search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add proper language to error messages
[phpbb.git] / phpBB / includes / functions.php
blob9473f823e46db306fc6fe9b967d52ff6058b3370
1 <?php
2 /**
3 *
4 * @package phpBB3
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 if (!defined('IN_PHPBB'))
15 {
16 exit;
17 }
18
19 // Common global functions
20
21 /**
22 * Wrapper function of phpbb_request::variable which exists for backwards compatability.
23 * See {@link phpbb_request::variable phpbb_request::variable} for documentation of this function's use.
24 *
25 * @param string|array $var_name The form variable's name from which data shall be retrieved.
26 * If the value is an array this may be an array of indizes which will give
27 * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
28 * then specifying array("var", 1) as the name will return "a".
29 * @param mixed $default A default value that is returned if the variable was not set.
30 * This function will always return a value of the same type as the default.
31 * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
32 * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
33 * @param bool $cookie This param is mapped to phpbb_request::COOKIE as the last param for phpbb_request::variable for backwards compatability reasons.
34 *
35 * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
36 * the same as that of $default. If the variable is not set $default is returned.
37 */
38 function request_var($var_name, $default, $multibyte = false, $cookie = false)
39 {
40 return phpbb_request::variable($var_name, $default, $multibyte, ($cookie) ? phpbb_request::COOKIE : phpbb_request::REQUEST);
41 }
42
43 /**
44 * Set config value.
45 * Creates missing config entry if update did not succeed and phpbb::$config for this entry empty.
46 *
47 * @param string $config_name The configuration keys name
48 * @param string $config_value The configuration value
49 * @param bool $is_dynamic True if the configuration entry is not cached
50 */
51 function set_config($config_name, $config_value, $is_dynamic = false)
52 {
53 $sql = 'UPDATE ' . CONFIG_TABLE . "
54 SET config_value = '" . phpbb::$db->sql_escape($config_value) . "'
55 WHERE config_name = '" . phpbb::$db->sql_escape($config_name) . "'";
56 phpbb::$db->sql_query($sql);
57
58 if (!phpbb::$db->sql_affectedrows() && !isset(phpbb::$config[$config_name]))
59 {
60 $sql = 'INSERT INTO ' . CONFIG_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', array(
61 'config_name' => (string) $config_name,
62 'config_value' => (string) $config_value,
63 'is_dynamic' => (int) $is_dynamic,
64 ));
65 phpbb::$db->sql_query($sql);
66 }
67
68 phpbb::$config[$config_name] = $config_value;
69
70 if (!$is_dynamic)
71 {
72 phpbb::$acm->destroy('#config');
73 }
74 }
75
76 /**
77 * Return formatted string for filesizes
78 */
79 function get_formatted_filesize($bytes, $add_size_lang = true)
80 {
81 if ($bytes >= pow(2, 20))
82 {
83 return ($add_size_lang) ? round($bytes / 1024 / 1024, 2) . ' ' . phpbb::$user->lang['MIB'] : round($bytes / 1024 / 1024, 2);
84 }
85
86 if ($bytes >= pow(2, 10))
87 {
88 return ($add_size_lang) ? round($bytes / 1024, 2) . ' ' . phpbb::$user->lang['KIB'] : round($bytes / 1024, 2);
89 }
90
91 return ($add_size_lang) ? ($bytes) . ' ' . phpbb::$user->lang['BYTES'] : ($bytes);
92 }
93
94 /**
95 * Determine whether we are approaching the maximum execution time. Should be called once
96 * at the beginning of the script in which it's used.
97 * @return bool Either true if the maximum execution time is nearly reached, or false
98 * if some time is still left.
99 */
100 function still_on_time($extra_time = 15)
101 {
102 static $max_execution_time, $start_time;
103
104 $time = explode(' ', microtime());
105 $current_time = $time[0] + $time[1];
106
107 if (empty($max_execution_time))
108 {
109 $max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time');
110
111 // If zero, then set to something higher to not let the user catch the ten seconds barrier.
112 if ($max_execution_time === 0)
113 {
114 $max_execution_time = 50 + $extra_time;
115 }
116
117 $max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50);
118
119 // For debugging purposes
120 // $max_execution_time = 10;
121
122 global $starttime;
123 $start_time = (empty($starttime)) ? $current_time : $starttime;
124 }
125
126 return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
127 }
128
129 /**
130 * Global function for chmodding directories and files for internal use
131 * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions.
132 * The function determines owner and group from common.php file and sets the same to the provided file. Permissions are mapped to the group, user always has rw(x) permission.
133 * The function uses bit fields to build the permissions.
134 * The function sets the appropiate execute bit on directories.
135 *
136 * Supported constants representing bit fields are:
137 *
138 * phpbb::CHMOD_ALL - all permissions (7)
139 * phpbb::CHMOD_READ - read permission (4)
140 * phpbb::CHMOD_WRITE - write permission (2)
141 * phpbb::CHMOD_EXECUTE - execute permission (1)
142 *
143 * NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions.
144 *
145 * @param $filename The file/directory to be chmodded
146 * @param $perms Permissions to set
147 * @return true on success, otherwise false
148 *
149 * @author faw, phpBB Group
150 */
151 function phpbb_chmod($filename, $perms = phpbb::CHMOD_READ)
152 {
153 // Return if the file no longer exists.
154 if (!file_exists($filename))
155 {
156 return false;
157 }
158
159 if (!function_exists('fileowner') || !function_exists('filegroup'))
160 {
161 $file_uid = $file_gid = false;
162 $common_php_owner = $common_php_group = false;
163 }
164 else
165 {
166 // Determine owner/group of common.php file and the filename we want to change here
167 $common_php_owner = fileowner(PHPBB_ROOT_PATH . 'common.' . PHP_EXT);
168 $common_php_group = filegroup(PHPBB_ROOT_PATH . 'common.' . PHP_EXT);
169
170 $file_uid = fileowner($filename);
171 $file_gid = filegroup($filename);
172
173 // Try to set the owner to the same common.php has
174 if ($common_php_owner !== $file_uid && $common_php_owner !== false && $file_uid !== false)
175 {
176 // Will most likely not work
177 if (@chown($filename, $common_php_owner));
178 {
179 clearstatcache();
180 $file_uid = fileowner($filename);
181 }
182 }
183
184 // Try to set the group to the same common.php has
185 if ($common_php_group !== $file_gid && $common_php_group !== false && $file_gid !== false)
186 {
187 if (@chgrp($filename, $common_php_group));
188 {
189 clearstatcache();
190 $file_gid = filegroup($filename);
191 }
192 }
193 }
194
195 // And the owner and the groups PHP is running under.
196 $php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false;
197 $php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false;
198
199 // Who is PHP?
200 if ($file_uid === false || $file_gid === false || $php_uid === false || $php_gids === false)
201 {
202 $php = NULL;
203 }
204 else if ($file_uid == $php_uid /* && $common_php_owner !== false && $common_php_owner === $file_uid*/)
205 {
206 $php = 'owner';
207 }
208 else if (in_array($file_gid, $php_gids))
209 {
210 $php = 'group';
211 }
212 else
213 {
214 $php = 'other';
215 }
216
217 // Owner always has read/write permission
218 $owner = phpbb::CHMOD_READ | phpbb::CHMOD_WRITE;
219 if (is_dir($filename))
220 {
221 $owner |= phpbb::CHMOD_EXECUTE;
222
223 // Only add execute bit to the permission if the dir needs to be readable
224 if ($perms & phpbb::CHMOD_READ)
225 {
226 $perms |= phpbb::CHMOD_EXECUTE;
227 }
228 }
229
230 switch ($php)
231 {
232 case null:
233 case 'owner':
234 /* ATTENTION: if php is owner or NULL we set it to group here. This is the most failsafe combination for the vast majority of server setups.
235
236 $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0));
237
238 clearstatcache();
239
240 if (!is_null($php) || (is_readable($filename) && is_writable($filename)))
241 {
242 break;
243 }
244 */
245
246 case 'group':
247 $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0));
248
249 clearstatcache();
250
251 if (!is_null($php) || ((!($perms & phpbb::CHMOD_READ) || is_readable($filename)) && (!($perms & phpbb::CHMOD_WRITE) || is_writable($filename))))
252 {
253 break;
254 }
255
256 case 'other':
257 $result = @chmod($filename, ($owner << 6) + ($perms << 3) + ($perms << 0));
258
259 clearstatcache();
260
261 if (!is_null($php) || ((!($perms & phpbb::CHMOD_READ) || is_readable($filename)) && (!($perms & phpbb::CHMOD_WRITE) || is_writable($filename))))
262 {
263 break;
264 }
265
266 default:
267 return false;
268 break;
269 }
270
271 return $result;
272 }
273
274 /**
275 * Add a secret hash for use in links/GET requests
276 * @param string $link_name The name of the link; has to match the name used in check_link_hash, otherwise no restrictions apply
277 * @return string the hash
278 */
279 /*
280 @todo should use our hashing instead of a "custom" one
281 */
282 function generate_link_hash($link_name)
283 {
284 if (!isset(phpbb::$user->data["hash_$link_name"]))
285 {
286 phpbb::$user->data["hash_$link_name"] = substr(sha1(phpbb::$user->data['user_form_salt'] . $link_name), 0, 8);
287 }
288
289 return phpbb::$user->data["hash_$link_name"];
290 }
291
292
293 /**
294 * checks a link hash - for GET requests
295 * @param string $token the submitted token
296 * @param string $link_name The name of the link
297 * @return boolean true if all is fine
298 */
299
300 function check_link_hash($token, $link_name)
301 {
302 return $token === generate_link_hash($link_name);
303 }
304
305 // functions used for building option fields
306
307 /**
308 * Pick a language, any language ...
