/**
  * Extract current session page
  *
  * @param string $root_path current root path (phpbb_root_path)
  */
 function extract_current_page($root_path)
 {
     $page_array = array();
     // First of all, get the request uri...
     $script_name = !empty($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
     $args = !empty($_SERVER['QUERY_STRING']) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING'));
     // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
     if (!$script_name) {
         $script_name = !empty($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
         $script_name = ($pos = strpos($script_name, '?')) !== false ? substr($script_name, 0, $pos) : $script_name;
         $page_array['failover'] = 1;
     }
     // Replace backslashes and doubled slashes (could happen on some proxy setups)
     $script_name = str_replace(array('\\', '//'), '/', $script_name);
     // Now, remove the sid and let us get a clean query string...
     $use_args = array();
     // Since some browser do not encode correctly we need to do this with some "special" characters...
     // " -> %22, ' => %27, < -> %3C, > -> %3E
     $find = array('"', "'", '<', '>');
     $replace = array('%22', '%27', '%3C', '%3E');
     foreach ($args as $key => $argument) {
         if (strpos($argument, 'sid=') === 0) {
             continue;
         }
         $use_args[] = str_replace($find, $replace, $argument);
     }
     unset($args);
     // The following examples given are for an request uri of {path to the phpbb directory}/adm/index.php?i=10&b=2
     // The current query string
     $query_string = trim(implode('&', $use_args));
     // basenamed page name (for example: index.php)
     $page_name = substr($script_name, -1, 1) == '/' ? '' : basename($script_name);
     $page_name = urlencode(htmlspecialchars($page_name));
     // current directory within the phpBB root (for example: adm)
     $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($root_path)));
     $page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath('./')));
     $intersection = array_intersect_assoc($root_dirs, $page_dirs);
     $root_dirs = array_diff_assoc($root_dirs, $intersection);
     $page_dirs = array_diff_assoc($page_dirs, $intersection);
     $page_dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs);
     if ($page_dir && substr($page_dir, -1, 1) == '/') {
         $page_dir = substr($page_dir, 0, -1);
     }
     // Current page from phpBB root (for example: adm/index.php?i=10&b=2)
     $page = ($page_dir ? $page_dir . '/' : '') . $page_name . ($query_string ? "?{$query_string}" : '');
     // The script path from the webroot to the current directory (for example: /phpBB3/adm/) : always prefixed with / and ends in /
     $script_path = trim(str_replace('\\', '/', dirname($script_name)));
     // The script path from the webroot to the phpBB root (for example: /phpBB3/)
     $script_dirs = explode('/', $script_path);
     array_splice($script_dirs, -sizeof($page_dirs));
     $root_script_path = implode('/', $script_dirs) . (sizeof($root_dirs) ? '/' . implode('/', $root_dirs) : '');
     // We are on the base level (phpBB root == webroot), lets adjust the variables a bit...
     if (!$root_script_path) {
         $root_script_path = $page_dir ? str_replace($page_dir, '', $script_path) : $script_path;
     }
     $script_path .= substr($script_path, -1, 1) == '/' ? '' : '/';
     $root_script_path .= substr($root_script_path, -1, 1) == '/' ? '' : '/';
     $page_array += array('page_name' => $page_name, 'page_dir' => $page_dir, 'query_string' => $query_string, 'script_path' => str_replace(' ', '%20', htmlspecialchars($script_path)), 'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)), 'page' => $page, 'forum' => isset($_REQUEST['f']) && $_REQUEST['f'] > 0 ? (int) $_REQUEST['f'] : 0);
     return $page_array;
 }
Exemplo n.º 2
0
function language_select($select_name = 'language', $default = 'english', $dirname = 'language', $return_array = false)
{
    $dir = opendir(IP_ROOT_PATH . $dirname);
    $lang = array();
    while ($file = readdir($dir)) {
        if (preg_match('#^lang_#i', $file) && !is_file(@phpbb_realpath(IP_ROOT_PATH . $dirname . '/' . $file)) && !is_link(@phpbb_realpath(IP_ROOT_PATH . $dirname . '/' . $file))) {
            $filename = trim(str_replace("lang_", "", $file));
            $displayname = preg_replace("/^(.*?)_(.*)\$/", "\\1 [ \\2 ]", $filename);
            $displayname = preg_replace("/\\[(.*?)_(.*)\\]/", "[ \\1 - \\2 ]", $displayname);
            $lang[$displayname] = $filename;
        }
    }
    closedir($dir);
    @asort($lang);
    @reset($lang);
    if ($return_array) {
        $result = $lang;
    } else {
        $lang_select = '<select name="' . $select_name . '">';
        while (list($displayname, $filename) = @each($lang)) {
            $selected = strtolower($default) == strtolower($filename) ? ' selected="selected"' : '';
            $lang_select .= '<option value="' . $filename . '"' . $selected . '>' . ucwords($displayname) . '</option>';
        }
        $lang_select .= '</select>';
        $result = $lang_select;
    }
    return $result;
}
Exemplo n.º 3
0
 /**
  * Find a list of controllers
  *
  * @param string $base_path Base path to prepend to file paths
  * @return provider
  */
 public function find($base_path = '')
 {
     $this->routes = new RouteCollection();
     foreach ($this->routing_files as $file_path) {
         $loader = new YamlFileLoader(new FileLocator(phpbb_realpath($base_path)));
         $this->routes->addCollection($loader->load($file_path));
     }
     return $this;
 }
Exemplo n.º 4
0
 /**
  * Loads a specific configuration.
  *
  * @param array            $config    An array of configuration values
  * @param ContainerBuilder $container A ContainerBuilder instance
  *
  * @throws \InvalidArgumentException When provided tag is not defined in this extension
  */
 public function load(array $config, ContainerBuilder $container)
 {
     foreach ($this->paths as $path) {
         if (file_exists($path . '/config/services.yml')) {
             $loader = new YamlFileLoader($container, new FileLocator(phpbb_realpath($path . '/config')));
             $loader->load('services.yml');
         }
     }
 }
function language_select($default, $select_name = "language", $dirname = "language")
{
    global $phpEx, $phpbb_root_path;
    $dir = opendir($phpbb_root_path . $dirname);
    $lang = array();
    while ($file = readdir($dir)) {
        if (preg_match('#^lang_#i', $file) && !is_file(@phpbb_realpath($phpbb_root_path . $dirname . '/' . $file)) && !is_link(@phpbb_realpath($phpbb_root_path . $dirname . '/' . $file))) {
            $filename = trim(str_replace("lang_", "", $file));
            $displayname = preg_replace("/^(.*?)_(.*)\$/", "\\1 [ \\2 ]", $filename);
            $displayname = preg_replace("/\\[(.*?)_(.*)\\]/", "[ \\1 - \\2 ]", $displayname);
            $lang[$displayname] = $filename;
        }
    }
    closedir($dir);
    @asort($lang);
    @reset($lang);
    $lang_select = '<select name="' . $select_name . '">';
    while (list($displayname, $filename) = @each($lang)) {
        $selected = strtolower($default) == strtolower($filename) ? ' selected="selected"' : '';
        $lang_select .= '<option value="' . $filename . '"' . $selected . '>' . ucwords($displayname) . '</option>';
    }
    $lang_select .= '</select>';
    return $lang_select;
}
Exemplo n.º 6
0
 /**
  * Check a filesystem path to make sure it is within a minimum directory
  *
  * @param string $directory
  * @param mixed $minimum_directory if false, we check the store, upload path, and temp path
  */
 public function check_filesystem_path($directory, $minimum_directory = false)
 {
     // If minimum directory is false, we check the store, upload path, and temp path
     if ($minimum_directory === false) {
         return $this->check_filesystem_path($directory, TITANIA_ROOT . 'store/') || $this->check_filesystem_path($directory, titania::$config->upload_path) || $this->check_filesystem_path($directory, titania::$config->contrib_temp_path) ? true : false;
     }
     // Find the directory (ignore files and roll back through non-existant directories)
     $directory = substr($directory, 0, strrpos($directory, '/'));
     while (!file_exists($directory)) {
         $directory = substr($directory, 0, strrpos($directory, '/', -1));
     }
     $minimum_directory = phpbb_realpath($minimum_directory);
     $directory = phpbb_realpath($directory);
     // If the path of the directory doesn't start the same as the minimum directory then it's not within the directory
     if (strpos($directory, $minimum_directory) !== 0) {
         return false;
     }
     return true;
 }
Exemplo n.º 7
0
 /**
  * Generates a full path+filename for the given filename, which can either
  * be an absolute name, or a name relative to the rootdir for this Template
  * object.
  */
 function make_filename($filename)
 {
     // Check if it's an absolute or relative path.
     if (substr($filename, 0, 1) != '/') {
         $filename = phpbb_realpath($this->root . '/' . $filename);
     }
     if (!file_exists($filename)) {
         die("Template->make_filename(): Error - file {$filename} does not exist");
     }
     return $filename;
 }
Exemplo n.º 8
0
 /**
  * Checks cache folder
  */
 function validate_cache_folder($cache_folder, $is_sql = false, $deep_check = false)
 {
     $default_cache_folder = !empty($is_sql) ? $this->cache_dir_sql : $this->cache_dir;
     $cache_folder = !empty($cache_folder) && in_array($cache_folder, $this->cache_dirs) ? $cache_folder : $default_cache_folder;
     if (!empty($deep_check)) {
         $cache_folder = @is_dir($cache_folder) ? $cache_folder : $default_cache_folder;
         // This part of code should should ensure realpath folder identified...
         $cache_folder = @is_dir($cache_folder) ? $cache_folder : @phpbb_realpath($cache_folder);
     }
     return $cache_folder;
 }
function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype)
{
    global $board_config, $db, $lang;
    $ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
    if ($avatar_mode == 'remote' && preg_match('/^(http:\\/\\/)?([\\w\\-\\.]+)\\:?([0-9]*)\\/(.*)$/', $avatar_filename, $url_ary)) {
        if (empty($url_ary[4])) {
            $error = true;
            $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
            return;
        }
        $base_get = '/' . $url_ary[4];
        $port = !empty($url_ary[3]) ? $url_ary[3] : 80;
        if (!($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr))) {
            $error = true;
            $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['No_connection_URL'] : $lang['No_connection_URL'];
            return;
        }
        @fputs($fsock, "GET {$base_get} HTTP/1.1\r\n");
        @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
        @fputs($fsock, "Connection: close\r\n\r\n");
        unset($avatar_data);
        while (!@feof($fsock)) {
            $avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
        }
        @fclose($fsock);
        if (!preg_match('#Content-Length\\: ([0-9]+)[^ /][\\s]+#i', $avatar_data, $file_data1) || !preg_match('#Content-Type\\: image/[x\\-]*([a-z]+)[\\s]+#i', $avatar_data, $file_data2)) {
