Menu
▾
▴
[mxbb-commits] core common.php,1.28,1.29 index.php,1.28,1.29
|
From: Jon O. <jon...@us...> - 2005-04-12 21:10:43
|
Update of /cvsroot/mxbb/core In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29720 Modified Files: common.php index.php Log Message: i have renamed mx_auth_group_cache to mx_auth_group and removed old function with shorter name ;) ...to make it clearer Index: common.php =================================================================== RCS file: /cvsroot/mxbb/core/common.php,v retrieving revision 1.28 retrieving revision 1.29 diff -C2 -d -r1.28 -r1.29 *** common.php 17 Mar 2005 11:30:35 -0000 1.28 --- common.php 12 Apr 2005 21:10:32 -0000 1.29 *************** *** 1,278 **** ! <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... ! * ! * $Id$ ! */ ! ! /** ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! */ ! ! if ( !defined( 'IN_PORTAL' ) ) ! { ! die( "Hacking attempt" ); ! } ! ! define( 'IN_PHPBB', 1 ); ! @session_start(); ! ! error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables ! set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! ! // The following code (unsetting globals) was contributed by Matt Kavanagh ! ! // PHP5 with register_long_arrays off? ! if (!isset($HTTP_POST_VARS) && isset($_POST)) ! { ! $HTTP_POST_VARS = $_POST; ! $HTTP_GET_VARS = $_GET; ! $HTTP_SERVER_VARS = $_SERVER; ! $HTTP_COOKIE_VARS = $_COOKIE; ! $HTTP_ENV_VARS = $_ENV; ! $HTTP_POST_FILES = $_FILES; ! ! // _SESSION is the only superglobal which is conditionally set ! if (isset($_SESSION)) ! { ! $HTTP_SESSION_VARS = $_SESSION; ! } ! } ! ! if (@phpversion() < '4.0.0') ! { ! // PHP3 path; in PHP3, globals are _always_ registered ! ! // We 'flip' the array of variables to test like this so that ! // we can validate later with isset($test[$var]) (no in_array()) ! $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL); ! ! // Loop through each input array ! @reset($test); ! while (list($input,) = @each($test)) ! { ! while (list($var,) = @each($$input)) ! { ! // Validate the variable to be unset ! if (!isset($test[$var]) && $var != 'test' && $var != 'input') ! { ! unset($$var); ! } ! } ! } ! } ! else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') ! { ! // PHP4+ path ! $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path'); ! ! // Not only will array_merge give a warning if a parameter ! // is not an array, it will actually fail. So we check if ! // HTTP_SESSION_VARS has been initialised. ! if (!isset($HTTP_SESSION_VARS)) ! { ! $HTTP_SESSION_VARS = array(); ! } ! ! // Merge all into one extremely huge array; unset ! // this later ! $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); ! ! unset($input['input']); ! unset($input['not_unset']); ! ! while (list($var,) = @each($input)) ! { ! if (!in_array($var, $not_unset)) ! { ! unset($$var); ! } ! unset($$var); ! } ! ! unset($input); ! } ! ! // ! // addslashes to vars if magic_quotes_gpc is off ! // this is a security precaution to prevent someone ! // trying to break out of a SQL statement. ! // ! if( !get_magic_quotes_gpc() ) ! { ! if( is_array($HTTP_GET_VARS) ) ! { ! while( list($k, $v) = each($HTTP_GET_VARS) ) ! { ! if( is_array($HTTP_GET_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) ) ! { ! $HTTP_GET_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_GET_VARS[$k]); ! } ! else ! { ! $HTTP_GET_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_GET_VARS); ! } ! ! if( is_array($HTTP_POST_VARS) ) ! { ! while( list($k, $v) = each($HTTP_POST_VARS) ) ! { ! if( is_array($HTTP_POST_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) ) ! { ! $HTTP_POST_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_POST_VARS[$k]); ! } ! else ! { ! $HTTP_POST_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_POST_VARS); ! } ! ! if( is_array($HTTP_COOKIE_VARS) ) ! { ! while( list($k, $v) = each($HTTP_COOKIE_VARS) ) ! { ! if( is_array($HTTP_COOKIE_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) ) ! { ! $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_COOKIE_VARS[$k]); ! } ! else ! { ! $HTTP_COOKIE_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_COOKIE_VARS); ! } ! } ! ! // Define some basic configuration arrays this also prevents ! // malicious rewriting of language and otherarray values via ! // URI params ! ! $board_config = array(); ! $userdata = array(); ! $theme = array(); ! $images = array(); ! $lang = array(); ! $nav_links = array(); ! $gen_simple_header = false; ! ! @include_once( $mx_root_path . 'config.' . $phpEx ); ! ! if ( !defined( "MX_INSTALLED" ) ) ! { ! header( "Location: install/mx_install.$phpEx" ); ! exit; ! } ! ! str_replace( "//", "/", $phpbb_root_path ); ! include_once( $mx_root_path . 'config.' . $phpEx ); ! ! include_once( $phpbb_root_path . 'includes/constants.' . $phpEx ); ! include_once( $mx_root_path . 'includes/template.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/sessions.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/auth.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/functions.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/db.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/functions_selects.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/bbcode.' . $phpEx ); ! ! include_once( $mx_root_path . 'includes/mx_constants.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_functions.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_functions_phpbb.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_auth.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_cache.' . $phpEx ); ! ! /* ! if ( !empty( $HTTP_SESSION_VARS['mx_config'] ) ) ! { ! $portal_config = $HTTP_SESSION_VARS['mx_config']; ! } ! else ! { ! $portal_config = get_info( PORTAL_TABLE, 'portal_id', 1 ); ! $HTTP_SESSION_VARS['mx_config'] = $portal_config; ! } ! */ ! ! $portal_config = get_info( PORTAL_TABLE, 'portal_id', 1 ); ! define( 'PHPBB_URL', $portal_config['portal_phpbb_url'] ); ! define( 'PORTAL_URL', $portal_config['portal_url'] ); ! define( 'PORTAL_VERSION', $portal_config['portal_version'] ); ! ! // instatiate the mx_request_vars class ! ! $mx_request_vars = new mx_request_vars(); ! ! // Obtain and encode users IP ! ! // I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as ! // private range IP's appearing instead of the guilty routable IP, tough, don't ! // even bother complaining ... go scream and shout at the idiots out there who feel ! // "clever" is doing harm rather than good ... karma is a great thing ... :) ! ! $client_ip = ( !empty( $HTTP_SERVER_VARS['REMOTE_ADDR'] ) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty( $HTTP_ENV_VARS['REMOTE_ADDR'] ) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); ! $user_ip = encode_ip( $client_ip ); ! ! // Setup forum wide options, if this fails ! // then we output a CRITICAL_ERROR since ! // basic forum information is not available ! ! $sql = "SELECT * ! FROM " . CONFIG_TABLE; ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! mx_message_die( CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql ); ! } ! ! while ( $row = $db->sql_fetchrow( $result ) ) ! { ! $board_config[$row['config_name']] = $row['config_value']; ! } ! ! if ( file_exists( $phpbb_root_path . 'attach_mod' ) ) ! { ! include_once( $phpbb_root_path . 'attach_mod/attachment_mod.' . $phpEx ); ! } ! ! if ( file_exists( 'install' ) || file_exists( 'contrib' ) ) ! { ! mx_message_die( GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted' ); ! } ! ! // Show 'Board is disabled' message if needed. ! ! if ( $board_config['board_disable'] && !defined( "IN_ADMIN" ) && !defined( "IN_LOGIN" ) ) ! { ! mx_message_die( GENERAL_MESSAGE, 'Board_disable', 'Information' ); ! } ! ?