function verify_authentication2($username) { global $vbulletin; $username = strip_blank_ascii($username, ' '); if ($vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid, usergroupid, membergroupids, infractiongroupids, username, password, salt FROM " . TABLE_PREFIX . "user WHERE username = '******'")) { if ($vbulletin->GPC[COOKIE_PREFIX . 'userid'] and $vbulletin->GPC[COOKIE_PREFIX . 'userid'] != $vbulletin->userinfo['userid']) { // we have a cookie from a user and we're logging in as // a different user and we're not going to store a new cookie, // so let's unset the old one vbsetcookie('userid', '', true, true, true); vbsetcookie('password', '', true, true, true); } vbsetcookie('userid', $vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); $return_value = true; ($hook = vBulletinHook::fetch_hook('login_verify_success')) ? eval($hook) : false; return $return_value; } $return_value = false; ($hook = vBulletinHook::fetch_hook('login_verify_failure_username')) ? eval($hook) : false; return $return_value; }
$sql = "SELECT activationid FROM useractivation WHERE userid = '" . $userid . "'"; $data = $vbulletin->db->query_first($sql); $activationid = $data["activationid"]; if (!empty($activationid)) { $url = "register.php?a=act&u=" . $userid . "&i=" . $activationid; } else { $url = "index.php"; $token = md5(uniqid(microtime(), true)); $token_time = time(); $form = "site-account-details"; $_SESSION['site_registration'][$form . '_token'] = array('token' => $token, 'time' => $token_time); // start new session $vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid, usergroupid, membergroupids, infractiongroupids,\n username, password, salt FROM " . TABLE_PREFIX . "user\n WHERE userid = " . $userid); require_once DIR . '/includes/functions_login.php'; vbsetcookie('userid', $vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); if ($vbulletin->options['usestrikesystem']) { exec_unstrike_user($vbulletin->GPC['username']); } process_new_login('', 1, $vbulletin->GPC['cssprefs']); cache_permissions($vbulletin->userinfo, true); $vbulletin->session->save(); } } } } else { $valid_entries = FALSE; $messages['errors'][] = $message = "Please check your username and password."; $messages['fields'][] = $error_type = "username-member"; $messages['errors'][] = $message = ""; $messages['fields'][] = $error_type = "password-member";
// ********************************************************************************* // set $threadedmode (continued from global.php) if ($vbulletin->options['allowthreadedmode'] and !$show['search_engine'] and !VB_API) { if (!empty($vbulletin->GPC['mode'])) { // Look for command to switch types on the query string switch ($vbulletin->GPC['mode']) { case 'threaded': $threadedCookieVal = 'threaded'; break; case 'hybrid': $threadedCookieVal = 'hybrid'; break; default: $threadedCookieVal = 'linear'; } vbsetcookie('threadedmode', $threadedCookieVal); $vbulletin->GPC[COOKIE_PREFIX . 'threadedmode'] = $threadedCookieVal; unset($threadedCookieVal); } if (!empty($vbulletin->GPC[COOKIE_PREFIX . 'threadedmode'])) { switch ($vbulletin->GPC[COOKIE_PREFIX . 'threadedmode']) { case 'threaded': $threadedmode = 1; break; case 'hybrid': $threadedmode = 2; break; default: $threadedmode = 0; } } else {
vbsetcookie('languageid', $languageid); } else if ($vbulletin->GPC[COOKIE_PREFIX . 'languageid'] AND !empty($vbulletin->languagecache[$vbulletin->GPC[COOKIE_PREFIX . 'languageid']]['userselect'])) { $languageid = $vbulletin->GPC[COOKIE_PREFIX . 'languageid']; } else { $languageid = 0; } // Set up user's chosen style if ($vbulletin->GPC['styleid']) { $styleid =& $vbulletin->GPC['styleid']; vbsetcookie('userstyleid', $styleid); } else if ($vbulletin->GPC[COOKIE_PREFIX . 'userstyleid']) { $styleid = $vbulletin->GPC[COOKIE_PREFIX . 'userstyleid']; } else { $styleid = 0; } // build the session and setup the environment $vbulletin->session = new vB_Session($vbulletin, $sessionhash, $vbulletin->GPC[COOKIE_PREFIX . 'userid'], $vbulletin->GPC[COOKIE_PREFIX . 'password'], $styleid, $languageid); // Hide sessionid in url if we are a search engine or if we have a cookie $vbulletin->session->set_session_visibility($show['search_engine'] OR $vbulletin->superglobal_size['_COOKIE'] > 0);
function process_logout() { global $vbulletin; // clear all cookies beginning with COOKIE_PREFIX $prefix_length = strlen(COOKIE_PREFIX); foreach ($_COOKIE AS $key => $val) { $index = strpos($key, COOKIE_PREFIX); if ($index == 0 AND $index !== false) { $key = substr($key, $prefix_length); if (trim($key) == '') { continue; } // vbsetcookie will add the cookie prefix vbsetcookie($key, '', 1); } } if ($vbulletin->userinfo['userid'] AND $vbulletin->userinfo['userid'] != -1) { // init user data manager $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata->set_existing($vbulletin->userinfo); $userdata->set('lastactivity', TIMENOW - $vbulletin->options['cookietimeout']); $userdata->set('lastvisit', TIMENOW); $userdata->save(); // make sure any other of this user's sessions are deleted (in case they ended up with more than one) $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session WHERE userid = " . $vbulletin->userinfo['userid']); } $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session WHERE sessionhash = '" . $vbulletin->db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"); if ($vbulletin->session->created == true) { // if we just created a session on this page, there's no reason not to use it $newsession = $vbulletin->session; } else { $newsession = new vB_Session($vbulletin, '', 0, '', $vbulletin->session->vars['styleid']); } $newsession->set('userid', 0); $newsession->set('loggedin', 0); $newsession->set_session_visibility(($vbulletin->superglobal_size['_COOKIE'] > 0)); $vbulletin->session =& $newsession; ($hook = vBulletinHook::fetch_hook('logout_process')) ? eval($hook) : false; }
log_admin_action(); } // ######################################################################## // ######################### START MAIN SCRIPT ############################ // ######################################################################## $vbulletin->input->clean_array_gpc('r', array('redirect' => TYPE_NOHTML)); # Not sure where this comes from if (!empty($vbulletin->GPC['redirect'])) { define('CP_REDIRECT', $vbulletin->GPC['redirect']); print_stop_message('redirecting_please_wait'); } // ############################################################################# // ############################### LOG OUT OF CP ############################### // ############################################################################# if ($_REQUEST['do'] == 'cplogout') { vbsetcookie('cpsession', '', false, true, true); $db->query_write("DELETE FROM " . TABLE_PREFIX . "cpsession WHERE userid = " . $vbulletin->userinfo['userid'] . " AND hash = '" . $db->escape_string($vbulletin->GPC[COOKIE_PREFIX . 'cpsession']) . "'"); if (!empty($vbulletin->session->vars['sessionurl_js'])) { exec_header_redirect('index.php?' . $vbulletin->session->vars['sessionurl_js']); } else { exec_header_redirect('index.php'); } } if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'frames'; } if ($_REQUEST['do'] == 'frames') { $vbulletin->input->clean_array_gpc('r', array('loc' => TYPE_NOHTML)); $navframe = '<frame src="index.php?' . $vbulletin->session->vars['sessionurl'] . "do=nav" . iif($cpnavjs, '&cpnavjs=1') . "\" name=\"nav\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" border=\"no\" />\n"; $headframe = '<frame src="index.php?' . $vbulletin->session->vars['sessionurl'] . "do=head\" name=\"head\" scrolling=\"no\" noresize=\"noresize\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"0\" border=\"no\" />\n"; $mainframe = '<frame src="' . iif(!empty($vbulletin->GPC['loc']), $vbulletin->GPC['loc'], 'index.php?' . $vbulletin->session->vars['sessionurl'] . 'do=home') . "\" name=\"main\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\" border=\"no\" />\n";
