function write_style_css_directory($styleid, $parentlist, $dir = 'ltr') { global $vbulletin; //verify that we have or can create a style directory $styledir = 'clientscript/vbulletin_css/style' . str_pad($styleid, 5, '0', STR_PAD_LEFT) . ($dir == 'ltr' ? 'l' : 'r'); //if we have a file that's not a directory or not writable something is wrong. if (file_exists($styledir) AND (!is_dir($styledir) OR !is_writable($styledir))) { return false; } //clear any old files. if (file_exists($styledir)) { delete_style_css_directory($styleid, $dir); } //create the directory -- if it still exists try to continue with the existing dir if (!file_exists($styledir)) { if (!mkdir($styledir)) { return false; } } //check for success. if (!is_dir($styledir) OR !is_writable($styledir)) { return false; } //write out the files for this style. $set = $vbulletin->db->query_read($sql = " SELECT DISTINCT title FROM " . TABLE_PREFIX . "template WHERE styleid IN (" . $parentlist . ") AND title LIKE '%.css' "); //collapse the list. $css_templates = array(); while($row = $vbulletin->db->fetch_array($set)) { $css_templates[] = $row['title']; } switch_css_style($styleid, $css_templates); if ($dir == 'ltr') { vB_Template_Runtime::addStyleVar('left', 'left'); vB_Template_Runtime::addStyleVar('right', 'right'); vB_Template_Runtime::addStyleVar('textdirection', 'ltr'); } else { vB_Template_Runtime::addStyleVar('left', 'right'); vB_Template_Runtime::addStyleVar('right', 'left'); vB_Template_Runtime::addStyleVar('textdirection', 'rtl'); } $templates = array(); foreach ($css_templates AS $title) { //I'd call this a hack but there probably isn't a cleaner way to do this. //The css is published to a different directory than the css.php file //which means that relative urls that works for css.php won't work for the //published directory. Unfortunately urls from the webroot don't work //because the forum often isn't located at the webroot and we can only //specify urls from the forum root. And css doens't provide any way //of setting a base url like html does. So we are left to "fixing" //any relative urls in the published css. // //We leave alone any urls starting with '/', 'http', and 'https:' //there are other valid urls, but nothing that people should be //using in our css files. $text = vB_Template::create($title)->render(true); $re = '#url\(\s*["\']?(?!/|http:|https:)#'; $base = $vbulletin->options['bburl']; if ($base[-1] != '/') { $base .= '/'; } $text = preg_replace ($re, "$0$base", $text); $templates[$title] = $text; if (!write_css_file("$styledir/$title", $text)) { return false; } } static $vbdefaultcss, $cssfiles, $csstemplates; if (empty($vbdefaultcss)) { $vbdefaultcss = array(); // Now write the rollup templates require_once(DIR . '/includes/class_xml.php'); $cssfiles = array(); if ($handle = @opendir(DIR . '/includes/xml/')) { while (($file = readdir($handle)) !== false) { if (!preg_match('#^cssrollup_(.*).xml$#i', $file, $matches)) { continue; } $css_key = preg_replace('#[^a-z0-9]#i', '', $matches[1]); $cssfiles["$css_key"]['name'] = $file; } closedir($handle); } if (empty($cssfiles['vbulletin'])) // opendir failed or cpnav_vbulletin.xml is missing { if (is_readable(DIR . '/includes/xml/cssrollup_vbulletin.xml')) { $cssfiles['vbulletin']['name'] = 'cssrollup_vbulletin.xml'; } else { echo construct_phrase($vbphrase['could_not_open_x'], DIR . '/includes/xml/cssrollup_vbulletin.xml'); exit; } } unset($cssfiles['vbulletin']); $xmlobj = new vB_XML_Parser(false, DIR . "/includes/xml/cssrollup_vbulletin.xml"); $data = $xmlobj->parse(); if (!is_array($data['rollup'][0])) { $data['rollup'] = array($data['rollup']); } foreach ($data['rollup'] AS $file) { foreach ($file['template'] AS $name) { $vbdefaultcss["$file[name]"] = $file['template']; } } foreach ($cssfiles AS $css_file => $file) { $xmlobj = new vB_XML_Parser(false, DIR . "/includes/xml/$file[name]"); $data = $xmlobj->parse(); if ($data['product'] AND empty($vbulletin->products["$data[product]"])) { // attached to a specific product and that product isn't enabled continue; } if (!is_array($data['rollup'][0])) { $data['rollup'] = array($data['rollup']); } $cssfiles["$css_file"]['css'] = $data['rollup']; } } foreach ($cssfiles AS $css_file => $files) { if (is_array($files['css'])) { foreach ($files['css'] AS $file) { if (process_css_rollup_file($file['name'], $file['template'], $templates, $styledir, $vbdefaultcss) === false) { return false; } } } } foreach ($vbdefaultcss AS $xmlfile => $files) { if (process_css_rollup_file($xmlfile, $files, $templates, $styledir) === false) { return false; } } return true; }
