function bh_session_create($username)
{
global $dbconfig, $bhconfig;
# Create the session id
srand(microtime() * microtime());
$sessionid = md5(rand(1, 9999999) . rand(1, 9999999) . rand(1, 9999999) . rand(1, 9999999));
$oldprefix = $dbconfig['prefix'];
$olddb = $dbconfig['db'];
$dbconfig['prefix'] = $bhconfig['phpbb_prefix'];
$dbconfig['db'] = $bhconfig['phpbb_db'];
# Get the user id for the username
$userrows = select_bhdb("users", array("username" => $username), 1);
foreach ($userrows as $userrow) {
$userid = $userrow['user_id'];
}
# Insert session row
insert_bhdb("sessions", array("session_id" => $sessionid, "session_user_id" => $user_id, "session_start" => time(), "session_time" => time(), "session_ip" => encode_ip($_SERVER['REMOTE_ADDR']), "session_page" => "0", "session_logged_in" => "1"));
$dbconfig['prefix'] = $oldprefix;
$dbconfig['db'] = $olddb;
return array("username" => $username);
}
<?php
//TMP (debug purpose)
//include('dBug.php');
//Pluton library
include '_includes/core.php';
//Sajax
include '_includes/Sajax.php';
//Sets the true URL and not the rewrited one as Sajax remote URL
$sajax_remote_uri = '/?' . $_SERVER["QUERY_STRING"];
//IceDeck library
include '_includes/IceDeck/Card.php';
include '_includes/IceDeck/Keywords.php';
//Session
$IP = encode_ip($_SERVER["REMOTE_ADDR"]);
session_start();
$_session[ID] = session_id();
SessionUpdate();
//updates or creates the session
include "_includes/login.php";
//login/logout
$Utilisateur = GetUtilisateurInfos($IP);
//Gets current user infos
//Preferences
define('LANG', 'english');
define('THEME', 'default');
//Smarty
require '_includes/Smarty/Smarty.class.php';
$smarty = new Smarty();
//TODO : trouver solution plus élégante et compatible Windows
$current_dir = dirname(__FILE__);
foreach ($ip_sep as $val) {
if ($val == 0) {
$strip_num += 2;
}
}
if (count($ip_sep) < 4) {
$strip_num += 2 * (4 - count($ip_sep));
}
}
if (preg_match('/(([0-9]{1,3})(\\.)?){1,4}/', $search_ip)) {
$host = @gethostbyaddr($search_ip);
} else {
$host = $search_ip;
$search_ip = @gethostbyname($host);
}
$encoded_ip = encode_ip($search_ip);
if ($strip_num) {
$encoded_ip = substr($encoded_ip, 0, strlen($encoded_ip) - $strip_num);
$ip_sql = "LIKE '" . $encoded_ip . "%'";
} else {
$ip_sql = "= '" . $encoded_ip . "'";
}
$template->assign_vars(array('L_IP_SEARCH_RESULTS' => $lang['IPSearch_Search_Results'], 'L_OTHER_USERS' => $lang['Users_this_IP'], 'L_SEARCH' => $lang['Search'], 'L_AGAIN' => $lang['IPSearch_Again'], 'SEARCH_IMG' => $phpbb_root_path . $images['icon_search'], 'IP' => $search_ip, 'HOST' => $host, 'U_IP_SEARCH' => append_sid('admin_ip_search.' . $phpEx)));
// Get users who've posted under this IP
$sql = 'SELECT u.user_id, u.username, COUNT(*) as postings
FROM ' . USERS_TABLE . ' u, ' . POSTS_TABLE . ' p
WHERE p.poster_id = u.user_id
AND p.poster_ip ' . $ip_sql . '
GROUP BY u.user_id, u.username
ORDER BY ' . (SQL_LAYER == 'msaccess' ? 'COUNT(*)' : 'postings') . ' DESC';
if (!($result = $db->sql_query($sql))) {
case 3:
$users[] = encode_ip($ip_split[0] . "." . $ip_split[1] . ".255.255");
break;
case 2:
$users[] = encode_ip($ip_split[0] . ".255.255.255");
break;
}
} elseif (preg_match('/^([0-9]{1,2}|[0-2][0-9]{0,2})(\\.([0-9]{1,2}|[0-2][0-9]{0,2})){3}(\\s)*-(\\s)*([0-9]{1,2}|[0-2][0-9]{0,2})(\\.([0-9]{1,2}|[0-2][0-9]{0,2})){3}$/', $ip_address)) {
$range = preg_split('/[-\\s]+/', $ip_address);
$start_range = explode('.', $range[0]);
$end_range = explode('.', $range[1]);
if ($start_range[0] . $start_range[1] . $start_range[2] != $end_range[0] . $end_range[1] . $end_range[2] || $start_range[3] > $end_range[3]) {
