Menu
▾
▴
[mxbb-commits] core/includes/shared/phpbb2/includes bbcode.php, NONE, 1.1 emailer.php, NONE, 1.1 functions.php, NONE, 1.1 functions_admin.php, NONE, 1.1 functions_post.php, NONE, 1.1 functions_search.php, NONE, 1.1 functions_selects.php, NONE, 1.1 functions_validate.php, NONE, 1.1 smtp.php, NONE, 1.1
|
From: Jon O. <jon...@us...> - 2007-09-09 16:51:55
|
Update of /cvsroot/mxbb/core/includes/shared/phpbb2/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv10556/includes Added Files: bbcode.php emailer.php functions.php functions_admin.php functions_post.php functions_search.php functions_selects.php functions_validate.php smtp.php Log Message: Ok, massive update for 2.9.x. --- NEW FILE: functions.php --- <?php /*************************************************************************** * functions.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: functions.php,v 1.1 2007/09/09 16:51:51 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * ***************************************************************************/ // // Class phpBB2 - function container // class phpBB2 { function get_db_stat($mode) { global $db; switch( $mode ) { case 'usercount': $sql = "SELECT COUNT(user_id) AS total FROM " . USERS_TABLE . " WHERE user_id <> " . ANONYMOUS; break; case 'newestuser': $sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_id <> " . ANONYMOUS . " ORDER BY user_id DESC LIMIT 1"; break; case 'postcount': case 'topiccount': $sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total FROM " . FORUMS_TABLE; break; } if ( !($result = $db->sql_query($sql)) ) { return false; } $row = $db->sql_fetchrow($result); switch ( $mode ) { case 'usercount': return $row['total']; break; case 'newestuser': return $row; break; case 'postcount': return $row['post_total']; break; case 'topiccount': return $row['topic_total']; break; } return false; } // added at phpBB 2.0.11 to properly format the username function phpbb_clean_username($username) { $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25); $username = self::phpbb_rtrim($username, "\\"); $username = str_replace("'", "\'", $username); return $username; } /** * This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0 * Added in phpBB 2.0.18 */ function phpbb_ltrim($str, $charlist = false) { if ($charlist === false) { return ltrim($str); } $php_version = explode('.', PHP_VERSION); // php version < 4.1.0 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) { while ($str{0} == $charlist) { $str = substr($str, 1); } } else { $str = ltrim($str, $charlist); } return $str; } // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0) function phpbb_rtrim($str, $charlist = false) { if ($charlist === false) { return rtrim($str); } $php_version = explode('.', PHP_VERSION); // php version < 4.1.0 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) { while ($str{strlen($str)-1} == $charlist) { $str = substr($str, 0, strlen($str)-1); } } else { $str = rtrim($str, $charlist); } return $str; } /** * Our own generator of random values * This uses a constantly changing value as the base for generating the values * The board wide setting is updated once per page if this code is called * With thanks to Anthrax101 for the inspiration on this one * Added in phpBB 2.0.20 */ function dss_rand() { global $db, $board_config, $dss_seeded; $val = $board_config['rand_seed'] . microtime(); $val = md5($val); $board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a'); if($dss_seeded !== true) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . $board_config['rand_seed'] . "' WHERE config_name = 'rand_seed'"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql); } $dss_seeded = true; } return substr($val, 4, 16); } // // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced. // function get_userdata($user, $force_str = false) { global $db; if (!is_numeric($user) || $force_str) { $user = self::phpbb_clean_username($user); } else { $user = intval($user); } $sql = "SELECT * FROM " . USERS_TABLE . " WHERE "; $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql); } return ( $row = $db->sql_fetchrow($result) ) ? $row : false; } function make_jumpbox($action, $match_forum_id = 0) { global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID; // $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata); $sql = "SELECT c.cat_id, c.cat_title, c.cat_order FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f WHERE f.cat_id = c.cat_id GROUP BY c.cat_id, c.cat_title, c.cat_order ORDER BY