics[$check_topic_id]) )
{
$unread_topics = true;
$forum_last_post_time = max($check_post_time, $forum_last_post_time);
}
else
{
if ( $tracking_topics[$check_topic_id] < $check_post_time )
{
$unread_topics = true;
$forum_last_post_time = max($check_post_time, $forum_last_post_time);
}
}
}
if ( !empty($tracking_forums[$row_forum_id]) )
{
if ( $tracking_forums[$row_forum_id] > $forum_last_post_time )
{
$unread_topics = false;
}
}
if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) )
{
if ( $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all'] > $forum_last_post_time )
{
$unread_topics = false;
}
}
}
}
$folder_image = ( $unread_topics ) ? $theme['forum_new'] : $theme['forum'];
$folder_alt = ( $unread_topics ) ? $lang['New_posts'] : $lang['No_new_posts'];
}
$posts = $forum_data[$i]['forum_posts'];
$topics = $forum_data[$i]['forum_topics'];
if ( $forum_data[$i]['forum_last_post_id'] )
{
$last_post_time = create_date($board_config['default_dateformat'], $forum_data[$i]['post_time'], $board_config['board_timezone']);
$last_post = $last_post_time . '<br />';
$last_post .= ( $forum_data[$i]['user_id'] == ANONYMOUS ) ? ( ($forum_data[$i]['post_username'] != '' ) ? $forum_data[$i]['post_username'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;" . POST_USERS_URL . '=' . $forum_data[$i]['user_id'] . '">' . $forum_data[$i]['username'] . '</a> ';
$last_post .= '<a href="' . "viewtopic.$phpEx$SID&amp;" . POST_POST_URL . '=' . $forum_data[$i]['forum_last_post_id'] . '#' . $forum_data[$i]['forum_last_post_id'] . '"><img src="' . $theme['icon_latest_reply'] . '" border="0" alt="' . $lang['View_latest_post'] . '" title="' . $lang['View_latest_post'] . '" /></a>';
}
else
{
$last_post = $lang['No_Posts'];
}
if ( count($forum_moderators[$row_forum_id]) > 0 )
{
$l_moderators = ( count($forum_moderators[$row_forum_id]) == 1 ) ? $lang['Moderator'] : $lang['Moderators'];
$moderator_list = implode(', ', $forum_moderators[$row_forum_id]);
}
else
{
$l_moderators = '&nbsp;';
$moderator_list = '&nbsp;';
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('catrow.forumrow', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FORUM_FOLDER_IMG' => $folder_image,
'FORUM_NAME' => $forum_data[$i]['forum_name'],
'FORUM_DESC' => $forum_data[$i]['forum_desc'],
'POSTS' => $forum_data[$i]['forum_posts'],
'TOPICS' => $forum_data[$i]['forum_topics'],
'LAST_POST' => $last_post,
'MODERATORS' => $moderator_list,
'L_MODERATOR' => $l_moderators,
'L_FORUM_FOLDER_ALT' => $folder_alt,
'U_VIEWFORUM' => "viewforum.$phpEx$SID&amp;" . POST_FORUM_URL . "=$row_forum_id")
);
}
}
}
}
$template->assign_var_from_handle('SUB_FORUM', 'forum');
}
*/
//
// Start page proper
//
$sql = "SELECT c.cat_id, c.cat_title, c.cat_order
FROM " . CATEGORIES_TABLE . " c
ORDER BY c.cat_order";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query categories list', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
while( $category_rows[] = $db->sql_fetchrow($result) );
while ( $category_rows[] = $db->sql_fetchrow($result) );
if( ( $total_categories = count($category_rows) ) )
if ( ( $total_categories = count($category_rows) ) )
{
//
// Define appropriate SQL
//
switch(SQL_LAYER)
switch ( SQL_LAYER )
{
case 'postgresql':
$sql = "SELECT f.*, p.post_time, p.post_username, u.username, u.user_id
FROM " . FORUMS_TABLE . " f, " . POSTS_TABLE . " p, " . USERS_TABLE . " u
WHERE p.post_id = f.forum_last_post_id
AND u.user_id = p.poster_id
UNION (
SELECT f.*, NULL, NULL, NULL, NULL
FROM " . FORUMS_TABLE . " f
WHERE NOT EXISTS (
SELECT p.post_time
FROM " . POSTS_TABLE . " p
WHERE p.post_id = f.forum_last_post_id
)
)
ORDER BY cat_id, forum_order";
break;
case 'oracle':
$sql = "SELECT f.*, p.post_time, p.post_username, u.username, u.user_id
FROM " . FORUMS_TABLE . " f, " . POSTS_TABLE . " p, " . USERS_TABLE . " u
@ -163,37 +311,26 @@ if( ( $total_categories = count($category_rows) ) )
ORDER BY f.cat_id, f.forum_order";
break;
}
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query forums information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$forum_data = array();
while( $row = $db->sql_fetchrow($result) )
while ( $row = $db->sql_fetchrow($result) )
{
$forum_data[] = $row;
}
if ( !($total_forums = count($forum_data)) )
{
message_die(GENERAL_MESSAGE, $lang['No_forums']);
}
//
// Obtain a list of topic ids which contain
// posts made since user last visited
//
if ( $userdata['session_logged_in'] )
/* if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "SELECT t.forum_id, t.topic_id, p.post_time
FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p
WHERE p.post_id = t.topic_last_post_id
AND p.post_time > " . $userdata['user_lastvisit'] . "
AND t.topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query new topic information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$new_topic_data = array();
while( $topic_data = $db->sql_fetchrow($result) )
@ -201,74 +338,22 @@ if( ( $total_categories = count($category_rows) ) )
$new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time'];
}
}
*/
//
// Obtain list of moderators of each forum
// First users, then groups ... broken into two queries
//
$sql = "SELECT aa.forum_id, u.user_id, u.username
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g, " . USERS_TABLE . " u
WHERE aa.auth_mod = " . TRUE . "
AND g.group_single_user = 1
AND ug.group_id = aa.group_id
AND g.group_id = aa.group_id
AND u.user_id = ug.user_id
GROUP BY u.user_id, u.username, aa.forum_id
ORDER BY aa.forum_id, u.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query forum moderator information', '', __LINE__, __FILE__, $sql);
}
$forum_moderators = array();
while( $row = $db->sql_fetchrow($result) )
{
$forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '">' . $row['username'] . '</a>';
}
$sql = "SELECT aa.forum_id, g.group_id, g.group_name
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE aa.auth_mod = " . TRUE . "
AND g.group_single_user = 0
AND g.group_type <> " . GROUP_HIDDEN . "
AND ug.group_id = aa.group_id
AND g.group_id = aa.group_id
GROUP BY g.group_id, g.group_name, aa.forum_id
ORDER BY aa.forum_id, g.group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query forum moderator information', '', __LINE__, __FILE__, $sql);
}
while( $row = $db->sql_fetchrow($result) )
{
$forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=" . $row['group_id']) . '">' . $row['group_name'] . '</a>';
}
//
// Find which forums are visible for this user
//
$is_auth_ary = array();
$is_auth_ary = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata, $forum_data);
//
// Start output of page
//
$page_title = $lang['Index'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'index_body.tpl')
);
get_moderators($forum_moderators);
$template->assign_vars(array(