bb_die($lang['SEARCH_INVALID_IP']);
}
for ($i = $start_range[3]; $i <= $end_range[3]; $i++) {
$users[] = encode_ip($start_range[0] . "." . $start_range[1] . "." . $start_range[2] . "." . $i);
}
} else {
bb_die($lang['SEARCH_INVALID_IP']);
}
$ip_in_sql = $ip_like_sql = $ip_like_sql_flylast = $ip_like_sql_flyreg = '';
foreach ($users as $address) {
if (preg_match('/(ff){1,3}$/i', $address)) {
if (preg_match('/[0-9a-f]{2}ffffff/i', $address)) {
$ip_start = substr($address, 0, 2);
} elseif (preg_match('/[0-9a-f]{4}ffff/i', $address)) {
$ip_start = substr($address, 0, 4);
} elseif (preg_match('/[0-9a-f]{6}ff/i', $address)) {
$ip_start = substr($address, 0, 6);
}
$ip_like_sql_flylast = $ip_like_sql . ($ip_like_sql != '') ? " OR user_last_ip LIKE '" . $ip_start . "%'" : "user_last_ip LIKE '" . $ip_start . "%'";
$result = query($sql, "Couldn't obtain ip data from {$table} (" . $fields . ")");
$row = $db->sql_fetchrow($result);
$maxid = $row['max_id'];
for ($i = 0; $i <= $maxid; $i += $batchsize) {
$batchstart = $i;
$batchend = $i + $batchsize;
$field_id = $data_array['id'];
$field = $data_array['field'];
print " * Converting IP format '" . $field . "' / '{$table}' ( {$batchstart} to {$batchend} ) :: ";
flush();
$sql = "SELECT {$field_id}, {$field} \n\t\t\t\t\t\tFROM {$table} \n\t\t\t\t\t\tWHERE {$field_id} \n\t\t\t\t\t\t\tBETWEEN {$batchstart} \n\t\t\t\t\t\t\t\tAND {$batchend}";
$result = query($sql, "Couldn't obtain ip data from {$table} (" . $fields . ")");
$per_pct = ceil($db->sql_numrows($result) / 40);
$inc = 0;
while ($row = $db->sql_fetchrow($result)) {
$sql = "UPDATE {$table} \n\t\t\t\t\t\t\tSET {$field} = '" . encode_ip($row[$field]) . "' \n\t\t\t\t\t\t\tWHERE {$field_id} = " . $row[$field_id];
query($sql, "Couldn't convert IP format of {$field} in {$table} with {$field_id} of " . $rowset[$field_id]);
$inc++;
if ($inc == $per_pct) {
print ".";
flush();
$inc = 0;
}
}
print " <span class=\"ok\"><b>OK</b></span><br />\n";
}
}
lock_tables(0);
end_step('convert_dates');
case 'convert_dates':
$names = array(POSTS_TABLE => array('post_time'), TOPICS_TABLE => array('topic_time'), PRIVMSGS_TABLE => array('msg_time'));
if (!verify_ip($ip)) {
if ($tr_cfg['allow_host_ip']) {
$ip = gethostbyname($ip);
if (!verify_ip($ip)) {
error_exit("Unable to resolve host name {$ip}");
}
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
}
}
if (!verify_ip($ip)) {
error_exit("Invalid IP: {$ip}");
}
// convert IP to phpBB compatible format
$ip = encode_ip($ip);
// Define "numwant"
if ($tr_cfg['ignor_numwant'] || !isset($numwant) || !$numwant) {
$numwant = $tr_cfg['numwant'];
} else {
$numwant = min($numwant, $tr_cfg['numwant_max']);
}
// Define tracker peers-list output mode (standard, compact...) and events
$started = isset($event) && $event == 'started' ? TRUE : FALSE;
$stopped = isset($event) && $event == 'stopped' ? TRUE : FALSE;
$completed = isset($event) && $event == 'completed' ? TRUE : FALSE;
$compact_mode = $tr_cfg['compact_mode'] || isset($compact) ? TRUE : FALSE;
$no_peer_id_mode = isset($no_peer_id) ? TRUE : FALSE;
// Define if peer is seeder (this value will stored in DB)
$seeder = $left == 0 ? 1 : 0;
// Verify if torrent registered on tracker and user authorized
/**
* Submit a vote for a forum poll
* @since Version 3.2
* @version 3.2
* @param int $user_id
* @param int $option_id
* @return boolean
*/
public function vote($user_id = false, $option_id = false)
{
if (!$user_id || !$option_id || !$this->id || empty($this->polldata)) {
return false;
}
if ($this->db instanceof \sql_db) {
