public function preinit() { parent::preinit(); session_name('sampleApp'); session_start(); if (session::logged_in()) { session::refresh(); } }
public static function start($uid) { if (!($forum_fid = get_forum_fid())) { $forum_fid = 0; } if (!($user = user_get($uid))) { $user = array('UID' => 0, 'LOGON' => 'GUEST', 'NICKNAME' => 'Guest', 'EMAIL' => ''); } unset($user['IPADDRESS'], $user['PASSWD'], $user['REFERER'], $user['PEER_NICKNAME']); $_SESSION = array_merge($_SESSION, $user); $_SESSION['FID'] = $forum_fid; $_SESSION['IPADDRESS'] = get_ip_address(); if (session::logged_in() && ($user_prefs = user_get_prefs($uid))) { $_SESSION = array_merge($_SESSION, $user_prefs); } else { $_SESSION = array_merge($_SESSION, user_get_pref_names(array('STYLE'))); } if ($user_perms = session::get_perm_array($uid, $forum_fid)) { $_SESSION['PERMS'] = $user_perms; } if (!isset($_SESSION['RAND_HASH'])) { $_SESSION['RAND_HASH'] = md5(uniqid(mt_rand())); } if ($uid > 0 && !forum_get_last_visit($uid) && ($gid = perm_get_default_group())) { perm_add_user_to_group($uid, $gid); } }
function light_folder_search_dropdown($selected_folder) { if (!($db = db::get())) { return false; } if (!is_numeric($selected_folder)) { return false; } if (!($table_prefix = get_table_prefix())) { return false; } $available_folders = array(); $access_allowed = USER_PERM_POST_READ; $sql = "SELECT FID, TITLE FROM `{$table_prefix}FOLDER` "; $sql .= "ORDER BY FID "; if (!($result = $db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } while (($folder_data = $result->fetch_assoc()) !== null) { if (!session::logged_in()) { if (session::check_perm(USER_PERM_GUEST_ACCESS, $folder_data['FID'])) { $available_folders[$folder_data['FID']] = htmlentities_array($folder_data['TITLE']); } } else { if (session::check_perm($access_allowed, $folder_data['FID'])) { $available_folders[$folder_data['FID']] = htmlentities_array($folder_data['TITLE']); } } } if (sizeof($available_folders) == 0) { return false; } $available_folders = array(gettext("ALL")) + $available_folders; return light_form_dropdown_array("fid", $available_folders, $selected_folder); }
function poll_vote($tid, $vote_array) { if (($uid = session::get_value('UID')) === false) { return false; } if (!is_numeric($tid)) { return false; } if (!is_array($vote_array)) { return false; } if (!($db = db::get())) { return false; } if (!($table_prefix = get_table_prefix())) { return false; } $poll_data = poll_get($tid); $poll_results = poll_get_votes($tid); $current_datetime = date(MYSQL_DATETIME, time()); if (!poll_get_user_votes($tid) || $poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI || !session::logged_in() && ($poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y'))) { foreach ($vote_array as $question_id => $option_data) { if (!is_numeric($question_id) || !isset($poll_results[$question_id])) { continue; } if (is_array($option_data) && sizeof($option_data) > 0) { foreach ($option_data as $option_id => $option_value) { if (!is_numeric($option_id) || $option_value != 'Y') { continue; } if (!isset($poll_results[$question_id]['OPTIONS_ARRAY'][$option_id])) { continue; } $sql = "INSERT INTO `{$table_prefix}USER_POLL_VOTES` (TID, UID, QUESTION_ID, OPTION_ID, VOTED) "; $sql .= "VALUES ('{$tid}', '{$uid}', '{$question_id}', '{$option_id}', CAST('{$current_datetime}' AS DATETIME))"; if (!$db->query($sql)) { return false; } } } else { if (is_numeric($option_data)) { if (!isset($poll_results[$question_id]['OPTIONS_ARRAY'][$option_data])) { continue; } $sql = "INSERT INTO `{$table_prefix}USER_POLL_VOTES` (TID, UID, QUESTION_ID, OPTION_ID, VOTED) "; $sql .= "VALUES ('{$tid}', '{$uid}', '{$question_id}', '{$option_data}', CAST('{$current_datetime}' AS DATETIME))"; if (!$db->query($sql)) { return false; } } } } } return true; }
function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true) { if (!is_array($attachment)) { return false; } if (!is_bool($show_thumbs)) { $show_thumbs = true; } if (!is_bool($limit_filename)) { $limit_filename = false; } if (!is_bool($local_path)) { $local_path = false; } if (!is_bool($img_tag)) { $img_tag = true; } if (!($attachment_dir = attachments_check_dir())) { return false; } if (!isset($attachment['hash'])) { return false; } if (!isset($attachment['filename'])) { return false; } if (!isset($attachment['downloads'])) { return false; } if (!is_md5($attachment['hash'])) { return false; } $thumbnail_max_size = 100; $webtag = get_webtag(); forum_check_webtag_available($webtag); if (isset($_SESSION['SHOW_THUMBS']) && is_numeric($_SESSION['SHOW_THUMBS'])) { $user_show_thumbs = $_SESSION['SHOW_THUMBS']; } else { $user_show_thumbs = 100; } if ($show_thumbs && forum_get_setting('attachment_thumbnails', 'Y') && ($user_show_thumbs > 0 || !session::logged_in())) { $thumbnail_size = array(1 => 50, 2 => 100, 3 => 150); $thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100; } else { $show_thumbs = false; } if ($local_path) { $attachment_href = "attachments/{$attachment['filename']}"; } else { $attachment_href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}"; $attachment_href .= "&filename={$attachment['filename']}"; } if ($img_tag) { $title_array = array(); if (mb_strlen($attachment['filename']) > 16 && $limit_filename) { $title_array[] = sprintf(gettext("Filename: %s"), $attachment['filename']); $attachment['filename'] = format_file_name($attachment['filename']); } if (isset($attachment['filesize']) && is_numeric($attachment['filesize']) && $attachment['filesize'] > 0) { $title_array[] = sprintf(gettext("Size: %s"), format_file_size($attachment['filesize'])); } if ($attachment['downloads'] == 1) { $title_array[] = gettext("Downloaded: 1 time"); } else { $title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']); } if (isset($attachment['width'], $attachment['height'])) { $title_array[] = sprintf(gettext("Dimensions %dx%dpx"), $attachment['width'], $attachment['height']); } $title = implode(", ", $title_array); if ($show_thumbs && isset($attachment['thumbnail']) && $attachment['thumbnail'] == 'Y') { $thumbnail_width = 150; $thumbnail_height = 150; while ($thumbnail_width > $thumbnail_max_size) { $thumbnail_width--; $thumbnail_height--; } $attachment_link = "<a href=\"{$attachment_href}\" target=\"_blank\"><span class=\"attachment_thumb\" "; $attachment_link .= "style=\"background-image: url('{$attachment_href}&thumb=1'); "; $attachment_link .= "width: {$thumbnail_width}px; height: {$thumbnail_height}px\" "; $attachment_link .= "title=\"{$title}\"></span></a>"; } else { $attachment_link = html_style_image('attach', gettext("Attachment")); $attachment_link .= "<a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>"; } return $attachment_link; } return $attachment_href; }