'TOTAL_POSTS' => sprintf($l_total_post_s, $total_posts),
'TOTAL_USERS' => sprintf($l_total_user_s, $total_users),
'NEWEST_USER' => sprintf($lang['Newest_user'], '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$newest_uid") . '">', $newest_user, '</a>'),
'NEWEST_USER' => sprintf($lang['Newest_user'], '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$newest_uid" . '">', $newest_user, '</a>'),
'FORUM_IMG' => $images['forum'],
'FORUM_NEW_IMG' => $images['forum_new'],
'FORUM_LOCKED_IMG' => $images['forum_locked'],
'FORUM_IMG' => create_img($theme['forum'], $lang['No_new_posts']),
'FORUM_NEW_IMG' => create_img($theme['forum_new'], $lang['New_posts']),
'FORUM_LOCKED_IMG' => create_img($theme['forum_locked'], $lang['No_new_posts_locked']),
'L_FORUM' => $lang['Forum'],
'L_TOPICS' => $lang['Topics'],
@ -282,11 +367,15 @@ if( ( $total_categories = count($category_rows) ) )
'L_NEW_POSTS_LOCKED' => $lang['New_posts_locked'],
'L_ONLINE_EXPLAIN' => $lang['Online_explain'],
'L_MODERATOR' => $lang['Moderators'],
'L_VIEW_MODERATORS' => $lang['View_moderators'],
'L_FORUM_LOCKED' => $lang['Forum_is_locked'],
'L_MARK_FORUMS_READ' => $lang['Mark_all_forums'],
'L_LEGEND' => $lang['Legend'],
'L_NO_FORUMS' => $lang['No_forums'],
'U_MARK_READ' => append_sid("index.$phpEx?mark=forums"))
'S_LEGEND' => $legend,
'U_MARK_READ' => "index.$phpEx$SID&amp;mark=forums")
);
//
@ -300,9 +389,9 @@ if( ( $total_categories = count($category_rows) ) )
// Should we display this category/forum set?
//
$display_forums = false;
for($j = 0; $j < $total_forums; $j++)
for($j = 0; $j < sizeof($forum_data); $j++)
{
if ( $is_auth_ary[$forum_data[$j]['forum_id']]['auth_view'] && $forum_data[$j]['cat_id'] == $cat_id )
if ( $acl->get_acl($forum_data[$j]['forum_id'], 'forum', 'list') && $forum_data[$j]['cat_id'] == $cat_id )
{
$display_forums = true;
}
@ -317,34 +406,35 @@ if( ( $total_categories = count($category_rows) ) )
$template->assign_block_vars('catrow', array(
'CAT_ID' => $cat_id,
'CAT_DESC' => $category_rows[$i]['cat_title'],
'U_VIEWCAT' => append_sid("index.$phpEx?" . POST_CAT_URL . "=$cat_id"))
'U_VIEWCAT' => "index.$phpEx$SID&amp;c=$cat_id",
'HAVE_FORUMS' => true)
);
if ( $viewcat == $cat_id || $viewcat == -1 )
{
for($j = 0; $j < $total_forums; $j++)
for($j = 0; $j < sizeof($forum_data); $j++)
{
if ( $forum_data[$j]['cat_id'] == $cat_id )
{
$forum_id = $forum_data[$j]['forum_id'];
$row_forum_id = $forum_data[$j]['forum_id'];
if ( $is_auth_ary[$forum_id]['auth_view'] )
if ( $acl->get_acl($row_forum_id, 'forum', 'list') )
{
if ( $forum_data[$j]['forum_status'] == FORUM_LOCKED )
{
$folder_image = $images['forum_locked'];
$folder_image = $theme['forum_locked'];
$folder_alt = $lang['Forum_locked'];
}
else
{
$unread_topics = false;
if ( $userdata['session_logged_in'] )
if ( $userdata['user_id'] != ANONYMOUS )
{
if ( !empty($new_topic_data[$forum_id]) )
if ( !empty($new_topic_data[$row_forum_id]) )
{
$forum_last_post_time = 0;
while( list($check_topic_id, $check_post_time) = @each($new_topic_data[$forum_id]) )
foreach ( $new_topic_data[$row_forum_id] as $check_topic_id => $check_post_time )
{
if ( empty($tracking_topics[$check_topic_id]) )
{
@ -362,9 +452,9 @@ if( ( $total_categories = count($category_rows) ) )
}
}
if ( !empty($tracking_forums[$forum_id]) )
if ( !empty($tracking_forums[$row_forum_id]) )
{
if ( $tracking_forums[$forum_id] > $forum_last_post_time )
if ( $tracking_forums[$row_forum_id] > $forum_last_post_time )
{
$unread_topics = false;
}
@ -381,7 +471,7 @@ if( ( $total_categories = count($category_rows) ) )
}
}
$folder_image = ( $unread_topics ) ? $images['forum_new'] : $images['forum'];
$folder_image = ( $unread_topics ) ? $theme['forum_new'] : $theme['forum'];
$folder_alt = ( $unread_topics ) ? $lang['New_posts'] : $lang['No_new_posts'];
}
@ -394,19 +484,19 @@ if( ( $total_categories = count($category_rows) ) )
$last_post = $last_post_time . '<br />';
$last_post .= ( $forum_data[$j]['user_id'] == ANONYMOUS ) ? ( ($forum_data[$j]['post_username'] != '' ) ? $forum_data[$j]['post_username'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $forum_data[$j]['user_id']) . '">' . $forum_data[$j]['username'] . '</a> ';
$last_post .= ( $forum_data[$j]['user_id'] == ANONYMOUS ) ? ( ($forum_data[$j]['post_username'] != '' ) ? $forum_data[$j]['post_username'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $forum_data[$j]['user_id'] . '">' . $forum_data[$j]['username'] . '</a> ';
$last_post .= '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $forum_data[$j]['forum_last_post_id']) . '#' . $forum_data[$j]['forum_last_post_id'] . '"><img src="' . $images['icon_latest_reply'] . '" border="0" alt="' . $lang['View_latest_post'] . '" title="' . $lang['View_latest_post'] . '" /></a>';
$last_post .= '<a href="' . "viewtopic.$phpEx$SID&amp;f=$row_forum_id&amp;p=" . $forum_data[$j]['forum_last_post_id'] . '#' . $forum_data[$j]['forum_last_post_id'] . '">' . create_img($theme['goto_post_latest'], $lang['View_latest_post']) . '</a>';
}
else
{
$last_post = $lang['No_Posts'];
}
if ( count($forum_moderators[$forum_id]) > 0 )
if ( count($forum_moderators[$row_forum_id]) > 0 )
{
$l_moderators = ( count($forum_moderators[$forum_id]) == 1 ) ? $lang['Moderator'] : $lang['Moderators'];
$moderator_list = implode(', ', $forum_moderators[$forum_id]);
$l_moderators = ( count($forum_moderators[$row_forum_id]) == 1 ) ? $lang['Moderator'] . ':' : $lang['Moderators'] . ':' ;
$moderator_list = implode(', ', $forum_moderators[$row_forum_id]);
}
else
{
@ -414,13 +504,9 @@ if( ( $total_categories = count($category_rows) ) )
$moderator_list = '&nbsp;';
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('catrow.forumrow', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FORUM_FOLDER_IMG' => $folder_image,
'ROW_COUNT' => $i,
'FORUM_FOLDER_IMG' => create_img($folder_image, $folder_alt),
'FORUM_NAME' => $forum_data[$j]['forum_name'],
'FORUM_DESC' => $forum_data[$j]['forum_desc'],
'POSTS' => $forum_data[$j]['forum_posts'],
@ -428,10 +514,12 @@ if( ( $total_categories = count($category_rows) ) )
'LAST_POST' => $last_post,
'MODERATORS' => $moderator_list,
'FORUM_IMG' => $forum_data[$j]['forum_image'],
'L_MODERATOR' => $l_moderators,
'L_FORUM_FOLDER_ALT' => $folder_alt,
'U_VIEWFORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))
'U_VIEWFORUM' => "viewforum.$phpEx$SID&amp;f=$row_forum_id")
);
}
}
@ -441,15 +529,16 @@ if( ( $total_categories = count($category_rows) ) )
} // for ... categories
}// if ... total_categories
else
{
message_die(GENERAL_MESSAGE, $lang['No_forums']);
}
//
// Generate the page
// Start output of page
//
$template->pparse('body');
$page_title = $lang['Index'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'index_body.html')
);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