> \ No newline at end of file --- 1,279 ---- ! <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... ! * ! * $Id$ ! */ ! ! /** ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! */ ! ! if ( !defined( 'IN_PORTAL' ) ) ! { ! die( "Hacking attempt" ); ! } ! ! define( 'IN_PHPBB', 1 ); ! @session_start(); ! ! error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables ! set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! ! // The following code (unsetting globals) was contributed by Matt Kavanagh ! ! // PHP5 with register_long_arrays off? ! if (!isset($HTTP_POST_VARS) && isset($_POST)) ! { ! $HTTP_POST_VARS = $_POST; ! $HTTP_GET_VARS = $_GET; ! $HTTP_SERVER_VARS = $_SERVER; ! $HTTP_COOKIE_VARS = $_COOKIE; ! $HTTP_ENV_VARS = $_ENV; ! $HTTP_POST_FILES = $_FILES; ! ! // _SESSION is the only superglobal which is conditionally set ! if (isset($_SESSION)) ! { ! $HTTP_SESSION_VARS = $_SESSION; ! } ! } ! ! if (@phpversion() < '4.0.0') ! { ! // PHP3 path; in PHP3, globals are _always_ registered ! ! // We 'flip' the array of variables to test like this so that ! // we can validate later with isset($test[$var]) (no in_array()) ! $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL); ! ! // Loop through each input array ! @reset($test); ! while (list($input,) = @each($test)) ! { ! while (list($var,) = @each($$input)) ! { ! // Validate the variable to be unset ! if (!isset($test[$var]) && $var != 'test' && $var != 'input') ! { ! unset($$var); ! } ! } ! } ! } ! else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') ! { ! // PHP4+ path ! $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path'); ! ! // Not only will array_merge give a warning if a parameter ! // is not an array, it will actually fail. So we check if ! // HTTP_SESSION_VARS has been initialised. ! if (!isset($HTTP_SESSION_VARS)) ! { ! $HTTP_SESSION_VARS = array(); ! } ! ! // Merge all into one extremely huge array; unset ! // this later ! $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); ! ! unset($input['input']); ! unset($input['not_unset']); ! ! while (list($var,) = @each($input)) ! { ! if (!in_array($var, $not_unset)) ! { ! unset($$var); ! } ! unset($$var); ! } ! ! unset($input); ! } ! ! // ! // addslashes to vars if magic_quotes_gpc is off ! // this is a security precaution to prevent someone ! // trying to break out of a SQL statement. ! // ! if( !get_magic_quotes_gpc() ) ! { ! if( is_array($HTTP_GET_VARS) ) ! { ! while( list($k, $v) = each($HTTP_GET_VARS) ) ! { ! if( is_array($HTTP_GET_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) ) ! { ! $HTTP_GET_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_GET_VARS[$k]); ! } ! else ! { ! $HTTP_GET_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_GET_VARS); ! } ! ! if( is_array($HTTP_POST_VARS) ) ! { ! while( list($k, $v) = each($HTTP_POST_VARS) ) ! { ! if( is_array($HTTP_POST_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) ) ! { ! $HTTP_POST_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_POST_VARS[$k]); ! } ! else ! { ! $HTTP_POST_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_POST_VARS); ! } ! ! if( is_array($HTTP_COOKIE_VARS) ) ! { ! while( list($k, $v) = each($HTTP_COOKIE_VARS) ) ! { ! if( is_array($HTTP_COOKIE_VARS[$k]) ) ! { ! while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) ) ! { ! $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2); ! } ! @reset($HTTP_COOKIE_VARS[$k]); ! } ! else ! { ! $HTTP_COOKIE_VARS[$k] = addslashes($v); ! } ! } ! @reset($HTTP_COOKIE_VARS); ! } ! } ! ! // Define some basic configuration arrays this also prevents ! // malicious rewriting of language and otherarray values via ! // URI params ! ! $board_config = array(); ! $userdata = array(); ! $theme = array(); ! $images = array(); ! $lang = array(); ! $nav_links = array(); ! $gen_simple_header = false; ! ! @include_once( $mx_root_path . 