            $error = true;
            $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['File_no_data'] : $lang['File_no_data'];
            return;
        }
        $avatar_filesize = $file_data1[1];
        $avatar_filetype = $file_data2[1];
        if (!$error && $avatar_filesize > 0 && $avatar_filesize < $board_config['avatar_filesize']) {
            $avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
            $tmp_path = !@$ini_val('safe_mode') ? '/tmp' : './' . $board_config['avatar_path'] . '/tmp';
            $tmp_filename = tempnam($tmp_path, uniqid(rand()) . '-');
            $fptr = @fopen($tmp_filename, 'wb');
            $bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize);
            @fclose($fptr);
            if ($bytes_written != $avatar_filesize) {
                @unlink($tmp_filename);
                message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__);
            }
            list($width, $height) = @getimagesize($tmp_filename);
        } else {
            $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
            $error = true;
            $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
        }
    } else {
        if (file_exists(@phpbb_realpath($avatar_filename)) && preg_match('/\\.(jpg|jpeg|gif|png)$/i', $avatar_realname)) {
            if ($avatar_filesize <= $board_config['avatar_filesize'] && $avatar_filesize > 0) {
                preg_match('#image\\/[x\\-]*([a-z]+)#', $avatar_filetype, $avatar_filetype);
                $avatar_filetype = $avatar_filetype[1];
            } else {
                $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
                $error = true;
                $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
                return;
            }
            list($width, $height) = @getimagesize($avatar_filename);
        }
    }
    if (!($imgtype = check_image_type($avatar_filetype, $error, $error_msg))) {
        return;
    }
    if ($width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height']) {
        $new_filename = uniqid(rand()) . $imgtype;
        if ($mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '') {
            if (file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $current_avatar))) {
                @unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
            }
        }
        if ($avatar_mode == 'remote') {
            @copy($tmp_filename, './' . $board_config['avatar_path'] . "/{$new_filename}");
            @unlink($tmp_filename);
        } else {
            if (@$ini_val('open_basedir') != '') {
                if (@phpversion() < '4.0.3') {
                    message_die(GENERAL_ERROR, 'open_basedir is set and your PHP version does not allow move_uploaded_file', '', __LINE__, __FILE__);
                }
                $move_file = 'move_uploaded_file';
            } else {
                $move_file = 'copy';
            }
            $move_file($avatar_filename, './' . $board_config['avatar_path'] . "/{$new_filename}");
        }
        @chmod('./' . $board_config['avatar_path'] . "/{$new_filename}", 0777);
        $avatar_sql = $mode == 'editprofile' ? ", user_avatar = '{$new_filename}', user_avatar_type = " . USER_AVATAR_UPLOAD : "'{$new_filename}', " . USER_AVATAR_UPLOAD;
    } else {
        $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
        $error = true;
        $error_msg = !empty($error_msg) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
    }
    return $avatar_sql;
}
    $template->assign_vars(array('USERNAME' => $username, 'CUR_PASSWORD' => $cur_password, 'NEW_PASSWORD' => $new_password, 'PASSWORD_CONFIRM' => $password_confirm, 'EMAIL' => $email, 'YIM' => $yim, 'ICQ' => $icq, 'MSN' => $msn, 'AIM' => $aim, 'OCCUPATION' => $occupation, 'INTERESTS' => $interests, 'LOCATION' => $location, 'WEBSITE' => $website, 'SIGNATURE' => str_replace('<br />', "\n", $signature), 'VIEW_EMAIL_YES' => $viewemail ? 'checked="checked"' : '', 'VIEW_EMAIL_NO' => !$viewemail ? 'checked="checked"' : '', 'HIDE_USER_YES' => !$allowviewonline ? 'checked="checked"' : '', 'HIDE_USER_NO' => $allowviewonline ? 'checked="checked"' : '', 'NOTIFY_PM_YES' => $notifypm ? 'checked="checked"' : '', 'NOTIFY_PM_NO' => !$notifypm ? 'checked="checked"' : '', 'POPUP_PM_YES' => $popup_pm ? 'checked="checked"' : '', 'POPUP_PM_NO' => !$popup_pm ? 'checked="checked"' : '', 'ALWAYS_ADD_SIGNATURE_YES' => $attachsig ? 'checked="checked"' : '', 'ALWAYS_ADD_SIGNATURE_NO' => !$attachsig ? 'checked="checked"' : '', 'NOTIFY_REPLY_YES' => $notifyreply ? 'checked="checked"' : '', 'NOTIFY_REPLY_NO' => !$notifyreply ? 'checked="checked"' : '', 'ALWAYS_ALLOW_BBCODE_YES' => $allowbbcode ? 'checked="checked"' : '', 'ALWAYS_ALLOW_BBCODE_NO' => !$allowbbcode ? 'checked="checked"' : '', 'ALWAYS_ALLOW_HTML_YES' => $allowhtml ? 'checked="checked"' : '', 'ALWAYS_ALLOW_HTML_NO' => !$allowhtml ? 'checked="checked"' : '', 'ALWAYS_ALLOW_SMILIES_YES' => $allowsmilies ? 'checked="checked"' : '', 'ALWAYS_ALLOW_SMILIES_NO' => !$allowsmilies ? 'checked="checked"' : '', 'ALLOW_AVATAR' => $board_config['allow_avatar_upload'], 'AVATAR' => $avatar_img, 'AVATAR_SIZE' => $board_config['avatar_filesize'], 'LANGUAGE_SELECT' => language_select($user_lang, 'language'), 'STYLE_SELECT' => style_select($user_style, 'style'), 'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'), 'DATE_FORMAT' => $user_dateformat, 'HTML_STATUS' => $html_status, 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.{$phpEx}?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 'SMILIES_STATUS' => $smilies_status, 'L_CURRENT_PASSWORD' => $lang['Current_password'], 'L_NEW_PASSWORD' => $mode == 'register' ? $lang['Password'] : $lang['New_password'], 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 'L_CONFIRM_PASSWORD_EXPLAIN' => $mode == 'editprofile' ? $lang['Confirm_password_explain'] : '', 'L_PASSWORD_IF_CHANGED' => $mode == 'editprofile' ? $lang['password_if_changed'] : '', 'L_PASSWORD_CONFIRM_IF_CHANGED' => $mode == 'editprofile' ? $lang['password_confirm_if_changed'] : '', 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_ICQ_NUMBER' => $lang['ICQ'], 'L_MESSENGER' => $lang['MSNM'], 'L_YAHOO' => $lang['YIM'], 'L_WEBSITE' => $lang['Website'], 'L_AIM' => $lang['AIM'], 'L_LOCATION' => $lang['Location'], 'L_OCCUPATION' => $lang['Occupation'], 'L_BOARD_LANGUAGE' => $lang['Board_lang'], 'L_BOARD_STYLE' => $lang['Board_style'], 'L_TIMEZONE' => $lang['Timezone'], 'L_DATE_FORMAT' => $lang['Date_format'], 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_INTERESTS' => $lang['Interests'], 'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'], 'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'], 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 'L_HIDE_USER' => $lang['Hide_user'], 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 'L_AVATAR_EXPLAIN' => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], round($board_config['avatar_filesize'] / 1024)), 'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'], 'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'], 'L_UPLOAD_AVATAR_URL_EXPLAIN' => $lang['Upload_Avatar_URL_explain'], 'L_AVATAR_GALLERY' => $lang['Select_from_gallery'], 'L_SHOW_GALLERY' => $lang['View_avatar_gallery'], 'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'], 'L_LINK_REMOTE_AVATAR_EXPLAIN' => $lang['Link_remote_Avatar_explain'], 'L_DELETE_AVATAR' => $lang['Delete_Image'], 'L_CURRENT_IMAGE' => $lang['Current_Image'], 'L_SIGNATURE' => $lang['Signature'], 'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']), 'L_NOTIFY_ON_REPLY' => $lang['Always_notify'], 'L_NOTIFY_ON_REPLY_EXPLAIN' => $lang['Always_notify_explain'], 'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'], 'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'], 'L_POPUP_ON_PRIVMSG_EXPLAIN' => $lang['Popup_on_privmsg_explain'], 'L_PREFERENCES' => $lang['Preferences'], 'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'], 'L_ITEMS_REQUIRED' => $lang['Items_required'], 'L_REGISTRATION_INFO' => $lang['Registration_info'], 'L_PROFILE_INFO' => $lang['Profile_info'], 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'], 'L_EMAIL_ADDRESS' => $lang['Email_address'], 'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'], 'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'], 'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_FORM_ENCTYPE' => $form_enctype, 'S_PROFILE_ACTION' => append_sid("profile.{$phpEx}")));
    //
    // This is another cheat using the block_var capability
    // of the templates to 'fake' an IF...ELSE...ENDIF solution
    // it works well :)
    //
    if ($mode != 'register') {
        if ($userdata['user_allowavatar'] && ($board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'])) {
            $template->assign_block_vars('switch_avatar_block', array());
            if ($board_config['allow_avatar_upload'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_path']))) {
                if ($form_enctype != '') {
                    $template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array());
                }
                $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array());
            }
            if ($board_config['allow_avatar_remote']) {
                $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array());
            }
            if ($board_config['allow_avatar_local'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_gallery_path']))) {
                $template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array());
            }
        }
    }
}
function docookie($setuser_id, $setusername, $setuser_password, $setstorynum, $setumode, $setuorder, $setthold, $setnoscore, $setublockon, $settheme, $setcommentmax)
{
    $info = base64_encode("{$setuser_id}:{$setusername}:{$setuser_password}:{$setstorynum}:{$setumode}:{$setuorder}:{$setthold}:{$setnoscore}:{$setublockon}:{$settheme}:{$setcommentmax}");
    setcookie("user", "{$info}", time() + 15552000);
}
$template->pparse('body');
include "includes/page_tail.php";
Exemplo n.º 11
0
 function encode_file($sourcefile)
 {
     if (is_readable(phpbb_realpath($sourcefile))) {
         $fd = fopen($sourcefile, "r");
         $contents = fread($fd, filesize($sourcefile));
         $encoded = $this->myChunkSplit(base64_encode($contents));
         fclose($fd);
     }
     return $encoded;
 }
Exemplo n.º 12
0
 *   (at your option) any later version.
 *
 ***************************************************************************/
define('IN_PHPBB', 1);
if (!empty($setmodules)) {
    $file = basename(__FILE__);
    $phpbb_module['ZphpBB2']['Post_text_replace'] = "{$file}";
    return;
}
$phpbb_root_path = 'modules/ZphpBB2/vendor/phpBB2/';
require $phpbb_root_path . 'extension.inc';
require $phpbb_root_path . 'admin/pagestart.' . $phpEx;
include $phpbb_root_path . 'includes/sql_parse.' . $phpEx;
// Obtain language file
$temp_language = $board_config['default_lang'];
if (!file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $temp_language . '/admin/lang_searchreplace.' . $phpEx))) {
    $temp_language = 'english';
}
include $phpbb_root_path . 'language/lang_' . $temp_language . '/admin/lang_searchreplace.' . $phpEx;