$query = "UPDATE nuke_bbvote_results SET vote_result = vote_result + 1 WHERE vote_id = " . $this->polldata['id'] . " AND vote_option_id = " . $this->db->real_escape_string($option_id);
if ($this->db->query($query)) {
// Hooray - now to record this user's vote
$dataArray = array();
$dataArray['vote_id'] = $this->polldata['id'];
$dataArray['vote_user_id'] = $user_id;
$dataArray['vote_user_ip'] = encode_ip($_SERVER['REMOTE_ADDR']);
$query = $this->db->buildQuery($dataArray, "nuke_bbvote_voters");
if ($this->db->query($query)) {
return true;
} else {
throw new Exception($this->db->error);
return false;
}
} else {
throw new Exception($this->db->error);
return false;
}
} else {
// Ehhh
}
}
function start($page_id)
{
global $db, $board_config, $SID, $mvModuleName;
$current_time = time();
if (isset($_SERVER['HTTP_USER_AGENT']) && !empty($_SERVER['HTTP_USER_AGENT'])) {
$this->browser = $_SERVER['HTTP_USER_AGENT'];
} elseif (isset($_ENV['HTTP_USER_AGENT']) && !empty($_ENV['HTTP_USER_AGENT'])) {
$this->browser = $_ENV['HTTP_USER_AGENT'];
} else {
$this->browser = 'Unknown';
}
if (strlen($this->browser) > BROWSER_MAX_LEN) {
$this->browser = substr($this->browser, 0, BROWSER_MAX_LEN);
}
if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) {
$this->page = $_SERVER['REQUEST_URI'];
} elseif (isset($_ENV['REQUEST_URI']) && !empty($_ENV['REQUEST_URI'])) {
$this->page = $_ENV['REQUEST_URI'];
} else {
$this->page = $_SERVER['PHP_SELF'];
}
if (!defined('IN_ADMIN') && $mvModuleName != '') {
$page_id = constant('MODULE_' . $mvModuleName . '_' . $page_id);
}
$this->page_id = intval($page_id);
unset($page_id);
$cookiename = $board_config['cookie_name'];
if (isset($_COOKIE[$cookiename . '_sid']) || isset($_COOKIE[$cookiename . '_data'])) {
$sessiondata = isset($_COOKIE[$cookiename . '_data']) ? unserialize(stripslashes($_COOKIE[$cookiename . '_data'])) : array();
$this->session_id = isset($_COOKIE[$cookiename . '_sid']) ? $_COOKIE[$cookiename . '_sid'] : '';
$this->session_method = SESSION_METHOD_COOKIE;
$SID = defined('NEED_SID') ? 'sid=' . $this->session_id : '';
} else {
$sessiondata = array();
$this->session_id = isset($_GET['sid']) ? $_GET['sid'] : '';
$this->session_method = SESSION_METHOD_GET;
$SID = 'sid=' . $this->session_id;
}
if (!preg_match('/^[A-Za-z0-9]*$/', $this->session_id)) {
$this->session_id = '';
}
$this->ip = isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : getenv('REMOTE_ADDR');
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$private_ip = array('#^0\\.#', '#^127\\.0\\.0\\.1#', '#^192\\.168\\.#', '#^172\\.16\\.#', '#^10\\.#', '#^224\\.#', '#^240\\.#');
$bits = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip_list = array();
foreach ($bits as $x_ip) {
if (preg_match('#([0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)#', $x_ip, $ip_list)) {
if (($this->ip = trim(preg_replace($private_ip, $this->ip, $ip_list[1]))) == trim($ip_list[1])) {
break;
}
}
}
}
$this->ip = encode_ip($this->ip);
/*
Load Limit
*/
//
// Does a session exist?
//
if (!empty($this->session_id) && (!defined('NEED_SID') || $this->session_id == (isset($_GET['sid']) ? $_GET['sid'] : ''))) {
//
// session_id exists so go ahead and attempt to grab all
// data in preparation
//
$sql = "SELECT u.*, s.*\n\t\t\t\tFROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u\n\t\t\t\tWHERE s.session_id = '" . $db->sql_escape($this->session_id) . "'\n\t\t\t\t\tAND u.user_id = s.session_user_id";
if (!($result = $db->sql_query($sql))) {
message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
}
$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
//
// Did the session exist in the DB?
