Example #1
0
function get_path_info()
{
    if (isset($_SERVER['PATH_INFO']) && !empty($_SERVER['PATH_INFO'])) {
        return $_SERVER['PATH_INFO'];
    } else {
        return urldecode(get_slashed_argument(get_request_uri(), 'backends/download.php'));
    }
}
Example #2
0
 static function redirectToI18nUrl()
 {
     $uri = get_request_uri();
     $pos = strpos($uri, "/" . get_sub_root() . get_language());
     if ($pos === false || $pos !== false && $pos != 0) {
         $uri = get_request_uri(false);
         $uri = preg_replace('/\\/' . str_replace('/', '\\/', get_sub_root()) . '/', get_language() . '/', $uri, 1);
         HTML::forward($uri);
     }
 }
Example #3
0
function html_guest_error()
{
    $frame_top_target = html_get_top_frame_name();
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    $final_uri = sprintf("logon.php?webtag=%s&final_uri=%s", $webtag, rawurlencode(get_request_uri(true, false)));
    $available_popup_files_preg = implode("|^", array_map('preg_quote_callback', get_available_popup_files()));
    $available_support_pages_preg = implode("|^", array_map('preg_quote_callback', get_available_support_files()));
    if (preg_match("/^{$available_popup_files_preg}/", $final_uri) > 0) {
        html_draw_error(gettext("Sorry, you need to be logged in to use this feature."), null, 'post', array('close_popup' => gettext("Close")));
    } else {
        if (preg_match("/^{$available_support_pages_preg}/", $final_uri) > 0) {
            html_draw_error(gettext("Sorry, you need to be logged in to use this feature."));
        } else {
            html_draw_error(gettext("Sorry, you need to be logged in to use this feature."), html_get_forum_file_path('logout.php'), 'post', array('submit' => gettext("Login now"), 'register' => gettext("Register")), array('final_uri' => $final_uri), $frame_top_target);
        }
    }
}
            }
        } else {
            echo "                   <td class=\"postbody\" align=\"left\" width=\"200\">", gettext("Unknown"), "</td>\n";
        }
        if (isset($visitor['REFERER']) && strlen(trim($visitor['REFERER'])) > 0) {
            $visitor['REFERER_FULL'] = $visitor['REFERER'];
            if (!($visitor['REFERER'] = split_url($visitor['REFERER']))) {
                if (mb_strlen($visitor['REFERER_FULL']) > 25) {
                    $visitor['REFERER'] = mb_substr($visitor['REFERER_FULL'], 0, 25);
                    $visitor['REFERER'] .= "&hellip;";
                }
            }
            if (referer_is_banned($visitor['REFERER'])) {
                echo "                   <td class=\"posthead\" align=\"left\" style=\"white-space: nowrap\">&nbsp;<a href=\"admin_banned.php?webtag={$webtag}&amp;unban_referer=", rawurlencode($visitor['REFERER_FULL']), "&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" title=\"{$visitor['REFERER_FULL']}\">{$visitor['REFERER']}</a>&nbsp;<a href=\"{$visitor['REFERER_FULL']}\" target=\"_blank\"><img src=\"", html_style_image('link.png'), "\" border=\"0\" align=\"top\" alt=\"", gettext("External Link"), "\" title=\"", gettext("External Link"), "\" /></a>&nbsp;(", gettext("Banned"), ")</td>\n";
            } else {
                echo "                   <td class=\"posthead\" align=\"left\" style=\"white-space: nowrap\">&nbsp;<a href=\"admin_banned.php?webtag={$webtag}&amp;ban_referer=", rawurlencode($visitor['REFERER_FULL']), "&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" title=\"{$visitor['REFERER_FULL']}\">{$visitor['REFERER']}</a>&nbsp;<a href=\"{$visitor['REFERER_FULL']}\" target=\"_blank\"><img src=\"", html_style_image('link.png'), "\" border=\"0\" align=\"top\" alt=\"", gettext("External Link"), "\" title=\"", gettext("External Link"), "\" /></a></td>\n";
            }
        } else {
            echo "                   <td class=\"posthead\" align=\"left\" style=\"white-space: nowrap\">&nbsp;", gettext("Unknown"), "</td>\n";
        }
        echo "                 </tr>\n";
    }
}
echo "                 <tr>\n";
echo "                   <td align=\"left\" class=\"postbody\">&nbsp;</td>\n";
echo "                 </tr>\n";
echo "               </table>\n";
echo "             </td>\n";
echo "           </tr>\n";
echo "         </table>\n";
echo "      </td>\n";
Example #5
0
function forum_check_password($forum_fid)
{
    if (!is_numeric($forum_fid)) {
        return false;
    }
    $webtag = get_webtag();
    if (!($forum_passhash = forum_get_password($forum_fid))) {
        return true;
    }
    $forum_passhash_check = session::get_value("{$webtag}_PASSWORD");
    if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) {
        $forum_passhash_check = md5($_POST['forum_password']);
    }
    if ($forum_passhash == $forum_passhash_check) {
        session::set_value("{$webtag}_PASSWORD", $forum_passhash_check);
        return true;
    }
    html_draw_top(sprintf("title=%s", gettext("Password Protected Forum")));
    echo "<h1>", gettext("Password Protected Forum"), "</h1>\n";
    if (session::get_value("{$webtag}_PASSWORD")) {
        html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center');
    }
    if ($password_protected_message = forum_get_setting('password_protected_message')) {
        echo fix_html($password_protected_message);
    } else {
        html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center');
    }
    echo "<br />\n";
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"400\">\n";
    echo "            <tr>\n";
    echo "              <td class=\"posthead\" align=\"center\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"90%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\">", gettext("Password"), ":</td>\n";
    echo "                    <td align=\"left\">", form_input_password('forum_password', '', 40, false, ''), "</td>\n";
    echo "                  </tr>\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\">", form_submit("logon", gettext("Logon")), "&nbsp;", form_submit("cancel", gettext("Cancel")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) {
        html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center');
    }
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}
Example #6
0
             echo "                        <td align=\"left\"><a href=\"admin_banned.php?webtag={$webtag}&amp;ban_referer=", rawurlencode($user['SESSION_REFERER_FULL']), "&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" title=\"{$user['SESSION_REFERER_FULL']}\">{$user['SESSION_REFERER']}</a>&nbsp;<a href=\"{$user['SESSION_REFERER_FULL']}\" target=\"_blank\"><img src=\"", html_style_image('link.png'), "\" border=\"0\" align=\"top\" alt=\"", gettext("External Link"), "\" title=\"", gettext("External Link"), "\" /></a></td>\n";
             echo "                      </tr>\n";
         }
     } else {
         echo "                      <tr>\n";
         echo "                        <td align=\"left\" width=\"150\">", gettext("Session Referer"), "</td>\n";
         echo "                        <td align=\"left\">", gettext("Unknown"), "</td>\n";
         echo "                      </tr>\n";
     }
     echo "                      <tr>\n";
     echo "                        <td align=\"left\" width=\"150\">", gettext("Last IP Address"), ":</td>\n";
     if (ip_is_banned($user['IPADDRESS'])) {
         echo "                        <td align=\"left\"><a href=\"admin_banned.php?webtag={$webtag}&amp;unban_ipaddress={$user['IPADDRESS']}&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" target=\"_self\">{$user['IPADDRESS']}</a> (", gettext("Banned"), ")</td>\n";
     } else {
         if (strlen(trim($user['IPADDRESS'])) > 0) {
             echo "                        <td align=\"left\"><a href=\"admin_banned.php?webtag={$webtag}&amp;ban_ipaddress={$user['IPADDRESS']}&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" target=\"_self\">{$user['IPADDRESS']}</a></td>\n";
         } else {
             echo "                        <td align=\"left\">", gettext("Unknown"), "</td>\n";
         }
     }
     echo "                      </tr>\n";
 }
 echo "                    </table>\n";
 echo "                  </td>\n";
 echo "                </tr>\n";
 echo "                <tr>\n";
 echo "                  <td align=\"left\">&nbsp;</td>\n";
 echo "                </tr>\n";
 echo "              </table>\n";
 echo "            </td>\n";
 echo "          </tr>\n";
Example #7
0
                light_html_display_msg(gettext("Successfully created user account"), gettext("Your user account has been created successfully! Click the continue button below to login"), 'index.php', 'get', array('continue' => gettext("Continue")), array('final_uri' => $final_uri));
                light_html_draw_bottom();
                exit;
            }
        } else {
            $error_msg_array[] = gettext("Error creating user record");
            $valid = false;
        }
    }
}
light_html_draw_top(array('title' => gettext('User Registration'), 'js' => array('js/register.js')));
light_navigation_bar();
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
    light_html_display_error_array($error_msg_array);
}
echo "<form accept-charset=\"utf-8\" name=\"form_register\" action=\"", get_request_uri(), "\" method=\"post\" target=\"_self\">\n";
echo "  ", form_csrf_token_field(), "\n";
echo "<div class=\"register\">\n";
echo "<h3>", gettext("Register"), "</h3>\n";
echo "<div class=\"register_inner\">\n";
if (isset($user_agree_rules) && $user_agree_rules == 'Y') {
    echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "  ", form_input_hidden('user_agree_rules', htmlentities_array($user_agree_rules)), "\n";
    echo "  <div class=\"register_username\"><span>", gettext("Username"), ":</span>", light_form_input_text("user_logon", null, 20, 15) . "</div>\n";
    echo "  <div class=\"register_password\"><span>", gettext("Password"), ":</span>", light_form_input_password("user_password", null, 20, 32), "</div>\n";