/** * Sets up the Fakey stylevars * * @param array (ref) Style info array * @param array User info array * * @return array */ function fetch_stylevars(&$style, $userinfo) { global $vbulletin; if (is_array($style)) { // if we have a buttons directory override, use it if ($userinfo['lang_imagesoverride']) { vB_Template_Runtime::addStyleVar('imgdir_button', str_replace('<#>', $style['styleid'], $userinfo['lang_imagesoverride']), 'imagedir'); } } // get text direction and left/right values if ($userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['direction']) { vB_Template_Runtime::addStyleVar('left', 'left'); vB_Template_Runtime::addStyleVar('right', 'right'); vB_Template_Runtime::addStyleVar('textdirection', 'ltr'); } else { vB_Template_Runtime::addStyleVar('left', 'right'); vB_Template_Runtime::addStyleVar('right', 'left'); vB_Template_Runtime::addStyleVar('textdirection', 'rtl'); } if ($userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['dirmark']) { vB_Template_Runtime::addStyleVar('dirmark', ($userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['direction']) ? '‎' : '‏'); } // get the 'lang' attribute for <html> tags vB_Template_Runtime::addStyleVar('languagecode', $userinfo['lang_code']); // get the 'charset' attribute vB_Template_Runtime::addStyleVar('charset', $userinfo['lang_charset']); // create the path to YUI depending on the version if ($vbulletin->options['remoteyui'] == 1) { vB_Template_Runtime::addStyleVar('yuipath', 'http://yui.yahooapis.com/' . YUI_VERSION . '/build'); } else if ($vbulletin->options['remoteyui'] == 2) { vB_Template_Runtime::addStyleVar('yuipath', REQ_PROTOCOL . '://ajax.googleapis.com/ajax/libs/yui/' . YUI_VERSION . '/build'); } else { vB_Template_Runtime::addStyleVar('yuipath', 'clientscript/yui'); } vB_Template_Runtime::addStyleVar('yuiversion', YUI_VERSION); }
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); if ( $vbulletin->url == 'login.php' OR $vbulletin->url == $vbulletin->options['forumhome'] . '.php' OR strpos($vbulletin->url, 'do=logout') !== false OR (!$vbulletin->options['allowmultiregs'] AND strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) ) { $vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; ($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false; // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave(" SELECT phrasegroup_global, languagecode, charset FROM " . TABLE_PREFIX . "language WHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid']) ); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace( "content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset=$globalgroup[charset]\"", $headinclude ); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars'])); if ($postvars['securitytoken'] = 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; $vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars)); } } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } eval(print_standard_redirect('redirect_login', true, true, $vbulletin->userinfo['languageid'])); }
// change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace( "content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset=$globalgroup[charset]\"", $headinclude ); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset']); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } eval(print_standard_redirect('redirect_updatethanks', true, true, $userdata->fetch_field('languageid'))); } // ############################################################################ // ############################## EDIT SIGNATURE ############################## // ############################################################################ // ########################### start update signature ######################### if ($_POST['do'] == 'updatesignature') { $vbulletin->input->clean_array_gpc('p', array(
