function forum_check_password($forum_fid)
{
if (!is_numeric($forum_fid)) {
return false;
}
$webtag = get_webtag();
if (!($forum_passhash = forum_get_password($forum_fid))) {
return true;
}
$forum_passhash_check = session::get_value("{$webtag}_PASSWORD");
if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) {
$forum_passhash_check = md5($_POST['forum_password']);
}
if ($forum_passhash == $forum_passhash_check) {
session::set_value("{$webtag}_PASSWORD", $forum_passhash_check);
return true;
}
html_draw_top(sprintf("title=%s", gettext("Password Protected Forum")));
echo "<h1>", gettext("Password Protected Forum"), "</h1>\n";
if (session::get_value("{$webtag}_PASSWORD")) {
html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center');
}
if ($password_protected_message = forum_get_setting('password_protected_message')) {
echo fix_html($password_protected_message);
} else {
html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center');
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo " <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
echo form_input_hidden_array($_POST);
}
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"400\">\n";
echo " <tr>\n";
echo " <td class=\"posthead\" align=\"center\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <table class=\"posthead\" width=\"90%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">", gettext("Password"), ":</td>\n";
echo " <td align=\"left\">", form_input_password('forum_password', '', 40, false, ''), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\" colspan=\"2\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">", form_submit("logon", gettext("Logon")), " ", form_submit("cancel", gettext("Cancel")), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) {
html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center');
}
echo " </form>\n";
echo "</div>\n";
html_draw_bottom();
exit;
}
function logon_draw_form($logon_options)
{
$webtag = get_webtag();
forum_check_webtag_available($webtag);
// Make sure logon form argument is valid.
if (!is_numeric($logon_options)) {
$logon_options = LOGON_FORM_DEFAULT;
}
// Check for previously failed logon.
if (isset($_GET['logout_success']) && $_GET['logout_success'] == 'true') {
html_display_success_msg(gettext("You have successfully logged out."), '500', 'center');
} else {
if (isset($_GET['logon_failed']) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
html_display_error_msg(gettext("The username or password you supplied is not valid."), '500', 'center');
}
}
// Get the original requested page url.
$request_uri = get_request_uri();
// If the request is for logon.php then we are performing
// a normal login, otherwise potentially a failed session.
if (stristr($request_uri, 'logon.php')) {
echo " <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"", html_get_top_frame_name(), "\">\n";
echo " ", form_csrf_token_field(), "\n";
} else {
echo " <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
echo " ", form_csrf_token_field(), "\n";
}
// Check for any post data that we need to include in the form.
unset($_POST['user_logon'], $_POST['user_password'], $_POST['logon'], $_POST['webtag'], $_POST['register']);
// Add any post data into the form.
if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
echo form_input_hidden_array($_POST);
}
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\">", gettext("Logon"), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
echo " <td align=\"left\">", form_input_text('user_logon', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
echo " <td align=\"left\">", form_input_password('user_password', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
echo " </tr>\n";
if (!($logon_options & LOGON_FORM_HIDE_TICKBOX) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
echo " <tr>\n";
echo " <td align=\"left\" colspan=\"2\"><hr class=\"bhseparatorlogon\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"right\" width=\"90\">", form_checkbox('user_remember', 'Y', null, html_get_cookie('user_logon') && html_get_cookie('user_token')), "</td>\n";
echo " <td align=\"left\"><label for=\"user_remember\">", gettext("Remember me"), "</label></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " <td align=\"left\"><span class=\"bhinputlogon_warning\">", gettext("Not recommended for shared computers"), "</span></td>\n";
echo " </tr>\n";
}
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</form>\n";
echo "<br />\n";
if (!($logon_options & LOGON_FORM_HIDE_LINKS)) {
echo "<hr class=\"bhlogonseparator\" />\n";
if (user_guest_enabled()) {
echo "<form accept-charset=\"utf-8\" name=\"guest\" action=\"logon.php?webtag={$webtag}\" method=\"post\" target=\"", html_get_top_frame_name(), "\">\n";
echo " ", form_csrf_token_field(), "\n";
echo " <p>", sprintf(gettext("Enter as a %s"), form_submit('guest_logon', gettext("Guest"))), "</p>\n";
echo "</form>\n";
}
if (isset($_GET['final_uri']) && strlen(trim($_GET['final_uri'])) > 0) {
$available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
if (preg_match("/^{$available_files_preg}/u", trim($_GET['final_uri'])) > 0) {
$final_uri = href_cleanup_query_keys($_GET['final_uri']);
}
}
if (isset($final_uri)) {
$final_uri = rawurlencode($final_uri);
$register_link = rawurlencode("register.php?webtag={$webtag}&final_uri={$final_uri}");
$forgot_pw_link = rawurlencode("forgot_pw.php?webtag={$webtag}&final_uri={$final_uri}");
echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&final_uri={$register_link}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>") . "</p>\n";