c.cat_order"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, "Couldn't obtain category list.", "", __LINE__, __FILE__, $sql); } $category_rows = array(); while ( $row = $db->sql_fetchrow($result) ) { $category_rows[] = $row; } if ( $total_categories = count($category_rows) ) { $sql = "SELECT * FROM " . FORUMS_TABLE . " ORDER BY cat_id, forum_order"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql); } $boxstring = '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>'; $forum_rows = array(); while ( $row = $db->sql_fetchrow($result) ) { $forum_rows[] = $row; } if ( $total_forums = count($forum_rows) ) { for($i = 0; $i < $total_categories; $i++) { $boxstring_forums = ''; for($j = 0; $j < $total_forums; $j++) { if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG ) { // if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $is_auth[$forum_rows[$j]['forum_id']]['auth_view'] ) // { $selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : ''; $boxstring_forums .= '<option value="' . $forum_rows[$j]['forum_id'] . '"' . $selected . '>' . $forum_rows[$j]['forum_name'] . '</option>'; // // Add an array to $nav_links for the Mozilla navigation bar. // 'chapter' and 'forum' can create multiple items, therefore we are using a nested array. // $nav_links['chapter forum'][$forum_rows[$j]['forum_id']] = array ( 'url' => mx_append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id']), 'title' => $forum_rows[$j]['forum_name'] ); } } if ( $boxstring_forums != '' ) { $boxstring .= '<option value="-1"> </option>'; $boxstring .= '<option value="-1">' . $category_rows[$i]['cat_title'] . '</option>'; $boxstring .= '<option value="-1">----------------</option>'; $boxstring .= $boxstring_forums; } } } $boxstring .= '</select>'; } else { $boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>'; } // Let the jumpbox work again in sites having additional session id checks. // if ( !empty($SID) ) // { $boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; // } $template->set_filenames(array( 'jumpbox' => 'jumpbox.tpl') ); $template->assign_vars(array( 'L_GO' => $lang['Go'], 'L_JUMP_TO' => $lang['Jump_to'], 'L_SELECT_FORUM' => $lang['Select_forum'], 'S_JUMPBOX_SELECT' => $boxstring, 'S_JUMPBOX_ACTION' => mx_append_sid($action)) ); $template->assign_var_from_handle('JUMPBOX', 'jumpbox'); return; } // // Initialise user settings on page load /* function init_userprefs($userdata) { global $board_config, $theme, $images; global $template, $lang, $phpEx, $phpbb_root_path, $db; global $nav_links; if ( $userdata['user_id'] != ANONYMOUS ) { if ( !empty($userdata['user_lang'])) { $default_lang = self::phpbb_ltrim(basename(self::phpbb_rtrim($userdata['user_lang'])), "'"); } if ( !empty($userdata['user_dateformat']) ) { $board_config['default_dateformat'] = $userdata['user_dateformat']; } if ( isset($userdata['user_timezone']) ) { $board_config['board_timezone'] = $userdata['user_timezone']; } } else { $default_lang = self::phpbb_ltrim(basename(self::phpbb_rtrim($board_config['default_lang'])), "'"); } if ( !file_exists(@self::phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) ) { if ( $userdata['user_id'] != ANONYMOUS ) { // For logged in users, try the board default language next $default_lang = self::phpbb_ltrim(basename(self::phpbb_rtrim($board_config['default_lang'])), "'"); } else { // For guests it means the default language is not present, try english // This is a long shot since it means serious errors in the setup to reach here, // but english is part of a new install so it's worth us trying $default_lang = 'english'; } if ( !file_exists(@self::phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) ) { mx_message_die(CRITICAL_ERROR, 'Could not locate valid language pack'); } } // If we've had to change the value in any way then let's write it back to the database // before we go any further since it means there is something wrong with it if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_lang'] !== $default_lang ) { $sql = 'UPDATE ' . USERS_TABLE . " SET user_lang = '" . $default_lang . "' WHERE user_lang = '" . $userdata['user_lang'] . "'"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(CRITICAL_ERROR, 'Could not update user language info'); } $userdata['user_lang'] = $default_lang; } elseif ( $userdata['user_id'] === ANONYMOUS && $board_config['default_lang'] !