145
phpBB/login.php
View File

@ -24,8 +24,7 @@
// Allow people to reach login page if
// board is shut down
//
define("IN_LOGIN", true);
define('IN_LOGIN', true);
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
@ -34,75 +33,66 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Set page ID for session management
//
$userdata = session_pagestart($user_ip, PAGE_LOGIN);
init_userprefs($userdata);
$userdata = $session->start();
//
// End session management
//
//
// Configure style, language, etc.
//
$session->configure($userdata);
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
if ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
//
// This appears to work for IIS5 CGI under Win2K. Uses getenv
// since this doesn't exist for ISAPI mode and therefore the
// normal Location redirector is used in preference
//
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
if ( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
{
$username = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
$password = ( isset($HTTP_POST_VARS['password']) ) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level
$sql = "SELECT user_id, username, user_email, user_password, user_active, user_level
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
if( $row = $db->sql_fetchrow($result) )
if ( $row = $db->sql_fetchrow($result) )
{
if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
if ( $row['user_level'] != ADMIN && $board_config['board_disable'] )
{
header($header_location . append_sid("index.$phpEx", true));
header($header_location . "index.$phpEx$SID");
exit;
}
else
{
if( md5($password) == $row['user_password'] && $row['user_active'] )
if ( md5($password) == $row['user_password'] && $row['user_active'] )
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? md5($password) : '';
$this_page = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF'];
$this_page .= '&' . ( ( !empty($HTTP_SERVER_VARS['QUERY_STRING']) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : $HTTP_ENV_VARS['QUERY_STRING'] );
$session_browser = ( !empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']) ) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : $HTTP_ENV_VARS['HTTP_USER_AGENT'];
$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);
$userdata = $session->create($userdata['session_id'], $row['user_id'], $autologin, $this_page, $session_browser);
if( $session_id )
{
if( !empty($HTTP_POST_VARS['redirect']) )
{
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
}
else
{
header($header_location . append_sid("index.$phpEx", true));
}
}
else
{
message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__);
}
header($header_location . $HTTP_POST_VARS['redirect']);
exit;
}
else
{
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : '';
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("login.$phpEx?redirect=$redirect") . '">')
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx$SID&amp;redirect=$redirect" . '">')
);
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . append_sid("login.$phpEx?redirect=$redirect") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . "login.$phpEx$SID&amp;redirect=$redirect" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
message_die(MESSAGE, $message);
}
}
}
@ -111,41 +101,21 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "";
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("login.$phpEx?redirect=$redirect") . '">')
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx$SID&amp;redirect=$redirect" . '">')
);
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . append_sid("login.$phpEx?redirect=$redirect") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . "login.$phpEx$SID&amp;redirect=$redirect" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
message_die(MESSAGE, $message);
}
}
else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
else if ( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['user_id'] != ANONYMOUS )
{
if( $userdata['session_logged_in'] )
{
session_end($userdata['session_id'], $userdata['user_id']);
}
$session->destroy($userdata);
}
if( !empty($HTTP_POST_VARS['redirect']) )
{
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
}
else
{
header($header_location . append_sid("index.$phpEx", true));
}
}
else
{
if( !empty($HTTP_POST_VARS['redirect']) )
{
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
}
else
{
header($header_location . append_sid("index.$phpEx", true));
}
}
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "index.$phpEx$SID";
header($header_location . $redirect);
exit;
}
else
{
@ -153,34 +123,27 @@ else
// Do a full login page dohickey if
// user not already logged in
//
if( !$userdata['session_logged_in'] )
if ( $userdata['user_id'] == ANONYMOUS )
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'login_body.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
if ( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
{
$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];
if( preg_match("/^redirect=(.*)$/si", $forward_to, $forward_matches) )
if ( preg_match('/^redirect=(.*)$/si', $forward_to, $forward_matches) )
{
$forward_to = ( !empty($forward_matches[3]) ) ? $forward_matches[3] : $forward_matches[1];
$forward_match = explode('&', $forward_to);
if(count($forward_match) > 1)
if ( count($forward_match) > 1 )
{
$forward_page = '';
for($i = 1; $i < count($forward_match); $i++)
{
if( !ereg("sid=", $forward_match[$i]) )
if ( !ereg('sid=', $forward_match[$i]) )
{
if( $forward_page != '' )
if ( $forward_page != '' )
{
$forward_page .= '&';
}
@ -201,29 +164,31 @@ else
$forward_page = '';
}
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
'USERNAME' => ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '',
'L_ENTER_PASSWORD' => $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
'U_SEND_PASSWORD' => "profile.$phpEx$SID&amp;mode=sendpassword",
'S_HIDDEN_FIELDS' => $s_hidden_fields)
'S_HIDDEN_FIELDS' => '<input type="hidden" name="redirect" value="' . $forward_page . '" />')
);
$template->pparse('body');
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'login_body.html')
);
make_jumpbox('viewforum.'.$phpEx, $forum_id);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
header($header_location . append_sid("index.$phpEx", true));
header($header_location . "index.$phpEx$SID");
exit;
}
}

