|
1 <?php |
|
2 /*********************************************************************** |
|
3 |
|
4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) |
|
5 |
|
6 This file is part of PunBB. |
|
7 |
|
8 PunBB is free software; you can redistribute it and/or modify it |
|
9 under the terms of the GNU General Public License as published |
|
10 by the Free Software Foundation; either version 2 of the License, |
|
11 or (at your option) any later version. |
|
12 |
|
13 PunBB is distributed in the hope that it will be useful, but |
|
14 WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 GNU General Public License for more details. |
|
17 |
|
18 You should have received a copy of the GNU General Public License |
|
19 along with this program; if not, write to the Free Software |
|
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 MA 02111-1307 USA |
|
22 |
|
23 ************************************************************************/ |
|
24 |
|
25 // |
|
26 // Cookie stuff! |
|
27 // |
|
28 function check_cookie(&$pun_user) |
|
29 { |
|
30 global $db, $db_type, $pun_config, $cookie_name, $cookie_seed; |
|
31 |
|
32 $now = time(); |
|
33 $expire = $now + 31536000; // The cookie expires after a year |
|
34 |
|
35 // We assume it's a guest |
|
36 $cookie = array('user_id' => 1, 'password_hash' => 'Guest'); |
|
37 |
|
38 // If a cookie is set, we get the user_id and password hash from it |
|
39 if (isset($_COOKIE[$cookie_name])) |
|
40 list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); |
|
41 |
|
42 if ($cookie['user_id'] > 1) |
|
43 { |
|
44 // Check if there's a user with the user ID and password hash from the cookie |
|
45 $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.user_id=u.id WHERE u.id='.intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error()); |
|
46 $pun_user = $db->fetch_assoc($result); |
|
47 |
|
48 // If user authorisation failed |
|
49 if (!isset($pun_user['id']) || md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash']) |
|
50 { |
|
51 pun_setcookie(0, random_pass(8), $expire); |
|
52 set_default_user(); |
|
53 |
|
54 return; |
|
55 } |
|
56 |
|
57 // Set a default language if the user selected language no longer exists |
|
58 if (!@file_exists(PUN_ROOT.'lang/'.$pun_user['language'])) |
|
59 $pun_user['language'] = $pun_config['o_default_lang']; |
|
60 |
|
61 // Set a default style if the user selected style no longer exists |
|
62 if (!@file_exists(PUN_ROOT.'style/'.$pun_user['style'].'.css')) |
|
63 $pun_user['style'] = $pun_config['o_default_style']; |
|
64 |
|
65 if (!$pun_user['disp_topics']) |
|
66 $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; |
|
67 if (!$pun_user['disp_posts']) |
|
68 $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; |
|
69 |
|
70 if ($pun_user['save_pass'] == '0') |
|
71 $expire = 0; |
|
72 |
|
73 // Define this if you want this visit to affect the online list and the users last visit data |
|
74 if (!defined('PUN_QUIET_VISIT')) |
|
75 { |
|
76 // Update the online list |
|
77 if (!$pun_user['logged']) |
|
78 { |
|
79 $pun_user['logged'] = $now; |
|
80 |
|
81 // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table |
|
82 switch ($db_type) |
|
83 { |
|
84 case 'mysql': |
|
85 case 'mysqli': |
|
86 $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
|
87 break; |
|
88 |
|
89 default: |
|
90 $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
|
91 break; |
|
92 } |
|
93 } |
|
94 else |
|
95 { |
|
96 // Special case: We've timed out, but no other user has browsed the forums since we timed out |
|
97 if ($pun_user['logged'] < ($now-$pun_config['o_timeout_visit'])) |
|
98 { |
|
99 $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); |
|
100 $pun_user['last_visit'] = $pun_user['logged']; |
|
101 } |
|
102 |
|
103 $idle_sql = ($pun_user['idle'] == '1') ? ', idle=0' : ''; |
|
104 $db->query('UPDATE '.$db->prefix.'online SET logged='.$now.$idle_sql.' WHERE user_id='.$pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error()); |
|
105 } |
|
106 } |
|
107 |
|
108 $pun_user['is_guest'] = false; |
|
109 } |
|
110 else |
|
111 set_default_user(); |
|
112 } |
|
113 |
|
114 |
|
115 // |
|
116 // Fill $pun_user with default values (for guests) |
|
117 // |
|
118 function set_default_user() |
|
119 { |
|
120 global $db, $db_type, $pun_user, $pun_config; |
|
121 |
|
122 $remote_addr = get_remote_address(); |
|
123 |
|
124 // Fetch guest user |
|
125 $result = $db->query('SELECT u.*, g.*, o.logged FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.ident=\''.$remote_addr.'\' WHERE u.id=1') or error('Unable to fetch guest information', __FILE__, __LINE__, $db->error()); |
|
126 if (!$db->num_rows($result)) |
|
127 exit('Unable to fetch guest information. The table \''.$db->prefix.'users\' must contain an entry with id = 1 that represents anonymous users.'); |
|
128 |
|
129 $pun_user = $db->fetch_assoc($result); |
|
130 |
|
131 // Update online list |
|
132 if (!$pun_user['logged']) |
|
133 { |
|