} else { $current['year'] = date('Y'); $current['month'] = date('m'); $current['day'] = date('d'); if ($year < 1970 or mktime(0, 0, 0, $month, $day, $year) <= mktime(0, 0, 0, $current['month'], $current['day'], $current['year'] - 13)) { // this user is >13 $show['coppa'] = false; } else { if ($vbulletin->options['usecoppa'] == 2) { if ($vbulletin->options['checkcoppa']) { vbsetcookie('coppaage', $month . '-' . $day . '-' . $year, 1); } eval(standard_error(fetch_error('under_thirteen_registration_denied'))); } else { if ($vbulletin->options['checkcoppa']) { vbsetcookie('coppaage', $month . '-' . $day . '-' . $year, 1); } $show['coppa'] = true; } } } } else { $show['coppa'] = false; } ($hook = vBulletinHook::fetch_hook('register_form_start')) ? eval($hook) : false; if ($errorlist) { $checkedoff['adminemail'] = iif($vbulletin->GPC['options']['adminemail'], 'checked="checked"'); $checkedoff['showemail'] = iif($vbulletin->GPC['options']['showemail'], 'checked="checked"'); } else { $checkedoff['adminemail'] = iif(bitwise($vbulletin->bf_misc_regoptions['adminemail'], $vbulletin->options['defaultregoptions']), 'checked="checked"'); $checkedoff['showemail'] = iif(bitwise($vbulletin->bf_misc_regoptions['receiveemail'], $vbulletin->options['defaultregoptions']), 'checked="checked"');
public function ExternalAuthorization($userid) { $this->vbulletin->userinfo = $this->vbulletin->db->query_first_slave("SELECT userid, password, username FROM " . TABLE_PREFIX . "user WHERE userid='{$userid}'"); if ($this->vbulletin->userinfo) { require_once DIR . '/includes/functions_login.php'; vbsetcookie('userid', $this->vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($this->vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); exec_unstrike_user($this->vbulletin->userinfo['username']); define('EXTERNAL_AUTH', true); // create new session process_new_login('', 0, ''); } if (!empty($_SERVER['HTTP_REFERER'])) { $url = $_SERVER['HTTP_REFERER']; } else { $url = $this->vbulletin->options['homeurl']; } if (strpos($url, "?")) { $url .= "&vbsession=" . $this->vbulletin->session->vars['sessionhash']; } else { $url .= "?vbsession=" . $this->vbulletin->session->vars['sessionhash']; } header('Location:' . $url); echo "Вы были перенаправлены сюда <a href='" . $url . "'>" . $url . "</a>"; exit; }
$vbulletin->input->clean_array_gpc('r', array('perpage' => vB_Cleaner::TYPE_UINT)); // if cookie was set, set the perpage value to the value found in cookie only if not set in the request. // If request perpage is not empty, the user probably set it and we need to update the cookie. if (!empty($vbulletin->GPC[COOKIE_PREFIX . 'contentlist_perpage'])) { if (empty($vbulletin->GPC['perpage'])) { $vbulletin->GPC['perpage'] = $vbulletin->GPC[COOKIE_PREFIX . 'contentlist_perpage']; } } if (!empty($vbulletin->GPC['perpage'])) { $perpage = $vbulletin->GPC['perpage']; } else { $perpage = 25; } // save to cookie if the request value is different than the one saved in cookie. if ($perpage != $vbulletin->GPC[COOKIE_PREFIX . 'contentlist_perpage'] and !@headers_sent()) { vbsetcookie('contentlist_perpage', $perpage, true, true, true); } // ###################### end setting cookies ####################### print_cp_header($vbphrase['content_management']); if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'contentlist'; } // articles root channelid $articleChannelId = vB_Api::instanceInternal('node')->fetchArticleChannel(); // just a wrapper for generateCategoryList because I'm having to call the same3 lines over and over again. function getFullCategoryList(&$channelInfoArray = array(), $tabsize = 1, $tabchar = "--", $tabspace = " ") { $cache = vB_Cache::instance(vB_Cache::CACHE_STD); $cacheKey = "vBAdminCP_CMS_Categories"; $categories = $cache->read($cacheKey); $writeCache = false;
} ($hook = vBulletinHook::fetch_hook('photoplog_settings_letterbar')) ? eval($hook) : false; eval('$photoplog[\'letter_bar\'] = "' . fetch_template('photoplog_letter_bar') . '";'); } // ##################### INITIALIZE CATEGORY BITS ######################### if (defined('PHOTOPLOG_RANDOM') && !defined('PHOTOPLOG_HTTPD') && !$photoplog_perm_fileid && !$photoplog_perm_catid && !$photoplog_perm_commentid && !isset($_REQUEST['u']) && !isset($_REQUEST['q']) && !isset($_REQUEST['page']) && !isset($_REQUEST['v'])) { require_once './listing.php'; } // ##################### INITIALIZE JAVASCRIPT BIT ######################## $vbulletin->input->clean_array_gpc('c', array(COOKIE_PREFIX . 'photoplogjs' => TYPE_BOOL)); $photoplog['jsactive'] = intval($vbulletin->GPC[COOKIE_PREFIX . 'photoplogjs']); $photoplog_cookiepath = $vbulletin->options['cookiepath']; $photoplog_cookiedomain = $vbulletin->options['cookiedomain']; $vbulletin->options['cookiepath'] = '/'; $vbulletin->options['cookiedomain'] = ''; vbsetcookie('photoplogjs', '0', false); $vbulletin->options['cookiepath'] = $photoplog_cookiepath; $vbulletin->options['cookiedomain'] = $photoplog_cookiedomain; unset($photoplog_cookiepath, $photoplog_cookiedomain); //##################### INITIALIZE STATISTICS BAR ######################### if (defined('PHOTOPLOG_RANDOM') && !defined('PHOTOPLOG_HTTPD') && !isset($_REQUEST['c']) && !isset($_REQUEST['n']) && !isset($_REQUEST['u']) && !isset($_REQUEST['q']) && !isset($_REQUEST['page']) && !isset($_REQUEST['v'])) { $photoplog_numbermembers = vb_number_format($vbulletin->userstats['numbermembers']); $photoplog_activemembers = vb_number_format($vbulletin->userstats['activemembers']); $photoplog_showactivemembers = $vbulletin->options['activememberdays'] > 0 && $vbulletin->options['activememberoptions'] & 2 ? true : false; $photoplog_do_sql = "WHERE catid > 0"; $photoplog_do_arr = array(); foreach ($photoplog_ds_catopts as $photoplog_ds_catid => $photoplog_ds_value) { $photoplog_ds_catid = intval($photoplog_ds_catid); if ($photoplog_ds_catopts[$photoplog_ds_catid]['parentid'] < 0 && $photoplog_ds_catopts[$photoplog_ds_catid]['displayorder'] != 0) { $photoplog_child_list = array(); if (isset($photoplog_list_relatives[$photoplog_ds_catid])) {
