| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 /*************************************************************************** 3 * functions.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * Id: functions.php,v 1.133.2.35 2005/07/19 20:01:11 acydburn Exp 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 * 22 ***************************************************************************/ 23 if ( !defined('IN_PHPBB') ) 24 { 25 die("Hacking attempt"); 26 exit; 27 } 28 29 function get_db_stat($mode) 30 { 31 global $db; 32 33 switch( $mode ) 34 { 35 case 'usercount': 36 $sql = "SELECT COUNT(user_id) AS total 37 FROM " . USERS_TABLE . " 38 WHERE user_id <> " . ANONYMOUS; 39 break; 40 41 case 'newestuser': 42 $sql = "SELECT user_id, username 43 FROM " . USERS_TABLE . " 44 WHERE user_id <> " . ANONYMOUS . " 45 ORDER BY user_id DESC 46 LIMIT 1"; 47 break; 48 49 case 'postcount': 50 case 'topiccount': 51 $sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total 52 FROM " . FORUMS_TABLE; 53 break; 54 } 55 56 if ( !($result = $db->sql_query($sql)) ) 57 { 58 return false; 59 } 60 61 $row = $db->sql_fetchrow($result); 62 63 switch ( $mode ) 64 { 65 case 'usercount': 66 return $row['total']; 67 break; 68 case 'newestuser': 69 return $row; 70 break; 71 case 'postcount': 72 return $row['post_total']; 73 break; 74 case 'topiccount': 75 return $row['topic_total']; 76 break; 77 } 78 79 return false; 80 } 81 82 // added at phpBB 2.0.11 to properly format the username 83 function phpbb_clean_username($username) 84 { 85 $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25); 86 $username = phpbb_rtrim($username, "\\"); 87 $username = str_replace("'", "\'", $username); 88 89 return $username; 90 } 91 // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0) 92 function phpbb_rtrim($str, $charlist = false) 93 { 94 if ($charlist === false) 95 { 96 return rtrim($str); 97 } 98 99 $php_version = explode('.', PHP_VERSION); 100 101 // php version < 4.1.0 102 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) 103 { 104 while ($str{strlen($str)-1} == $charlist) 105 { 106 $str = substr($str, 0, strlen($str)-1); 107 } 108 } 109 else 110 { 111 $str = rtrim($str, $charlist); 112 } 113 114 return $str; 115 } 116 117 // 118 // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced. 119 // 120 function get_userdata($user, $force_str = false) 121 { 122 global $db; 123 124 if (!is_numeric($user) || $force_str) 125 { 126 $user = phpbb_clean_username($user); 127 } 128 else 129 { 130 $user = intval($user); 131 } 132 133 $sql = "SELECT * 134 FROM " . USERS_TABLE . " 135 WHERE "; 136 $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . $user . "'" ) . " AND user_id <> " . ANONYMOUS; 137 if ( !($result = $db->sql_query($sql)) ) 138 { 139 message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql); 140 } 141 142 return ( $row = $db->sql_fetchrow($result) ) ? $row : false; 143 } 144 145 function make_jumpbox($action, $match_forum_id = 0) 146 { 147 global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID; 148 149 // $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata); 150 151 $sql = "SELECT c.cat_id, c.cat_title, c.cat_order 152 FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f 153 WHERE f.cat_id = c.cat_id 154 GROUP BY c.cat_id, c.cat_title, c.cat_order 155 ORDER BY c.cat_order"; 156 if ( !($result = $db->sql_query($sql)) ) 157 { 158 message_die(GENERAL_ERROR, "Couldn't obtain category list.", "", __LINE__, __FILE__, $sql); 159 } 160 161 $category_rows = array(); 162 while ( $row = $db->sql_fetchrow($result) ) 163 { 164 $category_rows[] = $row; 165 } 166 167 if ( $total_categories = count($category_rows) ) 168 { 169 $sql = "SELECT * 170 FROM " . FORUMS_TABLE . " 171 ORDER BY cat_id, forum_order"; 172 if ( !