== $default_lang ) { $sql = 'UPDATE ' . CONFIG_TABLE . " SET config_value = '" . $default_lang . "' WHERE config_name = 'default_lang'"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(CRITICAL_ERROR, 'Could not update user language info'); } } $board_config['default_lang'] = $default_lang; include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx); if ( defined('IN_ADMIN') ) { if( !file_exists(@self::phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx)) ) { $board_config['default_lang'] = 'english'; } include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx); } // // Set up style // if ( !$board_config['override_user_style'] ) { if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_style'] > 0 ) { if ( $theme = setup_style($userdata['user_style']) ) { return; } } } $theme = setup_style($board_config['default_style']); // // Mozilla navigation bar // Default items that should be valid on all pages. // Defined here to correctly assign the Language Variables // and be able to change the variables within code. // $nav_links['top'] = array ( 'url' => mx_append_sid($phpbb_root_path . 'index.' . $phpEx), 'title' => sprintf($lang['Forum_Index'], $board_config['sitename']) ); $nav_links['search'] = array ( 'url' => mx_append_sid($phpbb_root_path . 'search.' . $phpEx), 'title' => $lang['Search'] ); $nav_links['help'] = array ( 'url' => mx_append_sid($phpbb_root_path . 'faq.' . $phpEx), 'title' => $lang['FAQ'] ); $nav_links['author'] = array ( 'url' => mx_append_sid($phpbb_root_path . 'memberlist.' . $phpEx), 'title' => $lang['Memberlist'] ); return; } */ /* function setup_style($style) { global $db, $board_config, $template, $images, $phpbb_root_path; $sql = 'SELECT * FROM ' . THEMES_TABLE . ' WHERE themes_id = ' . (int) $style; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(CRITICAL_ERROR, 'Could not query database for theme info'); } if ( !($row = $db->sql_fetchrow($result)) ) { // We are trying to setup a style which does not exist in the database // Try to fallback to the board default (if the user had a custom style) // and then any users using this style to the default if it succeeds if ( $style != $board_config['default_style']) { $sql = 'SELECT * FROM ' . THEMES_TABLE . ' WHERE themes_id = ' . (int) $board_config['default_style']; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(CRITICAL_ERROR, 'Could not query database for theme info'); } if ( $row = $db->sql_fetchrow($result) ) { $db->sql_freeresult($result); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_style = ' . (int) $board_config['default_style'] . " WHERE user_style = $style"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(CRITICAL_ERROR, 'Could not update user theme info'); } } else { mx_message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]"); } } else { mx_message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]"); } } $template_path = 'templates/' ; $template_name = $row['template_name'] ; $template = new Template($phpbb_root_path . $template_path . $template_name); if ( $template ) { $current_template_path = $template_path . $template_name; @include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg'); if ( !defined('TEMPLATE_CONFIG') ) { mx_message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__); } $img_lang = ( file_exists(@self::phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english'; while( list($key, $value) = @each($images) ) { if ( !is_array($value) ) { $images[$key] = str_replace('{LANG}', 'lang_' . $img_lang, $value); } } } return $row; } */ function encode_ip($dotquad_ip) { $ip_sep = explode('.', $dotquad_ip); return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]); } function decode_ip($int_ip) { $hexipbang = explode('.', chunk_split($int_ip, 2, '.')); return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]); } // // Create date/time from format and timezone // function create_date($format, $gmepoch, $tz) { global $board_config, $lang; static $translate; if ( empty($translate) && $board_config['default_lang'] != 'english' ) { @reset($lang['datetime']); while ( list($match, $replace) = @each($lang['datetime']) ) { $translate[$match] = $replace; } } return ( !empty($translate) ) ? strtr(@gmdate($format, $gmepoch + (3600 * $tz)), $translate) : @gmdate($format, $gmepoch + (3600 * $tz)); } // // Pagination routine, generates // page number sequence // function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE) { global $lang; $total_pages = ceil($num_items/$per_page); if ( $total_pages == 1 ) { return ''; } $on_page = floor($start_item / $per_page) + 1; $page_string = ''; if ( $total_pages > 10 ) { $init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages; for($i = 1; $i < $init_page_max + 1; $i++) { $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . mx_append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; if ( $i < $init_page_max ) { $page_string .