    echo "  <div class=\"register_password\"><span>", gettext("Confirm Password"), ":</span>", light_form_input_password("user_password", null, 20, 32), "</div>\n";
    echo "  <div class=\"register_nickname\"><span>", gettext("Nickname"), ":</span>", light_form_input_text("nickname", null, 20, 32), "</div>\n";
    echo "  <div class=\"register_email\"><span>", gettext("Email"), ":</span>", light_form_input_text("email", null, 20, 32), "</div>\n";
    echo "  <div class=\"register_dob\"><span>", gettext("Date of Birth"), ":</span>\n";
    echo "  ", light_form_dob_dropdowns(isset($new_user_prefs['DOB_YEAR']) ? htmlentities_array($new_user_prefs['DOB_YEAR']) : 0, isset($new_user_prefs['DOB_MONTH']) ? htmlentities_array($new_user_prefs['DOB_MONTH']) : 0, isset($new_user_prefs['DOB_DAY']) ? htmlentities_array($new_user_prefs['DOB_DAY']) : 0, true), "</div>\n";
    if (forum_get_setting('text_captcha_enabled', 'Y') && $text_captcha->generate_keys()) {
Example #8
0
function cforms_scripts()
{
    global $wp_scripts, $localversion;
    ### get options
    $cformsSettings = get_option('cforms_settings');
    $r = $cformsSettings['global']['cforms_root'];
    ### global settings
    $request_uri = get_request_uri();
    if (version_compare(strval($wp_scripts->registered['jquery']->ver), strval("1.4.2")) === -1) {
        wp_deregister_script('jquery');
        wp_register_script('jquery', $r . '/js/jquery.js', false, '1.4.2');
        wp_enqueue_script('jquery');
    }
    ### Add admin styles
    wp_register_style('cforms-admin-style', $r . '/cforms-admin.css');
    wp_enqueue_style('cforms-admin-style');
    if (strpos($request_uri, 'cforms-options') !== false) {
        wp_register_style('calendar-style', $r . '/styling/calendar.css');
        wp_enqueue_style('calendar-style');
        wp_enqueue_script('jquery');
        wp_enqueue_script('jquery-ui-core');
        wp_register_script('cforms_admin_cal', $r . '/js/cformsadmincal.js', false, $localversion);
        wp_enqueue_script('cforms_admin_cal');
    }
    wp_deregister_script('prototype');
    wp_register_script('cforms_interface', $r . '/js/interface.js', false, $localversion);
    wp_register_script('cforms_admin', $r . '/js/cformsadmin.js', false, $localversion);
    wp_enqueue_script('cforms_interface');
    wp_enqueue_script('cforms_admin');
}
Example #9
0
// Correctly set server protocol
set_server_protocol();
// Disable caching if on AOL
cache_disable_aol();
// Disable caching if proxy server detected.
cache_disable_proxy();
// Check that Beehive is installed correctly
check_install();
// Multiple forum support
require_once BH_INCLUDE_PATH . 'forum.inc.php';
// Initialise the session
session::init();
// Perform ban check
ban_check($_SESSION);
// Check to see if user account has been banned.
if (session::user_banned()) {
    light_html_user_banned();
    exit;
}
// Check to see if the user has been approved.
if (!session::user_approved()) {
    light_html_user_require_approval();
    exit;
}
// Get the webtag for the current forum
$webtag = get_webtag();
// Check we have a webtag and have access to the specified forum
if (!forum_check_webtag_available($webtag) || !forum_check_access_level()) {
    $request_uri = rawurlencode(get_request_uri(false));
    header_redirect("lforums.php?webtag_error");
}
Example #10
0
function light_html_guest_error()
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    light_html_draw_error(gettext("Sorry, you need to be logged in to use this feature."), 'llogout.php', 'post', array('login' => gettext("Login now")), array('final_uri' => get_request_uri(true, false)));
}
Example #11
0
function light_poll_display($tid, $msg_count, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_preview = false)
{
    $webtag = get_webtag();
    $total_votes = 0;
    $user_votes = 0;
    $guest_votes = 0;
    $poll_data = poll_get($tid);
    $poll_results = poll_get_votes($tid);
    $user_poll_votes_array = poll_get_user_votes($tid);
    poll_get_total_votes($tid, $total_votes, $user_votes, $guest_votes);
    $request_uri = get_request_uri();
    $poll_display = "<div class=\"poll\">\n";
    $poll_display .= "<form accept-charset=\"utf-8\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
    $poll_display .= form_input_hidden('webtag', htmlentities_array($webtag));
    $poll_display .= form_input_hidden('tid', htmlentities_array($tid));
    if ((!is_array($user_poll_votes_array) || $poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) && (session::get_value('UID') > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) && ($poll_data['CLOSES'] == 0 || $poll_data['CLOSES'] > time()) && !$is_preview) {
        foreach ($poll_results as $question_id => $poll_question) {
            $poll_display .= "<h3>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h3>\n";
            if ($poll_data['OPTIONTYPE'] == POLL_OPTIONS_DROPDOWN) {
                $dropdown_options_array = array_map('poll_dropdown_options_callback', $poll_question['OPTIONS_ARRAY']);
                $poll_display .= light_form_dropdown_array("pollvote[{$question_id}]", $dropdown_options_array);
            } else {
                foreach ($poll_question['OPTIONS_ARRAY'] as $option_id => $option) {
                    if (sizeof($poll_question['OPTIONS_ARRAY']) == 1 || $poll_question['ALLOW_MULTI'] == 'Y') {
                        $poll_display .= light_form_checkbox("pollvote[{$question_id}][{$option_id}]", 'Y', word_filter_add_ob_tags($option['OPTION_NAME']), false);
                    } else {
                        $poll_display .= light_form_radio("pollvote[{$question_id}]", $option_id, word_filter_add_ob_tags($option['OPTION_NAME']), false);
                    }
                }
            }
        }
    } else {
        if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS || $poll_data['CLOSES'] > 0 && $poll_data['CLOSES'] < time()) {
            $poll_display .= "<div class=\"poll_results\">\n";
            foreach ($poll_results as $question_id => $poll_question) {
                $poll_display .= "<h3>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h3>\n";
                $poll_display .= light_poll_graph_display($poll_question['OPTIONS_ARRAY']);
            }
            $poll_display .= "</div>\n";
        } else {
            $poll_display .= "<div class=\"poll_results\">\n";
            foreach ($poll_results as $question_id => $poll_question) {
                $poll_display .= "<h3>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h3>\n";
                foreach ($poll_question['OPTIONS_ARRAY'] as $option_id => $option) {
                    $poll_display .= word_filter_add_ob_tags($option['OPTION_NAME']);
                }
            }
            $poll_display .= "</div>\n";
        }
    }
    if (!$is_preview) {
        $poll_display .= "<div class=\"poll_vote_counts\">" . poll_format_vote_counts($poll_data, $user_votes, $guest_votes) . "</div>\n";
        if ($poll_data['CLOSES'] <= time() && $poll_data['CLOSES'] != 0) {
            $poll_display .= "<div class=\"poll_vote_closed\">" . gettext("Poll has ended") . "</div>\n";
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
            }
        } else {
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
                if ($poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) {
                    $poll_display .= "<div class=\"poll_buttons\">" . light_form_submit('pollsubmit', gettext("Vote")) . "</div>";
                }
                if ($poll_data['CHANGEVOTE'] != POLL_VOTE_CANNOT_CHANGE) {
                    $poll_display .= "<div class=\"poll_buttons\">" . light_form_submit('pollchangevote', gettext("Change vote")) . "</div>\n";
                }
                if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                    $poll_display .= "<div class=\"poll_type_warning\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</div>\n";
                }
            } else {
                if (session::get_value('UID') > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) {
                    $poll_display .= "<div class=\"poll_buttons\">" . light_form_submit('pollsubmit', gettext("Vote")) . "</div>";
                    if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                        $poll_display .= "<div class=\"poll_type_warning\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</div>\n";
                    }
                }
            }
        }
    }
    $poll_display .= "</form>\n";
    $poll_display .= "</div>\n";
    $poll_data['CONTENT'] = $poll_display;
    $poll_data['FROM_RELATIONSHIP'] = user_get_relationship(session::get_value('UID'), $poll_data['FROM_UID']);
    light_message_display($tid, $poll_data, $msg_count, 1, $folder_fid, $in_list, $closed, $limit_text, true, $is_preview);
}
Example #12
0
function admin_check_credentials()
{
    $webtag = get_webtag();
    if (($admin_timeout = session::get_value('ADMIN_TIMEOUT')) && $admin_timeout > time()) {
        session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
        return true;
    }
    if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) {
        $admin_logon = $_POST['admin_logon'];
        $admin_password = $_POST['admin_password'];
        if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == session::get_value('UID')) {
            session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS);
            return true;
        } else {
            html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center');
        }
    }
    html_draw_top();
    if (isset($error_message) && strlen(trim($error_message)) > 0) {
        html_display_error_msg($error_message, '500', 'center');
    }
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center');
    } else {
        html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center');
    }
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <br />\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"100%\">\n";
    echo "            <tr>\n";
    echo "              <td align=\"left\" class=\"posthead\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"center\">\n";
    echo "                      <table class=\"posthead\" width=\"95%\">\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_text('admin_logon', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_password('admin_password', '', 24, 32, '', 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"left\">&nbsp;</td>\n";
    echo "                        </tr>\n";
    echo "                      </table>\n";
    echo "                    </td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}
Example #13
0
function check_pathinfo()
{
    $host = get_host();
    $port = get_port();
    $uri = strtolower(get_schema()) . '://' . get_host() . get_request_uri() . '/pathinfotest?check_path_info=1';
    $content = '';
    $host_addr_arr = array($host, '127.0.0.1', 'localhost');
    foreach ($host_addr_arr as $host_addr) {
        $fp = @fsockopen($host_addr, $port, $errno, $errstr, 2);
        if ($fp) {
            $out = "GET " . $uri . " HTTP/1.1\r\n";
            $out .= "Host: {$host}\r\n";
            $out .= "Connection: close\r\n\r\n";
            fwrite($fp, $out);
            while (!feof($fp) && strlen($content) < 512) {
                $content .= fgets($fp, 128);
            }
            fclose($fp);
        }
        $content = preg_split("\r?\n\r?\n", $content);
        if (strpos($content[1], 'SUPPORT_PATHINFO') !== false) {
            return true;
        }
    }
    if (function_exists('curl_init')) {
        ob_start();
        $fp = curl_init($uri);
        curl_exec($fp);
        curl_close($fp);
        $str = ob_get_contents();
        ob_end_clean();
        return $str == 'SUPPORT_PATHINFO' ? true : false;
    } else {
        return false;
    }
}
Example #14
0
function cache_check_request_throttle($amount)
{
    if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
        return false;
    }
    if (browser_check(BROWSER_AOL)) {
        return false;
    }
    if (headers_sent()) {
        return false;
    }
    $request = get_request_uri();
    if (isset($_SESSION['THROTTLE'][$request]) && $_SESSION['THROTTLE'][$request] > time()) {
        $throttle_timestamp = $_SESSION['THROTTLE'][$request];
    } else {
        $throttle_timestamp = time() + $amount;
    }
    $_SESSION['THROTTLE'][$request] = $throttle_timestamp;
    $etag = md5($_SESSION['UID'] . $_SESSION['LOGON']);
    return cache_check_last_modified($throttle_timestamp, $etag, time() + $amount);
}
Example #15
0
function user_login($login, $password, $user_id, $remember_me, $redirect_page, $make_redirects, &$errors)
{
    global $db, $table_prefix, $settings;
    global $site_id, $multisites_version;
    $is_errors = false;
    $secure_sessions = get_setting_value($settings, "secure_sessions", 0);
    $password_encrypt = get_setting_value($settings, "password_encrypt", 0);
    if ($password_encrypt == 1) {
        $password_match = md5($password);
    } else {
        $password_match = $password;
    }
    // prepare site urls
    $site_url = get_setting_value($settings, "site_url", "");
    $secure_url = get_setting_value($settings, "secure_url", "");
    $sql = " SELECT u.user_id, u.layout_id, u.user_type_id, u.is_approved, ";
    $sql .= " u.login, u.nickname, u.name, u.first_name, u.last_name, u.email, u.total_points, u.credit_balance, ";
    $sql .= " u.discount_type AS user_discount_type, u.discount_amount AS user_discount_amount, ";
    $sql .= " ut.discount_type AS group_discount_type, ut.discount_amount AS group_discount_amount, ";
    $sql .= " u.reward_type AS user_reward_type, u.reward_amount AS user_reward_amount, ";
    $sql .= " ut.reward_type AS group_reward_type, ut.reward_amount AS group_reward_amount, ";
    $sql .= " u.credit_reward_type AS user_credit_reward_type, u.credit_reward_amount AS user_credit_reward_amount, ";
    $sql .= " ut.credit_reward_type AS group_credit_reward_type, ut.credit_reward_amount AS group_credit_reward_amount, ";
    $sql .= " u.registration_last_step, u.registration_total_steps, ";
    $sql .= " ut.is_subscription, u.expiry_date, u.is_sms_allowed, ";
    $sql .= " u.tax_free AS user_tax_free, ut.tax_free AS group_tax_free, ";
    $sql .= " u.order_min_goods_cost AS user_min_goods, u.order_max_goods_cost AS user_max_goods, ";
    $sql .= " ut.order_min_goods_cost AS group_min_goods, ut.order_max_goods_cost AS group_max_goods, ";
    $sql .= " ut.price_type, c.currency_code, u.subscription_id ";
    $sql .= " FROM (((" . $table_prefix . "users u ";
    $sql .= " LEFT JOIN " . $table_prefix . "user_types ut ON u.user_type_id=ut.type_id) ";
    $sql .= " LEFT JOIN " . $table_prefix . "countries c ON u.country_id=c.country_id) ";
    if ($multisites_version) {
        if (isset($site_id)) {
            $sql .= " LEFT JOIN " . $table_prefix . "user_types_sites AS uts ON uts.type_id=ut.type_id)";
            $sql .= " WHERE (ut.sites_all=1 OR uts.site_id=" . $db->tosql($site_id, INTEGER, true, false) . ") AND ";
        } else {
            $sql .= ") WHERE ut.sites_all=1 AND ";
        }
    } else {
        $sql .= ") WHERE ";
    }
    if ($user_id) {
        $sql .= " u.user_id=" . $db->tosql($user_id, INTEGER);
    } else {
        $sql .= " u.login="******" AND u.password="******"user_id");
        //Customization by Vital - wishlist sync
        if ($user_id) {
            sync_wishlist($user_id);
        }
        //END Customization - wishlist sync
        $layout_id = $db->f("layout_id");
        $is_approved = $db->f("is_approved");
        $is_sms_allowed = $db->f("is_sms_allowed");
        $total_points = $db->f("total_points");
        $credit_balance = $db->f("credit_balance");
        $user_tax_free = $db->f("user_tax_free");
        $group_tax_free = $db->f("group_tax_free");
        $tax_free = $user_tax_free || $group_tax_free;
        $order_min_goods_cost = $db->f("user_min_goods");
        if (!strlen($order_min_goods_cost)) {
            $order_min_goods_cost = $db->f("group_min_goods");
        }
        $order_max_goods_cost = $db->f("user_max_goods");
        if (!strlen($order_max_goods_cost)) {
            $order_max_goods_cost = $db->f("group_max_goods");
        }
        // check account expiration date
        $expiry_date = $db->f("expiry_date", DATETIME);
        if (is_array($expiry_date)) {
            $expiry_date_ts = mktime(0, 0, 0, $expiry_date[MONTH], $expiry_date[DAY] + 1, $expiry_date[YEAR]);
        } else {
            $expiry_date_ts = $current_ts;
        }
        $user_type_id = $db->f("user_type_id");
        $is_subscription = $db->f("is_subscription");
        $registration_last_step = $db->f("registration_last_step");
        $registration_total_steps = $db->f("registration_total_steps");
        if ($registration_last_step < $registration_total_steps) {
            // if registration process wasn't finished
            set_session("session_new_user", "registration");
            set_session("session_new_user_id", $user_id);
            set_session("session_new_user_type_id", $user_type_id);
            // check secure option
            $secure_user_profile = get_setting_value($settings, "secure_user_profile", 0);
            if ($secure_user_profile || $secure_sessions) {
                $user_profile_url = $secure_url . get_custom_friendly_url("user_profile.php");
            } else {
                $user_profile_url = $site_url . get_custom_friendly_url("user_profile.php");
            }
            if ($secure_sessions) {
                session_set_cookie_params(0, "/", "", true);
                session_regenerate_id();
            }
            header("Location: " . $user_profile_url);
            exit;
        } elseif ($current_ts > $expiry_date_ts && $is_subscription) {
            // if user have to pay for subscription
            set_session("session_new_user", "expired");
            set_session("session_new_user_id", $user_id);
            set_session("session_new_user_type_id", $user_type_id);
            // add some data into session for expired user as well
            $user_info = array("tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost);
            set_session("session_user_info", $user_info);
            include_once "./includes/shopping_cart.php";
            add_subscription($user_type_id, "", $subscription_name);
            // check secure option
            $secure_order_profile = get_setting_value($settings, "secure_order_profile", 0);
            if ($secure_order_profile || $secure_sessions) {
                $order_info_url = $secure_url . get_custom_friendly_url("order_info.php");
            } else {
                $order_info_url = $site_url . get_custom_friendly_url("order_info.php");
            }
            if ($secure_sessions) {
                session_set_cookie_params(0, "/", "", true);
                session_regenerate_id();
            }
            header("Location: " . $order_info_url);
            exit;
        } elseif ($current_ts <= $expiry_date_ts && $is_approved) {
            $login = $db->f("login");
            $nickname = $db->f("nickname");
            if (!strlen($nickname)) {
                $nickname = $login;
            }
            $email = $db->f("email");
            $currency_code = $db->f("currency_code");
            $user_discount_type = $db->f("user_discount_type");
            $user_discount_amount = $db->f("user_discount_amount");
            $group_discount_type = $db->f("group_discount_type");
            $group_discount_amount = $db->f("group_discount_amount");
            $user_reward_type = $db->f("user_reward_type");
            $user_reward_amount = $db->f("user_reward_amount");
            $group_reward_type = $db->f("group_reward_type");
            $group_reward_amount = $db->f("group_reward_amount");
            $user_credit_reward_type = $db->f("user_credit_reward_type");
            $user_credit_reward_amount = $db->f("user_credit_reward_amount");
            $group_credit_reward_type = $db->f("group_credit_reward_type");
            $group_credit_reward_amount = $db->f("group_credit_reward_amount");
            $price_type = $db->f("price_type");
            $subscription_id = $db->f("subscription_id");
            set_session("session_new_user", "");
            set_session("session_new_user_id", "");
            set_session("session_new_user_type_id", "");
            set_session("session_user_id", $user_id);
            set_session("session_user_type_id", $user_type_id);
            set_session("session_user_login", $login);
            set_session("session_subscription_id", $subscription_id);
            if (strlen($db->f("name"))) {
                $user_name = $db->f("name");
            } elseif (strlen($db->f("first_name")) || strlen($db->f("last_name"))) {
                $user_name = $db->f("first_name") . " " . $db->f("last_name");
            } else {
                $user_name = $login;
            }
            set_session("session_user_name", $user_name);
            set_session("session_user_email", $email);
            $discount_type = "";
            $discount_amount = "";
            if ($user_discount_type > 0) {
                $discount_type = $user_discount_type;
                $discount_amount = $user_discount_amount;
            } elseif ($group_discount_type) {
                $discount_type = $group_discount_type;
                $discount_amount = $group_discount_amount;
            }
            set_session("session_discount_type", $discount_type);
            set_session("session_discount_amount", $discount_amount);
            set_session("session_price_type", $price_type);
            $reward_type = "";
            $reward_amount = "";
            if ($user_reward_type > 0) {
                $reward_type = $user_reward_type;
                $reward_amount = $user_reward_amount;
            } elseif ($group_reward_type) {
                $reward_type = $group_reward_type;
                $reward_amount = $group_reward_amount;
            }
            $credit_reward_type = "";
            $credit_reward_amount = "";
            if ($user_credit_reward_type > 0) {
                $credit_reward_type = $user_credit_reward_type;
                $credit_reward_amount = $user_credit_reward_amount;
            } elseif ($group_credit_reward_type) {
                $credit_reward_type = $group_credit_reward_type;
                $credit_reward_amount = $group_credit_reward_amount;
            }
            // check for subscriptions
            $subscriptions_ids = "";
            $check_date_ts = mktime(0, 0, 0, $current_date[MONTH], $current_date[DAY], $current_date[YEAR]);
            $sql = " SELECT subscription_id ";
            $sql .= " FROM " . $table_prefix . "orders_items ";
            $sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
            $sql .= " AND is_subscription=1 ";
            $sql .= " AND subscription_expiry_date>=" . $db->tosql($check_date_ts, DATETIME);
            $db->query($sql);
            while ($db->next_record()) {
                if ($subscriptions_ids) {
                    $subscriptions_ids .= ",";
                }
                $subscriptions_ids .= $db->f("subscription_id");
            }
            set_session("session_subscriptions_ids", $subscriptions_ids);
            $user_info = array("user_id" => $user_id, "user_type_id" => $user_type_id, "layout_id" => $layout_id, "login" => $login, "nickname" => $nickname, "name" => $user_name, "subscriptions_ids" => $subscriptions_ids, "email" => $email, "discount_type" => $discount_type, "discount_amount" => $discount_amount, "price_type" => $price_type, "tax_free" => $tax_free, "is_sms_allowed" => $is_sms_allowed, "reward_type" => $reward_type, "reward_amount" => $reward_amount, "credit_reward_type" => $credit_reward_type, "credit_reward_amount" => $credit_reward_amount, "total_points" => $total_points, "credit_balance" => $credit_balance, "order_min_goods_cost" => $order_min_goods_cost, "order_max_goods_cost" => $order_max_goods_cost);
            set_session("session_user_info", $user_info);
            if ($remember_me && $login && $password) {
                setcookie("cookie_user_login", $login, va_timestamp() + 3600 * 24 * 366);
                setcookie("cookie_user_password", $password, va_timestamp() + 3600 * 24 * 366);
            }
            // get currency if available
            if ($currency_code) {
                get_currency($currency_code);
            }
            // update shopping cart if it's available
            $shopping_cart = get_session("shopping_cart");
            if (is_array($shopping_cart) && sizeof($shopping_cart) > 0) {
                include_once "./includes/shopping_cart.php";
                recalculate_shopping_cart();
                // check if any coupons can be added or removed
                check_coupons();
            }
            // check if need to regenerate session id for secure session
            if ($secure_sessions) {
                session_set_cookie_params(0, "/", "", true);
                session_regenerate_id();
            }
            // update last visit time
            $sql = " UPDATE " . $table_prefix . "users SET last_visit_date=" . $db->tosql(va_time(), DATETIME);
            $sql .= ", last_visit_ip=" . $db->tosql(get_ip(), TEXT);
            $sql .= ", last_visit_page=" . $db->tosql(get_request_uri(), TEXT);
            $sql .= ", last_logged_date=" . $db->tosql(va_time(), DATETIME);
            $sql .= ", last_logged_ip=" . $db->tosql(get_ip(), TEXT);
            $sql .= " WHERE user_id=" . $db->tosql($user_id, INTEGER);
            $db->query($sql);
            if ($make_redirects && $redirect_page) {
                // convert redirect page to the full url
                $ssl = get_param("ssl");
                if ($ssl) {
                    $page_site_url = $secure_url;
                } else {
                    $page_site_url = $site_url;
                }
                $return_page = get_request_uri();
                if (!preg_match("/^https?:\\/\\//i", $redirect_page) && preg_match("/^https?:\\/\\/[^\\/]+(\\/.*)\$/i", $page_site_url, $matches)) {
                    $page_path_regexp = prepare_regexp($matches[1]);
                    if (preg_match("/^" . $page_path_regexp . "/i", $redirect_page)) {
                        $redirect_page = $page_site_url . preg_replace("/^" . $page_path_regexp . "/i", "", $redirect_page);
                    }
                }
                header("Location: " . $redirect_page);
                exit;
            }
        } elseif ($current_ts > $expiry_date_ts) {
            $is_errors = true;
            $errors .= ACCOUNT_EXPIRED_MSG . "<br>";
        } else {
            $is_errors = true;
            $errors .= ACCOUNT_APPROVE_ERROR . "<br>";
        }
    } else {
        $is_errors = true;
        if ($user_id) {
            $errors .= NO_RECORDS_MSG . "<br>";
        } else {
            $errors .= LOGIN_PASSWORD_ERROR . "<br>";
        }
    }
    if ($is_errors) {
        setcookie("cookie_user_login");
        setcookie("cookie_user_password");
    }
    return !$is_errors;
}
Example #16
0
 private function set_request_uri($uri, $full_domain_name = '', $is_full_path = 0)
 {
     $results = $uri;
     if ($is_full_path == 0) {
         $results = get_request_uri($uri, $full_domain_name);
     }
     return urldecode($results);
 }
Example #17
0
function poll_display($tid, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $show_sigs = true, $is_preview = false, $highlight_array = array())
{
    $webtag = get_webtag();
    $total_votes = 0;
    $user_votes = 0;
    $guest_votes = 0;
    $poll_data = poll_get($tid);
    $poll_results = poll_get_votes($tid);
    $user_poll_votes_array = poll_get_user_votes($tid);
    poll_get_total_votes($tid, $total_votes, $user_votes, $guest_votes);
    $request_uri = get_request_uri();
    $poll_display = "<br />\n";
    $poll_display .= "<div align=\"center\">\n";
    $poll_display .= "  <table class=\"box\" cellpadding=\"0\" cellspacing=\"0\" width=\"580\">\n";
    $poll_display .= "    <tr>\n";
    $poll_display .= "      <td align=\"center\">\n";
    $poll_display .= "        <form accept-charset=\"utf-8\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
    $poll_display .= "          " . form_input_hidden("webtag", htmlentities_array($webtag)) . "\n";
    $poll_display .= "          " . form_input_hidden('tid', htmlentities_array($tid)) . "\n";
    $poll_display .= "          <table width=\"560\">\n";
    if ((!is_array($user_poll_votes_array) || $poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) && (session::get_value('UID') > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) && ($poll_data['CLOSES'] == 0 || $poll_data['CLOSES'] > time()) && !$is_preview) {
        foreach ($poll_results as $question_id => $poll_question) {
            $poll_display .= "          <tr>\n";
            $poll_display .= "            <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
            $poll_display .= "          </tr>\n";
            $poll_display .= "          <tr>\n";
            $poll_display .= "            <td align=\"left\">\n";
            $poll_display .= "              <table width=\"100%\">\n";
            if ($poll_data['OPTIONTYPE'] == POLL_OPTIONS_DROPDOWN) {
                $dropdown_options_array = array_map('poll_dropdown_options_callback', $poll_question['OPTIONS_ARRAY']);
                $poll_display .= "                <tr>\n";
                $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\">" . form_dropdown_array("pollvote[{$question_id}]", $dropdown_options_array) . "</td>\n";
                $poll_display .= "                </tr>\n";
            } else {
                foreach ($poll_question['OPTIONS_ARRAY'] as $option_id => $option) {
                    if (sizeof($poll_question['OPTIONS_ARRAY']) == 1 || $poll_question['ALLOW_MULTI'] == 'Y') {
                        $poll_display .= "                <tr>\n";
                        $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\" width=\"1%\">" . form_checkbox("pollvote[{$question_id}][{$option_id}]", 'Y', word_filter_add_ob_tags($option['OPTION_NAME']), false) . "</td>\n";
                        $poll_display .= "                </tr>\n";
                    } else {
                        $poll_display .= "                <tr>\n";
                        $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\" width=\"1%\">" . form_radio("pollvote[{$question_id}]", $option_id, word_filter_add_ob_tags($option['OPTION_NAME']), false) . "</td>\n";
                        $poll_display .= "                </tr>\n";
                    }
                }
            }
            $poll_display .= "              </table>\n";
            $poll_display .= "            </td>\n";
            $poll_display .= "          </tr>\n";
        }
    } else {
        if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS || $poll_data['CLOSES'] > 0 && $poll_data['CLOSES'] < time()) {
            if ($poll_data['POLLTYPE'] == POLL_TABLE_GRAPH && $poll_data['VOTETYPE'] != POLL_VOTE_PUBLIC) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">" . poll_table_graph($poll_results, $total_votes) . "</td>\n";
                $poll_display .= "             </tr>\n";
            } else {
                foreach ($poll_results as $question_id => $poll_question) {
                    $poll_display .= "           <tr>\n";
                    $poll_display .= "               <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td align=\"left\">\n";
                    $poll_display .= "                <table width=\"100%\">\n";
                    if ($poll_data['POLLTYPE'] == POLL_HORIZONTAL_GRAPH || $poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC) {
                        $poll_display .= "                  <tr>\n";
                        $poll_display .= "                    <td align=\"left\" colspan=\"2\">" . poll_horizontal_graph($poll_question['OPTIONS_ARRAY'], $poll_data, $total_votes) . "</td>\n";
                        $poll_display .= "                   </tr>\n";
                    } else {
                        $poll_display .= "                  <tr>\n";
                        $poll_display .= "                    <td align=\"left\" colspan=\"2\">" . poll_vertical_graph($poll_question['OPTIONS_ARRAY'], $total_votes) . "</td>\n";
                        $poll_display .= "                  </tr>\n";
                    }
                    $poll_display .= "                </table>\n";
                    $poll_display .= "              </td>\n";
                    $poll_display .= "            </tr>\n";
                }
            }
        } else {
            foreach ($poll_results as $question_id => $poll_question) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\">\n";
                $poll_display .= "                <table width=\"100%\">\n";
                foreach ($poll_question['OPTIONS_ARRAY'] as $option_id => $option) {
                    $poll_display .= "                  <tr>\n";
                    $poll_display .= "                    <td align=\"left\" class=\"postbody\">" . word_filter_add_ob_tags($option['OPTION_NAME']) . "</td>\n";
                    $poll_display .= "                  </tr>\n";
                }
                $poll_display .= "                </table>\n";
                $poll_display .= "              </td>\n";
                $poll_display .= "            </tr>\n";
            }
        }
    }
    if (!$is_preview) {
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
        $poll_display .= "            </tr>\n";
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . poll_format_vote_counts($poll_data, $user_votes, $guest_votes) . "</td>\n";
        $poll_display .= "            </tr>\n";
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
        $poll_display .= "            </tr>\n";
        if ($poll_data['CLOSES'] <= time() && $poll_data['CLOSES'] != 0) {
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . gettext("Poll has ended.") . "</td>\n";
            $poll_display .= "            </tr>\n";
            if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td colspan=\"2\" align=\"center\"><a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a></td>\n";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "             <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                $poll_display .= "             </tr>\n";
            }
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
            }
        } else {
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
                $poll_display .= "            </tr>\n";
                if ($poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('pollsubmit', gettext("Vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                }
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td colspan=\"2\" align=\"center\">";
                if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS && $total_votes > 0 || session::get_value('UID') == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                    $poll_display .= "<a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a>";
                }
                if (session::get_value('UID') == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                    $poll_display .= "&nbsp;<a href=\"close_poll.php?webtag={$webtag}&msg={$tid}.1\" class=\"button\" target=\"_parent\">" . gettext("End Poll") . "</a>";
                }
                $poll_display .= "              </td>\n";
                $poll_display .= "            </tr>\n";
                if ($poll_data['CHANGEVOTE'] != POLL_VOTE_CANNOT_CHANGE) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('pollchangevote', gettext("Change vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                    $poll_display .= "            </tr>\n";
                }
                if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\" class=\"postbody\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                    $poll_display .= "            </tr>\n";
                }
            } else {
                if (session::get_value('UID') > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('pollsubmit', gettext("Vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">";
                    if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS && $total_votes > 0 || session::get_value('UID') == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                        $poll_display .= "<a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a>";
                    }
                    if (session::get_value('UID') == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                        $poll_display .= "&nbsp;<a href=\"close_poll.php?webtag={$webtag}&msg={$tid}.1\" class=\"button\" target=\"_parent\">" . gettext("End Poll") . "</a>";
                    }
                    $poll_display .= "              </td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                    $poll_display .= "            </tr>\n";
                    if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                        $poll_display .= "            <tr>\n";
                        $poll_display .= "              <td colspan=\"2\" align=\"center\" class=\"postbody\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</td>\n";
                        $poll_display .= "            </tr>\n";
                        $poll_display .= "            <tr>\n";
                        $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                        $poll_display .= "            </tr>\n";
                    }
                }
            }
        }
    } else {
        if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . poll_format_vote_counts($poll_data, $user_votes, $guest_votes) . "</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= poll_display_user_votes($user_poll_votes_array);
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
        }
    }
    $poll_display .= "          </table>\n";
    $poll_display .= "        </form>\n";
    $poll_display .= "      </td>\n";
    $poll_display .= "    </tr>\n";
    $poll_display .= "  </table>\n";
    $poll_display .= "</div>\n";
    $poll_display .= "<br />\n";
    $poll_data['CONTENT'] = $poll_display;
    $poll_data['FROM_RELATIONSHIP'] = user_get_relationship(session::get_value('UID'), $poll_data['FROM_UID']);
    message_display($tid, $poll_data, $msg_count, $first_msg, $folder_fid, $in_list, $closed, $limit_text, true, $show_sigs, $is_preview, $highlight_array);
}
Example #18
0
            } else {
                echo "<li><a href='" . $key . "'>" . get_vocab($key) . "</a></li>\n";
            }
            $k++;
        }
        echo "</ul></fieldset>\n";
    }
}
echo "<table class=\"table_adm4\">";
// Affichage de la colonne de gauche
?>
<tr>
	<td class="colgauche_admin">
		<?php 
if (get_request_uri() != '') {
    $url_ = parse_url(get_request_uri());
    $pos = strrpos($url_['path'], "/") + 1;
    $chaine = substr($url_['path'], $pos);
} else {
    $chaine = '';
}
echo "<div id=\"colgauche\">\n";
$liste = array();
if (authGetUserLevel(getUserName(), -1, 'area') >= 6) {
    $liste[] = 'admin_config.php';
}
if (authGetUserLevel(getUserName(), -1, 'area') >= 6) {
    $liste[] = 'admin_type.php';
}
if (authGetUserLevel(getUserName(), -1, 'area') >= 6) {
    $liste[] = 'admin_calend_ignore.php';
Example #19
0
function logon_draw_form($logon_options)
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    // Make sure logon form argument is valid.
    if (!is_numeric($logon_options)) {
        $logon_options = LOGON_FORM_DEFAULT;
    }
    // Check for previously failed logon.
    if (isset($_GET['logout_success']) && $_GET['logout_success'] == 'true') {
        html_display_success_msg(gettext("You have successfully logged out."), '500', 'center');
    } else {
        if (isset($_GET['logon_failed']) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
            html_display_error_msg(gettext("The username or password you supplied is not valid."), '500', 'center');
        }
    }
    // Get the original requested page url.
    $request_uri = get_request_uri();
    // If the request is for logon.php then we are performing
    // a normal login, otherwise potentially a failed session.
    if (stristr($request_uri, 'logon.php')) {
        echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"", html_get_top_frame_name(), "\">\n";
        echo "    ", form_csrf_token_field(), "\n";
    } else {
        echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
        echo "    ", form_csrf_token_field(), "\n";
    }
    // Check for any post data that we need to include in the form.
    unset($_POST['user_logon'], $_POST['user_password'], $_POST['logon'], $_POST['webtag'], $_POST['register']);
    // Add any post data into the form.
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "  <br />\n";
    echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">\n";
    echo "        <table class=\"box\" width=\"100%\">\n";
    echo "          <tr>\n";
    echo "            <td align=\"left\" class=\"posthead\">\n";
    echo "              <table class=\"posthead\" width=\"100%\">\n";
    echo "                <tr>\n";
    echo "                  <td align=\"left\" class=\"subhead\">", gettext("Logon"), "</td>\n";
    echo "                </tr>\n";
    echo "              </table>\n";
    echo "              <table class=\"posthead\" width=\"100%\">\n";
    echo "                <tr>\n";
    echo "                  <td align=\"center\">\n";
    echo "                    <table class=\"posthead\" width=\"95%\">\n";
    echo "                      <tr>\n";
    echo "                        <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
    echo "                        <td align=\"left\">", form_input_text('user_logon', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                      </tr>\n";
    echo "                      <tr>\n";
    echo "                        <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
    echo "                        <td align=\"left\">", form_input_password('user_password', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                      </tr>\n";
    if (!($logon_options & LOGON_FORM_HIDE_TICKBOX) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
        echo "                      <tr>\n";
        echo "                        <td align=\"left\" colspan=\"2\"><hr class=\"bhseparatorlogon\" /></td>\n";
        echo "                      </tr>\n";
        echo "                    </table>\n";
        echo "                    <table class=\"posthead\" width=\"95%\">\n";
        echo "                      <tr>\n";
        echo "                        <td align=\"right\" width=\"90\">", form_checkbox('user_remember', 'Y', null, html_get_cookie('user_logon') && html_get_cookie('user_token')), "</td>\n";
        echo "                        <td align=\"left\"><label for=\"user_remember\">", gettext("Remember me"), "</label></td>\n";
        echo "                      </tr>\n";
        echo "                      <tr>\n";
        echo "                        <td align=\"left\">&nbsp;</td>\n";
        echo "                        <td align=\"left\"><span class=\"bhinputlogon_warning\">", gettext("Not recommended for shared computers"), "</span></td>\n";
        echo "                      </tr>\n";
    }
    echo "                      <tr>\n";
    echo "                        <td align=\"left\">&nbsp;</td>\n";
    echo "                      </tr>\n";
    echo "                    </table>\n";
    echo "                  </td>\n";
    echo "                </tr>\n";
    echo "              </table>\n";
    echo "            </td>\n";
    echo "          </tr>\n";
    echo "        </table>\n";
    echo "      </td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">&nbsp;</td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
    echo "    </tr>\n";
    echo "  </table>\n";
    echo "</form>\n";
    echo "<br />\n";
    if (!($logon_options & LOGON_FORM_HIDE_LINKS)) {
        echo "<hr class=\"bhlogonseparator\" />\n";
        if (user_guest_enabled()) {
            echo "<form accept-charset=\"utf-8\" name=\"guest\" action=\"logon.php?webtag={$webtag}\" method=\"post\" target=\"", html_get_top_frame_name(), "\">\n";
            echo "  ", form_csrf_token_field(), "\n";
            echo "  <p>", sprintf(gettext("Enter as a %s"), form_submit('guest_logon', gettext("Guest"))), "</p>\n";
            echo "</form>\n";
        }
        if (isset($_GET['final_uri']) && strlen(trim($_GET['final_uri'])) > 0) {
            $available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
            if (preg_match("/^{$available_files_preg}/u", trim($_GET['final_uri'])) > 0) {
                $final_uri = href_cleanup_query_keys($_GET['final_uri']);
            }
        }
        if (isset($final_uri)) {
            $final_uri = rawurlencode($final_uri);
            $register_link = rawurlencode("register.php?webtag={$webtag}&final_uri={$final_uri}");
            $forgot_pw_link = rawurlencode("forgot_pw.php?webtag={$webtag}&final_uri={$final_uri}");
            echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&amp;final_uri={$register_link}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>") . "</p>\n";
            echo "<hr class=\"bhlogonseparator\" />\n";
            echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
            echo "<p><a href=\"logon.php?webtag={$webtag}&amp;delete_cookie=yes&amp;final_uri={$final_uri}\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
            echo "<p><a href=\"index.php?webtag={$webtag}&amp;final_uri={$forgot_pw_link}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
        } else {
            echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&amp;final_uri=register.php%3Fwebtag%3D{$webtag}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>"), "</p>\n";
            echo "<hr class=\"bhlogonseparator\" />\n";
            echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
            echo "<p><a href=\"logon.php?webtag={$webtag}&amp;delete_cookie=yes\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
            echo "<p><a href=\"index.php?webtag={$webtag}&amp;final_uri=forgot_pw.php%3Fwebtag%3D{$webtag}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
        }
        echo "<hr class=\"bhlogonseparator\" />\n";
        echo "<h2>", gettext("Using a mobile device?"), "</h2>\n";
        echo "<p><a href=\"index.php?webtag={$webtag}&amp;view=mobile\" target=\"", html_get_top_frame_name(), "\">", gettext("Mobile version"), "</a></p>\n";
    }
}
Example #20
0
forum_update_last_visit($_SESSION['UID']);
// Update the visitor log
session::update_visitor_log($_SESSION['UID']);
// Initialise gettext
lang_init();
// Enable the word filter ob filter
ob_start('word_filter_ob_callback');
// Check to see if user account has been banned.
if (session::user_banned()) {
    html_user_banned();
    exit;
}
// Check to see if the user has been approved.
if (!session::user_approved()) {
    html_user_require_approval();
    exit;
}
// Get the webtag for the current forum
$webtag = get_webtag();
// Check we have a webtag and have access to the specified forum
if (!forum_check_webtag_available($webtag) || !forum_check_access_level()) {
    $request_uri = rawurlencode(get_request_uri(false));
    header_redirect("forums.php?webtag_error={$webtag}&final_uri={$request_uri}");
}
// Check guest access is available.
if (!forum_check_guest_access_allowed()) {
    $request_uri = rawurlencode(get_request_uri());
    header_redirect("logon.php?webtag={$webtag}&final_uri={$request_uri}");
}
// Check CSRF Token
form_check_csrf_token();
Example #21
0
    $category_id = $search_category_id;
} elseif (!strlen($category_id)) {
    $category_id = 0;
}
if ($category_id) {
    if (VA_Categories::check_exists($category_id)) {
        if (!VA_Categories::check_permissions($category_id, VIEW_CATEGORIES_ITEMS_PERM)) {
            $site_url = get_setting_value($settings, "site_url", "");
            $secure_url = get_setting_value($settings, "secure_url", "");
            $secure_user_login = get_setting_value($settings, "secure_user_login", 0);
            if ($secure_user_login) {
                $user_login_url = $secure_url . get_custom_friendly_url("user_login.php");
            } else {
                $user_login_url = $site_url . get_custom_friendly_url("user_login.php");
            }
            $return_page = get_request_uri();
            header("Location: " . $user_login_url . "?return_page=" . urlencode($return_page) . "&type_error=2&ssl=" . intval($is_ssl));
            exit;
        }
    } else {
        echo NO_RECORDS_MSG;
        exit;
    }
}
$manf = get_param("manf");
$list_template = "";
$current_category = "";
set_session("category_id", $current_category);
//Customization by Vital
$page_friendly_url = "";
$page_friendly_params = array();
// Get an array of available timezones.
$available_timezones = get_available_timezones();
// Get the forum settings
$forum_settings = forum_get_settings();
// Get the global forum settings
$forum_global_settings = forum_get_global_settings();
// Submit code starts here
if (isset($_POST['changepermissions'])) {
    $redirect_uri = "admin_forum_access.php?webtag={$webtag}&fid={$forum_settings['fid']}";
    $redirect_uri .= "&ret=" . rawurlencode(get_request_uri(true, false));
    header_redirect($redirect_uri);
    exit;
} else {
    if (isset($_POST['changepassword'])) {
        $redirect_uri = "admin_forum_set_passwd.php?webtag={$webtag}&fid={$forum_settings['fid']}";
        $redirect_uri .= "&ret=" . rawurlencode(get_request_uri(true, false));
        header_redirect($redirect_uri);
        exit;
    } else {
        if (isset($_POST['save'])) {
            $valid = true;
            if (isset($_POST['forum_name']) && strlen(trim($_POST['forum_name'])) > 0) {
                $new_forum_settings['forum_name'] = trim($_POST['forum_name']);
            } else {
                $error_msg_array[] = gettext("You must supply a forum name");
                $valid = false;
            }
            if (isset($_POST['forum_email']) && strlen(trim($_POST['forum_email'])) > 0) {
                $new_forum_settings['forum_email'] = trim($_POST['forum_email']);
            } else {
                $error_msg_array[] = gettext("You must supply a forum email address");
Example #23
0
            if (version_compare(strval($theVersion), strval($version), '>') == 1) {
                $msg = __("Latest version available: ", "cforms") . '<strong>v' . $theVersion . '</strong> - ' . $theMessage;
                echo '<td colspan="5" class="plugin-update" style="line-height:1.2em; font-size:11px; padding:1px;"><div style="background:#A2F099;border:1px solid #4FE23F; padding:2px; font-weight:bold;">' . __("New cformsII update available", "cforms") . ' <a href="javascript:void(0);" onclick="jQuery(\'#cf-update-msg\').toggle();">' . __("(more info)", "cforms") . '</a>.</div><div id="cf-update-msg" style="display:none; padding:10px; text-align:center;" >' . $msg . '</div></td>';
            } else {
                return;
            }
        }
    }
}
### add actions
global $tafstring;
if (function_exists('add_action')) {
    ### widget init
    add_action('plugins_loaded', 'widget_cforms_init');
    ### get location?
    $request_uri = get_request_uri();
    $admin = strpos($request_uri, 'wp-admin') !== false ? true : false;
    $cfadmin = strpos($_SERVER['QUERY_STRING'], $plugindir . '/cforms') !== false ? true : false;
    ### dashboard
    if ($cformsSettings['global']['cforms_showdashboard'] == '1' && $cformsSettings['global']['cforms_database'] == '1') {
        require_once dirname(__FILE__) . '/lib_dashboard.php';
        if ($wp_db_version < 9872) {
            add_action('activity_box_end', 'cforms_dashboard', 1);
        } else {
            add_action('wp_dashboard_setup', 'cforms_dashboard_27_setup', 1);
        }
    }
    ### cforms specific stuff
    if ($cfadmin) {
        require_once dirname(__FILE__) . '/lib_functions.php';
        add_action('admin_head', 'cforms_options_page_style');
Example #24
0
function forum_check_password($forum_fid)
{
    $frame_top_target = html_get_top_frame_name();
    if (!($db_forum_check_password = db_connect())) {
        return false;
    }
    $webtag = get_webtag($webtag_search);
    if (!is_numeric($forum_fid)) {
        return false;
    }
    if ($forum_passhash = forum_get_password($forum_fid)) {
        forum_get_saved_password($password, $passhash, $sesshash);
        if ($sesshash == $forum_passhash) {
            return true;
        }
        // If we got this far then the password verification failed or
        // the user hasn't seen the password dialog before.
        $lang = load_language_file();
        html_draw_top();
        echo "<h1>{$lang['passwdprotectedforum']}</h1>\n";
        if (isset($_COOKIE["bh_{$webtag}_sesshash"]) && strlen(trim(_stripslashes($_COOKIE["bh_{$webtag}_sesshash"]))) > 0) {
            bh_setcookie("bh_{$webtag}_sesshash", "", time() - YEAR_IN_SECONDS);
            html_display_error_msg($lang['usernameorpasswdnotvalid'], '550', 'center');
        }
        echo "<br />\n";
        echo "<div align=\"center\">\n";
        echo "  <form method=\"post\" action=\"forum_password.php\" target=\"", html_get_top_frame_name(), "\">\n";
        echo "    ", form_input_hidden('webtag', _htmlentities($webtag)), "\n";
        echo "    ", form_input_hidden('final_uri', _htmlentities(get_request_uri())), "\n";
        echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"550\">\n";
        if ($password_protected_message = forum_get_setting('password_protected_message', false)) {
            echo "      <tr>\n";
            echo "        <td align=\"left\">", fix_html($password_protected_message), "</td>\n";
            echo "      </tr>\n";
        } else {
            echo "      <tr>\n";
            echo "        <td align=\"center\">{$lang['passwdprotectedwarning']}</td>\n";
            echo "      </tr>\n";
        }
        echo "      <tr>\n";
        echo "        <td align=\"left\">&nbsp;</td>\n";
        echo "      </tr>\n";
        echo "      <tr>\n";
        echo "        <td align=\"center\">\n";
        echo "          <table class=\"box\" width=\"400\">\n";
        echo "            <tr>\n";
        echo "              <td class=\"posthead\" align=\"center\">\n";
        echo "                <table class=\"posthead\" width=\"100%\">\n";
        echo "                  <tr>\n";
        echo "                    <td align=\"left\" class=\"subhead\" colspan=\"2\">{$lang['enterpasswd']}</td>\n";
        echo "                  </tr>\n";
        echo "                </table>\n";
        echo "                <table class=\"posthead\" width=\"90%\">\n";
        echo "                  <tr>\n";
        echo "                    <td align=\"left\">{$lang['passwd']}:</td>\n";
        echo "                    <td align=\"left\">", form_input_password('forum_password', _htmlentities($password), 40, false, "autocomplete=\"off\""), form_input_hidden("forum_passhash", _htmlentities($passhash)), "</td>\n";
        echo "                  </tr>\n";
        echo "                  <tr>\n";
        echo "                    <td align=\"left\">&nbsp;</td>\n";
        echo "                    <td align=\"left\">", form_checkbox('remember_password', 'Y', $lang['rememberpassword'], strlen($password) > 0 && strlen($passhash) > 0), "</td>\n";
        echo "                  </tr>\n";
        echo "                  <tr>\n";
        echo "                    <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
        echo "                  </tr>\n";
