mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 05:50:42 +02:00
Code Issues Releases Wiki Activity

Updates for permissions, sessions, lots of things ... note that _many_ things _do_not_work_ now ... I'm commiting them to stop people complaining about my holding on to everything :) There is _no_ update script at present for all these changes, you'll have to work out what's needed yourselves till I finish various things

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2673 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-07-14 14:45:26 +00:00
parent d03de47b51
commit 4bc4397f4a
14 changed files with 1317 additions and 1797 deletions
Download Patch File Download Diff File Expand all files Collapse all files

257
phpBB/common.php
View File

@@ -8,7 +8,6 @@
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
@@ -22,60 +21,23 @@
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
die('Hacking attempt');
}
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
// addslashes to vars if magic_quotes_gpc is off this is a security precaution
// to prevent someone trying to break out of a SQL statement.
//
function slash_input_data(&$data)
{
if ( is_array($data) )
{
while( list($k, $v) = each($data) )
{
$data[$k] = ( is_array($v) ) ? slash_input_data($v) : addslashes($v);
}
@reset($data);
}
return $data;
}
if ( !get_magic_quotes_gpc() )
{
$HTTP_GET_VARS = slash_input_data($HTTP_GET_VARS);
$HTTP_POST_VARS = slash_input_data($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = slash_input_data($HTTP_COOKIE_VARS);
}
//
// Define some basic configuration arrays this also prevents
// malicious rewriting of language and otherarray values via
// URI params
//
$board_config = array();
$userdata = array();
$theme = array();
$images = array();
$lang = array();
$gen_simple_header = FALSE;
require($phpbb_root_path . 'config.'.$phpEx);
if( !defined("PHPBB_INSTALLED") )
if ( !defined('PHPBB_INSTALLED') )
{
header("Location: install.$phpEx");
header('Location: install/install.'.$phpEx);
exit;
}
// Debug Level
define('DEBUG', 1); // Debugging on
//define('DEBUG', 0); // Debugging off
//
// Define some constants/variables
//
// User Levels <- Do not change the values of USER or ADMIN
define('ANONYMOUS', -1);
@@ -83,55 +45,39 @@ define('USER', 0);
define('ADMIN', 1);
define('MOD', 2);
// User related
define('USER_ACTIVATION_NONE', 0);
define('USER_ACTIVATION_SELF', 1);
define('USER_ACTIVATION_ADMIN', 2);
define('USER_ACTIVATION_CLOSED', 3);
define('USER_AVATAR_NONE', 0);
define('USER_AVATAR_UPLOAD', 1);
define('USER_AVATAR_REMOTE', 2);
define('USER_AVATAR_GALLERY', 3);
// Group settings
define('GROUP_OPEN', 0);
define('GROUP_CLOSED', 1);
define('GROUP_HIDDEN', 2);
// Forum state
define('FORUM_UNLOCKED', 0);
define('FORUM_LOCKED', 1);
// Topic status
define('TOPIC_UNLOCKED', 0);
define('TOPIC_LOCKED', 1);
define('TOPIC_MOVED', 2);
define('TOPIC_WATCH_NOTIFIED', 1);
define('TOPIC_WATCH_UN_NOTIFIED', 0);
// Topic types
define('POST_NORMAL', 0);
define('POST_STICKY', 1);
define('POST_ANNOUNCE', 2);
define('POST_GLOBAL_ANNOUNCE', 3);
// SQL codes
define('BEGIN_TRANSACTION', 1);
define('END_TRANSACTION', 2);
// Error codes
define('GENERAL_MESSAGE', 200);
define('GENERAL_ERROR', 202);
define('CRITICAL_MESSAGE', 203);
define('CRITICAL_ERROR', 204);
define('MESSAGE', 200);
define('ERROR', 201);
// Private messaging
define('PRIVMSGS_READ_MAIL', 0);
@@ -141,81 +87,41 @@ define('PRIVMSGS_SAVED_IN_MAIL', 3);
define('PRIVMSGS_SAVED_OUT_MAIL', 4);
define('PRIVMSGS_UNREAD_MAIL', 5);
// URL PARAMETERS
define('POST_TOPIC_URL', 't');
define('POST_CAT_URL', 'c');
define('POST_FORUM_URL', 'f');
define('POST_USERS_URL', 'u');
define('POST_POST_URL', 'p');
define('POST_GROUPS_URL', 'g');
// Session parameters