($result = $db->sql_query($sql)) ) 173 { 174 message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql); 175 } 176 177 $boxstring = '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>'; 178 179 $forum_rows = array(); 180 while ( $row = $db->sql_fetchrow($result) ) 181 { 182 $forum_rows[] = $row; 183 } 184 185 if ( $total_forums = count($forum_rows) ) 186 { 187 for($i = 0; $i < $total_categories; $i++) 188 { 189 $boxstring_forums = ''; 190 for($j = 0; $j < $total_forums; $j++) 191 { 192 if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG ) 193 { 194 195 // if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $is_auth[$forum_rows[$j]['forum_id']]['auth_view'] ) 196 // { 197 $selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : ''; 198 $boxstring_forums .= '<option value="' . $forum_rows[$j]['forum_id'] . '"' . $selected . '>' . $forum_rows[$j]['forum_name'] . '</option>'; 199 200 // 201 // Add an array to $nav_links for the Mozilla navigation bar. 202 // 'chapter' and 'forum' can create multiple items, therefore we are using a nested array. 203 // 204 $nav_links['chapter forum'][$forum_rows[$j]['forum_id']] = array ( 205 'url' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id']), 206 'title' => $forum_rows[$j]['forum_name'] 207 ); 208 209 } 210 } 211 212 if ( !empty($boxstring_forums) ) 213 { 214 $boxstring .= '<option value="-1"> </option>'; 215 $boxstring .= '<option value="-1">' . $category_rows[$i]['cat_title'] . '</option>'; 216 $boxstring .= '<option value="-1">----------------</option>'; 217 $boxstring .= $boxstring_forums; 218 } 219 } 220 } 221 222 $boxstring .= '</select>'; 223 } 224 else 225 { 226 $boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>'; 227 } 228 229 // Let the jumpbox work again in sites having additional session id checks. 230 // if ( !empty($SID) ) 231 // { 232 $boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 233 // } 234 235 $template->set_filenames(array( 236 'jumpbox' => 'jumpbox.tpl') 237 ); 238 $template->assign_vars(array( 239 'L_GO' => $lang['Go'], 240 'L_JUMP_TO' => $lang['Jump_to'], 241 'L_SELECT_FORUM' => $lang['Select_forum'], 242 243 'S_JUMPBOX_SELECT' => $boxstring, 244 'S_JUMPBOX_ACTION' => append_sid($action)) 245 ); 246 $template->assign_var_from_handle('JUMPBOX', 'jumpbox'); 247 248 return; 249 } 250 251 // 252 // Initialise user settings on page load 253 function init_userprefs($userdata) 254 { 255 global $board_config, $theme, $images, $template, $lang, $phpEx, $phpbb_root_path, $nav_links; 256 257 if ( $userdata['user_id'] != ANONYMOUS ) 258 { 259 if ( !empty($userdata['user_lang'])) 260 { 261 $board_config['default_lang'] = $userdata['user_lang']; 262 } 263 264 if ( !empty($userdata['user_dateformat']) ) 265 { 266 $board_config['default_dateformat'] = $userdata['user_dateformat']; 267 } 268 269 if ( isset($userdata['user_timezone']) ) 270 { 271 $board_config['board_timezone'] = $userdata['user_timezone']; 272 } 273 } 274 275 if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx)) ) 276 { 277 $board_config['default_lang'] = 'english'; 278 } 279 280 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx); 281 282 if ( defined('IN_ADMIN') ) 283 { 284 if( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx)) ) 285 { 286 $board_config['default_lang'] = 'english'; 287 } 288 289 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx); 290 } 291 292 // 293 // Set up style 294 // 295 if ( !$board_config['override_user_style'] ) 296 { 297 if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_style'] > 0 ) 298 { 299 if ( $theme = setup_style($userdata['user_style']) ) 300 { 301 return; 302 } 303 } 304 } 305 306 $theme = setup_style($board_config['default_style']); 307 308 // 309 // Mozilla navigation bar 310 // Default items that should be valid on all pages. 311 // Defined here to correctly assign the Language Variables 312 // and be able to change the variables within code. 313 // 314 $nav_links['top'] = array ( 315 'url' => append_sid("index.$phpEx"), 316 'title' => sprintf($lang['Forum_Index'], $board_config['sitename']) 317 ); 318 $nav_links['search'] = array ( 319 'url' => append_sid("search.