309 */
310 function language_select($default = '')
311 {
312 $sql = 'SELECT lang_iso, lang_local_name
313 FROM ' . LANG_TABLE . '
314 ORDER BY lang_english_name';
315 $result = phpbb::$db->sql_query($sql);
316
317 $lang_options = '';
318 while ($row = phpbb::$db->sql_fetchrow($result))
319 {
320 $selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : '';
321 $lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>';
322 }
323 phpbb::$db->sql_freeresult($result);
324
325 return $lang_options;
326 }
327
328 /**
329 * Pick a template/theme combo,
330 */
331 function style_select($default = '', $all = false)
332 {
333 $sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
334 $sql = 'SELECT style_id, style_name
335 FROM ' . STYLES_TABLE . "
336 $sql_where
337 ORDER BY style_name";
338 $result = phpbb::$db->sql_query($sql);
339
340 $style_options = '';
341 while ($row = phpbb::$db->sql_fetchrow($result))
342 {
343 $selected = ($row['style_id'] == $default) ? ' selected="selected"' : '';
344 $style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>';
345 }
346 phpbb::$db->sql_freeresult($result);
347
348 return $style_options;
349 }
350
351 /**
352 * Pick a timezone
353 */
354 function tz_select($default = '', $truncate = false)
355 {
356 $tz_select = '';
357 foreach (phpbb::$user->lang['tz_zones'] as $offset => $zone)
358 {
359 if ($truncate)
360 {
361 $zone_trunc = truncate_string($zone, 50, 255, false, '...');
362 }
363 else
364 {
365 $zone_trunc = $zone;
366 }
367
368 if (is_numeric($offset))
369 {
370 $selected = ($offset == $default) ? ' selected="selected"' : '';
371 $tz_select .= '<option title="'.$zone.'" value="' . $offset . '"' . $selected . '>' . $zone_trunc . '</option>';
372 }
373 }
374
375 return $tz_select;
376 }
377
378 // Functions handling topic/post tracking/marking
379
380 /**
381 * Marks a topic/forum as read
382 * Marks a topic as posted to
383 *
384 * @param int $user_id can only be used with $mode == 'post'
385 */
386 function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
387 {
388 if ($mode == 'all')
389 {
390 if ($forum_id === false || !sizeof($forum_id))
391 {
392 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
393 {
394 // Mark all forums read (index page)
395 phpbb::$db->sql_query('DELETE FROM ' . TOPICS_TRACK_TABLE . ' WHERE user_id = ' . phpbb::$user->data['user_id']);
396 phpbb::$db->sql_query('DELETE FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . phpbb::$user->data['user_id']);
397 phpbb::$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . ' WHERE user_id = ' . phpbb::$user->data['user_id']);
398 }
399 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
400 {
401 $tracking_topics = phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE);
402 $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
403
404 unset($tracking_topics['tf']);
405 unset($tracking_topics['t']);
406 unset($tracking_topics['f']);
407 $tracking_topics['l'] = base_convert(time() - phpbb::$config['board_startdate'], 10, 36);
408
409 phpbb::$user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
410 phpbb_request::overwrite(phpbb::$config['cookie_name'] . '_track', tracking_serialize($tracking_topics), phpbb_request::COOKIE);
411
412 unset($tracking_topics);
413
414 if (phpbb::$user->data['is_registered'])
415 {
416 phpbb::$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . ' WHERE user_id = ' . phpbb::$user->data['user_id']);
417 }
418 }
419 }
420
421 return;
422 }
423 else if ($mode == 'topics')
424 {
425 // Mark all topics in forums read
426 if (!is_array($forum_id))
427 {
428 $forum_id = array($forum_id);
429 }
430
431 // Add 0 to forums array to mark global announcements correctly
432 $forum_id[] = 0;
433
434 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
435 {
436 $sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . '
437 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
438 AND ' . phpbb::$db->sql_in_set('forum_id', $forum_id);
439 phpbb::$db->sql_query($sql);
440
441 $sql = 'SELECT forum_id
442 FROM ' . FORUMS_TRACK_TABLE . '
443 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
444 AND ' . phpbb::$db->sql_in_set('forum_id', $forum_id);
445 $result = phpbb::$db->sql_query($sql);
446
447 $sql_update = array();
448 while ($row = phpbb::$db->sql_fetchrow($result))
449 {
450 $sql_update[] = $row['forum_id'];
451 }
452 phpbb::$db->sql_freeresult($result);
453
454 if (sizeof($sql_update))
455 {
456 $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
457 SET mark_time = ' . time() . '
458 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
459 AND ' . phpbb::$db->sql_in_set('forum_id', $sql_update);
460 phpbb::$db->sql_query($sql);
461 }
462
463 if ($sql_insert = array_diff($forum_id, $sql_update))
464 {
465 $sql_ary = array();
466 foreach ($sql_insert as $f_id)
467 {
468 $sql_ary[] = array(
469 'user_id' => (int) phpbb::$user->data['user_id'],
470 'forum_id' => (int) $f_id,
471 'mark_time' => time()
472 );
473 }
474
475 phpbb::$db->sql_multi_insert(FORUMS_TRACK_TABLE, $sql_ary);
476 }
477 }
478 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
479 {
480 $tracking = phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE);
481 $tracking = ($tracking) ? tracking_unserialize($tracking) : array();
482
483 foreach ($forum_id as $f_id)
484 {
485 $topic_ids36 = (isset($tracking['tf'][$f_id])) ? $tracking['tf'][$f_id] : array();
486
487 if (isset($tracking['tf'][$f_id]))
488 {
489 unset($tracking['tf'][$f_id]);
490 }
491
492 foreach ($topic_ids36 as $topic_id36)
493 {
494 unset($tracking['t'][$topic_id36]);
495 }
496
497 if (isset($tracking['f'][$f_id]))
498 {
499 unset($tracking['f'][$f_id]);
500 }
501
502 $tracking['f'][$f_id] = base_convert(time() - phpbb::$config['board_startdate'], 10, 36);
503 }
504
505 if (isset($tracking['tf']) && empty($tracking['tf']))
506 {
507 unset($tracking['tf']);
508 }
509
510 phpbb::$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
511 phpbb_request::overwrite(phpbb::$config['cookie_name'] . '_track', tracking_serialize($tracking), phpbb_request::COOKIE);
512
513 unset($tracking);
514 }
515
516 return;
517 }
518 else if ($mode == 'topic')
519 {
520 if ($topic_id === false || $forum_id === false)
521 {
522 return;
523 }
524
525 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
526 {
527 $sql = 'UPDATE ' . TOPICS_TRACK_TABLE . '
528 SET mark_time = ' . (($post_time) ? $post_time : time()) . '
529 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
530 AND topic_id = ' . $topic_id;
531 phpbb::$db->sql_query($sql);
532
533 // insert row
534 if (!phpbb::$db->sql_affectedrows())
535 {
536 phpbb::$db->sql_return_on_error(true);
537
538 $sql_ary = array(
539 'user_id' => (int) phpbb::$user->data['user_id'],
540 'topic_id' => (int) $topic_id,
541 'forum_id' => (int) $forum_id,
542 'mark_time' => ($post_time) ? (int) $post_time : time(),
543 );
544
545 phpbb::$db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary));
546
547 phpbb::$db->sql_return_on_error(false);
548 }
549 }
550 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
551 {
552 $tracking = phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE);
553 $tracking = ($tracking) ? tracking_unserialize($tracking) : array();
554
555 $topic_id36 = base_convert($topic_id, 10, 36);
556
557 if (!isset($tracking['t'][$topic_id36]))
558 {
559 $tracking['tf'][$forum_id][$topic_id36] = true;
560 }
561
562 $post_time = ($post_time) ? $post_time : time();
563 $tracking['t'][$topic_id36] = base_convert($post_time - phpbb::$config['board_startdate'], 10, 36);
564
565 // If the cookie grows larger than 10000 characters we will remove the smallest value
566 // This can result in old topics being unread - but most of the time it should be accurate...
567 if (strlen(phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE)) > 10000)
568 {
569 //echo 'Cookie grown too large' . print_r($tracking, true);
570
571 // We get the ten most minimum stored time offsets and its associated topic ids
572 $time_keys = array();
573 for ($i = 0; $i < 10 && sizeof($tracking['t']); $i++)
574 {
575 $min_value = min($tracking['t']);
576 $m_tkey = array_search($min_value, $tracking['t']);
577 unset($tracking['t'][$m_tkey]);
578
579 $time_keys[$m_tkey] = $min_value;
580 }
581
582 // Now remove the topic ids from the array...
583 foreach ($tracking['tf'] as $f_id => $topic_id_ary)
584 {
585 foreach ($time_keys as $m_tkey => $min_value)
586 {
587 if (isset($topic_id_ary[$m_tkey]))
588 {
589 $tracking['f'][$f_id] = $min_value;
590 unset($tracking['tf'][$f_id][$m_tkey]);
591 }
592 }
593 }
594
595 if (phpbb::$user->data['is_registered'])
596 {
597 phpbb::$user->data['user_lastmark'] = intval(base_convert(max($time_keys) + phpbb::$config['board_startdate'], 36, 10));
598 phpbb::$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . phpbb::$user->data['user_lastmark'] . ' WHERE user_id = ' . phpbb::$user->data['user_id']);
599 }
600 else
601 {
602 $tracking['l'] = max($time_keys);
603 }
604 }
605
606 phpbb::$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
607 phpbb_request::overwrite(phpbb::$config['cookie_name'] . '_track', tracking_serialize($tracking));
608 }
609
610 return;
611 }
612 else if ($mode == 'post')
613 {
614 if ($topic_id === false)
615 {
616 return;
617 }
618
619 $use_user_id = (!$user_id) ? phpbb::$user->data['user_id'] : $user_id;
620
621 if (phpbb::$config['load_db_track'] && $use_user_id != ANONYMOUS)
622 {
623 phpbb::$db->sql_return_on_error(true);
624
625 $sql_ary = array(
626 'user_id' => (int) $use_user_id,
627 'topic_id' => (int) $topic_id,
628 'topic_posted' => 1
629 );
630
631 phpbb::$db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary));
632
633 phpbb::$db->sql_return_on_error(false);
634 }
635
636 return;
637 }
638 }
639
640 /**
641 * Get topic tracking info by using already fetched info
642 */
643 function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $global_announce_list = false)
644 {
645 $last_read = array();
646
647 if (!is_array($topic_ids))
648 {
649 $topic_ids = array($topic_ids);
650 }
651
652 foreach ($topic_ids as $topic_id)
653 {
654 if (!empty($rowset[$topic_id]['mark_time']))
655 {
656 $last_read[$topic_id] = $rowset[$topic_id]['mark_time'];
657 }
658 }
659
660 $topic_ids = array_diff($topic_ids, array_keys($last_read));
661
662 if (sizeof($topic_ids))
663 {
664 $mark_time = array();
665
666 // Get global announcement info
667 if ($global_announce_list && sizeof($global_announce_list))
668 {
669 if (!isset($forum_mark_time[0]))
670 {
671 $sql = 'SELECT mark_time
672 FROM ' . FORUMS_TRACK_TABLE . '
673 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
674 AND forum_id = 0';
675 $result = phpbb::$db->sql_query($sql);
676 $row = phpbb::$db->sql_fetchrow($result);
677 phpbb::$db->sql_freeresult($result);
678
679 if ($row)
680 {
681 $mark_time[0] = $row['mark_time'];
682 }
683 }
684 else
685 {
686 if ($forum_mark_time[0] !== false)
687 {
688 $mark_time[0] = $forum_mark_time[0];
689 }
690 }
691 }
692
693 if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false)
694 {
695 $mark_time[$forum_id] = $forum_mark_time[$forum_id];
696 }
697
698 $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : phpbb::$user->data['user_lastmark'];
699
700 foreach ($topic_ids as $topic_id)
701 {
702 if ($global_announce_list && isset($global_announce_list[$topic_id]))
703 {
704 $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
705 }
706 else
707 {
708 $last_read[$topic_id] = $user_lastmark;
709 }
710 }
711 }
712
713 return $last_read;
714 }
715
716 /**
717 * Get topic tracking info from db (for cookie based tracking only this function is used)
718 */
719 function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_list = false)
720 {
721 $last_read = array();
722
723 if (!is_array($topic_ids))
724 {
725 $topic_ids = array($topic_ids);
726 }
727
728 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
729 {
730 $sql = 'SELECT topic_id, mark_time
731 FROM ' . TOPICS_TRACK_TABLE . '
732 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
733 AND ' . phpbb::$db->sql_in_set('topic_id', $topic_ids);
734 $result = phpbb::$db->sql_query($sql);
735
736 while ($row = phpbb::$db->sql_fetchrow($result))
737 {
738 $last_read[$row['topic_id']] = $row['mark_time'];
739 }
740 phpbb::$db->sql_freeresult($result);
741
742 $topic_ids = array_diff($topic_ids, array_keys($last_read));
743
744 if (sizeof($topic_ids))
745 {
746 $sql = 'SELECT forum_id, mark_time
747 FROM ' . FORUMS_TRACK_TABLE . '
748 WHERE user_id = ' . phpbb::$user->data['user_id'] . '
749 AND forum_id ' .
750 (($global_announce_list && sizeof($global_announce_list)) ? "IN (0, $forum_id)" : "= $forum_id");
751 $result = phpbb::$db->sql_query($sql);
752
753 $mark_time = array();
754 while ($row = phpbb::$db->sql_fetchrow($result))
755 {
756 $mark_time[$row['forum_id']] = $row['mark_time'];
757 }
758 phpbb::$db->sql_freeresult($result);
759
760 $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : phpbb::$user->data['user_lastmark'];
761
762 foreach ($topic_ids as $topic_id)
763 {
764 if ($global_announce_list && isset($global_announce_list[$topic_id]))
765 {
766 $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
767 }
768 else
769 {
770 $last_read[$topic_id] = $user_lastmark;
771 }
772 }
773 }
774 }
775 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
776 {
777 global $tracking_topics;
778
779 if (!isset($tracking_topics) || !sizeof($tracking_topics))
780 {
781 $tracking_topics = phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE);
782 $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
783 }
784
785 if (!phpbb::$user->data['is_registered'])
786 {
787 $user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + phpbb::$config['board_startdate'] : 0;
788 }
789 else
790 {
791 $user_lastmark = phpbb::$user->data['user_lastmark'];
792 }
793
794 foreach ($topic_ids as $topic_id)
795 {
796 $topic_id36 = base_convert($topic_id, 10, 36);
797
798 if (isset($tracking_topics['t'][$topic_id36]))
799 {
800 $last_read[$topic_id] = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + phpbb::$config['board_startdate'];
801 }
802 }
803
804 $topic_ids = array_diff($topic_ids, array_keys($last_read));
805
806 if (sizeof($topic_ids))
807 {
808 $mark_time = array();
809 if ($global_announce_list && sizeof($global_announce_list))
810 {
811 if (isset($tracking_topics['f'][0]))
812 {
813 $mark_time[0] = base_convert($tracking_topics['f'][0], 36, 10) + phpbb::$config['board_startdate'];
814 }
815 }
816
817 if (isset($tracking_topics['f'][$forum_id]))
818 {
819 $mark_time[$forum_id] = base_convert($tracking_topics['f'][$forum_id], 36, 10) + phpbb::$config['board_startdate'];
820 }
821
822 $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user_lastmark;
823
824 foreach ($topic_ids as $topic_id)
825 {
826 if ($global_announce_list && isset($global_announce_list[$topic_id]))
827 {
828 $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
829 }
830 else
831 {
832 $last_read[$topic_id] = $user_lastmark;
833 }
834 }
835 }
836 }
837
838 return $last_read;
839 }
840
841 /**
842 * Check for read forums and update topic tracking info accordingly
843 *
844 * @param int $forum_id the forum id to check
845 * @param int $forum_last_post_time the forums last post time
846 * @param int $f_mark_time the forums last mark time if user is registered and load_db_lastread enabled
847 * @param int $mark_time_forum false if the mark time needs to be obtained, else the last users forum mark time
848 *
849 * @return true if complete forum got marked read, else false.
