Menu
▾
▴
[mxbb-commits] core27x common.php,NONE,1.1 extension.inc,NONE,1.1 favicon.ico,NONE,1.1 index.php,NONE,1.1 login.php,NONE,1.1 mx_announce.php,NONE,1.1 mx_forum.php,NONE,1.1 mx_google.php,NONE,1.1 mx_language.php,NONE,1.1 mx_login.php,NONE,1.1 mx_menu_nav.php,NONE,1.1 mx_meta.inc,NONE,1.1 mx_multiple_blocks.php,NONE,1.1 mx_online.php,NONE,1.1 mx_poll.php,NONE,1.1 mx_theme.php,NONE,1.1
|
From: Jon O. <jon...@us...> - 2005-05-06 06:48:07
|
Update of /cvsroot/mxbb/core27x In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13016 Added Files: common.php extension.inc favicon.ico index.php login.php mx_announce.php mx_forum.php mx_google.php mx_language.php mx_login.php mx_menu_nav.php mx_meta.inc mx_multiple_blocks.php mx_online.php mx_poll.php mx_theme.php Log Message: Initital core 2.7.x commit :-) --- NEW FILE: mx_poll.php --- <?php /*************************************************************************** * mx-poll.php * ------------------- * begin : April, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: mx_poll.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ if( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // -------------------------------------------------------------------------------- // Poll Block - based on posting.php and viewtopic.php from phpBB 2.0.13 (see below) // // Please, do not reformat the code nor touch indentation. It has been left as // close to the original code as possible, intentionally. ;-) // -------------------------------------------------------------------------------- $block_config = read_block_config($block_id); $title = $block_config[$block_id]['block_title']; $topic_id = $block_config[$block_id]['Poll_Display']['parameter_value']; $forum_lst_poll = $block_config[$block_id]['poll_forum']['parameter_value']; $auth_data_sql_poll = get_auth_forum(); if ( empty($forum_lst_poll) ) { $forum_lst_poll = $auth_data_sql_poll; } // // store current page to generate correct url // $current_page = $mx_request_vars->request('page', MX_TYPE_INT, 1); if ( $topic_id == 0 ) { $sql = "SELECT vote.topic_id FROM " . VOTE_DESC_TABLE . " vote, " . TOPICS_TABLE . " topic WHERE vote.topic_id = topic.topic_id AND forum_id IN ( $forum_lst_poll ) AND forum_id IN ( $auth_data_sql_poll ) AND (vote_start + vote_length > " . time() . " OR vote_length = 0) ORDER BY vote_start DESC "; if ( !( $result = $db->sql_query($sql) ) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain vote data', '', __LINE__, __FILE__, $sql); } if ( $poll_info = $db->sql_fetchrow($result) ) { $topic_id = $poll_info['topic_id']; } } // -------------------------------------------------------------------------------- // The following code is based on posting.php (around line 453) from phpBB 2.0.13 // $vote_id_name = 'vote_id_' . $topic_id; // // Vote in a poll // if ( !empty($HTTP_POST_VARS[$vote_id_name]) ) { $vote_option_id = intval($HTTP_POST_VARS[$vote_id_name]); $sql = "SELECT vd.vote_id FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr WHERE vd.topic_id = $topic_id AND vr.vote_id = vd.vote_id AND vr.vote_option_id = $vote_option_id GROUP BY vd.vote_id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); } if ( $vote_info = $db->sql_fetchrow($result) ) { $vote_id = $vote_info['vote_id']; $sql = "SELECT * FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $vote_id AND vote_user_id = " . $userdata['user_id']; if ( !($result2 = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql); } if ( !($row = $db->sql_fetchrow($result2)) ) { $sql = "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_result = vote_result + 1 WHERE vote_id = $vote_id AND vote_option_id = $vote_option_id"; if ( !$db->sql_query($sql, BEGIN_TRANSACTION) ) { mx_message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql); } $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip) VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')"; if ( !$db->sql_query($sql, END_TRANSACTION) ) { mx_message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql); } $message = $lang['Vote_cast']; } else { $message = $lang['Already_voted']; } $db->sql_freeresult($result2); } else { $message = $lang['No_vote_option']; } $db->sql_freeresult($result); $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid(PORTAL_URL . "index.$phpEx?page=$current_page&vote=viewresult") . '">') ); $message .= '<br /><br />' . sprintf($lang['Click_view_voted'], '<a href="' . append_sid(PORTAL_URL . "index.$phpEx?page=$current_page&vote=viewresult") . '">', '</a>'); mx_block_message($lang['Surveys/Polls'], $message); return; } // -------------------------------------------------------------------------------- // The following code is based on viewtopic.php (around line 674) from phpBB 2.0.13 // // // Does this topic contain a poll? // //if ( !empty($forum_topic_data['topic_vote']) ) { $s_hidden_fields = ''; $sql = "SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr WHERE vd.topic_id = $topic_id AND vr.vote_id = vd.vote_id ORDER BY vr.vote_option_id ASC"; if ( !($result = $db->sql_query($sql)) ) { return; //message_die(GENERAL_ERROR, "Could not obtain vote data for this topic", '', __LINE__, __FILE__, $sql); } if ( $vote_info = $db->sql_fetchrowset($result) ) { $db->sql_freeresult($result); $vote_options = count($vote_info); $vote_id = $vote_info[0]['vote_id']; $vote_title = $vote_info[0]['vote_text']; $sql = "SELECT vote_id FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $vote_id AND vote_user_id = " . $userdata['user_id']; if ( !($result = $db->sql_query($sql)) ) { return; //message_die(GENERAL_ERROR, "Could not obtain user vote data for this topic", '', __LINE__, __FILE__, $sql); } $user_voted = ( $row = $db->sql_fetchrow($result) ) ? TRUE : 0; $db->sql_freeresult($result); if ( ( isset($HTTP_GET_VARS['vote']) || isset($HTTP_POST_VARS['vote']) ) || ( !$userdata['session_logged_in'] ) ) { $view_result = ( ( ( ( isset($HTTP_GET_VARS['vote']) ) ? $HTTP_GET_VARS['vote'] : $HTTP_POST_VARS['vote'] ) == 'viewresult' ) || ( !