'config.' . $phpEx ); ! ! if ( !defined( "MX_INSTALLED" ) ) ! { ! header( "Location: install/mx_install.$phpEx" ); ! exit; ! } ! ! str_replace( "//", "/", $phpbb_root_path ); ! include_once( $mx_root_path . 'config.' . $phpEx ); ! ! include_once( $phpbb_root_path . 'includes/constants.' . $phpEx ); ! include_once( $mx_root_path . 'includes/template.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/sessions.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/auth.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/functions.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/db.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/functions_selects.' . $phpEx ); ! include_once( $phpbb_root_path . 'includes/bbcode.' . $phpEx ); ! ! include_once( $mx_root_path . 'includes/mx_constants.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_functions.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_functions_phpbb.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_auth.' . $phpEx ); ! include_once( $mx_root_path . 'includes/mx_cache.' . $phpEx ); ! ! // Changed my mind to make this a session var. one more query (see directly below) to make it all more foolproof ;) ! /* ! if ( !empty( $HTTP_SESSION_VARS['mx_config'] ) ) ! { ! $portal_config = $HTTP_SESSION_VARS['mx_config']; ! } ! else ! { ! $portal_config = get_info( PORTAL_TABLE, 'portal_id', 1 ); ! $HTTP_SESSION_VARS['mx_config'] = $portal_config; ! } ! */ ! ! $portal_config = get_info( PORTAL_TABLE, 'portal_id', 1 ); ! define( 'PHPBB_URL', $portal_config['portal_phpbb_url'] ); ! define( 'PORTAL_URL', $portal_config['portal_url'] ); ! define( 'PORTAL_VERSION', $portal_config['portal_version'] ); ! ! // instatiate the mx_request_vars class ! ! $mx_request_vars = new mx_request_vars(); ! ! // Obtain and encode users IP ! ! // I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as ! // private range IP's appearing instead of the guilty routable IP, tough, don't ! // even bother complaining ... go scream and shout at the idiots out there who feel ! // "clever" is doing harm rather than good ... karma is a great thing ... :) ! ! $client_ip = ( !empty( $HTTP_SERVER_VARS['REMOTE_ADDR'] ) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty( $HTTP_ENV_VARS['REMOTE_ADDR'] ) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); ! $user_ip = encode_ip( $client_ip ); ! ! // Setup forum wide options, if this fails ! // then we output a CRITICAL_ERROR since ! // basic forum information is not available ! ! $sql = "SELECT * ! FROM " . CONFIG_TABLE; ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! mx_message_die( CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql ); ! } ! ! while ( $row = $db->sql_fetchrow( $result ) ) ! { ! $board_config[$row['config_name']] = $row['config_value']; ! } ! ! if ( file_exists( $phpbb_root_path . 'attach_mod' ) ) ! { ! include_once( $phpbb_root_path . 'attach_mod/attachment_mod.' . $phpEx ); ! } ! ! if ( file_exists( 'install' ) || file_exists( 'contrib' ) ) ! { ! mx_message_die( GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted' ); ! } ! ! // Show 'Board is disabled' message if needed. ! ! if ( $board_config['board_disable'] && !defined( "IN_ADMIN" ) && !defined( "IN_LOGIN" ) ) ! { ! mx_message_die( GENERAL_MESSAGE, 'Board_disable', 'Information' ); ! } ! ?> \ No newline at end of file Index: index.php =================================================================== RCS file: /cvsroot/mxbb/core/index.php,v retrieving revision 1.28 retrieving revision 1.29 diff -C2 -d -r1.28 -r1.29 *** index.php 12 Apr 2005 17:38:36 -0000 1.28 --- index.php 12 Apr 2005 21:10:33 -0000 1.29 *************** *** 186,194 **** )); - //if ( $block_rows[$block]['function_file'] != 'mx_multiple_blocks.php' ) - //{ - // $layouttemplate->assign_block_vars('layout_column.blocks.no_split', array()); - //} - // Switch: graphical block borders --- 186,189 ---- |