= ", "; } } if ( $total_pages > 3 ) { if ( $on_page > 1 && $on_page < $total_pages ) { $page_string .= ( $on_page > 5 ) ? ' ... ' : ', '; $init_page_min = ( $on_page > 4 ) ? $on_page : 5; $init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4; for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++) { $page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . mx_append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; if ( $i < $init_page_max + 1 ) { $page_string .= ', '; } } $page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', '; } else { $page_string .= ' ... '; } for($i = $total_pages - 2; $i < $total_pages + 1; $i++) { $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . mx_append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; if( $i < $total_pages ) { $page_string .= ", "; } } } } else { for($i = 1; $i < $total_pages + 1; $i++) { $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . mx_append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>'; if ( $i < $total_pages ) { $page_string .= ', '; } } } if ( $add_prevnext_text ) { if ( $on_page > 1 ) { $page_string = ' <a href="' . mx_append_sid($base_url . "&start=" . ( ( $on_page - 2 ) * $per_page ) ) . '">' . $lang['Previous'] . '</a> ' . $page_string; } if ( $on_page < $total_pages ) { $page_string .= ' <a href="' . mx_append_sid($base_url . "&start=" . ( $on_page * $per_page ) ) . '">' . $lang['Next'] . '</a>'; } } $page_string = $lang['Goto_page'] . ' ' . $page_string; return $page_string; } // // This does exactly what preg_quote() does in PHP 4-ish // If you just need the 1-parameter preg_quote call, then don't bother using this. // function phpbb_preg_quote($str, $delimiter) { $text = preg_quote($str); $text = str_replace($delimiter, '\\' . $delimiter, $text); return $text; } // // Obtain list of naughty words and build preg style replacement arrays for use by the // calling script, note that the vars are passed as references this just makes it easier // to return both sets of arrays // function obtain_word_list(&$orig_word, &$replacement_word) { global $db; // // Define censored word matches // $sql = "SELECT word, replacement FROM " . WORDS_TABLE; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get censored words from database', '', __LINE__, __FILE__, $sql); } if ( $row = $db->sql_fetchrow($result) ) { do { $orig_word[] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i'; $replacement_word[] = $row['replacement']; } while ( $row = $db->sql_fetchrow($result) ); } return true; } // // This is general replacement for die(), allows templated // output in users (or default) language, etc. // // $msg_code can be one of these constants: // // GENERAL_MESSAGE : Use for any simple text message, eg. results // of an operation, authorisation failures, etc. // // GENERAL ERROR : Use for any error which occurs _AFTER_ the // common.php include and session code, ie. most errors in // pages/functions // // CRITICAL_MESSAGE : Used when basic config data is available but // a session may not exist, eg. banned users // // CRITICAL_ERROR : Used when config data cannot be obtained, eg // no database connection. Should _not_ be used in 99.5% of cases // /* function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '') { global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links, $gen_simple_header, $images; global $userdata, $user_ip, $session_length; global $starttime; if(defined('HAS_DIED')) { die("mx_message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?"); } define('HAS_DIED', 1); $sql_store = $sql; // // Get SQL error if we are debugging. Do this as soon as possible to prevent // subsequent queries from overwriting the status of sql_error() // if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) ) { $sql_error = $db->sql_error(); $debug_text = ''; if ( $sql_error['message'] != '' ) { $debug_text .= '<br /><br />SQL Error : ' . $sql_error['code'] . ' ' . $sql_error['message']; } if ( $sql_store != '' ) { $debug_text .= "<br /><br />$sql_store"; } if ( $err_line != '' && $err_file != '' ) { $debug_text .