define('SESSION_METHOD_COOKIE', 100);
define('SESSION_METHOD_GET', 101);
// Page numbers for session handling
define('PAGE_INDEX', 0);
define('PAGE_LOGIN', -1);
define('PAGE_SEARCH', -2);
define('PAGE_REGISTER', -3);
define('PAGE_PROFILE', -4);
define('PAGE_VIEWONLINE', -6);
define('PAGE_VIEWMEMBERS', -7);
define('PAGE_FAQ', -8);
define('PAGE_POSTING', -9);
define('PAGE_PRIVMSGS', -10);
define('PAGE_GROUPCP', -11);
define('PAGE_TOPIC_OFFSET', 5000);
// Auth settings
define('AUTH_LIST_ALL', 0);
define('AUTH_ALL', 0);
define('AUTH_REG', 1);
define('AUTH_ACL', 2);
define('AUTH_MOD', 3);
define('AUTH_ADMIN', 5);
define('AUTH_VIEW', 1);
define('AUTH_READ', 2);
define('AUTH_POST', 3);
define('AUTH_REPLY', 4);
define('AUTH_EDIT', 5);
define('AUTH_DELETE', 6);
define('AUTH_ANNOUNCE', 7);
define('AUTH_STICKY', 8);
define('AUTH_POLLCREATE', 9);
define('AUTH_VOTE', 10);
define('AUTH_ATTACH', 11);
// Table names
define('AUTH_ACCESS_TABLE', $table_prefix.'auth_access');
define('ACL_GROUPS_TABLE', $table_prefix.'auth_groups');
define('ACL_OPTIONS_TABLE', $table_prefix.'auth_options');
define('ACL_PREFETCH_TABLE', $table_prefix.'auth_prefetch');
define('ACL_USERS_TABLE', $table_prefix.'auth_users');
define('BANLIST_TABLE', $table_prefix.'banlist');
define('CATEGORIES_TABLE', $table_prefix.'categories');
define('CATEGORIES_TABLE', $table_prefix.'categories'); //
define('CONFIG_TABLE', $table_prefix.'config');
define('DISALLOW_TABLE', $table_prefix.'disallow');
define('DISALLOW_TABLE', $table_prefix.'disallow'); //
define('FORUMS_TABLE', $table_prefix.'forums');
define('FORUMS_WATCH_TABLE', $table_prefix.'forums_watch');
define('GROUPS_TABLE', $table_prefix.'groups');
define('ICONS_TABLE', $table_prefix.'icons');
define('LOG_ADMIN_TABLE', $table_prefix.'log_admin');
define('LOG_MOD_TABLE', $table_prefix.'log_moderators');
define('POSTS_TABLE', $table_prefix.'posts');
define('POSTS_TEXT_TABLE', $table_prefix.'posts_text');
define('PRIVMSGS_TABLE', $table_prefix.'privmsgs');
define('PRIVMSGS_TEXT_TABLE', $table_prefix.'privmsgs_text');
define('PRIVMSGS_IGNORE_TABLE', $table_prefix.'privmsgs_ignore');
define('PRUNE_TABLE', $table_prefix.'forum_prune');
define('RANKS_TABLE', $table_prefix.'ranks');
define('SEARCH_TABLE', $table_prefix.'search_results');
define('SEARCH_WORD_TABLE', $table_prefix.'search_wordlist');
define('SEARCH_MATCH_TABLE', $table_prefix.'search_wordmatch');
define('SESSIONS_TABLE', $table_prefix.'sessions');
define('SMILIES_TABLE', $table_prefix.'smilies');
define('THEMES_TABLE', $table_prefix.'themes');
define('THEMES_NAME_TABLE', $table_prefix.'themes_name');
define('STYLES_TABLE', $table_prefix.'styles');
define('STYLES_TPL_TABLE', $table_prefix.'styles_template');
define('STYLES_CSS_TABLE', $table_prefix.'styles_theme');
define('STYLES_IMAGE_TABLE', $table_prefix.'styles_imageset');
define('TOPICS_TABLE', $table_prefix.'topics');
define('TOPICS_RATINGS_TABLE', $table_prefix.'topics_rating');
define('TOPICS_WATCH_TABLE', $table_prefix.'topics_watch');
define('USER_GROUP_TABLE', $table_prefix.'user_group');
define('USERS_TABLE', $table_prefix.'users');
@@ -224,81 +130,41 @@ define('VOTE_DESC_TABLE', $table_prefix.'vote_desc');
define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');
include($phpbb_root_path . 'includes/template.'.$phpEx);
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
include($phpbb_root_path . 'includes/auth.'.$phpEx);
include($phpbb_root_path . 'includes/functions.'.$phpEx);
switch($dbms)
if ( !get_magic_quotes_gpc() )
{
case 'mysql':
include($phpbb_root_path . 'db/mysql.'.$phpEx);
break;
case 'mysql4':
include($phpbb_root_path . 'db/mysql4.'.$phpEx);
break;
case 'postgres':
include($phpbb_root_path . 'db/postgres7.'.$phpEx);
break;
case 'mssql':
