" . ANONYMOUS;
break;
case 'newestuser':
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY user_id DESC
LIMIT 1";
break;
case 'postcount':
case 'topiccount':
$sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total
FROM " . FORUMS_TABLE;
break;
}
if ( !($result = $db->sql_query($sql)) )
{
return 'ERROR';
}
$row = $db->sql_fetchrow($result);
switch ( $mode )
{
case 'usercount':
return $row['total'];
break;
case 'newestuser':
return $row;
break;
case 'postcount':
return $row['post_total'];
break;
case 'topiccount':
return $row['topic_total'];
break;
}
return 'ERROR';
}
function get_userdata($user)
{
global $db;
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE ";
$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Tried obtaining data for a non-existent user", "", __LINE__, __FILE__, $sql);
}
return ( $row = $db->sql_fetchrow($result) ) ? $row : false;
}
function make_jumpbox($match_forum_id = 0)
{
global $lang, $db, $SID, $nav_links, $phpEx;
$sql = "SELECT c.cat_id, c.cat_title, c.cat_order
FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
WHERE f.cat_id = c.cat_id
GROUP BY c.cat_id, c.cat_title, c.cat_order
ORDER BY c.cat_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain category list.", "", __LINE__, __FILE__, $sql);
}
$category_rows = array();
while ( $row = $db->sql_fetchrow($result) )
{
$category_rows[] = $row;
}
if ( $total_categories = count($category_rows) )
{
$sql = "SELECT *
FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forums information.", "", __LINE__, __FILE__, $sql);
}
$boxstring = '' . $lang['Select_forum'] . ' ';
$forum_rows = array();
while ( $row = $db->sql_fetchrow($result) )
{
$forum_rows[] = $row;
}
if ( $total_forums = count($forum_rows) )
{
for($i = 0; $i < $total_categories; $i++)
{
$boxstring_forums = "";
for($j = 0; $j < $total_forums; $j++)
{
if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG )
{
$selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : '';
$boxstring_forums .= '' . $forum_rows[$j]['forum_name'] . ' ';
//
// Add an array to $nav_links for the Mozilla navigation bar.
// 'chapter' and 'forum' can create multiple items, therefore we are using a nested array.
//
$nav_links['chapter forum'][$forum_rows[$j]['forum_id']] = array (
'url' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id']),
'title' => $forum_rows[$j]['forum_name']
);
}
}
if ( $boxstring_forums != "" )
{
$boxstring .= ' ';
$boxstring .= '' . $category_rows[$i]['cat_title'] . ' ';
$boxstring .= '---------------- ';
$boxstring .= $boxstring_forums;
}
}
}
$boxstring .= '' . $row['forum_name'] . ' ';
}
}
$forum_list = ( $forum_list == "" ) ? '-- ! No Forums ! -- ' : '' . $forum_list . ' ';
return $forum_list;
}
//
// Initialise user settings on page load
function init_userprefs($userdata)
{
global $board_config, $theme, $images;
global $template, $lang, $phpEx, $phpbb_root_path;
if ( $userdata['user_id'] != ANONYMOUS )
{
if ( !empty($userdata['user_lang']))
{
$board_config['default_lang'] = $userdata['user_lang'];
}
if ( !empty($userdata['user_dateformat']) )
{
$board_config['default_dateformat'] = $userdata['user_dateformat'];
}
if ( !empty($userdata['user_timezone']) )
{
$board_config['board_timezone'] = $userdata['user_timezone'];
}
}
if ( !file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_main.".$phpEx) )
{
$board_config['default_lang'] = "english";
}
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
if ( defined("IN_ADMIN") )
{
if( !file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_admin.".$phpEx) )
{
$board_config['default_lang'] = "english";
}
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx);
}
//
// Set up style
//
if ( !$board_config['override_user_style'] )