= '<br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file); } } if( empty($userdata) && ( $msg_code == GENERAL_MESSAGE || $msg_code == GENERAL_ERROR ) ) { $userdata = session_pagestart($user_ip, PAGE_INDEX); init_userprefs($userdata); } // // If the header hasn't been output then do it // if ( !defined('HEADER_INC') && $msg_code != CRITICAL_ERROR ) { if ( empty($lang) ) { if ( !empty($board_config['default_lang']) ) { include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx); } else { include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx); } } if ( empty($template) || empty($theme) ) { $theme = setup_style($board_config['default_style']); } // // Load the Page Header // if ( !defined('IN_ADMIN') ) { include($phpbb_root_path . 'includes/page_header.'.$phpEx); } else { include($phpbb_root_path . 'admin/page_header_admin.'.$phpEx); } } switch($msg_code) { case GENERAL_MESSAGE: if ( $msg_title == '' ) { $msg_title = $lang['Information']; } break; case CRITICAL_MESSAGE: if ( $msg_title == '' ) { $msg_title = $lang['Critical_Information']; } break; case GENERAL_ERROR: if ( $msg_text == '' ) { $msg_text = $lang['An_error_occured']; } if ( $msg_title == '' ) { $msg_title = $lang['General_Error']; } break; case CRITICAL_ERROR: // // Critical errors mean we cannot rely on _ANY_ DB information being // available so we're going to dump out a simple echo'd statement // include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx); if ( $msg_text == '' ) { $msg_text = $lang['A_critical_error']; } if ( $msg_title == '' ) { $msg_title = 'phpBB : <b>' . $lang['Critical_Error'] . '</b>'; } break; } // // Add on DEBUG info if we've enabled debug mode and this is an error. This // prevents debug info being output for general messages should DEBUG be // set TRUE by accident (preventing confusion for the end user!) // if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) ) { if ( $debug_text != '' ) { $msg_text = $msg_text . '<br /><br /><b><u>DEBUG MODE</u></b>' . $debug_text; } } if ( $msg_code != CRITICAL_ERROR ) { if ( !empty($lang[$msg_text]) ) { $msg_text = $lang[$msg_text]; } if ( !defined('IN_ADMIN') ) { $template->set_filenames(array( 'message_body' => 'message_body.tpl') ); } else { $template->set_filenames(array( 'message_body' => 'admin/admin_message_body.tpl') ); } $template->assign_vars(array( 'MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text) ); $template->pparse('message_body'); if ( !defined('IN_ADMIN') ) { include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else { include($phpbb_root_path . 'admin/page_footer_admin.'.$phpEx); } } else { echo "<html>\n<body>\n" . $msg_title . "\n<br /><br />\n" . $msg_text . "</body>\n</html>"; } exit; } */ // // This function is for compatibility with PHP 4.x's realpath() // function. In later versions of PHP, it needs to be called // to do checks with some functions. Older versions of PHP don't // seem to need this, so we'll just return the original value. // dougk_ff7 <October 5, 2002> function phpbb_realpath($path) { global $phpbb_root_path, $phpEx; return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path); } function redirect($url) { global $db, $board_config; if (!empty($db)) { $db->sql_close(); } if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r") || strstr(urldecode($url), ';url')) { message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; $server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])); $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : ''; $script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])); $script_name = ($script_name == '') ? $script_name : '/' . $script_name; $url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url)); // Redirect via an HTML form for PITA webservers if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) { header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url); echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>'; exit; } // Behave as per HTTP/1.1 spec for others header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url); exit; } } ?> --- NEW FILE: smtp.php --- <?php /*************************************************************************** * smtp.php * ------------------- * begin : Wed May 09 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: smtp.php,v 1.1 2007/09/09 16:51:51 jonohlsson Exp $ * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ define('SMTP_INCLUDED', 1); // // This function has been modified as provided // by SirSir to allow multiline responses when // using SMTP Extensions // function server_parse($socket, $response, $line = __LINE__) { $server_response = ''; while (substr($server_response, 3, 1) != ' ') { if (!($server_response = fgets($socket, 256))) { mx_message_die(GENERAL_ERROR, "Couldn't get mail server response codes", "", $line, __FILE__); } } if (!