$userdata['session_logged_in'] ) ) ? TRUE : 0; } else { $view_result = 0; } $poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? TRUE : 0 ) : 0; if ( $user_voted || $view_result || $poll_expired ) { $template->set_filenames(array( 'pollbox' => 'mx_poll_result.tpl') ); $vote_results_sum = 0; for($i = 0; $i < $vote_options; $i++) { $vote_results_sum += $vote_info[$i]['vote_result']; } $vote_graphic = 0; $vote_graphic_max = count($images['voting_graphic']); for($i = 0; $i < $vote_options; $i++) { $vote_percent = ( $vote_results_sum > 0 ) ? $vote_info[$i]['vote_result'] / $vote_results_sum : 0; $vote_graphic_length = is_numeric($block_size) ? round($vote_percent * ( $block_size - 50 )) : $vote_percent * 400; $vote_graphic_img = $images['voting_graphic'][$vote_graphic]; $vote_graphic = ($vote_graphic < $vote_graphic_max - 1) ? $vote_graphic + 1 : 0; if ( count($orig_word) ) { $vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']); } $template->assign_block_vars("poll_option", array( 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'], 'POLL_OPTION_RESULT' => $vote_info[$i]['vote_result'], 'POLL_OPTION_PERCENT' => sprintf('%.1d%%', ( $vote_percent * 100 )), 'POLL_OPTION_IMG' => $vote_graphic_img, 'POLL_OPTION_IMG_WIDTH' => $vote_graphic_length) ); } $template->assign_vars(array( 'L_TITLE' => $lang['Surveys/Polls'], 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'TEMPLATE_ROOT_PATH' => TEMPLATE_ROOT_PATH, 'L_TOTAL_VOTES' => $lang['Total_votes'], 'TOTAL_VOTES' => $vote_results_sum) ); } else { $template->set_filenames(array( 'pollbox' => 'mx_poll_ballot.tpl') ); for($i = 0; $i < $vote_options; $i++) { if ( count($orig_word) ) { $vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']); } $template->assign_block_vars("poll_option", array( 'VOTE_ID' => $vote_id_name, 'POLL_OPTION_ID' => $vote_info[$i]['vote_option_id'], 'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text']) ); } $template->assign_vars(array( 'BLOCK_SIZE' => $block_size, 'L_TITLE' => $lang['Surveys/Polls'], 'L_SUBMIT_VOTE' => $lang['Submit_vote'], 'L_VIEW_RESULTS' => $lang['View_results'], 'U_VIEW_RESULTS' => append_sid(PORTAL_URL . "index.$phpEx?page=$current_page&vote=viewresult"), 'U_URL' => append_sid(PHPBB_URL . "viewtopic.$phpEx?t=$topic_id")) ); $s_hidden_fields = '<input type="hidden" name="topic_id" value="' . $topic_id . '" /><input type="hidden" name="mode" value="vote" />'; } if ( count($orig_word) ) { $vote_title = preg_replace($orig_word, $replacement_word, $vote_title); } $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; $template->assign_vars(array( 'BLOCK_SIZE' => ( !empty($block_size) ? $block_size : '100%' ), 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'POLL_QUESTION' => $vote_title, 'S_HIDDEN_FIELDS' => ( !empty($s_hidden_fields) ? $s_hidden_fields : '' ), 'S_POLL_ACTION' => append_sid(PORTAL_URL . "index.$phpEx?page=$current_page")) ); $template->pparse('pollbox'); } } ?> --- NEW FILE: login.php --- <?php /*************************************************************************** * login.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: login.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ // // Allow people to reach login page if // board is shut down // define("IN_LOGIN", true); define('IN_PORTAL', true); $mx_root_path = './'; include($mx_root_path . 'extension.inc'); include($mx_root_path . 'common.'.$phpEx); // // Set page ID for session management // $userdata = session_pagestart($user_ip, PAGE_LOGIN); mx_init_userprefs($userdata); // // End session management // // session id check if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid'])) { $sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid']; } else { $sid = ''; } if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) ) { if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] ) { $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; $sql = "SELECT user_id, username, user_password, user_active, user_level FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); } if( $row = $db->sql_fetchrow($result) ) { if( $row['user_level'] != ADMIN && $board_config['board_disable'] ) { mx_redirect(append_sid("index.$phpEx", true)); } else { if( md5($password) == $row['user_password'] && $row['user_active'] ) { $autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0; $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin); if( $session_id ) { $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx"; mx_redirect(append_sid($url, true)); } else { mx_message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__); } } else { $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ''; $redirect = str_replace('?', '&', $redirect); if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) { mx_message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } $template->assign_vars(array( 'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">") ); $message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); mx_message_die(GENERAL_MESSAGE, $message); } } } else { $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ""; $redirect = str_replace("?", "&", $redirect); if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) { mx_message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } $template->assign_vars(array( 'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">") ); $message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); mx_message_die(GENERAL_MESSAGE, $message); } } else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] ) { if( $userdata['session_logged_in'] ) { session_end($userdata['session_id'], $userdata['user_id']); } if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect'])) { $url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']); $url = str_replace('&', '&', $url); mx_redirect(append_sid($url, true)); } else { mx_redirect(append_sid("index.$phpEx", true)); } } else { $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx"; mx_redirect(append_sid($url, true)); } } else { // // Do a full login page dohickey if // user not already logged in // if( !$userdata['session_logged_in'] ) { $page_title = $lang['Login']; include($mx_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'body' => 'login_body.tpl') ); if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) ) { $forward_to = $HTTP_SERVER_VARS['QUERY_STRING']; if( preg_match("/^redirect=([a-z0-9\.#\/\?&=\+\-_]+)/si", $forward_to, $forward_matches) ) { $forward_to = ( !empty($forward_matches[3]) ) ? $forward_matches[3] : $forward_matches[1]; $forward_match = explode('&', $forward_to); if(count($forward_match) > 1) { $forward_page = ''; for($i = 1; $i < count($forward_match); $i++) { if( !ereg("sid=", $forward_match[$i]) ) { if( $forward_page != '' ) { $forward_page .