//
if (isset($this->data['user_id'])) {
// Validate IP length according to admin ... has no effect on IPv6
$s_ip = substr($this->data['session_ip'], 0, $board_config['ip_check']);
$u_ip = substr($this->ip, 0, $board_config['ip_check']);
//$s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, $board_config['ip_check']));
//$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $board_config['ip_check']));
$s_browser = $board_config['browser_check'] ? $this->data['session_browser'] : '';
$u_browser = $board_config['browser_check'] ? $this->browser : '';
if ($s_ip == $u_ip && $s_browser == $u_browser) {
// Only update session DB a minute or so after last update or if page changes
if ($current_time - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page_id) {
$sql = 'UPDATE ' . SESSIONS_TABLE . "\n\t\t\t\t\t\t\tSET session_time = {$current_time}, session_page = '" . $db->sql_escape($this->page_id) . "'\n\t\t\t\t\t\t\tWHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
if (!$db->sql_query($sql)) {
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
if ($this->data['user_id'] != ANONYMOUS) {
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\t\t\t\t\tSET user_session_time = {$current_time}, user_session_page = '" . $this->page_id . "'\n\t\t\t\t\t\t\t\tWHERE user_id = '" . $this->data['user_id'] . "'";
if (!$db->sql_query($sql)) {
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
}
}
return $this->data;
//return true; // Once no more $userdata
} else {
//die ('Session Hijacking');
}
}
}
//
// If we reach here then no (valid) session exists. So we'll create a new one,
// using the cookie user_id if available to pull basic user prefs.
//
$autologin = isset($sessiondata['autologinid']) ? $sessiondata['autologinid'] : '';
$user_id = isset($sessiondata['userid']) ? intval($sessiondata['userid']) : ANONYMOUS;
if (!($this->data = $this->create($user_id, $autologin, FALSE, $this->page_id))) {
message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql);
}
return $this->data;
}
die;
}
$sql = sprintf("SELECT id, last_date FROM usagetracker WHERE hash = '%s' LIMIT 1", $db->real_escape_string($hash));
$res = $db->query($sql);
if ($res->num_rows > 0) {
// Shouldn't normally be here but happens if GCS settings are reset
// or if the request come from another source than GCS.
$hashUpdate = $res->fetch_assoc();
if ($hashUpdate['last_date'] < time() - 3600) {
// Update timestamp and connection count.
$sql = sprintf("UPDATE usagetracker SET last_date = %u, count = count + 1 WHERE id = %u LIMIT 1", time(), $hashUpdate['id']);
$db->query($sql);
}
} else {
// New hash
$sql = sprintf("INSERT INTO usagetracker (first_date, last_date, ip, data, hash)\n VALUES (%u, %u, '%s', '%s', '%s')", time(), time(), encode_ip($_SERVER['REMOTE_ADDR']), $db->real_escape_string($string), $db->real_escape_string($_GET['hash']));
$db->query($sql);
}
$db->close();
function usage_error()
{
//ob_start();
header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
header("Status: 404 Not Found");
// Matching server 404 output can be added.
exit;
}
function encode_ip($dotquad_ip)
{
$ip_sep = explode('.', $dotquad_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
function initializeBase()
{
// set the default timezone
if (function_exists('date_default_timezone_set')) {
@date_default_timezone_set('Asia/Shanghai');
}
// define the start of our script
define('MICROTIME', microtime(TRUE));
// path to the html templates folder.
// base path
define('DIR_BASE', dirname(dirname(__FILE__)) . '/');
// path to the private source code
define('DIR_PRIVATE', DIR_BASE . 'private/');
// path to the 3rd Party vendors
define('DIR_VENDORS', DIR_BASE . 'vendors/');
// path public_html folder
//define('DIR_PUBLIC_HTML', DIR_BASE .'wp-content/themes/seecblog/');
define('DIR_PUBLIC_HTML', DIR_BASE);
// define the path to the classes directory
define('DIR_CLASSES', DIR_PRIVATE . 'classes/');
// path to php includes
define('DIR_INCLUDES', DIR_PRIVATE . 'includes/');
// path to script includes.
define('DIR_SCRIPT_INCLUDES', DIR_PRIVATE . 'script_includes/');
// path to circuit application directory root
define('DIR_CIRCUIT_APPS', DIR_PRIVATE . 'circuit-apps/');
// include general fuctions
include_once DIR_INCLUDES . 'functions.php';
// EVENTUALLY INTEGRATE THIS FILE INTO THIS PAGE
// get rid of stupid errors.
if (!defined('IN_PHPBB')) {
define('IN_PHPBB', true);
}
// This will NOT report uninitialized variables
if (SC::isEmpty('board_config.report_errors')) {
error_reporting(E_ERROR | E_WARNING | E_PARSE);
} else {
error_reporting(E_ALL);
ini_set('report_errors', 1);
// ini_set('display_errors', 1);
}
//
// Obtain and encode users IP
$user_ip_address = get_user_ip();
define('USER_IP', encode_ip($user_ip_address));
SC::setGlobal('user_ip', USER_IP);
// not sure if we still need this but just trying to keep consistent.
