/**
* Require that the user is logged in.
*
* A check is done to see if the user is logged in.
* If not, then the user is redirected to the login page.
*
* @param bool $tight_security
* When this parameter has a true value (default is FALSE),
* then a tight security check is done. This means that a check
* is done to see if a short term session is active. An available
* long term session is not good enough in this case.
*
* Tight Security is an option that can be enabled from Phorum's
* admin interface.
*/
function phorum_api_request_require_login($tight_security = FALSE)
{
global $PHORUM;
// Check if we have an authenticated user.
if (!$PHORUM['user']['user_id']) {
phorum_api_redirect(PHORUM_LOGIN_URL, 'redir=' . urlencode(phorum_api_url_current()));
}
// Handle tight security.
if ($tight_security && !$PHORUM['DATA']['FULLY_LOGGEDIN']) {
phorum_api_redirect(PHORUM_LOGIN_URL, 'redir=' . urlencode(phorum_api_url_current()));
}
}
/**
* This function implements the Atom output adapter for the Feed API.
*
* @param array $messages
* An array of messages to include in the feed.
*
* @param array $forums
* An array of related forums.
*
* @param string $url
* The URL that points to the feed's target.
*
* @param string $title
* The title to use for the feed.
*
* @param string $description
* The description to use for the feed.
*
* @param bool $replies
* Whether or not this is a feed that includes reply messages.
* If not, then it will only contain thread starter messages.
*
* @return array
* An array containing two elements:
* - The generated feed data (Atom XML).
* - The Content-Type header to use for the feed.
*/
function phorum_api_feed_atom($messages, $forums, $url, $title, $description, $replies)
{
global $PHORUM;
$hcharset = $PHORUM['DATA']['HCHARSET'];
$selfurl = htmlspecialchars(phorum_api_url_current(), ENT_COMPAT, $hcharset);
$url = htmlspecialchars($url, ENT_COMPAT, $hcharset);
$title = htmlspecialchars($title, ENT_COMPAT, $hcharset);
$description = htmlspecialchars($description, ENT_COMPAT, $hcharset);
$builddate = htmlspecialchars(date('r'), ENT_COMPAT, $hcharset);
$generator = htmlspecialchars('Phorum ' . PHORUM, ENT_COMPAT, $hcharset);
$buffer = "<?xml version=\"1.0\" encoding=\"{$PHORUM['DATA']['CHARSET']}\"?>\n";
$buffer .= "<feed xmlns=\"http://www.w3.org/2005/Atom\">\n";
$buffer .= " <title>{$title}</title>\n";
$buffer .= " <subtitle>{$description}</subtitle>\n";
$buffer .= " <link rel=\"self\" href=\"{$selfurl}\" />\n";
$buffer .= " <id>{$url}</id>\n";
$buffer .= " <updated>{$builddate}</updated>\n";
$buffer .= " <generator>{$generator}</generator>\n";
// Lookup the plain text usernames for the authenticated authors.
$users = $messages['users'];
unset($messages['users']);
unset($users[0]);
$users = phorum_api_user_get_display_name($users, '', PHORUM_FLAG_PLAINTEXT);
foreach ($messages as $message) {
// Include information about the number of replies to threads.
$title = strip_tags($message['subject']);
if (!$replies) {
$lang = $PHORUM['DATA']['LANG'];
switch ($message['thread_count']) {
case 1:
$title .= " ({$lang['noreplies']})";
break;
case 2:
$title .= " (1 {$lang['reply']})";
break;
default:
$replies = $message['thread_count'] - 1;
$title .= " ({$replies} {$lang['replies']})";
}
}
// Publish date.
$published = date('r', $message['datestamp']);
// Updated date.
if ($message['parent_id']) {
if (!empty($message['meta']['edit_date'])) {
$updated = date('r', $message['meta']['edit_date']);
} else {
$updated = $published;
}
} else {
$updated = date('r', $message['modifystamp']);
}
// Generate the URL for reading the message.
$url = htmlspecialchars(phorum_api_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["thread"], $message["message_id"]));
// The forum in which the message is stored is used as the category.
$category = htmlspecialchars($forums[$message['forum_id']]['name'], ENT_COMPAT, $hcharset);
// Format the author.
$author = !empty($users[$message['user_id']]) ? $users[$message['user_id']] : $message['author'];
$author = htmlspecialchars($author, ENT_COMPAT, $hcharset);
// Strip unprintable characters from the message body.
$body = strtr($message['body'], "\v\f" . "
", "????????????????????????????");
$buffer .= " <entry>\n";
$buffer .= " <title type=\"html\">{$title}</title>\n";
$buffer .= " <link href=\"{$url}\" />\n";
$buffer .= " <category term=\"{$category}\" />\n";
$buffer .= " <published>{$published}</published>\n";
$buffer .= " <updated>{$updated}</updated>\n";
$buffer .= " <id>{$url}</id>\n";
$buffer .= " <author>\n";
$buffer .= " <name>{$author}</name>\n";
$buffer .= " </author>\n";
$buffer .= " <summary type=\"html\"><![CDATA[{$body}]]></summary>\n";
$buffer .= " </entry>\n";
}
$buffer .= "</feed>\n";
return array($buffer, 'application/xml');
}
/**
* @deprecated Replaced by {@link phorum_api_url_current()}.
*/
function phorum_get_current_url($include_query_string = TRUE)
{
return phorum_api_url_current($include_query_string);
}
// the code run faster.
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR);
require_once './common.php';
require_once PHORUM_PATH . '/include/admin/functions.php';
require_once PHORUM_PATH . '/include/api/buffer.php';
require_once PHORUM_PATH . '/include/api/sign.php';
require_once PHORUM_PATH . '/include/api/lang.php';
// initialized as empty
$PHORUM['admin_token'] = "";
if (!empty($_GET['phorum_admin_token'])) {
$PHORUM['admin_token'] = $_GET['phorum_admin_token'];
} elseif (!empty($_POST['phorum_admin_token'])) {
$PHORUM['admin_token'] = $_POST['phorum_admin_token'];
}
// determine absolute URI for the admin
$PHORUM["admin_http_path"] = phorum_api_url_current(false);
// determine http_path (at install time; after that it's in the settings)
if (!isset($PHORUM["http_path"])) {
$PHORUM["http_path"] = dirname($_SERVER["PHP_SELF"]);
}
// A variable that can be filled for showing a notification in the
// admin header.php.
$notification = NULL;
// if we are installing or upgrading, we don't need to check for a session
// 2005081000 was the internal version that introduced the installed flag
if (!isset($PHORUM['internal_version']) || !isset($PHORUM['installed']) && $PHORUM['internal_version'] >= '2005081000') {
// this is an install
$module = "install";
} elseif (isset($_REQUEST["module"]) && $_REQUEST["module"] == "upgrade" || $PHORUM['internal_version'] < PHORUM_SCHEMA_VERSION || !isset($PHORUM['internal_patchlevel']) || $PHORUM['internal_patchlevel'] < PHORUM_SCHEMA_PATCHLEVEL) {
// this is an upgrade
$module = "upgrade";