if (isset($_POST['submit']) && !empty($_POST['find_text']) && !empty($_POST['replace_with'])) {
    $find_text = $_POST['find_text'];
    $replace_with = $_POST['replace_with'];
    $sql = "SELECT post_id, post_text FROM " . POSTS_TEXT_TABLE . " WHERE post_text LIKE '%" . DataUtil::formatForStore(htmlspecialchars($find_text)) . "%';";
    $result = $db->sql_query($sql);
    $i = 0;
    while ($row = $db->sql_fetchrow($result)) {
        $i++;
        $changetext = str_replace($find_text, $replace_with, $row['post_text']);
        $sql = "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '" . DataUtil::formatForStore($changetext) . "' WHERE post_id = " . $row['post_id'] . ";";
        if (!$db->sql_query($sql)) {
            break;
Exemplo n.º 13
0
/**
* Error and message handler, call with trigger_error if reqd
*/
function msg_handler($errno, $msg_text, $errfile, $errline)
{
    global $cache, $db, $auth, $template, $config, $user;
    global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text;
    // Do not display notices if we suppress them via @
    if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) {
        return;
    }
    // Message handler is stripping text. In case we need it, we are possible to define long text...
    if (isset($msg_long_text) && $msg_long_text && !$msg_text) {
        $msg_text = $msg_long_text;
    }
    if (!defined('E_DEPRECATED')) {
        define('E_DEPRECATED', 8192);
    }
    switch ($errno) {
        case E_NOTICE:
        case E_WARNING:
            // Check the error reporting level and return if the error level does not match
            // If DEBUG is defined the default level is E_ALL
            if (($errno & (defined('DEBUG') ? E_ALL : error_reporting())) == 0) {
                return;
            }
            if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) {
                // remove complete path to installation, with the risk of changing backslashes meant to be there
                $errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile);
                $msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text);
                $error_name = $errno === E_WARNING ? 'PHP Warning' : 'PHP Notice';
                echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
                // we are writing an image - the user won't see the debug, so let's place it in the log
                if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) {
                    add_log('critical', 'LOG_IMAGE_GENERATION_ERROR', $errfile, $errline, $msg_text);
                }
                // echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n";
            }
            return;
            break;
        case E_USER_ERROR:
            if (!empty($user) && !empty($user->lang)) {
                $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
                $msg_title = !isset($msg_title) ? $user->lang['GENERAL_ERROR'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
                $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>');
                $l_notify = '';
                if (!empty($config['board_contact'])) {
                    $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>';
                }
            } else {
                $msg_title = 'General Error';
                $l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>';
                $l_notify = '';
                if (!empty($config['board_contact'])) {
                    $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
                }
            }
            if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) {
                // let's avoid loops
                $db->sql_return_on_error(true);
                add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $msg_text);
                $db->sql_return_on_error(false);
            }
            // Do not send 200 OK, but service unavailable on errors
            send_status_line(503, 'Service Unavailable');
            garbage_collection();
            // Try to not call the adm page data...
            echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
            echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">';
            echo '<head>';
            echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
            echo '<title>' . $msg_title . '</title>';
            echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
            echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
            echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } ';
            echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } ';
            echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px  #A9B8C2; } ';
            echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } ';
            echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } ';
            echo "\n" . '/* ]]> */' . "\n";
            echo '</style>';
            echo '</head>';
            echo '<body id="errorpage">';
            echo '<div id="wrap">';
            echo '	<div id="page-header">';
            echo '		' . $l_return_index;
            echo '	</div>';
            echo '	<div id="acp">';
            echo '	<div class="panel">';
            echo '		<div id="content">';
            echo '			<h1>' . $msg_title . '</h1>';
            echo '			<div>' . $msg_text . '</div>';
            echo $l_notify;
            echo '		</div>';
            echo '	</div>';
            echo '	</div>';
            echo '	<div id="page-footer">';
            echo '		Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';
            echo '	</div>';
            echo '</div>';
            echo '</body>';
            echo '</html>';
            exit_handler();
            // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here.
            exit;
            break;
        case E_USER_WARNING:
        case E_USER_NOTICE:
            define('IN_ERROR_HANDLER', true);
            if (empty($user->data)) {
                $user->session_begin();
            }
            // We re-init the auth array to get correct results on login/logout
            $auth->acl($user->data);
            if (empty($user->lang)) {
                $user->setup();
            }
            if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') {
                send_status_line(404, 'Not Found');
            }
            $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
            $msg_title = !isset($msg_title) ? $user->lang['INFORMATION'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
            if (!defined('HEADER_INC')) {
                if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
                    adm_page_header($msg_title);
                } else {
                    page_header($msg_title, false);
                }
            }
            $template->set_filenames(array('body' => 'message_body.html'));
            $template->assign_vars(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false));
            // We do not want the cron script to be called on error messages
            define('IN_CRON', true);
            if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
                adm_page_footer();
            } else {
                page_footer();
            }
            exit_handler();
            break;
            // PHP4 compatibility
        // PHP4 compatibility
        case E_DEPRECATED:
            return true;
            break;
    }
    // If we notice an error not handled here we pass this back to PHP by returning false
    // This may not work for all php versions
    return false;
}
Exemplo n.º 14
0
 // Handle the file upload ....
 // If no file was uploaded report an error...
 //
 $backup_file_name = !empty($HTTP_POST_FILES['backup_file']['name']) ? $HTTP_POST_FILES['backup_file']['name'] : "";
 $backup_file_tmpname = $HTTP_POST_FILES['backup_file']['tmp_name'] != "none" ? $HTTP_POST_FILES['backup_file']['tmp_name'] : "";
 $backup_file_type = !empty($HTTP_POST_FILES['backup_file']['type']) ? $HTTP_POST_FILES['backup_file']['type'] : "";
 if ($backup_file_tmpname == "" || $backup_file_name == "") {
     message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']);
 }
 //
 // If I file was actually uploaded, check to make sure that we
 // are actually passed the name of an uploaded file, and not
 // a hackers attempt at getting us to process a local system
 // file.
 //
 if (file_exists(phpbb_realpath($backup_file_tmpname))) {
     if (preg_match("/^(text\\/[a-zA-Z]+)|(application\\/(x\\-)?gzip(\\-compressed)?)|(application\\/octet-stream)\$/is", $backup_file_type)) {
         if (preg_match("/\\.gz\$/is", $backup_file_name)) {
             $do_gzip_compress = FALSE;
             $phpver = phpversion();
             if ($phpver >= "4.0") {
                 if (extension_loaded("zlib")) {
                     $do_gzip_compress = TRUE;
                 }
             }
             if ($do_gzip_compress) {
                 $gz_ptr = gzopen($backup_file_tmpname, 'rb');
                 $sql_query = "";
                 while (!gzeof($gz_ptr)) {
                     $sql_query .= gzgets($gz_ptr, 100000);
                 }
Exemplo n.º 15
0
     $db->sql_return_on_error(true);
     $result = $db->sql_query($sql);
     $db->sql_return_on_error(false);
     if (!$result) {
         erc_throw_error("Couldn't update config table!", __LINE__, __FILE__, $sql);
     }
     success_message($lang['rcd_success']);
     break;
 case 'rld':
     // Reset language data
     check_authorization();
     $new_lang = isset($_POST['new_lang']) ? $db->sql_escape($_POST['new_lang']) : '';
     $board_user = isset($_POST['board_user']) ? trim(htmlspecialchars($_POST['board_user'])) : '';
     $board_user = substr(str_replace("\\'", "'", $board_user), 0, 25);
     $board_user = str_replace("'", "\\'", $board_user);
     if (is_file(@phpbb_realpath(IP_ROOT_PATH . 'language/lang_' . $new_lang . '/lang_main.' . PHP_EXT)) && is_file(@phpbb_realpath(IP_ROOT_PATH . 'language/lang_' . $new_lang . '/lang_admin.' . PHP_EXT))) {
         $sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\t\t\tSET user_lang = '{$new_lang}'\n\t\t\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($board_user)) . "'";
         $db->sql_return_on_error(true);
         $result = $db->sql_query($sql);
         $db->sql_return_on_error(false);
         if (!$result) {
             erc_throw_error("Couldn't update user table!", __LINE__, __FILE__, $sql);
         }
         $sql = "UPDATE " . CONFIG_TABLE . "\n\t\t\t\t\t\tSET config_value = '{$new_lang}'\n\t\t\t\t\t\tWHERE config_name = 'default_lang'";
         $db->sql_return_on_error(true);
         $result = $db->sql_query($sql);
         $db->sql_return_on_error(false);
         if (!$result) {
             erc_throw_error("Couldn't update config table!", __LINE__, __FILE__, $sql);
         }
         success_message($lang['rld_success']);
Exemplo n.º 16
0
	/**
	 * Extract current session page
	 *
	 * @param string $root_path current root path (phpbb_root_path)
	 * @return array
	 */
	static function extract_current_page($root_path)
	{
		global $request, $symfony_request, $phpbb_filesystem;