// i converted to string replace instead of preg_match then preg_replace.
// still not sure we need it tho.
foreach ($_SERVER as $key => $ex_check) {
if (is_string($ex_check)) {
$_SERVER[$key] = str_replace(array('"', "'"), '', $ex_check);
}
}
// becuase register_globals is turned off...
// $PHP_SELF doesn't work anymore...
// so, we have to force it to work for bw compatibility.
// as soon as possible, remove this!
SC::setGlobal('PHP_SELF', $_SERVER['PHP_SELF']);
// start output buffering
buffer_browser_output();
}
if ($x_ip === $_GET['ip']) {
if (!$bb_cfg['allow_internal_ip'] && preg_match("#^(10|172\\.16|192\\.168)\\.#", $x_ip)) {
break;
}
$ip = $x_ip;
break;
}
}
}
}
// Check that IP format is valid
if (!verify_ip($ip)) {
msg_die("Invalid IP: {$ip}");
}
// Convert IP to HEX format
$ip_sql = encode_ip($ip);
// Peer unique id
$peer_hash = md5(rtrim($info_hash, ' ') . $passkey . $ip . $port);
// Get cached peer info from previous announce (last peer info)
$lp_info = CACHE('tr_cache')->get(PEER_HASH_PREFIX . $peer_hash);
if (DBG_LOG) {
dbg_log(' ', '$lp_info-get_from-CACHE-' . ($lp_info ? 'hit' : 'miss'));
}
// Drop fast announce
if ($lp_info && (!isset($event) || $event !== 'stopped')) {
drop_fast_announce($lp_info);
}
// Functions
function drop_fast_announce($lp_info)
{
global $announce_interval;
function convert_comment($comment)
{
$post_text = prepare_message($comment['text'], true, true);
$post_data = array("posts" => array("post_id" => $comment['id'], "topic_id" => $comment['torrent'], "forum_id" => $comment['category'], "poster_id" => $comment['user'], "post_time" => $comment['added'], "poster_ip" => encode_ip($comment['ip']), "post_edit_time" => $comment['editedat'], "post_edit_count" => $comment['editedat'] ? 1 : 0), "posts_text" => array("post_id" => $comment['id'], "post_text" => $post_text));
tp_add_post($post_data);
return;
}
}
$ip_2_counter++;
}
$ip_1_counter++;
}
} else {
if (preg_match("/^([\\w\\-_]\\.?){2,}\$/is", trim($ip_list_temp[$i]))) {
$ip = gethostbynamel(trim($ip_list_temp[$i]));
for ($j = 0; $j < count($ip); $j++) {
if (!empty($ip[$j])) {
$ip_list[] = encode_ip($ip[$j]);
}
}
} else {
if (preg_match("/^([0-9]{1,3})\\.([0-9\\*]{1,3})\\.([0-9\\*]{1,3})\\.([0-9\\*]{1,3})\$/", trim($ip_list_temp[$i]))) {
$ip_list[] = encode_ip(str_replace("*", "255", trim($ip_list_temp[$i])));
}
}
}
}
}
$email_list = array();
if (isset($HTTP_POST_VARS['ban_email'])) {
$email_list_temp = explode(",", $HTTP_POST_VARS['ban_email']);
for ($i = 0; $i < count($email_list_temp); $i++) {
//
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
//
if (eregi("^(([[:alnum:]\\*]+([-_.][[:alnum:]\\*]+)*\\.?)|(\\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\\.){1,3}([[:alnum:]]{2,6})\$", trim($email_list_temp[$i]))) {
/**
* Update a PM
* @since Version 3.3
* @version 3.3
* @return boolean
*/
public function commit()
{
if (!filter_var($this->id, FILTER_VALIDATE_INT)) {
throw new Exception("Cannot commit changes to PM - PM does not exist!");
}
$this->validate();
// Theoretically nothing but the type should change. I'll leave the rest in for now...