850 */
851 function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
852 {
853 global $tracking_topics;
854
855 // Determine the users last forum mark time if not given.
856 if ($mark_time_forum === false)
857 {
858 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
859 {
860 $mark_time_forum = (!empty($f_mark_time)) ? $f_mark_time : phpbb::$user->data['user_lastmark'];
861 }
862 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
863 {
864 $tracking_topics = phpbb_request::variable(phpbb::$config['cookie_name'] . '_track', '', false, phpbb_request::COOKIE);
865 $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
866
867 if (!phpbb::$user->data['is_registered'])
868 {
869 phpbb::$user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + phpbb::$config['board_startdate']) : 0;
870 }
871
872 $mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + phpbb::$config['board_startdate']) : phpbb::$user->data['user_lastmark'];
873 }
874 }
875
876 // Check the forum for any left unread topics.
877 // If there are none, we mark the forum as read.
878 if (phpbb::$config['load_db_lastread'] && phpbb::$user->data['is_registered'])
879 {
880 if ($mark_time_forum >= $forum_last_post_time)
881 {
882 // We do not need to mark read, this happened before. Therefore setting this to true
883 $row = true;
884 }
885 else
886 {
887 $sql = 'SELECT t.forum_id FROM ' . TOPICS_TABLE . ' t
888 LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . phpbb::$user->data['user_id'] . ')
889 WHERE t.forum_id = ' . $forum_id . '
890 AND t.topic_last_post_time > ' . $mark_time_forum . '
891 AND t.topic_moved_id = 0
892 AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time)
893 GROUP BY t.forum_id';
894 $result = phpbb::$db->sql_query_limit($sql, 1);
895 $row = phpbb::$db->sql_fetchrow($result);
896 phpbb::$db->sql_freeresult($result);
897 }
898 }
899 else if (phpbb::$config['load_anon_lastread'] || phpbb::$user->data['is_registered'])
900 {
901 // Get information from cookie
902 $row = false;
903
904 if (!isset($tracking_topics['tf'][$forum_id]))
905 {
906 // We do not need to mark read, this happened before. Therefore setting this to true
907 $row = true;
908 }
909 else
910 {
911 $sql = 'SELECT topic_id
912 FROM ' . TOPICS_TABLE . '
913 WHERE forum_id = ' . $forum_id . '
914 AND topic_last_post_time > ' . $mark_time_forum . '
915 AND topic_moved_id = 0';
916 $result = phpbb::$db->sql_query($sql);
917
918 $check_forum = $tracking_topics['tf'][$forum_id];
919 $unread = false;
920
921 while ($row = phpbb::$db->sql_fetchrow($result))
922 {
923 if (!isset($check_forum[base_convert($row['topic_id'], 10, 36)]))
924 {
925 $unread = true;
926 break;
927 }
928 }
929 phpbb::$db->sql_freeresult($result);
930
931 $row = $unread;
932 }
933 }
934 else
935 {
936 $row = true;
937 }
938
939 if (!$row)
940 {
941 markread('topics', $forum_id);
942 return true;
943 }
944
945 return false;
946 }
947
948 /**
949 * Transform an array into a serialized format
950 */
951 function tracking_serialize($input)
952 {
953 $out = '';
954 foreach ($input as $key => $value)
955 {
956 if (is_array($value))
957 {
958 $out .= $key . ':(' . tracking_serialize($value) . ');';
959 }
960 else
961 {
962 $out .= $key . ':' . $value . ';';
963 }
964 }
965 return $out;
966 }
967
968 /**
969 * Transform a serialized array into an actual array
970 */
971 function tracking_unserialize($string, $max_depth = 3)
972 {
973 $n = strlen($string);
974 if ($n > 10010)
975 {
976 die('Invalid data supplied');
977 }
978 $data = $stack = array();
979 $key = '';
980 $mode = 0;
981 $level = &$data;
982 for ($i = 0; $i < $n; ++$i)
983 {
984 switch ($mode)
985 {
986 case 0:
987 switch ($string[$i])
988 {
989 case ':':
990 $level[$key] = 0;
991 $mode = 1;
992 break;
993 case ')':
994 unset($level);
995 $level = array_pop($stack);
996 $mode = 3;
997 break;
998 default:
999 $key .= $string[$i];
1000 }
1001 break;
1002
1003 case 1:
1004 switch ($string[$i])
1005 {
1006 case '(':
1007 if (sizeof($stack) >= $max_depth)
1008 {
1009 die('Invalid data supplied');
1010 }
1011 $stack[] = &$level;
1012 $level[$key] = array();
1013 $level = &$level[$key];
1014 $key = '';
1015 $mode = 0;
1016 break;
1017 default:
1018 $level[$key] = $string[$i];
1019 $mode = 2;
1020 break;
1021 }
1022 break;
1023
1024 case 2:
1025 switch ($string[$i])
1026 {
1027 case ')':
1028 unset($level);
1029 $level = array_pop($stack);
1030 $mode = 3;
1031 break;
1032 case ';':
1033 $key = '';
1034 $mode = 0;
1035 break;
1036 default:
1037 $level[$key] .= $string[$i];
1038 break;
1039 }
1040 break;
1041
1042 case 3:
1043 switch ($string[$i])
1044 {
1045 case ')':
1046 unset($level);
1047 $level = array_pop($stack);
1048 break;
1049 case ';':
1050 $key = '';
1051 $mode = 0;
1052 break;
1053 default:
1054 die('Invalid data supplied');
1055 break;
1056 }
1057 break;
1058 }
1059 }
1060
1061 if (sizeof($stack) != 0 || ($mode != 0 && $mode != 3))
1062 {
1063 die('Invalid data supplied');
1064 }
1065
1066 return $level;
1067 }
1068
1069 // Pagination functions
1070
1071 /**
1072 * Pagination routine, generates page number sequence
1073 * tpl_prefix is for using different pagination blocks at one page
1074 */
1075 function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = false, $tpl_prefix = '')
1076 {
1077 global $template;
1078
1079 // Make sure $per_page is a valid value
1080 $per_page = ($per_page <= 0) ? 1 : $per_page;
1081
1082 $seperator = '<span class="page-sep">' . phpbb::$user->lang['COMMA_SEPARATOR'] . '</span>';
1083 $total_pages = ceil($num_items / $per_page);
1084
1085 if ($total_pages == 1 || !$num_items)
1086 {
1087 return false;
1088 }
1089
1090 $on_page = floor($start_item / $per_page) + 1;
1091 $url_delim = (strpos($base_url, '?') === false) ? '?' : '&amp;';
1092
1093 $page_string = ($on_page == 1) ? '<strong>1</strong>' : '<a href="' . $base_url . '">1</a>';
1094
1095 if ($total_pages > 5)
1096 {
1097 $start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
1098 $end_cnt = max(min($total_pages, $on_page + 4), 6);
1099
1100 $page_string .= ($start_cnt > 1) ? ' ... ' : $seperator;
1101
1102 for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
1103 {
1104 $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
1105 if ($i < $end_cnt - 1)
1106 {
1107 $page_string .= $seperator;
1108 }
1109 }
1110
1111 $page_string .= ($end_cnt < $total_pages) ? ' ... ' : $seperator;
1112 }
1113 else
1114 {
1115 $page_string .= $seperator;
1116
1117 for ($i = 2; $i < $total_pages; $i++)
1118 {
1119 $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
1120 if ($i < $total_pages)
1121 {
1122 $page_string .= $seperator;
1123 }
1124 }
1125 }
1126
1127 $page_string .= ($on_page == $total_pages) ? '<strong>' . $total_pages . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a>';
1128
1129 if ($add_prevnext_text)
1130 {
1131 if ($on_page != 1)
1132 {
1133 $page_string = '<a href="' . $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page) . '">' . phpbb::$user->lang['PREVIOUS'] . '</a>&nbsp;&nbsp;' . $page_string;
1134 }
1135
1136 if ($on_page != $total_pages)
1137 {
1138 $page_string .= '&nbsp;&nbsp;<a href="' . $base_url . "{$url_delim}start=" . ($on_page * $per_page) . '">' . phpbb::$user->lang['NEXT'] . '</a>';
1139 }
1140 }
1141
1142 $template->assign_vars(array(
1143 $tpl_prefix . 'BASE_URL' => $base_url,
1144 'A_' . $tpl_prefix . 'BASE_URL' => addslashes($base_url),
1145 $tpl_prefix . 'PER_PAGE' => $per_page,
1146
1147 $tpl_prefix . 'PREVIOUS_PAGE' => ($on_page == 1) ? '' : $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page),
1148 $tpl_prefix . 'NEXT_PAGE' => ($on_page == $total_pages) ? '' : $base_url . "{$url_delim}start=" . ($on_page * $per_page),
1149 $tpl_prefix . 'TOTAL_PAGES' => $total_pages,
1150 ));
1151
1152 return $page_string;
1153 }
1154
1155 /**
1156 * Return current page (pagination)
1157 */
1158 function on_page($num_items, $per_page, $start)
1159 {
1160 global $template;
1161
1162 // Make sure $per_page is a valid value
1163 $per_page = ($per_page <= 0) ? 1 : $per_page;
1164
1165 $on_page = floor($start / $per_page) + 1;
1166
1167 $template->assign_vars(array(
1168 'ON_PAGE' => $on_page)
1169 );
1170
1171 return phpbb::$user->lang('PAGE_OF', $on_page, max(ceil($num_items / $per_page), 1));
1172 }
1173
1174
1175 //Form validation
1176
1177
1178
1179 /**
1180 * Add a secret token to the form (requires the S_FORM_TOKEN template variable)
1181 * @param string $form_name The name of the form; has to match the name used in check_form_key, otherwise no restrictions apply
1182 */
1183 function add_form_key($form_name)
1184 {
1185 global $template;
1186
1187 $now = time();
1188 $token_sid = (phpbb::$user->data['user_id'] == ANONYMOUS && !empty(phpbb::$config['form_token_sid_guests'])) ? phpbb::$user->session_id : '';
1189 $token = sha1($now . phpbb::$user->data['user_form_salt'] . $form_name . $token_sid);
1190
1191 $s_fields = build_hidden_fields(array(
1192 'creation_time' => $now,
1193 'form_token' => $token,
1194 ));
1195
1196 $template->assign_vars(array(
1197 'S_FORM_TOKEN' => $s_fields,
1198 ));
1199 }
1200
1201 /**
1202 * Check the form key. Required for all altering actions not secured by confirm_box
1203 * @param string $form_name The name of the form; has to match the name used in add_form_key, otherwise no restrictions apply
1204 * @param int $timespan The maximum acceptable age for a submitted form in seconds. Defaults to the config setting.