= '&'; } $forward_page .= $forward_match[$i]; } } $forward_page = $forward_match[0] . '?' . $forward_page; } else { $forward_page = $forward_match[0]; } } } else { $forward_page = ''; } $username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : ''; $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />'; make_jumpbox($phpbb_root_path . 'viewforum.'.$phpEx, $forum_id); $template->assign_vars(array( 'USERNAME' => $username, 'L_ENTER_PASSWORD' => $lang['Enter_password'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], 'U_SEND_PASSWORD' => append_sid($phpbb_root_path . "profile.$phpEx?mode=sendpassword"), 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); $template->pparse('body'); include($mx_root_path . 'includes/page_tail.'.$phpEx); } else { mx_redirect(append_sid("index.$phpEx", true)); } } ?> --- NEW FILE: favicon.ico --- (This appears to be a binary file; contents omitted.) --- NEW FILE: mx_online.php --- <?php /** ------------------------------------------------------------------------ * subject : mxBB-Portal, CMS & portal * begin : june, 2002 * copyright : (C) 2002-2005 mxBB-Portal * email : jon...@ho... * project site : www.mx-system.com * * description : Who's Online Block. * ------------------------------------------------------------------------- * $Id: mx_online.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ */ /** * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. */ if( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // ================================================================================ // The following code is backported from includes/page_header.php (phpBB 2.0.13) // ================================================================================ // // Get basic (usernames + totals) online // situation // $logged_visible_online = 0; $logged_hidden_online = 0; $guests_online = 0; $online_userlist = ''; $l_online_users = ''; //if (defined('SHOW_ONLINE')) { $sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_ip FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s WHERE u.user_id = s.session_user_id AND s.session_time >= ".( time() - 300 ) . " ORDER BY u.username ASC, s.session_ip ASC"; if( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql); } $userlist_ary = array(); $userlist_visible = array(); $prev_user_id = 0; $prev_user_ip = $prev_session_ip = ''; while( $row = $db->sql_fetchrow($result) ) { // User is logged in and therefor not a guest if ( $row['session_logged_in'] ) { // Skip multiple sessions for one user if ( $row['user_id'] != $prev_user_id ) { $style_color = ''; if ( $row['user_level'] == ADMIN ) { $row['username'] = '<b>' . $row['username'] . '</b>'; $style_color = 'style="color:#' . $theme['fontcolor3'] . '"'; } else if ( $row['user_level'] == MOD ) { $row['username'] = '<b>' . $row['username'] . '</b>'; $style_color = 'style="color:#' . $theme['fontcolor2'] . '"'; } if ( $row['user_allow_viewonline'] ) { $user_online_link = '<a href="' . append_sid(PHPBB_URL."profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'>' . $row['username'] . '</a>'; $logged_visible_online++; } else { $user_online_link = '<a href="' . append_sid(PHPBB_URL."profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'><i>' . $row['username'] . '</i></a>'; $logged_hidden_online++; } if ( $row['user_allow_viewonline'] || $userdata['user_level'] == ADMIN ) { $online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link; } } $prev_user_id = $row['user_id']; } else { // Skip multiple sessions for one user if ( $row['session_ip'] != $prev_session_ip ) { $guests_online++; } } $prev_session_ip = $row['session_ip']; } $db->sql_freeresult($result); if ( empty($online_userlist) ) { $online_userlist = $lang['None']; } $online_userlist = ( ( isset($forum_id) ) ? $lang['Browsing_forum'] : $lang['Registered_users'] ) . ' ' . $online_userlist; $total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online; if ( $total_online_users > $board_config['record_online_users']) { $board_config['record_online_users'] = $total_online_users; $board_config['record_online_date'] = time(); $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '$total_online_users' WHERE config_name = 'record_online_users'"; if ( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not update online user record (nr of users)', '', __LINE__, __FILE__, $sql); } $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . $board_config['record_online_date'] . "' WHERE config_name = 'record_online_date'"; if ( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not update online user record (date)', '', __LINE__, __FILE__, $sql); } } if ( $total_online_users == 0 ) { $l_t_user_s = $lang['Online_users_zero_total']; } else if ( $total_online_users == 1 ) { $l_t_user_s = $lang['Online_user_total']; } else { $l_t_user_s = $lang['Online_users_total']; } if ( $logged_visible_online == 0 ) { $l_r_user_s = $lang['Reg_users_zero_total']; } else if ( $logged_visible_online == 1 ) { $l_r_user_s = $lang['Reg_user_total']; } else { $l_r_user_s = $lang['Reg_users_total']; } if ( $logged_hidden_online == 0 ) { $l_h_user_s = $lang['Hidden_users_zero_total']; } else if ( $logged_hidden_online == 1 ) { $l_h_user_s = $lang['Hidden_user_total']; } else { $l_h_user_s = $lang['Hidden_users_total']; } if ( $guests_online == 0 ) { $l_g_user_s = $lang['Guest_users_zero_total']; } else if ( $guests_online == 1 ) { $l_g_user_s = $lang['Guest_user_total']; } else { $l_g_user_s = $lang['Guest_users_total']; } $l_online_users = sprintf($l_t_user_s, $total_online_users); $l_online_users .= sprintf($l_r_user_s, $logged_visible_online); $l_online_users .= sprintf($l_h_user_s, $logged_hidden_online); $l_online_users .