$phpEx"), 320 'title' => $lang['Search'] 321 ); 322 $nav_links['help'] = array ( 323 'url' => append_sid("faq.$phpEx"), 324 'title' => $lang['FAQ'] 325 ); 326 $nav_links['author'] = array ( 327 'url' => append_sid("memberlist.$phpEx"), 328 'title' => $lang['Memberlist'] 329 ); 330 331 return; 332 } 333 334 function setup_style($style) 335 { 336 global $db, $prefix, $board_config, $template, $images, $phpbb_root_path, $name; 337 if($name == "Forums"){ 338 cookiedecode($user); 339 $info=$db->sql_query("select * from ".$prefix."_bbconfig where config_name='default_style'"); 340 $get_info=$db->sql_fetchrow($info); 341 $default_style=$get_info['config_value']; 342 if($cookie[1] == "" AND $style != "$default_style") { 343 $style = "$default_style"; 344 } 345 } 346 347 $sql = "SELECT * 348 FROM " . THEMES_TABLE . " 349 WHERE themes_id = '$style'"; 350 if ( !($result = $db->sql_query($sql)) ) 351 { 352 message_die(CRITICAL_ERROR, 'Could not query database for theme info'); 353 } 354 355 if ( !($row = $db->sql_fetchrow($result)) ) 356 { 357 message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]"); 358 } 359 360 $ThemeSel = get_theme(); 361 if (file_exists("themes/$ThemeSel/forums/index_body.tpl")) { 362 $template_path = "themes/$ThemeSel/"; 363 $template_name = "forums"; 364 $template = new Template($template_path . $template_name, $board_config, $db); 365 } else { 366 $template_path = 'templates/' ; 367 $template_name = $row['template_name'] ; 368 $template = new Template($phpbb_root_path . $template_path . $template_name, $board_config, $db); 369 } 370 371 372 373 if ( $template ) 374 { 375 $current_template_path = $template_path . $template_name; 376 $ThemeSel = get_theme(); 377 if (file_exists("themes/$ThemeSel/$template_name/index_body.tpl")) { 378 include($template_path . $template_name . '/' . $template_name . '.cfg'); 379 } else { 380 @include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg'); 381 } 382 if ( !defined('TEMPLATE_CONFIG') ) 383 { 384 message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__); 385 } 386 387 $img_lang = ( file_exists(@phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english'; 388 389 while( list($key, $value) = @each($images) ) 390 { 391 if ( !is_array($value) ) 392 { 393 $images[$key] = str_replace('{LANG}', 'lang_' . $img_lang, $value); 394 } 395 } 396 } 397 398 return $row; 399 } 400 401 function encode_ip($dotquad_ip) 402 { 403 $ip_sep = explode('.', $dotquad_ip); 404 return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]); 405 } 406 407 function decode_ip($int_ip) 408 { 409 $hexipbang = explode('.', chunk_split($int_ip, 2, '.')); 410 return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]); 411 } 412 413 // 414 // Create date/time from format and timezone 415 // 416 function create_date($format, $gmepoch, $tz) 417 { 418 global $board_config, $lang; 419 static $translate; 420 421 if ( empty($translate) && $board_config['default_lang'] != 'english' ) 422 { 423 @reset($lang['datetime']); 424 while ( list($match, $replace) = @each($lang['datetime']) ) 425 { 426 $translate[$match] = $replace; 427 } 428 } 429 430 return ( !empty($translate) ) ? strtr(@gmdate($format, $gmepoch + (3600 * $tz)), $translate) : @gmdate($format, $gmepoch + (3600 * $tz)); 431 } 432 433 // 434 // Pagination routine, generates 435 // page number sequence 436 // 437 function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE) 438 { 439 global $lang; 440 441 $total_pages = ceil($num_items/$per_page); 442 443 if ( $total_pages == 1 ) 444 { 445 return ''; 446 } 447 448 $on_page = floor($start_item / $per_page) + 1; 449 450 $page_string = ''; 451 if ( $total_pages > 10 ) 452 { 453 $init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages; 454 455 for($i = 1; $i < $init_page_max + 1; $i++) 456 { 457 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; 458 if ( $i < $init_page_max ) 459 { 460 $page_string .= ", "; 461 } 462 } 463 464 if ( $total_pages > 3 ) 465 { 466 if ( $on_page > 1 && $on_page < $total_pages ) 467 { 468 $page_string .