/** * Template method. Calls all the appropriate methods to build a post and then evaluates the template. * * @param array Post information * * @return string HTML for the post */ function construct_postbit(&$post) { $this->post =& $post; $thread =& $this->thread; $forum =& $this->forum; global $show, $vbphrase; ($hook = vBulletinHook::fetch_hook('postbit_display_start')) ? eval($hook) : false; $imgdir_attach = vB_Template_Runtime::fetchStyleVar('imgdir_attach'); if (!preg_match('#^[a-z]+:#siU', vB_Template_Runtime::fetchStyleVar('imgdir_attach'))) { if ($imgdir_attach[0] == '/') { $url = $this->registry->input->parse_url($this->registry->options['bburl']); vB_Template_Runtime::addStyleVar('imgdir_attach', 'http://' . $url['host'] . vB_Template_Runtime::fetchStyleVar('imgdir_attach'), 'imgdir'); } else { vB_Template_Runtime::addStyleVar('imgdir_attach', $this->registry->options['bburl'] . '/' . vB_Template_Runtime::fetchStyleVar('imgdir_attach'), 'imgdir'); } } $this->parse_bbcode(); // Remove session urls from all templates so changing sessionhashes don't trigger the post to appear new $sessionurl = $this->registry->session->vars['sessionurl']; $this->registry->session->vars['sessionurl'] = ''; $this->process_attachments(); if ($post['attachments']) { $search = '#(href|src)="attachment\\.php#si'; $replace = '\\1="' . $this->registry->options['bburl'] . '/' . 'attachment.php'; $items = array('t' => $post['thumbnailattachments'], 'a' => $post['imageattachments'], 'l' => $post['imageattachmentlinks'], 'o' => $post['otherattachments']); $newitems = preg_replace($search, $replace, $items); unset($items); $post['thumbnailattachments'] =& $newitems['t']; $post['imageattachments'] =& $newitems['a']; $post['imageattachmentlinks'] =& $newitems['l']; $post['otherattachments'] =& $newitems['o']; } // execute hook ($hook = vBulletinHook::fetch_hook('postbit_display_complete')) ? eval($hook) : false; // evaluate template $postid =& $post['postid']; $templater = vB_Template::create($this->template_prefix . $this->templatename); $templater->register('ad_location', $ad_location); $templater->register('pageinfo_post', $pageinfo_post); $templater->register('post', $post); $templater->register('postid', $postid); $templater->register('template_hook', $template_hook); $templater->register('thread', $thread); $retval = $templater->render(); $this->registry->session->vars['sessionurl'] = $sessionurl; vB_Template_Runtime::addStyleVar('imgdir_attach', $imgdir_attach, 'imgdir'); return $retval; }
/** * Setup environment common to all upgrades * */ protected function setup_environment() { if (function_exists('set_time_limit') and !SAFEMODE) { @set_time_limit(0); } if (!defined('VERSION')) { define('VERSION', defined('FILE_VERSION') ? FILE_VERSION : ''); } // Notices if (empty($this->registry->config['Database']['force_sql_mode']) and $this->db->connection_master) { // check to see if MySQL is running strict mode and recommend disabling it $this->db->hide_errors(); $strict_mode_check = $this->db->query_first("SHOW VARIABLES LIKE 'sql\\_mode'"); if (strpos(strtolower($strict_mode_check['Value']), 'strict_') !== false) { $this->startup_warnings[] = $this->phrase['core']['mysql_strict_mode']; } $this->db->show_errors(); } if (is_array($this->phrase['stylevar'])) { foreach ($this->phrase['stylevar'] as $stylevarname => $stylevarvalue) { vB_Template_Runtime::addStyleVar($stylevarname, $stylevarvalue); } } // Get versions of .xml files for header diagnostics foreach ($this->xml_versions as $file => $null) { if ($fp = @fopen(DIR . '/install/vbulletin-' . $file . '.xml', 'rb')) { $data = @fread($fp, 400); if ($file != 'settings' and file != 'navigation' and preg_match('#vbversion="(.*?)"#', $data, $matches) or $file == 'settings' and preg_match('#<setting varname="templateversion".*>(.*)</setting>#sU', $data, $matches) and preg_match('#<defaultvalue>(.*?)</defaultvalue>#', $matches[1], $matches) or $file == 'navigation' and preg_match('#<version>(.*)</version>#sU', $data, $matches)) { $this->xml_versions[$file] = $matches[1]; } else { $this->xml_versions[$file] = $this->phrase['core']['unknown']; } fclose($fp); } else { $this->xml_versions[$file] = $this->phrase['core']['file_not_found']; } } }