1205 * @param string $return_page The address for the return link
1206 * @param bool $trigger If true, the function will triger an error when encountering an invalid form
1207 */
1208 function check_form_key($form_name, $timespan = false, $return_page = '', $trigger = false)
1209 {
1210 if ($timespan === false)
1211 {
1212 // we enforce a minimum value of half a minute here.
1213 $timespan = (phpbb::$config['form_token_lifetime'] == -1) ? -1 : max(30, phpbb::$config['form_token_lifetime']);
1214 }
1215
1216 if (phpbb_request::is_set_post('creation_time') && phpbb_request::is_set_post('form_token'))
1217 {
1218 $creation_time = abs(request_var('creation_time', 0));
1219 $token = request_var('form_token', '');
1220
1221 $diff = time() - $creation_time;
1222
1223 // If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)...
1224 if ($diff && ($diff <= $timespan || $timespan === -1))
1225 {
1226 $token_sid = (phpbb::$user->data['user_id'] == ANONYMOUS && !empty(phpbb::$config['form_token_sid_guests'])) ? phpbb::$user->session_id : '';
1227 $key = sha1($creation_time . phpbb::$user->data['user_form_salt'] . $form_name . $token_sid);
1228
1229 if ($key === $token)
1230 {
1231 return true;
1232 }
1233 }
1234 }
1235
1236 if ($trigger)
1237 {
1238 trigger_error(phpbb::$user->lang['FORM_INVALID'] . $return_page);
1239 }
1240
1241 return false;
1242 }
1243
1244 // Message/Login boxes
1245
1246 /**
1247 * Build Confirm box
1248 * @param boolean $check True for checking if confirmed (without any additional parameters) and false for displaying the confirm box
1249 * @param string $title Title/Message used for confirm box.
1250 * message text is _CONFIRM appended to title.
1251 * If title cannot be found in user->lang a default one is displayed
1252 * If title_CONFIRM cannot be found in user->lang the text given is used.
1253 * @param string $hidden Hidden variables
1254 * @param string $html_body Template used for confirm box
1255 * @param string $u_action Custom form action
1256 */
1257 function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '')
1258 {
1259 global $template;
1260
1261 if (phpbb_request::is_set_post('cancel'))
1262 {
1263 return false;
1264 }
1265
1266 $confirm = false;
1267 if (phpbb_request::is_set_post('confirm'))
1268 {
1269 // language frontier
1270 if (request_var('confirm', '') === phpbb::$user->lang['YES'])
1271 {
1272 $confirm = true;
1273 }
1274 }
1275
1276 if ($check && $confirm)
1277 {
1278 $user_id = request_var('user_id', 0);
1279 $session_id = request_var('sess', '');
1280 $confirm_key = request_var('confirm_key', '');
1281
1282 if ($user_id != phpbb::$user->data['user_id'] || $session_id != phpbb::$user->session_id || !$confirm_key || !phpbb::$user->data['user_last_confirm_key'] || $confirm_key != phpbb::$user->data['user_last_confirm_key'])
1283 {
1284 return false;
1285 }
1286
1287 // Reset user_last_confirm_key
1288 $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = ''
1289 WHERE user_id = " . phpbb::$user->data['user_id'];
1290 phpbb::$db->sql_query($sql);
1291
1292 return true;
1293 }
1294 else if ($check)
1295 {
1296 return false;
1297 }
1298
1299 $s_hidden_fields = build_hidden_fields(array(
1300 'user_id' => phpbb::$user->data['user_id'],
1301 'sess' => phpbb::$user->session_id,
1302 'sid' => phpbb::$user->session_id,
1303 ));
1304
1305 // generate activation key
1306 $confirm_key = gen_rand_string(10);
1307
1308 page_header((!isset(phpbb::$user->lang[$title])) ? phpbb::$user->lang['CONFIRM'] : phpbb::$user->lang[$title]);
1309
1310 $template->set_filenames(array(
1311 'body' => $html_body)
1312 );
1313
1314 // If activation key already exist, we better do not re-use the key (something very strange is going on...)
1315 if (request_var('confirm_key', ''))
1316 {
1317 // This should not occur, therefore we cancel the operation to safe the user
1318 return false;
1319 }
1320
1321 // re-add sid / transform & to &amp; for user->page (user->page is always using &)
1322 $use_page = ($u_action) ? PHPBB_ROOT_PATH . $u_action : PHPBB_ROOT_PATH . str_replace('&', '&amp;', phpbb::$user->page['page']);
1323 $u_action = reapply_sid($use_page);
1324 $u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;
1325
1326 $template->assign_vars(array(
1327 'MESSAGE_TITLE' => (!isset(phpbb::$user->lang[$title])) ? phpbb::$user->lang['CONFIRM'] : phpbb::$user->lang[$title],
1328 'MESSAGE_TEXT' => (!isset(phpbb::$user->lang[$title . '_CONFIRM'])) ? $title : phpbb::$user->lang[$title . '_CONFIRM'],
1329
1330 'YES_VALUE' => phpbb::$user->lang['YES'],
1331 'S_CONFIRM_ACTION' => $u_action,
1332 'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields)
1333 );
1334
1335 $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . phpbb::$db->sql_escape($confirm_key) . "'
1336 WHERE user_id = " . phpbb::$user->data['user_id'];
1337 phpbb::$db->sql_query($sql);
1338
1339 page_footer();
1340 }
1341
1342 /**
1343 * Generate login box or verify password
1344 */
1345 function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true)
1346 {
1347 $err = '';
1348
1349 // Make sure user->setup() has been called
1350 if (empty(phpbb::$user->lang))
1351 {
1352 phpbb::$user->setup();
1353 }
1354
1355 // Print out error if user tries to authenticate as an administrator without having the privileges...
1356 if ($admin && !phpbb::$acl->acl_get('a_'))
1357 {
1358 // Not authd
1359 // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
1360 if (phpbb::$user->is_registered)
1361 {
1362 add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
1363 }
1364
1365 $admin = false;
1366 }
1367
1368 if (phpbb_request::is_set_post('login'))
1369 {
1370 // Get credential
1371 if ($admin)
1372 {
1373 $credential = request_var('credential', '');
1374
1375 if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32)
1376 {
1377 if (phpbb::$user->is_registered)
1378 {
1379 add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
1380 }
1381
1382 trigger_error('NO_AUTH_ADMIN');
1383 }
1384
1385 $password = request_var('password_' . $credential, '', true);
1386 }
1387 else
1388 {
1389 $password = request_var('password', '', true);
1390 }
1391
1392 $username = request_var('username', '', true);
1393 $autologin = phpbb_request::variable('autologin', false, false, phpbb_request::POST);
1394 $viewonline = (phpbb_request::variable('viewonline', false, false, phpbb_request::POST)) ? 0 : 1;
1395 $admin = ($admin) ? 1 : 0;
1396 $viewonline = ($admin) ? phpbb::$user->data['session_viewonline'] : $viewonline;
1397
1398 // Check if the supplied username is equal to the one stored within the database if re-authenticating
1399 if ($admin && utf8_clean_string($username) != utf8_clean_string(phpbb::$user->data['username']))
1400 {
1401 // We log the attempt to use a different username...
1402 add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
1403 trigger_error('NO_AUTH_ADMIN_USER_DIFFER');
1404 }
1405
1406 // If authentication is successful we redirect user to previous page
1407 $result = phpbb::$user->login($username, $password, $autologin, $viewonline, $admin);
1408
1409 // If admin authentication and login, we will log if it was a success or not...
1410 // We also break the operation on the first non-success login - it could be argued that the user already knows
1411 if ($admin)
1412 {
1413 if ($result['status'] == LOGIN_SUCCESS)
1414 {
1415 add_log('admin', 'LOG_ADMIN_AUTH_SUCCESS');
1416 }
1417 else
1418 {
1419 // Only log the failed attempt if a real user tried to.
1420 // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
1421 if (phpbb::$user->is_registered)
1422 {
1423 add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
1424 }
1425 }
1426 }
1427
1428 // The result parameter is always an array, holding the relevant information...
1429 if ($result['status'] == LOGIN_SUCCESS)
1430 {
1431 $redirect = request_var('redirect', phpbb::$user->page['page']);
1432
1433 $message = ($l_success) ? $l_success : phpbb::$user->lang['LOGIN_REDIRECT'];
1434 $l_redirect = ($admin) ? phpbb::$user->lang['PROCEED_TO_ACP'] : (($redirect === PHPBB_ROOT_PATH . 'index.' . PHP_EXT || $redirect === 'index.' . PHP_EXT) ? phpbb::$user->lang['RETURN_INDEX'] : phpbb::$user->lang['RETURN_PAGE']);
1435
1436 // append/replace SID (may change during the session for AOL users)
1437 $redirect = phpbb::$url->reapply_sid($redirect);
1438
1439 // Special case... the user is effectively banned, but we allow founders to login
1440 if (defined('IN_CHECK_BAN') && $result['user_row']['user_type'] != phpbb::USER_FOUNDER)
1441 {
1442 return;
1443 }
1444
1445 // $redirect = phpbb::$url->meta_refresh(3, $redirect);
1446 trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
1447 }
1448
1449 // Something failed, determine what...
1450 if ($result['status'] == LOGIN_BREAK)
1451 {
1452 trigger_error($result['error_msg']);
1453 }
1454
1455 // Special cases... determine
1456 switch ($result['status'])
1457 {
1458 case LOGIN_ERROR_ATTEMPTS:
1459
1460 $captcha = phpbb_captcha_factory::get_instance(phpbb::$config['captcha_plugin']);
1461 $captcha->init(CONFIRM_LOGIN);
1462 $captcha->reset();
1463
1464 $template->assign_vars(array(
1465 'S_CONFIRM_CODE' => true,
1466 'CONFIRM' => $captcha->get_template(''),
1467 ));
1468
1469 $err = phpbb::$user->lang[$result['error_msg']];
1470
1471 break;
1472
1473 case LOGIN_ERROR_PASSWORD_CONVERT:
1474 $err = sprintf(
1475 phpbb::$user->lang[$result['error_msg']],
1476 (phpbb::$config['email_enable']) ? '<a href="' . append_sid('ucp', 'mode=sendpassword') . '">' : '',
1477 (phpbb::$config['email_enable']) ? '</a>' : '',
1478 (phpbb::$config['board_contact']) ? '<a href="mailto:' . utf8_htmlspecialchars(phpbb::$config['board_contact']) . '">' : '',
1479 (phpbb::$config['board_contact']) ? '</a>' : ''
1480 );
1481 break;
1482
1483 // Username, password, etc...
1484 default:
1485 $err = phpbb::$user->lang[$result['error_msg']];
1486
1487 // Assign admin contact to some error messages
1488 if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD')
1489 {
1490 $err = (!phpbb::$config['board_contact']) ? sprintf(phpbb::$user->lang[$result['error_msg']], '', '') : sprintf(phpbb::$user->lang[$result['error_msg']], '<a href="mailto:' . utf8_htmlspecialchars(phpbb::$config['board_contact']) . '">', '</a>');
1491 }
1492
1493 break;
1494 }
1495 }
1496
1497 if (!$redirect)
1498 {
1499 // We just use what the session code determined...
1500 // If we are not within the admin directory we use the page dir...