		$page_array = array();

		// First of all, get the request uri...
		$script_name = $request->escape($symfony_request->getScriptName(), true);
		$args = $request->escape(explode('&', $symfony_request->getQueryString()), true);

		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
		if (!$script_name)
		{
			$script_name = htmlspecialchars_decode($request->server('REQUEST_URI'));
			$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
			$page_array['failover'] = 1;
		}

		// Replace backslashes and doubled slashes (could happen on some proxy setups)
		$script_name = str_replace(array('\\', '//'), '/', $script_name);

		// Now, remove the sid and let us get a clean query string...
		$use_args = array();

		// Since some browser do not encode correctly we need to do this with some "special" characters...
		// " -> %22, ' => %27, < -> %3C, > -> %3E
		$find = array('"', "'", '<', '>', '&quot;', '&lt;', '&gt;');
		$replace = array('%22', '%27', '%3C', '%3E', '%22', '%3C', '%3E');

		foreach ($args as $key => $argument)
		{
			if (strpos($argument, 'sid=') === 0)
			{
				continue;
			}

			$use_args[] = str_replace($find, $replace, $argument);
		}
		unset($args);

		// The following examples given are for an request uri of {path to the phpbb directory}/adm/index.php?i=10&b=2

		// The current query string
		$query_string = trim(implode('&', $use_args));

		// basenamed page name (for example: index.php)
		$page_name = (substr($script_name, -1, 1) == '/') ? '' : basename($script_name);
		$page_name = urlencode(htmlspecialchars($page_name));

		$symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo());
		if ($symfony_request_path !== '/')
		{
			$page_name .= str_replace('%2F', '/', urlencode($symfony_request_path));
		}

		// current directory within the phpBB root (for example: adm)
		$root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($root_path)));
		$page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath('./')));
		$intersection = array_intersect_assoc($root_dirs, $page_dirs);

		$root_dirs = array_diff_assoc($root_dirs, $intersection);
		$page_dirs = array_diff_assoc($page_dirs, $intersection);

		$page_dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs);

		if ($page_dir && substr($page_dir, -1, 1) == '/')
		{
			$page_dir = substr($page_dir, 0, -1);
		}

		// Current page from phpBB root (for example: adm/index.php?i=10&b=2)
		$page = (($page_dir) ? $page_dir . '/' : '') . $page_name;
		if ($query_string)
		{
			$page .= '?' . $query_string;
		}

		// The script path from the webroot to the current directory (for example: /phpBB3/adm/) : always prefixed with / and ends in /
		$script_path = $symfony_request->getBasePath();

		// The script path from the webroot to the phpBB root (for example: /phpBB3/)
		$script_dirs = explode('/', $script_path);
		array_splice($script_dirs, -sizeof($page_dirs));
		$root_script_path = implode('/', $script_dirs) . (sizeof($root_dirs) ? '/' . implode('/', $root_dirs) : '');

		// We are on the base level (phpBB root == webroot), lets adjust the variables a bit...
		if (!$root_script_path)
		{
			$root_script_path = ($page_dir) ? str_replace($page_dir, '', $script_path) : $script_path;
		}

		$script_path .= (substr($script_path, -1, 1) == '/') ? '' : '/';
		$root_script_path .= (substr($root_script_path, -1, 1) == '/') ? '' : '/';

		$page_array += array(
			'page_name'			=> $page_name,
			'page_dir'			=> $page_dir,

			'query_string'		=> $query_string,
			'script_path'		=> str_replace(' ', '%20', htmlspecialchars($script_path)),
			'root_script_path'	=> str_replace(' ', '%20', htmlspecialchars($root_script_path)),

			'page'				=> $page,
			'forum'				=> request_var('f', 0),
		);

		return $page_array;
	}
Exemplo n.º 17
0
 // Ok we haven't installed before so lets work our way through the various
 // steps of the install process.  This could turn out to be quite a lengty
 // process.
 // Step 0 gather the pertinant info for database setup...
 // Namely dbms, dbhost, dbname, dbuser, and dbpasswd.
 $instruction_text = $lang['Inst_Step_0'];
 if (!empty($install_step)) {
     if ($HTTP_POST_VARS['admin_pass1'] != $HTTP_POST_VARS['admin_pass2'] || (empty($HTTP_POST_VARS['admin_pass1']) || empty($dbhost)) && $HTTP_POST_VARS['cur_lang'] == $language) {
         $error = $lang['Password_mismatch'];
     }
 }
 $dirname = $phpbb_root_path . 'language';
 $dir = opendir($dirname);
 $lang_options = array();
 while ($file = readdir($dir)) {
     if (preg_match('#^lang_#i', $file) && !is_file(@phpbb_realpath($dirname . '/' . $file)) && !is_link(@phpbb_realpath($dirname . '/' . $file))) {
         $filename = trim(str_replace('lang_', '', $file));
         $displayname = preg_replace('/^(.*?)_(.*)$/', '\\1 [ \\2 ]', $filename);
         $displayname = preg_replace('/\\[(.*?)_(.*)\\]/', '[ \\1 - \\2 ]', $displayname);
         $lang_options[$displayname] = $filename;
     }
 }
 closedir($dir);
 @asort($lang_options);
 @reset($lang_options);
 $lang_select = '<select name="lang" onchange="this.form.submit()">';
 while (list($displayname, $filename) = @each($lang_options)) {
     $selected = $language == $filename ? ' selected="selected"' : '';
     $lang_select .= '<option value="' . $filename . '"' . $selected . '>' . ucwords($displayname) . '</option>';
 }
 $lang_select .= '</select>';
Exemplo n.º 18
0
function setup_style($style)
{
    global $db, $board_config, $template, $images, $phpbb_root_path;
    $sql = 'SELECT *
		FROM ' . THEMES_TABLE . '
		WHERE themes_id = ' . (int) $style;
    if (!($result = $db->sql_query($sql))) {
        message_die(CRITICAL_ERROR, 'Could not query database for theme info');
    }
    if (!($row = $db->sql_fetchrow($result))) {
        // We are trying to setup a style which does not exist in the database
        // Try to fallback to the board default (if the user had a custom style)
        // and then any users using this style to the default if it succeeds
        if ($style != $board_config['default_style']) {
            $sql = 'SELECT *
				FROM ' . THEMES_TABLE . '
				WHERE themes_id = ' . (int) $board_config['default_style'];
            if (!($result = $db->sql_query($sql))) {
                message_die(CRITICAL_ERROR, 'Could not query database for theme info');
            }
            if ($row = $db->sql_fetchrow($result)) {
                $db->sql_freeresult($result);
                $sql = 'UPDATE ' . USERS_TABLE . '
					SET user_style = ' . (int) $board_config['default_style'] . "\n\t\t\t\t\tWHERE user_style = {$style}";
                if (!($result = $db->sql_query($sql))) {
                    message_die(CRITICAL_ERROR, 'Could not update user theme info');
                }
            } else {
                message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [{$style}]");
            }
        } else {
            message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [{$style}]");
        }
    }
    $template_path = 'templates/';
    $template_name = $row['template_name'];
    $template = new Template($phpbb_root_path . $template_path . $template_name);
    if ($template) {
        $current_template_path = $template_path . $template_name;
        @(include $phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg');
        if (!defined('TEMPLATE_CONFIG')) {
            message_die(CRITICAL_ERROR, "Could not open {$template_name} template config file", '', __LINE__, __FILE__);
        }
        $img_lang = file_exists(@phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ? $board_config['default_lang'] : 'english';
        while (list($key, $value) = @each($images)) {
            if (!is_array($value)) {
                $images[$key] = str_replace('{LANG}', 'lang_' . $img_lang, $value);
            }
        }
    }
    return $row;
}
Exemplo n.º 19
0
 /**
  * Generates a full path+filename for the given filename, which can either
  * be an absolute name, or a name relative to the rootdir for this Template
  * object.
  */
 function make_filename($filename)
 {
     // Check if it's an absolute or relative path.
     if (substr($filename, 0, 1) != '/') {
         // Begin PNphpBB2 Module
         /*
                		$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
         		}
         