= ( $on_page > 5 ) ? ' ... ' : ', '; 469 470 $init_page_min = ( $on_page > 4 ) ? $on_page : 5; 471 $init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4; 472 473 for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++) 474 { 475 $page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; 476 if ( $i < $init_page_max + 1 ) 477 { 478 $page_string .= ', '; 479 } 480 } 481 482 $page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', '; 483 } 484 else 485 { 486 $page_string .= ' ... '; 487 } 488 489 for($i = $total_pages - 2; $i < $total_pages + 1; $i++) 490 { 491 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; 492 if( $i < $total_pages ) 493 { 494 $page_string .= ", "; 495 } 496 } 497 } 498 } 499 else 500 { 501 for($i = 1; $i < $total_pages + 1; $i++) 502 { 503 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; 504 if ( $i < $total_pages ) 505 { 506 $page_string .= ', '; 507 } 508 } 509 } 510 511 if ( $add_prevnext_text ) 512 { 513 if ( $on_page > 1 ) 514 { 515 $page_string = ' <a href="' . append_sid($base_url . "&start=" . ( ( $on_page - 2 ) * $per_page ) ) . '">' . $lang['Previous'] . '</a> ' . $page_string; 516 } 517 518 if ( $on_page < $total_pages ) 519 { 520 $page_string .= ' <a href="' . append_sid($base_url . "&start=" . ( $on_page * $per_page ) ) . '">' . $lang['Next'] . '</a>'; 521 } 522 523 } 524 525 $page_string = $lang['Goto_page'] . ' ' . $page_string; 526 527 return $page_string; 528 } 529 530 // 531 // This does exactly what preg_quote() does in PHP 4-ish 532 // If you just need the 1-parameter preg_quote call, then don't bother using this. 533 // 534 function phpbb_preg_quote($str, $delimiter) 535 { 536 $text = preg_quote($str); 537 $text = str_replace($delimiter, '\\' . $delimiter, $text); 538 539 return $text; 540 } 541 542 // 543 // Obtain list of naughty words and build preg style replacement arrays for use by the 544 // calling script, note that the vars are passed as references this just makes it easier 545 // to return both sets of arrays 546 // 547 function obtain_word_list(&$orig_word, &$replacement_word) 548 { 549 global $db; 550 551 // 552 // Define censored word matches 553 // 554 $sql = "SELECT word, replacement 555 FROM " . WORDS_TABLE; 556 if( !($result = $db->sql_query($sql)) ) 557 { 558 message_die(GENERAL_ERROR, 'Could not get censored words from database', '', __LINE__, __FILE__, $sql); 559 } 560 561 if ( $row = $db->sql_fetchrow($result) ) 562 { 563 do 564 { 565 $orig_word[] = '#\b(' . str_replace('\*', '\w*?', phpbb_preg_quote($row['word'], '#')) . ')\b#i'; 566 $replacement_word[] = $row['replacement']; 567 } 568 while ( $row = $db->sql_fetchrow($result) ); 569 } 570 571 return true; 572 } 573 574 // 575 // This is general replacement for die(), allows templated 576 // output in users (or default) language, etc. 577 // 578 // $msg_code can be one of these constants: 579 // 580 // GENERAL_MESSAGE : Use for any simple text message, eg. results 581 // of an operation, authorisation failures, etc. 582 // 583 // GENERAL ERROR : Use for any error which occurs _AFTER_ the 584 // common.php include and session code, ie. most errors in 585 // pages/functions 586 // 587 // CRITICAL_MESSAGE : Used when basic config data is available but 588 // a session may not exist, eg. banned users 589 // 590 // CRITICAL_ERROR : Used when config data cannot be obtained, eg 591 // no database connection. Should _not_ be used in 99.5% of cases 592 // 593 function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '') 594 { 595 global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links, $gen_simple_header, $images, $userdata, $user_ip, $session_length, $starttime; 596 597 if(defined('HAS_DIED')) 598 { 599 die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?"); 600 } 601 602 define('HAS_DIED', 1); 603 604 605 $sql_store = $sql; 606 607 // 608 // Get SQL error if we are debugging. Do this as soon as possible to prevent 609 // subsequent queries from overwriting the status of sql_error() 610 // 611 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) ) 612 { 613 $sql_error = $db->sql_error(); 614 615 $debug_text = ''; 616 617 if ( !empty($sql_error['message']) ) 618 { 619 $debug_text .