$dataArray = array();
$dataArray['privmsgs_type'] = $this->type;
$dataArray['privmsgs_subject'] = $this->subject;
$dataArray['privmsgs_from_userid'] = $this->from_user_id;
$dataArray['privmsgs_to_userid'] = $this->to_user_id;
$dataArray['privmsgs_ip'] = encode_ip($_SERVER['REMOTE_ADDR']);
$dataArray['privmsgs_enable_bbcode'] = $this->enable_bbcode;
$dataArray['privmsgs_enable_html'] = $this->enable_html;
$dataArray['privmsgs_enable_smilies'] = $this->enable_smilies;
$dataArray['privmsgs_attach_sig'] = $this->enable_signature;
$dataArray['hide_from'] = $this->hide_from;
$dataArray['hide_to'] = $this->hide_to;
if (filter_var($this->id, FILTER_VALIDATE_INT)) {
// Update
$where = array("privmsgs_id = ?" => $this->id);
$this->db->update("nuke_bbprivmsgs", $dataArray, $where);
$data = array('privmsgs_bbcode_uid' => $this->bbcode_uid, 'privmsgs_text' => $this->body);
$where = array("privmsgs_text_id = ?" => $this->id);
$this->db->update("nuke_bbprivmsgs_text", $data, $where);
$this->Memcached->delete($this->mckey);
return true;
} else {
// Insert
$this->db->insert("nuke_bbprivmsgs", $dataArray);
$this->id = $this->db->lastInsertId();
$data = array('privmsgs_bbcode_uid' => $this->bbcode_uid, 'privmsgs_text' => $this->body, 'privmsgs_text_id' => $this->id);
$this->db->insert("nuke_bbprivmsgs_text", $data);
return true;
}
}
// Saves users name for next time. Expires in a year
setcookie("forumUser", $forumUser, time() + 31556926, '/');
// Send push notifications
// if ($forumId == 1)
// notificationEveryone();
// $postAssocArray = mysql2AssocArray(mysqli_fetch_array($newPostResult), MYSQLI_ASSOC); // Get post just submitted in all it's properly formatted glory
// Send email
// $emailId = ($postAssocArray['parentPostId'] == 0)? $postAssocArray['id'] : $postAssocArray['parentPostId'];
// emailPost($emailId, $postAssocArray['forumUser'], $postAssocArray['forumMessage']);
// Send formatted post to client
$postData = posts2send($newPostResult);
// var_dump($postData);
returnJSON('post', $postData);
} else {
if ($_POST['action'] == 'editPost') {
$clientIp = $_SERVER['REMOTE_ADDR'] == '::1' ? '00000000' : encode_ip($_SERVER['REMOTE_ADDR']);
$forumId = mysqli_real_escape_string($db, $_POST['forumId']);
$postId = mysqli_real_escape_string($db, $_POST['postId']);
$usersForumId = mysqli_real_escape_string($db, $_COOKIE['usersForumId']);
$forumUser = mysqli_real_escape_string($db, $_POST['forumUser']);
$forumMessage = mysqli_real_escape_string($db, htmlentities($_POST['forumMessage']));
$forumMessage = $emojione->toShort($forumMessage);
$postTime = time();
// Check for spam
checkSpam($clientIp, $forumUser, $forumMessage);
// Copy previous post to deleted forum
$backupSQL = "INSERT INTO `forum_posts`(`parent_id`, `forum`, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2`)\n SELECT `parent_id`, 0, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2` FROM `forum_posts` WHERE `id` = {$postId}";
$updateSQL = "UPDATE `forum_posts` SET `message` = '{$forumMessage}', `ipaddress` = '{$clientIp}' WHERE `id` = {$postId}";
if (!mysqli_query($db, $backupSQL) || !mysqli_query($db, $updateSQL)) {
$errorData = mysqli_error($db);
returnJSON('error', $errorData);
}
$ip_2_counter++;
}
$ip_1_counter++;
}
} else {
if (preg_match('/^([\\w\\-_]\\.?){2,}$/is', trim($ip_list_temp[$i]))) {
$ip = gethostbynamel(trim($ip_list_temp[$i]));
for ($j = 0; $j < count($ip); $j++) {
if (!empty($ip[$j])) {
$ip_list[] = encode_ip($ip[$j]);
}
}
} else {
if (preg_match('/^([0-9]{1,3})\\.([0-9\\*]{1,3})\\.([0-9\\*]{1,3})\\.([0-9\\*]{1,3})$/', trim($ip_list_temp[$i]))) {
$ip_list[] = encode_ip(str_replace('*', '255', trim($ip_list_temp[$i])));
}
}
}
}
}
$email_list = array();
if (isset($HTTP_POST_VARS['ban_email'])) {
$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);
for ($i = 0; $i < count($email_list_temp); $i++) {
//
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
//
if (preg_match('#^(([a-z0-9&.-_+])|(\\*))+@[a-z0-9\\-]+\\.([a-z0-9\\-]+\\.)*?[a-z]+$#is', trim($email_list_temp[$i]))) {
