$v) { if (is_array($v)) { foreach ($v as $_k => $_v) { set_var($var[$k][$_k], $_v, $type); } } else { set_var($var[$k], $v, $type); } } } else { set_var($var, $var, $type); } return $var; } } function set_config($config_name, $config_value, $is_dynamic = FALSE) { global $db, $cache, $config; $sql = 'UPDATE ' . CONFIG_TABLE . " SET config_value = '" . $db->sql_escape($config_value) . "' WHERE config_name = '$config_name'"; $db->sql_query($sql); if (!$db->sql_affectedrows() && !isset($config[$config_name])) { $sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value) VALUES ('$config_name', '" . $db->sql_escape($config_value) . "')"; $db->sql_query($sql); } $config[$config_name] = $config_value; if (!$is_dynamic) { $cache->destroy('config'); } } function get_userdata($user) { global $db; $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE '; $sql .= ((is_integer($user)) ? "user_id = $user" : "username = '" . $db->sql_escape($user) . "'") . " AND user_id <> " . ANONYMOUS; $result = $db->sql_query($sql); return ($row = $db->sql_fetchrow($result)) ? $row : false; } // Create forum navigation links for given forum, create parent // list if currently null, assign basic forum info to template function generate_forum_nav(&$forum_data) { global $db, $user, $template, $phpEx, $SID; // Get forum parents $forum_parents = get_forum_parents($forum_data); // Build navigation links foreach ($forum_parents as $parent_forum_id => $parent_name) { $template->assign_block_vars('navlinks', array( 'FORUM_NAME' => $parent_name, 'U_VIEW_FORUM' => "viewforum.$phpEx$SID&f=$parent_forum_id") ); } $template->assign_block_vars('navlinks', array( 'FORUM_NAME' => $forum_data['forum_name'], 'U_VIEW_FORUM' => "viewforum.$phpEx$SID&f=" . $forum_data['forum_id']) ); $template->assign_vars(array( 'FORUM_ID' => $forum_data['forum_id'], 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_DESC' => strip_tags($forum_data['forum_desc'])) ); return; } // Returns forum parents as an array. Get them from forum_data if available, or update the database otherwise function get_forum_parents(&$forum_data) { global $db; $forum_parents = array(); if ($forum_data['parent_id'] > 0) { if ($forum_data['forum_parents'] == '') { $sql = 'SELECT forum_id, forum_name FROM ' . FORUMS_TABLE . ' WHERE left_id < ' . $forum_data['left_id'] . ' AND right_id > ' . $forum_data['right_id'] . ' ORDER BY left_id ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $forum_parents[$row['forum_id']] = $row['forum_name']; } $db->sql_freeresult($result); $forum_data['forum_parents'] = serialize($forum_parents); $sql = 'UPDATE ' . FORUMS_TABLE . " SET forum_parents = '" . $db->sql_escape($forum_data['forum_parents']) . "' WHERE parent_id = " . $forum_data['parent_id']; $db->sql_query($sql); } else { $forum_parents = unserialize($forum_data['forum_parents']); } } return $forum_parents; } // Obtain list of moderators of each forum function get_moderators(&$forum_moderators, $forum_id = false) { global $config, $template, $db, $phpEx, $SID; // Have we disabled the display of moderators? If so, then return // from whence we came ... if (empty($config['load_moderators'])) { return; } if (!empty($forum_id) && is_array($forum_id)) { $forum_sql = 'AND forum_id IN (' . implode(', ', $forum_id) . ')'; } else { $forum_sql = ($forum_id) ? 'AND forum_id = ' . $forum_id : ''; } $sql = 'SELECT * FROM ' . MODERATOR_TABLE . " WHERE display_on_index = 1 $forum_sql"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '' . $row['username'] . '' : '' . $row['groupname'] . ''; } $db->sql_freeresult($result); return; } // User authorisation levels output function gen_forum_rules($mode, &$forum_id) { global $SID, $template, $auth, $user; $rules = array('post', 'reply', 'edit', 'delete', 'attach'); foreach ($rules as $rule) { $template->assign_block_vars('rules', array( 'RULE' => ($auth->acl_get('f_' . $rule, intval($forum_id))) ? $user->lang['RULES_' . strtoupper($rule) . '_CAN'] : $user->lang['RULES_' . strtoupper($rule) . '_CANNOT']) ); } return; } function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key, &$sort_dir, &$s_limit_days, &$s_sort_key, &$s_sort_dir, &$u_sort_param) { global $user; $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); $s_limit_days = ''; $s_sort_key = ''; $s_sort_dir = ''; $u_sort_param = "st=$sort_days&sk=$sort_key&sd=$sort_dir"; return; } function make_jumpbox($action, $forum_id = false, $select_all = false) { global $config, $auth, $template, $user, $db, $phpEx, $SID; if (!