1501 $redirect = '';
1502
1503 if (!$admin && !defined('ADMIN_START'))
1504 {
1505 $redirect .= (phpbb::$user->page['page_dir']) ? phpbb::$user->page['page_dir'] . '/' : '';
1506 }
1507
1508 $redirect .= phpbb::$user->page['page_name'] . ((phpbb::$user->page['query_string']) ? '?' . utf8_htmlspecialchars(phpbb::$user->page['query_string']) : '');
1509 }
1510
1511 // Assign credential for username/password pair
1512 $credential = ($admin) ? md5(phpbb::$security->unique_id()) : false;
1513
1514 $s_hidden_fields = array(
1515 'redirect' => $redirect,
1516 'sid' => phpbb::$user->session_id,
1517 );
1518
1519 if ($admin)
1520 {
1521 $s_hidden_fields['credential'] = $credential;
1522 }
1523
1524 $s_hidden_fields = build_hidden_fields($s_hidden_fields);
1525
1526 phpbb::$template->assign_vars(array(
1527 'LOGIN_ERROR' => $err,
1528 'LOGIN_EXPLAIN' => $l_explain,
1529
1530 'U_SEND_PASSWORD' => (phpbb::$config['email_enable']) ? phpbb::$url->append_sid('ucp', 'mode=sendpassword') : '',
1531 'U_RESEND_ACTIVATION' => (phpbb::$config['require_activation'] != USER_ACTIVATION_NONE && phpbb::$config['email_enable']) ? phpbb::$url->append_sid('ucp', 'mode=resend_act') : '',
1532 'U_TERMS_USE' => phpbb::$url->append_sid('ucp', 'mode=terms'),
1533 'U_PRIVACY' => phpbb::$url->append_sid('ucp', 'mode=privacy'),
1534
1535 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false,
1536 'S_LOGIN_ACTION' => (!$admin && !defined('ADMIN_START')) ? phpbb::$url->append_sid('ucp', 'mode=login') : phpbb::$url->append_sid(PHPBB_ADMIN_PATH . 'index.' . PHP_EXT, false, true, phpbb::$user->session_id),
1537 'S_HIDDEN_FIELDS' => $s_hidden_fields,
1538
1539 'S_ADMIN_AUTH' => $admin,
1540 'S_ACP_LOGIN' => defined('ADMIN_START'),
1541 'USERNAME' => ($admin) ? phpbb::$user->data['username'] : '',
1542
1543 'USERNAME_CREDENTIAL' => 'username',
1544 'PASSWORD_CREDENTIAL' => ($admin) ? 'password_' . $credential : 'password',
1545 ));
1546
1547 phpbb::$template->set_filenames(array(
1548 'body' => 'login_body.html')
1549 );
1550
1551 page_header(phpbb::$user->lang['LOGIN'], false);
1552 make_jumpbox('viewforum');
1553
1554 page_footer();
1555 }
1556
1557 /**
1558 * Generate forum login box
1559 */
1560 function login_forum_box($forum_data)
1561 {
1562 global $template;
1563
1564 $password = request_var('password', '', true);
1565
1566 $sql = 'SELECT forum_id
1567 FROM ' . FORUMS_ACCESS_TABLE . '
1568 WHERE forum_id = ' . $forum_data['forum_id'] . '
1569 AND user_id = ' . phpbb::$user->data['user_id'] . "
1570 AND session_id = '" . phpbb::$db->sql_escape(phpbb::$user->session_id) . "'";
1571 $result = phpbb::$db->sql_query($sql);
1572 $row = phpbb::$db->sql_fetchrow($result);
1573 phpbb::$db->sql_freeresult($result);
1574
1575 if ($row)
1576 {
1577 return true;
1578 }
1579
1580 if ($password)
1581 {
1582 // Remove expired authorised sessions
1583 $sql = 'SELECT f.session_id
1584 FROM ' . FORUMS_ACCESS_TABLE . ' f
1585 LEFT JOIN ' . SESSIONS_TABLE . ' s ON (f.session_id = s.session_id)
1586 WHERE s.session_id IS NULL';
1587 $result = phpbb::$db->sql_query($sql);
1588
1589 if ($row = phpbb::$db->sql_fetchrow($result))
1590 {
1591 $sql_in = array();
1592 do
1593 {
1594 $sql_in[] = (string) $row['session_id'];
1595 }
1596 while ($row = phpbb::$db->sql_fetchrow($result));
1597
1598 // Remove expired sessions
1599 $sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . '
1600 WHERE ' . phpbb::$db->sql_in_set('session_id', $sql_in);
1601 phpbb::$db->sql_query($sql);
1602 }
1603 phpbb::$db->sql_freeresult($result);
1604
1605 if (phpbb_check_hash($password, $forum_data['forum_password']))
1606 {
1607 $sql_ary = array(
1608 'forum_id' => (int) $forum_data['forum_id'],
1609 'user_id' => (int) phpbb::$user->data['user_id'],
1610 'session_id' => (string) phpbb::$user->session_id,
1611 );
1612
1613 phpbb::$db->sql_query('INSERT INTO ' . FORUMS_ACCESS_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary));
1614
1615 return true;
1616 }
1617
1618 $template->assign_var('LOGIN_ERROR', phpbb::$user->lang['WRONG_PASSWORD']);
1619 }
1620
1621 page_header(phpbb::$user->lang['LOGIN']);
1622
1623 $template->assign_vars(array(
1624 'S_HIDDEN_FIELDS' => build_hidden_fields(array('f' => $forum_data['forum_id'])))
1625 );
1626
1627 $template->set_filenames(array(
1628 'body' => 'login_forum.html')
1629 );
1630
1631 page_footer();
1632 }
1633
1634 // Little helpers
1635
1636 /**
1637 * Little helper for the build_hidden_fields function
1638 */
1639 function _build_hidden_fields($key, $value, $specialchar, $stripslashes)
1640 {
1641 $hidden_fields = '';
1642
1643 if (!is_array($value))
1644 {
1645 $value = ($stripslashes) ? stripslashes($value) : $value;
1646 $value = ($specialchar) ? utf8_htmlspecialchars($value) : $value;
1647
1648 $hidden_fields .= '<input type="hidden" name="' . $key . '" value="' . $value . '" />' . "\n";
1649 }
1650 else
1651 {
1652 foreach ($value as $_key => $_value)
1653 {
1654 $_key = ($stripslashes) ? stripslashes($_key) : $_key;
1655 $_key = ($specialchar) ? utf8_htmlspecialchars($_key) : $_key;
1656
1657 $hidden_fields .= _build_hidden_fields($key . '[' . $_key . ']', $_value, $specialchar, $stripslashes);
1658 }
1659 }
1660
1661 return $hidden_fields;
1662 }
1663
1664 /**
1665 * Build simple hidden fields from array
1666 *
1667 * @param array $field_ary an array of values to build the hidden field from
1668 * @param bool $specialchar if true, keys and values get specialchared
1669 * @param bool $stripslashes if true, keys and values get stripslashed
1670 *
1671 * @return string the hidden fields
1672 */
1673 function build_hidden_fields($field_ary, $specialchar = false, $stripslashes = false)
1674 {
1675 $s_hidden_fields = '';
1676
1677 foreach ($field_ary as $name => $vars)
1678 {
1679 $name = ($stripslashes) ? stripslashes($name) : $name;
1680 $name = ($specialchar) ? utf8_htmlspecialchars($name) : $name;
1681
1682 $s_hidden_fields .= _build_hidden_fields($name, $vars, $specialchar, $stripslashes);
1683 }
1684
1685 return $s_hidden_fields;
1686 }
1687
1688 /**
1689 * Parse cfg file
1690 */
1691 function parse_cfg_file($filename, $lines = false)
1692 {
1693 $parsed_items = array();
1694
1695 if ($lines === false)
1696 {
1697 $lines = file($filename);
1698 }
1699
1700 foreach ($lines as $line)
1701 {
1702 $line = trim($line);
1703
1704 if (!$line || $line[0] == '#' || ($delim_pos = strpos($line, '=')) === false)
1705 {
1706 continue;
1707 }
1708
1709 // Determine first occurrence, since in values the equal sign is allowed
1710 $key = strtolower(trim(substr($line, 0, $delim_pos)));
1711 $value = trim(substr($line, $delim_pos + 1));
1712
1713 if (in_array($value, array('off', 'false', '0')))
1714 {
1715 $value = false;
1716 }
1717 else if (in_array($value, array('on', 'true', '1')))
1718 {
1719 $value = true;
1720 }
1721 else if (!trim($value))
1722 {
1723 $value = '';
1724 }
1725 else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
1726 {
1727 $value = substr($value, 1, sizeof($value)-2);
1728 }
1729
1730 $parsed_items[$key] = $value;
1731 }
1732
1733 return $parsed_items;
1734 }
1735
1736 /**
1737 * Add log event
1738 */
1739 function add_log()
1740 {
1741 $args = func_get_args();
1742
1743 $mode = array_shift($args);
1744 $reportee_id = ($mode == 'user') ? intval(array_shift($args)) : '';
1745 $forum_id = ($mode == 'mod') ? intval(array_shift($args)) : '';
1746 $topic_id = ($mode == 'mod') ? intval(array_shift($args)) : '';
1747 $action = array_shift($args);
1748 $data = (!sizeof($args)) ? '' : serialize($args);
1749
1750 $sql_ary = array(
1751 'user_id' => (empty(phpbb::$user->data)) ? ANONYMOUS : phpbb::$user->data['user_id'],
1752 'log_ip' => phpbb::$user->ip,
1753 'log_time' => time(),
1754 'log_operation' => $action,
1755 'log_data' => $data,
1756 );
1757
1758 switch ($mode)
1759 {
1760 case 'admin':
1761 $sql_ary['log_type'] = LOG_ADMIN;
1762 break;
1763
1764 case 'mod':
1765 $sql_ary += array(
1766 'log_type' => LOG_MOD,
1767 'forum_id' => $forum_id,
1768 'topic_id' => $topic_id
1769 );
1770 break;
1771
1772 case 'user':
1773 $sql_ary += array(
1774 'log_type' => LOG_USERS,
1775 'reportee_id' => $reportee_id
1776 );
1777 break;
1778
1779 case 'critical':
1780 $sql_ary['log_type'] = LOG_CRITICAL;
1781 break;
1782
1783 default:
1784 return false;
1785 }
1786
1787 phpbb::$db->sql_query('INSERT INTO ' . LOG_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary));
1788
1789 return phpbb::$db->sql_nextid();
1790 }
1791
1792 /**
1793 * Return a nicely formatted backtrace (parts from the php manual by diz at ysagoon dot com)
1794 */
1795 function get_backtrace()
1796 {
1797 $output = '<div style="font-family: monospace;">';
1798 $backtrace = debug_backtrace();
1799 $path = phpbb::$url->realpath(PHPBB_ROOT_PATH);
1800
1801 foreach ($backtrace as $number => $trace)
1802 {
1803 // We skip the first one, because it only shows this file/function
1804 if ($number == 0)
1805 {
1806 continue;
1807 }
1808
1809 if (empty($trace['file']) && empty($trace['line']))
1810 {
1811 continue;
1812 }
1813
1814 // Strip the current directory from path
1815 if (empty($trace['file']))
1816 {
1817 $trace['file'] = '';
1818 }
1819 else
1820 {
1821 $trace['file'] = str_replace(array($path, '\\'), array('', '/'), $trace['file']);
1822 $trace['file'] = substr($trace['file'], 1);
1823 }
1824 $args = array();
1825
1826 // If include/require/include_once is not called, do not show arguments - they may contain sensible information
1827 if (!in_array($trace['function'], array('include', 'require', 'include_once')))
1828 {
1829 unset($trace['args']);
1830 }
1831 else
1832 {
1833 // Path...