function messages_forum_stats($tid, $pid) { $webtag = get_webtag(); forum_check_webtag_available($webtag); if (forum_get_setting('show_stats', 'Y')) { echo "<br />\n"; echo "<div align=\"center\" class=\"messages_forum_stats\">\n"; echo " <form action=\"user_stats.php\" method=\"get\" target=\"_self\">\n"; echo " ", form_input_hidden('webtag', $webtag), "\n"; echo " ", form_input_hidden('msg', "{$tid}.{$pid}"), "\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"96%\">\n"; echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"box\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"posthead\">\n"; echo " <table class=\"posthead\" width=\"100%\" cellspacing=\"0\">\n"; echo " <tr>\n"; echo " <td>\n"; echo " <table border=\"0\" cellspacing=\"0\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\">", gettext("Forum Stats"), "</td>\n"; echo " <td align=\"right\" class=\"subhead\">\n"; if (!session::logged_in()) { echo " "; } else { if (isset($_SESSION['SHOW_STATS']) && $_SESSION['SHOW_STATS'] == 'Y') { echo " ", form_submit_image('hide', 'forum_stats_toggle', 'hide', null, 'button_image toggle_button'), "\n"; } else { echo " ", form_submit_image('show', 'forum_stats_toggle', 'show', null, 'button_image toggle_button'), "\n"; } } echo " </td>\n"; echo " </tr>"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; if (!session::logged_in() || isset($_SESSION['SHOW_STATS']) && $_SESSION['SHOW_STATS'] == 'Y') { echo " <div id=\"forum_stats\" class=\"forum_stats_toggle\">\n"; } else { echo " <div id=\"forum_stats\" class=\"forum_stats_toggle\" style=\"display: none\">\n"; } echo " <table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" class=\"posthead\">\n"; echo " <tr>\n"; echo " <td rowspan=\"19\" width=\"35\"> </td>\n"; echo " <td> </td>\n"; echo " <td rowspan=\"19\" width=\"35\"> </td>\n"; echo " </tr>\n"; for ($i = 0; $i < 18; $i++) { echo " <tr>\n"; echo " <td> </td>\n"; echo " </tr>\n"; } echo " </table>\n"; echo " </div>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </form>\n"; echo "</div>\n"; } }
function thread_get($tid, $inc_deleted = false, $inc_empty = false) { if (!($db = db::get())) { return false; } $fidlist = folder_get_available(); if (!($table_prefix = get_table_prefix())) { return false; } if (($uid = session::get_value('UID')) === false) { return false; } if (!is_numeric($tid)) { return false; } $unread_cutoff_timestamp = threads_get_unread_cutoff(); $sql = "SELECT THREAD.TID, THREAD.FID, THREAD.DELETED, THREAD.LENGTH, "; $sql .= "TRIM(CONCAT_WS(' ', COALESCE(FOLDER.PREFIX, ''), THREAD.TITLE)) AS TITLE, "; $sql .= "THREAD.POLL_FLAG, THREAD.STICKY, THREAD.UNREAD_PID, "; $sql .= "THREAD_STATS.VIEWCOUNT, USER_THREAD.LAST_READ, USER_THREAD.INTEREST, "; $sql .= "THREAD.BY_UID, UNIX_TIMESTAMP(THREAD.CLOSED) AS CLOSED, "; $sql .= "UNIX_TIMESTAMP(THREAD.ADMIN_LOCK) AS ADMIN_LOCK, "; $sql .= "UNIX_TIMESTAMP(THREAD.CREATED) AS CREATED, THREAD.ADMIN_LOCK, "; $sql .= "UNIX_TIMESTAMP(THREAD.STICKY_UNTIL) AS STICKY_UNTIL, "; $sql .= "UNIX_TIMESTAMP(THREAD.MODIFIED) AS MODIFIED, USER.UID, USER.LOGON, "; $sql .= "USER.NICKNAME, USER_PEER.PEER_NICKNAME, USER_PEER.RELATIONSHIP, "; $sql .= "FOLDER.TITLE AS FOLDER_TITLE FROM `{$table_prefix}THREAD` THREAD "; $sql .= "LEFT JOIN `{$table_prefix}THREAD_STATS` THREAD_STATS "; $sql .= "ON (THREAD_STATS.TID = THREAD.TID) "; $sql .= "LEFT JOIN `{$table_prefix}USER_THREAD` USER_THREAD "; $sql .= "ON (THREAD.TID = USER_THREAD.TID AND USER_THREAD.UID = '{$uid}') "; $sql .= "LEFT JOIN `{$table_prefix}USER_PEER` USER_PEER "; $sql .= "ON (USER_PEER.PEER_UID = THREAD.BY_UID AND USER_PEER.UID = '{$uid}') "; $sql .= "LEFT JOIN USER USER ON (USER.UID = THREAD.BY_UID) "; $sql .= "LEFT JOIN `{$table_prefix}FOLDER` FOLDER ON (FOLDER.FID = THREAD.FID) "; $sql .= "WHERE THREAD.TID = '{$tid}' AND THREAD.FID IN ({$fidlist}) "; if ($inc_deleted === false) { $sql .= "AND THREAD.DELETED = 'N' "; } if ($inc_empty === false) { $sql .= "AND THREAD.LENGTH > 0 "; } if (!($result = $db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } $thread_data = $result->fetch_assoc(); if (!isset($thread_data['INTEREST'])) { $thread_data['INTEREST'] = 0; } if (!session::logged_in()) { $thread_data['LAST_READ'] = 0; } else { if (!isset($thread_data['LAST_READ']) || !is_numeric($thread_data['LAST_READ'])) { $thread_data['LAST_READ'] = 0; if (isset($thread_data['MODIFIED']) && $unread_cutoff_timestamp !== false && $thread_data['MODIFIED'] < $unread_cutoff_timestamp) { $thread_data['LAST_READ'] = $thread_data['LENGTH']; } else { if (isset($thread_data['UNREAD_PID']) && is_numeric($thread_data['UNREAD_PID'])) { $thread_data['LAST_READ'] = $thread_data['UNREAD_PID']; } } } } if (!isset($thread_data['STICKY_UNTIL'])) { $thread_data['STICKY_UNTIL'] = 0; } if (!isset($thread_data['ADMIN_LOCK'])) { $thread_data['ADMIN_LOCK'] = 0; } if (!isset($thread_data['CLOSED'])) { $thread_data['CLOSED'] = 0; } if (!isset($thread_data['DELETED'])) { $thread_data['DELETED'] = 'N'; } if (isset($thread_data['LOGON']) && isset($thread_data['PEER_NICKNAME'])) { if (!is_null($thread_data['PEER_NICKNAME']) && strlen($thread_data['PEER_NICKNAME']) > 0) { $thread_data['NICKNAME'] = $thread_data['PEER_NICKNAME']; } } if (!isset($thread_data['LOGON'])) { $thread_data['LOGON'] = gettext("Unknown user"); } if (!isset($thread_data['NICKNAME'])) { $thread_data['NICKNAME'] = ""; } thread_has_attachments($thread_data); return $thread_data; }
if ($_GET['login'] == "guest" && $enable_guest_mode != 1) { $_SESSION['guest'] = 0; } if ($enable_user_login != 1) { $login = $_POST['login']; $password = $_POST['password']; logSQL("POSSIBLE HACK ATTEMPT. Person was from IP: '" . getIP() . "'. and used Username: '******' Password: '******'."); $_SESSION['error'] = 1; } else { session::login($_POST['login'], $_POST['password']); } header('Location: index.php'); exit; } // Verify user is logged in if (session::logged_in() != TRUE) { $body = new Template("templates/login.tmpl.php"); $error = isset($_SESSION['error']) ? 1 : 0; $body->set('enable_guest_mode', $enable_guest_mode); $body->set('enable_user_login', $enable_user_login); $body->set('error', $error); $body->set('login', $login); $body->set('password', $password); $tmpl->set('body', $body); echo $tmpl->fetch('templates/index.tmpl.php'); unset($_SESSION['error']); exit; } // Get IP address function getIP() {
function adsense_output_html() { static $adsense_displayed = false; $webtag = get_webtag(); forum_check_webtag_available($webtag); if ($adsense_displayed === false) { if (adsense_publisher_id()) { $adsense_display_users = adsense_display_users(); $ad_type = 'medium'; $ad_width = 468; $ad_height = 60; adsense_get_banner_type($ad_type, $ad_width, $ad_height); echo "<div class=\"google_adsense_container\" style=\"width: 100%; text-align: center\">\n"; echo " <div style=\"width: {$ad_width}px; margin: auto\">\n"; echo " <script type=\"text/javascript\" src=\"http://pagead2.googlesyndication.com/pagead/show_ads.js\"></script>\n"; if (!session::logged_in() && $adsense_display_users == ADSENSE_DISPLAY_GUESTS) { echo " <div class=\"google_adsense_register_note\"><a href=\"index.php?webtag={$webtag}&final_uri=register.php%3Fwebtag%3D{$webtag}\" target=\"", html_get_top_frame_name(), "\">", gettext("Register to remove these adverts."), "</a></div>\n"; } echo " </div>\n"; echo "</div>\n"; $adsense_displayed = true; } } }