         		if (!file_exists($filename))
         		{
         			die("Template->make_filename(): Error - file $filename does not exist");
         		}
         */
         $tmpfile = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
     } else {
         $tmpfile = phpbb_realpath('./modules/ZphpBB2' . $filename);
     }
     if (!file_exists($tmpfile)) {
         // Check alternate template location PNTheme
         global $phpbb_root_path;
         $tmpfile = phpbb_realpath($phpbb_root_path . 'templates/PNTheme/' . $filename);
         if (!file_exists($tmpfile)) {
             die("Template->make_filename(): Error - file {$filename} does not exist");
         }
     }
     $filename = $tmpfile;
     return $filename;
 }
Exemplo n.º 20
0
/**
* Used to test whether we are able to connect to the database the user has specified
* and identify any problems (eg there are already tables with the names we want to use
* @param	array	$dbms should be of the format of an element of the array returned by {@link get_available_dbms get_available_dbms()}
*					necessary extensions should be loaded already
*/
function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix, $dbhost, $dbuser, $dbpasswd, $dbname, $dbport, $prefix_may_exist = false, $load_dbal = true, $unicode_check = true)
{
    global $phpbb_root_path, $phpEx, $config, $lang;
    $dbms = $dbms_details['DRIVER'];
    if ($load_dbal) {
        // Include the DB layer
        include $phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx;
    }
    // Instantiate it and set return on error true
    $sql_db = 'dbal_' . $dbms;
    $db = new $sql_db();
    $db->sql_return_on_error(true);
    // Check that we actually have a database name before going any further.....
    if ($dbms_details['DRIVER'] != 'sqlite' && $dbms_details['DRIVER'] != 'oracle' && $dbname === '') {
        $error[] = $lang['INST_ERR_DB_NO_NAME'];
        return false;
    }
    // Make sure we don't have a daft user who thinks having the SQLite database in the forum directory is a good idea
    if ($dbms_details['DRIVER'] == 'sqlite' && stripos(phpbb_realpath($dbhost), phpbb_realpath('../')) === 0) {
        $error[] = $lang['INST_ERR_DB_FORUM_PATH'];
        return false;
    }
    // Check the prefix length to ensure that index names are not too long and does not contain invalid characters
    switch ($dbms_details['DRIVER']) {
        case 'mysql':
        case 'mysqli':
            if (strspn($table_prefix, '-./\\') !== 0) {
                $error[] = $lang['INST_ERR_PREFIX_INVALID'];
                return false;
            }
            // no break;
        // no break;
        case 'postgres':
            $prefix_length = 36;
            break;
        case 'mssql':
        case 'mssql_odbc':
        case 'mssqlnative':
            $prefix_length = 90;
            break;
        case 'sqlite':
            $prefix_length = 200;
            break;
        case 'firebird':
        case 'oracle':
            $prefix_length = 6;
            break;
    }
    if (strlen($table_prefix) > $prefix_length) {
        $error[] = sprintf($lang['INST_ERR_PREFIX_TOO_LONG'], $prefix_length);
        return false;
    }
    // Try and connect ...
    if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true))) {
        $db_error = $db->sql_error();
        $error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . ($db_error['message'] ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
    } else {
        // Likely matches for an existing phpBB installation
        if (!$prefix_may_exist) {
            $temp_prefix = strtolower($table_prefix);
            $table_ary = array($temp_prefix . 'attachments', $temp_prefix . 'config', $temp_prefix . 'sessions', $temp_prefix . 'topics', $temp_prefix . 'users');
            $tables = get_tables($db);
            $tables = array_map('strtolower', $tables);
            $table_intersect = array_intersect($tables, $table_ary);
            if (sizeof($table_intersect)) {
                $error[] = $lang['INST_ERR_PREFIX'];
            }
        }
        // Make sure that the user has selected a sensible DBAL for the DBMS actually installed
        switch ($dbms_details['DRIVER']) {
            case 'mysqli':
                if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) {
                    $error[] = $lang['INST_ERR_DB_NO_MYSQLI'];
                }
                break;
            case 'sqlite':
                if (version_compare(sqlite_libversion(), '2.8.2', '<')) {
                    $error[] = $lang['INST_ERR_DB_NO_SQLITE'];
                }
                break;
            case 'firebird':
                // check the version of FB, use some hackery if we can't get access to the server info
                if ($db->service_handle !== false && function_exists('ibase_server_info')) {
                    $val = @ibase_server_info($db->service_handle, IBASE_SVC_SERVER_VERSION);
                    preg_match('#V([\\d.]+)#', $val, $match);
                    if ($match[1] < 2) {
                        $error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
                    }
                    $db_info = @ibase_db_info($db->service_handle, $dbname, IBASE_STS_HDR_PAGES);
                    preg_match('/^\\s*Page size\\s*(\\d+)/m', $db_info, $regs);
                    $page_size = intval($regs[1]);
                    if ($page_size < 8192) {
                        $error[] = $lang['INST_ERR_DB_NO_FIREBIRD_PS'];
                    }
                } else {
                    $sql = "SELECT *\n\t\t\t\t\t\tFROM RDB{$FUNCTIONS}\n\t\t\t\t\t\tWHERE RDB{$SYSTEM_FLAG} IS NULL\n\t\t\t\t\t\t\tAND RDB{$FUNCTION_NAME} = 'CHAR_LENGTH'";
                    $result = $db->sql_query($sql);
                    $row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    // if its a UDF, its too old
                    if ($row) {
                        $error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
                    } else {
                        $sql = 'SELECT 1 FROM RDB$DATABASE
							WHERE BIN_AND(10, 1) = 0';
                        $result = $db->sql_query($sql);
                        if (!$result) {
                            $error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
                        }
                        $db->sql_freeresult($result);
                    }
                    // Setup the stuff for our random table
                    $char_array = array_merge(range('A', 'Z'), range('0', '9'));
                    $char_len = mt_rand(7, 9);
                    $char_array_len = sizeof($char_array) - 1;
                    $final = '';
                    for ($i = 0; $i < $char_len; $i++) {
                        $final .= $char_array[mt_rand(0, $char_array_len)];
                    }
                    // Create some random table
                    $sql = 'CREATE TABLE ' . $final . " (\n\t\t\t\t\t\tFIELD1 VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE,\n\t\t\t\t\t\tFIELD2 INTEGER DEFAULT 0 NOT NULL);";
                    $db->sql_query($sql);
                    // Create an index that should fail if the page size is less than 8192
                    $sql = 'CREATE INDEX ' . $final . ' ON ' . $final . '(FIELD1, FIELD2);';
                    $db->sql_query($sql);
                    if (ibase_errmsg() !== false) {
                        $error[] = $lang['INST_ERR_DB_NO_FIREBIRD_PS'];
                    } else {
                        // Kill the old table
                        $db->sql_query('DROP TABLE ' . $final . ';');
                    }
                    unset($final);
                }
                break;
            case 'oracle':
                if ($unicode_check) {
                    $sql = "SELECT *\n\t\t\t\t\t\tFROM NLS_DATABASE_PARAMETERS\n\t\t\t\t\t\tWHERE PARAMETER = 'NLS_RDBMS_VERSION'\n\t\t\t\t\t\t\tOR PARAMETER = 'NLS_CHARACTERSET'";
                    $result = $db->sql_query($sql);
                    while ($row = $db->sql_fetchrow($result)) {
                        $stats[$row['parameter']] = $row['value'];
                    }
                    $db->sql_freeresult($result);
                    if (version_compare($stats['NLS_RDBMS_VERSION'], '9.2', '<') && $stats['NLS_CHARACTERSET'] !== 'UTF8') {
                        $error[] = $lang['INST_ERR_DB_NO_ORACLE'];
                    }
                }
                break;
            case 'postgres':
                if ($unicode_check) {
                    $sql = "SHOW server_encoding;";
                    $result = $db->sql_query($sql);
                    $row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    if ($row['server_encoding'] !== 'UNICODE' && $row['server_encoding'] !== 'UTF8') {
                        $error[] = $lang['INST_ERR_DB_NO_POSTGRES'];
                    }
                }
                break;
        }
    }
    if ($error_connect && (!isset($error) || !sizeof($error))) {
        return true;
    }
    return false;
}
Exemplo n.º 21
0
 /**
  * Error and message handler, call with trigger_error if reqd
  */
 public static function msg_handler($errno, $msg_text, $errfile, $errline)
 {
     global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text, $quickinstall_path;
     global $user;
     // Message handler is stripping text. In case we need it, we are possible to define long text...
     if (isset($msg_long_text) && $msg_long_text && !$msg_text) {
         $msg_text = $msg_long_text;
     }
     switch ($errno) {
         case E_NOTICE:
         case E_WARNING:
             // Check the error reporting level and return if the error level does not match
             // Additionally do not display notices if we suppress them via @
             // If DEBUG is defined the default level is E_ALL
             if (($errno & (defined('DEBUG') && error_reporting() ? E_ALL : error_reporting())) == 0) {
                 return;