function adr_item_quest_cheat_notification($user_id, $cheat_type)
{
echo 'DEBUG: cheat';
global $board_config, $userdata, $adr_general, $adr_user, $lang, $db, $phpEx, $table_prefix, $HTTP_SERVER_VARS, $HTTP_ENV_VARS;
$adr_ban_punishment = false;
if ($board_config['zone_cheat_auto_ban_adr']) {
$sql = "UPDATE " . USERS_TABLE . "\r\n\t\t\t\tSET user_adr_ban = '1'\r\n\t\t\t\tWHERE user_id = '{$user_id}'";
$result = $db->sql_query($sql);
if (!$result) {
message_die(GENERAL_ERROR, "Couldn't UPDATE ADR User Ban", "", __LINE__, __FILE__, $sql);
}
$cheat_punishment = '1~';
$adr_ban_punishment = true;
} else {
$cheat_punishment = '0~';
}
$board_ban_punishment = false;
if ($board_config['zone_cheat_auto_ban_board']) {
$sql = "SELECT *\r\n\t\t\t\tFROM " . BANLIST_TABLE;
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);
}
$current_banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$kill_session_sql = '';
$in_banlist = false;
for ($j = 0; $j < count($current_banlist); $j++) {
if ($user_id == $current_banlist[$j]['ban_userid']) {
$in_banlist = true;
}
}
if (!$in_banlist) {
$kill_session_sql .= ($kill_session_sql != '' ? ' OR ' : '') . "session_user_id = " . $user_id;
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)\r\n\t\t\t\t\tVALUES (" . $user_id . ")";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
}
if ($kill_session_sql != '') {
$sql = "DELETE FROM " . SESSIONS_TABLE . "\r\n\t\t\t\t\tWHERE {$kill_session_sql}";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
}
$cheat_punishment .= '1~';
$board_ban_punishment = true;
} else {
$cheat_punishment .= '0~';
}
$jail_punishment = false;
if ($board_config['zone_cheat_auto_jail']) {
include_once $phpbb_root_path . 'adr/includes/adr_functions_jail.' . $phpEx;
define('ADR_JAIL_USERS_TABLE', $table_prefix . 'adr_jail_users');
$time_day = intval($board_config['zone_cheat_auto_time_day']);
$time_hour = intval($board_config['zone_cheat_auto_time_hour']);
$time_minute = intval($board_config['zone_cheat_auto_time_minute']);
$caution = intval($board_config['zone_cheat_auto_caution']);
$cautionable = intval($board_config['zone_cheat_auto_cautionable']);
$freeable = intval($board_config['zone_cheat_auto_freeable']);
$punishment = intval($board_config['zone_cheat_auto_punishment']);
$sentence = sprintf($lang['Adr_zone_cell_sentence_example'], $cheat_type);
adr_cell_imprison_user($user_id, $time_day, $time_hour, $time_minute, $caution, $cautionable, $freeable, $sentence, $punishment);
$jail_term = $lang['Adr_zone_cheat_log_imprisoned_for'];
if ($time_day) {
if ($time_day > 1) {
$jail_term .= $time_day . $lang['Adr_zone_cheat_log_days'];
} else {
$jail_term .= $time_day . $lang['Adr_zone_cheat_log_day'];
}
}
if ($time_hour) {
if ($time_day) {
if ($time_minute) {
$jail_term .= ', ';
} else {
$jail_term .= $lang['Adr_zone_cheat_log_and'];
}
}
if ($time_hour > 1) {
$jail_term .= $time_hour . $lang['Adr_zone_cheat_log_hours'];
} else {
$jail_term .= $time_hour . $lang['Adr_zone_cheat_log_hour'];
}
}
if ($time_minute) {
if ($time_hour && $time_day) {
$jail_term .= $lang['Adr_zone_cheat_log_comma_and'];
} else {
if (!$time_hour && $time_day || $time_hour && !$time_day) {
$jail_term .= $lang['Adr_zone_cheat_log_and'];
}
}
if ($time_minute > 1) {
$jail_term .= $time_hour . $lang['Adr_zone_cheat_log_minutes'];
} else {
$jail_term .= $time_hour . $lang['Adr_zone_cheat_log_minute'];
}
}
$cheat_punishment .= '1~' . $jail_term;
$jail_punishment = true;
} else {
$cheat_punishment .= '0~';
}
$cheat_public = '0';
if (!$board_config['zone_cheat_auto_ban_adr'] && !$board_config['zone_cheat_auto_ban_board'] && !$board_config['zone_cheat_auto_jail']) {
$cheat_punishment = '';
$current_punishments = '';
} else {
$current_punishments = '';
if ($adr_ban_punishment) {
$current_punishments .= $lang['Adr_zone_cheat_log_banned_adr'];
}
if ($board_ban_punishment) {
if ($adr_ban_punishment) {
if ($jail_punishment) {
$current_punishments .= sprintf($lang['Adr_zone_cheat_log_comma_and_sprintf'], $lang['Adr_zone_cheat_log_banned_board']);