= '<br /><br />SQL Error : ' . $sql_error['code'] . ' ' . $sql_error['message']; 620 } 621 622 if ( !empty($sql_store) ) 623 { 624 $debug_text .= "<br /><br />$sql_store"; 625 } 626 627 if ( !empty($err_line) && !empty($err_file) ) 628 { 629 $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file); 630 } 631 } 632 633 if( empty($userdata) && ( $msg_code == GENERAL_MESSAGE || $msg_code == GENERAL_ERROR ) ) 634 { 635 $userdata = session_pagestart($user_ip, PAGE_INDEX, $nukeuser); 636 init_userprefs($userdata); 637 } 638 639 // 640 // If the header hasn't been output then do it 641 // 642 if ( !defined('HEADER_INC') && $msg_code != CRITICAL_ERROR ) 643 { 644 if ( empty($lang) ) 645 { 646 if ( !empty($board_config['default_lang']) ) 647 { 648 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx); 649 } 650 else 651 { 652 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx); 653 } 654 } 655 656 if ( empty($template) ) 657 { 658 $ThemeSel = get_theme(); 659 if (file_exists("themes/$ThemeSel/forums/".$board_config['board_template']."/index_body.tpl")) { 660 $template = new Template("themes/$ThemeSel/forums/".$board_config['board_template'].""); 661 } else { 662 $template = new Template($phpbb_root_path . 'templates/' . $board_config['board_template']); 663 } 664 } 665 if ( empty($theme) ) 666 { 667 $theme = setup_style($board_config['default_style']); 668 } 669 670 // 671 // Load the Page Header 672 // 673 if ( !defined('IN_ADMIN') ) 674 { 675 include ("includes/page_header.php"); 676 } 677 else 678 { 679 include($phpbb_root_path . 'admin/page_header_admin.'.$phpEx); 680 } 681 } 682 683 switch($msg_code) 684 { 685 case GENERAL_MESSAGE: 686 if ( empty($msg_title) ) 687 { 688 $msg_title = $lang['Information']; 689 } 690 break; 691 692 case CRITICAL_MESSAGE: 693 if ( empty($msg_title) ) 694 { 695 $msg_title = $lang['Critical_Information']; 696 } 697 break; 698 699 case GENERAL_ERROR: 700 if ( empty($msg_text) ) 701 { 702 $msg_text = $lang['An_error_occured']; 703 } 704 705 if ( empty($msg_title) ) 706 { 707 $msg_title = $lang['General_Error']; 708 } 709 break; 710 711 case CRITICAL_ERROR: 712 // 713 // Critical errors mean we cannot rely on _ANY_ DB information being 714 // available so we're going to dump out a simple echo'd statement 715 // 716 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx); 717 718 if ( empty($msg_text) ) 719 { 720 $msg_text = $lang['A_critical_error']; 721 } 722 723 if ( empty($msg_title) ) 724 { 725 $msg_title = 'phpBB : <b>' . $lang['Critical_Error'] . '</b>'; 726 } 727 break; 728 } 729 730 // 731 // Add on DEBUG info if we've enabled debug mode and this is an error. This 732 // prevents debug info being output for general messages should DEBUG be 733 // set TRUE by accident (preventing confusion for the end user!) 734 // 735 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) ) 736 { 737 if ( !empty($debug_text) ) 738 { 739 $msg_text = $msg_text . '<br /><br /><b><u>DEBUG MODE</u></b>' . $debug_text; 740 } 741 } 742 743 if ( $msg_code != CRITICAL_ERROR ) 744 { 745 if ( !empty($lang[$msg_text]) ) 746 { 747 $msg_text = $lang[$msg_text]; 748 } 749 750 if ( !defined('IN_ADMIN') ) 751 { 752 $template->set_filenames(array( 753 'message_body' => 'message_body.tpl') 754 ); 755 } 756 else 757 { 758 $template->set_filenames(array( 759 'message_body' => 'admin/admin_message_body.tpl') 760 ); 761 } 762 763 $template->assign_vars(array( 764 'MESSAGE_TITLE' => $msg_title, 765 'MESSAGE_TEXT' => $msg_text) 766 ); 767 $template->pparse('message_body'); 768 769 if ( !defined('IN_ADMIN') ) 770 { 771 include ("includes/page_tail.php"); 772 } 773 else 774 { 775 include($phpbb_root_path . 'admin/page_footer_admin.'.