{
if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_style'] > 0 )
{
if ( $theme = setup_style($userdata['user_style']) )
{
return;
}
}
}
$theme = setup_style($board_config['default_style']);
return;
}
function setup_style($style)
{
global $db, $board_config, $template, $images, $phpbb_root_path;
$sql = "SELECT *
FROM " . THEMES_TABLE . "
WHERE themes_id = $style";
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, "Couldn't query database for theme info.");
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(CRITICAL_ERROR, "Couldn't get theme data for themes_id=$style.");
}
$template_path = 'templates/' ;
$template_name = $row['template_name'] ;
$template = new Template($phpbb_root_path . $template_path . $template_name, $board_config, $db);
if ( $template )
{
$current_template_path = $template_path . $template_name;
@include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg');
if ( !defined("TEMPLATE_CONFIG") )
{
message_die(CRITICAL_ERROR, "Couldn't open $template_name template config file");
}
$img_lang = ( file_exists($current_template_path . '/images/lang_' . $board_config['default_lang']) ) ? $board_config['default_lang'] : 'english';
while( list($key, $value) = @each($images) )
{
$images[$key] = str_replace("{LANG}", 'lang_' . $img_lang, $value);
}
}
return $row;
}
function encode_ip($dotquad_ip)
{
$ip_sep = explode(".", $dotquad_ip);
return sprintf("%02x%02x%02x%02x", $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
function decode_ip($int_ip)
{
$hexipbang = explode(".",chunk_split($int_ip, 2, "."));
return hexdec($hexipbang[0]).".".hexdec($hexipbang[1]).".".hexdec($hexipbang[2]).".".hexdec($hexipbang[3]);
}
//
// Create date/time from format and timezone
//
function create_date($format, $gmepoch, $tz)
{
return @gmdate($format, $gmepoch + (3600 * $tz));
}
//
// Pagination routine, generates
// page number sequence
//
function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE)
{
global $lang;
$total_pages = ceil($num_items/$per_page);
if ( $total_pages == 1 )
{
return "";
}
$on_page = floor($start_item / $per_page) + 1;
$page_string = "";
if ( $total_pages > 10 )
{
$init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages;
for($i = 1; $i < $init_page_max + 1; $i++)
{
$page_string .= ( $i == $on_page ) ? '' . $i . ' ' : '' . $i . ' ';
if ( $i < $init_page_max )
{
$page_string .= ", ";
}
}
if ( $total_pages > 3 )
{
if ( $on_page > 1 && $on_page < $total_pages )
{
$page_string .= ( $on_page > 5 ) ? ' ... ' : ', ';
$init_page_min = ( $on_page > 4 ) ? $on_page : 5;
$init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4;
for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++)
{
$page_string .= ($i == $on_page) ? '' . $i . ' ' : '' . $i . ' ';
if ( $i < $init_page_max + 1 )
{
$page_string .= ', ';
}
}
$page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', ';
}
else
{
$page_string .= ' ... ';
}
for($i = $total_pages - 2; $i < $total_pages + 1; $i++)
{
$page_string .= ( $i == $on_page ) ? '' . $i . ' ' : '' . $i . ' ';
if( $i < $total_pages )
{
$page_string .= ", ";
}
}
}
}
else
{
for($i = 1; $i < $total_pages + 1; $i++)
{
$page_string .= ( $i == $on_page ) ? '' . $i . ' ' : '' . $i . ' ';
if ( $i < $total_pages )
{
$page_string .= ', ';
}
}
}
if ( $add_prevnext_text )
{
if ( $on_page > 1 )
{
$page_string = ' ' . $lang['Previous'] . ' ' . $page_string;
}
if ( $on_page < $total_pages )
{
$page_string .= ' ' . $lang['Next'] . ' ';
}
}
$page_string = $lang['Goto_page'] . ' ' . $page_string;
return $page_string;
}
//
// Check to see if the username has been taken, or if it is disallowed.
// Also checks if it includes the " character, which we don't allow in usernames.