= sprintf($l_g_user_s, $guests_online); } // ================================================================================ // The following code is backported from index.php (phpBB 2.0.13) // ================================================================================ // // If you don't use these stats on your index you may want to consider // removing them // $total_posts = get_db_stat('postcount'); $total_users = get_db_stat('usercount'); $newest_userdata = get_db_stat('newestuser'); $newest_user = $newest_userdata['username']; $newest_uid = $newest_userdata['user_id']; if( $total_posts == 0 ) { $l_total_post_s = $lang['Posted_articles_zero_total']; } else if( $total_posts == 1 ) { $l_total_post_s = $lang['Posted_article_total']; } else { $l_total_post_s = $lang['Posted_articles_total']; } if( $total_users == 0 ) { $l_total_user_s = $lang['Registered_users_zero_total']; } else if( $total_users == 1 ) { $l_total_user_s = $lang['Registered_user_total']; } else { $l_total_user_s = $lang['Registered_users_total']; } // ================================================================================ // Send our Who's Online block to the browser // ================================================================================ $template->set_filenames(array( 'body_online' => 'mx_online.tpl') ); $template->assign_vars(array( // // Template variables particular to the mxBB Online Block. // 'BLOCK_SIZE' => $block_size, 'U_PHPBB_ROOT_PATH' => PHPBB_URL, 'TEMPLATE_ROOT_PATH' => TEMPLATE_ROOT_PATH, // // Template variables part of phpBB includes/page_header.php // 'TOTAL_USERS_ONLINE' => $l_online_users, 'LOGGED_IN_USER_LIST' => $online_userlist, 'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], create_date($board_config['default_dateformat'], $board_config['record_online_date'], $board_config['board_timezone'])), 'L_WHO_IS_ONLINE' => $lang['Who_is_Online'], 'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'), 'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'), 'U_VIEWONLINE' => append_sid(PHPBB_URL.'viewonline.'.$phpEx), // // Template variables part of phpBB index.php // 'TOTAL_POSTS' => sprintf($l_total_post_s, $total_posts), 'TOTAL_USERS' => sprintf($l_total_user_s, $total_users), 'NEWEST_USER' => sprintf($lang['Newest_user'], '<a href="' . append_sid(PHPBB_URL."profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$newest_uid") . '">', $newest_user, '</a>'), )); $template->pparse('body_online'); ?> --- NEW FILE: index.php --- <?php /*************************************************************************** * mx-portal.php * ------------------- * begin : Juillet, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: index.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ define('IN_PORTAL', 1); $mx_root_path = './'; include_once($mx_root_path . 'extension.inc'); include_once($mx_root_path . 'common.'.$phpEx); // // Start session management // $userdata = session_pagestart($user_ip, PAGE_INDEX); mx_init_userprefs($userdata); // // // $cache_dir = $mx_root_path . 'cache/'; if ( $HTTP_SESSION_VARS['cache_read'] != TRUE && file_exists($cache_dir . 'block_config.xml') ) { include_once($mx_root_path . "cache/mx_cache.php"); // file of easy_parser class read_cache_config(); } // // End session management // $view_page = FALSE; // // Load default header // $page_id = $mx_request_vars->request('page', MX_TYPE_INT, 1); $page_row = get_info(PAGE_TABLE, "page_id", $page_id); $page_title .= $page_row['page_name']; include($mx_root_path . 'includes/page_header.'.$phpEx); $is_auth_ary = array(); $is_auth_ary = page_auth(AUTH_VIEW, $userdata, $page_row['auth_view'], $page_row['auth_view_group'] ); if ( ! $is_auth_ary['auth_view'] ) { $message = empty($lang['Page_Not_Authorised']) ? "Sorry, but you don't have privilege to access this page." : $lang['Page_Not_Authorised']; mx_message_die(GENERAL_MESSAGE, $message, "", __LINE__, __FILE__, ""); } if ( !empty($HTTP_SESSION_VARS['page_column_' . $page_id]) ) { $column_rows = $HTTP_SESSION_VARS['page_column_' . $page_id]; $total_column = count($HTTP_SESSION_VARS['page_column_' . $page_id]); } else { $sql = "SELECT col.column_id, col.column_title, col.column_order, col.column_size FROM " . COLUMN_TABLE . " col WHERE page_id = $page_id ORDER BY column_order"; if( !$q_column = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Could not query column list", "", __LINE__, __FILE__, $sql); } if( $total_column = $db->sql_numrows($q_column) ) { $column_rows = $db->sql_fetchrowset($q_column); } $HTTP_SESSION_VARS['page_column_' . $page_id] = $column_rows; } if ( !empty($HTTP_SESSION_VARS['page_block_' . $page_id]) ) { $block_rows = $HTTP_SESSION_VARS['page_block_' . $page_id]; $total_block = count( $HTTP_SESSION_VARS['page_block_' . $page_id] ); } else { $sql = "SELECT blk.block_id, blk.auth_view_group, blk.auth_edit_group, bct.column_id, module_path, function_file, auth_view FROM " . COLUMN_BLOCK_TABLE . " bct, " . BLOCK_TABLE . " blk, " . FUNCTION_TABLE . " fnc, " . MODULE_TABLE . " modu WHERE blk.function_id = fnc.function_id AND blk.block_id = bct.block_id AND fnc.module_id = modu.module_id ORDER BY column_id, block_order"; // AND bct.column_id = " . $column_rows[$column]['column_id'] . " if( !$q_modules = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Could not query modules information", "", __LINE__, __FILE__, $sql); } if( $total_block = $db->sql_numrows($q_modules) ) { $block_rows = $db->sql_fetchrowset($q_modules); $HTTP_SESSION_VARS['page_block_' . $page_id] = $block_rows; } } ECHO '<table border="0" cellspacing="4" cellpadding="0" width="100%"><tr valign="top">'; for($column = 0; $column < $total_column; $column++) { $block_size = $column_rows[$column]['column_size']; ECHO '<td width="' . $block_size . '" >'; for($block = 0; $block < $total_block; $block++) { if ( $column_rows[$column]['column_id'] == $block_rows[$block]['column_id'] ) { // // Find which blocks are visible for this user // $block_id = $block_rows[$block]['block_id']; $block_row = get_info(BLOCK_TABLE, "block_id", $block_id); $is_auth_ary = array(); $is_auth_ary = block_auth(AUTH_VIEW, $block_id, $userdata, $block_rows[$block], $block_row['auth_view_group']); if ( $is_auth_ary['auth_view'] ) { $template = new Template($template->root, $board_config, $db); $module_root_path = $block_rows[$block]['module_path']; $block_file = $block_rows[$block]['function_file']; include( $module_root_path . $block_file ); } } } // for ... modules ECHO '</td>'; } // for ... column ECHO '</tr></table>'; // // // include($mx_root_path . 'includes/page_tail.'.$phpEx); exit; ?> --- NEW FILE: mx_theme.php --- <?php /*************************************************************************** * mx_theme.php * ------------------- * begin : April, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: mx_theme.