134 $pun_user['logged'] = time(); |
|
135 |
|
136 // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table |
|
137 switch ($db_type) |
|
138 { |
|
139 case 'mysql': |
|
140 case 'mysqli': |
|
141 $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
|
142 break; |
|
143 |
|
144 default: |
|
145 $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
|
146 break; |
|
147 } |
|
148 } |
|
149 else |
|
150 $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error()); |
|
151 |
|
152 $pun_user['disp_topics'] = $pun_config['o_disp_topics_default']; |
|
153 $pun_user['disp_posts'] = $pun_config['o_disp_posts_default']; |
|
154 $pun_user['timezone'] = $pun_config['o_server_timezone']; |
|
155 $pun_user['language'] = $pun_config['o_default_lang']; |
|
156 $pun_user['style'] = $pun_config['o_default_style']; |
|
157 $pun_user['is_guest'] = true; |
|
158 } |
|
159 |
|
160 |
|
161 // |
|
162 // Set a cookie, PunBB style! |
|
163 // |
|
164 function pun_setcookie($user_id, $password_hash, $expire) |
|
165 { |
|
166 global $cookie_name, $cookie_path, $cookie_domain, $cookie_secure, $cookie_seed; |
|
167 |
|
168 // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6) |
|
169 // @header('P3P: CP="CUR ADM"'); |
|
170 |
|
171 if (version_compare(PHP_VERSION, '5.2.0', '>=')) |
|
172 setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure, true); |
|
173 else |
|
174 setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path.'; HttpOnly', $cookie_domain, $cookie_secure); |
|
175 } |
|
176 |
|
177 |
|
178 // |
|
179 // Check whether the connecting user is banned (and delete any expired bans while we're at it) |
|
180 // |
|
181 function check_bans() |
|
182 { |
|
183 global $db, $pun_config, $lang_common, $pun_user, $pun_bans; |
|
184 |
|
185 // Admins aren't affected |
|
186 if ($pun_user['g_id'] == PUN_ADMIN || !$pun_bans) |
|
187 return; |
|
188 |
|
189 // Add a dot at the end of the IP address to prevent banned address 192.168.0.5 from matching e.g. 192.168.0.50 |
|
190 $user_ip = get_remote_address().'.'; |
|
191 $bans_altered = false; |
|
192 |
|
193 foreach ($pun_bans as $cur_ban) |
|
194 { |
|
195 // Has this ban expired? |
|
196 if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time()) |
|
197 { |
|
198 $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$cur_ban['id']) or error('Unable to delete expired ban', __FILE__, __LINE__, $db->error()); |
|
199 $bans_altered = true; |
|
200 continue; |
|
201 } |
|
202 |
|
203 if ($cur_ban['username'] != '' && !strcasecmp($pun_user['username'], $cur_ban['username'])) |
|
204 { |
|
205 $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
|
206 message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
|
207 } |
|
208 |
|
209 if ($cur_ban['ip'] != '') |
|
210 { |
|
211 $cur_ban_ips = explode(' ', $cur_ban['ip']); |
|
212 |
|
213 for ($i = 0; $i < count($cur_ban_ips); ++$i) |
|
214 { |
|
215 $cur_ban_ips[$i] = $cur_ban_ips[$i].'.'; |
|
216 |
|
217 if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) |
|
218 { |
|
219 $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
|
220 message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
|
221 } |
|
222 } |
|
223 } |
|
224 } |
|
225 |
|
226 // If we removed any expired bans during our run-through, we need to regenerate the bans cache |
|
227 if ($bans_altered) |
|
228 { |
|
229 require_once PUN_ROOT.'include/cache.php'; |
|
230 generate_bans_cache(); |
|
231 } |
|
232 } |
|
233 |
|
234 |
|
235 // |
|
236 // Update "Users online" |
|
237 // |
|
238 function update_users_online() |
|
239 { |
|
240 global $db, $pun_config, $pun_user; |
|
241 |
|
242 $now = time(); |
|
243 |
|
244 // Fetch all online list entries that are older than "o_timeout_online" |
|
245 $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to fetch old entries from online list', __FILE__, __LINE__, $db->error()); |
|
246 while ($cur_user = $db->fetch_assoc($result)) |
|
247 { |
|
248 // If the entry is a guest, delete it |
|
249 if ($cur_user['user_id'] == '1') |
|
250 $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($cur_user['ident']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
|
251 else |
|
252 { |
|
253 // If the entry is older than "o_timeout_visit", update last_visit for the user in question, then delete him/her from the online list |
|
254 if ($cur_user['logged'] < ($now-$pun_config['o_timeout_visit'])) |
|
255 { |
|
256 $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$cur_user['logged'].' WHERE id='.$cur_user['user_id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error()); |
|
257 $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$cur_user['user_id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); |
|
258 } |
|
259 else if ($cur_user['idle'] == '0') |
|
260 $db->query('UPDATE '.$db->prefix.'online SET idle=1 WHERE user_id='.$cur_user['user_id']) or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
|
261 } |
|
262 } |
|
263 } |
|
264 |
|
265 |
|
266 // |
|
267 // Generate the "navigator" that appears at the top of every page |