echo "<hr class=\"bhlogonseparator\" />\n";
echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
echo "<p><a href=\"logon.php?webtag={$webtag}&delete_cookie=yes&final_uri={$final_uri}\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
echo "<p><a href=\"index.php?webtag={$webtag}&final_uri={$forgot_pw_link}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
} else {
echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&final_uri=register.php%3Fwebtag%3D{$webtag}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>"), "</p>\n";
echo "<hr class=\"bhlogonseparator\" />\n";
echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
echo "<p><a href=\"logon.php?webtag={$webtag}&delete_cookie=yes\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
echo "<p><a href=\"index.php?webtag={$webtag}&final_uri=forgot_pw.php%3Fwebtag%3D{$webtag}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
}
echo "<hr class=\"bhlogonseparator\" />\n";
echo "<h2>", gettext("Using a mobile device?"), "</h2>\n";
echo "<p><a href=\"index.php?webtag={$webtag}&view=mobile\" target=\"", html_get_top_frame_name(), "\">", gettext("Mobile version"), "</a></p>\n";
}
}
$new_forum_settings['attachment_allow_guests'] = "Y";
} else {
$new_forum_settings['attachment_allow_guests'] = "N";
}
if ($valid) {
$unread_cutoff_stamp = $new_forum_settings['messages_unread_cutoff'];
$previous_unread_cutoff_stamp = forum_get_unread_cutoff();
if (!isset($_POST['confirm_unread_cutoff'])) {
if ($unread_cutoff_stamp > 0 && $previous_unread_cutoff_stamp !== false && $unread_cutoff_stamp != $previous_unread_cutoff_stamp) {
html_draw_top(sprintf('title=%s', gettext("Admin - Global Forum Settings")), 'class=window_title');
echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Global Forum Settings"), "</h1>\n";
echo "<br />\n";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"prefsform\" action=\"admin_default_forum_settings.php\" method=\"post\" target=\"_self\">\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " ", form_input_hidden_array($_POST), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("WARNING"), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
if ($unread_cutoff_stamp > $previous_unread_cutoff_stamp) {
echo " <tr>\n";
function light_html_display_msg($header, $message, $href = null, $method = 'get', array $buttons = array(), array $vars = array())
{
$webtag = get_webtag();
forum_check_webtag_available($webtag);
$available_methods = array('get', 'post');
if (!in_array($method, $available_methods)) {
$method = 'get';
}
if (is_string($href) && strlen(trim($href)) > 0) {
echo "<form accept-charset=\"utf-8\" action=\"{$href}\" method=\"{$method}\">\n";
if ($method == 'post') {
echo form_csrf_token_field(), "\n";
}
echo form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
if (is_array($vars)) {
echo form_input_hidden_array($vars), "\n";
}
}
echo "<div class=\"message_box message_question\">\n";
echo " <h3>", html_style_image('help'), $header, "</h3>\n";
echo " <p>", $message, "</p>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
$button_html_array = array();
if (is_array($buttons) && sizeof($buttons) > 0) {
foreach ($buttons as $button_name => $button_label) {
$button_html_array[] = form_submit(htmlentities_array($button_name), htmlentities_array($button_label));
}
}
if (sizeof($button_html_array) > 0) {
echo "<p>", implode(" ", $button_html_array), "</p>\n";
}
}
echo "</div>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
echo "</form>\n";
}
}
function html_display_msg($header_text, $string_msg, $href = false, $method = 'get', $button_array = false, $var_array = false, $target = "_self", $align = "left", $id = false)
{
$webtag = get_webtag();
if (!is_string($header_text)) {
return;
}
if (!is_string($string_msg)) {
return;
}
$available_methods = array('get', 'post');
if (!in_array($method, $available_methods)) {
$method = 'get';
}
$available_alignments = array('left', 'center', 'right');
if (!in_array($align, $available_alignments)) {
$align = 'left';
}
echo "<h1>{$header_text}</h1>\n";
echo "<br />\n";
if (is_string($href) && strlen(trim($href)) > 0) {
echo "<form accept-charset=\"utf-8\" action=\"{$href}\" method=\"{$method}\" target=\"{$target}\">\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
if (is_array($var_array)) {
echo " ", form_input_hidden_array($var_array), "\n";
}
}
echo " <div align=\"{$align}\"", !is_bool($id) ? " id=\"{$id}\"" : "", ">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\" class=\"message_box\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\">{$header_text}</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">{$string_msg}</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
$button_html_array = array();
if (is_array($button_array) && sizeof($button_array) > 0) {
foreach ($button_array as $button_name => $button_label) {
$button_html_array[] = form_submit(htmlentities_array($button_name), htmlentities_array($button_label));
}
}
if (sizeof($button_html_array) > 0) {
echo " <tr>\n";
echo " <td align=\"center\">", implode(" ", $button_html_array), "</td>\n";
echo " </tr>\n";
}
}
echo " </table>\n";
echo " </div>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
echo "</form>\n";
}
}
function light_html_display_msg($header_text, $string_msg, $href = false, $method = 'get', $button_array = false, $var_array = false, $target = "_self")
{
$webtag = get_webtag();
$available_methods = array('get', 'post');
if (!in_array($method, $available_methods)) {
$method = 'get';
}
if (is_string($href) && strlen(trim($href)) > 0) {