// Used for registering, changing names, and posting anonymously with a username
//
function validate_username($username)
{
global $db, $lang, $userdata;
$username = str_replace("\'", "''", $username);
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
if ( $result = $db->sql_query($sql) )
{
if ( $row = $db->sql_fetchrow($result) )
{
return ( $userdata['session_logged_in'] ) ? ( ( $row['username'] != $userdata['username'] ) ? array('error' => true, 'error_msg' => $lang['Username_taken']) : array('error' => false, 'error_msg' => '') ) : array('error' => true, 'error_msg' => $lang['Username_taken']);
}
}
$sql = "SELECT group_name
FROM " . GROUPS_TABLE . "
WHERE LOWER(group_name) = '" . strtolower($username) . "'";
if ( $result = $db->sql_query($sql) )
{
if ( $row = $db->sql_fetchrow($result) )
{
return array('error' => true, 'error_msg' => $lang['Username_taken']);
}
}
$sql = "SELECT disallow_username
FROM " . DISALLOW_TABLE . "
WHERE disallow_username LIKE '$username'";
if ( $result = $db->sql_query($sql) )
{
if ( $db->sql_fetchrow($result) )
{
return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
}
}
$sql = "SELECT word
FROM " . WORDS_TABLE;
if ( $result = $db->sql_query($sql) )
{
while( $row = $db->sql_fetchrow($result) )
{
if ( preg_match("/\b(" . str_replace("\*", "\w*?", preg_quote($row['word'])) . ")\b/i", $username) )
{
return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
}
}
}
// Don't allow " in username.
if ( strstr($username, '"') )
{
return array('error' => true, 'error_msg' => $lang['Username_invalid']);
}
return array('error' => false, 'error_msg' => '');
}
//
// Synchronise functions for forums/topics
//
function sync($type, $id)
{
global $db;
switch($type)
{
case 'all forums':
$sql = "SELECT forum_id
FROM " . FORUMS_TABLE;
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get forum IDs", "Error", __LINE__, __FILE__, $sql);
}
while( $row = $db->sql_fetchrow($result) )
{
sync("forum", $row['forum_id']);
}
break;
case 'all topics':
$sql = "SELECT topic_id
FROM " . TOPICS_TABLE;
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get topic ID's", "Error", __LINE__, __FILE__, $sql);
}
while( $row = $db->sql_fetchrow($result) )
{
sync("topic", $row['topic_id']);
}
break;
case 'forum':
$sql = "SELECT MAX(post_id) AS last_post, COUNT(post_id) AS total
FROM " . POSTS_TABLE . "
WHERE forum_id = $id";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get post ID", "Error", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$last_post = ($row['last_post']) ? $row['last_post'] : 0;
$total_posts = ($row['total']) ? $row['total'] : 0;
}
else
{
$last_post = 0;
$total_posts = 0;
}
$sql = "SELECT COUNT(topic_id) AS total
FROM " . TOPICS_TABLE . "
WHERE forum_id = $id
AND topic_status <> " . TOPIC_MOVED;
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get topic count", "Error", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$total_topics = ($row['total']) ? $row['total'] : 0;
}
else
{
$total_topics = 0;
}
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_last_post_id = $last_post, forum_posts = $total_posts, forum_topics = $total_topics
WHERE forum_id = $id";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not update forum $id", "Error", __LINE__, __FILE__, $sql);
}
break;
case 'topic':
$sql = "SELECT MAX(post_id) AS last_post, MIN(post_id) AS first_post, COUNT(post_id) AS total_posts
FROM " . POSTS_TABLE . "
WHERE topic_id = $id";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get post ID", "Error", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . "
WHERE topic_id = $id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Could not update topic $id", "Error", __LINE__, __FILE__, $sql);
}
}
break;
}
return true;
}
//
// Pick a language, any language ...