130
phpBB/memberlist.php
View File

@ -27,19 +27,24 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_VIEWMEMBERS);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
$start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0;
//
// Configure style, language, etc.
//
$session->configure($userdata);
if(isset($HTTP_POST_VARS['order']))
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
if ( isset($HTTP_POST_VARS['order']) )
{
$sort_order = ($HTTP_POST_VARS['order'] == 'ASC') ? 'ASC' : 'DESC';
}
else if(isset($HTTP_GET_VARS['order']))
else if ( isset($HTTP_GET_VARS['order']) )
{
$sort_order = ($HTTP_GET_VARS['order'] == 'ASC') ? 'ASC' : 'DESC';
}
@ -58,33 +63,32 @@ $select_sort_mode = '<select name="mode">';
for($i = 0; $i < count($mode_types_text); $i++)
{
$selected = ( $mode == $mode_types[$i] ) ? ' selected="selected"' : '';
$select_sort_mode .= "<option value=\"" . $mode_types[$i] . "\"$selected>" . $mode_types_text[$i] . "</option>";
$select_sort_mode .= '<option value="' . $mode_types[$i] . '"' . $selected . '>' . $mode_types_text[$i] . '</option>';
}
$select_sort_mode .= '</select>';
$select_sort_order = '<select name="order">';
if($sort_order == 'ASC')
$select_sort_order .= ( $sort_order == 'ASC' ) ? '<option value="ASC" selected="selected">' . $lang['Sort_Ascending'] . '</option><option value="DESC">' . $lang['Sort_Descending'] . '</option>' : '<option value="ASC">' . $lang['Sort_Ascending'] . '</option><option value="DESC" selected="selected">' . $lang['Sort_Descending'] . '</option>';
$select_sort_order .= '</select>';
if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
{
$select_sort_order .= '<option value="ASC" selected="selected">' . $lang['Sort_Ascending'] . '</option><option value="DESC">' . $lang['Sort_Descending'] . '</option>';
$pagination = generate_pagination("memberlist.$phpEx?mode=$mode&amp;order=$sort_order", $board_config['num_users'], $board_config['topics_per_page'], $start). '&nbsp;';
$total_members = $board_config['num_users'];
}
else
{
$select_sort_order .= '<option value="ASC">' . $lang['Sort_Ascending'] . '</option><option value="DESC" selected="selected">' . $lang['Sort_Descending'] . '</option>';
$pagination = '&nbsp;';
$total_members = 10;
}
$select_sort_order .= '</select>';
//
// Generate page
//
$page_title = $lang['Memberlist'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'memberlist_body.tpl')
);
make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'PAGINATION' => $pagination,
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $total_members / $board_config['topics_per_page'] )),
'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'],
'L_EMAIL' => $lang['Email'],
'L_WEBSITE' => $lang['Website'],
@ -98,10 +102,11 @@ $template->assign_vars(array(
'L_ICQ' => $lang['ICQ'],
'L_JOINED' => $lang['Joined'],
'L_POSTS' => $lang['Posts'],
'L_GOTO_PAGE' => $lang['Goto_page'],
'S_MODE_SELECT' => $select_sort_mode,
'S_ORDER_SELECT' => $select_sort_order,
'S_MODE_ACTION' => append_sid("memberlist.$phpEx"))
'S_MODE_ACTION' => "memberlist.$phpEx$SID")
);
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
@ -110,6 +115,9 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
switch( $mode )
{
case 'topten':
$order_by = "user_posts DESC LIMIT 10";
break;
case 'joined':
$order_by = "user_regdate ASC LIMIT $start, " . $board_config['topics_per_page'];
break;
@ -128,9 +136,6 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
case 'website':
$order_by = "user_website $sort_order LIMIT $start, " . $board_config['topics_per_page'];
break;
case 'topten':
$order_by = "user_posts DESC LIMIT 10";
break;
default:
$order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];
break;
@ -145,10 +150,7 @@ $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY $order_by";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query users', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
@ -179,11 +181,11 @@ if ( $row = $db->sql_fetchrow($result) )
}
}
if ( !empty($row['user_viewemail']) || $userdata['user_level'] == ADMIN )
if ( $row['user_viewemail'] || $acl->get_acl_admin() )
{
$email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $user_id) : 'mailto:' . $row['user_email'];
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $user_id : 'mailto:' . $row['user_email'];
$email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
$email_img = '<a href="' . $email_uri . '">' . create_img($theme['icon_email'], $lang['Send_email']) . '</a>';
$email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
}
else
@ -192,21 +194,21 @@ if ( $row = $db->sql_fetchrow($result) )
$email = '&nbsp;';
}
$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id");
$profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$profile_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';
$profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
$temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=$user_id");
$pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
$temp_url = "privmsg.$phpEx$SID&amp;mode=post&amp;u=$user_id";
$pm_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_pm'], $lang['Send_private_message']) . '</a>';
$pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
$www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '';
$www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . create_img($theme['icon_www'], $lang['Visit_website']) . '</a>' : '';
$www = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
if ( !empty($row['user_icq']) )
{
$icq_status_img = '<a href="http://wwp.icq.com/' . $row['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $row['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
$icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
$icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . create_img($theme['icon_icq'], $lang['ICQ']) . '</a>';
$icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . $lang['ICQ'] . '</a>';
}
else
@ -216,27 +218,22 @@ if ( $row = $db->sql_fetchrow($result) )
$icq = '';
}
$aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
$aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?">' . create_img($theme['icon_aim'], $lang['AIM']) . '</a>' : '';
$aim = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id");
$msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . create_img($theme['icon_msnm'], $lang['MSNM']) . '</a>' : '';
$msn = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
$yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
$yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . create_img($theme['icon_yim'], $lang['YIM']) . '</a>' : '';
$yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=posts");
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
$temp_url = "search.$phpEx$SID&amp;search_author=" . urlencode($username) . "&amp;showresults=posts";
$search_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_search'], $lang['Search_user_posts']) . '</a>';
$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('memberrow', array(
'ROW_NUMBER' => $i + ( $HTTP_GET_VARS['start'] + 1 ),
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'ROW_NUMBER' => $i + ( $start + 1 ),
'USERNAME' => $username,
'FROM' => $from,
'JOINED' => $joined,
@ -261,8 +258,10 @@ if ( $row = $db->sql_fetchrow($result) )
'MSN' => $msn,
'YIM_IMG' => $yim_img,
'YIM' => $yim,
'S_ROW_COUNT' => $i,
'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
'U_VIEWPROFILE' => "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id")
);
$i++;
@ -270,38 +269,13 @@ if ( $row = $db->sql_fetchrow($result) )
while ( $row = $db->sql_fetchrow($result) );
}
if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
{
$sql = "SELECT count(*) AS total
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS;
$page_title = $lang['Memberlist'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting total users', '', __LINE__, __FILE__, $sql);
}
if ( $total = $db->sql_fetchrow($result) )
{
$total_members = $total['total'];
$pagination = generate_pagination("memberlist.$phpEx?mode=$mode&amp;order=$sort_order", $total_members, $board_config['topics_per_page'], $start). '&nbsp;';
}
}
else
{
$pagination = '&nbsp;';
$total_members = 10;
}
$template->assign_vars(array(
'PAGINATION' => $pagination,
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $total_members / $board_config['topics_per_page'] )),
'L_GOTO_PAGE' => $lang['Goto_page'])
$template->set_filenames(array(
'body' => 'memberlist_body.html')
);
$template->pparse('body');
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