echo "<form accept-charset=\"utf-8\" action=\"{$href}\" method=\"{$method}\" target=\"{$target}\">\n";
echo form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
if (is_array($var_array)) {
echo form_input_hidden_array($var_array), "\n";
}
}
echo "<div class=\"message_box message_question\">\n";
echo " <h3>", $header_text, "</h3>\n";
echo " <p>", $string_msg, "</p>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
$button_html_array = array();
if (is_array($button_array) && sizeof($button_array) > 0) {
foreach ($button_array as $button_name => $button_label) {
$button_html_array[] = form_submit(htmlentities_array($button_name), htmlentities_array($button_label));
}
}
if (sizeof($button_html_array) > 0) {
echo "<p>", implode(" ", $button_html_array), "</p>\n";
}
}
echo "</div>\n";
if (is_string($href) && strlen(trim($href)) > 0) {
echo "</form>\n";
}
}
function bh_exception_handler(Exception $exception)
{
$config = server_get_config();
if (isset($config['error_report_verbose']) && $config['error_report_verbose'] == true) {
$error_report_verbose = true;
} else {
$error_report_verbose = false;
}
cache_disable();
while (@ob_end_clean()) {
}
ob_start();
ob_implicit_flush(0);
bh_error_send_email($exception);
$error_msg_array = bh_error_process($exception);
$error_log_message = sprintf('BEEHIVE_ERROR: %s', strip_tags(implode(". ", $error_msg_array)));
@error_log($error_log_message);
header_status(500, 'Internal Server Error');
if ($exception->getCode() == MYSQL_ERROR_NO_SUCH_TABLE || $exception->getCode() == MYSQL_ERROR_WRONG_COLUMN_NAME) {
if (function_exists('install_incomplete') && !defined('BEEHIVE_DEVELOPER_MODE')) {
install_incomplete();
}
}
if (preg_match('/include|include_once/u', $exception->getMessage()) > 0) {
if (function_exists('install_missing_files') && !defined('BEEHIVE_DEVELOPER_MODE')) {
install_missing_files();
}
}
$forum_path = server_get_forum_path();
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"utf-8\" lang=\"en\" dir=\"ltr\">\n";
echo "<head>\n";
echo "<title>Beehive Forum - Error Handler</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo "<link rel=\"icon\" href=\"images/favicon.ico\" type=\"image/ico\" />\n";
echo "<link rel=\"stylesheet\" href=\"", $forum_path, "/styles/default/style.css?", md5(uniqid(rand())), "\" type=\"text/css\" />\n";
echo "</head>\n";
echo "<body>\n";
echo "<h1>Error</h1>\n";
echo "<br />\n";
if (defined('BEEHIVEMODE_LIGHT') && !defined('BEEHIVE_DEVELOPER_MODE')) {
echo '<p>An error has occured. Please wait a few moments before trying again.</p>';
echo '<p>Details of the error have been saved to the default error log.</p>';
if (isset($error_report_verbose) && $error_report_verbose == true) {
echo '<p>When reporting a bug in Project Beehive or when requesting support please include the details below.</p>';
echo "<table cellpadding=\"0\" cellspacing=\"0\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<p>", implode("</p><p>", $error_msg_array), "</p>\n";
}
} else {
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"f_error\" method=\"post\" action=\"\" target=\"_self\">\n";
echo " ", form_input_hidden_array($_POST), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"postbody\">An error has occured. Please wait a few moments and then click the Retry button below. Details of the error have been saved to the default error log.</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
if (isset($error_report_verbose) && $error_report_verbose == true || defined('BEEHIVE_DEVELOPER_MODE')) {
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error Details</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">When reporting a bug in Project Beehive or when requesting support please include the details below.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td>\n";
echo " <div class=\"error_handler_details\">", implode("\n", $error_msg_array), "</div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
}
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"center\"><input class=\"button\" type=\"submit\" name=\"", md5(uniqid(mt_rand())), "\" value=\"Retry\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</form>\n";
echo "</div>\n";
}
echo "</body>\n";
echo "</html>\n";
exit;
}
function admin_check_credentials()
{
$webtag = get_webtag();
if (($admin_timeout = session::get_value('ADMIN_TIMEOUT')) && $admin_timeout > time()) {
session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
return true;
}
if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) {
$admin_logon = $_POST['admin_logon'];
$admin_password = $_POST['admin_password'];
if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == session::get_value('UID')) {
session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
return true;
} else {
html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center');
}
}
html_draw_top();
if (isset($error_message) && strlen(trim($error_message)) > 0) {
html_display_error_msg($error_message, '500', 'center');
}
if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center');
} else {
html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center');
}
echo "<div align=\"center\">\n";
echo " <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
echo form_input_hidden_array($_POST);
}
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
echo " <td align=\"left\">", form_input_text('admin_logon', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
echo " <td align=\"left\">", form_input_password('admin_password', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </form>\n";
echo "</div>\n";
html_draw_bottom();
exit;
}