|
268 // |
|
269 function generate_navlinks() |
|
270 { |
|
271 global $pun_config, $lang_common, $pun_user; |
|
272 |
|
273 // Index and Userlist should always be displayed |
|
274 $links[] = '<li id="navindex"><a href="index.php">'.$lang_common['Index'].'</a>'; |
|
275 $links[] = '<li id="navuserlist"><a href="userlist.php">'.$lang_common['User list'].'</a>'; |
|
276 |
|
277 if ($pun_config['o_rules'] == '1') |
|
278 $links[] = '<li id="navrules"><a href="misc.php?action=rules">'.$lang_common['Rules'].'</a>'; |
|
279 |
|
280 if ($pun_user['is_guest']) |
|
281 { |
|
282 if ($pun_user['g_search'] == '1') |
|
283 $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; |
|
284 |
|
285 $links[] = '<li id="navregister"><a href="register.php">'.$lang_common['Register'].'</a>'; |
|
286 $links[] = '<li id="navlogin"><a href="login.php">'.$lang_common['Login'].'</a>'; |
|
287 |
|
288 $info = $lang_common['Not logged in']; |
|
289 } |
|
290 else |
|
291 { |
|
292 if ($pun_user['g_id'] > PUN_MOD) |
|
293 { |
|
294 if ($pun_user['g_search'] == '1') |
|
295 $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; |
|
296 |
|
297 $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; |
|
298 $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>'; |
|
299 } |
|
300 else |
|
301 { |
|
302 $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; |
|
303 $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; |
|
304 $links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>'; |
|
305 $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>'; |
|
306 } |
|
307 } |
|
308 |
|
309 // Are there any additional navlinks we should insert into the array before imploding it? |
|
310 if ($pun_config['o_additional_navlinks'] != '') |
|
311 { |
|
312 if (preg_match_all('#([0-9]+)\s*=\s*(.*?)\n#s', $pun_config['o_additional_navlinks']."\n", $extra_links)) |
|
313 { |
|
314 // Insert any additional links into the $links array (at the correct index) |
|
315 for ($i = 0; $i < count($extra_links[1]); ++$i) |
|
316 array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra'.($i + 1).'">'.$extra_links[2][$i])); |
|
317 } |
|
318 } |
|
319 |
|
320 return '<ul>'."\n\t\t\t\t".implode($lang_common['Link separator'].'</li>'."\n\t\t\t\t", $links).'</li>'."\n\t\t\t".'</ul>'; |
|
321 } |
|
322 |
|
323 |
|
324 // |
|
325 // Display the profile navigation menu |
|
326 // |
|
327 function generate_profile_menu($page = '') |
|
328 { |
|
329 global $lang_profile, $pun_config, $pun_user, $id; |
|
330 |
|
331 ?> |
|
332 <div id="profile" class="block2col"> |
|
333 <div class="blockmenu"> |
|
334 <h2><span><?php echo $lang_profile['Profile menu'] ?></span></h2> |
|
335 <div class="box"> |
|
336 <div class="inbox"> |
|
337 <ul> |
|
338 <li<?php if ($page == 'essentials') echo ' class="isactive"'; ?>><a href="profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li> |
|
339 <li<?php if ($page == 'personal') echo ' class="isactive"'; ?>><a href="profile.php?section=personal&id=<?php echo $id ?>"><?php echo $lang_profile['Section personal'] ?></a></li> |
|
340 <li<?php if ($page == 'messaging') echo ' class="isactive"'; ?>><a href="profile.php?section=messaging&id=<?php echo $id ?>"><?php echo $lang_profile['Section messaging'] ?></a></li> |
|
341 <li<?php if ($page == 'personality') echo ' class="isactive"'; ?>><a href="profile.php?section=personality&id=<?php echo $id ?>"><?php echo $lang_profile['Section personality'] ?></a></li> |
|
342 <li<?php if ($page == 'display') echo ' class="isactive"'; ?>><a href="profile.php?section=display&id=<?php echo $id ?>"><?php echo $lang_profile['Section display'] ?></a></li> |
|
343 <li<?php if ($page == 'privacy') echo ' class="isactive"'; ?>><a href="profile.php?section=privacy&id=<?php echo $id ?>"><?php echo $lang_profile['Section privacy'] ?></a></li> |
|
344 <?php if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '1')): ?> <li<?php if ($page == 'admin') echo ' class="isactive"'; ?>><a href="profile.php?section=admin&id=<?php echo $id ?>"><?php echo $lang_profile['Section admin'] ?></a></li> |
|
345 <?php endif; ?> </ul> |
|
346 </div> |
|
347 </div> |
|
348 </div> |
|
349 <?php |
|
350 |
|
351 } |
|
352 |
|
353 |
|
354 // |
|
355 // Update posts, topics, last_post, last_post_id and last_poster for a forum (redirect topics are not included) |
|
356 // |
|
357 function update_forum($forum_id) |
|
358 { |
|
359 global $db; |
|
360 |
|
361 $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE moved_to IS NULL AND forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error()); |
|
362 list($num_topics, $num_posts) = $db->fetch_row($result); |
|
363 |
|
364 $num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts) |
|
365 |
|
366 $result = $db->query('SELECT last_post, last_post_id, last_poster FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id.' AND moved_to IS NULL ORDER BY last_post DESC LIMIT 1') or error('Unable to fetch last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); |