35
phpBB/modcp.php
View File

@ -36,6 +36,15 @@ include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Start session management
//
$userdata = $session->start();
$acl = new auth('forum', $userdata);
//
// End session management
//
//
// Obtain initial var settings
//
@ -76,19 +85,19 @@ if ( isset($HTTP_POST_VARS['cancel']) )
{
if ( $topic_id )
{
$redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
$redirect = "viewtopic.$phpEx$SID&" . POST_TOPIC_URL . "=$topic_id";
}
else if ( $forum_id )
{
$redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
$redirect = "viewforum.$phpEx$SID&" . POST_FORUM_URL . "=$forum_id";
}
else
{
$redirect = "index.$phpEx";
$redirect = "index.$phpEx$SID";
}
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid($redirect, true));
header($header_location . $redirect);
}
//
@ -168,26 +177,12 @@ else
}
//
// Start session management
// Auth check
//
$userdata = session_pagestart($user_ip, $forum_id);
init_userprefs($userdata);
//
// End session management
//
//
// Start auth check
//
$is_auth = auth(AUTH_ALL, $forum_id, $userdata);
if ( !$is_auth['auth_mod'] )
if ( !$acl->get_acl($forum_id, 'mod') )
{
message_die(GENERAL_MESSAGE, $lang['Not_Moderator'], $lang['Not_Authorised']);
}
//
// End Auth Check
//
//
// Do major work ...

