function forum_check_password($forum_fid) { if (!is_numeric($forum_fid)) { return false; } $webtag = get_webtag(); if (!($forum_passhash = forum_get_password($forum_fid))) { return true; } $forum_passhash_check = session::get_value("{$webtag}_PASSWORD"); if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) { $forum_passhash_check = md5($_POST['forum_password']); } if ($forum_passhash == $forum_passhash_check) { session::set_value("{$webtag}_PASSWORD", $forum_passhash_check); return true; } html_draw_top(sprintf("title=%s", gettext("Password Protected Forum"))); echo "<h1>", gettext("Password Protected Forum"), "</h1>\n"; if (session::get_value("{$webtag}_PASSWORD")) { html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center'); } if ($password_protected_message = forum_get_setting('password_protected_message')) { echo fix_html($password_protected_message); } else { html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center'); } echo "<br />\n"; echo "<div align=\"center\">\n"; echo " <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n"; if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { echo form_input_hidden_array($_POST); } echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"box\" width=\"400\">\n"; echo " <tr>\n"; echo " <td class=\"posthead\" align=\"center\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " <table class=\"posthead\" width=\"90%\">\n"; echo " <tr>\n"; echo " <td align=\"left\">", gettext("Password"), ":</td>\n"; echo " <td align=\"left\">", form_input_password('forum_password', '', 40, false, ''), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" colspan=\"2\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"center\">", form_submit("logon", gettext("Logon")), " ", form_submit("cancel", gettext("Cancel")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) { html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center'); } echo " </form>\n"; echo "</div>\n"; html_draw_bottom(); exit; }
echo " <tr>\n"; echo " <td align=\"left\" width=\"100\">", gettext("Posted from"), ":</td>\n"; echo " <td align=\"left\">", form_date_dropdowns($from_year, $from_month, $from_day, "from_", 2002), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"100\">", gettext("Posted to"), ":</td>\n"; echo " <td align=\"left\">", form_date_dropdowns($to_year, $to_month, $to_day, "to_", 2002), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td colspan=\"2\" align=\"center\">", form_submit("update", gettext("Update")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </form>\n"; echo " </div>\n"; html_draw_bottom();
// Bootstrap require_once 'boot.php'; // Includes required by this page. require_once BH_INCLUDE_PATH . 'cache.inc.php'; require_once BH_INCLUDE_PATH . 'constants.inc.php'; require_once BH_INCLUDE_PATH . 'header.inc.php'; require_once BH_INCLUDE_PATH . 'html.inc.php'; require_once BH_INCLUDE_PATH . 'lang.inc.php'; require_once BH_INCLUDE_PATH . 'logon.inc.php'; require_once BH_INCLUDE_PATH . 'session.inc.php'; // Don't cache this page - fixes problems with Opera. cache_disable(); // Get the user's saved left frame width. if (($left_frame_width = session::get_value('LEFT_FRAME_WIDTH')) === false) { $left_frame_width = 280; } html_draw_top('frame_set_html', 'pm_popup_disabled'); $frameset = new html_frameset_cols('start', "{$left_frame_width},*"); if (isset($_GET['left']) && $_GET['left'] == "threadlist") { $frameset->html_frame("thread_list.php?webtag={$webtag}", html_get_frame_name('left')); } else { $frameset->html_frame("start_left.php?webtag={$webtag}", html_get_frame_name('left')); } if (isset($_GET['show']) && $_GET['show'] == "visitors") { $frameset->html_frame("visitor_log.php?webtag={$webtag}", html_get_frame_name('right')); } else { $frameset->html_frame("start_main.php?webtag={$webtag}", html_get_frame_name('right')); } $frameset->output_html(); html_draw_bottom(true);
function forum_start_page_get_html($content) { ob_start(); html_draw_top(); echo $content; html_draw_bottom(); $content = ob_get_contents(); ob_end_clean(); return word_filter_rem_ob_tags($content); }
function html_draw_error($error_msg, $href = false, $method = 'get', $button_array = false, $var_array = false, $target = "_self", $align = "left", $id = false) { html_draw_top(gettext('Error')); html_display_msg(gettext("Error"), $error_msg, $href, $method, $button_array, $var_array, $target, $align, $id); html_draw_bottom(); exit; }
function html_draw_error($message, $href = null, $method = 'get', array $buttons = array(), array $vars = array(), $target = "_self", $align = "left", $id = null) { html_draw_top(array('title' => gettext('Error'))); html_display_msg(gettext("Error"), $message, $href, $method, $buttons, $vars, $target, $align, $id); html_draw_bottom(); exit; }
function admin_check_credentials() { $webtag = get_webtag(); if (($admin_timeout = session::get_value('ADMIN_TIMEOUT')) && $admin_timeout > time()) { session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS); return true; } if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) { $admin_logon = $_POST['admin_logon']; $admin_password = $_POST['admin_password']; if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == session::get_value('UID')) { session::set_value('ADMIN_TIMEOUT', time() + HOUR_IN_SECONDS); return true; } else { html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center'); } } html_draw_top(); if (isset($error_message) && strlen(trim($error_message)) > 0) { html_display_error_msg($error_message, '500', 'center'); } if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center'); } else { html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center'); } echo "<div align=\"center\">\n"; echo " <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n"; if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { echo form_input_hidden_array($_POST); } echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " <br />\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"box\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"posthead\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"posthead\" width=\"95%\">\n"; echo " <tr>\n"; echo " <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n"; echo " <td align=\"left\">", form_input_text('admin_logon', '', 24, 32, '', 'bhinputlogon'), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n"; echo " <td align=\"left\">", form_input_password('admin_password', '', 24, 32, '', 'bhinputlogon'), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </form>\n"; echo "</div>\n"; html_draw_bottom(); exit; }