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } if( isset($HTTP_POST_VARS['change_default_theme']) && $userdata['user_level'] == ADMIN) { $board_config['default_style'] = ( isset($HTTP_POST_VARS['default_style']) ) ? $HTTP_POST_VARS['default_style'] : $board_config['default_style']; $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $board_config['default_style']) . "' WHERE config_name = 'default_style'"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Failed to update default style configuration for $config_name", "", __LINE__, __FILE__, $sql); } } if( isset($HTTP_POST_VARS['change_user_theme']) && $userdata['session_logged_in']) { $userdata['user_style'] = ( isset($HTTP_POST_VARS['user_style']) ) ? $HTTP_POST_VARS['user_style'] : $board_config['default_style']; $mx_user_id = $userdata['user_id']; $sql = "UPDATE " . USERS_TABLE . " SET user_style = '" . str_replace("\'", "''", $userdata['user_style']) . "' WHERE user_id = '$mx_user_id'"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Failed to update user style configuration for $config_name", "", __LINE__, __FILE__, $sql); } } $template->set_filenames(array( "body_theme" => 'mx_theme.tpl') ); if ( $userdata['user_level'] == ADMIN ) { $template->assign_block_vars("switch_is_admin", array( 'L_CHANGE_NOW' => $lang['Change_default_style'], 'STYLE_SELECT' => style_select($board_config['default_style'], 'default_style') )); } if ( $userdata['session_logged_in'] ) { $template->assign_block_vars("switch_is_user", array( 'L_CHANGE_NOW' => $lang['Change_user_style'], 'STYLE_SELECT' => style_select($userdata['user_style'], 'user_style') )); } $template->assign_vars(array( 'ACTION_URL' => $mx_root_path . "index." . $phpEx . "?page=" . $page_id, 'BLOCK_SIZE' => $block_size, 'L_BOARD_STYLE' => $board_config['default_style'], 'L_CHANGE_NOW' => $lang['Change'], 'L_TITLE' => $lang['Theme'], 'L_SUBTITLE' => $lang['SelectTheme']) ); // // Display only when the user is logged in // if( $userdata['session_logged_in'] ) { $template->pparse("body_theme"); } ?> --- NEW FILE: mx_login.php --- <?php /*************************************************************************** * mx_login.php * ------------------- * begin : April, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: mx_login.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } $template->set_filenames(array( "body_login" => 'mx_login.tpl') ); $template->assign_vars(array( 'BLOCK_SIZE' => $block_size, 'S_LOGIN_ACTION' => append_sid('login.'.$phpEx), 'L_USERNAME' => $lang['Username'], 'L_PASSWORD' => $lang['Password'], 'L_LOGIN' => $lang['Login'], 'L_TITLE' => $lang['Login'], 'L_LOG_ME_IN' => $lang['Log_me_in'], 'L_AUTO_LOGIN' => $lang['Log_me_in'], 'L_LOGIN_LOGOUT' => $lang['Login']) ); //if( !$userdata['session_logged_in'] ) //{ $template->assign_block_vars('switch_user_logged_out', array()); $template->pparse("body_login"); //} ?> --- NEW FILE: mx_meta.inc --- <?php $title = "Your sites title"; $author = "Your name or your company name"; $copyright = "Add some copyright notice here"; $keywords = "Add, all, your, keywords, in, here"; $description = "This is the description search engines show when listing your site."; $langcode = "en"; $rating = "general"; $index = "index"; $follow = "follow"; $pragma = "1"; $icon = "favicon.ico"; $header = "<meta name=\"revisit-after\" content=\"7 days\" />"; ?> --- NEW FILE: mx_menu_nav.php --- <?php /*************************************************************************** * mx_menu_nav.php * ------------------- * begin : April, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * modified : Jaime (ja...@ci...) August 2003 * Changes: : Allow page selection * : Allow Fold/Unfold Category select * * $Id: mx_menu_nav.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ $block_config = read_block_config($block_id); $title = $block_config[$block_id]['block_title']; $b_description = $block_config[$block_id]['block_desc']; if ( !empty($HTTP_POST_VARS['show']) || !empty($HTTP_GET_VARS['show']) ) { $show = ( !empty($HTTP_POST_VARS['show']) ) ? $HTTP_POST_VARS['show'] : $HTTP_GET_VARS['show']; } else { // Modded by Jaime - Allow Fold/Unfold Category select $sql1 = "SELECT cat_id FROM " . MENU_CAT_TABLE . " WHERE cat_show = 1 ORDER BY cat_order, cat_id "; if ( !($result_show = $db->sql_query($sql1)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain folded/unfolded information', '', __LINE__, __FILE__, $sql); } $menu_cat_show = $db->sql_fetchrowset($result_show); for($catrow_count = 0; $catrow_count < count($menu_cat_show); $catrow_count++) { $show .= ',' . $menu_cat_show[$catrow_count]['cat_id']; } $show = substr($show, 1); } // End of modded by Jaime - Allow Fold/Unfold Category select if ( !empty($HTTP_POST_VARS['out']) || !empty($HTTP_GET_VARS['out']) ) { $out = ( !empty($HTTP_POST_VARS['out']) ) ? $HTTP_POST_VARS['out'] : $HTTP_GET_VARS['out']; $show = preg_replace( "/(?:^|,)".$out."(?:,|$)/", ",", $show ); $show = preg_replace( "/,,/" , "" , $show ); $show = preg_replace( "/,$/" , "" , $show ); $show = preg_replace( "/^,/" , "" , $show ); } $show_opt = explode(",", $show); // // Get the current MX page. // $page_id = ( !empty($HTTP_POST_VARS['page']) ) ? $HTTP_POST_VARS['page'] : $HTTP_GET_VARS['page']; if( empty($page_id) ) { $page_id = 1; } $template->set_filenames(array( "body" => 'mx_menu_nav.tpl') ); $is_auth_ary = array(); $is_auth_ary = block_auth(AUTH_EDIT, $block_id , $userdata, $block_config[$block_id]['auth_edit'], $block_config[$block_id]['auth_edit_group'] ); if ( $is_auth_ary['auth_edit'] ) { $s_hidden_fields = '<input type="hidden" name="block_id" value="' . $block_id . '" />'; $s_hidden_fields .= '<input type="hidden" name="portalpage" value="' . $page_id. '" />'; $edit_url = $mx_root_path . "admin/admin_mx_menu.$phpEx?sid=" . $userdata['session_id']; $edit_img = '<input type="image" src="' . PHPBB_URL . $images['icon_edit'] . '" alt="' . $lang['Block_Edit'] . '" title="' . $lang['Block_Edit'] . '"></input>'; $template->assign_block_vars("switch_admin", array()); } else { $template->assign_block_vars("switch_not_admin", array()); } $template->assign_vars(array( 'BLOCK_SIZE' => ( !empty($block_size) ? $block_size : '100%' ), 'L_TITLE' => $title, 'L_DESC' => $b_description, 'S_ACTION' => $edit_url, 'EDIT_IMG' => $edit_img, 'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields )); $sql = "SELECT cat_id, cat_title, cat_desc, bbcode_uid FROM " . MENU_CAT_TABLE . " WHERE block_id = $block_id ORDER BY cat_order, cat_id "; if ( !