function process_logout() { global $vbulletin; // clear all cookies beginning with COOKIE_PREFIX $prefix_length = strlen(COOKIE_PREFIX); foreach ($_COOKIE as $key => $val) { $index = strpos($key, COOKIE_PREFIX); if ($index == 0 and $index !== false) { $key = substr($key, $prefix_length); if (trim($key) == '') { continue; } // vbsetcookie will add the cookie prefix vbsetcookie($key, '', 1); } } if ($vbulletin->userinfo['userid'] and $vbulletin->userinfo['userid'] != -1) { // init user data manager $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata->set_existing($vbulletin->userinfo); $userdata->set('lastactivity', TIMENOW - $vbulletin->options['cookietimeout']); $userdata->set('lastvisit', TIMENOW); $userdata->save(); // make sure any other of this user's sessions are deleted (in case they ended up with more than one) $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session WHERE userid = " . $vbulletin->userinfo['userid']); } $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session WHERE sessionhash = '" . $vbulletin->db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"); // Remove accesstoken from apiclient table so that a new one will be generated if (defined('VB_API') and VB_API === true and $vbulletin->apiclient['apiclientid']) { $vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "apiclient SET apiaccesstoken = '', userid = 0\n\t\t\tWHERE apiclientid = " . intval($vbulletin->apiclient['apiclientid'])); $vbulletin->apiclient['apiaccesstoken'] = ''; } if ($vbulletin->session->created == true and !VB_API) { // if we just created a session on this page, there's no reason not to use it $newsession = $vbulletin->session; } else { // API should always create a new session here to generate a new accesstoken $newsession = new vB_Session($vbulletin, '', 0, '', $vbulletin->session->vars['styleid']); } $newsession->set('userid', 0); $newsession->set('loggedin', 0); $newsession->set_session_visibility($vbulletin->superglobal_size['_COOKIE'] > 0); $vbulletin->session =& $newsession; ($hook = vBulletinHook::fetch_hook('logout_process')) ? eval($hook) : false; }
/** * Reads some context based on general input information */ public function read_input_context() { global $vbulletin; $vbulletin->input->clean_array_gpc('r', array( 'referrerid' => TYPE_UINT, 'a' => TYPE_STR, 'nojs' => TYPE_BOOL )); $vbulletin->input->clean_array_gpc('p', array( 'ajax' => TYPE_BOOL, )); // ############################################################################# // set the referrer cookie if URI contains a referrerid if ($vbulletin->GPC['referrerid'] AND !$vbulletin->GPC[COOKIE_PREFIX . 'referrerid'] AND !$vbulletin->userinfo['userid'] AND $vbulletin->options['usereferrer']) { if ($referrerid = verify_id('user', $vbulletin->GPC['referrerid'], 0)) { vbsetcookie('referrerid', $referrerid); } } }
/** * Makes sure local copy of FB session is in synch with actual FB session * * @return bool, fb userid if logged in, false otherwise */ protected function validateFBSession() { // grab the current access token stored locally (in cookie or db depending on login status) if ($this->registry->userinfo['userid'] == 0) { $curaccesstoken = $this->registry->input->clean_gpc('c', COOKIE_PREFIX . 'fbaccesstoken', TYPE_STR); } else { $curaccesstoken = !empty($this->registry->userinfo['fbaccesstoken']) ? $this->registry->userinfo['fbaccesstoken'] : ''; } // if we have a new access token that is valid, re-query FB for updated info, and cache it locally if ($curaccesstoken != $this->facebook->getAccessToken() and $this->isValidAuthToken()) { // update the userinfo array with fresh facebook data $this->registry->userinfo['fbaccesstoken'] = $this->facebook->getAccessToken(); //$this->registry->userinfo['fbprofilepicurl'] = $this->fb_userinfo['pic_square']; // if user is guest, store fb session info in cookie if ($this->registry->userinfo['userid'] == 0) { vbsetcookie('fbaccesstoken', $this->facebook->getAccessToken()); vbsetcookie('fbprofilepicurl', $this->fb_userinfo['pic_square']); } else { $this->registry->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\tSET\n\t\t\t\t\t\tfbaccesstoken = '" . $this->facebook->getAccessToken() . "'\n\t\t\t\t\tWHERE userid = " . $this->registry->userinfo['userid'] . "\n\t\t\t\t"); } } }
$mobile_browser = true; } } if ($mobile_browser and preg_match('/(ipad|ipod|iphone|blackberry|android|pre\\/|palm os|palm|hiptop|avantgo|plucker|xiino|blazer|elaine)/i', strtolower($_SERVER['HTTP_USER_AGENT']))) { $mobile_browser_advanced = true; } } // Set up user's chosen style if ($vbulletin->GPC['styleid']) { $styleid =& $vbulletin->GPC['styleid']; vbsetcookie('userstyleid', $styleid); if ($styleid == -1) { vbsetcookie('skipmobilestyle', 1); $vbulletin->GPC[COOKIE_PREFIX . 'skipmobilestyle'] = 1; } elseif (isset($vbulletin->options['mobilestyleid_advanced']) and $styleid == $vbulletin->options['mobilestyleid_advanced'] or isset($vbulletin->options['mobilestyleid_basic']) and $styleid == $vbulletin->options['mobilestyleid_basic']) { vbsetcookie('skipmobilestyle', 0); $vbulletin->GPC[COOKIE_PREFIX . 'skipmobilestyle'] = 0; } } elseif ($mobile_browser_advanced && $vbulletin->options['mobilestyleid_advanced'] && !$vbulletin->GPC[COOKIE_PREFIX . 'skipmobilestyle']) { $styleid = $vbulletin->options['mobilestyleid_advanced']; } elseif ($mobile_browser && $vbulletin->options['mobilestyleid_basic'] && !$vbulletin->GPC[COOKIE_PREFIX . 'skipmobilestyle']) { $styleid = $vbulletin->options['mobilestyleid_basic']; } elseif ($vbulletin->GPC[COOKIE_PREFIX . 'userstyleid']) { $styleid = $vbulletin->GPC[COOKIE_PREFIX . 'userstyleid']; } else { $styleid = 0; } $session = vB_Session::getNewSession(vB::getDbAssertor(), vB::getDatastore(), vB::getConfig(), $sessionhash, $vbulletin->GPC[COOKIE_PREFIX . 'userid'], $vbulletin->GPC[COOKIE_PREFIX . 'password'], $styleid, $languageid); vB::setCurrentSession($session); //needs to go after the session // fetch url of referring page after we have access to vboptions['forumhome']
$RedirectMethod = $Config['RedirectMethod']; if (!in_array($RedirectMethod, array('SubmitForm', 'SendHeader'))) { FatalError("Invalid RedirectMethod option: '{$RedirectMethod}'"); } GetInputData('UserIdentifier', $Username); GetInputData('LoginMessage', $LoginMessage); $Username = strip_blank_ascii($Username, ' '); if ($vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid, usergroupid, membergroupids, username, password, salt \n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "user \n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE username = '******'")) { if ($CookieUser) { vbsetcookie('userid', $vbulletin->userinfo['userid']); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT)); } else { if ($vbulletin->{$_COOKIE}[COOKIE_PREFIX . 'userid'] and $_COOKIE[COOKIE_PREFIX . 'userid'] != $vbulletin->userinfo['userid']) { // If there is cookie from other user, delete it vbsetcookie('userid', ''); vbsetcookie('password', ''); } } } else { FatalError("Erroneous or empty query result: " . "SELECT userid, usergroupid, membergroupids, username, password, salt FROM " . TABLE_PREFIX . "user WHERE username = '******'"); } // Create new session $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session \n\t\t\t\t\t\t\t WHERE sessionhash = '" . $vbulletin->db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"); if ($vbulletin->session->created == true and $vbulletin->session->vars['userid'] == 0) { $newsession =& $vbulletin->session; } else { $newsession =& new vB_Session($vbulletin, '', $vbulletin->userinfo['userid'], '', $vbulletin->session->vars['styleid']); } $newsession->set('userid', $vbulletin->userinfo['userid']); $newsession->set('loggedin', 1); $newsession->set('bypass', 0);