public static function refresh($uid) { $ip_address = get_ip_address(); $http_referer = session::get_http_referer(); if (!($forum_fid = get_forum_fid())) { $forum_fid = 0; } if (!($user = user_get($uid))) { $user = array('UID' => 0, 'LOGON' => 'GUEST', 'NICKNAME' => 'Guest', 'EMAIL' => ''); } unset($user['IPADDRESS'], $user['PASSWD'], $user['REFERER']); $_SESSION = array_merge($_SESSION, $user); $_SESSION['FID'] = $forum_fid; $_SESSION['IPADDRESS'] = get_ip_address(); if (session::logged_in() && ($user_prefs = user_get_prefs($uid))) { $_SESSION = array_merge($_SESSION, $user_prefs); } if ($user_perms = session::get_perm_array($uid, $forum_fid)) { $_SESSION['PERMS'] = $user_perms; } if (!isset($_SESSION['REFERER'])) { $_SESSION['REFERER'] = session::get_http_referer(); } if (!isset($_SESSION['RAND_HASH'])) { $_SESSION['RAND_HASH'] = md5(uniqid(mt_rand())); } if (isset($user_prefs['STYLE'])) { html_set_cookie("forum_style", $user_prefs['STYLE'], time() + YEAR_IN_SECONDS); } }
function pm_get_unread_count() { if (!($db = db::get())) { return false; } if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) { return false; } // Guests don't do PMs. if (!session::logged_in()) { return false; } $pm_unread = PM_UNREAD; // Check to see if the user has any new PMs $sql = "SELECT COUNT(MID) FROM PM_TYPE WHERE (TYPE & {$pm_unread}) "; $sql .= "AND UID = '{$_SESSION['UID']}' "; if (!($result = $db->query($sql))) { return false; } list($pm_unread_count) = $result->fetch_row(); return $pm_unread_count; }
function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true) { if (!is_array($attachment)) { return false; } if (!is_bool($show_thumbs)) { $show_thumbs = true; } if (!is_bool($limit_filename)) { $limit_filename = false; } if (!is_bool($local_path)) { $local_path = false; } if (!is_bool($img_tag)) { $img_tag = true; } if (!($attachment_dir = forum_get_setting('attachment_dir'))) { return false; } if (!isset($attachment['aid'])) { return false; } if (!isset($attachment['hash'])) { return false; } if (!isset($attachment['filename'])) { return false; } if (!isset($attachment['downloads'])) { return false; } if (!is_md5($attachment['aid'])) { return false; } if (!is_md5($attachment['hash'])) { return false; } $webtag = get_webtag(); if (forum_get_setting('attachment_thumbnails', 'Y') && (($user_show_thumbs = session::get_value('SHOW_THUMBS')) > 0 || !session::logged_in())) { $thumbnail_size = array(1 => 50, 2 => 100, 3 => 150); $thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100; } else { $thumbnail_max_size = 100; $show_thumbs = false; } if ($local_path) { $attachment_href = "attachments/{$attachment['filename']}"; } else { $attachment_href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}"; $attachment_href .= "&filename={$attachment['filename']}"; } if ($img_tag === true) { $title_array = array(); if (mb_strlen($attachment['filename']) > 16 && $limit_filename) { $title_array[] = gettext("Filename") . ": {$attachment['filename']}"; $attachment['filename'] = mb_substr($attachment['filename'], 0, 16); $attachment['filename'] .= "…"; } if (isset($attachment['filesize']) && is_numeric($attachment['filesize'])) { $title_array[] = gettext("Size") . ": " . format_file_size($attachment['filesize']); } if ($attachment['downloads'] == 1) { $title_array[] = gettext("Downloaded: 1 time"); } else { $title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']); } if (@file_exists("{$attachment_dir}/{$attachment['hash']}.thumb") && $show_thumbs) { if (@($image_info = getimagesize("{$attachment_dir}/{$attachment['hash']}"))) { $title_array[] = gettext("Dimensions") . ": {$image_info[0]}x{$image_info[1]}px"; $thumbnail_width = $image_info[0]; $thumbnail_height = $image_info[1]; while ($thumbnail_width > $thumbnail_max_size || $thumbnail_height > $thumbnail_max_size) { $thumbnail_width--; $thumbnail_height = floor($thumbnail_width * ($image_info[1] / $image_info[0])); } $title = implode(", ", $title_array); $attachment_link = "<span class=\"attachment_thumb\"><a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\"><img src=\"{$attachment_href}&thumb=1\""; $attachment_link .= "border=\"0\" width=\"{$thumbnail_width}\" height=\"{$thumbnail_height}\""; $attachment_link .= "alt=\"{$title}\" title=\"{$title}\" /></a></span>"; return $attachment_link; } } $title = implode(", ", $title_array); $attachment_link = "<img src=\""; $attachment_link .= html_style_image('attach.png'); $attachment_link .= "\" width=\"14\" height=\"14\" border=\"0\" "; $attachment_link .= "alt=\"" . gettext("Attachment") . "\" "; $attachment_link .= "title=\"" . gettext("Attachment") . "\" />"; $attachment_link .= "<a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>\n"; return $attachment_link; } return $attachment_href; }
function pm_get_unread_count() { if (!($db = db::get())) { return false; } if (($uid = session::get_value('UID')) === false) { return false; } // Guests don't do PMs. if (!session::logged_in()) { return false; } $pm_unread = PM_UNREAD; // Check to see if the user has any new PMs $sql = "SELECT COUNT(MID) FROM PM WHERE (TYPE & {$pm_unread} > 0) "; $sql .= "AND TO_UID = '{$uid}'"; if (!($result = $db->query($sql))) { return false; } list($pm_unread_count) = $result->fetch_row(); return $pm_unread_count; }
USA ======================================================================*/ // Bootstrap require_once 'boot.php'; // Required includes require_once BH_INCLUDE_PATH . 'attachments.inc.php'; require_once BH_INCLUDE_PATH . 'cache.inc.php'; require_once BH_INCLUDE_PATH . 'constants.inc.php'; require_once BH_INCLUDE_PATH . 'format.inc.php'; require_once BH_INCLUDE_PATH . 'forum.inc.php'; require_once BH_INCLUDE_PATH . 'header.inc.php'; require_once BH_INCLUDE_PATH . 'html.inc.php'; require_once BH_INCLUDE_PATH . 'session.inc.php'; // End Required includes // Check we're logged in correctly, or have access to attachments. if (!session::logged_in() && !forum_get_setting('attachment_allow_guests', 'Y')) { html_guest_error(); } // If the attachments directory is undefined we can't go any further if (!($attachment_dir = attachments_check_dir())) { html_draw_error(gettext("Attachments have been disabled by the forum owner.")); } // Check we have a valid attachment hash. if (!isset($_GET['hash']) || !is_md5($_GET['hash'])) { html_draw_error(gettext('Missing or invalid attachment hash')); } // Get the hash from the URL query. $hash = $_GET['hash']; // Get the array of allowed attachment mime-types $attachment_mime_types = attachments_get_mime_types(); // Get the attachment details.