119
phpBB/posting.php
View File

@ -25,12 +25,12 @@ $phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Check and set various parameters
//
$params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode', 'forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
$params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode', 'forum_id' => 'f', 'topic_id' => 't', 'post_id' => 'p');
while( list($var, $param) = @each($params) )
{
@ -76,35 +76,35 @@ if ( isset($HTTP_POST_VARS['cancel']) )
{
if ( $post_id )
{
$redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id";
$redirect = "viewtopic.$phpEx$SID&p=$post_id";
$post_append = "#$post_id";
}
else if ( $topic_id )
{
$redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
$redirect = "viewtopic.$phpEx$SID&t=$topic_id";
$post_append = '';
}
else if ( $forum_id )
{
$redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
$redirect = "viewforum.$phpEx$SID&f=$forum_id";
$post_append = '';
}
else
{
$redirect = "index.$phpEx";
$redirect = "index.$phpEx$SID";
$post_append = '';
}
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid($redirect) . $post_append, true);
header($header_location . $redirect . $post_append, true);
exit;
}
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_POSTING);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
@ -147,7 +147,7 @@ switch( $mode )
$is_auth_type = 'auth_read';
break;
default:
message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
message_die(MESSAGE, $lang['No_post_mode']);
break;
}
@ -162,7 +162,7 @@ switch ( $mode )
case 'newtopic':
if ( empty($forum_id) )
{
message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);
message_die(MESSAGE, $lang['Forum_not_exist']);
}
$sql = "SELECT *
@ -174,7 +174,7 @@ switch ( $mode )
case 'vote':
if ( empty( $topic_id) )
{
message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
message_die(MESSAGE, $lang['No_topic_id']);
}
$sql = "SELECT f.*, t.topic_status
@ -189,7 +189,7 @@ switch ( $mode )
case 'poll_delete':
if ( empty($post_id) )
{
message_die(GENERAL_MESSAGE, $lang['No_post_id']);
message_die(MESSAGE, $lang['No_post_id']);
}
$select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';
@ -205,25 +205,29 @@ switch ( $mode )
break;
default:
message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
message_die(MESSAGE, $lang['No_valid_mode']);
}
if ( $result = $db->sql_query($sql) )
{
$post_info = $db->sql_fetchrow($result);
//
// Configure style, language, etc.
//
$userdata['user_style'] = ( $post_info['forum_style'] ) ? $post_info['user_style'] : $userdata['user_style'];
$session->configure($userdata);
$forum_id = $post_info['forum_id'];
$forum_name = $post_info['forum_name'];
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);
if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod'])
{
message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
message_die(MESSAGE, $lang['Forum_locked']);
}
else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
{
message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
message_die(MESSAGE, $lang['Topic_locked']);
}
if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' )
@ -245,10 +249,7 @@ if ( $result = $db->sql_query($sql) )
WHERE vd.topic_id = $topic_id
AND vr.vote_id = vd.vote_id
ORDER BY vr.vote_option_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$poll_options = array();
$poll_results_sum = 0;
@ -279,17 +280,17 @@ if ( $result = $db->sql_query($sql) )
if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )
{
$message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . "viewtopic.$phpEx$SID&amp;t=$topic_id" . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
message_die(MESSAGE, $message);
}
else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) )
{
message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
message_die(MESSAGE, $lang['Cannot_delete_replied']);
}
else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) )
{
message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
message_die(MESSAGE, $lang['Cannot_delete_poll']);
}
}
else
@ -307,18 +308,19 @@ if ( $result = $db->sql_query($sql) )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_such_post']);
message_die(MESSAGE, $lang['No_such_post']);
}
//
// The user is not authed, if they're not logged in then redirect
// them, else show them an error message
//
/*
if ( !$is_auth[$is_auth_type] )
{
if ( $userdata['session_logged_in'] )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
message_die(MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
}
switch( $mode )
@ -337,10 +339,10 @@ if ( !$is_auth[$is_auth_type] )
}
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));
header($header_location . "login.$phpEx$SID&redirect=posting.$phpEx&" . $redirect);
exit;
}
*/
//
// Set toggles for various options
//
@ -383,10 +385,7 @@ else
FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = $topic_id
AND user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
}
@ -406,7 +405,7 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
//
// Confirm deletion
//
$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
$s_hidden_fields = '<input type="hidden" name="p" value="' . $post_id . '" />';
$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
@ -417,7 +416,7 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'confirm_body' => 'confirm_body.tpl')
'body' => 'confirm_body.html')
);
$template->assign_vars(array(
@ -427,12 +426,10 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
'S_CONFIRM_ACTION' => "posting.$phpEx$SID",
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('confirm_body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else if ( $mode == 'vote' )
@ -450,10 +447,7 @@ else if ( $mode == 'vote' )
AND vr.vote_id = vd.vote_id
AND vr.vote_option_id = $vote_option_id
GROUP BY vd.vote_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
if ( $vote_info = $db->sql_fetchrow($result) )
{
@ -463,10 +457,7 @@ else if ( $mode == 'vote' )
FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $vote_id
AND vote_user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
if ( !($row = $db->sql_fetchrow($result)) )
{
@ -499,10 +490,10 @@ else if ( $mode == 'vote' )
}
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')
'META' => '<meta http-equiv="refresh" content="3;url=' . "viewtopic.$phpEx$SID&amp;" . POST_TOPIC_URL . "=$topic_id" . '">')
);
$message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
$message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . "viewtopic.$phpEx$SID&amp;" . POST_TOPIC_URL . "=$topic_id" . '">', '</a>');
message_die(MESSAGE, $message);
}
}
else if ( $submit || $confirm )
@ -571,7 +562,7 @@ else if ( $submit || $confirm )
$template->assign_vars(array(
"META" => $return_meta)
);
message_die(GENERAL_MESSAGE, $return_message);
message_die(MESSAGE, $return_message);
}
}
@ -677,7 +668,7 @@ if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
$preview_message = str_replace("\n", '<br />', $preview_message);
$template->set_filenames(array(
'preview' => 'posting_preview.tpl')
'preview' => 'posting_preview.html')
);
$template->assign_vars(array(
@ -697,7 +688,7 @@ if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
else if( $error_msg != '' )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
'reg_header' => 'error_body.html')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
@ -868,7 +859,7 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
{
$template->assign_block_vars('switch_type_toggle', array());
if( $is_auth['auth_sticky'] )
if( $acl->get_acl($forum_id, 'forum', 'sticky') )
{
$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';
if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY )
@ -878,7 +869,7 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
$topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . '&nbsp;&nbsp;';
}
if( $is_auth['auth_announce'] )
if ( $acl->get_acl($forum_id, 'forum', 'announce') )
{
$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';
if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE )
@ -923,9 +914,9 @@ generate_smilies('inline', PAGE_POSTING);
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'posting_body.tpl',
'pollbody' => 'posting_poll_body.tpl',
'reviewbody' => 'posting_topic_review.tpl')
'body' => 'posting_body.html',
'pollbody' => 'posting_poll_body.html',
'reviewbody' => 'posting_topic_review.html')
);
make_jumpbox('viewforum.'.$phpEx);
@ -934,7 +925,7 @@ $template->assign_vars(array(
'L_POST_A' => $page_title,
'L_POST_SUBJECT' => $lang['Post_subject'],
'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))
'U_VIEW_FORUM' => "viewforum.$phpEx$SID&amp;" . POST_FORUM_URL . "=$forum_id")
);
//
@ -951,7 +942,7 @@ $template->assign_vars(array(
'SUBJECT' => $subject,
'MESSAGE' => $message,
'HTML_STATUS' => $html_status,
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => $smilies_status,
'L_SUBJECT' => $lang['Subject'],
@ -1010,8 +1001,8 @@ $template->assign_vars(array(
'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'],
'L_STYLES_TIP' => $lang['Styles_tip'],
'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;postorder=desc") : '',
'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&amp;" . POST_TOPIC_URL . "=$topic_id") : '',
'U_VIEWTOPIC' => ( $mode == 'reply' ) ? "viewtopic.$phpEx$SID&amp;m" . POST_TOPIC_URL . "=$topic_id&amp;postorder=desc" : '',
'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? "posting.$phpEx$SID&amp;mmode=topicreview&amp;" . POST_TOPIC_URL . "=$topic_id" : '',
'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '',
'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '',
@ -1020,7 +1011,7 @@ $template->assign_vars(array(
'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '',
'S_TYPE_TOGGLE' => $topic_type_toggle,
'S_TOPIC_ID' => $topic_id,
'S_POST_ACTION' => append_sid("posting.$phpEx"),
'S_POST_ACTION' => "posting.$phpEx$SID",
'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields)
);
@ -1078,8 +1069,6 @@ if( $mode == 'reply' )
$template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody');
}
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>

6
phpBB/privmsg.php
View File

@ -74,15 +74,15 @@ else
if ( $cancel )
{
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true));
header($header_location . "privmsg.$phpEx$SIDfolder=$folder");
exit;
}
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_PRIVMSGS);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//