$new_remaining = $fullpage_remaining - 1; vbsetcookie('fullpage', $new_remaining); } } else { if ($fullpage_remaining === '0' || empty($fullpage_remaining) && $vbulletin->options['adintegrate_fullpage_arrival'] == '1') { $fullpage_adcode = createad($vbulletin->options['adintegrate_fullpage_adcode']); if (!empty($fullpage_adcode)) { $adintegrate_domain = explode('/', $vbulletin->options['bburl']); $adintegrate_url = $vbulletin->options['bburl'] . '/advertisement.php?url=' . $adintegrate_domain['0'] . '//' . $adintegrate_domain['2'] . $_SERVER['REQUEST_URI']; header("Location: {$adintegrate_url}"); } // + 1 because it will count the page that they'll be bounced to afterwards. $chanceofad++; vbsetcookie('fullpage', $chanceofad); } else { vbsetcookie('fullpage', $chanceofad); } } } } } } // Footer if ($vbulletin->options['adintegrate_footer_onoff'] == '1') { if (checkadtime($vbulletin->options['adintegrate_footer_timescale']) != '1') { $footer_adcode = createad($vbulletin->options['adintegrate_footer_adcode']); if ($vbulletin->options['adintegrate_footer_refresh'] != '0') { $footer_adcode .= refreshad_js(footer); } eval('$footer_advertisement = "' . fetch_template('advertisement_footer') . '";'); insertads($vbulletin->options['adintegrate_footer_autoinsert'], 'footer', $footer_advertisement);
/** * Resets the threadedmode cookie to the user's profile choice * * @param integer User ID */ function update_threadedmode_cookie($userid) { if (isset($this->user['threadedmode'])) { if (!@headers_sent()) { vbsetcookie('threadedmode', '', 1); } } }
// override cookie // Set up user's chosen language if ($vbulletin->GPC['langid'] and !empty($vbulletin->languagecache["{$vbulletin->GPC['langid']}"]['userselect'])) { $languageid =& $vbulletin->GPC['langid']; vbsetcookie('languageid', $languageid); } else { if ($vbulletin->GPC[COOKIE_PREFIX . 'languageid'] and !empty($vbulletin->languagecache[$vbulletin->GPC[COOKIE_PREFIX . 'languageid']]['userselect'])) { $languageid = $vbulletin->GPC[COOKIE_PREFIX . 'languageid']; } else { $languageid = 0; } } // Set up user's chosen style if ($vbulletin->GPC['styleid']) { $styleid =& $vbulletin->GPC['styleid']; vbsetcookie('styleid', $styleid); } else { if ($vbulletin->GPC[COOKIE_PREFIX . 'styleid']) { $styleid = $vbulletin->GPC[COOKIE_PREFIX . 'styleid']; } else { $styleid = 0; } } // build the session and setup the environment $vbulletin->session =& new vB_Session($vbulletin, $sessionhash, $vbulletin->GPC[COOKIE_PREFIX . 'userid'], $vbulletin->GPC[COOKIE_PREFIX . 'password'], $styleid, $languageid); // Hide sessionid in url if we are a search engine or if we have a cookie $vbulletin->session->set_session_visibility($show['search_engine'] or $vbulletin->superglobal_size['_COOKIE'] > 0); $vbulletin->userinfo =& $vbulletin->session->fetch_userinfo(); $vbulletin->session->do_lastvisit_update($vbulletin->GPC[COOKIE_PREFIX . 'lastvisit'], $vbulletin->GPC[COOKIE_PREFIX . 'lastactivity']); // put the sessionhash into contact-us links automatically if required (issueid 21522) if ($vbulletin->session->visible and $vbulletin->options['contactuslink'] != '' and substr(strtolower($vbulletin->options['contactuslink']), 0, 7) != 'mailto:') {
/** * Marks a forum, its child forums and all contained posts as read * * @param integer Forum ID to be marked as read - leave blank to mark all forums as read * * @return array Array of affected forum IDs */ function mark_forums_read($forumid = false) { global $vbulletin; $db =& $vbulletin->db; $return_url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; $return_phrase = 'markread'; $return_forumids = array(); if (!$forumid) { if ($vbulletin->userinfo['userid']) { // init user data manager $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD); $userdata->set_existing($vbulletin->userinfo); $userdata->set('lastactivity', TIMENOW); $userdata->set('lastvisit', TIMENOW - 1); $userdata->save(); if ($vbulletin->options['threadmarking']) { $query = ''; foreach ($vbulletin->forumcache as $fid => $finfo) { // mark the forum and all child forums read $query .= ", ({$fid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; } if ($query) { $query = substr($query, 2); $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumread\n\t\t\t\t\t\t\t(forumid, userid, readtime)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t{$query}\n\t\t\t\t\t"); } } } else { vbsetcookie('lastvisit', TIMENOW); } $return_forumids = array_keys($vbulletin->forumcache); } else { // temp work around code, I need to find another way to mass set some values to the cookie $vbulletin->input->clean_gpc('c', COOKIE_PREFIX . 'forum_view', TYPE_STR); global $bb_cache_forum_view; $bb_cache_forum_view = @unserialize(convert_bbarray_cookie($vbulletin->GPC[COOKIE_PREFIX . 'forum_view'])); require_once DIR . '/includes/functions_misc.php'; $childforums = fetch_child_forums($forumid, 'ARRAY'); $return_forumids = $childforums; $return_forumids[] = $forumid; if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $query = "({$forumid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; foreach ($childforums as $child_forumid) { // mark the forum and all child forums read $query .= ", ({$child_forumid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; } $db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumread\n\t\t\t\t\t(forumid, userid, readtime)\n\t\t\t\tVALUES\n\t\t\t\t\t{$query}\n\t\t\t"); require_once DIR . '/includes/functions_bigthree.php'; $foruminfo = fetch_foruminfo($forumid); $parent_marks = mark_forum_read($foruminfo, $vbulletin->userinfo['userid'], TIMENOW); if (is_array($parent_marks)) { $return_forumids = array_unique(array_merge($return_forumids, $parent_marks)); } } else { foreach ($childforums as $child_forumid) { // mark the forum and all child forums read $bb_cache_forum_view["{$child_forumid}"] = TIMENOW; } set_bbarray_cookie('forum_view', $forumid, TIMENOW); } if ($vbulletin->forumcache["{$forumid}"]['parentid'] == -1) { $return_url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; } else { $return_url = 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . 'f=' . $vbulletin->forumcache["{$forumid}"]['parentid']; } $return_phrase = 'markread_single'; } return array('url' => $return_url, 'phrase' => $return_phrase, 'forumids' => $return_forumids); }
eval(standard_error(fetch_error('badlogin_strikes_passthru', vB5_Route::buildUrl('lostpw|fullurl'), $strikes + 1))); } else { admin_login_error('badlogin_passthru', array('strikes' => $strikes + 1)); eval(standard_error(fetch_error('badlogin_passthru', vB5_Route::buildUrl('lostpw|fullurl'), $strikes + 1))); } } } vB_User::execUnstrikeUser($vbulletin->GPC['vb_login_username']); // create new session $res = vB_User::processNewLogin($auth, $vbulletin->GPC['logintype'], $vbulletin->GPC['cssprefs']); // set cookies (temp hack for admincp) if (isset($res['cpsession'])) { vbsetcookie('cpsession', $res['cpsession'], false, true, true); } vbsetcookie('userid', $res['userid'], false, true, true); vbsetcookie('password', $res['password'], false, true, true); vbsetcookie('sessionhash', $res['sessionhash'], false, false, true); // do redirect do_login_redirect(); } else { if ($_GET['do'] == 'login') { // add consistency with previous behavior exec_header_redirect(vB5_Route::buildUrl('home|fullurl')); } } /*=========================================================================*\ || ####################################################################### || # Downloaded: 15:45, Tue Sep 8th 2015 || # CVS: $RCSfile$ - $Revision: 83432 $ || ####################################################################### \*=========================================================================*/