function messages_forum_stats($tid, $pid) { $webtag = get_webtag(); if (forum_get_setting('show_stats', 'Y')) { echo "<br />\n"; echo "<div align=\"center\">\n"; echo " <form action=\"user_stats.php\" method=\"get\" target=\"_self\">\n"; echo " ", form_input_hidden('webtag', $webtag), "\n"; echo " ", form_input_hidden('msg', "{$tid}.{$pid}"), "\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"96%\">\n"; echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"box\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"posthead\">\n"; echo " <table class=\"posthead\" width=\"100%\" cellspacing=\"0\">\n"; echo " <tr>\n"; echo " <td>\n"; echo " <table border=\"0\" cellspacing=\"0\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\">", gettext("Forum Stats"), "</td>\n"; echo " <td align=\"right\" class=\"subhead\">\n"; if (!session::logged_in()) { echo " "; } else { if (session::get_value("SHOW_STATS") == "Y") { echo " ", form_submit_image('hide.png', 'forum_stats_toggle', 'hide', '', 'button_image toggle_button'), "\n"; } else { echo " ", form_submit_image('show.png', 'forum_stats_toggle', 'show', '', 'button_image toggle_button'), "\n"; } } echo " </td>\n"; echo " </tr>"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; if (!session::logged_in() || session::get_value("SHOW_STATS") == "Y") { echo " <div id=\"forum_stats\" class=\"forum_stats_toggle\">\n"; } else { echo " <div id=\"forum_stats\" class=\"forum_stats_toggle\" style=\"display: none\">\n"; } echo " <table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" class=\"posthead\">\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\" id=\"active_user_counts\"></td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\" class=\"activeusers\" id=\"active_user_list\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\" id=\"thread_stats\"> <br /> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\" id=\"post_stats\"> <br /> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\" id=\"user_stats\"> <br /> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " <td align=\"left\"> </td>\n"; echo " <td align=\"left\" width=\"35\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </div>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </form>\n"; echo "</div>\n"; } }
function html_draw_top(array $options = array()) { $title = null; $class = null; $base_target = null; $robots = null; $main_css = null; $images_css = null; $inline_css = null; $emoticons = null; $frame_set_html = false; $pm_popup_disabled = false; $js = array(); $css = array(); $webtag = get_webtag(); forum_check_webtag_available($webtag); $forum_name = forum_get_setting('forum_name', null, 'A Beehive Forum'); foreach ($options as $key => $value) { switch ($key) { case 'title': case 'class': case 'base_target': case 'robots': case 'main_css': case 'images_css': case 'inline_css': case 'emoticons': ${$key} = !isset(${$key}) && isset($value) ? $value : ${$key}; break; case 'frame_set_html': case 'pm_popup_disabled': ${$key} = is_bool($value) ? $value : ${$key}; break; case 'js': case 'css': if (!is_array($value) || count(array_filter($value, 'is_string')) != count($value)) { throw new InvalidArgumentException(sprintf('Expecting html_draw_top argument %s to be an array of strings', $key)); } ${$key} = $value; break; default: throw new InvalidArgumentException(sprintf('Unknown html_draw_top argument "%s"', $key)); break; } } if (!isset($main_css)) { $main_css = 'style.css'; } if (!isset($images_css)) { $images_css = 'images.css'; } if ($frame_set_html === false) { echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"; echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; } else { echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Frameset//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd\">\n"; } echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"", gettext('en-gb'), "\" lang=\"", gettext('en-gb'), "\" dir=\"", gettext('ltr'), "\">\n"; echo "<head>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n"; // Default Meta keywords and description. $meta_keywords = html_get_forum_keywords(); $meta_description = html_get_forum_description(); if (isset($_GET['msg']) && validate_msg($_GET['msg'])) { list($tid, $pid) = explode('.', $_GET['msg']); message_get_meta_content($_GET['msg'], $meta_keywords, $meta_description); if (isset($_SESSION['POSTS_PER_PAGE']) && is_numeric($_SESSION['POSTS_PER_PAGE'])) { $posts_per_page = max(min($_SESSION['POSTS_PER_PAGE'], 30), 10); } else { $posts_per_page = 20; } if (($thread_data = thread_get($tid)) !== false) { echo "<title>", word_filter_add_ob_tags($thread_data['TITLE'], true), " - ", word_filter_add_ob_tags($forum_name, true), "</title>\n"; echo "<link rel=\"canonical\" href=\"", html_get_forum_uri("index.php?webtag={$webtag}&msg={$tid}.1"), "\" />\n"; if ($thread_data['LENGTH'] > $posts_per_page) { $prev_page = $pid - $posts_per_page > 0 ? $pid - $posts_per_page : 1; $next_page = $pid + $posts_per_page < $thread_data['LENGTH'] ? $pid + $posts_per_page : $thread_data['LENGTH']; $last_page = floor($thread_data['LENGTH'] / $posts_per_page) * $posts_per_page + 1; echo "<link rel=\"first\" href=\"", html_get_forum_uri("index.php?webtag={$webtag}&msg={$tid}.1"), "\" />\n"; echo "<link rel=\"last\" href=\"", html_get_forum_uri("index.php?webtag={$webtag}&msg={$tid}.{$last_page}"), "\" />\n"; if ($pid + $posts_per_page < $thread_data['LENGTH']) { echo "<link rel=\"next\" href=\"", html_get_forum_uri("index.php?webtag={$webtag}&msg={$tid}.{$next_page}"), "\" />\n"; } if ($pid > 1) { echo "<link rel=\"prev\" href=\"", html_get_forum_uri("index.php?webtag={$webtag}&msg={$tid}.{$prev_page}"), "\" />\n"; } } } else { if (isset($title)) { echo "<title>", word_filter_add_ob_tags($title, true), " - ", word_filter_add_ob_tags($forum_name, true), "</title>\n"; } else { echo "<title>", word_filter_add_ob_tags($forum_name, true), "</title>\n"; } } } else { if (isset($title)) { echo "<title>", word_filter_add_ob_tags($title, true), " - ", htmlentities_array($forum_name), "</title>\n"; } else { echo "<title>", htmlentities_array($forum_name), "</title>\n"; } } $forum_content_rating = html_get_forum_content_rating(); echo "<meta name=\"generator\" content=\"Beehive Forum ", BEEHIVE_VERSION, "\" />\n"; echo "<meta name=\"keywords\" content=\"", word_filter_add_ob_tags($meta_keywords, true), "\" />\n"; echo "<meta name=\"description\" content=\"", word_filter_add_ob_tags($meta_description, true), "\" />\n"; echo "<meta name=\"rating\" content=\"{$forum_content_rating}\" />\n"; if (forum_get_setting('allow_search_spidering', 'N') || isset($pid) && $pid > 1) { echo "<meta name=\"robots\" content=\"noindex,nofollow\" />\n"; } else { if (isset($robots)) { echo "<meta