$config['load_jumpbox']) { return; } $boxstring = ''; $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id FROM ' . FORUMS_TABLE . ' ORDER BY left_id ASC'; $result = $db->sql_query($sql); $right = $cat_right = $padding_inc = 0; $padding = $forum_list = $holding = ''; $padding_store = array('0' => ''); while ($row = $db->sql_fetchrow($result)) { if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) { // Non-postable forum with no subforums, don't display continue; } if (!$auth->acl_get('f_list', $row['forum_id'])) { // if the user does not have permissions to list this forum skip continue; } if ($row['left_id'] < $right) { $padding .= '   '; $padding_store[$row['parent_id']] = $padding; } else if ($row['left_id'] > $right + 1) { $padding = $padding_store[$row['parent_id']]; } $right = $row['right_id']; $selected = ($row['forum_id'] == $forum_id) ? ' selected="selected"' : ''; if ($row['left_id'] > $cat_right) { $holding = ''; } if ($row['right_id'] - $row['left_id'] > 1) { $cat_right = max($cat_right, $row['right_id']); $holding .= ''; } else { $boxstring .= $holding . ''; $holding = ''; } } $db->sql_freeresult($result); unset($padding_store); if ($boxstring) { $boxstring = (($select_all) ? '' . $boxstring; } $template->assign_vars(array( 'S_JUMPBOX_OPTIONS' => $boxstring, 'S_JUMPBOX_ACTION' => $action) ); return; } // Pick a language, any language ... function language_select($default = '') { global $db; $sql = 'SELECT lang_iso, lang_local_name FROM ' . LANG_TABLE . ' ORDER BY lang_english_name'; $result = $db->sql_query($sql); $lang_options = ''; while ($row = $db->sql_fetchrow($result)) { $selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : ''; $lang_options .= ''; } $db->sql_freeresult($result); return $lang_options; } // Pick a template/theme combo, function style_select($default = '', $all = false) { global $db; $sql_where = (!$all) ? 'WHERE style_active = 1 ' : ''; $sql = 'SELECT style_id, style_name FROM ' . STYLES_TABLE . " $sql_where ORDER BY style_name"; $result = $db->sql_query($sql); $style_options = ''; while ($row = $db->sql_fetchrow($result)) { $selected = ($row['style_id'] == $default) ? ' selected="selected"' : ''; $style_options .= ''; } $db->sql_freeresult($result); return $style_options; } // Pick a timezone function tz_select($default = '') { global $sys_timezone, $user; foreach ($user->lang['tz'] as $offset => $zone) { if (is_numeric($offset)) { $selected = ($offset == $default) ? ' selected="selected"' : ''; $tz_select .= ''; } } return $tz_select; } // Topic and forum watching common code function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $match_id, $notify_status = 'unset') { global $template, $db, $user, $phpEx, $SID, $start; $table_sql = ($mode == 'forum') ? FORUMS_WATCH_TABLE : TOPICS_WATCH_TABLE; $where_sql = ($mode == 'forum') ? 'forum_id' : 'topic_id'; $u_url = ($mode == 'forum') ? 'f' : 't'; // Is user watching this thread? if ($user_id != ANONYMOUS) { $can_watch = TRUE; if ($notify_status == 'unset') { $sql = "SELECT notify_status FROM $table_sql WHERE $where_sql = $match_id AND user_id = $user_id"; $result = $db->sql_query($sql); $notify_status = ($row = $db->sql_fetchrow($result)) ? $row['notify_status'] : NULL; $db->sql_freeresult($result); } if (!is_null($notify_status)) { if (isset($_GET['unwatch'])) { if ($_GET['unwatch'] == $mode) { $is_watching = 0; $sql = 'DELETE FROM ' . $table_sql . " WHERE $where_sql = $match_id AND user_id = $user_id"; $db->sql_query($sql); } meta_refresh(3, "view$mode.$phpEx$SID&$u_url=$match_id&start=$start"); $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '

' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '', ''); trigger_error($message); } else { $is_watching = TRUE; if ($notify_status) { $sql = 'UPDATE ' . $table_sql . " SET notify_status = 0 WHERE $where_sql = $match_id AND user_id = $user_id"; $db->sql_query($sql); } } } else { if (isset($_GET['watch'])) { if ($_GET['watch'] == $mode) { $is_watching = TRUE; $sql = 'INSERT INTO ' . $table_sql . " (user_id, $where_sql, notify_status) VALUES ($user_id, $match_id, 0)"; $db->sql_query($sql); } meta_refresh(3, "view$mode.$phpEx$SID&$u_url=$match_id&start=$start"); $message = $user->lang['ARE_WATCHING_' . strtoupper($mode)] . '

' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '', ''); trigger_error($message); } else { $is_watching = 0; } } } else { if (isset($_GET['unwatch'])) { if ($_GET['unwatch'] == $mode) { login_box(preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($_SERVER['REQUEST_URI']))); } } else { $can_watch = 0; $is_watching = 0; } } if ($can_watch) { $s_watching = ($is_watching) ? "" . $user->lang['STOP_WATCHING_' . strtoupper($mode)] . '' : "" . $user->lang['START_WATCHING_' . strtoupper($mode)] . ''; } return; } // Marks a topic or form as read function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false) { global $config, $db, $user; if ($user->data['user_id'] == ANONYMOUS) { return; } // Default tracking type $type = TRACK_NORMAL; $current_time = ($marktime) ? $marktime : time(); switch ($mode) { case 'mark': if ($config['load_db_lastread']) { $sql_where = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : " = $forum_id"; $sql = 'SELECT forum_id FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . " AND forum_id $sql_where"; $result = $db->sql_query($sql); $sql_update = array(); if ($row = $db->sql_fetchrow($result)) { $sql_update[] = $row['forum_id']; } $db->sql_freeresult($result); if (sizeof($sql_update)) { $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . " SET mark_time = $current_time WHERE user_id = " . $user->data['user_id'] . ' AND forum_id IN (' . implode(', ', $sql_update) . ')'; $db->sql_query($sql); } if ($sql_insert = array_diff($forum_id, $sql_update)) { foreach ($sql_insert as $forum_id) { $sql = ''; switch (SQL_LAYER) { case 'mysql': case 'mysql4': $sql .= (($sql != '') ? ', ' : '') . '(' . $user->data['user_id'] . ", $forum_id, $current_time)"; $sql = 'VALUES ' . $sql; break; case 'mssql': case 'sqlite': $sql .= (($sql != '') ? ' UNION ALL ' : '') . ' SELECT ' . $user->data['user_id'] . ", $forum_id, $current_time"; break; default: $sql = 'INSERT INTO ' . FORUMS_TRACK_TABLE . ' (user_id, forum_id, mark_time) VALUES (' . $user->data['user_id'] . ", $forum_id, $current_time)"; $db->sql_query($sql); $sql = ''; } if ($sql) { $sql = 'INSERT INTO ' . FORUMS_TRACK_TABLE . " (user_id, forum_id, mark_time) $sql"; $db->sql_query($sql); } } } unset($sql_update); unset($sql_insert); } else { $tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_track'])) : array(); $forum_id_ary = (!is_array($forum_id)) ? array($forum_id) : $forum_id; foreach ($forum_id_ary as $forum_id) { unset($tracking[$forum_id]); $tracking[$forum_id][0] = base_convert($current_time - $config['board_startdate'], 10, 36); } setcookie($config['cookie_name'] . '_track', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); unset($tracking); } break; case 'post': // Mark a topic as read and mark it as a topic where the user has made a post. $type = TRACK_POSTED; case 'topic': // Mark a topic as read if ($config['load_db_lastread'] || ($config['load_db_track'] && $type == TRACK_POSTED)) { $sql = 'UPDATE ' . TOPICS_TRACK_TABLE . " SET mark_type = $type, mark_time = $current_time WHERE topic_id = $topic_id AND user_id = " . $user->data['user_id'] . " AND mark_time < $current_time"; if (!$db->sql_query($sql) || !$db->sql_affectedrows()) { $db->sql_return_on_error(true); $sql = 'INSERT INTO ' . TOPICS_TRACK_TABLE . ' (user_id, topic_id, mark_type, mark_time) VALUES (' . $user->data['user_id'] . ", $topic_id, $type, $current_time)"; $db->sql_query($sql); $db->sql_return_on_error(false); } } if (!