// ######################### START MAIN SCRIPT ############################ // ######################################################################## if (!defined('VERSION')) { define('VERSION', defined('FILE_VERSION') ? FILE_VERSION : ''); } require_once(DIR . '/install/upgrade_language_en.php'); // add language-defined stylevars (defined in upgrade_language_en.php) if (is_array($stylevar)) { foreach ($stylevar AS $stylevarname => $stylevarvalue) { vB_Template_Runtime::addStyleVar($stylevarname, $stylevarvalue); } } // check for valid php version verify_vb3_enviroment(); exec_nocache_headers(); $vbulletin->input->clean_array_gpc('r', array( 'step' => TYPE_STR, 'startat' => TYPE_UINT, 'perpage' => TYPE_UINT, )); if (empty($vbulletin->GPC['step']))
/** * Sets up the Fakey stylevars * * @param array (ref) Style info array * @param array User info array * * @return array */ function fetch_stylevars(&$style, $userinfo) { global $vbulletin, $show; if (is_array($style)) { // if we have a buttons directory override, use it if ($userinfo['lang_imagesoverride']) { vB_Template_Runtime::addStyleVar('imgdir_button', str_replace('<#>', $style['styleid'], $userinfo['lang_imagesoverride']), 'imagedir'); } } // get text direction and left/right values if ($userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['direction']) { vB_Template_Runtime::addStyleVar('left', 'left'); vB_Template_Runtime::addStyleVar('right', 'right'); vB_Template_Runtime::addStyleVar('textdirection', 'ltr'); } else { vB_Template_Runtime::addStyleVar('left', 'right'); vB_Template_Runtime::addStyleVar('right', 'left'); vB_Template_Runtime::addStyleVar('textdirection', 'rtl'); } if ($userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['dirmark']) { vB_Template_Runtime::addStyleVar('dirmark', $userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['direction'] ? '‎' : '‏'); } // get the 'lang' attribute for <html> tags vB_Template_Runtime::addStyleVar('languagecode', $userinfo['lang_code']); // get the 'charset' attribute vB_Template_Runtime::addStyleVar('charset', $userinfo['lang_charset']); // create the path to YUI depending on the version if ($vbulletin->options['customyui_path']) { $show['remoteyui'] = true; vB_Template_Runtime::addStyleVar('yuipath', $vbulletin->options['customyui_path'] . YUI_VERSION . '/build'); if ($vbulletin->options['customyui_combopath']) { vB_Template_Runtime::addStyleVar('yuicombopath', $vbulletin->options['customyui_combopath']); $show['remoteyuicombo'] = true; } else { vB_Template_Runtime::addStyleVar('yuicombopath', ''); $show['remoteyuicombo'] = false; } } else { if ($vbulletin->options['remoteyui'] == 1) { // Yahoo CDN $show['remoteyui'] = true; $show['remoteyuicombo'] = true; vB_Template_Runtime::addStyleVar('yuipath', 'http://yui.yahooapis.com/' . YUI_VERSION . '/build'); vB_Template_Runtime::addStyleVar('yuicombopath', 'http://yui.yahooapis.com/combo'); } else { if ($vbulletin->options['remoteyui'] == 2) { // Google CDN (Doesn't support Combo) $show['remoteyui'] = true; $show['remoteyuicombo'] = false; vB_Template_Runtime::addStyleVar('yuipath', REQ_PROTOCOL . '://ajax.googleapis.com/ajax/libs/yui/' . YUI_VERSION . '/build'); vB_Template_Runtime::addStyleVar('yuicombopath', ''); } else { $show['remoteyui'] = false; $show['remoteyuicombo'] = false; vB_Template_Runtime::addStyleVar('yuipath', 'clientscript/yui'); } } } vB_Template_Runtime::addStyleVar('yuiversion', YUI_VERSION); // create the path to jQuery depending on the version if ($vbulletin->options['customjquery_path']) { $show['remotejquery'] = true; $path = str_replace('{version}', JQUERY_VERSION, $vbulletin->options['customjquery_path']); if (!preg_match('#^https?://#si', $vbulletin->options['customjquery_path'])) { $path = REQ_PROTOCOL . '://' . $path; } vB_Template_Runtime::addStyleVar('jquerymain', $path); // Custom Mobile CDN is not here because the mobile style uses a modified jQuery file at present. // So the mobile references below are just placeholders for now. } else { if ($vbulletin->options['remotejquery'] == 1) { // Google CDN $show['remotejquery'] = true; vB_Template_Runtime::addStyleVar('jquerymain', REQ_PROTOCOL . '://ajax.googleapis.com/ajax/libs/jquery/' . JQUERY_VERSION . '/jquery.min.js'); // Google doesn't support mobile jquery at this point so fallback to jQuery CDN //vB_Template_Runtime::addStyleVar('jquerymobilemain', REQ_PROTOCOL . '://code.jquery.com/mobile/' . JQUERY_MOBILE_VERSION . '/jquery.mobile-' . JQUERY_MOBILE_VERSION . '.min.js'); } else { if ($vbulletin->options['remotejquery'] == 2) { // jQuery CDN $show['remotejquery'] = true; vB_Template_Runtime::addStyleVar('jquerymain', REQ_PROTOCOL . '://code.jquery.com/jquery-' . JQUERY_VERSION . '.min.js'); //vB_Template_Runtime::addStyleVar('jquerymobilemain', REQ_PROTOCOL . '://code.jquery.com/mobile/' . JQUERY_MOBILE_VERSION . '/jquery.mobile-' . JQUERY_MOBILE_VERSION . '.min.js'); } else { if ($vbulletin->options['remotejquery'] == 3) { // Microsoft CDN $show['remotejquery'] = true; vB_Template_Runtime::addStyleVar('jquerymain', REQ_PROTOCOL . '://ajax.aspnetcdn.com/ajax/jquery/jquery-' . JQUERY_VERSION . '.min.js'); //vB_Template_Runtime::addStyleVar('jquerymobilemain', REQ_PROTOCOL . '://ajax.aspnetcdn.com/ajax/jquery.mobile/' . JQUERY_MOBILE_VERSION . '/jquery.mobile-' . JQUERY_MOBILE_VERSION . '.min.js'); } else { $show['remotejquery'] = false; vB_Template_Runtime::addStyleVar('jquerymain', 'clientscript/jquery/jquery-' . JQUERY_VERSION . '.min.js'); //vB_Template_Runtime::addStyleVar('jquerymobilemain', REQ_PROTOCOL . '://code.jquery.com/mobile/' . JQUERY_MOBILE_VERSION . '/jquery.mobile-' . JQUERY_MOBILE_VERSION . '.min.js'); } } } } vB_Template_Runtime::addStyleVar('jqueryversion', JQUERY_VERSION); vB_Template_Runtime::addStyleVar('jquerymobileversion', JQUERY_MOBILE_VERSION); vB_Template_Runtime::addStyleVar('basepath', $vbulletin->options['bburl'] . '/'); }
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); //the clauses //url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php' //will never be true -- $vbulletin->url contains the full url path. //The second shouldn't be needed, the else clause seems to handle this just fine. //the first we'll change to match a partial url. if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) { $vbulletin->url = fetch_seo_url('forumhome', array()); } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; ($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false; if (!VB_API) { // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid'])); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars'])); $postvars['login_redirect'] = true; if ($postvars['securitytoken'] == 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; } $vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars)); } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } } print_standard_redirect(array('redirect_login', $vbulletin->userinfo['username']), true, true, $vbulletin->userinfo['languageid']); }