name=\"robots\" content=\"", htmlentities_array($robots), "\" />\n"; } } printf("<meta name=\"application-name\" content=\"%s\" />\n", htmlentities_array(word_filter_add_ob_tags($forum_name, true))); printf("<meta name=\"msapplication-tooltip\" content=\"%s\" />\n", htmlentities_array(word_filter_add_ob_tags($meta_description, true))); if (forum_check_webtag_available($webtag)) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", gettext('Messages'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=discussion.php%3Fwebtag%3D{$webtag}")), html_get_style_file('images/msie/unread_thread.ico', true)); if (forum_get_setting('show_links', 'Y')) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", gettext('Links'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=links.php%3Fwebtag%3D{$webtag}")), html_get_style_file('images/msie/link.ico', true)); } } if (forum_get_setting('show_pms', 'Y')) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", gettext('Inbox'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=pm.php%3Fwebtag%3D{$webtag}")), html_get_style_file('images/msie/pm_unread.ico', true)); } if (forum_check_webtag_available($webtag)) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", gettext('My Controls'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=user.php%3Fwebtag%3D{$webtag}")), html_get_style_file('images/msie/user_controls.ico', true)); } if (session::logged_in() && (session::check_perm(USER_PERM_FORUM_TOOLS, 0) || session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::get_folders_by_perm(USER_PERM_FOLDER_MODERATE))) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", gettext('Admin'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=admin.php%3Fwebtag%3D{$webtag}")), html_get_style_file('images/msie/admin_tool.ico', true)); } printf("<meta name=\"msapplication-starturl\" content=\"%s\" />\n", htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}"))); $rss_feed_path = html_get_forum_file_path("threads_rss.php?webtag={$webtag}"); printf("<link rel=\"alternate\" type=\"application/rss+xml\" title=\"%s - %s\" href=\"%s\" />\n", htmlentities_array($forum_name), htmlentities_array(gettext('RSS Feed')), htmlentities_array($rss_feed_path)); if (($folders_array = folder_get_available_details()) !== false) { foreach ($folders_array as $folder) { $rss_feed_path = html_get_forum_file_path("threads_rss.php?webtag={$webtag}&fid={$folder['FID']}"); printf("<link rel=\"alternate\" type=\"application/rss+xml\" title=\"%s - %s - %s\" href=\"%s\" />\n", htmlentities_array($forum_name), htmlentities_array($folder['TITLE']), htmlentities_array(gettext('RSS Feed')), htmlentities_array($rss_feed_path)); } } if (($user_style_path = html_get_user_style_path()) !== false) { printf("<link rel=\"apple-touch-icon\" href=\"%s\" />\n", htmlentities_array(html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-57x57.png', $user_style_path)))); printf("<link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"%s\" />\n", htmlentities_array(html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-72x72.png', $user_style_path)))); printf("<link rel=\"apple-touch-icon\" sizes=\"114x114\" href=\"%s\" />\n", htmlentities_array(html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-114x114.png', $user_style_path)))); printf("<link rel=\"apple-touch-icon\" sizes=\"144x144\" href=\"%s\" />\n", htmlentities_array(html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-144x144.png', $user_style_path)))); printf("<link rel=\"shortcut icon\" type=\"image/ico\" href=\"%s\" />\n", htmlentities_array(html_get_forum_file_path(sprintf('styles/%s/images/favicon.ico', $user_style_path)))); } $opensearch_path = html_get_forum_uri(sprintf('search.php?webtag=%s&opensearch', $webtag)); printf("<link rel=\"search\" type=\"application/opensearchdescription+xml\" title=\"%s\" href=\"%s\" />\n", htmlentities_array($forum_name), htmlentities_array($opensearch_path)); if (($style_sheet = html_get_style_file($main_css)) !== false) { echo html_include_css($style_sheet); } if (($emoticon_style_sheet = html_get_emoticon_style_sheet($emoticons)) !== false) { echo html_include_css($emoticon_style_sheet, 'print, screen'); } if (($images_style_sheet = html_get_style_file($images_css)) !== false) { echo html_include_css($images_style_sheet); } if (isset($inline_css)) { echo "<style type=\"text/css\">\n"; echo "<!--\n\n", $inline_css, "\n\n//-->\n"; echo "</style>\n"; } // Font size (not for Guests) if (session::logged_in()) { echo html_include_css(html_get_forum_file_path(sprintf('font_size.php?webtag=%s', $webtag)), 'screen', 'user_font'); } if ($base_target) { echo "<base target=\"", htmlentities_array($base_target), "\" />\n"; } echo html_include_javascript(html_get_forum_file_path('js/jquery.min.js')); echo html_include_javascript(html_get_forum_file_path('js/jquery.placeholder.min.js')); echo html_include_javascript(html_get_forum_file_path('js/jquery.ui.autocomplete.min.js')); echo html_include_javascript(html_get_forum_file_path('js/jquery.parsequery.min.js')); echo html_include_javascript(html_get_forum_file_path('js/jquery.sprintf.min.js')); echo html_include_javascript(html_get_forum_file_path('js/jquery.url.min.js')); echo html_include_javascript(html_get_forum_file_path('js/general.js')); if ($frame_set_html === false) { // Check for any new PMs. if (session::logged_in()) { // Check to see if the PM popup is disabled on the current page. if ($pm_popup_disabled === false) { // Pages we don't want the popup to appear on $pm_popup_disabled_pages = get_pm_popup_disabled_files(); // Check that we're not on one of the pages. if (!in_array(basename($_SERVER['PHP_SELF']), $pm_popup_disabled_pages)) { echo html_include_javascript(html_get_forum_file_path('js/pm.js')); } } // Overflow auto-resize functionality. $resize_images_page = get_image_resize_files(); if (in_array(basename($_SERVER['PHP_SELF']), $resize_images_page)) { if (isset($_SESSION['USE_OVERFLOW_RESIZE']) && $_SESSION['USE_OVERFLOW_RESIZE'] == 'Y') { echo html_include_javascript(html_get_forum_file_path('js/overflow.js')); } } // Mouseover spoiler pages $message_display_pages = get_message_display_files(); if (in_array(basename($_SERVER['PHP_SELF']), $message_display_pages)) { echo html_include_javascript(html_get_forum_file_path('js/spoiler.js')); } } // Stats Display pages $stats_display_pages = array('messages.php'); if (in_array(basename($_SERVER['PHP_SELF']), $stats_display_pages)) { echo html_include_javascript(html_get_forum_file_path('js/stats.js')); } } foreach ($css as $css_file) { echo html_include_css(html_get_forum_file_path($css_file)); } foreach ($js as $js_file) { echo html_include_javascript(html_get_forum_file_path($js_file)); } echo html_include_javascript(html_get_forum_file_path("json.php?webtag={$webtag}")); if ($frame_set_html === true && ($google_analytics_code = html_get_google_analytics_code())) { echo "<script type=\"text/javascript\">\n\n"; echo " var _gaq = _gaq || [];\n"; echo " _gaq.push(['_setAccount', '{$google_analytics_code}']);\n"; echo " _gaq.push(['_trackPageview']);\n\n"; echo " (function() {\n"; echo " var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;\n"; echo " ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';\n"; echo " var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);\n"; echo " })();\n\n"; echo "</script>\n"; } echo "</head>\n\n"; if ($frame_set_html === false) { $classes = array(basename($_SERVER['PHP_SELF'], '.php')); if ($class) { $classes[] = $class; } printf("<body class=\"%s\">\n", implode(' ', htmlentities_array($classes))); if (html_output_adsense_settings() && adsense_check_user() && adsense_check_page()) { adsense_output_html(); echo "<br />\n"; } echo '<div id="fb-root"></div>'; } }