$config['load_db_lastread']) { $tracking = array(); if (isset($_COOKIE[$config['cookie_name'] . '_track'])) { $tracking = unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_track'])); // If the cookie grows larger than 3000 characters we will remove // the smallest value if (strlen($_COOKIE[$config['cookie_name'] . '_track']) > 2000) { foreach ($tracking as $f => $t_ary) { if (!isset($m_value) || min($t_ary) < $m_value) { $m_value = min($t_ary); $m_tkey = array_search($m_value, $t_ary); $m_fkey = $f; } } unset($tracking[$m_fkey][$m_tkey]); } } if (base_convert($tracking[$forum_id][0], 36, 10) < $current_time) { $tracking[$forum_id][base_convert($topic_id, 10, 36)] = base_convert($current_time - $config['board_startdate'], 10, 36); setcookie($config['cookie_name'] . '_track', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); } unset($tracking); } break; } } // Pagination routine, generates page number sequence function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE) { global $template, $user; $total_pages = ceil($num_items/$per_page); if ($total_pages == 1 || !$num_items) { return false; } $on_page = floor($start_item / $per_page) + 1; $page_string = ($on_page == 1) ? '1' : '' . $user->lang['PREVIOUS'] . '  1'; if ($total_pages > 5) { $start_cnt = min(max(1, $on_page - 4), $total_pages - 5); $end_cnt = max(min($total_pages, $on_page + 4), 6); $page_string .= ($start_cnt > 1) ? ' ... ' : ', '; for($i = $start_cnt + 1; $i < $end_cnt; $i++) { $page_string .= ($i == $on_page) ? '' . $i . '' : '' . $i . ''; if ($i < $end_cnt - 1) { $page_string .= ', '; } } $page_string .= ($end_cnt < $total_pages) ? ' ... ' : ', '; } else { $page_string .= ', '; for($i = 2; $i < $total_pages; $i++) { $page_string .= ($i == $on_page) ? '' . $i . '' : '' . $i . ''; if ($i < $total_pages) { $page_string .= ', '; } } } $page_string .= ($on_page == $total_pages) ? '' . $total_pages . '' : '' . $total_pages . '  ' . $user->lang['NEXT'] . ''; // $page_string = $user->lang['GOTO_PAGE'] . ' ' . $page_string; $page_string = '' . $user->lang['GOTO_PAGE'] . ' ' . $page_string; $template->assign_var('BASE_URL', $base_url); $template->assign_var('PER_PAGE', $per_page); return $page_string; } function on_page($num_items, $per_page, $start) { global $template, $user; $on_page = floor($start / $per_page) + 1; $template->assign_var('ON_PAGE', $on_page); return sprintf($user->lang['PAGE_OF'], $on_page, max(ceil($num_items / $per_page), 1)); } // Obtain list of naughty words and build preg style replacement arrays for use by the // calling script, note that the vars are passed as references this just makes it easier // to return both sets of arrays function obtain_word_list(&$censors) { global $db, $cache, $user; if (!$user->optionget('viewcensors') && $config['allow_nocensors']) { return; } if ($cache->exists('word_censors')) { $censors = $cache->get('word_censors'); } else { $sql = 'SELECT word, replacement FROM ' . WORDS_TABLE; $result = $db->sql_query($sql); $censors = array(); while ($row = $db->sql_fetchrow($result)) { $censors['match'][] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i'; $censors['replace'][] = $row['replacement']; } $db->sql_freeresult($result); $cache->put('word_censors', $censors); } return true; } // Obtain currently listed icons, re-caching if necessary function obtain_icons(&$icons) { global $db, $cache; if ($cache->exists('icons')) { $icons = $cache->get('icons'); } else { // Topic icons $sql = 'SELECT * FROM ' . ICONS_TABLE . ' ORDER BY icons_order'; $result = $db->sql_query($sql); $icons = array(); while ($row = $db->sql_fetchrow($result)) { $icons[$row['icons_id']]['img'] = $row['icons_url']; $icons[$row['icons_id']]['width'] = (int) $row['icons_width']; $icons[$row['icons_id']]['height'] = (int) $row['icons_height']; $icons[$row['icons_id']]['display'] = (bool) $row['display_on_posting']; } $db->sql_freeresult($result); $cache->put('icons', $icons); } return; } // Obtain ranks function obtain_ranks(&$ranks) { global $db, $cache; if ($cache->exists('ranks')) { $ranks = $cache->get('ranks'); } else { $sql = 'SELECT * FROM ' . RANKS_TABLE . ' ORDER BY rank_min DESC'; $result = $db->sql_query($sql); $ranks = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['rank_special']) { $ranks['special'][$row['rank_id']] = array( 'rank_title' => $row['rank_title'], 'rank_image' => $row['rank_image'] ); } else { $ranks['normal'][] = array( 'rank_title' => $row['rank_title'], 'rank_min' => $row['rank_min'], 'rank_image' => $row['rank_image'] ); } } $db->sql_freeresult($result); $cache->put('ranks', $ranks); } } // Obtain allowed extensions function obtain_attach_extensions(&$extensions) { global $db, $cache; if ($cache->exists('extensions')) { $extensions = $cache->get('extensions'); } else { // The rule is to only allow those extensions defined. ;) $sql = 'SELECT e.extension, g.