1834 if (!empty($trace['args'][0]))
1835 {
1836 $argument = htmlspecialchars($trace['args'][0]);
1837 $argument = str_replace(array($path, '\\'), array('', '/'), $argument);
1838 $argument = substr($argument, 1);
1839 $args[] = "'{$argument}'";
1840 }
1841 }
1842
1843 $trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
1844 $trace['type'] = (!isset($trace['type'])) ? '' : $trace['type'];
1845
1846 $output .= '<br />';
1847 $output .= '<b>FILE:</b> ' . htmlspecialchars($trace['file']) . '<br />';
1848 $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
1849
1850 $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']) . '(' . ((sizeof($args)) ? implode(', ', $args) : '') . ')<br />';
1851 }
1852 $output .= '</div>';
1853 return $output;
1854 }
1855
1856 /**
1857 * This function returns a regular expression pattern for commonly used expressions
1858 * Use with / as delimiter for email mode and # for url modes
1859 * mode can be: email|bbcode_htm|url|url_inline|www_url|www_url_inline|relative_url|relative_url_inline|ipv4|ipv6
1860 */
1861 function get_preg_expression($mode)
1862 {
1863 switch ($mode)
1864 {
1865 case 'email':
1866 return '(?:[a-z0-9\'\.\-_\+\|]++|&amp;)+@[a-z0-9\-]+\.(?:[a-z0-9\-]+\.)*[a-z]+';
1867 break;
1868
1869 case 'bbcode_htm':
1870 return array(
1871 '#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
1872 '#<!\-\- l \-\-><a (?:class="[\w-]+" )?href="(.*?)(?:(&amp;|\?)sid=[0-9a-f]{32})?">.*?</a><!\-\- l \-\->#',
1873 '#<!\-\- ([mw]) \-\-><a (?:class="[\w-]+" )?href="(.*?)">.*?</a><!\-\- \1 \-\->#',
1874 '#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
1875 '#<!\-\- .*? \-\->#s',
1876 '#<.*?>#s',
1877 );
1878 break;
1879
1880 // Whoa these look impressive!
1881 // The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses
1882 // can be found in the develop directory
1883 case 'ipv4':
1884 return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#';
1885 break;
1886
1887 case 'ipv6':
1888 return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){5}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:))$#i';
1889 break;
1890
1891 case 'url':
1892 case 'url_inline':
1893 $inline = ($mode == 'url') ? ')' : '';
1894 $scheme = ($mode == 'url') ? '[a-z\d+\-.]' : '[a-z\d+]'; // avoid automatic parsing of "word" in "last word.http://..."
1895 // generated with regex generation file in the develop folder
1896 return "[a-z]$scheme*:/{2}(?:(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
1897 break;
1898
1899 case 'www_url':
1900 case 'www_url_inline':
1901 $inline = ($mode == 'www_url') ? ')' : '';
1902 return "www\.(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
1903 break;
1904
1905 case 'relative_url':
1906 case 'relative_url_inline':
1907 $inline = ($mode == 'relative_url') ? ')' : '';
1908 return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
1909 break;
1910 }
1911
1912 return '';
1913 }
1914
1915 /**
1916 * Returns the first block of the specified IPv6 address and as many additional
1917 * ones as specified in the length paramater.
1918 * If length is zero, then an empty string is returned.
1919 * If length is greater than 3 the complete IP will be returned
1920 */
1921 function short_ipv6($ip, $length)
1922 {
1923 if ($length < 1)
1924 {
1925 return '';
1926 }
1927
1928 // extend IPv6 addresses
1929 $blocks = substr_count($ip, ':') + 1;
1930 if ($blocks < 9)
1931 {
1932 $ip = str_replace('::', ':' . str_repeat('0000:', 9 - $blocks), $ip);
1933 }
1934 if ($ip[0] == ':')
1935 {
1936 $ip = '0000' . $ip;
1937 }
1938 if ($length < 4)
1939 {
1940 $ip = implode(':', array_slice(explode(':', $ip), 0, 1 + $length));
1941 }
1942
1943 return $ip;
1944 }
1945
1946 /**
1947 * Wrapper for php's checkdnsrr function.
1948 *
1949 * The windows failover is from the php manual
1950 * Please make sure to check the return value for === true and === false, since NULL could
1951 * be returned too.
1952 *
1953 * @return true if entry found, false if not, NULL if this function is not supported by this environment
1954 */
1955 function phpbb_checkdnsrr($host, $type = '')
1956 {
1957 $type = (!$type) ? 'MX' : $type;
1958
1959 if (DIRECTORY_SEPARATOR == '\\')
1960 {
1961 if (!function_exists('exec'))
1962 {
1963 return NULL;
1964 }
1965
1966 // @exec('nslookup -retry=1 -timout=1 -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output);
1967 @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host) . '.', $output);
1968
1969 // If output is empty, the nslookup failed
1970 if (empty($output))
1971 {
1972 return NULL;
1973 }
1974
1975 foreach ($output as $line)
1976 {
1977 if (!trim($line))
1978 {
1979 continue;
1980 }
1981
1982 // Valid records begin with host name:
1983 if (strpos($line, $host) === 0)
1984 {
1985 return true;
1986 }
1987 }
1988
1989 return false;
1990 }
1991 else if (function_exists('checkdnsrr'))
1992 {
1993 // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)
1994 return (checkdnsrr($host . '.', $type)) ? true : false;
1995 }
1996
1997 return NULL;
1998 }
1999
2000 // Handler, header and footer
2001
2002 /**
2003 * Error and message handler, call with trigger_error if reqd
2004 */
2005 function msg_handler($errno, $msg_text, $errfile, $errline)
2006 {
2007 global $msg_title, $msg_long_text;
2008
2009 // Message handler is stripping text. In case we need it, we are able to define long text...
2010 if (isset($msg_long_text) && $msg_long_text && !$msg_text)
2011 {
2012 $msg_text = $msg_long_text;
2013 }
2014
2015 // Store information for later use
2016 phpbb::$last_notice = array(
2017 'file' => $errfile,
2018 'line' => $errline,
2019 'message' => $msg_text,
2020 'php_error' => (!empty($php_errormsg)) ? $php_errormsg : '',
2021 'errno' => $errno,
2022 );
2023
2024 // Do not display notices if we suppress them via @
2025 if (error_reporting() == 0)
2026 {
2027 return;
2028 }
2029
2030 switch ($errno)
2031 {
2032 case E_NOTICE:
2033 case E_WARNING:
2034 case E_STRICT:
2035
2036 // Check the error reporting level and return if the error level does not match
2037 // If DEBUG is defined the default level is E_ALL
2038 if (($errno & ((phpbb::$base_config['debug']) ? E_ALL | E_STRICT : error_reporting())) == 0)
2039 {
2040 return;
2041 }
2042
2043 // if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
2044 // {
2045 // flush the content, else we get a white page if output buffering is on
2046 if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on')
2047 {
2048 @ob_flush();
2049 }
2050
2051 // Another quick fix for those having gzip compression enabled, but do not flush if the coder wants to catch "something". ;)
2052 if (!empty(phpbb::$config['gzip_compress']))
2053 {
2054 if (@extension_loaded('zlib') && !headers_sent() && !ob_get_level())
2055 {
2056 @ob_flush();
2057 }
2058 }
2059
2060 // remove complete path to installation, with the risk of changing backslashes meant to be there
2061 if (phpbb::registered('url'))
2062 {
2063 $errfile = str_replace(array(phpbb::$url->realpath(PHPBB_ROOT_PATH), '\\'), array('', '/'), $errfile);
2064 $msg_text = str_replace(array(phpbb::$url->realpath(PHPBB_ROOT_PATH), '\\'), array('', '/'), $msg_text);
2065 }
2066
2067 echo '<b>[phpBB Debug] PHP Notice</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
2068 // }
2069
2070 return;
2071
2072 break;
2073
2074 case E_RECOVERABLE_ERROR:
2075 case E_USER_ERROR:
2076
2077 if (phpbb::registered('user'))
2078 {
2079 // Setup language
2080 if (empty(phpbb::$user->lang))
2081 {
2082 phpbb::$user->setup();
2083 }
2084
2085 $msg_text = (!empty(phpbb::$user->lang[$msg_text])) ? phpbb::$user->lang[$msg_text] : $msg_text;
2086 $msg_title = (!isset($msg_title)) ? phpbb::$user->lang['GENERAL_ERROR'] : ((!empty(phpbb::$user->lang[$msg_title])) ? phpbb::$user->lang[$msg_title] : $msg_title);
2087
2088 $l_return_index = phpbb::$user->lang('RETURN_INDEX', '<a href="' . PHPBB_ROOT_PATH . '">', '</a>');
2089 $l_notify = '';
2090
2091 if (!empty(phpbb::$config['board_contact']))
2092 {
2093 $l_notify = '<p>' . phpbb::$user->lang('NOTIFY_ADMIN_EMAIL', phpbb::$config['board_contact']) . '</p>';
2094 }
2095 }
2096 else
2097 {
2098 $msg_title = 'General Error';
2099 $l_return_index = '<a href="' . PHPBB_ROOT_PATH . '">Return to index page</a>';
2100 $l_notify = '';
2101
2102 if (!empty(phpbb::$config['board_contact']))
2103 {
2104 $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . phpbb::$config['board_contact'] . '">' . phpbb::$config['board_contact'] . '</a></p>';
2105 }
2106 }
2107
2108 garbage_collection();
2109
2110 // Try to not call the adm page data...
2111 // @todo put into failover template file
2112
2113 echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
2114 echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">';
2115 echo '<head>';
2116 echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
2117 echo '<title>' . $msg_title . '</title>';
2118 echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
2119 echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
2120 echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } ';
2121 echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } ';
2122 echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px #A9B8C2; } ';
2123 echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } ';
2124 echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } ';
2125 echo "\n" . '/* ]]> */' . "\n";
2126 echo '</style>';
2127 echo '</head>';
2128 echo '<body id="errorpage">';
2129 echo '<div id="wrap">';
2130 echo ' <div id="page-header">';
2131 echo ' ' . $l_return_index;
2132 echo ' </div>';
2133 echo ' <div id="acp">';
2134 echo ' <div class="panel">';
2135 echo ' <div id="content">';
2136 echo ' <h1>' . $msg_title . '</h1>';
2137
2138 echo ' <div>' . $msg_text;
2139
2140 if ((phpbb::registered('acl') && phpbb::$acl->acl_get('a_')) || defined('IN_INSTALL') || phpbb::$base_config['debug_extra'])
2141 {
2142 echo ($backtrace = get_backtrace()) ? '<br /><br />BACKTRACE' . $backtrace : '';
2143 }
2144 echo '</div>';
2145
2146 echo $l_notify;
2147
2148 echo ' </div>';
2149 echo ' </div>';
2150 echo ' </div>';
2151 echo ' <div id="page-footer">';
2152 echo ' Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>';
2153 echo ' </div>';
2154 echo '</div>';
2155 echo '</body>';
2156 echo '</html>';
2157
2158 exit_handler();
2159
2160 // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here.
