/** * RSSUser constructor: * Handles: * -logout * -cookie login (with validation) * -login */ function RSSUser() { $this->_uid = 0; $this->_validIPs = array(); $this->_level = RSS_USER_LEVEL_NOLEVEL; $this->_uname = ''; $this->_realName = ''; $this->_hash = null; $this->_showPrivate = 0; $this->_mobileSession = isset($_POST['media']) && 'mobile' == $_POST['media']; if ('mobile' == getThemeMedia()) { @ini_set('session.use_trans_sid', true); session_start(); } if (array_key_exists('logout', $_GET)) { $this->logout(); rss_redirect(''); } $cuname = $chash = null; if (isset($_POST['username']) && isset($_POST['password'])) { $_cuname = trim($_POST['username']); if ($this->_mobileSession) { $_chash = md5(md5($_POST['password'] . $_POST['username'])); } else { $_chash = md5($_POST['password']); } if ($this->login($_cuname, $_chash)) { $cuname = $_cuname; $chash = $_chash; $this->_action = RSS_USER_ACTION_LOGIN; } } elseif (isset($_COOKIE[RSS_USER_COOKIE])) { list($cuname, $chash) = explode('|', $_COOKIE[RSS_USER_COOKIE]); $this->_action = RSS_USER_ACTION_COOKIE; } elseif (isset($_SESSION['mobile'])) { list($cuname, $chash) = explode('|', $_SESSION['mobile']); $this->_mobileSession = true; $this->_action = RSS_USER_ACTION_SESSION; } if ($cuname && $chash) { $sql = "select uid, uname, ulevel, realname, userips from " . getTable('users') . " where uname='" . rss_real_escape_string($cuname) . "' and password='******'#[^a-zA-Z0-9]#', '', md5($chash)) . "'"; $rs = rss_query($sql); if (rss_num_rows($rs) == 1) { list($uid, $uname, $level, $realName, $tmpUserIps) = rss_fetch_row($rs); $userIPs = explode(' ', $tmpUserIps); $subnet = preg_replace('#^([0-9]+\\.[0-9]+\\.[0-9]+)\\.[0-9]+$#', '\\1', $_SERVER['REMOTE_ADDR']); if (array_search($subnet, $userIPs) !== FALSE || $this->_action != RSS_USER_ACTION_COOKIE) { $this->_uid = $uid; $this->_uname = $uname; $this->_validIPs = $userIPs; $this->_level = $level; $this->_realName = $realName; $this->_hash = $chash; } } } }
/** * Returns an array holding the "main" theme to use, * as well as the detected "media" (@see getThemeMedia) */ function getActualTheme() { static $ret; if ($ret) { return $ret; } // Theme $theme = getConfig('rss.output.theme'); if (null === $theme) { $theme = 'default'; } if (defined('THEME_OVERRIDE')) { $theme = THEME_OVERRIDE; } elseif (isset($_GET['theme'])) { $theme = sanitize($_GET['theme'], RSS_SANITIZER_WORDS); } // Media $media = getThemeMedia(); if (!file_exists(GREGARIUS_HOME . RSS_THEME_DIR . "/{$theme}/{$media}/")) { $theme = 'default'; } $ret = array($theme, $media); return $ret; }
echo $title; ?> </h2> <?php if (hidePrivate()) { ?> <p>(<a href="<?php echo getPath(); ?> ?mobilelogin&media=mobile">Login</a> to mark items read)</p> <?php } ?> <form method="post" action="<?php print getPath(); ?> "> <?php } rss_itemlist_feeds(); if (!isMobileDevice()) { ?> <input type='hidden' name='mobile' /> <?php } ?> <p id="nextitems"><input type='submit' value='Next »»' /></p> </form> <?php rss_plugin_hook('rss.plugins.bodyend.media', getThemeMedia());