|
367 if ($db->num_rows($result)) // There are topics in the forum |
|
368 { |
|
369 list($last_post, $last_post_id, $last_poster) = $db->fetch_row($result); |
|
370 |
|
371 $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); |
|
372 } |
|
373 else // There are no topics |
|
374 $db->query('UPDATE '.$db->prefix.'forums SET num_topics=0, num_posts=0, last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); |
|
375 } |
|
376 |
|
377 |
|
378 // |
|
379 // Delete a topic and all of it's posts |
|
380 // |
|
381 function delete_topic($topic_id) |
|
382 { |
|
383 global $db; |
|
384 |
|
385 // Delete the topic and any redirect topics |
|
386 $db->query('DELETE FROM '.$db->prefix.'topics WHERE id='.$topic_id.' OR moved_to='.$topic_id) or error('Unable to delete topic', __FILE__, __LINE__, $db->error()); |
|
387 |
|
388 // Create a list of the post ID's in this topic |
|
389 $post_ids = ''; |
|
390 $result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error()); |
|
391 while ($row = $db->fetch_row($result)) |
|
392 $post_ids .= ($post_ids != '') ? ','.$row[0] : $row[0]; |
|
393 |
|
394 // Make sure we have a list of post ID's |
|
395 if ($post_ids != '') |
|
396 { |
|
397 strip_search_index($post_ids); |
|
398 |
|
399 // Delete posts in topic |
|
400 $db->query('DELETE FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to delete posts', __FILE__, __LINE__, $db->error()); |
|
401 } |
|
402 |
|
403 // Delete any subscriptions for this topic |
|
404 $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE topic_id='.$topic_id) or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error()); |
|
405 } |
|
406 |
|
407 |
|
408 // |
|
409 // Delete a single post |
|
410 // |
|
411 function delete_post($post_id, $topic_id) |
|
412 { |
|
413 global $db; |
|
414 |
|
415 $result = $db->query('SELECT id, poster, posted FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id.' ORDER BY id DESC LIMIT 2') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
|
416 list($last_id, ,) = $db->fetch_row($result); |
|
417 list($second_last_id, $second_poster, $second_posted) = $db->fetch_row($result); |
|
418 |
|
419 // Delete the post |
|
420 $db->query('DELETE FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to delete post', __FILE__, __LINE__, $db->error()); |
|
421 |
|
422 strip_search_index($post_id); |
|
423 |
|
424 // Count number of replies in the topic |
|
425 $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to fetch post count for topic', __FILE__, __LINE__, $db->error()); |
|
426 $num_replies = $db->result($result, 0) - 1; |
|
427 |
|
428 // If the message we deleted is the most recent in the topic (at the end of the topic) |
|
429 if ($last_id == $post_id) |
|
430 { |
|
431 // If there is a $second_last_id there is more than 1 reply to the topic |
|
432 if (!empty($second_last_id)) |
|
433 $db->query('UPDATE '.$db->prefix.'topics SET last_post='.$second_posted.', last_post_id='.$second_last_id.', last_poster=\''.$db->escape($second_poster).'\', num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error()); |
|
434 else |
|
435 // We deleted the only reply, so now last_post/last_post_id/last_poster is posted/id/poster from the topic itself |
|
436 $db->query('UPDATE '.$db->prefix.'topics SET last_post=posted, last_post_id=id, last_poster=poster, num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error()); |
|
437 } |
|
438 else |
|
439 // Otherwise we just decrement the reply counter |
|
440 $db->query('UPDATE '.$db->prefix.'topics SET num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error()); |
|
441 } |
|
442 |
|
443 |
|
444 // |
|
445 // Replace censored words in $text |
|
446 // |
|
447 function censor_words($text) |
|
448 { |
|
449 global $db; |
|
450 static $search_for, $replace_with; |
|
451 |
|
452 // If not already built in a previous call, build an array of censor words and their replacement text |
|
453 if (!isset($search_for)) |
|
454 { |
|
455 $result = $db->query('SELECT search_for, replace_with FROM '.$db->prefix.'censoring') or error('Unable to fetch censor word list', __FILE__, __LINE__, $db->error()); |
|
456 $num_words = $db->num_rows($result); |
|
457 |
|
458 $search_for = array(); |
|
459 for ($i = 0; $i < $num_words; ++$i) |
|
460 { |
|
461 list($search_for[$i], $replace_with[$i]) = $db->fetch_row($result); |
|
462 $search_for[$i] = '/\b('.str_replace('\*', '\w*?', preg_quote($search_for[$i], '/')).')\b/i'; |
|
463 } |
|
464 } |
|
465 |
|
466 if (!empty($search_for)) |
|
467 $text = substr(preg_replace($search_for, $replace_with, ' '.$text.' '), 1, -1); |
|
468 |
|
469 return $text; |
|
470 } |
|
471 |
|
472 |
|
473 // |
|
474 // Determines the correct title for $user |
|
475 // $user must contain the elements 'username', 'title', 'posts', 'g_id' and 'g_user_title' |
|
476 // |
|
477 function get_title($user) |
|
478 { |
|
479 global $db, $pun_config, $pun_bans, $lang_common; |
|
480 static $ban_list, $pun_ranks; |
|
481 |
|