23
phpBB/profile.php
View File

@ -28,12 +28,17 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
//
// Configure style, language, etc.
//
$session->configure($userdata);
//
// Set default email variables
//
@ -81,10 +86,16 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
}
else if ( $mode == 'editprofile' || $mode == 'register' )
{
if ( !$userdata['session_logged_in'] && $mode == 'editprofile' )
if ( $userdata['user_id'] == ANONYMOUS && $mode == 'editprofile' )
{
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("login.$phpEx?redirect=profile.$phpEx&mode=editprofile", true));
header($header_location . "login.$phpEx$SID&redirect=profile.$phpEx&mode=editprofile");
exit;
}
else if ( $userdata['user_id'] != ANONYMOUS && $mode == 'register' )
{
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . "index.$phpEx$SID");
exit;
}
@ -110,8 +121,8 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
else
{
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("index.$phpEx", true));
header($header_location . "index.$phpEx$SID");
exit;
}
?>
?>

60
phpBB/search.php
View File

@ -25,13 +25,13 @@ $phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_SEARCH);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
@ -192,7 +192,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
WHERE username LIKE '" . str_replace("\'", "''", $search_author) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain list of matching users (searching for: $search_author)", "", __LINE__, __FILE__, $sql);
message_die(ERROR, "Couldn't obtain list of matching users (searching for: $search_author)", "", __LINE__, __FILE__, $sql);
}
$matching_userids = '';
@ -206,7 +206,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_search_match']);
message_die(MESSAGE, $lang['No_search_match']);
}
$sql = "SELECT post_id
@ -216,7 +216,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain matched posts list', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain matched posts list', '', __LINE__, __FILE__, $sql);
}
$search_ids = array();
@ -278,7 +278,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$search_msg_only";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain matched posts list', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain matched posts list', '', __LINE__, __FILE__, $sql);
}
$row = array();
@ -342,37 +342,33 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$auth_sql = '';
if ( $search_forum != -1 )
{
$is_auth = auth(AUTH_READ, $search_forum, $userdata);
if ( !$is_auth['auth_read'] )
if ( !$acl->get_acl($search_forum, 'forum', 'read') )
{
message_die(GENERAL_MESSAGE, $lang['No_searchable_forums']);
message_die(MESSAGE, $lang['No_searchable_forums']);
}
$auth_sql = "f.forum_id = $search_forum";
}
else
{
$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
if ( $search_cat != -1 )
{
$auth_sql = "f.cat_id = $search_cat";
}
$ignore_forum_sql = '';
while( list($key, $value) = each($is_auth_ary) )
$auth_ary = $acl->get_acl();
@reset($auth_ary);
$allowed_forum_sql = '';
while( list($key, $value) = @each($auth_ary) )
{
if ( !$value['auth_read'] )
if ( $value['forum']['read'] )
{
$ignore_forum_sql .= ( ( $ignore_forum_sql != '' ) ? ', ' : '' ) . $key;
$allowed_forum_sql .= ( ( $allowed_forum_sql != '' ) ? ', ' : '' ) . $key;
}
}
if ( $ignore_forum_sql != '' )
{
$auth_sql .= ( $auth_sql != '' ) ? " AND f.forum_id NOT IN ($ignore_forum_sql) " : "f.forum_id NOT IN ($ignore_forum_sql) ";
}
$auth_sql .= ( $auth_sql != '' ) ? " AND f.forum_id IN ($allowed_forum_sql) " : "f.forum_id IN ($allowed_forum_sql) ";
}
//
@ -427,7 +423,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain topic ids', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain topic ids', '', __LINE__, __FILE__, $sql);
}
$search_ids = array();
@ -467,7 +463,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
WHERE $where_sql";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
}
$search_ids = array();
@ -502,7 +498,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
}
$search_ids = array();
@ -523,7 +519,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_search_match']);
message_die(MESSAGE, $lang['No_search_match']);
}
//
@ -546,7 +542,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
WHERE session_id NOT IN (" . implode(", ", $delete_search_ids) . ")";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
}
}
}
@ -582,7 +578,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
VALUES($search_id, '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert search results', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not insert search results', '', __LINE__, __FILE__, $sql);
}
}
}
@ -596,7 +592,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
AND session_id = '". $userdata['session_id'] . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain search results', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain search results', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
@ -662,7 +658,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not obtain search results', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain search results', '', __LINE__, __FILE__, $sql);
}
$searchset = array();
@ -1180,7 +1176,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_search_match']);
message_die(MESSAGE, $lang['No_search_match']);
}
}
@ -1194,7 +1190,7 @@ $sql = "SELECT c.cat_title, c.cat_id, f.forum_name, f.forum_id
$result = $db->sql_query($sql);
if ( !$result )
{
message_die(GENERAL_ERROR, 'Could not obtain forum_name/forum_id', '', __LINE__, __FILE__, $sql);
message_die(ERROR, 'Could not obtain forum_name/forum_id', '', __LINE__, __FILE__, $sql);
}
$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
@ -1227,7 +1223,7 @@ if ( $s_forums != '' )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_searchable_forums']);
message_die(MESSAGE, $lang['No_searchable_forums']);
}
//