// ################### PRE-CACHE TEMPLATES AND DATA ###################### // get special phrase groups $phrasegroups = array('posting', 'postbit', 'showthread', 'inlinemod', 'reputationlevel'); // get special data templates from the datastore $specialtemplates = array('smiliecache', 'bbcodecache', 'mailqueue', 'bookmarksitecache'); // pre-cache templates used by all actions $globaltemplates = array('ad_showthread_beforeqr', 'ad_showthread_firstpost', 'ad_showthread_firstpost_start', 'ad_showthread_firstpost_sig', 'ad_thread_first_post_content', 'ad_thread_last_post_content', 'forumdisplay_loggedinuser', 'forumrules', 'im_aim', 'im_icq', 'im_msn', 'im_yahoo', 'im_skype', 'postbit', 'postbit_wrapper', 'postbit_attachment', 'postbit_attachmentimage', 'postbit_attachmentthumbnail', 'postbit_attachmentmoderated', 'postbit_deleted', 'postbit_ignore', 'postbit_ignore_global', 'postbit_ip', 'postbit_onlinestatus', 'postbit_reputation', 'bbcode_code', 'bbcode_html', 'bbcode_php', 'bbcode_quote', 'bbcode_video', 'SHOWTHREAD', 'showthread_list', 'showthread_similarthreadbit', 'showthread_similarthreads', 'showthread_quickreply', 'showthread_bookmarksite', 'tagbit', 'tagbit_wrapper', 'polloptions_table', 'polloption', 'polloption_multiple', 'pollresults_table', 'pollresult', 'threadadmin_imod_menu_post', 'editor_clientscript', 'editor_jsoptions_font', 'editor_jsoptions_size', 'editor_toolbar_colors', 'editor_toolbar_fontname', 'editor_toolbar_fontsize'); $specialtemplates = array('smiliecache', 'bbcodecache'); require_once './global.php'; require_once DIR . '/includes/functions_bigthree.php'; require_once DIR . '/includes/functions_user.php'; require_once DIR . '/includes/class_postbit.php'; // pre-cache templates used by specific actions $actiontemplates = array(); $vbulletin->options['awc_enable'] = false; vbsetcookie('skip_fr_detect', 'false'); function do_get_thread() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase; $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL)); if (empty($threadinfo['threadid'])) { json_error(ERR_INVALID_THREAD); } $threadedmode = 0; $threadid = $vbulletin->GPC['threadid']; // Goto first unread post? if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) { $threadinfo = verify_id('thread', $threadid, 1, 1); if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else {
$templater->register('streamPermission', unserialize($vbulletin->options['technidev_twitch_canblock'])); $template_hook['forumhome_above_forums'] .= $templater->render(); } // Possibility for administrators or moderators to block certain streams. if (!empty($vbulletin->GPC['td_stream_block']) && is_member_of($vbulletin->userinfo, unserialize($vbulletin->options['technidev_twitch_canblock']))) { // First iterate through the current blocked cache file to make sure it's not there already. $blocked = unserialize(file_get_contents($blockedfile)); if (empty($blocked)) { $blocked = array(); } if (in_array(urldecode($vbulletin->GPC['td_stream_block']), $blocked)) { $vbulletin->url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $vbulletin->options['bburl'] . '/forum.php'; print_standard_redirect('This user is blocked already.', false, true); } // Add to the file. array_push($blocked, urldecode($vbulletin->GPC['td_stream_block'])); file_put_contents($blockedfile, serialize($blocked)); // Remove the current cached file. unlink($cachefile); print_standard_redirect('The user has been blocked.', false, true); } // Set stream block to hidden or visible state. if (!empty($vbulletin->GPC['td_stream_state'])) { if ($vbulletin->GPC['td_stream_state'] == 'hide') { vbsetcookie('technidev_twitch', 'hide'); } else { vbsetcookie('technidev_twitch', 'show'); } $vbulletin->url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $vbulletin->options['bburl'] . '/forum.php'; print_standard_redirect('Stream block state changed to: ' . ($vbulletin->GPC['td_stream_state'] == 'hide' ? 'hidden' : 'display') . '.', false, true); }
$vbulletin->input->clean_array_gpc('r', array('pda' => TYPE_BOOL, 'login' => TYPE_BOOL, 'message' => TYPE_BOOL)); $vbulletin->input->clean_array_gpc('c', array(COOKIE_PREFIX . 'pda' => TYPE_UINT)); $vbulletin->input->clean_array_gpc('p', array('username' => TYPE_STR, 'password' => TYPE_STR)); // check to see if the person is using a PDA if so we'll sort in ASC // force a redirect afterwards so we dont get problems with search engines if ($t) { $t = intval($t); $querystring = 't-' . $t . iif($p, '-p-' . intval($p)) . '.html'; } else { if ($f) { $f = intval($f); $querystring = 'f-' . $f . iif($p, '-p-' . intval($p)) . '.html'; } } if ($vbulletin->GPC['pda']) { vbsetcookie('pda', '1', 1); exec_header_redirect($querystring); } else { if ($vbulletin->GPC[COOKIE_PREFIX . 'pda']) { $pda = true; } } $title = $vbulletin->options['bbtitle']; if ($vbulletin->userinfo['userid'] == 0 and $vbulletin->GPC['login']) { if (!empty($vbulletin->GPC['username']) and !empty($vbulletin->GPC['password'])) { require_once DIR . '/includes/functions_login.php'; $strikes = verify_strike_status($vbulletin->GPC['username'], true); if ($strikes === false) { // user has got too many wrong passwords $error_message = fetch_error('strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']); $do = 'error';
/** * Finishes off the current page (using templates), prints it out to the browser and halts execution * * @param string The HTML of the page to be printed * @param boolean Send the content length header? */ function print_output($vartext, $sendheader = true) { global $querytime, $vbulletin, $show, $vbphrase; if ($vbulletin->options['addtemplatename']) { if ($doctypepos = @strpos($vartext, vB_Template_Runtime::fetchStyleVar('htmldoctype'))) { $comment = substr($vartext, 0, $doctypepos); $vartext = substr($vartext, $doctypepos + strlen(vB_Template_Runtime::fetchStyleVar('htmldoctype'))); $vartext = vB_Template_Runtime::fetchStyleVar('htmldoctype') . "\n" . $comment . $vartext; } } if (!empty($vbulletin->db->explain) or $vbulletin->debug) { $totaltime = microtime(true) - TIMESTART; $vartext .= "<!-- Page generated in " . vb_number_format($totaltime, 5) . " seconds with " . $vbulletin->db->querycount . " queries -->"; } // set cookies for displayed notices if ($show['notices'] and !defined('NOPMPOPUP') and !empty($vbulletin->np_notices_displayed) and is_array($vbulletin->np_notices_displayed)) { $np_notices_cookie = $_COOKIE[COOKIE_PREFIX . 'np_notices_displayed']; vbsetcookie('np_notices_displayed', ($np_notices_cookie ? "{$np_notices_cookie}," : '') . implode(',', $vbulletin->np_notices_displayed), false); } // --- / TODO remove this code for vB4 gold------------------------------ // debug code global $DEVDEBUG, $vbcollapse; if ($vbulletin->debug) { devdebug('php_sapi_name(): ' . SAPI_NAME); $messages = ''; if (is_array($DEVDEBUG)) { foreach ($DEVDEBUG as $debugmessage) { $messages .= "\t<option>" . htmlspecialchars_uni($debugmessage) . "</option>\n"; } } if (!empty(vB_Template::$template_usage)) { $tempusagecache = vB_Template::$template_usage; $_TEMPLATEQUERIES = vB_Template::$template_queries; unset($tempusagecache['board_inactive_warning'], $_TEMPLATEQUERIES['board_inactive_warning']); ksort($tempusagecache); foreach ($tempusagecache as $template_name => $times) { $tempusagecache["{$template_name}"] = "<span class=\"shade\" style=\"float:right\">({$times})</span>" . ((isset($_TEMPLATEQUERIES["{$template_name}"]) and $_TEMPLATEQUERIES["{$template_name}"]) ? "<span style=\"color:red; font-weight:bold\">{$template_name}</span>" : $template_name); } } else { $tempusagecache = array(); } $hook_usage = ''; $hook_total = 0; foreach (vBulletinHook::fetch_hookusage() as $hook_name => $has_code) { $hook_usage .= '<li class="smallfont' . (!