function folder_get_available_array_by_forum($forum_fid) { if (!session::logged_in()) { if (($folder_list = session::get_folders_by_perm(USER_PERM_GUEST_ACCESS, $forum_fid)) !== false) { return array_filter($folder_list, 'is_numeric'); } } else { if (($folder_list = session::get_folders_by_perm(USER_PERM_POST_READ, $forum_fid)) !== false) { return array_filter($folder_list, 'is_numeric'); } } return '0'; }
include_once '../private_functions/session.php'; include_once '../private_functions/welcome.php'; /** * Login/Logout */ //if $_GET['user_action'] is true then assign the appropriate action if (isset($_GET['user_action'])) { $user_action = $_GET['user_action']; if ($user_action == "login") { $username = $_POST['username']; $password = $_POST['password']; if (session::log_in($username, $password)) { } else { $error = 1; } } if ($user_action == "logout") { session::log_out(); } } /** * Run a few side scripts that need to be included on each page */ //start a session session_start(); //define a variable for function logged_in $logged_in = session::logged_in(); //set session defaults if (!isset($_SESSION['uid'])) { session::session_defaults(); }
function thread_list_available_views() { $unread_cutoff_stamp = forum_get_unread_cutoff(); if (!session::logged_in()) { $available_views = array(ALL_DISCUSSIONS => gettext("All Discussions"), TODAYS_DISCUSSIONS => gettext("Today's Discussions"), TWO_DAYS_BACK => gettext("2 Days Back"), SEVEN_DAYS_BACK => gettext("7 Days Back")); } else { $available_views = array(ALL_DISCUSSIONS => gettext("All Discussions"), UNREAD_DISCUSSIONS => gettext("Unread Discussions"), UNREAD_DISCUSSIONS_TO_ME => gettext("Unread "To: Me""), TODAYS_DISCUSSIONS => gettext("Today's Discussions"), UNREAD_TODAY => gettext("Unread today"), TWO_DAYS_BACK => gettext("2 Days Back"), SEVEN_DAYS_BACK => gettext("7 Days Back"), HIGH_INTEREST => gettext("High Interest"), UNREAD_HIGH_INTEREST => gettext("Unread High Interest"), RECENTLY_SEEN => gettext("I've recently seen"), IGNORED_THREADS => gettext("I've ignored"), BY_IGNORED_USERS => gettext("By ignored users"), SUBSCRIBED_TO => gettext("I've subscribed to"), STARTED_BY_FRIEND => gettext("Started by friend"), UNREAD_STARTED_BY_FRIEND => gettext("Unread started by friend"), STARTED_BY_ME => gettext("Started by me"), POLL_THREADS => gettext("Polls"), STICKY_THREADS => gettext("Sticky Threads"), MOST_UNREAD_POSTS => gettext("Most unread posts"), SEARCH_RESULTS => gettext("Search Results"), DELETED_THREADS => gettext("Deleted Threads")); if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) { if ($unread_cutoff_stamp === false) { // Remove unread thread options (Unread Discussions, Unread Today, // Unread High Interest, Unread Started By Friend, Most Unread Posts). unset($available_views[UNREAD_DISCUSSIONS], $available_views[UNREAD_TODAY], $available_views[UNREAD_HIGH_INTEREST]); unset($available_views[UNREAD_STARTED_BY_FRIEND], $available_views[MOST_UNREAD_POSTS]); } } else { // Remove Admin Deleted Threads option. unset($available_views[DELETED_THREADS]); if ($unread_cutoff_stamp === false) { // Remove unread thread options (Unread Discussions, Unread Today, // Unread High Interest, Unread Started By Friend, Most Unread Posts). unset($available_views[UNREAD_DISCUSSIONS], $available_views[UNREAD_TODAY], $available_views[UNREAD_HIGH_INTEREST]); unset($available_views[UNREAD_STARTED_BY_FRIEND], $available_views[MOST_UNREAD_POSTS]); } } } return $available_views; }
function html_draw_top() { $arg_array = func_get_args(); $title = null; $body_class = null; $base_target = null; $stylesheet_array = array(); $meta_refresh = array('delay' => null, 'url' => null); $robots = null; $frame_set_html = false; $pm_popup_disabled = false; $inline_css = null; $emoticons = null; $webtag = get_webtag(); $forum_name = forum_get_setting('forum_name', null, 'A Beehive Forum'); $func_matches = array(); foreach ($arg_array as $key => $func_args) { if (preg_match('/^title=(.+)?$/Disu', $func_args, $func_matches) > 0) { $title = !isset($title) && isset($func_matches[1]) ? $func_matches[1] : $title; unset($arg_array[$key]); } if (preg_match('/^class=(.+)?$/Disu', $func_args, $func_matches) > 0) { $body_class = !isset($body_class) && isset($func_matches[1]) ? $func_matches[1] : $body_class; unset($arg_array[$key]); } if (preg_match('/^basetarget=(.+)?$/Disu', $func_args, $func_matches) > 0) { $base_target = !isset($base_target) && isset($func_matches[1]) ? $func_matches[1] : $base_target; unset($arg_array[$key]); } if (preg_match('/^stylesheet=([^:]+)(:(.+))?$/Disu', $func_args, $func_matches) > 0) { $stylesheet_array[] = array('filename' => $func_matches[1], 'media' => isset($func_matches[3]) ? $func_matches[3] : 'screen'); unset($arg_array[$key]); } if (preg_match('/^refresh=([^:]+):(.+)$/Disu', $func_args, $func_matches) > 0) { $meta_refresh['delay'] = isset($func_matches[1]) ? $func_matches[1] : null; $meta_refresh['url'] = isset($func_matches[2]) ? $func_matches[2] : null; unset($arg_array[$key]); } if (preg_match('/^robots=(.+)?$/Disu', $func_args, $func_matches) > 0) { $robots = !isset($robots) && isset($func_matches[1]) ? $func_matches[1] : $robots; unset($arg_array[$key]); } if (preg_match('/^frame_set_html$/Disu', $func_args, $func_matches) > 0) { $frame_set_html = true; unset($arg_array[$key]); } if (preg_match('/^pm_popup_disabled$/Disu', $func_args, $func_matches) > 0) { $pm_popup_disabled = true; unset($arg_array[$key]); } if (preg_match('/^inline_css=(.+)/Disu', $func_args, $func_matches) > 0) { $inline_css = !isset($inline_css) && isset($func_matches[1]) ? $func_matches[1] : $inline_css; unset($arg_array[$key]); } if (preg_match('/^emoticons=(.+)?