* FROM ' . EXTENSIONS_TABLE . ' e, ' . EXTENSION_GROUPS_TABLE . ' g WHERE e.group_id = g.group_id AND g.allow_group = 1'; $result = $db->sql_query($sql); $extensions = array(); while ($row = $db->sql_fetchrow($result)) { $extension = strtolower(trim($row['extension'])); $extensions['_allowed_'][] = $extension; $extensions[$extension]['display_cat'] = intval($row['cat_id']); $extensions[$extension]['download_mode'] = intval($row['download_mode']); $extensions[$extension]['upload_icon'] = trim($row['upload_icon']); $extensions[$extension]['max_filesize'] = intval($row['max_filesize']); } $db->sql_freeresult($result); $cache->put('extensions', $extensions); } return; } function generate_board_url() { global $config; $path = preg_replace('#^/?(.*?)/?$#', '\1', trim($config['script_path'])); return (($config['cookie_secure']) ? 'https://' : 'http://') . preg_replace('#^/?(.*?)/?$#', '\1', trim($config['server_name'])) . (($config['server_port'] <> 80) ? ':' . trim($config['server_port']) : '') . (($path) ? '/' . $path : ''); } // Redirects the user to another page then exits the script nicely function redirect($url) { global $db, $cache, $config, $user; if (isset($db)) { $db->sql_close(); } if (isset($cache)) { $cache->unload(); } // Local redirect? If not, prepend the boards url $url = (!strstr($url, '://')) ? (generate_board_url() . preg_replace('#^/?(.*?)/?$#', '/\1', trim($url))) : $url; // Redirect via an HTML form for PITA webservers if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE'))) { header('Refresh: 0; URL=' . $url); echo 'Redirect
' . sprintf($user->lang['URL_REDIRECT'], '', '') . '
'; exit; } // Behave as per HTTP/1.1 spec for others header('Location: ' . $url); exit; } // Meta refresh assignment function meta_refresh($time, $url) { global $template; $template->assign_vars(array( 'META' => '') ); } // Generate login box or verify password function login_box($s_action, $s_hidden_fields = '', $login_explain = '') { global $SID, $db, $user, $template, $auth, $phpEx; $err = ''; if (isset($_POST['login'])) { $autologin = (!empty($_POST['autologin'])) ? TRUE : FALSE; $viewonline = (!empty($_POST['viewonline'])) ? 0 : 1; if (($result = $auth->login($_POST['username'], $_POST['password'], $autologin, $viewonline)) === true) { // TODO // Force change password ... plugin for EVENT_LOGIN in future // but for now we'll do it here return true; } // If we get a non-numeric (e.g. string) value we output an error if (is_string($result)) { trigger_error($result, E_USER_ERROR); } // If we get an integer zero then we are inactive, else the username/password is wrong $err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR']; } $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $login_explain, 'U_SEND_PASSWORD' => "ucp.$phpEx$SID&mode=sendpassword", 'U_TERMS_USE' => "ucp.$phpEx$SID&mode=terms", 'U_PRIVACY' => "ucp.$phpEx$SID&mode=privacy", 'S_LOGIN_ACTION' => $s_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); page_header($user->lang['LOGIN']); $template->set_filenames(array( 'body' => 'login_body.html') ); make_jumpbox('viewforum.'.$phpEx); page_footer(); } // Generate forum login box function login_forum_box(&$forum_data) { global $db, $config, $user, $template, $phpEx; $password = request_var('password', ''); $sql = 'SELECT forum_id FROM ' . FORUMS_ACCESS_TABLE . ' WHERE forum_id = ' . $forum_data['forum_id'] . ' AND user_id = ' . $user->data['user_id'] . " AND session_id = '$user->session_id'"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $db->sql_freeresult($result); return true; } $db->sql_freeresult($result); if ($password) { // Remove expired authorised sessions $sql = 'SELECT session_id FROM ' . SESSIONS_TABLE; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $sql_in = array(); do { $sql_in[] = "'" . $db->sql_escape($row['session_id']) . "'"; } while ($row = $db->sql_fetchrow($result)); $sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . ' WHERE session_id NOT IN (' . implode(', ', $sql_in) . ')'; $db->sql_query($sql); } $db->sql_freeresult($result); if ($password == $forum_data['forum_password']) { $sql = 'INSERT INTO phpbb_forum_access (forum_id, user_id, session_id) VALUES (' . $forum_data['forum_id'] . ', ' . $user->data['user_id'] . ", '" . $db->sql_escape($user->session_id) . "')"; $db->sql_query($sql); return true; } $template->assign_var('LOGIN_ERROR', $user->lang['WRONG_PASSWORD']); } page_header(); $template->set_filenames(array( 'body' => 'login_forum.html') ); page_footer(); } // Bump Topic Check - used by posting and viewtopic (do not want another included file) function bump_topic_allowed($forum_id, $topic_bumped, $last_post_time, $topic_poster, $last_topic_poster) { global $config, $auth, $user; // Check permission and make sure the last post was not already bumped if (!$auth->acl_get('f_bump', $forum_id) || $topic_bumped) { return false; } // Check bump time range, is the user really allowed to bump the topic at this time? preg_match('#^([0-9]+)(m|h|d)$#', $config['bump_interval'], $match); $bump_time = ($match[2] == 'm') ? $match[1] * 60 : (($match[2] == 'h') ? $match[1] * 3600 : $match[1] * 86400); // Check bump time if ($last_post_time + $bump_time > time()) { return false; } // Check bumper, only topic poster and last poster are allowed to bump if ($topic_poster != $user->data['user_id'] && $last_topic_poster != $user->data['user_id'] && !$auth->acl_get('m_', $forum_id)) { return false; } // A bump time of 0 will completely disable the bump feature... not intended but might be useful. return $bump_time; } // Error and message handler, call with trigger_error if reqd function msg_handler($errno, $msg_text, $errfile, $errline) { global $cache, $db, $auth, $template, $config, $user; global $phpEx, $phpbb_root_path, $starttime; switch ($errno) { case E_WARNING: case E_NOTICE: if (defined('DEBUG_EXTRA')) { // echo "PHP Notice on line $errline in $errfile :: $msg_text
"; } break; case E_USER_ERROR: if (isset($db)) { $db->sql_close(); } if (isset($cache)) { $cache->unload(); } if (!defined('HEADER_INC')) { echo '' . $msg_title . ''; echo '
phpBB LogoGeneral Error      
'; } echo '

' . $msg_text . '
Please notify the board administrator or webmaster : ' . $config['board_contact'] . '

'; exit; break; case E_USER_NOTICE: if (empty($user->data)) { $user->start(); } if (empty($user->lang)) { $user->setup(); } if (!defined('HEADER_INC')) { if (defined('IN_ADMIN')) { adm_page_header('', '', false); } else { page_header(); } } $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text; if (defined('IN_ADMIN')) { adm_page_message($msg_title, $msg_text, $display_header); adm_page_footer(); } else { $template->set_filenames(array( 'body' => 'message_body.html') ); $template->assign_vars(array( 'MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text) ); page_footer(); } exit; break; } } // function page_header($page_title = '') { global $db, $config, $template, $SID, $user, $auth, $phpEx; define('HEADER_INC', TRUE); // gzip_compression if ($config['gzip_compress']) { if (extension_loaded('zlib') && !headers_sent()) { ob_start('ob_gzhandler'); } } // Generate logged in/logged out status if ($user->data['user_id'] != ANONYMOUS) { $u_login_logout = "ucp.$phpEx$SID&mode=logout"; $l_login_logout = sprintf($user->lang['LOGOUT_USER'], $user->data['username']); } else { $u_login_logout = "ucp.$phpEx$SID&mode=login"; $l_login_logout = $user->lang['LOGIN']; } // Last visit date/time $s_last_visit = ($user->data['user_id'] != ANONYMOUS) ? $user->format_date($user->data['session_last_visit']) : ''; // Get users online list ... if required $l_online_users = $online_userlist = $l_online_record = ''; if (!empty($config['load_online']) && !empty($config['load_online_time'])) { $userlist_ary = $userlist_visible = array(); $logged_visible_online = $logged_hidden_online = $guests_online = $prev_user_id = 0; $prev_user_ip = $reading_sql = ''; if (!empty($_REQUEST['f'])) { $f = request_var('f', 0); $reading_sql = "AND s.session_page LIKE '%f=$f%'"; } $sql = 'SELECT u.username, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_allow_viewonline FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s WHERE s.session_time >= ' . (time() - (intval($config['load_online_time']) * 60)) . " $reading_sql AND u.user_id = s.session_user_id ORDER BY u.username ASC, s.session_ip ASC"; $result = $db->sql_query($sql, false); while ($row = $db->sql_fetchrow($result)) { // User is logged in and therefor not a guest if ($row['user_id'] != ANONYMOUS) { // Skip multiple sessions for one user if ($row['user_id'] != $prev_user_id) { if ($row['user_colour']) { $row['username'] = '' . $row['username'] . ''; } if ($row['user_allow_viewonline'] && $row['session_allow_viewonline']) { $user_online_link = $row['username']; $logged_visible_online++; } else { $user_online_link = '' . $row['username'] . ''; $logged_hidden_online++; } if ($row['user_allow_viewonline'] || $auth->acl_get('u_viewonline')) { $user_online_link = ($row['user_type'] <> USER_IGNORE) ? "' . $user_online_link . '' : $user_online_link; $online_userlist .= ($online_userlist != '') ? ', ' . $user_online_link : $user_online_link; } } $prev_user_id = $row['user_id']; } else { // Skip multiple sessions for one user if ($row['session_ip'] != $prev_session_ip) { $guests_online++; } } $prev_session_ip = $row['session_ip']; } if (!$online_userlist) { $online_userlist = $user->lang['NONE']; } if (empty($_REQUEST['f'])) { $online_userlist = $user->lang['REGISTERED_USERS'] . ' ' . $online_userlist; } else { $l_online = ($guests_online == 1) ? $user->lang['BROWSING_FORUM_GUEST'] : $user->lang['BROWSING_FORUM_GUESTS']; $online_userlist = sprintf($l_online, $online_userlist, $guests_online); } $total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online; if ($total_online_users > $config['record_online_users']) { set_config('record_online_users', $total_online_users, TRUE); set_config('record_online_date', time(), TRUE); } // Build online listing $vars_online = array( 'ONLINE'=> array('total_online_users', 'l_t_user_s'), 'REG' => array('logged_visible_online', 'l_r_user_s'), 'HIDDEN'=> array('logged_hidden_online', 'l_h_user_s'), 'GUEST' => array('guests_online', 'l_g_user_s') ); foreach ($vars_online as $l_prefix => $var_ary) { switch (${$var_ary[0]}) { case 0: ${$var_ary[1]} = $user->lang[$l_prefix . '_USERS_ZERO_TOTAL']; break; case 1: ${$var_ary[1]} = $user->lang[$l_prefix . '_USER_TOTAL']; break; default: ${$var_ary[1]} = $user->lang[$l_prefix . '_USERS_TOTAL']; break; } } unset($vars_online); $l_online_users = sprintf($l_t_user_s, $total_online_users); $l_online_users .= sprintf($l_r_user_s, $logged_visible_online); $l_online_users .= sprintf($l_h_user_s, $logged_hidden_online); $l_online_users .= sprintf($l_g_user_s, $guests_online); $l_online_record = sprintf($user->lang['RECORD_ONLINE_USERS'], $config['record_online_users'], $user->format_date($config['record_online_date'])); $l_online_time = ($config['load_online_time'] == 1) ? 'VIEW_ONLINE_TIME' : 'VIEW_ONLINE_TIMES'; $l_online_time = sprintf($user->lang[$l_online_time], $config['load_online_time']); } // Obtain number of new private messages if user is logged in if ($user->data['user_id'] != ANONYMOUS) { if ($user->data['user_new_privmsg']) { $l_message_new = ($user->data['user_new_privmsg'] == 1) ? $user->lang['NEW_PM'] : $user->lang['NEW_PMS']; $l_privmsgs_text = sprintf($l_message_new, $user->data['user_new_privmsg']); if ($user->data['user_last_privmsg'] > $user->data['session_last_visit']) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_last_privmsg = ' . $user->data['session_last_visit'] . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $s_privmsg_new = true; } else { $s_privmsg_new = false; } } else { $l_privmsgs_text = $user->lang['NO_NEW_PM']; $s_privmsg_new = false; } if ($user->data['user_unread_privmsg']) { $l_message_unread = ($user->data['user_unread_privmsg'] == 1) ? $user->lang['UNREAD_PM'] : $user->lang['UNREAD_PMS']; $l_privmsgs_text_unread = sprintf($l_message_unread, $user->data['user_unread_privmsg']); } else { $l_privmsgs_text_unread = $user->lang['NO_UNREAD_PM']; } } // Which timezone? $tz = ($user->data['user_id'] != ANONYMOUS) ? strval(doubleval($user->data['user_timezone'])) : strval(doubleval($config['board_timezone'])); // The