($result_cat = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain menu navigation configuration', '', __LINE__, __FILE__, $sql); } $menu_cat_config = $db->sql_fetchrowset($result_cat); for($catrow_count = 0; $catrow_count < count($menu_cat_config); $catrow_count++) { $cat_title = $menu_cat_config[$catrow_count]['cat_title']; $cat_id = $menu_cat_config[$catrow_count]['cat_id']; $cat = ( !empty($lang[$cat_title]) ? $lang[$cat_title] : $cat_title); $bbcode_uid = $menu_cat_config[$catrow_count]['bbcode_uid']; $cat = mx_decode($cat, $bbcode_uid); // $cat_icon = ( !empty($menu_nav_config[$row_count]['menu_icon']) ? '<img src="' . PORTAL_URL . 'images/' . $menu_nav_config[$row_count]['menu_icon'] . '" /> ' : '' ); if ( in_array($cat_id, $show_opt) ) { $cat_desc = ''; $cat_icon = '<img border="0" src="' . PORTAL_URL . TEMPLATE_ROOT_PATH . 'images/minus.gif" /> '; $cat_url = append_sid(PORTAL_URL . 'index.'. $phpEx.'?page=' . $page_id. '&show=' . $show . '&out='. $cat_id); } else { if ( !empty($show) ) { $show_lst = $show . "," . $cat_id; } else { $show_lst = $cat_id; } $cat_desc = $menu_cat_config[$catrow_count]['cat_desc']; $cat_desc = mx_decode($cat_desc, $bbcode_uid); $cat_icon = '<img border="0" src="' . PORTAL_URL . TEMPLATE_ROOT_PATH . 'images/plus.gif" /> '; $cat_url = append_sid(PORTAL_URL . 'index.'. $phpEx.'?page=' . $page_id. '&show=' .$show_lst); } $template->assign_block_vars("catrow", array( "CATEGORY" => $cat, "U_URL" => append_sid(PORTAL_URL . 'index.'.$phpEx.'?block_id=' .$block_id), "U_CAT_ICON" => $cat_icon, "U_URL_SHOW" => $cat_url, "DESCRIPTION" => $cat_desc) ); // Modded by Jaime - Allow page select if ( in_array($cat_id, $show_opt) ) { $sql = "SELECT menu_id, cat_id, menu_name, menu_desc, menu_links, block_id, function_id, page_id, auth_view, auth_view_group, link_target, menu_order, bbcode_uid, menu_icon FROM " . MENU_NAV_TABLE . " WHERE cat_id = " . $cat_id . " ORDER BY menu_order, menu_id "; // End of modded by Jaime - Allow page select if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain menu navigation configuration', '', __LINE__, __FILE__, $sql); } $is_auth_ary = array(); $menu_nav_config = $db->sql_fetchrowset($result); for($row_count = 0; $row_count < count($menu_nav_config); $row_count++) { $menu_id = $menu_nav_config[$row_count]['menu_id']; // // Find if user is allowed for view // // mx_message_die(GENERAL_MESSAGE, $menu_nav_config[$row_count]['auth_view_group']); $is_auth_ary = menu_auth(AUTH_VIEW, $menu_id , $userdata, $menu_nav_config[$row_count], $menu_nav_config[$row_count]['auth_view_group']); if ( $is_auth_ary['auth_view'] ) { $row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2']; $action = $menu_nav_config[$row_count]['menu_name']; $action = ( !empty( $lang[$action] ) ? $lang[$action] : $action); $desc = $menu_nav_config[$row_count]['menu_desc']; $desc = ( !empty( $lang[$desc] ) ? $lang[$desc] : $desc); $bbcode_uid = $menu_nav_config[$row_count]['bbcode_uid']; $action = mx_decode($action, $bbcode_uid); $menu_icon = ( !empty($menu_nav_config[$row_count]['menu_icon']) ? '<img src="' . PORTAL_URL . TEMPLATE_ROOT_PATH .'images/' . $menu_nav_config[$row_count]['menu_icon'] . '" alt="' . $desc . '" /> ' : '' ); // Modded by Jaime - Allow select page if ( $menu_nav_config[$row_count]['page_id'] != 0) { $menu_link = append_sid('index.php?page=' . $menu_nav_config[$row_count]['page_id']); } // End modded by Jaime else if ( $menu_nav_config[$row_count]['function_id'] == 0 ) { $menu_link = append_sid($menu_nav_config[$row_count]['menu_links']); } else if ( $menu_nav_config[$row_count]['block_id'] != 0 ) { $menu_link = append_sid('index.php?block=' . $menu_nav_config[$row_count]['block_id']); } else { $sql = "SELECT module_path, function_file FROM " . FUNCTION_TABLE . " fnc, " . MODULE_TABLE . " modu WHERE fnc.function_id = " . $menu_nav_config[$row_count]['function_id'] . " AND fnc.module_id = modu.module_id"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Could not query modules information", "", __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $menu_link = append_sid($row['module_path'] . $row['function_file']); } $link_target = ($menu_nav_config[$row_count]['link_target'] == 0) ? '' : '_blank'; $template->assign_block_vars("catrow.modulerow", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "MENU_NAME" => $action, "MENU_DESC" => $desc, "U_MENU_MODULE" => $menu_link, "U_LINK_TARGET" => $link_target, "U_MENU_ICON" => $menu_icon) ); } } } } $template->pparse("body"); ?> --- NEW FILE: common.php --- <?php /*************************************************************************** * common.php * ------------------- * begin : Saturday, Feb 23, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: common.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } define('IN_PHPBB', 1); // error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime // The following code (unsetting globals) was contributed by Matt Kavanagh // PHP5 with register_long_arrays off? if (!isset($HTTP_POST_VARS) && isset($_POST)) { $HTTP_POST_VARS = $_POST; $HTTP_GET_VARS = $_GET; $HTTP_SERVER_VARS = $_SERVER; $HTTP_COOKIE_VARS = $_COOKIE; $HTTP_ENV_VARS = $_ENV; $HTTP_POST_FILES = $_FILES; // _SESSION is the only superglobal which is conditionally set if (isset($_SESSION)) { $HTTP_SESSION_VARS = $_SESSION; } } if (@phpversion() < '4.0.0') { // PHP3 path; in PHP3, globals are _always_ registered // We 'flip' the array of variables to test like this so that // we can validate later with isset($test[$var]) (no in_array()) $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL, 'mx_root_path' => NULL); // Loop through each input array @reset($test); while (list($input,) = @each($test)) { while (list($var,) = @each($$input)) { // Validate the variable to be unset if (!isset($test[$var]) && $var != 'test' && $var != 'input') { unset($$var); } } } } else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { // PHP4+ path $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path', 'mx_root_path'); // Not only will array_merge give a warning if a parameter // is