// View mode if (isset($_REQUEST['mode']) && is_numeric($_REQUEST['mode'])) { $mode = $_REQUEST['mode']; } // Check that required variables are set if (!session::logged_in()) { // non-logged in users can only display "All" threads // or those in the past x days, since the other options // would be impossible if (!isset($mode) || $mode != ALL_DISCUSSIONS && $mode != TODAYS_DISCUSSIONS && $mode != TWO_DAYS_BACK && $mode != SEVEN_DAYS_BACK) { $mode = ALL_DISCUSSIONS; } } else { $threads_any_unread = threads_any_unread(); if (isset($mode) && is_numeric($mode)) { session::set_value('THREAD_MODE', $mode); } else { if (!($mode = session::get_value('THREAD_MODE'))) { $mode = UNREAD_DISCUSSIONS; } if ($mode == UNREAD_DISCUSSIONS && !$threads_any_unread) { $mode = ALL_DISCUSSIONS; } } if (isset($_REQUEST['mark_read_submit'])) { if (isset($_REQUEST['mark_read_confirm']) && $_REQUEST['mark_read_confirm'] == 'Y') { if ($_REQUEST['mark_read_type'] == THREAD_MARK_READ_VISIBLE) { if (isset($_REQUEST['mark_read_threads']) && strlen(trim($_REQUEST['mark_read_threads'])) > 0) { $thread_data = array(); $mark_read_threads = trim($_REQUEST['mark_read_threads']); $mark_read_threads_array = array_filter(explode(',', $mark_read_threads), 'is_numeric');
function forum_check_password($forum_fid) { if (!is_numeric($forum_fid)) { return false; } $webtag = get_webtag(); if (!($forum_passhash = forum_get_password($forum_fid))) { return true; } $forum_passhash_check = session::get_value("{$webtag}_PASSWORD"); if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) { $forum_passhash_check = md5($_POST['forum_password']); } if ($forum_passhash == $forum_passhash_check) { session::set_value("{$webtag}_PASSWORD", $forum_passhash_check); return true; } html_draw_top(sprintf("title=%s", gettext("Password Protected Forum"))); echo "<h1>", gettext("Password Protected Forum"), "</h1>\n"; if (session::get_value("{$webtag}_PASSWORD")) { html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center'); } if ($password_protected_message = forum_get_setting('password_protected_message')) { echo fix_html($password_protected_message); } else { html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center'); } echo "<br />\n"; echo "<div align=\"center\">\n"; echo " <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n"; if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { echo form_input_hidden_array($_POST); } echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"box\" width=\"400\">\n"; echo " <tr>\n"; echo " <td class=\"posthead\" align=\"center\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " <table class=\"posthead\" width=\"90%\">\n"; echo " <tr>\n"; echo " <td align=\"left\">", gettext("Password"), ":</td>\n"; echo " <td align=\"left\">", form_input_password('forum_password', '', 40, false, ''), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" colspan=\"2\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"center\">", form_submit("logon", gettext("Logon")), " ", form_submit("cancel", gettext("Cancel")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) { html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center'); } echo " </form>\n"; echo "</div>\n"; html_draw_bottom(); exit; }
function admin_check_credentials() { $webtag = get_webtag(); if (($admin_timeout = session::get_value('ADMIN_TIMEOUT')) && $admin_timeout > time()) { session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS); return true; } if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) { $admin_logon = $_POST['admin_logon']; $admin_password = $_POST['admin_password']; if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == session::get_value('UID')) { session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS); return true; } else { html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center'); } } html_draw_top(); if (isset($error_message) && strlen(trim($error_message)) > 0) { html_display_error_msg($error_message, '500', 'center'); } if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center'); } else { html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center'); } echo "<div align=\"center\">\n"; echo " <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n"; if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { echo form_input_hidden_array($_POST); } echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " <br />\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"box\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"posthead\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"posthead\" width=\"95%\">\n"; echo " <tr>\n"; echo " <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n"; echo " <td align=\"left\">", form_input_text('admin_logon', '', 24, 32, '', 'bhinputlogon'), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n"; echo " <td align=\"left\">", form_input_password('admin_password', '', 24, 32, '', 'bhinputlogon'), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </form>\n"; echo "</div>\n"; html_draw_bottom(); exit; }