787
phpBB/viewforum.php
View File

File diff suppressed because it is too large Load Diff

227
phpBB/viewonline.php
View File

@ -8,7 +8,6 @@
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
@ -28,66 +27,38 @@ include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_VIEWONLINE);
init_userprefs($userdata);
$userdata = $session->start();
$acl = new auth('list', $userdata);
//
// End session management
//
//
// Output page header and load viewonline template
// Configure style, language, etc.
//
$page_title = $lang['Who_is_online'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'viewonline_body.tpl')
);
make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'L_WHOSONLINE' => $lang['Who_is_online'],
'L_ONLINE_EXPLAIN' => $lang['Online_explain'],
'L_USERNAME' => $lang['Username'],
'L_FORUM_LOCATION' => $lang['Forum_Location'],
'L_LAST_UPDATE' => $lang['Last_updated'])
);
$session->configure($userdata);
//
// Forum info
//
$sql = "SELECT forum_name, forum_id
$sql = "SELECT forum_id, forum_name
FROM " . FORUMS_TABLE;
if ( $result = $db->sql_query($sql) )
{
while( $row = $db->sql_fetchrow($result) )
{
$forum_data[$row['forum_id']] = $row['forum_name'];
}
}
else
{
message_die(GENERAL_ERROR, 'Could not obtain user/online forums information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
//
// Get auth data
//
$is_auth_ary = array();
$is_auth_ary = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
while( $row = $db->sql_fetchrow($result) )
{
$forum_data[$row['forum_id']] = $row['forum_name'];
}
//
// Get user list
//
$sql = "SELECT u.user_id, u.username, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_time, s.session_page, s.session_ip
FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
$sql = "SELECT u.user_id, u.username, u.user_allow_viewonline, u.user_level, s.session_time, s.session_page, s.session_ip
FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE . " s
WHERE u.user_id = s.session_user_id
AND s.session_time >= ".( time() - 300 ) . "
ORDER BY u.username ASC, s.session_ip ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain regd user/online information', '', __LINE__, __FILE__, $sql);
}
ORDER BY u.username ASC, s.session_ip ASC, s.session_time DESC";
$result = $db->sql_query($sql);
$guest_users = 0;
$registered_users = 0;
@ -102,7 +73,7 @@ while ( $row = $db->sql_fetchrow($result) )
{
$view_online = false;
if ( $row['session_logged_in'] )
if ( $row['user_id'] != ANONYMOUS )
{
$user_id = $row['user_id'];
@ -110,16 +81,6 @@ while ( $row = $db->sql_fetchrow($result) )
{
$username = $row['username'];
$style_color = '';
if ( $row['user_level'] == ADMIN )
{
$username = '<b style="color:#' . $theme['fontcolor3'] . '">' . $username . '</b>';
}
else if ( $row['user_level'] == MOD )
{
$username = '<b style="color:#' . $theme['fontcolor2'] . '">' . $username . '</b>';
}
if ( !$row['user_allow_viewonline'] )
{
$view_online = ( $userdata['user_level'] == ADMIN ) ? true : false;
@ -155,69 +116,85 @@ while ( $row = $db->sql_fetchrow($result) )
if ( $view_online )
{
if ( $row['session_page'] < 1 || !$is_auth_ary[$row['session_page']]['auth_view'] )
{
switch( $row['session_page'] )
{
case PAGE_INDEX:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx";
break;
case PAGE_POSTING:
$location = $lang['Posting_message'];
$location_url = "index.$phpEx";
break;
case PAGE_LOGIN:
$location = $lang['Logging_on'];
$location_url = "index.$phpEx";
break;
case PAGE_SEARCH:
$location = $lang['Searching_forums'];
$location_url = "search.$phpEx";
break;
case PAGE_PROFILE:
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx";
break;
case PAGE_VIEWONLINE:
$location = $lang['Viewing_online'];
$location_url = "viewonline.$phpEx";
break;
case PAGE_VIEWMEMBERS:
$location = $lang['Viewing_member_list'];
$location_url = "memberlist.$phpEx";
break;
case PAGE_PRIVMSGS:
$location = $lang['Viewing_priv_msgs'];
$location_url = "privmsg.$phpEx";
break;
case PAGE_FAQ:
$location = $lang['Viewing_FAQ'];
$location_url = "faq.$phpEx";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx";
}
}
else
{
$location_url = append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $row['session_page']);
$location = $forum_data[$row['session_page']];
}
preg_match('/\/?([a-z]+)\.' . $phpEx . '/', $row['session_page'], $on_page);
$row_color = ( $$which_counter % 2 ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( $$which_counter % 2 ) ? $theme['td_class1'] : $theme['td_class2'];
switch ( $on_page[1] )
{
case 'index':
$location = $lang['Forum_index'];
$location_url = "index.$phpEx$SID";
break;
case 'posting':
case 'viewforum':
case 'viewtopic':
preg_match('/f=([0-9]+)/', $row['session_page'], $forum_id);
$forum_id = $forum_id[1];
if ( $acl->get_acl($forum_id, 'forum' , 'list') )
{
$location = '';
switch ( $on_page[1] )
{
case 'posting':
$location = sprintf($lang['Posting_message'], $forum_data[$forum_id]);
break;
case 'viewtopic':
$location = sprintf($lang['Reading_topic'], $forum_data[$forum_id]);
break;
case 'viewforum':
$location .= $forum_data[$forum_id];
break;
}
$location_url = "viewforum.$phpEx$SID&amp;f=$forum_id";
}
else
{
$location = $lang['Forum_index'];
$location_url = "index.$phpEx$SID";
}
break;
case 'search':
$location = $lang['Searching_forums'];
$location_url = "search.$phpEx$SID";
break;
case 'profile':
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx$SID";
break;
case 'faq':
$location = $lang['Viewing_FAQ'];
$location_url = "faq.$phpEx$SID";
break;
case 'viewonline':
$location = $lang['Viewing_online'];
$location_url = "viewonline.$phpEx$SID";
break;
case 'memberslist':
$location = $lang['Viewing_member_list'];
$location_url = "memberlist.$phpEx$SID";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx$SID";
break;
}
$template->assign_block_vars("$which_row", array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'USERNAME' => $username,
'LASTUPDATE' => create_date($board_config['default_dateformat'], $row['session_time'], $board_config['board_timezone']),
'FORUM_LOCATION' => $location,
'U_USER_PROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $user_id),
'U_FORUM_LOCATION' => append_sid($location_url))
'S_ROW_COUNT' => $$which_counter,
'U_USER_PROFILE' => "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $user_id,
'U_FORUM_LOCATION' => $location_url)
);
$$which_counter++;
@ -265,24 +242,24 @@ else
$template->assign_vars(array(
'TOTAL_REGISTERED_USERS_ONLINE' => sprintf($l_r_user_s, $registered_users) . sprintf($l_h_user_s, $hidden_users),
'TOTAL_GUEST_USERS_ONLINE' => sprintf($l_g_user_s, $guest_users))
'TOTAL_GUEST_USERS_ONLINE' => sprintf($l_g_user_s, $guest_users),
'L_WHOSONLINE' => $lang['Who_is_online'],
'L_ONLINE_EXPLAIN' => $lang['Online_explain'],
'L_USERNAME' => $lang['Username'],
'L_FORUM_LOCATION' => $lang['Forum_Location'],
'L_LAST_UPDATE' => $lang['Last_updated'],
'L_NO_GUESTS_BROWSING' => $lang['No_users_browsing'],
'L_NO_REGISTERED_USERS_BROWSING' => $lang['No_users_browsing'])
);
if ( $registered_users + $hidden_users == 0 )
{
$template->assign_vars(array(
'L_NO_REGISTERED_USERS_BROWSING' => $lang['No_users_browsing'])
);
}
$page_title = $lang['Who_is_online'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if ( $guest_users == 0 )
{
$template->assign_vars(array(
'L_NO_GUESTS_BROWSING' => $lang['No_users_browsing'])
);
}
$template->pparse('body');
$template->set_filenames(array(
'body' => 'viewonline_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

817
phpBB/viewtopic.php
View File

File diff suppressed because it is too large Load Diff