not an array, it will actually fail. So we check if // HTTP_SESSION_VARS has been initialised. if (!isset($HTTP_SESSION_VARS)) { $HTTP_SESSION_VARS = array(); } // Merge all into one extremely huge array; unset // this later $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); unset($input['input']); unset($input['not_unset']); while (list($var,) = @each($input)) { if (!in_array($var, $not_unset)) { unset($$var); } } unset($input); } // // addslashes to vars if magic_quotes_gpc is off // this is a security precaution to prevent someone // trying to break out of a SQL statement. // if( !get_magic_quotes_gpc() ) { if( is_array($HTTP_GET_VARS) ) { while( list($k, $v) = each($HTTP_GET_VARS) ) { if( is_array($HTTP_GET_VARS[$k]) ) { while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) ) { $HTTP_GET_VARS[$k][$k2] = addslashes($v2); } @reset($HTTP_GET_VARS[$k]); } else { $HTTP_GET_VARS[$k] = addslashes($v); } } @reset($HTTP_GET_VARS); } if( is_array($HTTP_POST_VARS) ) { while( list($k, $v) = each($HTTP_POST_VARS) ) { if( is_array($HTTP_POST_VARS[$k]) ) { while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) ) { $HTTP_POST_VARS[$k][$k2] = addslashes($v2); } @reset($HTTP_POST_VARS[$k]); } else { $HTTP_POST_VARS[$k] = addslashes($v); } } @reset($HTTP_POST_VARS); } if( is_array($HTTP_COOKIE_VARS) ) { while( list($k, $v) = each($HTTP_COOKIE_VARS) ) { if( is_array($HTTP_COOKIE_VARS[$k]) ) { while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) ) { $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2); } @reset($HTTP_COOKIE_VARS[$k]); } else { $HTTP_COOKIE_VARS[$k] = addslashes($v); } } @reset($HTTP_COOKIE_VARS); } } // // Define some basic configuration arrays this also prevents // malicious rewriting of language and otherarray values via // URI params // $board_config = array(); $userdata = array(); $theme = array(); $images = array(); $lang = array(); $gen_simple_header = FALSE; @include_once($mx_root_path . 'config.'.$phpEx); if( !defined("MX_INSTALLED") ) { header("Location: install/mx_install.$phpEx"); exit; } str_replace("//", "/", $phpbb_root_path); include_once($mx_root_path . 'config.'.$phpEx); include_once($phpbb_root_path . 'includes/constants.'.$phpEx); include_once($mx_root_path . 'includes/template.'.$phpEx); include_once($phpbb_root_path . 'includes/sessions.'.$phpEx); include_once($phpbb_root_path . 'includes/auth.'.$phpEx); include_once($phpbb_root_path . 'includes/functions.'.$phpEx); include_once($phpbb_root_path . 'includes/db.'.$phpEx); include_once($phpbb_root_path . 'includes/functions_selects.'.$phpEx); include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); include_once($mx_root_path . 'includes/mx_constants.'.$phpEx); include_once($mx_root_path . 'includes/mx_functions.'.$phpEx); $portal_config = get_info( PORTAL_TABLE, 'portal_id', 1 ); define('PHPBB_URL', $portal_config[portal_phpbb_url]); define('PORTAL_URL', $portal_config[portal_url]); define('PORTAL_VERSION', $portal_config[portal_version]); // // instatiate the mx_request_vars class // $mx_request_vars = new mx_request_vars(); // // Mozilla navigation bar // Default items that should be valid on all pages. // Defined here and not in page_header.php so they can be redefined in the code // $nav_links['top'] = array ( 'url' => append_sid( PHPBB_URL ."index.".$phpEx), 'title' => sprintf($lang['Forum_Index'], $board_config['sitename']) ); $nav_links['search'] = array ( 'url' => append_sid( PHPBB_URL ."search.".$phpEx), 'title' => $lang['Search'] ); $nav_links['help'] = array ( 'url' => append_sid( PHPBB_URL ."faq.".$phpEx), 'title' => $lang['FAQ'] ); $nav_links['author'] = array ( 'url' => append_sid( PHPBB_URL ."memberlist.".$phpEx), 'title' => $lang['Memberlist'] ); // // Obtain and encode users IP // // I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as // private range IP's appearing instead of the guilty routable IP, tough, don't // even bother complaining ... go scream and shout at the idiots out there who feel // "clever" is doing harm rather than good ... karma is a great thing ... :) // $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') ); $user_ip = encode_ip($client_ip); // // Setup forum wide options, if this fails // then we output a CRITICAL_ERROR since // basic forum information is not available // if( @file_exists($phpbb_root_path . 'includes/class_config.' . $phpEx) && @file_exists($phpbb_root_path . 'includes/class_groups.' . $phpEx) ) { include($mx_root_path . 'includes/mx_functions_ch.'.$phpEx); } else { $sql = "SELECT * FROM " . CONFIG_TABLE; if( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql); } while ( $row = $db->sql_fetchrow($result) ) { $board_config[$row['config_name']] = $row['config_value']; } } // // Initialize GZIP handler (if necessary) and PHP sessions // $do_gzip_compress = FALSE; mx_session_start(); // Note: this needs $board_config populated! //++ MX System // // if ( $language ) // { // $board_config['default_lang'] = $language; // setcookie('default_lang', $language, (time()+21600), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); // } // elseif ( isset($HTTP_COOKIE_VARS['default_lang']) ) // { // $board_config['default_lang'] = $HTTP_COOKIE_VARS['default_lang']; // } // if ( $style ) // { // $board_config['default_style'] = $style; // setcookie('default_style', $style, (time()+21600), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); // } // elseif ( isset($HTTP_COOKIE_VARS['default_style']) ) // { // $board_config['default_style'] = $HTTP_COOKIE_VARS['default_style']; // } // //-- MX System if ( file_exists($phpbb_root_path . 'attach_mod') ) { include_once($phpbb_root_path . 'attach_mod/attachment_mod.'.$phpEx); } if ( file_exists('install') || file_exists('contrib') ) { message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted'); } // // Show 'Board is disabled' message if needed. // if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") ) { message_die(GENERAL_MESSAGE, 'Board_disable', 'Information'); } ?> --- NEW FILE: extension.inc --- <?php /*************************************************************************** * extension.inc * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: extension.inc,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } // // Change this if your extension is not .php! // $phpEx = 'php'; $mx_starttime = explode(' ', microtime()); $mx_starttime = $mx_starttime[1] + $mx_starttime[0]; ?