include($phpbb_root_path . 'db/mssql.'.$phpEx);
break;
case 'oracle':
include($phpbb_root_path . 'db/oracle.'.$phpEx);
break;
case 'msaccess':
include($phpbb_root_path . 'db/msaccess.'.$phpEx);
break;
case 'mssql-odbc':
include($phpbb_root_path . 'db/mssql-odbc.'.$phpEx);
break;
$HTTP_GET_VARS = slash_input_data($HTTP_GET_VARS);
$HTTP_POST_VARS = slash_input_data($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = slash_input_data($HTTP_COOKIE_VARS);
}
// Make the database connection.
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
if ( !$db->db_connect_id )
{
message_die(CRITICAL_ERROR, "Could not connect to the database");
}
$board_config = array();
$userdata = array();
$theme = array();
$images = array();
$lang = array();
//
// Mozilla navigation bar
// Default items that should be valid on all pages.
// Defined here and not in page_header.php so they can be redefined in the code
// Include files
//
$nav_links['top'] = array (
'url' => append_sid($phpbb_root_dir."index.".$phpEx),
'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
);
$nav_links['search'] = array (
'url' => append_sid($phpbb_root_dir."search.".$phpEx),
'title' => $lang['Search']
);
$nav_links['help'] = array (
'url' => append_sid($phpbb_root_dir."faq.".$phpEx),
'title' => $lang['FAQ']
);
$nav_links['author'] = array (
'url' => append_sid($phpbb_root_dir."memberlist.".$phpEx),
'title' => $lang['Memberlist']
);
require($phpbb_root_path . 'includes/template.'.$phpEx);
require($phpbb_root_path . 'includes/session.'.$phpEx);
require($phpbb_root_path . 'includes/functions.'.$phpEx);
require($phpbb_root_path . 'db/' . $dbms . '.'.$phpEx);
$session = new session();
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false);
//
// Obtain and encode users IP
// Obtain users IP, not encoded in 2.2
//
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
if ( $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] != '' || $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'] != '' )
{
$user_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$x_ip = ( !empty($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']) ) ? $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] : $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'];
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
if ( preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/', $x_ip, $ip_list) )
{
$private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
$private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/');
$user_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
@@ -308,18 +174,14 @@ else
}
//
// Setup forum wide options, if this fails
// then we output a CRITICAL_ERROR since
// Setup forum wide options, if this fails we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not query config information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
while($row = $db->sql_fetchrow($result))
while ( $row = $db->sql_fetchrow($result) )
{
$board_config[$row['config_name']] = $row['config_value'];
}
@@ -329,7 +191,26 @@ while($row = $db->sql_fetchrow($result))
//
if ( $board_config['board_disable'] && !defined('IN_ADMIN') && !defined('IN_LOGIN') )
{
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
$message = ( !empty($board_config['board_disable_msg']) ) ? $board_config['board_disable_msg'] : 'Board_disable';
message_die(MESSAGE, $message, 'Information');
}
//
// addslashes to vars if magic_quotes_gpc is off this is a security precaution
// to prevent someone trying to break out of a SQL statement.
//
function slash_input_data(&$data)
{
if ( is_array($data) )
{
while ( list($k, $v) = each($data) )
{
$data[$k] = ( is_array($v) ) ? slash_input_data($v) : addslashes($v);
}
@reset($data);
}
return $data;
}
?>