$has_code ? ' shade' : '') . '">' . $hook_name . '</li>'; $hook_total++; } if (!$hook_usage) { $hook_usage = '<li class="smallfont"> </li>'; } $phrase_groups = ''; sort($GLOBALS['phrasegroups']); foreach ($GLOBALS['phrasegroups'] as $phrase_group) { $phrase_groups .= '<li class="smallfont">' . $phrase_group . '</li>'; } if (!$phrase_groups) { $phrase_groups = '<li class="smallfont"> </li>'; } $vbcollapse['collapseimg_debuginfo'] = !empty($vbcollapse['collapseimg_debuginfo']) ? $vbcollapse['collapseimg_debuginfo'] : ''; $vbcollapse['collapseobj_debuginfo'] = !empty($vbcollapse['collapseobj_debuginfo']) ? $vbcollapse['collapseobj_debuginfo'] : ''; // TODO: This needs to be converted to vb4 style - $stylevar doesn't exist, use vB_Template_Runtime::fetchStyleVar('textdirection') $debughtml = "\r\n\t\t\t<table class=\"tborder\" cellpadding=\"6\" cellspacing=\"1\" border=\"0\" align=\"center\" style=\"margin-top:20px\" id=\"debuginfo\" dir=\"ltr\">\r\n\t\t\t<thead>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th class=\"tcat\" colspan=\"2\" align=\"left\">\r\n\t\t\t\t\t\t<a style=\"float:right\" href=\"#\" title=\"Close Debug Info\" onclick=\"document.getElementById('debuginfo').parentNode.removeChild(document.getElementById('debuginfo')); return false;\">X</a>\r\n\t\t\t\t\t\tvBulletin {$vbulletin->options['templateversion']} Debug Information\r\n\t\t\t\t\t</th>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td class=\"alt1 smallfont\" colspan=\"2\">\r\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">\r\n\t\t\t\t\t\t\t<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Page Generation</span> " . vb_number_format($totaltime, 5) . " seconds</li>\r\n\t\t\t\t\t\t\t" . (function_exists('memory_get_usage') ? "<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Memory Usage</span> " . number_format(memory_get_usage() / 1024) . 'KB</li>' : '') . "\r\n\t\t\t\t\t\t\t<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Queries Executed</span> " . (empty($_TEMPLATEQUERIES) ? $vbulletin->db->querycount : "<span title=\"Uncached Templates!\" style=\"color:red; font-weight:bold\">{$vbulletin->db->querycount}</span>") . " <a href=\"" . htmlspecialchars($vbulletin->scriptpath) . (strpos($vbulletin->scriptpath, '?') === false ? '?' : '&') . "explain=1\" target=\"_blank\" title=\"Explain Queries\">(?)</a></li>\r\n\t\t\t\t\t\t</ul>\r\n\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr align=\"left\">\r\n\t\t\t\t\t<th class=\"thead\" colspan=\"2\"><a style=\"float:right\" href=\"#\" onclick=\"return toggle_collapse('debuginfo')\"><img id=\"collapseimg_debuginfo\" src=\"" . vB_Template_Runtime::fetchStyleVar('imgdir_button') . "/collapse_thead{$vbcollapse['collapseimg_debuginfo']}.gif\" alt=\"\" border=\"0\" /></a> More Information</th>\r\n\t\t\t\t</tr>\r\n\t\t\t</thead>\r\n\t\t\t<tbody id=\"collapseobj_debuginfo\" style=\"{$vbcollapse['collapseobj_debuginfo']}\">\r\n\t\t\t\t<tr valign=\"top\">\r\n\t\t\t\t\t<td class=\"alt1 smallfont\">\r\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Template Usage (</strong>" . sizeof($tempusagecache) . "<strong>):</strong></div>\r\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', $tempusagecache) . " </li></ul>\r\n\t\t\t\t\t\t<hr style=\"margin:10px 0px 10px 0px\" />\r\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Phrase Groups Available (</strong>" . sizeof($GLOBALS['phrasegroups']) . "<strong>):</strong></div>\r\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">{$phrase_groups}</ul>\r\n\t\t\t\t\t</td>\r\n\t\t\t\t\t<td class=\"alt1 smallfont\">\r\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Included Files (</strong>" . sizeof($included_files = get_included_files()) . "<strong>):</strong></div>\r\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', str_replace(str_replace('\\', '/', DIR) . '/', '', preg_replace('#^(.*/)#si', '<span class="shade">./\\1</span>', str_replace('\\', '/', $included_files)))) . " </li></ul>\r\n\t\t\t\t\t\t<hr style=\"margin:10px 0px 10px 0px\" />\r\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Hooks Called (</strong>{$hook_total}<strong>):</strong></div>\r\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">{$hook_usage}</ul>\r\n\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t</tbody>\r\n\t\t\t\t<tbody>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td class=\"alt2 smallfont\" colspan=\"2\"><label>Messages:<select style=\"display:block; width:100%\">{$messages}</select></label></td>\r\n\t\t\t\t</tr>\r\n\t\t\t</tbody>\r\n\t\t\t</table>\r\n\t\t"; $vartext = str_replace('</body>', "<!--start debug html-->{$debughtml}<!--end debug html-->\n</body>", $vartext); } // end debug code // --- / TODO remove this code for vB4 gold------------------------------ $output = process_replacement_vars($vartext); if ($vbulletin->debug and function_exists('memory_get_usage')) { $output = preg_replace('#(<!--querycount-->Executed <b>\\d+</b> queries<!--/querycount-->)#siU', 'Memory Usage: <strong>' . number_format(memory_get_usage() / 1024) . 'KB</strong>, \\1', $output); } // parse PHP include ################## ($hook = vBulletinHook::fetch_hook('global_complete')) ? eval($hook) : false; // make sure headers sent returns correctly if (ob_get_level() and ob_get_length()) { ob_end_flush(); } if ($vbulletin->options['gzipoutput'] and !headers_sent()) { $output = fetch_gzipped_text($output, $vbulletin->options['gziplevel']); if ($sendheader and $vbulletin->donegzip) { @header('Content-Length: ' . strlen($output)); } } // Trigger shutdown event $vbulletin->shutdown->shutdown(); if (defined('NOSHUTDOWNFUNC')) { exec_shut_down(); } // show regular page if (empty($vbulletin->db->explain)) { echo $output; } else { $querytime = $vbulletin->db->time_total; echo "\n<b>Page generated in {$totaltime} seconds with " . $vbulletin->db->querycount . " queries,\nspending {$querytime} doing MySQL queries and " . ($totaltime - $querytime) . " doing PHP things.\n\n<hr />Shutdown Queries:</b>" . (defined('NOSHUTDOWNFUNC') ? " <b>DISABLED</b>" : '') . "<hr />\n\n"; } // broken if zlib.output_compression is on with Apache 2 if (SAPI_NAME != 'apache2handler' and SAPI_NAME != 'apache2filter') { flush(); } exit; }
/** * Marks a discussion or group as read. * * @param string $type - 'group' or 'discussion' * @param int $userid - The id of the user * @param int $itemid - The id of the item to mark */ function exec_sg_mark_as_read($type, $itemid) { global $vbulletin; if ($vbulletin->userinfo['userid']) { if ($vbulletin->options['threadmarking']) { $table = TABLE_PREFIX . ($type == 'group' ? 'groupread' : 'discussionread'); $idcol = $type == 'group' ? 'groupid' : 'discussionid'; $vbulletin->db->query_write("REPLACE INTO {$table} (userid,{$idcol},readtime)\n\t\t\t\t\t\t\t\t\t\tVALUES (" . intval($vbulletin->userinfo['userid']) . ", " . intval($itemid) . ", " . TIMENOW . ")"); if ('discussion' == $type and 2 == $vbulletin->options['threadmarking']) { // quite expensive check to see if there are any unread discussions if ($discussion = fetch_socialdiscussioninfo($itemid)) { require_once DIR . '/includes/class_groupmessage.php'; // Create discussion collection $collection_factory =& new vB_Group_Collection_Factory($vbulletin); $collection = $collection_factory->create('discussion', $discussion['groupid'], 0, 1, false, true); $collection->filter_show_read(false); if (!$collection->fetch_count()) { exec_sg_mark_as_read('group', $discussion['groupid']); } unset($collection, $collection_factory); } } } else { // set read in cookie set_bbarray_cookie($type . '_marking', $itemid, TIMENOW); } } else { vbsetcookie('lastvisit', TIMENOW); } }