$/Disu', $func_args, $func_matches) > 0) { $emoticons = !isset($emoticons) && isset($func_matches[1]) ? $func_matches[1] : $emoticons; unset($arg_array[$key]); } } echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; if ($frame_set_html === false) { echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; } else { echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Frameset//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd\">\n"; } echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"", _('en-gb'), "\" lang=\"", _('en-gb'), "\" dir=\"", _('ltr'), "\">\n"; echo "<head>\n"; echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n"; // Default Meta keywords and description. $meta_keywords = html_get_forum_keywords(); $meta_description = html_get_forum_description(); if (isset($_GET['msg']) && validate_msg($_GET['msg'])) { message_get_meta_content($_GET['msg'], $meta_keywords, $meta_description); list($tid, $pid) = explode('.', $_GET['msg']); if ($thread_data = thread_get($tid)) { $prev_page = $pid - 10 > 0 ? $pid - 10 : 1; $next_page = $pid + 10 < $thread_data['LENGTH'] ? $pid + 10 : $thread_data['LENGTH']; echo "<link rel=\"first\" href=\"", html_get_forum_file_path("index.php?webtag={$webtag}&msg={$tid}.1"), "\" />\n"; echo "<link rel=\"previous\" href=\"", html_get_forum_file_path("index.php?webtag={$webtag}&msg={$tid}.{$thread_data['LENGTH']}"), "\" />\n"; echo "<link rel=\"next\" href=\"", html_get_forum_file_path("index.php?webtag={$webtag}&msg={$tid}.{$next_page}"), "\" />\n"; echo "<link rel=\"last\" href=\"", html_get_forum_file_path("index.php?webtag={$webtag}&msg={$tid}.{$prev_page}"), "\" />\n"; echo "<title>", word_filter_add_ob_tags($thread_data['TITLE'], true), " - ", word_filter_add_ob_tags($forum_name, true), "</title>\n"; } else { if (isset($title)) { echo "<title>", word_filter_add_ob_tags($title, true), " - ", word_filter_add_ob_tags($forum_name, true), "</title>\n"; } else { echo "<title>", word_filter_add_ob_tags($forum_name, true), "</title>\n"; } } } else { if (isset($title)) { echo "<title>", word_filter_add_ob_tags($title, true), " - ", htmlentities_array($forum_name), "</title>\n"; } else { echo "<title>", htmlentities_array($forum_name), "</title>\n"; } } $forum_content_rating = html_get_forum_content_rating(); echo "<meta name=\"generator\" content=\"Beehive Forum ", BEEHIVE_VERSION, "\" />\n"; echo "<meta name=\"keywords\" content=\"", word_filter_add_ob_tags($meta_keywords, true), "\" />\n"; echo "<meta name=\"description\" content=\"", word_filter_add_ob_tags($meta_description, true), "\" />\n"; echo "<meta name=\"rating\" content=\"{$forum_content_rating}\" />\n"; if (forum_get_setting('allow_search_spidering', 'N')) { echo "<meta name=\"robots\" content=\"noindex,nofollow\" />\n"; } else { if (isset($robots)) { echo "<meta name=\"robots\" content=\"{$robots}\" />\n"; } } if (isset($meta_refresh['url'], $meta_refresh['delay'])) { echo "<meta http-equiv=\"refresh\" content=\"{$meta_refresh['delay']}; url={$meta_refresh['url']}\" />\n"; } printf("<meta name=\"application-name\" content=\"%s\" />\n", word_filter_add_ob_tags($forum_name, true)); printf("<meta name=\"msapplication-tooltip\" content=\"%s\" />\n", word_filter_add_ob_tags($meta_description, true)); if (forum_check_webtag_available($webtag)) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", _('Messages'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=discussion.php%3Fwebtag%3D{$webtag}")), html_style_image('msie/unread_thread.ico', true, true)); if (forum_get_setting('show_links', 'Y')) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", _('Links'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=links.php%3Fwebtag%3D{$webtag}")), html_style_image('msie/link.ico', true, true)); } } if (forum_get_setting('show_pms', 'Y')) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", _('Inbox'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=pm.php%3Fwebtag%3D{$webtag}")), html_style_image('msie/pmunread.ico', true, true)); } if (forum_check_webtag_available($webtag)) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", _('My Controls'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=user.php%3Fwebtag%3D{$webtag}")), html_style_image('msie/user_controls.ico', true, true)); } if (session::logged_in() && (session::check_perm(USER_PERM_FORUM_TOOLS, 0) || session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::get_folders_by_perm(USER_PERM_FOLDER_MODERATE))) { printf("<meta name=\"msapplication-task\" content=\"name=%s;action-uri=%s;icon-uri=%s\" />\n", _('Admin'), htmlentities_array(html_get_forum_file_path("index.php?webtag={$webtag}&final_uri=admin.php%3Fwebtag%3D{$webtag}")), html_style_image('msie/admintool.ico', true, true)); } printf("<meta name=\"msapplication-starturl\" content=\"%s\" />\n", html_get_forum_file_path("index.php?webtag={$webtag}")); $rss_feed_path = html_get_forum_file_path("threads_rss.php?webtag={$webtag}"); printf("<link rel=\"alternate\" type=\"application/rss+xml\" title=\"%s - %s\" href=\"%s\" />\n", htmlentities_array($forum_name), htmlentities_array(_('RSS Feed')), $rss_feed_path); if ($folders_array = folder_get_available_details()) { foreach ($folders_array as $folder) { $rss_feed_path = html_get_forum_file_path("threads_rss.php?webtag={$webtag}&fid={$folder['FID']}"); printf("<link rel=\"alternate\" type=\"application/rss+xml\" title=\"%s - %s - %s\" href=\"%s\" />\n", htmlentities_array($forum_name), htmlentities_array($folder['TITLE']), htmlentities_array(_('RSS Feed')), $rss_feed_path); } } if ($user_style_path = html_get_user_style_path()) { printf("<link rel=\"apple-touch-icon\" href=\"%s\" />\n", html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-57x57.png', $user_style_path))); printf("<link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"%s\" />\n", html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-72x72.png', $user_style_path))); printf("<link rel=\"apple-touch-icon\" sizes=\"114x114\" href=\"%s\" />\n", html_get_forum_file_path(sprintf('styles/%s/images/apple-touch-icon-114x114.png', $user_style_path))); printf("<link rel=\"shortcut icon\" type=\"image/ico\" href=\"%s\" />\n", html_get_forum_file_path(sprintf('styles/%s/images/favicon.ico', $user_style_path))); } $opensearch_path = html_get_forum_file_path(sprintf('search.php?webtag=%s&opensearch', $webtag)); printf("<link rel=\"search\" type=\"application/opensearchdescription+xml\" title=\"%s\" href=\"%s\" />\n", $forum_name, $opensearch_path); if ($style_sheet = html_get_style_sheet()) { html_include_css($style_sheet); } if ($script_style_sheet = html_get_script_style_sheet()) { html_include_css($script_style_sheet); } if ($emoticon_style_sheet = html_get_emoticon_style_sheet($emoticons)) { html_include_css($emoticon_style_sheet, 'print, screen'); } if (isset($stylesheet_array) && is_array($stylesheet_array)) { foreach ($stylesheet_array as $stylesheet) { if (isset($stylesheet['filename']) && isset($stylesheet['media'])) { html_include_css($stylesheet['filename'], $stylesheet['media']); } } } if ($style_path_ie6 = html_get_style_sheet('style_ie6.css')) { echo "<!