$phpEx); 776 } 777 } 778 else 779 { 780 echo "<html>\n<body>\n" . $msg_title . "\n<br /><br />\n" . $msg_text . "</body>\n</html>"; 781 } 782 783 exit; 784 } 785 786 // 787 // This function is for compatibility with PHP 4.x's realpath() 788 // function. In later versions of PHP, it needs to be called 789 // to do checks with some functions. Older versions of PHP don't 790 // seem to need this, so we'll just return the original value. 791 // dougk_ff7 <October 5, 2002> 792 function phpbb_realpath($path) 793 { 794 global $phpbb_root_path, $phpEx; 795 796 return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path); 797 } 798 799 function redirect($url) 800 { 801 global $db, $board_config; 802 803 if (!empty($db)) 804 { 805 $db->sql_close(); 806 } 807 808 if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r")) 809 { 810 message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); 811 } 812 813 $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; 814 $server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])); 815 $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : ''; 816 $script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])); 817 $script_name = ($script_name == '') ? $script_name : '/' . $script_name; 818 $url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url)); 819 820 // Redirect via an HTML form for PITA webservers 821 if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) 822 { 823 header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url); 824 echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>'; 825 exit; 826 } 827 828 // Behave as per HTTP/1.1 spec for others 829 header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url); 830 exit; 831 } 832 function bblogin($nukeuser, $session_id) { 833 global $nukeuser, $userdata, $user_ip, $session_length, $session_id, $db, $nuke_file_path; 834 define("IN_LOGIN", true); 835 $cookie = explode(":", $nukeuser); 836 $nuid = $cookie[0]; 837 $sql = "SELECT s.* 838 FROM " . SESSIONS_TABLE . " s 839 WHERE s.session_id = '$session_id' 840 AND s.session_ip = '$user_ip'"; 841 if ( !($result = $db->sql_query($sql)) ) 842 { 843 message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch : session_pagestar'); 844 } 845 $logindata = $db->sql_fetchrow($result); 846 if( $nuid != $logindata['session_user_id'] ) { 847 $nusername = $cookie[1]; 848 $sql = "SELECT user_id, username, user_password, user_active, user_level 849 FROM ".USERS_TABLE." 850 WHERE username = '" . str_replace("\'", "''", $nusername) . "'"; 851 $result = $db->sql_query($sql); 852 if(!$result) { 853 message_die(GENERAL_ERROR, "Error in obtaining userdata : login", "", __LINE__, __FILE__, $sql); 854 } 855 $rowresult = $db->sql_fetchrow($result); 856 $password = $cookie[2]; 857 if(count($rowresult) ) { 858 if( $rowresult['user_level'] != ADMIN && $board_config['board_disable'] ) { 859 header("Location: " . append_sid("index.php", true)); 860 } else { 861 if( $password == $rowresult['user_password'] && $rowresult['user_active'] ) { 862 $autologin = 0; 863 $userdata = session_begin($rowresult['user_id'], $user_ip, PAGE_INDEX, $session_length, FALSE, $autologin); 864 $session_id = $userdata['session_id']; 865 if(!$session_id ) { 866 message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__); 867 } else { 868 } 869 } else { 870 $message = $lang['Error_login'] . "<br /><br />" . sprintf($lang['Click_return_login'], "<a href=\"" . append_sid("modules.php?name=Forums&file=login&$redirect") . "\">", "</a> ") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.php") . "\">", "</a> "); 871 message_die(GENERAL_MESSAGE, $message); 872 } 873 } 874 } else { 875 $message = $lang['Error_login'] . "<br /><br />" . sprintf($lang['Click_return_login'], "<a href=\"" . append_sid("modules.php?name=Forums&file=login&$redirect") . "\">", "</a> ") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.php") . "\">", "</a> "); 876 message_die(GENERAL_MESSAGE, $message); 877 } 878 } 879 } 880 881 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |