unset($_pcpin_version); } else { define('PCPIN_VERSION', '0.00'); } } // Load language if (!defined('PCPIN_NO_SESSION')) { if (empty($_GET['b_id']) && empty($_GET['external_url'])) { _pcpin_loadClass('language'); $l = new PCPIN_Language($_pcpin_init_session); $_pcpin_set_language = $_pcpin_init_session->_s_language_id; if (!empty($_pcpin_init_session->_conf_all['allow_language_selection']) && !empty($_POST['language_id'])) { $_pcpin_set_language = $_POST['language_id']; } if (true !== $l->setLanguage($_pcpin_set_language)) { PCPIN_Common::dieWithError(-1, '<b>Fatal error</b>: Failed to load language'); } if (!empty($_pcpin_init_session->_s_id) && $l->id != $_pcpin_init_session->_s_language_id) { $_pcpin_init_session->_s_updateSession($_pcpin_init_session->_s_id, true, true, $l->id); } unset($_pcpin_set_language); } } /** * Strip magic quotes from GPC vars and extract them into the global scope. * This software uses own security algorithm to prevent SQL injections. */ if (get_magic_quotes_gpc()) { $_pcpin_magic_quotes_sybase = ini_get('magic_quotes_sybase') == '1'; $_GET = PCPIN_Common::stripSlashesRecursive($_GET, $_pcpin_magic_quotes_sybase); $_POST = PCPIN_Common::stripSlashesRecursive($_POST, $_pcpin_magic_quotes_sybase);
// Database server host name. // Examples: 'localhost' or 'db.myhost.com' $_pcpin_db_server = 'localhost'; // Database username $_pcpin_db_user = '******'; // Database password $_pcpin_db_password = '******'; // Database name $_pcpin_db_database = 'usr_web0_2'; // Prefix for all chat table names $_pcpin_db_tbl_prefix = 'pcpin_'; /////////////////////////////////////////////////////////// // DO NOT EDIT OR DELETE ANYTHING BELOW THIS LINE !!! /////////////////////////////////////////////////////////// if (defined('PCPIN_DB_DATA_LOADED')) { PCPIN_Common::dieWithError(1, 'Access denied'); } else { define('PCPIN_DB_DATA_LOADED', true); } if (function_exists('debug_backtrace')) { $_pcpin_dbt = debug_backtrace(); if (is_array($_pcpin_dbt) && (!isset($_pcpin_dbt[0]) || basename($_pcpin_dbt[0]['file']) !== 'init.inc.php' && basename($_pcpin_dbt[0]['file']) !== 'check_db.php')) { die('Access denied'); } unset($_pcpin_dbt); } $_pcpin_dbcn = md5(mt_rand(-time(), time()) . microtime()); ${$_pcpin_dbcn} = array(); ${$_pcpin_dbcn}['server'] = $_pcpin_db_server; unset($_pcpin_db_server); ${$_pcpin_dbcn}['user'] = $_pcpin_db_user;
* * "PCPIN Chat 6" is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * "PCPIN Chat 6" is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!file_exists('../extension.inc')) { PCPIN_Common::dieWithError(1, 'Slave mode: No phpBB2 installation found'); } if (empty($_pcpin_init_session->_s_user_id)) { // Get parent directory name $master_to_chat_path_parts = explode('/', !empty($_SERVER['SCRIPT_FILENAME']) ? $_SERVER['SCRIPT_FILENAME'] : (!empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : $_SERVER['PHP_SELF'])); $chat_dir = $master_to_chat_path_parts[count($master_to_chat_path_parts) - 2]; unset($master_to_chat_path_parts); /** * phpBB stuff */ define('IN_PHPBB', true); // Load master base chdir('..'); $_pcpin_init_session->_db_restoreCharsets(); require 'extension.inc'; require 'common.' . $phpEx;
/** * Constructor * @param object &$caller Caller object */ function PCPIN_Config(&$caller) { // Get parent properties $this->_db_pass_vars($caller, $this); // Load dynamic configuration. if ($this->_db_getList('_conf_group ASC', '_conf_subgroup ASC', '_conf_id ASC')) { foreach ($this->_db_list as $conf) { // Set appropriate value type $type = substr($conf['_conf_type'], 0, strpos($conf['_conf_type'], '_')); settype($conf['_conf_value'], $type); $this->_conf_all[$conf['_conf_name']] = $conf['_conf_value']; if (isset($this->_conf_all_grouped[$conf['_conf_group']])) { $this->_conf_all_grouped[$conf['_conf_group']][] = $conf; } else { $this->_conf_all_grouped[$conf['_conf_group']] = array($conf); } } // Free up memory $this->_db_freeList(); } else { // No configuration found PCPIN_Common::dieWithError(-1, '<b>Fatal error</b>: No configuration found. Check your installation.'); } $this->_db_pass_vars($this, $caller); }
/** * Create new session * @param int $user_id Optional ID of session owner user * @param int $last_message_id ID of last message received by session owner * @param int $language_id Optional. Selected language. If empty, then default language will be used. * @param string $backend_login Optional. 'y', if user is Administrator and logged directly into Admin Backend. */ function _s_newSession($user_id = 0, $last_message_id = 0, $language_id = 0, $backend_login = '******') { $ok = false; if ($backend_login !== 'y' && $backend_login !== 'n') { $backend_login = '******'; } $max_attempts = 100; do { // Generate new session ID $this->_s_id = PCPIN_Common::randomString(PCPIN_SID_LENGTH, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'); // Check new session ID if (!$this->_db_getList('_s_id', '_s_id = ' . $this->_s_id, 1)) { // New session ID is unique // Check language _pcpin_loadClass('language'); $language = new PCPIN_Language($this); if (empty($this->_conf_all['allow_language_selection']) || 0 == ($language_id = $language->checkLanguage($language_id))) { $language_id = $this->_conf_all['default_language']; } // Set all object properties up $this->_s_ip = PCPIN_CLIENT_IP; $this->_s_client_agent_name = PCPIN_CLIENT_AGENT_NAME; $this->_s_client_agent_version = PCPIN_CLIENT_AGENT_VERSION; $this->_s_client_os = PCPIN_CLIENT_OS; $this->_s_created = date('Y-m-d H:i:s'); $this->_s_last_ping = date('Y-m-d H:i:s'); $this->_s_language_id = $language_id; $this->_s_user_id = $user_id; $this->_s_security_code = md5(PCPIN_Common::randomString(mt_rand(100, 255))); $this->_s_security_code_img = ''; $this->_s_room_id = 0; $this->_s_room_date = ''; $this->_s_last_message_id = $last_message_id; $this->_s_last_sent_message_time = '0000-00-00 00:00:00'; $this->_s_last_sent_message_hash = ''; $this->_s_last_sent_message_repeats_count = 0; $this->_s_online_status = 1; $this->_s_online_status_message = ''; $this->_s_kicked = 'n'; $this->_s_stealth_mode = 'n'; $this->_s_backend = $backend_login; $this->_s_page_unloaded = 'n'; // Save session into database $ok = $this->_db_insertObj(); } $max_attempts--; } while ($ok !== true && $max_attempts > 0); $this->_db_freeList(); if (!$ok) { PCPIN_Common::dieWithError(-1, '<b>Fatal error</b>: Failed to create new session'); } }
/** * Constructor. * Connect to database. * @param object &$caller Caller object * @param array $db_conndata Database connection data */ function PCPIN_DB(&$caller, $db_conndata) { // Connect to database $connected = false; if (empty($this->_db_conn)) { if (!function_exists('mysql_connect')) { // MySQL extension is not loaded PCPIN_Common::dieWithError(1, '<b>Fatal error</b>: MySQL extension is not loaded'); } elseif (PCPIN_DB_PERSISTENT && ($this->_db_conn = @mysql_pconnect($db_conndata['server'], $db_conndata['user'], $db_conndata['password']))) { // Database server connected using mysql_pconnect() function $connected = true; } elseif ($this->_db_conn = mysql_connect($db_conndata['server'], $db_conndata['user'], $db_conndata['password'])) { // Database server connected using mysql_connect() function $connected = true; } if (!$connected) { PCPIN_Common::dieWithError(1, '<b>Fatal error</b>: Failed to connect database server'); } else { // Set UTF-8 character set for client-server communication $this->_db_setCharsets(); // Disable MySQL strict mode $this->_db_query('SET SESSION sql_mode=""'); // Trying do select database if (!mysql_select_db($db_conndata['database'], $this->_db_conn)) { // Failed to select database $this->_db_close(); PCPIN_Common::dieWithError(1, '<b>Fatal error</b>: Failed to select database'); } else { // Define database table names prefix if (!defined('PCPIN_DB_PREFIX')) { define('PCPIN_DB_PREFIX', $db_conndata['tbl_prefix']); } } } } unset($db_conndata); $this->_cache['_db_tabledata'] = array(); // Cached table information ($this->_cache is a property of the parent class) $this->_db_pass_vars($this, $caller); }
if (PCPIN_SLAVE_MODE && !empty($_pcpin_slave_userdata) && !empty($session) && is_object($session)) { $language_id = $_pcpin_slave_userdata['language']; if ($_pcpin_slave_userdata['is_guest'] !== 'n') { // User is guest $guest_login = 1; } else { // Registered user // Check user if ($current_user->_db_getList('login = '******'login'], 1)) { // User exists $current_user_set = $current_user->_db_list[0]; $current_user->_db_freeList(); // Check wether user already logged in or not if ($session->_db_getList('_s_user_id = ' . $current_user_set['id'], '_s_online_status != 3', 1)) { // User already logged in PCPIN_Common::dieWithError(1, $l->g('you_already_logged_in')); } else { // User is not logged in yet $login = $current_user_set['login']; $_pcpin_slave_userdata_md5_password = $_pcpin_slave_userdata['password']; // Update user main data $update_args = array(); foreach ($_pcpin_slave_userdata as $key => $val) { if (!is_null($val) && isset($current_user_set[$key]) && $current_user_set[$key] != $val) { $update_args[$key] = $val; } } // Moderator? $update_args['moderated_rooms'] = ''; $update_args['moderated_categories'] = ''; if ($_pcpin_slave_userdata['is_moderator'] === 'y') {