             }
             // remove complete path to installation, with the risk of changing backslashes meant to be there
             $errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile);
             $msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text);
             echo '<b>[phpBB Debug] PHP Notice</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
             return;
             break;
         case E_USER_ERROR:
         case E_USER_WARNING:
         case E_USER_NOTICE:
             // uncomment for debug
             //echo "$errfile:$errline";
             $msg_title = isset($msg_title) ? isset($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title : (isset($user->lang['GENERAL_ERROR']) ? $user->lang['GENERAL_ERROR'] : 'General Error');
             $msg_text = isset($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
             $l_return_index = '<a href="' . qi::url('settings') . '">Go to settings</a> &bull; ';
             $l_return_index .= '<a href="' . qi::url('main') . '">Go to QuickInstall main page</a>';
             echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
             echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">';
             echo '<head>';
             echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
             echo '<title>' . $msg_title . '</title>';
             echo '<link href="' . $quickinstall_path . 'style/style.css" rel="stylesheet" type="text/css" media="screen" />';
             echo '</head>';
             echo '<body id="errorpage">';
             echo '<div id="wrap">';
             echo '	<div id="page-header">';
             echo '		' . $l_return_index;
             echo '	</div>';
             echo '	<div id="page-body">';
             echo '		<div id="acp">';
             echo '		<div class="panel">';
             echo '			<span class="corners-top"><span></span></span>';
             echo '			<div id="content">';
             echo '			<h1>' . $msg_title . '</h1>';
             echo '			<div>' . $msg_text . '</div>';
             echo '			</div>';
             echo '			<div style="padding-left: 10px;">';
             echo '		' . $l_return_index;
             echo '			</div>';
             echo '			<span class="corners-bottom"><span></span></span>';
             echo '		</div>';
             echo '		</div>';
             echo '	</div>';
             echo '	<div id="page-footer">';
             echo '		Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>';
             echo '	</div>';
             echo '</div>';
             echo '</body>';
             echo '</html>';
             exit;
             break;
     }
     // If we notice an error not handled here we pass this back to PHP by returning false
     // This may not work for all php versions
     return false;
 }
/**
* Removes absolute path to phpBB root directory from error messages
* and converts backslashes to forward slashes.
*
* @param string $errfile	Absolute file path
*							(e.g. /var/www/phpbb3/phpBB/includes/functions.php)
*							Please note that if $errfile is outside of the phpBB root,
*							the root path will not be found and can not be filtered.
* @return string			Relative file path
*							(e.g. /includes/functions.php)
*/
function phpbb_filter_root_path($errfile)
{
    static $root_path;
    if (empty($root_path)) {
        $root_path = phpbb_realpath(dirname(__FILE__) . '/../');
    }
    return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);
}
Exemplo n.º 23
0
         }
         $result = @fputs($fp, $theme_data, strlen($theme_data));
         fclose($fp);
         $message = $lang['Theme_info_saved'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.{$phpEx}") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.{$phpEx}?pane=right") . "\">", "</a>");
         message_die(GENERAL_MESSAGE, $message);
     } else {
         if ($HTTP_POST_VARS['send_file']) {
             header("Content-Type: text/x-delimtext; name=\"theme_info.cfg\"");
             header("Content-disposition: attachment; filename=theme_info.cfg");
             echo stripslashes($HTTP_POST_VARS['theme_info']);
         } else {
             $template->set_filenames(array("body" => "admin/styles_exporter.tpl"));
             if ($dir = @opendir($phpbb_root_path . 'templates/')) {
                 $s_template_select = '<select name="export_template">';
                 while ($file = @readdir($dir)) {
                     if (!is_file(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && $file != "." && $file != ".." && $file != "CVS") {
                         $s_template_select .= '<option value="' . $file . '">' . $file . "</option>\n";
                     }
                 }
                 $s_template_select .= '</select>';
             } else {
                 message_die(GENERAL_MESSAGE, $lang['No_template_dir']);
             }
             $template->assign_vars(array("L_STYLE_EXPORTER" => $lang['Export_themes'], "L_EXPORTER_EXPLAIN" => $lang['Export_explain'], "L_TEMPLATE_SELECT" => $lang['Select_template'], "L_SUBMIT" => $lang['Submit'], "S_EXPORTER_ACTION" => append_sid("admin_styles.{$phpEx}?mode=export"), "S_TEMPLATE_SELECT" => $s_template_select));
             $template->pparse("body");
         }
     }
     break;
 case "delete":
     $style_id = isset($HTTP_GET_VARS['style_id']) ? intval($HTTP_GET_VARS['style_id']) : intval($HTTP_POST_VARS['style_id']);
     if (!$confirm) {
Exemplo n.º 24
0
Arquivo: mpv.php Projeto: phpbb/mpv
 /**
  * Send an error to our list of errors
  *
  * @access	public
  * @param	int			Error type
  * @param	string		Message
  * @param	string		Filename of the file causing the error
  * @param	mixed		Optional array of sprintf() values, or a non-array for passing one single value
  * @return	void
  */
 public function push_error($type, $message, $filename = null, $sprintf_args = null)
 {
     global $lang;
     // Mold $sprintf_args into something usable
     if (is_null($sprintf_args)) {
         $sprintf_args = array();
     } else {
         if (!is_array($sprintf_args)) {
             $sprintf_args = array($sprintf_args);
         }
     }
     // Quick and dirty, but it works well for development
     if (!isset($lang[$message])) {
         $lang[$message] = $message;
         if (sizeof($sprintf_args) > 0) {
             $lang[$message] .= str_repeat(' %s ', sizeof($sprintf_args));
         }
     }
     // Compose the message
     $message = @vsprintf($lang[$message], $sprintf_args);
     if (!is_null($filename)) {
         global $root_path;
         $filename = str_replace(array(phpbb_realpath($root_path), '\\'), array('', '/'), $filename);
         $message = $filename . ': ' . $message;
     }
     // Update the validation message
     switch ($type) {
         case self::ERROR_FAIL:
             $this->message .= '[color=red][ [b]' . $lang['MPV_FAIL_RESULT'] . '[/b] ][/color] ' . $message . "\n";
             break;
         case self::ERROR_NOTICE:
             $this->message .= '[color=blue][ [b]' . $lang['MPV_NOTICE_RESULT'] . '[/b] ][/color] ' . $message . "\n";
             break;
         case self::ERROR_WARNING:
             $this->message .= '[color=orange][ [b]' . $lang['MPV_WARNING_RESULT'] . '[/b] ][/color] ' . $message . "\n";
             break;
         case self::ERROR_INFO:
             $this->message .= '[color=purple][ [b]' . $lang['MPV_INFO_RESULT'] . '[/b] ][/color] ' . $message . "\n";
             break;
         default:
             $this->message .= '[color=orange][ [b]' . $lang['MPV_WARNING_RESULT'] . '[/b] ][/color] [b]' . $lang['INVALID_TYPE'] . "\n";
             $this->message .= '[color=purple][ [b]' . $lang['MPV_INFO_RESULT'] . '[/b] ][/color] ' . $message . "\n";
     }
     // Store the raw log in $this->errors
     $this->errors[$type][] = array('message' => $message, 'filename' => $filename, 'arguments' => $sprintf_args);
 }
Exemplo n.º 25
0
         }
         // It may be still no valid host, but for sure only a hostname (
         // we may further expand on the cookie domain... if set)
         return $host;
     }
     echo 'Domain name: ' . extract_current_hostname() . '<br />';
     $server_port = !empty($_SERVER['SERVER_PORT']) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
     echo 'Server port: ' . $server_port . '<br />';
     $root_path = phpbb_realpath(dirname(__FILE__) . '/../');
     $script_name = !empty($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
     // If we are unable to get the script name we use REQUEST_URI as a failover
     if (!$script_name) {
         $script_name = !empty($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
         $script_name = ($pos = strpos($script_name, '?')) !== false ? substr($script_name, 0, $pos) : $script_name;
     }
     $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($root_path)));
     $script_path = trim(str_replace('\\', '/', dirname($script_name)));
     echo 'Script path: ' . $script_path . '<br /><br />';
     echo 'Server type/version (OS): ' . (isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '') . '<br />';
 } else {
     function extract_current_hostname()
     {
         global $config, $request;
         // Get hostname
         $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')));
         // Should be a string and lowered
         $host = (string) strtolower($host);
         // If host is equal the cookie domain or the server name (if config is set), then we assume it is valid
         if (isset($config['cookie_domain']) && $host === $config['cookie_domain'] || isset($config['server_name']) && $host === $config['server_name']) {
             return $host;
         }
Exemplo n.º 26
0
                break;
        }
        //
        // Let's do an overall check for settings/versions which would prevent
        // us from doing file uploads....
        //
        $ini_val = phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