/** * Finishes off the current page (using templates), prints it out to the browser and halts execution * * @param string The HTML of the page to be printed * @param boolean Send the content length header? */ function print_output($vartext, $sendheader = true) { global $querytime, $vbulletin, $show, $vbphrase; if ($vbulletin->options['addtemplatename']) { if ($doctypepos = @strpos($vartext, vB_Template_Runtime::fetchStyleVar('htmldoctype'))) { $comment = substr($vartext, 0, $doctypepos); $vartext = substr($vartext, $doctypepos + strlen(vB_Template_Runtime::fetchStyleVar('htmldoctype'))); $vartext = vB_Template_Runtime::fetchStyleVar('htmldoctype') . "\n" . $comment . $vartext; } } if (!empty($vbulletin->db->explain) OR $vbulletin->debug) { $totaltime = microtime(true) - TIMESTART; $vartext .= "<!-- Page generated in " . vb_number_format($totaltime, 5) . " seconds with " . $vbulletin->db->querycount . " queries -->"; } // set cookies for displayed notices if ($show['notices'] AND !defined('NOPMPOPUP') AND !empty($vbulletin->np_notices_displayed) AND is_array($vbulletin->np_notices_displayed)) { $np_notices_cookie = $_COOKIE[COOKIE_PREFIX . 'np_notices_displayed']; vbsetcookie('np_notices_displayed', ($np_notices_cookie ? "$np_notices_cookie," : '') . implode(',', $vbulletin->np_notices_displayed), false ); } // debug code global $DEVDEBUG, $vbcollapse; if ($vbulletin->debug) { devdebug('php_sapi_name(): ' . SAPI_NAME); $messages = ''; if (is_array($DEVDEBUG)) { foreach($DEVDEBUG AS $debugmessage) { $messages .= "\t<option>" . htmlspecialchars_uni($debugmessage) . "</option>\n"; } } if (!empty(vB_Template::$template_usage)) { $tempusagecache = vB_Template::$template_usage; $_TEMPLATEQUERIES = vB_Template::$template_queries; unset($tempusagecache['board_inactive_warning'], $_TEMPLATEQUERIES['board_inactive_warning']); ksort($tempusagecache); foreach ($tempusagecache AS $template_name => $times) { $tempusagecache["$template_name"] = "<span class=\"shade\" style=\"float:right\">($times)</span>" . ((isset($_TEMPLATEQUERIES["$template_name"]) AND $_TEMPLATEQUERIES["$template_name"]) ? "<span style=\"color:red; font-weight:bold\">$template_name</span>" : $template_name); } } else { $tempusagecache = array(); } $hook_usage = ''; $hook_total = 0; foreach (vBulletinHook::fetch_hookusage() AS $hook_name => $has_code) { $hook_usage .= '<li class="smallfont' . (!$has_code ? ' shade' : '') . '">' . $hook_name . '</li>'; $hook_total++; } if (!$hook_usage) { $hook_usage = '<li class="smallfont"> </li>'; } $phrase_groups = ''; sort($GLOBALS['phrasegroups']); foreach ($GLOBALS['phrasegroups'] AS $phrase_group) { $phrase_groups .= '<li class="smallfont">' . $phrase_group . '</li>'; } if (!$phrase_groups) { $phrase_groups = '<li class="smallfont"> </li>'; } $vbcollapse['collapseimg_debuginfo'] = (!empty($vbcollapse['collapseimg_debuginfo']) ? $vbcollapse['collapseimg_debuginfo'] : ''); $vbcollapse['collapseobj_debuginfo'] = (!empty($vbcollapse['collapseobj_debuginfo']) ? $vbcollapse['collapseobj_debuginfo'] : ''); $debughtml = " <div class=\"block\" id=\"debuginfo\" style=\"width:800px; margin:4px auto;\"> <h2 class=\"blockhead collapse\"> <a style=\"float:" . vB_Template_Runtime::fetchStyleVar('right') . ";\" href=\"" . htmlspecialchars_uni($vbulletin->input->fetch_relpath()) . "#\" title=\"Close Debug Information\" onclick=\"document.getElementById('debuginfo').parentNode.removeChild(document.getElementById('debuginfo')); return false;\">X</a> vBulletin {$vbulletin->options['templateversion']} Debug Information </h2> <div style=\"border:" . vB_Template_Runtime::fetchStyleVar('blockhead_border') . "; border-top:0;\"> <div class=\"blockbody\"> <div class=\"blockrow\"> <ul style=\"list-style:none; margin:0px; padding:0px\"> <li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Page Generation</span> " . vb_number_format($totaltime, 5) . " seconds</li> " . (function_exists('memory_get_usage') ? "<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Memory Usage</span> " . number_format(memory_get_usage() / 1024) . 'KB</li>' : '') . " <li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Queries Executed</span> " . (empty($_TEMPLATEQUERIES) ? $vbulletin->db->querycount : "<span title=\"Uncached Templates!\" style=\"color:red; font-weight:bold\">{$vbulletin->db->querycount}</span>") . " <a href=\"" . (htmlspecialchars($vbulletin->scriptpath)) . (strpos($vbulletin->scriptpath, '?') === false ? '?' : '&') . "explain=1\" target=\"_blank\" title=\"Explain Queries\">(?)</a></li> </ul> </div> </div> <div class=\"blocksubhead collapse\"> <a style=\"top:5px;\" class=\"collapse\" id=\"collapse_debuginfo_body\" href=\"#top\"><img src=\"" . vB_Template_Runtime::fetchStyleVar('imgdir_button') . "/collapse_40b.png\" alt=\"\" title=\"Collapse Debug Information\" /></a> More Information </div> <div class=\"blockbody\" id=\"debuginfo_body\"> <div class=\"blockrow\"> <div style=\"width:48%; float:left;\"> <div style=\"margin-bottom:6px; font-weight:bold;\">Template Usage (" . sizeof($tempusagecache) . "):</div> <ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', $tempusagecache) . " </li></ul> <hr style=\"margin:10px 0px 10px 0px\" /> <div style=\"margin-bottom:6px; font-weight:bold;\">Phrase Groups Available (" . sizeof($GLOBALS['phrasegroups']) . "):</div> <ul style=\"list-style:none; margin:0px; padding:0px\">$phrase_groups</ul> </div> <div style=\"width:48%; float:right;\"> <div style=\"margin-bottom:6px; font-weight:bold;\">Included Files (" . sizeof($included_files = get_included_files()) . "):</div> <ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', str_replace(str_replace('\\', '/', DIR) . '/', '', preg_replace('#^(.*/)#si', '<span class="shade">./\1</span>', str_replace('\\', '/', $included_files)))) . " </li></ul> <hr style=\"margin:10px 0px 10px 0px\" /> <div style=\"margin-bottom:6px; font-weight:bold;\">Hooks Called ($hook_total):</div> <ul style=\"list-style:none; margin:0px; padding:0px\">$hook_usage</ul> </div> <br style=\"clear:both;\" /> </div> </div> <div class=\"blockbody\"> <div class=\"blockrow\"> <label>Messages:<select style=\"display:block; width:100%\">$messages</select></label> </div> </div> </div> </div> "; $vartext = str_replace('</body>', "<!--start debug html-->$debughtml<!--end debug html-->\n</body>", $vartext); } // end debug code $output = process_replacement_vars($vartext); if ($vbulletin->debug AND function_exists('memory_get_usage')) { $output = preg_replace('#(<!--querycount-->Executed <b>\d+</b> queries<!--/querycount-->)#siU', 'Memory Usage: <strong>' . number_format((memory_get_usage() / 1024)) . 'KB</strong>, \1', $output); } // parse PHP include ################## ($hook = vBulletinHook::fetch_hook('global_complete')) ? eval($hook) : false; // make sure headers sent returns correctly if (ob_get_level() AND ob_get_length()) { ob_end_flush(); } if (!headers_sent()) { if ($vbulletin->options['gzipoutput']) { $output = fetch_gzipped_text($output, $vbulletin->options['gziplevel']); } if ($sendheader) { @header('Content-Length: ' . strlen($output)); } } // Trigger shutdown event $vbulletin->shutdown->shutdown(); if (defined('NOSHUTDOWNFUNC')) { exec_shut_down(); } // show regular page if (empty($vbulletin->db->explain)) { echo $output; } // show explain else { $querytime = $vbulletin->db->time_total; echo "\n<b>Page generated in $totaltime seconds with " . $vbulletin->db->querycount . " queries,\nspending $querytime doing MySQL queries and " . ($totaltime - $querytime) . " doing PHP things.\n\n<hr />Shutdown Queries:</b>" . (defined('NOSHUTDOWNFUNC') ? " <b>DISABLED</b>" : '') . "<hr />\n\n"; } // broken if zlib.output_compression is on with Apache 2 if (SAPI_NAME != 'apache2handler' AND SAPI_NAME != 'apache2filter') { flush(); } exit; }