482 // If not already built in a previous call, build an array of lowercase banned usernames |
|
483 if (empty($ban_list)) |
|
484 { |
|
485 $ban_list = array(); |
|
486 |
|
487 foreach ($pun_bans as $cur_ban) |
|
488 $ban_list[] = strtolower($cur_ban['username']); |
|
489 } |
|
490 |
|
491 // If not already loaded in a previous call, load the cached ranks |
|
492 if ($pun_config['o_ranks'] == '1' && empty($pun_ranks)) |
|
493 { |
|
494 @include PUN_ROOT.'cache/cache_ranks.php'; |
|
495 if (!defined('PUN_RANKS_LOADED')) |
|
496 { |
|
497 require_once PUN_ROOT.'include/cache.php'; |
|
498 generate_ranks_cache(); |
|
499 require PUN_ROOT.'cache/cache_ranks.php'; |
|
500 } |
|
501 } |
|
502 |
|
503 // If the user has a custom title |
|
504 if ($user['title'] != '') |
|
505 $user_title = pun_htmlspecialchars($user['title']); |
|
506 // If the user is banned |
|
507 else if (in_array(strtolower($user['username']), $ban_list)) |
|
508 $user_title = $lang_common['Banned']; |
|
509 // If the user group has a default user title |
|
510 else if ($user['g_user_title'] != '') |
|
511 $user_title = pun_htmlspecialchars($user['g_user_title']); |
|
512 // If the user is a guest |
|
513 else if ($user['g_id'] == PUN_GUEST) |
|
514 $user_title = $lang_common['Guest']; |
|
515 else |
|
516 { |
|
517 // Are there any ranks? |
|
518 if ($pun_config['o_ranks'] == '1' && !empty($pun_ranks)) |
|
519 { |
|
520 @reset($pun_ranks); |
|
521 while (list(, $cur_rank) = @each($pun_ranks)) |
|
522 { |
|
523 if (intval($user['num_posts']) >= $cur_rank['min_posts']) |
|
524 $user_title = pun_htmlspecialchars($cur_rank['rank']); |
|
525 } |
|
526 } |
|
527 |
|
528 // If the user didn't "reach" any rank (or if ranks are disabled), we assign the default |
|
529 if (!isset($user_title)) |
|
530 $user_title = $lang_common['Member']; |
|
531 } |
|
532 |
|
533 return $user_title; |
|
534 } |
|
535 |
|
536 |
|
537 // |
|
538 // Generate a string with numbered links (for multipage scripts) |
|
539 // |
|
540 function paginate($num_pages, $cur_page, $link_to) |
|
541 { |
|
542 $pages = array(); |
|
543 $link_to_all = false; |
|
544 |
|
545 // If $cur_page == -1, we link to all pages (used in viewforum.php) |
|
546 if ($cur_page == -1) |
|
547 { |
|
548 $cur_page = 1; |
|
549 $link_to_all = true; |
|
550 } |
|
551 |
|
552 if ($num_pages <= 1) |
|
553 $pages = array('<strong>1</strong>'); |
|
554 else |
|
555 { |
|
556 if ($cur_page > 3) |
|
557 { |
|
558 $pages[] = '<a href="'.$link_to.'&p=1">1</a>'; |
|
559 |
|
560 if ($cur_page != 4) |
|
561 $pages[] = '…'; |
|
562 } |
|
563 |
|
564 // Don't ask me how the following works. It just does, OK? :-) |
|
565 for ($current = $cur_page - 2, $stop = $cur_page + 3; $current < $stop; ++$current) |
|
566 { |
|
567 if ($current < 1 || $current > $num_pages) |
|
568 continue; |
|
569 else if ($current != $cur_page || $link_to_all) |
|
570 $pages[] = '<a href="'.$link_to.'&p='.$current.'">'.$current.'</a>'; |
|
571 else |
|
572 $pages[] = '<strong>'.$current.'</strong>'; |
|
573 } |
|
574 |
|
575 if ($cur_page <= ($num_pages-3)) |
|
576 { |
|
577 if ($cur_page != ($num_pages-3)) |
|
578 $pages[] = '…'; |
|
579 |
|
580 $pages[] = '<a href="'.$link_to.'&p='.$num_pages.'">'.$num_pages.'</a>'; |
|
581 } |
|
582 } |
|
583 |
|
584 return implode(' ', $pages); |
|
585 } |
|
586 |
|
587 |
|
588 // |
|
589 // Display a message |
|
590 // |
|
591 function message($message, $no_back_link = false) |
|
592 { |
|
593 global $db, $lang_common, $pun_config, $pun_start, $tpl_main; |
|
594 |
|
595 if (!defined('PUN_HEADER')) |
|
596 { |
|
597 global $pun_user; |
|
598 |
|
599 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Info']; |
|
600 require PUN_ROOT.'header.php'; |
|
601 } |
|
602 |
|
603 ?> |
|
604 |
|
605 <div id="msg" class="block"> |
|
606 <h2><span><?php echo $lang_common['Info'] ?></span></h2> |
|
607 <div class="box"> |
|
608 <div class="inbox"> |
|
609 <p><?php echo $message ?></p> |
|
610 <?php if (!$no_back_link): ?> <p><a href="javascript: history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
|
611 <?php endif; ?> </div> |
|
612 </div> |
|
613 </div> |
|
614 <?php |
|
615 |
|
616 require PUN_ROOT.'footer.php'; |
|
617 } |
|
618 |
|
619 |
|
620 // |
|
621 // Format a time string according to $time_format and timezones |
|
622 // |
|
623 function format_time($timestamp, $date_only = false) |
|
624 { |
|
625 global $pun_config, $lang_common, $pun_user; |
|
626 |
|
627 if ($timestamp == '') |
|
628 return $lang_common['Never']; |
|
629 |
|
630 $diff = ($pun_user['timezone'] - $pun_config['o_server_timezone']) * 3600; |
|
631 $timestamp += $diff; |
|
632 $now = time(); |
|
633 |
|
634 $date = date($pun_config['o_date_format'], $timestamp); |
|
635 $today = date($pun_config['o_date_format'], $now+$diff); |
|
636 $yesterday = date($pun_config['o_date_format'], $now+$diff-86400); |
|
637 |
|
638 if ($date == $today) |
|
639 $date = $lang_common['Today']; |
|
640 else if ($date == $yesterday) |
|
641 $date = $lang_common['Yesterday']; |