} else {
$current_punishments .= sprintf($lang['Adr_zone_cheat_log_and_sprintf'], $lang['Adr_zone_cheat_log_banned_board']);
}
} else {
$current_punishments .= $lang['Adr_zone_cheat_log_banned_board'];
}
}
if ($jail_punishment) {
if ($adr_ban_punishment) {
if ($board_ban_punishment) {
$current_punishments .= sprintf($lang['Adr_zone_cheat_log_comma_and_sprintf'], $jail_term);
} else {
$current_punishments .= sprintf($lang['Adr_zone_cheat_log_and_sprintf'], $jail_term);
}
} else {
$current_punishments .= $jail_term;
}
}
$current_punishments = sprintf($lang['Adr_zone_cheat_log_punishment'], $current_punishments);
}
$cheat_public = $board_config['zone_cheat_auto_public'];
$pm_members = explode(',', $board_config['zone_cheat_member_pm']);
$port = $board_config['server_port'] == '80' ? '' : ':' . $board_config['server_port'];
$profile = 'http://' . $board_config['server_name'] . $port . $board_config['script_path'] . 'profile.php?mode=viewprofile&u=' . $user_id;
$subject = sprintf($lang['Adr_zone_npc_cheating_pm_subject'], $userdata['username']);
$message = sprintf($lang['Adr_zone_npc_cheating_pm_message'], $userdata['username'], $adr_user['character_name'], $cheat_type, $current_punishments, $profile);
for ($i = 0; $i < count($pm_members); $i++) {
adr_send_pm($pm_members[$i], $subject, $message);
}
$ip = !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : (!empty($HTTP_ENV_VARS['REMOTE_ADDR']) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR'));
$sql = "INSERT INTO " . ADR_CHEAT_LOG_TABLE . "\r\n\t\t\tVALUES ('', '" . encode_ip($ip) . "', '" . $cheat_type . "', '" . time() . "', '{$user_id}', '{$cheat_punishment}', '{$cheat_public}' )";
$db->sql_query($sql);
adr_previous(Adr_zone_npc_cheating, adr_zones, '');
}
include $phpbb_root_path . 'includes/sessions.' . $phpEx;
include $phpbb_root_path . 'includes/auth.' . $phpEx;
include $phpbb_root_path . 'includes/functions.' . $phpEx;
include $phpbb_root_path . 'includes/db.' . $phpEx;
// We do not need this any longer, unset for safety purposes
unset($dbpasswd);
//
// Obtain and encode users IP
//
// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
// private range IP's appearing instead of the guilty routable IP, tough, don't
// even bother complaining ... go scream and shout at the idiots out there who feel
// "clever" is doing harm rather than good ... karma is a great thing ... :)
//
$client_ip = !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : (!empty($HTTP_ENV_VARS['REMOTE_ADDR']) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR'));
$user_ip = encode_ip($client_ip);
//
// Setup forum wide options, if this fails
// then we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *\n\tFROM " . CONFIG_TABLE;
if (!($result = $db->sql_query($sql))) {
message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
}
while ($row = $db->sql_fetchrow($result)) {
$board_config[$row['config_name']] = $row['config_value'];
}
include $phpbb_root_path . 'attach_mod/attachment_mod.' . $phpEx;
if (file_exists('install') || file_exists('contrib')) {
message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');
</td>
</tr>';
}
echo '
</tbody>
<tfoot>
<tr>
<td>' . $tableFooter . '
</td>
</tr>
</tfoot>
</table>';
} else {
addHeader();
// Check to see if the user has already voted on this poll
$user_ip = encode_ip($_SERVER['REMOTE_ADDR']);
// encode users ip for database check
$existing_voters = mysqli_query($db, "SELECT * FROM poll_voters WHERE poll='{$poll}' AND ip='{$user_ip}' LIMIT 1");
$tableFooter = '';
if (mysqli_num_rows($existing_voters) == 0) {
// Not voted yet
$tableFooter = '<input class="btn btn-primary" type="submit" name="vote" title="You only get one" value="Cast Vote" />';
} else {
// Aleady voted
$tableFooter = '
<input disabled class="btn btn-primary disabled" type="submit" name="vote" title="You\'ve already voted" value="Cast Vote" />
<a class="btn btn-default" href="polls/results/' . $currentpoll['id'] . '">View Results</a>';
}
echo '
<h2>
Vote