        $form_enctype = !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ? '' : 'enctype="multipart/form-data"';
        $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'USER_TYPE_SELECT' => user_type_select($user_type), 'YIM' => $yim, 'ICQ' => $icq, 'MSN' => $msn, 'AIM' => $aim, 'OCCUPATION' => $occupation, 'INTERESTS' => $interests, 'LOCATION' => $location, 'WEBSITE' => $website, 'SIGNATURE' => str_replace('<br />', "\n", $signature), 'CUSTOM_TITLE' => $custom_title, 'CUSTOM_TITLE_STATUS_REGDATE' => $custom_title_status_regdate, 'CUSTOM_TITLE_STATUS_DISABLED' => $custom_title_status_disabled, 'CUSTOM_TITLE_STATUS_ENABLED' => $custom_title_status_enabled, 'VIEW_EMAIL_YES' => $viewemail ? 'checked="checked"' : '', 'VIEW_EMAIL_NO' => !$viewemail ? 'checked="checked"' : '', 'HIDE_USER_YES' => !$allowviewonline ? 'checked="checked"' : '', 'HIDE_USER_NO' => $allowviewonline ? 'checked="checked"' : '', 'NOTIFY_PM_YES' => $notifypm ? 'checked="checked"' : '', 'NOTIFY_PM_NO' => !$notifypm ? 'checked="checked"' : '', 'POPUP_PM_YES' => $popuppm ? 'checked="checked"' : '', 'POPUP_PM_NO' => !$popuppm ? 'checked="checked"' : '', 'ALWAYS_ADD_SIGNATURE_YES' => $attachsig ? 'checked="checked"' : '', 'ALWAYS_ADD_SIGNATURE_NO' => !$attachsig ? 'checked="checked"' : '', 'NOTIFY_REPLY_YES' => $notifyreply ? 'checked="checked"' : '', 'NOTIFY_REPLY_NO' => !$notifyreply ? 'checked="checked"' : '', 'ALWAYS_ALLOW_BBCODE_YES' => $allowbbcode ? 'checked="checked"' : '', 'ALWAYS_ALLOW_BBCODE_NO' => !$allowbbcode ? 'checked="checked"' : '', 'ALWAYS_ALLOW_HTML_YES' => $allowhtml ? 'checked="checked"' : '', 'ALWAYS_ALLOW_HTML_NO' => !$allowhtml ? 'checked="checked"' : '', 'ALWAYS_ALLOW_SMILIES_YES' => $allowsmilies ? 'checked="checked"' : '', 'ALWAYS_ALLOW_SMILIES_NO' => !$allowsmilies ? 'checked="checked"' : '', 'AVATAR' => $avatar, 'LANGUAGE_SELECT' => language_select($user_lang), 'TIMEZONE_SELECT' => tz_select($user_timezone), 'STYLE_SELECT' => style_select($user_style, 'style'), 'DATE_FORMAT' => $user_dateformat, 'ALLOW_PM_YES' => $user_allowpm ? 'checked="checked"' : '', 'ALLOW_PM_NO' => !$user_allowpm ? 'checked="checked"' : '', 'ALLOW_AVATAR_YES' => $user_allowavatar ? 'checked="checked"' : '', 'ALLOW_AVATAR_NO' => !$user_allowavatar ? 'checked="checked"' : '', 'USER_ACTIVE_YES' => $user_status ? 'checked="checked"' : '', 'USER_ACTIVE_NO' => !$user_status ? 'checked="checked"' : '', 'BANCARD' => $user_ycard, 'RANK_SELECT_BOX' => $rank_select_box, 'L_USERNAME' => $lang['Username'], 'L_USER_TITLE' => $lang['User_admin'], 'L_USER_EXPLAIN' => $lang['User_admin_explain'], 'L_USER_TYPE' => $lang['User_Type'], 'L_USER_TYPE_EXPLAIN' => $lang['User_Type_explain'], 'L_NEW_PASSWORD' => $lang['New_password'], 'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'], 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_ICQ_NUMBER' => $lang['ICQ'], 'L_MESSENGER' => $lang['MSNM'], 'L_YAHOO' => $lang['YIM'], 'L_WEBSITE' => $lang['Website'], 'L_AIM' => $lang['AIM'], 'L_LOCATION' => $lang['Location'], 'L_OCCUPATION' => $lang['Occupation'], 'L_BOARD_LANGUAGE' => $lang['Board_lang'], 'L_BOARD_STYLE' => $lang['Board_style'], 'L_TIMEZONE' => $lang['Timezone'], 'L_DATE_FORMAT' => $lang['Date_format'], 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_INTERESTS' => $lang['Interests'], 'L_BANCARD' => $lang['ban_card'], 'L_BANCARD_EXPLAIN' => sprintf($lang['ban_card_explain'], $board_config['max_user_bancard']), 'L_CUSTOM_TITLE' => $lang['Custom_title'], 'L_CUSTOM_TITLE_STATUS' => $lang['Custom_title_status'], 'L_CUSTOM_TITLE_STATUS_REGDATE' => $lang['Custom_title_status_regdate'], 'L_CUSTOM_TITLE_STATUS_DISABLED' => $lang['Custom_title_status_disabled'], 'L_CUSTOM_TITLE_STATUS_ENABLED' => $lang['Custom_title_status_enabled'], 'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'], 'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'], 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 'L_HIDE_USER' => $lang['Hide_user'], 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], 'L_SPECIAL' => $lang['User_special'], 'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'], 'L_USER_ACTIVE' => $lang['User_status'], 'L_ALLOW_PM' => $lang['User_allowpm'], 'L_ALLOW_AVATAR' => $lang['User_allowavatar'], 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'], 'L_DELETE_AVATAR' => $lang['Delete_Image'], 'L_CURRENT_IMAGE' => $lang['Current_Image'], 'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'], 'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'], 'L_AVATAR_GALLERY' => $lang['Select_from_gallery'], 'L_SHOW_GALLERY' => $lang['View_avatar_gallery'], 'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'], 'L_SIGNATURE' => $lang['Signature'], 'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']), 'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'], 'L_NOTIFY_ON_REPLY' => $lang['Always_notify'], 'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'], 'L_PREFERENCES' => $lang['Preferences'], 'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'], 'L_ITEMS_REQUIRED' => $lang['Items_required'], 'L_REGISTRATION_INFO' => $lang['Registration_info'], 'L_PROFILE_INFO' => $lang['Profile_info'], 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'], 'L_EMAIL_ADDRESS' => $lang['Email_address'], 'S_FORM_ENCTYPE' => $form_enctype, 'HTML_STATUS' => $html_status, 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.{$phpEx}?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 'SMILIES_STATUS' => $smilies_status, 'L_DELETE_USER' => $lang['User_delete'], 'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'], 'L_SELECT_RANK' => $lang['Rank_title'], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_PROFILE_ACTION' => append_sid("admin_users.{$phpEx}")));
        if (file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && $board_config['allow_avatar_upload'] == TRUE) {
            if ($form_enctype != '') {
                $template->assign_block_vars('avatar_local_upload', array());
            }
            $template->assign_block_vars('avatar_remote_upload', array());
        }
        if (file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && $board_config['allow_avatar_local'] == TRUE) {
            $template->assign_block_vars('avatar_local_gallery', array());
        }
        if ($board_config['allow_avatar_remote'] == TRUE) {
            $template->assign_block_vars('avatar_remote_link', array());
        }
    }
    $template->pparse('body');
} else {
    if ($mode == 'lookup') {
        //
        // Lookup user
        //
        $username = !empty($HTTP_POST_VARS['username']) ? str_replace('%', '%%', trim(strip_tags($HTTP_POST_VARS['username']))) : '';
        $email = !empty($HTTP_POST_VARS['email']) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
        $posts = !empty($HTTP_POST_VARS['posts']) ? intval(trim(strip_tags($HTTP_POST_VARS['posts']))) : '';
Exemplo n.º 27
0
function guess_lang()
{
    global $phpbb_root_path, $HTTP_SERVER_VARS;
    // The order here _is_ important, at least for major_minor
    // matches. Don't go moving these around without checking with
    // me first - psoTFX
    $match_lang = array('arabic' => 'ar([_-][a-z]+)?', 'bulgarian' => 'bg', 'catalan' => 'ca', 'czech' => 'cs', 'danish' => 'da', 'german' => 'de([_-][a-z]+)?', 'english' => 'en([_-][a-z]+)?', 'estonian' => 'et', 'finnish' => 'fi', 'french' => 'fr([_-][a-z]+)?', 'greek' => 'el', 'spanish_argentina' => 'es[_-]ar', 'spanish' => 'es([_-][a-z]+)?', 'gaelic' => 'gd', 'galego' => 'gl', 'gujarati' => 'gu', 'hebrew' => 'he', 'hindi' => 'hi', 'croatian' => 'hr', 'hungarian' => 'hu', 'icelandic' => 'is', 'indonesian' => 'id([_-][a-z]+)?', 'italian' => 'it([_-][a-z]+)?', 'japanese' => 'ja([_-][a-z]+)?', 'korean' => 'ko([_-][a-z]+)?', 'latvian' => 'lv', 'lithuanian' => 'lt', 'macedonian' => 'mk', 'dutch' => 'nl([_-][a-z]+)?', 'norwegian' => 'no', 'punjabi' => 'pa', 'polish' => 'pl', 'portuguese_brazil' => 'pt[_-]br', 'portuguese' => 'pt([_-][a-z]+)?', 'romanian' => 'ro([_-][a-z]+)?', 'russian' => 'ru([_-][a-z]+)?', 'slovenian' => 'sl([_-][a-z]+)?', 'albanian' => 'sq', 'serbian' => 'sr([_-][a-z]+)?', 'slovak' => 'sv([_-][a-z]+)?', 'swedish' => 'sv([_-][a-z]+)?', 'thai' => 'th([_-][a-z]+)?', 'turkish' => 'tr([_-][a-z]+)?', 'ukranian' => 'uk([_-][a-z]+)?', 'urdu' => 'ur', 'viatnamese' => 'vi', 'chinese_traditional_taiwan' => 'zh[_-]tw', 'chinese_simplified' => 'zh');
    if (isset($HTTP_SERVER_VARS['HTTP_ACCEPT_LANGUAGE'])) {
        $accept_lang_ary = explode(',', $HTTP_SERVER_VARS['HTTP_ACCEPT_LANGUAGE']);
        for ($i = 0; $i < sizeof($accept_lang_ary); $i++) {
            @reset($match_lang);
            while (list($lang, $match) = each($match_lang)) {
                if (preg_match('#' . $match . '#i', trim($accept_lang_ary[$i]))) {
                    if (file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $lang))) {
                        return $lang;
                    }
                }
            }
        }
    }
    return 'english';
}
Exemplo n.º 28
0
 /**
  * Constructor
  */
 function umil($stand_alone = false, $db = false)
 {
     // Setup $this->db
     if ($db !== false) {
         if (!is_object($db) || !method_exists($db, 'sql_query')) {
             trigger_error('Invalid $db Object');
         }
         $this->db = $db;
     } else {
         global $db;
         $this->db = $db;
     }
     // Setup $this->db_tools
     if (!class_exists('phpbb_db_tools')) {
         global $phpbb_root_path, $phpEx;
         include $phpbb_root_path . 'includes/db/db_tools.' . $phpEx;
     }
     $this->db_tools = new phpbb_db_tools($this->db);
     $this->stand_alone = $stand_alone;
     if (!$stand_alone) {
         global $config, $user, $phpbb_root_path, $phpEx;
         /* Does not have the fall back option to use en/ if the user's language file does not exist, so we will not use it...unless that is changed.
         			if (method_exists('user', 'set_custom_lang_path'))
         			{