|
642 |
|
643 if (!$date_only) |
|
644 return $date.' '.date($pun_config['o_time_format'], $timestamp); |
|
645 else |
|
646 return $date; |
|
647 } |
|
648 |
|
649 |
|
650 // |
|
651 // If we are running pre PHP 4.3.0, we add our own implementation of file_get_contents |
|
652 // |
|
653 if (!function_exists('file_get_contents')) |
|
654 { |
|
655 function file_get_contents($filename, $use_include_path = 0) |
|
656 { |
|
657 $data = ''; |
|
658 |
|
659 if ($fh = fopen($filename, 'rb', $use_include_path)) |
|
660 { |
|
661 $data = fread($fh, filesize($filename)); |
|
662 fclose($fh); |
|
663 } |
|
664 |
|
665 return $data; |
|
666 } |
|
667 } |
|
668 |
|
669 |
|
670 // |
|
671 // Make sure that HTTP_REFERER matches $pun_config['o_base_url']/$script |
|
672 // |
|
673 function confirm_referrer($script) |
|
674 { |
|
675 global $pun_config, $lang_common; |
|
676 |
|
677 if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '')))) |
|
678 message($lang_common['Bad referrer']); |
|
679 } |
|
680 |
|
681 |
|
682 // |
|
683 // Generate a random password of length $len |
|
684 // |
|
685 function random_pass($len) |
|
686 { |
|
687 $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; |
|
688 |
|
689 $password = ''; |
|
690 for ($i = 0; $i < $len; ++$i) |
|
691 $password .= substr($chars, (mt_rand() % strlen($chars)), 1); |
|
692 |
|
693 return $password; |
|
694 } |
|
695 |
|
696 |
|
697 // |
|
698 // Compute a hash of $str |
|
699 // Uses sha1() if available. If not, SHA1 through mhash() if available. If not, fall back on md5(). |
|
700 // |
|
701 function pun_hash($str) |
|
702 { |
|
703 if (function_exists('sha1')) // Only in PHP 4.3.0+ |
|
704 return sha1($str); |
|
705 else if (function_exists('mhash')) // Only if Mhash library is loaded |
|
706 return bin2hex(mhash(MHASH_SHA1, $str)); |
|
707 else |
|
708 return md5($str); |
|
709 } |
|
710 |
|
711 |
|
712 // |
|
713 // Try to determine the correct remote IP-address |
|
714 // |
|
715 function get_remote_address() |
|
716 { |
|
717 return $_SERVER['REMOTE_ADDR']; |
|
718 } |
|
719 |
|
720 |
|
721 // |
|
722 // Equivalent to htmlspecialchars(), but allows &#[0-9]+ (for unicode) |
|
723 // |
|
724 function pun_htmlspecialchars($str) |
|
725 { |
|
726 $str = preg_replace('/&(?!#[0-9]+;)/s', '&', $str); |
|
727 $str = str_replace(array('<', '>', '"'), array('<', '>', '"'), $str); |
|
728 |
|
729 return $str; |
|
730 } |
|
731 |
|
732 |
|
733 // |
|
734 // Equivalent to strlen(), but counts &#[0-9]+ as one character (for unicode) |
|
735 // |
|
736 function pun_strlen($str) |
|
737 { |
|
738 return strlen(preg_replace('/&#([0-9]+);/', '!', $str)); |
|
739 } |
|
740 |
|
741 |
|
742 // |
|
743 // Convert \r\n and \r to \n |
|
744 // |
|
745 function pun_linebreaks($str) |
|
746 { |
|
747 return str_replace("\r", "\n", str_replace("\r\n", "\n", $str)); |
|
748 } |
|
749 |
|
750 |
|
751 // |
|
752 // A more aggressive version of trim() |
|
753 // |
|
754 function pun_trim($str) |
|
755 { |
|
756 global $lang_common; |
|
757 |
|
758 if (strpos($lang_common['lang_encoding'], '8859') !== false) |
|
759 { |
|
760 $fishy_chars = array(chr(0x81), chr(0x8D), chr(0x8F), chr(0x90), chr(0x9D), chr(0xA0)); |
|
761 return trim(str_replace($fishy_chars, ' ', $str)); |
|
762 } |
|
763 else |
|
764 return trim($str); |
|
765 } |
|
766 |
|
767 |
|
768 // |
|
769 // Display a message when board is in maintenance mode |
|
770 // |
|
771 function maintenance_message() |
|
772 { |
|
773 global $db, $pun_config, $lang_common, $pun_user; |
|
774 |
|
775 // Deal with newlines, tabs and multiple spaces |
|
776 $pattern = array("\t", ' ', ' '); |
|
777 $replace = array(' ', ' ', ' '); |
|
778 $message = str_replace($pattern, $replace, $pun_config['o_maintenance_message']); |
|
779 |
|
780 |
|
781 // Load the maintenance template |
|
782 $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl')); |
|
783 |
|
784 |
|
785 // START SUBST - <pun_include "*"> |
|
786 while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?|inc|html?|txt)">#', $tpl_maint, $cur_include)) |
|
787 { |
|
788 if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2])) |
|
789 error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template maintenance.tpl. There is no such file in folder /include/user/'); |
|
790 |
|
791 ob_start(); |
|
792 include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]; |
|
793 $tpl_temp = ob_get_contents(); |
|
794 $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint); |
|
795 ob_end_clean(); |
|
796 } |
|
797 // END SUBST - <pun_include "*"> |
|
798 |
|
799 |
|
800 // START SUBST - <pun_content_direction> |
|
801 $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint); |
|
802 // END SUBST - <pun_content_direction> |
|
803 |
|
804 |
|
805 // START SUBST - <pun_char_encoding> |
|
806 $tpl_maint = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_maint); |
|
807 // END SUBST - <pun_char_encoding> |
|
808 |
|
809 |
|
810 // START SUBST - <pun_head> |