        echo "                </table>\n";
        echo "              </td>\n";
        echo "            </tr>\n";
        echo "          </table>\n";
        echo "        </td>\n";
        echo "      </tr>\n";
        echo "      <tr>\n";
        echo "        <td align=\"left\">&nbsp;</td>\n";
        echo "      </tr>\n";
        echo "      <tr>\n";
        echo "        <td align=\"center\">", form_submit("submit", $lang['logon']), "&nbsp;", form_submit("cancel", $lang['cancel']), "</td>\n";
        echo "      </tr>\n";
        if (bh_session_check_perm(USER_PERM_ADMIN_TOOLS, 0) || bh_session_check_perm(USER_PERM_FORUM_TOOLS, 0)) {
            echo "      <tr>\n";
            echo "        <td align=\"left\">&nbsp;</td>\n";
            echo "      </tr>\n";
            echo "      <tr>\n";
            echo "        <td align=\"center\">{$lang['adminforumclosedtip']}</td>\n";
            echo "      </tr>\n";
        }
        echo "    </table>\n";
        echo "  </form>\n";
        echo "</div>\n";
        html_draw_bottom();
        exit;
    }
    return true;
}
Example #25
0
function cforms_scripts()
{
    global $wp_scripts, $localversion;
    ### get options
    $cformsSettings = get_option('cforms_settings');
    $r = $cformsSettings['global']['cforms_root'];
    ### global settings
    $request_uri = get_request_uri();
    if (version_compare(strval($wp_scripts->registered['jquery']->ver), strval("1.3.2")) === -1) {
        wp_deregister_script('jquery');
        wp_register_script('jquery', $r . '/js/jquery.js', false, '1.3.2');
        wp_enqueue_script('jquery');
    }
    echo '<link rel="stylesheet" type="text/css" href="' . $r . '/cforms-admin.css" />' . "\n";
    if (strpos($request_uri, 'cforms-options') !== false) {
        echo '<link rel="stylesheet" type="text/css" href="' . $r . '/styling/calendar.css" />' . "\n";
        wp_register_script('cforms_admin_cal', $r . '/js/cformsadmincal.js', false, $localversion);
        wp_enqueue_script('cforms_admin_cal');
    }
    wp_deregister_script('prototype');
    wp_register_script('cforms_interface', $r . '/js/interface.js', false, $localversion);
    wp_register_script('cforms_admin', $r . '/js/cformsadmin.js', false, $localversion);
    wp_enqueue_script('cforms_interface');
    wp_enqueue_script('cforms_admin');
}
Example #26
0
        $val = $info[$i];
        if (is_array($val)) {
            if (isset($val[Settings::get("ldap_champ_nom")][0])) {
                $l_nom = ucfirst($val[Settings::get("ldap_champ_nom")][0]);
            } else {
                $l_nom = iconv("ISO-8859-1", "utf-8", "Nom à préciser");
            }
            if (isset($val[Settings::get("ldap_champ_prenom")][0])) {
                $l_prenom = ucfirst($val[Settings::get("ldap_champ_prenom")][0]);
            } else {
                $l_prenom = iconv("ISO-8859-1", "utf-8", "Prénom à préciser");
            }
            if (isset($val[Settings::get("ldap_champ_email")][0])) {
                $l_email = $val[Settings::get("ldap_champ_email")][0];
            } else {
                $l_email = '';
            }
        }
    }
    // Convertir depuis UTF-8 (jeu de caracteres par defaut)
    if (function_exists("utf8_decode") and Settings::get("ConvertLdapUtf8toIso") == "y") {
        $l_email = utf8_decode($l_email);
        $l_nom = utf8_decode($l_nom);
        $l_prenom = utf8_decode($l_prenom);
    }
    // Return infos
    return array($l_nom, $l_prenom, $l_email);
}
// On fabrique l'url
$url = rawurlencode(str_replace('&amp;', '&', get_request_uri()));
Example #27
0
    }
}
// Cas d'une authentification Lasso
if (Settings::get('sso_statut') == 'lasso_visiteur' || Settings::get('sso_statut') == 'lasso_utilisateur') {
    require_once SPKITLASSO . '/lassospkit_public_api.inc.php';
    if (lassospkit_nameid() == NULL) {
        // S'il y a eu une erreur et que l'on revient, afficher
        // l'erreur. Cela annule la redirection de header(), mais
        // l'utilisateur pourra quand même cliquer manuellement sur un
        // lien.
        $error = lassospkit_error();
        if (!empty($error)) {
            echo "SSO error:<br /><pre>{$error}</pre><br />";
        }
        // Pas encore authentifié - on se connecte:
        $return_url = get_request_uri();
        lassospkit_redirect_federate($return_url);
        exit;
    }
    // A ce stade, l'utilisateur est authentifié par Lasso
    $password = '';
    $login = lassospkit_userid();
    // vide si pas encore fédéré
    if (empty($login)) {
        // Construit un identifiant unique
        $sql = "SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login LIKE 'lasso_%'";
        $res = grr_sql_query($sql);
        $existing_users = array();
        for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
            $existing_users[] = $row[0];
        }
Example #28
0
/**
 * return the lang code from url, if none exist, return false
 */
function get_language_from_url()
{
    $request_uri = get_request_uri();
    $string = str_replace(get_sub_root(), '', $request_uri);
}
Example #29
0
<?php

require_once 'bootstrap.php';
$settings = Vars::getSettings();
/** rounting **/
$relative_uri;
if ($settings['i18n']) {
    $relative_uri = get_request_uri_relative();
} else {
    $relative_uri = str_replace(get_sub_root(), '', get_request_uri());
}
//_debug($settings['routing']);
// try to match a route
foreach ($settings['routing'] as $route) {
    $path = $route['path'];
    $isSecure = $route['isSecure'];
    $controller = $route['controller'];
    $i18n = $route['i18n'];
    //  _debug($relative_uri);
    $vars = array();
    $user = User::getInstance();
    if (preg_match('/' . $path . '/', $relative_uri, $vars)) {
        // redirect to lang url if lang code is not here
        if ($i18n && $settings['i18n']) {
            HTML::redirectToI18nUrl();
        }
        if ($isSecure && !$user->isLogin()) {
            dispatch('core/login');
        } else {
            dispatch($controller, $vars);
        }
 }
 echo "</td>\n";
 echo "                   <td class=\"posthead\" align=\"left\" style=\"white-space: nowrap\">";
 if ($group_by == ADMIN_VISITOR_LOG_GROUP_NONE || $group_by == ADMIN_VISITOR_LOG_GROUP_REFERER) {
     if (isset($visitor['REFERER']) && strlen(trim($visitor['REFERER'])) > 0) {
         $visitor['REFERER_FULL'] = $visitor['REFERER'];
         if (!($visitor['REFERER'] = split_url($visitor['REFERER']))) {
             if (mb_strlen($visitor['REFERER_FULL']) > 35) {
                 $visitor['REFERER'] = mb_substr($visitor['REFERER_FULL'], 0, 35);
                 $visitor['REFERER'] .= "&hellip;";
             }
         }
         if (referer_is_banned($visitor['REFERER'])) {
             echo "<a href=\"admin_banned.php?webtag={$webtag}&amp;unban_referer=", rawurlencode($visitor['REFERER_FULL']), "&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" title=\"{$visitor['REFERER_FULL']}\">{$visitor['REFERER']}</a>&nbsp;<a href=\"{$visitor['REFERER_FULL']}\" target=\"_blank\">", html_style_image('link', gettext("External Link")), "</a>&nbsp;(", gettext("Banned"), ")";
         } else {
             echo "<a href=\"admin_banned.php?webtag={$webtag}&amp;ban_referer=", rawurlencode($visitor['REFERER_FULL']), "&amp;ret=", rawurlencode(get_request_uri(true, false)), "\" title=\"{$visitor['REFERER_FULL']}\">{$visitor['REFERER']}</a>&nbsp;<a href=\"{$visitor['REFERER_FULL']}\" target=\"_blank\">", html_style_image('link', gettext("External Link")), "</a>";
         }
     } else {
         echo gettext("Unknown");
     }
 } else {
     printf(ngettext("%s Referer", "%s Referers", $visitor['REFERER_COUNT']), $visitor['REFERER_COUNT']);
 }
 echo "</td>\n";
 echo "                   <td class=\"posthead\" align=\"left\" style=\"white-space: nowrap\">";
 if ($group_by == ADMIN_VISITOR_LOG_GROUP_NONE || $group_by == ADMIN_VISITOR_LOG_GROUP_USER_AGENT) {
     if (isset($visitor['USER_AGENT']) && strlen(trim($visitor['USER_AGENT'])) > 0) {
         $visitor['USER_AGENT_FULL'] = htmlentities_array($visitor['USER_AGENT']);
         if (mb_strlen($visitor['USER_AGENT']) > 35) {
             $visitor['USER_AGENT'] = mb_substr($visitor['USER_AGENT_FULL'], 0, 35) . "&hellip;";
         }