         				$user->set_custom_lang_path($phpbb_root_path . 'umil/language/');
         				$user->add_lang('umil');
         				$user->set_custom_lang_path($phpbb_root_path . 'language/');
         			}
         			else
         			{*/
         // Include the umil language file.  First we check if the language file for the user's language is available, if not we check if the board's default language is available, if not we use the english file.
         if (isset($user->data['user_lang']) && file_exists("{$phpbb_root_path}umil/language/{$user->data['user_lang']}/umil.{$phpEx}")) {
             $path = $user->data['user_lang'];
         } else {
             if (file_exists("{$phpbb_root_path}umil/language/" . basename($config['default_lang']) . "/umil.{$phpEx}")) {
                 $path = basename($config['default_lang']);
             } else {
                 if (file_exists("{$phpbb_root_path}umil/language/en/umil.{$phpEx}")) {
                     $path = 'en';
                 } else {
                     trigger_error('Language Files Missing.<br /><br />Please download the latest UMIL (Unified MOD Install Library) from: <a href="http://www.phpbb.com/mods/umil/">phpBB.com/mods/umil</a>', E_USER_ERROR);
                 }
             }
         }
         $user->add_lang('./../../umil/language/' . $path . '/umil');
         //}
         $user->add_lang(array('acp/common', 'acp/permissions'));
     }
     // Check to see if a newer version is available.
     $info = $this->version_check('www.phpbb.com', '/updatecheck', defined('PHPBB_QA') ? 'umil_qa.txt' : 'umil.txt');
     if (is_array($info) && isset($info[0]) && isset($info[1])) {
         if (version_compare(UMIL_VERSION, $info[0], '<')) {
             global $template, $user, $phpbb_root_path;
             // Make sure user->setup() has been called
             if (empty($user->lang)) {
                 $user->setup();
             }
             page_header('', false);
             $this_file = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), __FILE__);
             $user->lang['UPDATE_UMIL'] = isset($user->lang['UPDATE_UMIL']) ? $user->lang['UPDATE_UMIL'] : 'This version of UMIL is outdated.<br /><br />Please download the latest UMIL (Unified MOD Install Library) from: <a href="%1$s">%1$s</a>';
             $template->assign_vars(array('S_BOARD_DISABLED' => true, 'L_BOARD_DISABLED' => !$stand_alone ? sprintf($user->lang['UPDATE_UMIL'], $info[1]) : sprintf('This version of UMIL is outdated.<br /><br />Please download the latest UMIL (Unified MOD Install Library) from: <a href="%1$s">%1$s</a>, then replace the file %2$s with the root/umil/umil.php file included in the downloaded package.', $info[1], $this_file)));
         }
     }
 }
Exemplo n.º 29
0
/**
* Error and message handler, call with trigger_error if reqd
*/
function msg_handler($errno, $msg_text, $errfile, $errline)
{
    global $cache, $db, $auth, $template, $config, $user;
    global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text;
    // Do not display notices if we suppress them via @
    if (error_reporting() == 0) {
        return;
    }
    // Message handler is stripping text. In case we need it, we are possible to define long text...
    if (isset($msg_long_text) && $msg_long_text && !$msg_text) {
        $msg_text = $msg_long_text;
    }
    switch ($errno) {
        case E_NOTICE:
        case E_WARNING:
            // Check the error reporting level and return if the error level does not match
            // If DEBUG is defined the default level is E_ALL
            if (($errno & (defined('DEBUG') ? E_ALL : error_reporting())) == 0) {
                return;
            }
            if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) {
                // flush the content, else we get a white page if output buffering is on
                if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on') {
                    @ob_flush();
                }
                // Another quick fix for those having gzip compression enabled, but do not flush if the coder wants to catch "something". ;)
                if (!empty($config['gzip_compress'])) {
                    if (@extension_loaded('zlib') && !headers_sent() && !ob_get_level()) {
                        @ob_flush();
                    }
                }
                // remove complete path to installation, with the risk of changing backslashes meant to be there
                $errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile);
                $msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text);
                echo '<b>[phpBB Debug] PHP Notice</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
            }
            return;
            break;
        case E_USER_ERROR:
            if (!empty($user) && !empty($user->lang)) {
                $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
                $msg_title = !isset($msg_title) ? $user->lang['GENERAL_ERROR'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
                $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>');
                $l_notify = '';
                if (!empty($config['board_contact'])) {
                    $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>';
                }
            } else {
                $msg_title = 'General Error';
                $l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>';
                $l_notify = '';
                if (!empty($config['board_contact'])) {
                    $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
                }
            }
            garbage_collection();
            // Try to not call the adm page data...
            echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
            echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">';
            echo '<head>';
            echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
            echo '<title>' . $msg_title . '</title>';
            echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
            echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
            echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } ';
            echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } ';
            echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px  #A9B8C2; } ';
            echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } ';
            echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } ';
            echo "\n" . '/* ]]> */' . "\n";
            echo '</style>';
            echo '</head>';
            echo '<body id="errorpage">';
            echo '<div id="wrap">';
            echo '	<div id="page-header">';
            echo '		' . $l_return_index;
            echo '	</div>';
            echo '	<div id="acp">';
            echo '	<div class="panel">';
            echo '		<div id="content">';
            echo '			<h1>' . $msg_title . '</h1>';
            echo '			<div>' . $msg_text . '</div>';
            echo $l_notify;
            echo '		</div>';
            echo '	</div>';
            echo '	</div>';
            echo '	<div id="page-footer">';
            echo '		Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>';
            echo '	</div>';
            echo '</div>';
            echo '</body>';
            echo '</html>';
            exit_handler();
            // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here.
            exit;
            break;
        case E_USER_WARNING:
        case E_USER_NOTICE:
            define('IN_ERROR_HANDLER', true);
            if (empty($user->data)) {
                $user->session_begin();
            }
            // We re-init the auth array to get correct results on login/logout
            $auth->acl($user->data);
            if (empty($user->lang)) {
                $user->setup();
            }
            $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
            $msg_title = !isset($msg_title) ? $user->lang['INFORMATION'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
            if (!defined('HEADER_INC')) {
                if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
                    adm_page_header($msg_title);
                } else {
                    page_header($msg_title);
                }
            }
            $template->set_filenames(array('body' => 'message_body.html'));
            $template->assign_vars(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false));
            // We do not want the cron script to be called on error messages
            define('IN_CRON', true);
            if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
                adm_page_footer();
            } else {
                page_footer();
            }
            exit_handler();
            break;
    }
    // If we notice an error not handled here we pass this back to PHP by returning false
    // This may not work for all php versions
    return false;
}
Exemplo n.º 30
0
require './pagestart.' . $phpEx;
//
// Check to see what mode we should operate in.
//
if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) {
    $mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
} else {
    $mode = "";
}
$delimeter = '=+:';
//
// Read a listing of uploaded smilies for use in the add or edit smliey code...
//
$dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
while ($file = @readdir($dir)) {
    if (!@is_dir(phpbb_realpath($phpbb_root_path . $board_config['smilies_path'] . '/' . $file))) {
        $img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . $file);
        if ($img_size[0] && $img_size[1]) {
            $smiley_images[] = $file;
        } else {
            if (eregi('.pak$', $file)) {
                $smiley_paks[] = $file;
            }
        }
    }
}
@closedir($dir);
//
// Select main mode
//
if (isset($HTTP_GET_VARS['import_pack']) || isset($HTTP_POST_VARS['import_pack'])) {