|
811 ob_start(); |
|
812 |
|
813 ?> |
|
814 <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Maintenance'] ?></title> |
|
815 <link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" /> |
|
816 <?php |
|
817 |
|
818 $tpl_temp = trim(ob_get_contents()); |
|
819 $tpl_maint = str_replace('<pun_head>', $tpl_temp, $tpl_maint); |
|
820 ob_end_clean(); |
|
821 // END SUBST - <pun_head> |
|
822 |
|
823 |
|
824 // START SUBST - <pun_maint_heading> |
|
825 $tpl_maint = str_replace('<pun_maint_heading>', $lang_common['Maintenance'], $tpl_maint); |
|
826 // END SUBST - <pun_maint_heading> |
|
827 |
|
828 |
|
829 // START SUBST - <pun_maint_message> |
|
830 $tpl_maint = str_replace('<pun_maint_message>', $message, $tpl_maint); |
|
831 // END SUBST - <pun_maint_message> |
|
832 |
|
833 |
|
834 // End the transaction |
|
835 $db->end_transaction(); |
|
836 |
|
837 |
|
838 // Close the db connection (and free up any result data) |
|
839 $db->close(); |
|
840 |
|
841 exit($tpl_maint); |
|
842 } |
|
843 |
|
844 |
|
845 // |
|
846 // Display $message and redirect user to $destination_url |
|
847 // |
|
848 function redirect($destination_url, $message) |
|
849 { |
|
850 global $db, $pun_config, $lang_common, $pun_user; |
|
851 |
|
852 if ($destination_url == '') |
|
853 $destination_url = 'index.php'; |
|
854 |
|
855 // If the delay is 0 seconds, we might as well skip the redirect all together |
|
856 if ($pun_config['o_redirect_delay'] == '0') |
|
857 header('Location: '.str_replace('&', '&', $destination_url)); |
|
858 |
|
859 |
|
860 // Load the redirect template |
|
861 $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl')); |
|
862 |
|
863 |
|
864 // START SUBST - <pun_include "*"> |
|
865 while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?|inc|html?|txt)">#', $tpl_redir, $cur_include)) |
|
866 { |
|
867 if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2])) |
|
868 error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template redirect.tpl. There is no such file in folder /include/user/'); |
|
869 |
|
870 ob_start(); |
|
871 include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]; |
|
872 $tpl_temp = ob_get_contents(); |
|
873 $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir); |
|
874 ob_end_clean(); |
|
875 } |
|
876 // END SUBST - <pun_include "*"> |
|
877 |
|
878 |
|
879 // START SUBST - <pun_content_direction> |
|
880 $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir); |
|
881 // END SUBST - <pun_content_direction> |
|
882 |
|
883 |
|
884 // START SUBST - <pun_char_encoding> |
|
885 $tpl_redir = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_redir); |
|
886 // END SUBST - <pun_char_encoding> |
|
887 |
|
888 |
|
889 // START SUBST - <pun_head> |
|
890 ob_start(); |
|
891 |
|
892 ?> |
|
893 <meta http-equiv="refresh" content="<?php echo $pun_config['o_redirect_delay'] ?>;URL=<?php echo str_replace(array('<', '>', '"'), array('<', '>', '"'), $destination_url) ?>" /> |
|
894 <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Redirecting'] ?></title> |
|
895 <link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" /> |
|
896 <?php |
|
897 |
|
898 $tpl_temp = trim(ob_get_contents()); |
|
899 $tpl_redir = str_replace('<pun_head>', $tpl_temp, $tpl_redir); |
|
900 ob_end_clean(); |
|
901 // END SUBST - <pun_head> |
|
902 |
|
903 |
|
904 // START SUBST - <pun_redir_heading> |
|
905 $tpl_redir = str_replace('<pun_redir_heading>', $lang_common['Redirecting'], $tpl_redir); |
|
906 // END SUBST - <pun_redir_heading> |
|
907 |
|
908 |
|
909 // START SUBST - <pun_redir_text> |
|
910 $tpl_temp = $message.'<br /><br />'.'<a href="'.$destination_url.'">'.$lang_common['Click redirect'].'</a>'; |
|
911 $tpl_redir = str_replace('<pun_redir_text>', $tpl_temp, $tpl_redir); |
|
912 // END SUBST - <pun_redir_text> |
|
913 |
|
914 |
|
915 // START SUBST - <pun_footer> |
|
916 ob_start(); |
|
917 |
|
918 // End the transaction |
|
919 $db->end_transaction(); |
|
920 |
|
921 // Display executed queries (if enabled) |
|
922 if (defined('PUN_SHOW_QUERIES')) |
|
923 display_saved_queries(); |
|
924 |
|
925 $tpl_temp = trim(ob_get_contents()); |
|
926 $tpl_redir = str_replace('<pun_footer>', $tpl_temp, $tpl_redir); |
|
927 ob_end_clean(); |
|
928 // END SUBST - <pun_footer> |
|
929 |
|
930 |
|
931 // Close the db connection (and free up any result data) |
|
932 $db->close(); |
|
933 |
|
934 exit($tpl_redir); |
|
935 } |
|
936 |
|
937 |
|
938 // |
|
939 // Display a simple error message |
|
940 // |
|
941 function error($message, $file, $line, $db_error = false) |
|
942 { |
|
943 global $pun_config; |
|
944 |
|
945 // Set a default title if the script failed before $pun_config could be populated |
|
946 if (empty($pun_config)) |
|
947 $pun_config['o_board_title'] = 'PunBB'; |
|
948 |
|
949 // Empty output buffer and stop buffering |
|
950 @ob_end_clean(); |
|
951 |
|
952 // "Restart" output buffering if we are using ob_gzhandler (since the gzip header is already sent) |
|