/** * Updates the last visit and last activity times for guests and registered users (differently). * Last visit is set to the last activity time (before it's updated) only when a certain * time has lapsed. Last activity is always set to the specified time. * * @param integer Time stamp for last visit time (guest only) * @param integer Time stamp for last activity time (guest only) */ function do_lastvisit_update($lastvisit = 0, $lastactivity = 0) { // update last visit/activity stuff if ($this->vars['userid'] == 0) { // guest -- emulate last visit/activity for registered users by cookies if ($lastvisit) { // we've been here before $this->userinfo['lastvisit'] = intval($lastvisit); $this->userinfo['lastactivity'] = $lastvisit ? intval($lastvisit) : TIMENOW; // here's the emulation if (TIMENOW - $this->userinfo['lastactivity'] > $this->registry->options['cookietimeout']) { $this->userinfo['lastvisit'] = $this->userinfo['lastactivity']; vbsetcookie('lastvisit', $this->userinfo['lastactivity']); } } else { // first visit! $this->userinfo['lastactivity'] = TIMENOW; $this->userinfo['lastvisit'] = TIMENOW; vbsetcookie('lastvisit', TIMENOW); } vbsetcookie('lastactivity', $lastactivity); } else { // registered user if (!SESSION_BYPASS) { if (TIMENOW - $this->userinfo['lastactivity'] > $this->registry->options['cookietimeout']) { // see if session has 'expired' and if new post indicators need resetting $this->registry->db->shutdown_query("\n\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tlastvisit = lastactivity,\n\t\t\t\t\t\t\tlastactivity = " . TIMENOW . "\n\t\t\t\t\t\tWHERE userid = " . $this->userinfo['userid'] . "\n\t\t\t\t\t", 'lastvisit'); $this->userinfo['lastvisit'] = $this->userinfo['lastactivity']; } else { // if this line is removed (say to be replaced by a cron job, you will need to change all of the 'online' // status indicators as they use $userinfo['lastactivity'] to determine if a user is online which relies // on this to be updated in real time. $this->registry->db->shutdown_query("\n\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\t\tSET lastactivity = " . TIMENOW . "\n\t\t\t\t\t\tWHERE userid = " . $this->userinfo['userid'] . "\n\t\t\t\t\t", 'lastvisit'); } } } }
$redirect = htmlspecialchars_uni(fetch_replaced_session_url($vbulletin->GPC['redirect'])); $redirect = create_full_url($redirect); $redirect = preg_replace(array('/�*59;?/', '/�*3B;?/i', '#;#'), '%3B', $redirect); $redirect = preg_replace('#&%3B#i', '&', $redirect); print_cp_header($vbphrase['redirecting_please_wait'], '', "<meta http-equiv=\"Refresh\" content=\"0; URL={$redirect}\" />"); echo "<p> </p><blockquote><p>{$vbphrase['redirecting_please_wait']}</p></blockquote>"; print_cp_footer(); exit; } // ############################################################################# // ############################### LOG OUT OF CP ############################### // ############################################################################# if ($_REQUEST['do'] == 'cplogout') { vbsetcookie('cpsession', '', false, true, true); $db->query_write("DELETE FROM " . TABLE_PREFIX . "cpsession WHERE userid = " . $vbulletin->userinfo['userid'] . " AND hash = '" . $db->escape_string($vbulletin->GPC[COOKIE_PREFIX . 'cpsession']) . "'"); vbsetcookie('customerid', '', 0); if (!empty($vbulletin->session->vars['sessionurl_js'])) { exec_header_redirect('index.php?' . $vbulletin->session->vars['sessionurl_js']); } else { exec_header_redirect('index.php'); } } // ############################################################################# // ################################# SAVE NOTES ################################ // ############################################################################# if ($_POST['do'] == 'notes') { $vbulletin->input->clean_array_gpc('p', array('notes' => TYPE_STR)); $admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_CP); $admindm->set_existing($vbulletin->userinfo); $admindm->set('notes', $vbulletin->GPC['notes']); $admindm->save();
$vbulletin->GPC['newpasswordconfirm'] =& md5($vbulletin->GPC['newpasswordconfirm']); } // check that new passwords match if ($vbulletin->GPC['newpassword'] != $vbulletin->GPC['newpasswordconfirm']) { eval(standard_error(fetch_error('passwordmismatch'))); } // check to see if the new password is invalid due to previous use if ($userdata->check_password_history($userdata->hash_password($vbulletin->GPC['newpassword'], $vbulletin->userinfo['salt']), $permissions['passwordhistory'])) { eval(standard_error(fetch_error('passwordhistory', $permissions['passwordhistory']))); } // everything is good - send the singly-hashed MD5 to the password update routine $userdata->set('password', $vbulletin->GPC['newpassword']); // Update cookie if we have one $vbulletin->input->clean_array_gpc('c', array(COOKIE_PREFIX . 'password' => TYPE_STR, COOKIE_PREFIX . 'userid' => TYPE_UINT)); if (md5($vbulletin->userinfo['password'] . COOKIE_SALT) == $vbulletin->GPC[COOKIE_PREFIX . 'password'] and $vbulletin->GPC[COOKIE_PREFIX . 'userid'] == $vbulletin->userinfo['userid']) { vbsetcookie('password', md5(md5($vbulletin->GPC['newpassword'] . $vbulletin->userinfo['salt']) . COOKIE_SALT), true, true, true); } } // update email only if user is not banned (see bug 2142) and email is changed if ($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] and ($vbulletin->GPC['email'] != $vbulletin->userinfo['email'] or $vbulletin->GPC['emailconfirm'] != $vbulletin->userinfo['email'])) { // check that new email addresses match if ($vbulletin->GPC['email'] != $vbulletin->GPC['emailconfirm']) { eval(standard_error(fetch_error('emailmismatch'))); } // set the email field to be updated $userdata->set('email', $vbulletin->GPC['email']); // generate an activation ID if required if ($vbulletin->options['verifyemail'] and !can_moderate()) { $userdata->set('usergroupid', 3); $userdata->set_info('override_usergroupid', true); $activate = true;
public function update_user(&$userdata) { //Validate userdata by passing through our userdata_convert function $vbuser = $this->userdata_convert($userdata); //Check for userinfo from the username provided if (!($existing_user = $this->fetch_userinfo_from_username($vbuser['username']))) { return 'Username does not exist.'; } //Set existing user data $this->userdm->set_existing($existing_user); //Loop through new user data and set it foreach ($vbuser as $key => $value) { $this->userdm->set($key, $value); } // reset password cookie in case password changed if (isset($vbuser['password'])) { vbsetcookie('password', md5($this->vbulletin->userinfo['password'] . COOKIE_SALT), PERMANENT_COOKIE, true, true); } //If there are any errors return them if (count($this->userdm->errors)) { return $this->userdm->errors; } //If there are no errors then SAVE the set data and return false. $this->vbulletin->userinfo['userid'] = $this->userdm->save(); return false; }