Beispiel #1
0
/**
 * Require that the user is logged in.
 *
 * A check is done to see if the user is logged in.
 * If not, then the user is redirected to the login page.
 *
 * @param bool $tight_security
 *     When this parameter has a true value (default is FALSE),
 *     then a tight security check is done. This means that a check
 *     is done to see if a short term session is active. An available
 *     long term session is not good enough in this case.
 *
 *     Tight Security is an option that can be enabled from Phorum's
 *     admin interface.
 */
function phorum_api_request_require_login($tight_security = FALSE)
{
    global $PHORUM;
    // Check if we have an authenticated user.
    if (!$PHORUM['user']['user_id']) {
        phorum_api_redirect(PHORUM_LOGIN_URL, 'redir=' . urlencode(phorum_api_url_current()));
    }
    // Handle tight security.
    if ($tight_security && !$PHORUM['DATA']['FULLY_LOGGEDIN']) {
        phorum_api_redirect(PHORUM_LOGIN_URL, 'redir=' . urlencode(phorum_api_url_current()));
    }
}
Beispiel #2
0
/**
 * This function implements the Atom output adapter for the Feed API.
 *
 * @param array $messages
 *     An array of messages to include in the feed.
 *
 * @param array $forums
 *     An array of related forums.
 *
 * @param string $url
 *     The URL that points to the feed's target.
 *
 * @param string $title
 *     The title to use for the feed.
 *
 * @param string $description
 *     The description to use for the feed.
 *
 * @param bool $replies
 *     Whether or not this is a feed that includes reply messages.
 *     If not, then it will only contain thread starter messages.
 *
 * @return array
 *     An array containing two elements:
 *     - The generated feed data (Atom XML).
 *     - The Content-Type header to use for the feed.
 */
function phorum_api_feed_atom($messages, $forums, $url, $title, $description, $replies)
{
    global $PHORUM;
    $hcharset = $PHORUM['DATA']['HCHARSET'];
    $selfurl = htmlspecialchars(phorum_api_url_current(), ENT_COMPAT, $hcharset);
    $url = htmlspecialchars($url, ENT_COMPAT, $hcharset);
    $title = htmlspecialchars($title, ENT_COMPAT, $hcharset);
    $description = htmlspecialchars($description, ENT_COMPAT, $hcharset);
    $builddate = htmlspecialchars(date('r'), ENT_COMPAT, $hcharset);
    $generator = htmlspecialchars('Phorum ' . PHORUM, ENT_COMPAT, $hcharset);
    $buffer = "<?xml version=\"1.0\" encoding=\"{$PHORUM['DATA']['CHARSET']}\"?>\n";
    $buffer .= "<feed xmlns=\"http://www.w3.org/2005/Atom\">\n";
    $buffer .= " <title>{$title}</title>\n";
    $buffer .= " <subtitle>{$description}</subtitle>\n";
    $buffer .= " <link rel=\"self\" href=\"{$selfurl}\" />\n";
    $buffer .= " <id>{$url}</id>\n";
    $buffer .= " <updated>{$builddate}</updated>\n";
    $buffer .= " <generator>{$generator}</generator>\n";
    // Lookup the plain text usernames for the authenticated authors.
    $users = $messages['users'];
    unset($messages['users']);
    unset($users[0]);
    $users = phorum_api_user_get_display_name($users, '', PHORUM_FLAG_PLAINTEXT);
    foreach ($messages as $message) {
        // Include information about the number of replies to threads.
        $title = strip_tags($message['subject']);
        if (!$replies) {
            $lang = $PHORUM['DATA']['LANG'];
            switch ($message['thread_count']) {
                case 1:
                    $title .= " ({$lang['noreplies']})";
                    break;
                case 2:
                    $title .= " (1 {$lang['reply']})";
                    break;
                default:
                    $replies = $message['thread_count'] - 1;
                    $title .= " ({$replies} {$lang['replies']})";
            }
        }
        // Publish date.
        $published = date('r', $message['datestamp']);
        // Updated date.
        if ($message['parent_id']) {
            if (!empty($message['meta']['edit_date'])) {
                $updated = date('r', $message['meta']['edit_date']);
            } else {
                $updated = $published;
            }
        } else {
            $updated = date('r', $message['modifystamp']);
        }
        // Generate the URL for reading the message.
        $url = htmlspecialchars(phorum_api_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["thread"], $message["message_id"]));
        // The forum in which the message is stored is used as the category.
        $category = htmlspecialchars($forums[$message['forum_id']]['name'], ENT_COMPAT, $hcharset);
        // Format the author.
        $author = !empty($users[$message['user_id']]) ? $users[$message['user_id']] : $message['author'];
        $author = htmlspecialchars($author, ENT_COMPAT, $hcharset);
        // Strip unprintable characters from the message body.
        $body = strtr($message['body'], "\v\f" . "", "????????????????????????????");
        $buffer .= " <entry>\n";
        $buffer .= "  <title type=\"html\">{$title}</title>\n";
        $buffer .= "  <link href=\"{$url}\" />\n";
        $buffer .= "  <category term=\"{$category}\" />\n";
        $buffer .= "  <published>{$published}</published>\n";
        $buffer .= "  <updated>{$updated}</updated>\n";
        $buffer .= "  <id>{$url}</id>\n";
        $buffer .= "  <author>\n";
        $buffer .= "  <name>{$author}</name>\n";
        $buffer .= "  </author>\n";
        $buffer .= "  <summary type=\"html\"><![CDATA[{$body}]]></summary>\n";
        $buffer .= " </entry>\n";
    }
    $buffer .= "</feed>\n";
    return array($buffer, 'application/xml');
}
Beispiel #3
0
/**
 * @deprecated Replaced by {@link phorum_api_url_current()}.
 */
function phorum_get_current_url($include_query_string = TRUE)
{
    return phorum_api_url_current($include_query_string);
}
Beispiel #4
0
// the code run faster.
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR);
require_once './common.php';
require_once PHORUM_PATH . '/include/admin/functions.php';
require_once PHORUM_PATH . '/include/api/buffer.php';
require_once PHORUM_PATH . '/include/api/sign.php';
require_once PHORUM_PATH . '/include/api/lang.php';
// initialized as empty
$PHORUM['admin_token'] = "";
if (!empty($_GET['phorum_admin_token'])) {
    $PHORUM['admin_token'] = $_GET['phorum_admin_token'];
} elseif (!empty($_POST['phorum_admin_token'])) {
    $PHORUM['admin_token'] = $_POST['phorum_admin_token'];
}
// determine absolute URI for the admin
$PHORUM["admin_http_path"] = phorum_api_url_current(false);
// determine http_path (at install time; after that it's in the settings)
if (!isset($PHORUM["http_path"])) {
    $PHORUM["http_path"] = dirname($_SERVER["PHP_SELF"]);
}
// A variable that can be filled for showing a notification in the
// admin header.php.
$notification = NULL;
// if we are installing or upgrading, we don't need to check for a session
// 2005081000 was the internal version that introduced the installed flag
if (!isset($PHORUM['internal_version']) || !isset($PHORUM['installed']) && $PHORUM['internal_version'] >= '2005081000') {
    // this is an install
    $module = "install";
} elseif (isset($_REQUEST["module"]) && $_REQUEST["module"] == "upgrade" || $PHORUM['internal_version'] < PHORUM_SCHEMA_VERSION || !isset($PHORUM['internal_patchlevel']) || $PHORUM['internal_patchlevel'] < PHORUM_SCHEMA_PATCHLEVEL) {
    // this is an upgrade
    $module = "upgrade";