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); //the clauses //url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php' //will never be true -- $vbulletin->url contains the full url path. //The second shouldn't be needed, the else clause seems to handle this just fine. //the first we'll change to match a partial url. if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) { $forumHome = vB_Library::instance('content_channel')->getForumHomeChannel(); $vbulletin->url = vB5_Route::buildUrl($forumHome['routeid'] . '|fullurl'); } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; // Legacy Hook 'login_redirect' Removed // if (!VB_API) { // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid'])); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = array(); $client_string = verify_client_string($vbulletin->GPC['postvars']); if ($client_string) { $postvars = @json_decode($client_string, true); } if ($postvars['securitytoken'] == 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['secret']) . sha1(vB_Request_Web::$COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; $vbulletin->GPC['postvars'] = sign_client_string(json_encode($postvars)); } } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } } if ($vbulletin->GPC['logintype'] === 'cplogin' or $vbulletin->GPC['logintype'] === 'modcplogin') { require_once DIR . '/includes/adminfunctions.php'; print_cp_redirect($vbulletin->url); } else { eval(print_standard_redirect('redirect_login_gfrontredirect', true, true, $vbulletin->userinfo['languageid'])); } }
/** * Template method that does all the work to display an issue note, including processing the template * * @return string Templated note output */ function construct() { ($hook = vBulletinHook::fetch_hook('blog_entry_display_start')) ? eval($hook) : false; // preparation for display... $this->prepare_start(); $imgdir_attach = vB_Template_Runtime::fetchStyleVar('imgdir_attach'); if (!preg_match('#^[a-z]+:#siU', vB_Template_Runtime::fetchStyleVar('imgdir_attach'))) { if ($imgdir_attach[0] == '/') { $url = parse_url($this->registry->options['bburl']); vB_Template_Runtime::addStyleVar('imgdir_attach', 'http://' . $url['host'] . vB_Template_Runtime::fetchStyleVar('imgdir_attach'), 'imgdir'); } else { vB_Template_Runtime::addStyleVar('imgdir_attach', $this->registry->options['bburl'] . '/' . vB_Template_Runtime::fetchStyleVar('imgdir_attach'), 'imgdir'); } } if ($this->blog['userid']) { $this->process_registered_user(); } else { $this->process_unregistered_user(); } $this->process_date_status(); $this->process_display(); $this->process_text(); $this->process_attachments(); $this->prepare_end(); // actual display... $blog = $this->blog; $status =& $this->status; if ($this->attachments) { $search = '#(href|src)="attachment\.php#si'; $replace = '\\1="' . $this->registry->options['bburl'] . '/' . 'attachment.php'; $items = array( 't' => $blog['thumbnailattachments'], 'a' => $blog['imageattachments'], 'l' => $blog['imageattachmentlinks'], 'o' => $blog['otherattachments'], ); $newitems = preg_replace($search, $replace, $items); unset($items); $blog['thumbnailattachments'] = $newitems['t']; $blog['imageattachments'] = $newitems['a']; $blog['imageattachmentlinks'] = $newitems['l']; $blog['otherattachments'] = $newitems['o']; } global $show, $vbphrase; global $spacer_open, $spacer_close; global $bgclass, $altbgclass; exec_switch_bg(); $show['readmore'] = $this->readmore; $sessionurl = $this->registry->session->vars['sessionurl']; $this->registry->session->vars['sessionurl'] = ''; ($hook = vBulletinHook::fetch_hook('blog_entry_display_complete')) ? eval($hook) : false; $templater = vB_Template::create($this->template); $templater->register('blog', $blog); $templater->register('status', $status); $output = $templater->render(); $this->registry->session->vars['sessionurl'] = $sessionurl; vB_Template_Runtime::addStyleVar('imgdir_attach', $imgdir_attach, 'imgdir'); return $output; }
/** * Writes style css directory on disk * * @param int $styleid * @param string $parentlist -- csv list of ancestors for this style * @param string $dir -- the "direction" of the css to write. Either 'ltr' or 'rtl' (there are actually two directories per style) */ function write_style_css_directory($styleid, $parentlist, $dir = 'ltr') { //verify that we have or can create a style directory $styledir = DIR . vB_Api::instanceInternal('style')->fetchCssLocation() . '/style' . str_pad($styleid, 5, '0', STR_PAD_LEFT) . ($dir == 'ltr' ? 