Beispiel #1
0
function forum_check_password($forum_fid)
{
    if (!is_numeric($forum_fid)) {
        return false;
    }
    $webtag = get_webtag();
    if (!($forum_passhash = forum_get_password($forum_fid))) {
        return true;
    }
    $forum_passhash_check = session::get_value("{$webtag}_PASSWORD");
    if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) {
        $forum_passhash_check = md5($_POST['forum_password']);
    }
    if ($forum_passhash == $forum_passhash_check) {
        session::set_value("{$webtag}_PASSWORD", $forum_passhash_check);
        return true;
    }
    html_draw_top(sprintf("title=%s", gettext("Password Protected Forum")));
    echo "<h1>", gettext("Password Protected Forum"), "</h1>\n";
    if (session::get_value("{$webtag}_PASSWORD")) {
        html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center');
    }
    if ($password_protected_message = forum_get_setting('password_protected_message')) {
        echo fix_html($password_protected_message);
    } else {
        html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center');
    }
    echo "<br />\n";
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"400\">\n";
    echo "            <tr>\n";
    echo "              <td class=\"posthead\" align=\"center\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"90%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\">", gettext("Password"), ":</td>\n";
    echo "                    <td align=\"left\">", form_input_password('forum_password', '', 40, false, ''), "</td>\n";
    echo "                  </tr>\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\">", form_submit("logon", gettext("Logon")), "&nbsp;", form_submit("cancel", gettext("Cancel")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) {
        html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center');
    }
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}
echo "                      <tr>\n";
echo "                        <td align=\"left\" width=\"100\">", gettext("Posted from"), ":</td>\n";
echo "                        <td align=\"left\">", form_date_dropdowns($from_year, $from_month, $from_day, "from_", 2002), "</td>\n";
echo "                      </tr>\n";
echo "                      <tr>\n";
echo "                        <td align=\"left\" width=\"100\">", gettext("Posted to"), ":</td>\n";
echo "                        <td align=\"left\">", form_date_dropdowns($to_year, $to_month, $to_day, "to_", 2002), "</td>\n";
echo "                      </tr>\n";
echo "                      <tr>\n";
echo "                        <td align=\"left\">&nbsp;</td>\n";
echo "                      </tr>\n";
echo "                    </table>\n";
echo "                  </td>\n";
echo "                </tr>\n";
echo "              </table>\n";
echo "            </td>\n";
echo "          </tr>\n";
echo "        </table>\n";
echo "      </td>\n";
echo "    </tr>\n";
echo "    <tr>\n";
echo "      <td>&nbsp;</td>\n";
echo "    </tr>\n";
echo "    <tr>\n";
echo "      <td colspan=\"2\" align=\"center\">", form_submit("update", gettext("Update")), "</td>\n";
echo "    </tr>\n";
echo "  </table>\n";
echo "  </form>\n";
echo "  </div>\n";
html_draw_bottom();
Beispiel #3
0
// Bootstrap
require_once 'boot.php';
// Includes required by this page.
require_once BH_INCLUDE_PATH . 'cache.inc.php';
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'lang.inc.php';
require_once BH_INCLUDE_PATH . 'logon.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
// Don't cache this page - fixes problems with Opera.
cache_disable();
// Get the user's saved left frame width.
if (($left_frame_width = session::get_value('LEFT_FRAME_WIDTH')) === false) {
    $left_frame_width = 280;
}
html_draw_top('frame_set_html', 'pm_popup_disabled');
$frameset = new html_frameset_cols('start', "{$left_frame_width},*");
if (isset($_GET['left']) && $_GET['left'] == "threadlist") {
    $frameset->html_frame("thread_list.php?webtag={$webtag}", html_get_frame_name('left'));
} else {
    $frameset->html_frame("start_left.php?webtag={$webtag}", html_get_frame_name('left'));
}
if (isset($_GET['show']) && $_GET['show'] == "visitors") {
    $frameset->html_frame("visitor_log.php?webtag={$webtag}", html_get_frame_name('right'));
} else {
    $frameset->html_frame("start_main.php?webtag={$webtag}", html_get_frame_name('right'));
}
$frameset->output_html();
html_draw_bottom(true);
Beispiel #4
0
function forum_start_page_get_html($content)
{
    ob_start();
    html_draw_top();
    echo $content;
    html_draw_bottom();
    $content = ob_get_contents();
    ob_end_clean();
    return word_filter_rem_ob_tags($content);
}
Beispiel #5
0
function html_draw_error($error_msg, $href = false, $method = 'get', $button_array = false, $var_array = false, $target = "_self", $align = "left", $id = false)
{
    html_draw_top(gettext('Error'));
    html_display_msg(gettext("Error"), $error_msg, $href, $method, $button_array, $var_array, $target, $align, $id);
    html_draw_bottom();
    exit;
}
Beispiel #6
0
function html_draw_error($message, $href = null, $method = 'get', array $buttons = array(), array $vars = array(), $target = "_self", $align = "left", $id = null)
{
    html_draw_top(array('title' => gettext('Error')));
    html_display_msg(gettext("Error"), $message, $href, $method, $buttons, $vars, $target, $align, $id);
    html_draw_bottom();
    exit;
}
Beispiel #7
0
function admin_check_credentials()
{
    $webtag = get_webtag();
    if (($admin_timeout = session::get_value('ADMIN_TIMEOUT')) && $admin_timeout > time()) {
        session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
        return true;
    }
    if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) {
        $admin_logon = $_POST['admin_logon'];
        $admin_password = $_POST['admin_password'];
        if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == session::get_value('UID')) {
            session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
            return true;
        } else {
            html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center');
        }
    }
    html_draw_top();
    if (isset($error_message) && strlen(trim($error_message)) > 0) {
        html_display_error_msg($error_message, '500', 'center');
    }
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center');
    } else {
        html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center');
    }
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <br />\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"100%\">\n";
    echo "            <tr>\n";
    echo "              <td align=\"left\" class=\"posthead\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"center\">\n";
    echo "                      <table class=\"posthead\" width=\"95%\">\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_text('admin_logon', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_password('admin_password', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"left\">&nbsp;</td>\n";
    echo "                        </tr>\n";
    echo "                      </table>\n";
    echo "                    </td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}