//
function language_select($default, $select_name = "language", $dirname="language")
{
global $phpEx;
$dir = opendir($dirname);
$lang = array();
while ( $file = readdir($dir) )
{
if ( ereg("^lang_", $file) && !is_file($dirname . "/" . $file) && !is_link($dirname . "/" . $file) )
{
$filename = trim(str_replace("lang_", "", $file));
$displayname = preg_replace("/^(.*?)_(.*)$/", "\\1 [ \\2 ]", $filename);
$displayname = preg_replace("/\[(.*?)_(.*)\]/", "[ \\1 - \\2 ]", $displayname);
$lang[$displayname] = $filename;
}
}
closedir($dir);
@asort($lang);
@reset($lang);
$lang_select = '';
while ( list($displayname, $filename) = @each($lang) )
{
$selected = ( strtolower($default) == strtolower($filename) ) ? ' selected="selected"' : '';
$lang_select .= '' . ucwords($displayname) . ' ';
}
$lang_select .= ' ';
return $lang_select;
}
//
// Pick a template/theme combo,
//
function style_select($default_style, $select_name = "style", $dirname = "templates")
{
global $db;
$sql = "SELECT themes_id, style_name
FROM " . THEMES_TABLE . "
ORDER BY template_name, themes_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't query themes table", "", __LINE__, __FILE__, $sql);
}
$style_select = '';
while ( $row = $db->sql_fetchrow($result) )
{
$selected = ( $row['themes_id'] == $default_style ) ? ' selected="selected"' : '';
$style_select .= '' . $row['style_name'] . ' ';
}
$style_select .= " ";
return $style_select;
}
//
// Pick a timezone
//
function tz_select($default, $select_name = 'timezone')
{
global $sys_timezone, $lang;
if ( !isset($default) )
{
$default == $sys_timezone;
}
$tz_select = '';
while( list($offset, $zone) = @each($lang['tz']) )
{
$selected = ( $offset == $default ) ? ' selected="selected"' : '';
$tz_select .= '' . $zone . ' ';
}
$tz_select .= ' ';
return $tz_select;
}
//
// Obtain list of naughty words and build preg style replacement arrays for use by the
// calling script, note that the vars are passed as references this just makes it easier
// to return both sets of arrays
//
function obtain_word_list(&$orig_word, &$replacement_word)
{
global $db;
//
// Define censored word matches
//
$sql = "SELECT word, replacement
FROM " . WORDS_TABLE;
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't get censored words from database.", "", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$orig_word[] = "#\b(" . str_replace("\*", "\w*?", preg_quote($row['word'])) . ")\b#is";
$replacement_word[] = $row['replacement'];
}
while ( $row = $db->sql_fetchrow($result) );
}
return true;
}
//
// This function gets called to output any message or error
// that doesn't require additional output from the calling
// page.
//
// $msg_code takes one of four constant values:
//
// GENERAL_MESSAGE -> Use for any simple text message, eg.
// results of an operation, authorisation failures, etc.
//
// GENERAL ERROR -> Use for any error which occurs _AFTER_
// the common.php include and session code, ie. most errors
// in pages/functions
//
// CRITICAL_MESSAGE -> Only currently used to announce a user
// has been banned, can be used where session results cannot
// be relied upon to exist but we can and do assume that basic
// board configuration data is available
//
// CRITICAL_ERROR -> Used whenever a DB connection cannot be
// guaranteed and/or we've been unable to obtain basic board
// configuration data. Shouldn't be used in general
// pages/functions (it results in a simple echo'd statement,
// no templates are used)
//
function message_die($msg_code, $msg_text = "", $msg_title = "", $err_line = "", $err_file = "", $sql = "")
{
global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links;
global $userdata, $user_ip, $session_length;
global $starttime;
$sql_store = $sql;
//
// Get SQL error if we are debugging. Do this as soon as possible to prevent
// subsequent queries from overwriting the status of sql_error()
//
if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
{
$sql_error = $db->sql_error();
$debug_text = "";
if ( $sql_error['message'] != "" )
{
$debug_text .= "" . $lang['Critical_Error'] . " ";
}
break;
}
//
// Add on DEBUG info if we've enabled debug mode and this is an error. This
// prevents debug info being output for general messages should DEBUG be
// set TRUE by accident (preventing confusion for the end user!)
//
if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
{
if ( $debug_text != "" )
{
$msg_text = $msg_text . "DEBUG MODE