--[if IE 6]>\n"; html_include_css($style_path_ie6); echo "<![endif]-->\n"; } if (isset($inline_css)) { echo "<style type=\"text/css\">\n"; echo "<!--\n\n", $inline_css, "\n\n//-->\n"; echo "</style>\n"; } // Font size (not for Guests) if (session::logged_in()) { html_include_css(html_get_forum_file_path(sprintf('font_size.php?webtag=%s', $webtag)), 'screen', 'user_font'); } if ($base_target) { echo "<base target=\"{$base_target}\" />\n"; } html_include_javascript(html_get_forum_file_path('js/jquery-1.7.1.min.js')); html_include_javascript(html_get_forum_file_path('js/jquery-ui-1.8.22.autocomplete.min.js')); html_include_javascript(html_get_forum_file_path('js/jquery.parsequery.js')); html_include_javascript(html_get_forum_file_path('js/jquery.sprintf.js')); html_include_javascript(html_get_forum_file_path('js/jquery.url.js')); html_include_javascript(html_get_forum_file_path('js/general.js')); if ($frame_set_html === false) { // Check for any new PMs. if (session::logged_in()) { // Check to see if the PM popup is disabled on the current page. if ($pm_popup_disabled === false) { // Pages we don't want the popup to appear on $pm_popup_disabled_pages = array('admin.php', 'attachments.php', 'change_pw.php', 'confirm_email.php', 'dictionary.php', 'discussion.php', 'display_emoticons.php', 'edit_attachments.php', 'email.php', 'font_size.php', 'forgot_pw.php', 'get_attachment.php', 'index.php', 'mods_list.php', 'nav.php', 'pm.php', 'pm_edit.php', 'pm_folders.php', 'pm_messages.php', 'pm_options.php', 'poll_results.php', 'start.php', 'search_popup.php', 'threads_rss.php', 'user.php', 'user_font.php', 'user_profile.php', 'user_stats.php'); // Check that we're not on one of the pages. if (!in_array(basename($_SERVER['PHP_SELF']), $pm_popup_disabled_pages)) { html_include_javascript(html_get_forum_file_path('js/pm.js')); } } // Overflow auto-resize functionality. $resize_images_page = array('admin_post_approve.php', 'create_poll.php', 'delete.php', 'display.php', 'edit.php', 'edit_poll.php', 'edit_signature.php', 'messages.php', 'post.php', 'pm_write.php', 'pm_edit.php', 'pm_messages.php'); if (in_array(basename($_SERVER['PHP_SELF']), $resize_images_page)) { if (session::get_value('USE_OVERFLOW_RESIZE') == 'Y') { html_include_javascript(html_get_forum_file_path('js/overflow.js')); } } // Mouseover spoiler pages $message_display_pages = array('admin_post_approve.php', 'create_poll.php', 'delete.php', 'display.php', 'edit.php', 'edit_poll.php', 'edit_signature.php', 'ldisplay.php', 'lmessages.php', 'lpost.php', 'messages.php', 'post.php'); if (in_array(basename($_SERVER['PHP_SELF']), $message_display_pages)) { html_include_javascript(html_get_forum_file_path('js/spoiler.js')); } } // Stats Display pages $stats_display_pages = array('messages.php'); if (in_array(basename($_SERVER['PHP_SELF']), $stats_display_pages)) { html_include_javascript(html_get_forum_file_path('js/stats.js')); } } reset($arg_array); foreach ($arg_array as $func_args) { html_include_javascript(html_get_forum_file_path("js/{$func_args}")); } html_include_javascript(html_get_forum_file_path("ckeditor/ckeditor.js")); html_include_javascript(html_get_forum_file_path("ckeditor/adapters/jquery.js")); html_include_javascript(html_get_forum_file_path("json.php?webtag={$webtag}")); if ($frame_set_html === true && ($google_analytics_code = html_get_google_analytics_code())) { echo "<script type=\"text/javascript\">\n\n"; echo " var _gaq = _gaq || [];\n"; echo " _gaq.push(['_setAccount', '{$google_analytics_code}']);\n"; echo " _gaq.push(['_trackPageview']);\n\n"; echo " (function() {\n"; echo " var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;\n"; echo " ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';\n"; echo " var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);\n"; echo " })();\n\n"; echo "</script>\n"; } if ($frame_set_html === false && forum_get_setting('show_share_links', 'Y') && session::get_value('SHOW_SHARE_LINKS') == 'Y') { echo "<script type=\"text/javascript\" src=\"https://apis.google.com/js/plusone.js\">\n"; echo "{lang: 'en-GB'}\n"; echo "</script>\n"; echo "<script type=\"text/javascript\" src=\"http://platform.twitter.com/widgets.js\"></script>\n"; echo "<script type=\"text/javascript\" src=\"http://connect.facebook.net/en_US/all.js#xfbml=1\"></script>\n"; } echo "</head>\n\n"; if ($frame_set_html === false) { echo "<body", $body_class ? " class=\"{$body_class}\">\n" : ">\n"; if (html_output_adsense_settings() && adsense_check_user() && adsense_check_page()) { adsense_output_html(); echo "<br />\n"; } if (forum_get_setting('show_share_links', 'Y') && session::get_value('SHOW_SHARE_LINKS') == 'Y') { echo '<div id="fb-root"></div>'; } } }
require_once BH_INCLUDE_PATH . 'constants.inc.php'; require_once BH_INCLUDE_PATH . 'db.inc.php'; require_once BH_INCLUDE_PATH . 'form.inc.php'; require_once BH_INCLUDE_PATH . 'format.inc.php'; require_once BH_INCLUDE_PATH . 'header.inc.php'; require_once BH_INCLUDE_PATH . 'html.inc.php'; require_once BH_INCLUDE_PATH . 'lang.inc.php'; require_once BH_INCLUDE_PATH . 'logon.inc.php'; require_once BH_INCLUDE_PATH . 'profile.inc.php'; require_once BH_INCLUDE_PATH . 'session.inc.php'; require_once BH_INCLUDE_PATH . 'stats.inc.php'; require_once BH_INCLUDE_PATH . 'user.inc.php'; require_once BH_INCLUDE_PATH . 'user_profile.inc.php'; require_once BH_INCLUDE_PATH . 'word_filter.inc.php'; // Check we're logged in correctly if (!session::logged_in()) { html_guest_error(); } // Check we have Admin / Moderator access if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) { html_draw_error(gettext("You do not have permission to use this section.")); } // Perform additional admin login. admin_check_credentials(); // Array to hold error messages $error_msg_array = array(); // Empty array for the stats $user_stats_array = array('user_stats' => array()); // Submit code if (isset($_POST['update'])) { $valid = true;
function user_set_forum_interest($fid, $interest) { if (!($db = db::get())) { return false; } if (($uid = session::get_value('UID')) === false) { return false; } if (!is_numeric($fid)) { return false; } if (!is_numeric($interest)) { return false; } if (!session::logged_in()) { return false; } $sql = "INSERT INTO USER_FORUM (UID, FID, INTEREST) "; $sql .= "VALUES ('{$uid}', '{$fid}', '{$interest}') "; $sql .= "ON DUPLICATE KEY UPDATE INTEREST = VALUES(INTEREST)"; if (!$db->query($sql)) { return false; } return true; }