2161 exit;
2162 break;
2163
2164 case E_USER_WARNING:
2165 case E_USER_NOTICE:
2166
2167 define('IN_ERROR_HANDLER', true);
2168
2169 if (empty(phpbb::$user->data))
2170 {
2171 phpbb::$user->session_begin();
2172 }
2173
2174 // We re-init the auth array to get correct results on login/logout
2175 phpbb::$acl->init(phpbb::$user->data);
2176
2177 if (empty(phpbb::$user->lang))
2178 {
2179 phpbb::$user->setup();
2180 }
2181
2182 $msg_text = (!empty(phpbb::$user->lang[$msg_text])) ? phpbb::$user->lang[$msg_text] : $msg_text;
2183 $msg_title = (!isset($msg_title)) ? phpbb::$user->lang['INFORMATION'] : ((!empty(phpbb::$user->lang[$msg_title])) ? phpbb::$user->lang[$msg_title] : $msg_title);
2184
2185 if (!defined('HEADER_INC'))
2186 {
2187 page_header($msg_title);
2188 }
2189
2190 phpbb::$template->set_filenames(array(
2191 'body' => 'message_body.html')
2192 );
2193
2194 phpbb::$template->assign_vars(array(
2195 'MESSAGE_TITLE' => $msg_title,
2196 'MESSAGE_TEXT' => $msg_text,
2197 'S_USER_WARNING' => ($errno == E_USER_WARNING) ? true : false,
2198 'S_USER_NOTICE' => ($errno == E_USER_NOTICE) ? true : false)
2199 );
2200
2201 // We do not want the cron script to be called on error messages
2202 define('IN_CRON', true);
2203
2204 page_footer();
2205
2206 exit_handler();
2207 break;
2208 }
2209
2210 // If we notice an error not handled here we pass this back to PHP by returning false
2211 // This may not work for all php versions
2212 return false;
2213 }
2214
2215 /**
2216 * Generate page header
2217 * @plugin-support override, default, return
2218 */
2219 function page_header($page_title = '', $display_online_list = true)
2220 {
2221 if (phpbb::$plugins->function_override(__FUNCTION__)) return phpbb::$plugins->call_override(__FUNCTION__, $page_title, $display_online_list);
2222
2223 if (defined('HEADER_INC'))
2224 {
2225 return;
2226 }
2227
2228 define('HEADER_INC', true);
2229
2230 // gzip_compression
2231 if (phpbb::$config['gzip_compress'])
2232 {
2233 if (@extension_loaded('zlib') && !headers_sent())
2234 {
2235 ob_start('ob_gzhandler');
2236 }
2237 }
2238
2239 if (phpbb::$plugins->function_inject(__FUNCTION__)) phpbb::$plugins->call_inject(__FUNCTION__, array('default', &$page_title, &$display_online_list));
2240
2241 // Generate logged in/logged out status
2242 if (phpbb::$user->data['user_id'] != ANONYMOUS)
2243 {
2244 $u_login_logout = phpbb::$url->append_sid('ucp', 'mode=logout', true, phpbb::$user->session_id);
2245 $l_login_logout = sprintf(phpbb::$user->lang['LOGOUT_USER'], phpbb::$user->data['username']);
2246 }
2247 else
2248 {
2249 $u_login_logout = phpbb::$url->append_sid('ucp', 'mode=login');
2250 $l_login_logout = phpbb::$user->lang['LOGIN'];
2251 }
2252
2253 // Last visit date/time
2254 $s_last_visit = (phpbb::$user->data['user_id'] != ANONYMOUS) ? phpbb::$user->format_date(phpbb::$user->data['session_last_visit']) : '';
2255
2256 // Get users online list ... if required
2257 $online_userlist = array();
2258 $l_online_users = $l_online_record = '';
2259 $forum = request_var('f', 0);
2260
2261 if (phpbb::$config['load_online'] && phpbb::$config['load_online_time'] && $display_online_list)
2262 {
2263 $logged_visible_online = $logged_hidden_online = $guests_online = $prev_user_id = 0;
2264 $prev_session_ip = $reading_sql = '';
2265
2266 if ($forum)
2267 {
2268 $reading_sql = ' AND s.session_forum_id = ' . $forum;
2269 }
2270
2271 // Get number of online guests
2272 if (!phpbb::$config['load_online_guests'])
2273 {
2274 if (phpbb::$db->features['count_distinct'])
2275 {
2276 $sql = 'SELECT COUNT(DISTINCT s.session_ip) as num_guests
2277 FROM ' . SESSIONS_TABLE . ' s
2278 WHERE s.session_user_id = ' . ANONYMOUS . '
2279 AND s.session_time >= ' . (time() - (phpbb::$config['load_online_time'] * 60)) .
2280 $reading_sql;
2281 }
2282 else
2283 {
2284 $sql = 'SELECT COUNT(session_ip) as num_guests
2285 FROM (
2286 SELECT DISTINCT s.session_ip
2287 FROM ' . SESSIONS_TABLE . ' s
2288 WHERE s.session_user_id = ' . ANONYMOUS . '
2289 AND s.session_time >= ' . (time() - (phpbb::$config['load_online_time'] * 60)) .
2290 $reading_sql .
2291 ')';
2292 }
2293 $result = phpbb::$db->sql_query($sql);
2294 $guests_online = (int) phpbb::$db->sql_fetchfield('num_guests');
2295 phpbb::$db->sql_freeresult($result);
2296 }
2297
2298 $sql = 'SELECT u.username, u.username_clean, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_viewonline
2299 FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s
2300 WHERE s.session_time >= ' . (time() - (intval(phpbb::$config['load_online_time']) * 60)) .
2301 $reading_sql .
2302 ((!phpbb::$config['load_online_guests']) ? ' AND s.session_user_id <> ' . ANONYMOUS : '') . '
2303 AND u.user_id = s.session_user_id
2304 ORDER BY u.username_clean ASC, s.session_ip ASC';
2305 $result = phpbb::$db->sql_query($sql);
2306
2307 $prev_user_id = false;
2308
2309 while ($row = phpbb::$db->sql_fetchrow($result))
2310 {
2311 // User is logged in and therefore not a guest
2312 if ($row['user_id'] != ANONYMOUS)
2313 {
2314 // Skip multiple sessions for one user
2315 if ($row['user_id'] != $prev_user_id)
2316 {
2317 if ($row['session_viewonline'])
2318 {
2319 $logged_visible_online++;
2320 }
2321 else
2322 {
2323 $row['username'] = '<em>' . $row['username'] . '</em>';
2324 $logged_hidden_online++;
2325 }
2326
2327 if (($row['session_viewonline']) || phpbb::$acl->acl_get('u_viewonline'))
2328 {
2329 $user_online_link = get_username_string(($row['user_type'] <> phpbb::USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
2330 $online_userlist[] = $user_online_link;
2331 }
2332 }
2333
2334 $prev_user_id = $row['user_id'];
2335 }
2336 else
2337 {
2338 // Skip multiple sessions for one user
2339 if ($row['session_ip'] != $prev_session_ip)
2340 {
2341 $guests_online++;
2342 }
2343 }
2344
2345 $prev_session_ip = $row['session_ip'];
2346 }
2347 phpbb::$db->sql_freeresult($result);
2348
2349 if (!sizeof($online_userlist))
2350 {
2351 $online_userlist = phpbb::$user->lang['NO_ONLINE_USERS'];
2352 }
2353 else
2354 {
2355 $online_userlist = implode(', ', $online_userlist);
2356 }
2357
2358 if (!$forum)
2359 {
2360 $online_userlist = phpbb::$user->lang['REGISTERED_USERS'] . ' ' . $online_userlist;
2361 }
2362 else
2363 {
2364 $online_userlist = phpbb::$user->lang('BROWSING_FORUM_GUESTS', $online_userlist, $guests_online);
2365 }
2366
2367 $total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online;
2368
2369 if ($total_online_users > phpbb::$config['record_online_users'])
2370 {
2371 set_config('record_online_users', $total_online_users, true);
2372 set_config('record_online_date', time(), true);
2373 }
2374
2375 $l_online_users = phpbb::$user->lang('ONLINE_USER_COUNT', $total_online_users);
2376 $l_online_users .= phpbb::$user->lang('REG_USER_COUNT', $logged_visible_online);
2377 $l_online_users .= phpbb::$user->lang('HIDDEN_USER_COUNT', $logged_hidden_online);
2378 $l_online_users .= phpbb::$user->lang('GUEST_USER_COUNT', $guests_online);
2379
2380 $l_online_record = phpbb::$user->lang('RECORD_ONLINE_USERS', phpbb::$config['record_online_users'], phpbb::$user->format_date(phpbb::$config['record_online_date']));
2381 $l_online_time = phpbb::$user->lang('VIEW_ONLINE_TIME', phpbb::$config['load_online_time']);
2382 }
2383 else
2384 {
2385 $l_online_time = '';
2386 }
2387
2388 $l_privmsgs_text = $l_privmsgs_text_unread = '';
2389 $s_privmsg_new = false;
2390
2391 // Obtain number of new private messages if user is logged in
2392 if (!empty(phpbb::$user->data['is_registered']))
2393 {
2394 if (phpbb::$user->data['user_new_privmsg'])
2395 {
2396 $l_privmsgs_text = phpbb::$user->lang('NEW_PM', phpbb::$user->data['user_new_privmsg']);
2397
2398 if (!phpbb::$user->data['user_last_privmsg'] || phpbb::$user->data['user_last_privmsg'] > phpbb::$user->data['session_last_visit'])
2399 {
2400 $sql = 'UPDATE ' . USERS_TABLE . '
2401 SET user_last_privmsg = ' . phpbb::$user->data['session_last_visit'] . '
2402 WHERE user_id = ' . phpbb::$user->data['user_id'];
2403 phpbb::$db->sql_query($sql);
2404
2405 $s_privmsg_new = true;
2406 }
2407 else
2408 {
2409 $s_privmsg_new = false;
2410 }
2411 }
2412 else
2413 {
2414 $l_privmsgs_text = phpbb::$user->lang['NO_NEW_PM'];
2415 $s_privmsg_new = false;
2416 }
2417
2418 $l_privmsgs_text_unread = '';
2419
2420 if (phpbb::$user->data['user_unread_privmsg'] && phpbb::$user->data['user_unread_privmsg'] != phpbb::$user->data['user_new_privmsg'])
2421 {
2422 $l_privmsgs_text_unread = phpbb::$user->lang('UNREAD_PM', phpbb::$user->data['user_unread_privmsg']);
2423 }
2424 }
2425
2426 // Which timezone?
2427 $tz = (phpbb::$user->data['user_id'] != ANONYMOUS) ? strval(doubleval(phpbb::$user->data['user_timezone'])) : strval(doubleval(phpbb::$config['board_timezone']));
2428
2429 // Send a proper content-language to the output
2430 $user_lang = phpbb::$user->lang['USER_LANG'];
2431 if (strpos($user_lang, '-x-') !== false)
2432 {
2433 $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-'));
2434 }
2435
2436 // The following assigns all _common_ variables that may be used at any point in a template.
2437 phpbb::$template->assign_vars(array(
2438 'SITENAME' => phpbb::$config['sitename'],
2439 'SITE_DESCRIPTION' => phpbb::$config['site_desc'],
2440 'PAGE_TITLE' => $page_title,
2441 'SCRIPT_NAME' => str_replace('.' . PHP_EXT, '', phpbb::$user->page['page_name']),
2442 'LAST_VISIT_DATE' => phpbb::$user->lang('YOU_LAST_VISIT', $s_last_visit),
2443 'LAST_VISIT_YOU' => $s_last_visit,
2444 'CURRENT_TIME' => phpbb::$user->lang('CURRENT_TIME', phpbb::$user->format_date(time(), false, true)),
2445 'TOTAL_USERS_ONLINE' => $l_online_users,
2446 'LOGGED_IN_USER_LIST' => $online_userlist,
2447 'RECORD_USERS' => $l_online_record,
2448 'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
2449 'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
2450
2451 'S_USER_NEW_PRIVMSG' => phpbb::$user->data['user_new_privmsg'],
2452 'S_USER_UNREAD_PRIVMSG' => phpbb::$user->data['user_unread_privmsg'],
2453
2454 'SESSION_ID' => phpbb::$user->session_id,
2455 'ROOT_PATH' => PHPBB_ROOT_PATH,
2456
2457 'L_LOGIN_LOGOUT' => $l_login_logout,
2458 'L_INDEX' => phpbb::$user->lang['FORUM_INDEX'],
2459 'L_ONLINE_EXPLAIN' => $l_online_time,
2460
2461 'U_PRIVATEMSGS' => phpbb::$url->append_sid('ucp', 'i=pm&amp;folder=inbox'),
2462 'U_RETURN_INBOX' => phpbb::$url->append_sid('ucp', 'i=pm&amp;folder=inbox'),
2463 'U_POPUP_PM' => phpbb::$url->append_sid('ucp', 'i=pm&amp;mode=popup'),
2464 'UA_POPUP_PM' => addslashes(phpbb::$url->append_sid('ucp', 'i=pm&amp;mode=popup')),
2465 'U_MEMBERLIST' => phpbb::$url->append_sid('memberlist'),
2466 'U_VIEWONLINE' => (phpbb::$acl->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) ? phpbb::$url->append_sid('viewonline') : '',
2467 'U_LOGIN_LOGOUT' => $u_login_logout,
2468 'U_INDEX' => phpbb::$url->append_sid('index'),
2469 'U_SEARCH' => phpbb::$url->append_sid('search'),
2470 'U_REGISTER' => phpbb::$url->append_sid('ucp', 'mode=register'),
2471 'U_PROFILE' => phpbb::$url->append_sid('ucp'),
2472 'U_MODCP' => phpbb::$url->append_sid('mcp', false, true, phpbb::$user->session_id),
2473 'U_FAQ' => phpbb::$url->append_sid('faq'),
2474 'U_SEARCH_SELF' => phpbb::$url->append_sid('search', 'search_id=egosearch'),
2475 'U_SEARCH_NEW' => phpbb::$url->append_sid('search', 'search_id=newposts'),
2476 'U_SEARCH_UNANSWERED' => phpbb::$url->append_sid('search', 'search_id=unanswered'),
2477 'U_SEARCH_ACTIVE_TOPICS'=> phpbb::$url->append_sid('search', 'search_id=active_topics'),
2478 'U_DELETE_COOKIES' => phpbb::$url->append_sid('ucp', 'mode=delete_cookies'),
2479 'U_TEAM' => (phpbb::$user->data['user_id'] != ANONYMOUS && !phpbb::$acl->acl_get('u_viewprofile')) ? '' : phpbb::$url->append_sid('memberlist', 'mode=leaders'),
2480 'U_RESTORE_PERMISSIONS' => (phpbb::$user->data['user_perm_from'] && phpbb::$acl->acl_get('a_switchperm')) ? phpbb::$url->append_sid('ucp', 'mode=restore_perm') : '',
2481
2482 'S_USER_LOGGED_IN' => (phpbb::$user->data['user_id'] != ANONYMOUS) ? true : false,
2483 'S_AUTOLOGIN_ENABLED' => (phpbb::$config['allow_autologin']) ? true : false,
2484 'S_BOARD_DISABLED' => (phpbb::$config['board_disable']) ? true : false,
2485 'S_REGISTERED_USER' => (!empty(phpbb::$user->is_registered)) ? true : false,
2486 'S_IS_BOT' => (!empty(phpbb::$user->is_bot)) ? true : false,
2487 'S_USER_PM_POPUP' => phpbb::$user->optionget('popuppm'),
2488 'S_USER_LANG' => $user_lang,
2489 'S_USER_BROWSER' => (isset(phpbb::$user->data['session_browser'])) ? phpbb::$user->data['session_browser'] : phpbb::$user->lang['UNKNOWN_BROWSER'],
2490 'S_USERNAME' => phpbb::$user->data['username'],
2491 'S_CONTENT_DIRECTION' => phpbb::$user->lang['DIRECTION'],
2492 'S_CONTENT_FLOW_BEGIN' => (phpbb::$user->lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
2493 'S_CONTENT_FLOW_END' => (phpbb::$user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
2494 'S_CONTENT_ENCODING' => 'UTF-8',
2495 'S_TIMEZONE' => (phpbb::$user->data['user_dst'] || (phpbb::$user->data['user_id'] == ANONYMOUS && phpbb::$config['board_dst'])) ? sprintf(phpbb::$user->lang['ALL_TIMES'], phpbb::$user->lang['tz'][$tz], phpbb::$user->lang['tz']['dst']) : sprintf(phpbb::$user->lang['ALL_TIMES'], phpbb::$user->lang['tz'][$tz], ''),
2496 'S_DISPLAY_ONLINE_LIST' => ($l_online_time) ? 1 : 0,
2497 'S_DISPLAY_SEARCH' => (!phpbb::$config['load_search']) ? 0 : (phpbb::$acl->acl_get('u_search') && phpbb::$acl->acl_getf_global('f_search')),
2498 'S_DISPLAY_PM' => (phpbb::$config['allow_privmsg'] && !empty(phpbb::$user->data['is_registered']) && (phpbb::$acl->acl_get('u_readpm') || phpbb::$acl->acl_get('u_sendpm'))) ? true : false,
2499 'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? phpbb::$acl->acl_get('u_viewprofile') : 0,
2500 'S_NEW_PM' => ($s_privmsg_new) ? 1 : 0,
2501 'S_REGISTER_ENABLED' => (phpbb::$config['require_activation'] != USER_ACTIVATION_DISABLE) ? true : false,
2502
2503 'T_THEME_PATH' => PHPBB_ROOT_PATH . 'styles/' . phpbb::$user->theme['theme_path'] . '/theme',
2504 'T_TEMPLATE_PATH' => PHPBB_ROOT_PATH . 'styles/' . phpbb::$user->theme['template_path'] . '/template',
2505 'T_IMAGESET_PATH' => PHPBB_ROOT_PATH . 'styles/' . phpbb::$user->theme['imageset_path'] . '/imageset',
2506 'T_IMAGESET_LANG_PATH' => PHPBB_ROOT_PATH . 'styles/' . phpbb::$user->theme['imageset_path'] . '/imageset/' . phpbb::$user->data['user_lang'],
2507 'T_IMAGES_PATH' => PHPBB_ROOT_PATH . 'images/',
2508 'T_SMILIES_PATH' => PHPBB_ROOT_PATH . phpbb::$config['smilies_path'] . '/',
2509 'T_AVATAR_PATH' => PHPBB_ROOT_PATH . phpbb::$config['avatar_path'] . '/',
2510 'T_AVATAR_GALLERY_PATH' => PHPBB_ROOT_PATH . phpbb::$config['avatar_gallery_path'] . '/',
2511 'T_ICONS_PATH' => PHPBB_ROOT_PATH . phpbb::$config['icons_path'] . '/',
2512 'T_RANKS_PATH' => PHPBB_ROOT_PATH . phpbb::$config['ranks_path'] . '/',
2513 'T_UPLOAD_PATH' => PHPBB_ROOT_PATH . phpbb::$config['upload_path'] . '/',
2514 'T_STYLESHEET_LINK' => (!phpbb::$user->theme['theme_storedb']) ? PHPBB_ROOT_PATH . 'styles/' . phpbb::$user->theme['theme_path'] . '/theme/stylesheet.css' : phpbb::$url->get(PHPBB_ROOT_PATH . 'style.' . PHP_EXT . '?id=' . phpbb::$user->theme['style_id'] . '&amp;lang=' . phpbb::$user->data['user_lang']), //PHPBB_ROOT_PATH . "store/{$user->theme['theme_id']}_{$user->theme['imageset_id']}_{$user->lang_name}.css"
2515 'T_STYLESHEET_NAME' => phpbb::$user->theme['theme_name'],
2516
2517 'SITE_LOGO_IMG' => phpbb::$user->img('site_logo'),
2518
2519 'A_COOKIE_SETTINGS' => addslashes('; path=' . phpbb::$config['cookie_path'] . ((!phpbb::$config['cookie_domain'] || phpbb::$config['cookie_domain'] == 'localhost' || phpbb::$config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . phpbb::$config['cookie_domain']) . ((!phpbb::$config['cookie_secure']) ? '' : '; secure')),
2520 ));
2521
2522 // application/xhtml+xml not used because of IE
2523 header('Content-type: text/html; charset=UTF-8');
2524
2525 header('Cache-Control: private, no-cache="set-cookie"');
2526 header('Expires: 0');
2527 header('Pragma: no-cache');
2528
2529 if (phpbb::$plugins->function_inject(__FUNCTION__, 'return')) return phpbb::$plugins->call_inject(__FUNCTION__, 'return');
2530 }
2531
2532 /**
2533 * Generate page footer
2534 */
2535 function page_footer($run_cron = true)
2536 {
2537 global $starttime;
2538
2539 // Output page creation time
2540 if (phpbb::$base_config['debug'])
2541 {
2542 $mtime = explode(' ', microtime());
2543 $totaltime = $mtime[0] + $mtime[1] - $starttime;
2544
2545 if (phpbb_request::variable('explain', false) && /*phpbb::$acl->acl_get('a_') &&*/ phpbb::$base_config['debug_extra'] && method_exists(phpbb::$db, 'sql_report'))
2546 {
2547 phpbb::$db->sql_report('display');
2548 }
2549
2550 $debug_output = sprintf('Time : %.3fs | ' . phpbb::$db->sql_num_queries() . ' Queries | GZIP : ' . ((phpbb::$config['gzip_compress']) ? 'On' : 'Off') . ((phpbb::$user->system['load']) ? ' | Load : ' . phpbb::$user->system['load'] : ''), $totaltime);
2551
2552 if (/*phpbb::$acl->acl_get('a_') &&*/ phpbb::$base_config['debug_extra'])
2553 {
2554 if (function_exists('memory_get_usage'))
2555 {
2556 if ($memory_usage = memory_get_usage())
2557 {
2558 $memory_usage -= phpbb::$base_config['memory_usage'];
2559 $memory_usage = get_formatted_filesize($memory_usage);
2560
2561 $debug_output .= ' | Memory Usage: ' . $memory_usage;
2562 }
2563 }
2564
2565 $debug_output .= ' | <a href="' . phpbb::$url->build_url() . '&amp;explain=1">Explain</a>';
2566 }
2567 }
2568
2569 phpbb::$template->assign_vars(array(
2570 'DEBUG_OUTPUT' => (phpbb::$base_config['debug']) ? $debug_output : '',
2571 'TRANSLATION_INFO' => (!empty(phpbb::$user->lang['TRANSLATION_INFO'])) ? phpbb::$user->lang['TRANSLATION_INFO'] : '',
2572
2573 'U_ACP' => (phpbb::$acl->acl_get('a_') && !empty(phpbb::$user->is_registered)) ? phpbb::$url->append_sid(phpbb::$base_config['admin_folder'] . '/index', false, true, phpbb::$user->session_id) : '',
2574 ));
2575
2576 // Call cron-type script
2577 if (!defined('IN_CRON') && $run_cron && !phpbb::$config['board_disable'])
2578 {
2579 $cron_type = '';
2580
2581 if (time() - phpbb::$config['queue_interval'] > phpbb::$config['last_queue_run'] && !defined('IN_ADMIN') && file_exists(PHPBB_ROOT_PATH . 'cache/queue.' . PHP_EXT))
2582 {
2583 // Process email queue
2584 $cron_type = 'queue';
2585 }
2586 else if (method_exists(phpbb::$acm, 'tidy') && time() - phpbb::$config['cache_gc'] > phpbb::$config['cache_last_gc'])
2587 {
2588 // Tidy the cache
2589 $cron_type = 'tidy_cache';
2590 }
2591 else if (time() - phpbb::$config['warnings_gc'] > phpbb::$config['warnings_last_gc'])
2592 {
2593 $cron_type = 'tidy_warnings';
2594 }
2595 else if (time() - phpbb::$config['database_gc'] > phpbb::$config['database_last_gc'])
2596 {
2597 // Tidy the database
2598 $cron_type = 'tidy_database';
2599 }
2600 else if (time() - phpbb::$config['search_gc'] > phpbb::$config['search_last_gc'])
2601 {
2602 // Tidy the search
2603 $cron_type = 'tidy_search';
2604 }
2605 else if (time() - phpbb::$config['session_gc'] > phpbb::$config['session_last_gc'])
2606 {
2607 $cron_type = 'tidy_sessions';
2608 }
2609
2610 if ($cron_type)
2611 {
2612 phpbb::$template->assign_var('RUN_CRON_TASK', '<img src="' . phpbb::$url->append_sid('cron', 'cron_type=' . $cron_type) . '" width="1" height="1" alt="cron" />');
2613 }
2614 }
2615
2616 phpbb::$template->display('body');
2617
2618 garbage_collection();
2619 exit_handler();
2620 }
2621
2622 /**
2623 * Closing the cache object and the database
2624 * Cool function name, eh? We might want to add operations to it later
2625 */
2626 function garbage_collection()
2627 {
2628 // Unload cache, must be done before the DB connection if closed
2629 if (phpbb::registered('acm'))
2630 {
2631 phpbb::$acm->unload();
2632 }
2633
2634 // Close our DB connection.
2635 if (phpbb::registered('db'))
2636 {
2637 phpbb::$db->sql_close();
2638 }
2639 }
2640
2641 /**
2642 * Handler for exit calls in phpBB.
2643 * This function supports hooks.
2644 *
2645 * Note: This function is called after the template has been outputted.
2646 */
2647 function exit_handler()
2648 {
2649 // needs to be run prior to the hook
2650 if (phpbb_request::super_globals_disabled())
2651 {
2652 phpbb_request::enable_super_globals();
2653 }
2654
2655 // As a pre-caution... some setups display a blank page if the flush() is not there.
2656 (empty(phpbb::$config['gzip_compress'])) ? @flush() : @ob_flush();
2657
2658 exit;
2659 }
2660
2661 ?>
phpbb is a php-based BBS (buletin board system)