953 if (!empty($pun_config['o_gzip']) && extension_loaded('zlib') && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false || strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'deflate') !== false)) |
|
954 ob_start('ob_gzhandler'); |
|
955 |
|
956 ?> |
|
957 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> |
|
958 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> |
|
959 <head> |
|
960 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> |
|
961 <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title> |
|
962 <style type="text/css"> |
|
963 <!-- |
|
964 BODY {MARGIN: 10% 20% auto 20%; font: 10px Verdana, Arial, Helvetica, sans-serif} |
|
965 #errorbox {BORDER: 1px solid #B84623} |
|
966 H2 {MARGIN: 0; COLOR: #FFFFFF; BACKGROUND-COLOR: #B84623; FONT-SIZE: 1.1em; PADDING: 5px 4px} |
|
967 #errorbox DIV {PADDING: 6px 5px; BACKGROUND-COLOR: #F1F1F1} |
|
968 --> |
|
969 </style> |
|
970 </head> |
|
971 <body> |
|
972 |
|
973 <div id="errorbox"> |
|
974 <h2>An error was encountered</h2> |
|
975 <div> |
|
976 <?php |
|
977 |
|
978 if (defined('PUN_DEBUG')) |
|
979 { |
|
980 echo "\t\t".'<strong>File:</strong> '.$file.'<br />'."\n\t\t".'<strong>Line:</strong> '.$line.'<br /><br />'."\n\t\t".'<strong>PunBB reported</strong>: '.$message."\n"; |
|
981 |
|
982 if ($db_error) |
|
983 { |
|
984 echo "\t\t".'<br /><br /><strong>Database reported:</strong> '.pun_htmlspecialchars($db_error['error_msg']).(($db_error['error_no']) ? ' (Errno: '.$db_error['error_no'].')' : '')."\n"; |
|
985 |
|
986 if ($db_error['error_sql'] != '') |
|
987 echo "\t\t".'<br /><br /><strong>Failed query:</strong> '.pun_htmlspecialchars($db_error['error_sql'])."\n"; |
|
988 } |
|
989 } |
|
990 else |
|
991 echo "\t\t".'Error: <strong>'.$message.'.</strong>'."\n"; |
|
992 |
|
993 ?> |
|
994 </div> |
|
995 </div> |
|
996 |
|
997 </body> |
|
998 </html> |
|
999 <?php |
|
1000 |
|
1001 // If a database connection was established (before this error) we close it |
|
1002 if ($db_error) |
|
1003 $GLOBALS['db']->close(); |
|
1004 |
|
1005 exit; |
|
1006 } |
|
1007 |
|
1008 // DEBUG FUNCTIONS BELOW |
|
1009 |
|
1010 // |
|
1011 // Display executed queries (if enabled) |
|
1012 // |
|
1013 function display_saved_queries() |
|
1014 { |
|
1015 global $db, $lang_common; |
|
1016 |
|
1017 // Get the queries so that we can print them out |
|
1018 $saved_queries = $db->get_saved_queries(); |
|
1019 |
|
1020 ?> |
|
1021 |
|
1022 <div id="debug" class="blocktable"> |
|
1023 <h2><span><?php echo $lang_common['Debug table'] ?></span></h2> |
|
1024 <div class="box"> |
|
1025 <div class="inbox"> |
|
1026 <table cellspacing="0"> |
|
1027 <thead> |
|
1028 <tr> |
|
1029 <th class="tcl" scope="col">Time (s)</th> |
|
1030 <th class="tcr" scope="col">Query</th> |
|
1031 </tr> |
|
1032 </thead> |
|
1033 <tbody> |
|
1034 <?php |
|
1035 |
|
1036 $query_time_total = 0.0; |
|
1037 while (list(, $cur_query) = @each($saved_queries)) |
|
1038 { |
|
1039 $query_time_total += $cur_query[1]; |
|
1040 |
|
1041 ?> |
|
1042 <tr> |
|
1043 <td class="tcl"><?php echo ($cur_query[1] != 0) ? $cur_query[1] : ' ' ?></td> |
|
1044 <td class="tcr"><?php echo pun_htmlspecialchars($cur_query[0]) ?></td> |
|
1045 </tr> |
|
1046 <?php |
|
1047 |
|
1048 } |
|
1049 |
|
1050 ?> |
|
1051 <tr> |
|
1052 <td class="tcl" colspan="2">Total query time: <?php echo $query_time_total ?> s</td> |
|
1053 </tr> |
|
1054 </tbody> |
|
1055 </table> |
|
1056 </div> |
|
1057 </div> |
|
1058 </div> |
|
1059 <?php |
|
1060 |
|
1061 } |
|
1062 |
|
1063 |
|
1064 // |
|
1065 // Unset any variables instantiated as a result of register_globals being enabled |
|
1066 // |
|
1067 function unregister_globals() |
|
1068 { |
|
1069 $register_globals = @ini_get('register_globals'); |
|
1070 if ($register_globals === "" || $register_globals === "0" || strtolower($register_globals === "off")) |
|
1071 return; |
|
1072 |
|
1073 // Prevent script.php?GLOBALS[foo]=bar |
|
1074 if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) |
|
1075 exit('I\'ll have a steak sandwich and... a steak sandwich.'); |
|
1076 |
|
1077 // Variables that shouldn't be unset |
|
1078 $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES'); |
|
1079 |
|
1080 // Remove elements in $GLOBALS that are present in any of the superglobals |
|
1081 $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); |
|
1082 foreach ($input as $k => $v) |
|
1083 { |
|
1084 if (!in_array($k, $no_unset) && isset($GLOBALS[$k])) |
|
1085 { |
|
1086 unset($GLOBALS[$k]); |
|
1087 unset($GLOBALS[$k]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4 |
|
1088 } |
|
1089 } |
|
1090 } |
|
1091 |
|
1092 |
|
1093 // |
|
1094 // Dump contents of variable(s) |
|
1095 // |
|
1096 function dump() |
|
1097 { |
|
1098 echo '<pre>'; |
|
1099 |
|
1100 $num_args = func_num_args(); |
|
1101 |
|
1102 for ($i = 0; $i < $num_args; ++$i) |
|
1103 { |
|
1104 print_r(func_get_arg($i)); |
|
1105 echo "\n\n"; |
|
1106 } |
|
1107 |
|
1108 echo '</pre>'; |
|
1109 exit; |
|
1110 } |