> --- NEW FILE: mx_language.php --- <?php /*************************************************************************** * mx_language.php * ------------------- * begin : April, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: mx_language.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } if( isset($HTTP_POST_VARS['change_default_lang']) && $userdata['user_level'] == ADMIN ) { $board_config['default_lang'] = ( isset($HTTP_POST_VARS['default_lang']) ) ? $HTTP_POST_VARS['default_lang'] : $board_config['default_lang']; $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $board_config['default_lang']) . "' WHERE config_name = 'default_lang'"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Failed to update default language configuration for $config_name", "", __LINE__, __FILE__, $sql); } } if( isset($HTTP_POST_VARS['change_user_lang']) && $userdata['session_logged_in'] ) { $userdata['user_lang'] = ( isset($HTTP_POST_VARS['user_lang']) ) ? $HTTP_POST_VARS['user_lang'] : $board_config['default_lang']; $mx_user_id = $userdata['user_id']; $sql = "UPDATE " . USERS_TABLE . " SET user_lang = '" . str_replace("\'", "''", $userdata['user_lang']) . "' WHERE user_id = '$mx_user_id'"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Failed to update user lang configuration for $config_name", "", __LINE__, __FILE__, $sql); } } $template->set_filenames(array( "body_language" => 'mx_language.tpl') ); if ( $userdata['user_level'] == ADMIN ) { $template->assign_block_vars("switch_is_admin", array( 'L_CHANGE_NOW' => $lang['Change_default_lang'], 'LANG_SELECT' => language_select($board_config['default_lang'], 'default_lang') )); } if ( $userdata['session_logged_in'] ) { $template->assign_block_vars("switch_is_user", array( 'L_CHANGE_NOW' => $lang['Change_user_lang'], 'LANG_SELECT' => language_select($userdata['user_lang'], 'user_lang') )); } $template->assign_vars(array( 'ACTION_URL' => $mx_root_path . "index." . $phpEx . "?page=" . $page_id, 'BLOCK_SIZE' => ( !empty( $block_size ) ? $block_size : '100%' ), 'L_SELECT_LANG' => $lang['Board_lang'], 'L_CHANGE_NOW' => $lang['Change'], 'L_TITLE' => $lang['Portal_lang'], 'L_SUBTITLE' => $lang['SELECTGUILANG']) ); // // Display only when the user is logged in // if( $userdata['session_logged_in'] ) { $template->pparse("body_language"); } ?> --- NEW FILE: mx_google.php --- <?php /*************************************************************************** * mx_google.php * ------------------- * begin : August, 2002 * copyright : (C) 2002 MX-System * email : su...@mx... * * $Id: mx_google.php,v 1.1 2005/05/06 06:47:57 jonohlsson Exp $ * ***************************************************************************/ if ( !defined('IN_PORTAL') ) { die("Hacking attempt"); } $template->set_filenames(array( "body_google" => 'mx_google.tpl') ); $template->assign_vars(array( 'BLOCK_SIZE' => $block_size, 'L_SEARCH' => $lang['Search'], 'L_TITLE' => 'Google') ); $template->pparse("body_google"); ?> --- NEW FILE: mx_multiple_blocks.php --- <?php /*************************************************************************** * mx_multiple_blocks.php * ------------------- * email : ban...@gm... * * ***************************************************************************/ $block_config = read_block_config( $block_id ); // check parameter for block count $block_ids = $block_config[$block_id][block_ids]['parameter_value']; $block_ids=explode(',',$block_ids); $nested_block_count = sizeof($block_ids); // settype($nested_block_count,'integer'); if ($nested_block_count<2) mx_message_die(GENERAL_ERROR, "Nested block count must be >=2.", "", __LINE__, __FILE__, ''); // check parameter block ids & check parameter for block count // if (sizeof($block_ids)!=$nested_block_count) // mx_message_die(GENERAL_ERROR, "Number of block ids must be equal to block count.", "", __LINE__, __FILE__, ''); // check parameter block sizes $block_sizes = $block_config[$block_id][block_sizes]['parameter_value']; $block_sizes=explode(',',$block_sizes); if (sizeof($block_sizes)!=$nested_block_count) mx_message_die(GENERAL_ERROR, "Number of block sizes must be equal to block count.", "", __LINE__, __FILE__, ''); // check parameter space $block_space = $block_config[$block_id][space_between]['parameter_value']; if ($block_space=='') mx_message_die(GENERAL_ERROR, "Space between nested blocks not set.", "", __LINE__, __FILE__, ''); // start the placement table echo '<table cellspacing="0" cellpadding="0" border="0" width="100%"><tr>'; for ($cell=0;$cell<$nested_block_count;$cell++) { $inner_block_id=$block_ids[$cell]; $inner_block_size=$block_sizes[$cell]; settype($inner_block_id,'integer'); // output a placement table for each single block and the optional space echo '<td width="'.$inner_block_size.'" valign="top"><table cellspacing="0" cellpadding="0" border="0" width="100%"><tr><td>'; // get the necessary info about this block $sql = "SELECT blk.block_id, module_path, function_file, auth_view FROM " . BLOCK_TABLE . " blk, " . FUNCTION_TABLE . " fnc, " . MODULE_TABLE . " modu WHERE blk.function_id = fnc.function_id AND fnc.module_id = modu.module_id AND blk.block_id = ".$inner_block_id; if(!$block_result = $db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, "Could not query modules information", "", __LINE__, __FILE__, $sql); } $block_row = $db->sql_fetchrow($block_result); $module_root_path=$block_row['module_path']; $block_file=$block_row['function_file']; $auth_view=$row['auth_view']; // check visibility (code from index.php) $is_auth_ary = array(); $is_auth_ary = block_auth(AUTH_VIEW, $inner_block_id , $userdata, $block_row, $block_row[auth_view] ); // output the block if ( $is_auth_ary[auth_view] ) { // set block id and block size as this must be correctly set for the inclusion to work $block_id=$inner_block_id; $block_size='100%'; // echo $module_root_path.$block_file; $template = new Template( $template->root, $board_config, $db); include($module_root_path . $block_file ); // output additional space between blocks if it is not the last block if ($cell<$nested_block_count-1) { echo '</td><td width="'.$block_space.'">'; echo '<img src="templates/spacer.gif" width="'.$block_spac... [truncated message content] |