'l' : 'r'); //if we have a file that's not a directory or not writable something is wrong. if (file_exists($styledir) and (!is_dir($styledir) or !is_writable($styledir))) { return false; } //clear any old files. if (file_exists($styledir)) { delete_style_css_directory($styleid, $dir, true); } //create the directory -- if it still exists try to continue with the existing dir if (!file_exists($styledir)) { if (!@mkdir($styledir)) { return false; } } //check for success. if (!is_dir($styledir) or !is_writable($styledir)) { return false; } //write out the files for this style. $parentlistarr = explode(',', $parentlist); $set = vB::getDbAssertor()->assertQuery('vBForum:fetchParentTemplates', array('parentlist' => $parentlistarr)); //collapse the list. $css_templates = array(); foreach ($set as $row) { $css_templates[] = $row['title']; } $stylelib = vB_Library::instance('Style'); $stylelib->switchCssStyle($styleid, $css_templates); if ($dir == 'ltr') { vB_Template_Runtime::addStyleVar('left', 'left'); vB_Template_Runtime::addStyleVar('right', 'right'); vB_Template_Runtime::addStyleVar('textdirection', 'ltr'); } else { vB_Template_Runtime::addStyleVar('left', 'right'); vB_Template_Runtime::addStyleVar('right', 'left'); vB_Template_Runtime::addStyleVar('textdirection', 'rtl'); } // Get new css cache bust $stylelib->setCssFileDate($styleid); $cssfiledate = $stylelib->getCssFileDate($styleid); $base = get_base_url_for_css(); if ($base === false) { return false; } $templates = array(); foreach ($css_templates as $title) { //I'd call this a hack but there probably isn't a cleaner way to do this. //The css is published to a different directory than the css.php file //which means that relative urls that works for css.php won't work for the //published directory. Unfortunately urls from the webroot don't work //because the forum often isn't located at the webroot and we can only //specify urls from the forum root. And css doens't provide any way //of setting a base url like html does. So we are left to "fixing" //any relative urls in the published css. // //We leave alone any urls starting with '/', 'http', and 'https:' //there are other valid urls, but nothing that people should be //using in our css files. $text = vB_Template::create($title)->render(true); //update image urls to be fully qualified. $re = '#url\\(\\s*["\']?(?!/|http:|https:|"/|\'/)#'; $text = preg_replace($re, "\$0{$base}", $text); $text = vB_String::getCssMinifiedText($text); $templates[$title] = $text; if (!write_css_file("{$styledir}/{$cssfiledate}-{$title}", $text)) { return false; } } static $vbdefaultcss = array(), $cssfiles = array(); if (empty($vbdefaultcss)) { require_once DIR . '/includes/class_xml.php'; $cssfilelist = vB_Api_Product::loadProductXmlList('cssrollup', true); if (empty($cssfilelist['vbulletin'])) { $vbphrase = vB_Api::instanceInternal('phrase')->fetch(array('could_not_open_x')); echo construct_phrase($vbphrase['could_not_open_x'], DIR . '/includes/xml/cssrollup_vbulletin.xml'); exit; } else { $mainfile = array_shift($cssfilelist); } $xmlobj = new vB_XML_Parser(false, $mainfile); $data = $xmlobj->parse(); if (!is_array($data['rollup'][0])) { $data['rollup'] = array($data['rollup']); } foreach ($data['rollup'] as $file) { foreach ($file['template'] as $name) { $vbdefaultcss["{$file['name']}"] = $file['template']; } } foreach ($cssfilelist as $css_file => $file) { $xmlobj = new vB_XML_Parser(false, $file); $data = $xmlobj->parse(); $products = vB::getDatastore()->getValue('products'); if ($data['product'] and empty($products["{$data['product']}"])) { // attached to a specific product and that product isn't enabled continue; } if (!is_array($data['rollup'][0])) { $data['rollup'] = array($data['rollup']); } $cssfiles[$css_file]['css'] = $data['rollup']; } } foreach ($cssfiles as $css_file => $files) { if (is_array($files['css'])) { foreach ($files['css'] as $file) { if (process_css_rollup_file($file['name'], $file['template'], $templates, $styleid, $styledir, $vbdefaultcss) === false) { return false; } } } } foreach ($vbdefaultcss as $xmlfile => $files) { if (process_css_rollup_file($xmlfile, $files, $templates, $styleid, $styledir) === false) { return false; } } return true; }