following assigns all _common_ variables that may be used at any point // in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], 'SITE_DESCRIPTION' => $config['site_desc'], 'PAGE_TITLE' => $page_title, 'LAST_VISIT_DATE' => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit), 'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time())), 'TOTAL_USERS_ONLINE' => $l_online_users, 'LOGGED_IN_USER_LIST' => $online_userlist, 'RECORD_USERS' => $l_online_record, 'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text, 'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread, 'L_LOGIN_LOGOUT' => $l_login_logout, 'L_INDEX' => $user->lang['FORUM_INDEX'], 'L_ONLINE_EXPLAIN' => $l_online_time, 'U_PRIVATEMSGS' => 'ucp.'.$phpEx.$SID.'&mode=pm&folder=inbox', 'U_MEMBERLIST' => 'memberlist.'.$phpEx.$SID, 'U_VIEWONLINE' => 'viewonline.'.$phpEx.$SID, 'U_MEMBERSLIST' => 'memberlist.'.$phpEx.$SID, 'U_GROUP_CP' => 'groupcp.'.$phpEx.$SID, 'U_LOGIN_LOGOUT' => $u_login_logout, 'U_INDEX' => 'index.'.$phpEx.$SID, 'U_SEARCH' => 'search.'.$phpEx.$SID, 'U_REGISTER' => 'ucp.'.$phpEx.$SID.'&mode=register', 'U_PROFILE' => 'ucp.'.$phpEx.$SID, 'U_MODCP' => 'mcp.'.$phpEx.$SID, 'U_FAQ' => 'faq.'.$phpEx.$SID, 'U_SEARCH_SELF' => 'search.'.$phpEx.$SID.'&search_id=egosearch', 'U_SEARCH_NEW' => 'search.'.$phpEx.$SID.'&search_id=newposts', 'U_SEARCH_UNANSWERED' => 'search.'.$phpEx.$SID.'&search_id=unanswered', 'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false, 'S_USER_PM_POPUP' => $user->optionget('popuppm'), 'S_USER_LANG' => $user->data['user_lang'], 'S_USER_BROWSER' => $user->data['session_browser'], 'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'], 'S_CONTENT_ENCODING' => $user->lang['ENCODING'], 'S_CONTENT_DIR_LEFT' => $user->lang['LEFT'], 'S_CONTENT_DIR_RIGHT' => $user->lang['RIGHT'], 'S_TIMEZONE' => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang[$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang[$tz], ''), 'S_DISPLAY_ONLINE_LIST' => (!empty($config['load_online'])) ? 1 : 0, 'S_DISPLAY_SEARCH' => (!empty($config['load_search'])) ? 1 : 0, 'S_DISPLAY_PM' => (empty($config['privmsg_disable'])) ? 1 : 0, 'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0, 'S_NEW_PM' => $s_privmsg_new, 'T_THEME_PATH' => 'styles/' . $user->theme['primary']['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => 'styles/' . $user->theme['primary']['template_path'] . '/template', 'T_IMAGESET_PATH' => 'styles/' . $user->theme['primary']['imageset_path'] . '/imageset', 'T_STYLESHEET_LINK' => (!$user->theme['primary']['theme_storedb']) ? 'styles/' . $user->theme['primary']['theme_path'] . '/theme/stylesheet.css' : "style.$phpEx?sid=$user->session_id&id=" . $user->theme['primary']['theme_id'], 'T_STYLESHEET_NAME' => $user->theme['primary']['theme_name'], 'T_THEME_DATA' => (!$user->theme['primary']['theme_storedb']) ? '' : $user->theme['primary']['theme_data']) ); if (!empty($config['send_encoding'])) { header('Content-type: text/html; charset: ' . $user->lang['ENCODING']); } header('Cache-Control: private, no-cache="set-cookie", pre-check=0, post-check=0'); header('Expires: 0'); header('Pragma: no-cache'); return; } function page_footer() { global $db, $config, $template, $SID, $user, $auth, $cache, $messenger, $starttime, $phpbb_root_path, $phpEx; // Output page creation time if (defined('DEBUG')) { $mtime = explode(' ', microtime()); $totaltime = $mtime[0] + $mtime[1] - $starttime; if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && method_exists($db, 'sql_report')) { $db->sql_report('display'); } $debug_output = sprintf('Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . (($user->load) ? $user->load : 'N/A'), $totaltime); if ($auth->acl_get('a_')) { $debug_output .= ' | Explain'; } } $template->assign_vars(array( 'PHPBB_VERSION' => $config['version'], 'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '', 'U_ACP' => ($auth->acl_get('a_')) ? "adm/index.$phpEx?sid=" . $user->data['session_id'] : '') ); $template->display('body'); // Unload cache, must be done before the DB connection if closed if (!empty($cache)) { $cache->unload(); } // Close our DB connection. $db->sql_close(); exit; } ?>