(substr($server_response, 0, 3) == $response)) { mx_message_die(GENERAL_ERROR, "Ran into problems sending Mail. Response: $server_response", "", $line, __FILE__); } } // Replacement or substitute for PHP's mail command function smtpmail($mail_to, $subject, $message, $headers = '') { global $board_config; // Fix any bare linefeeds in the message to make it RFC821 Compliant. $message = preg_replace("#(?<!\r)\n#si", "\r\n", $message); if ($headers != '') { if (is_array($headers)) { if (sizeof($headers) > 1) { $headers = join("\n", $headers); } else { $headers = $headers[0]; } } $headers = chop($headers); // Make sure there are no bare linefeeds in the headers $headers = preg_replace('#(?<!\r)\n#si', "\r\n", $headers); // Ok this is rather confusing all things considered, // but we have to grab bcc and cc headers and treat them differently // Something we really didn't take into consideration originally $header_array = explode("\r\n", $headers); @reset($header_array); $headers = ''; while(list(, $header) = each($header_array)) { if (preg_match('#^cc:#si', $header)) { $cc = preg_replace('#^cc:(.*)#si', '\1', $header); } else if (preg_match('#^bcc:#si', $header)) { $bcc = preg_replace('#^bcc:(.*)#si', '\1', $header); $header = ''; } $headers .= ($header != '') ? $header . "\r\n" : ''; } $headers = chop($headers); $cc = explode(', ', $cc); $bcc = explode(', ', $bcc); } if (trim($subject) == '') { mx_message_die(GENERAL_ERROR, "No email Subject specified", "", __LINE__, __FILE__); } if (trim($message) == '') { mx_message_die(GENERAL_ERROR, "Email message was blank", "", __LINE__, __FILE__); } // Ok we have error checked as much as we can to this point let's get on // it already. if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) ) { mx_message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__); } // Wait for reply server_parse($socket, "220", __LINE__); // Do we want to use AUTH?, send RFC2554 EHLO, else send RFC821 HELO // This improved as provided by SirSir to accomodate if( !empty($board_config['smtp_username']) && !empty($board_config['smtp_password']) ) { fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n"); server_parse($socket, "250", __LINE__); fputs($socket, "AUTH LOGIN\r\n"); server_parse($socket, "334", __LINE__); fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n"); server_parse($socket, "334", __LINE__); fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n"); server_parse($socket, "235", __LINE__); } else { fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n"); server_parse($socket, "250", __LINE__); } // From this point onward most server response codes should be 250 // Specify who the mail is from.... fputs($socket, "MAIL FROM: <" . $board_config['board_email'] . ">\r\n"); server_parse($socket, "250", __LINE__); // Specify each user to send to and build to header. $to_header = ''; // Add an additional bit of error checking to the To field. $mail_to = (trim($mail_to) == '') ? 'Undisclosed-recipients:;' : trim($mail_to); if (preg_match('#[^ ]+\@[^ ]+#', $mail_to)) { fputs($socket, "RCPT TO: <$mail_to>\r\n"); server_parse($socket, "250", __LINE__); } // Ok now do the CC and BCC fields... @reset($bcc); while(list(, $bcc_address) = each($bcc)) { // Add an additional bit of error checking to bcc header... $bcc_address = trim($bcc_address); if (preg_match('#[^ ]+\@[^ ]+#', $bcc_address)) { fputs($socket, "RCPT TO: <$bcc_address>\r\n"); server_parse($socket, "250", __LINE__); } } @reset($cc); while(list(, $cc_address) = each($cc)) { // Add an additional bit of error checking to cc header $cc_address = trim($cc_address); if (preg_match('#[^ ]+\@[^ ]+#', $cc_address)) { fputs($socket, "RCPT TO: <$cc_address>\r\n"); server_parse($socket, "250", __LINE__); } } // Ok now we tell the server we are ready to start sending data fputs($socket, "DATA\r\n"); // This is the last response code we look for until the end of the message. server_parse($socket, "354", __LINE__); // Send the Subject Line... fputs($socket, "Subject: $subject\r\n"); // Now the To Header. fputs($socket, "To: $mail_to\r\n"); // Now any custom headers.... fputs($socket, "$headers\r\n\r\n"); // Ok now we are ready for the message... fputs($socket, "$message\r\n"); // Ok the all the ingredients are mixed in let's cook this puppy... fputs($socket, ".\r\n"); server_parse($socket, "250", __LINE__); // Now tell the server we are done and close the socket... fputs($socket, "QUIT\r\n"); fclose($socket); return TRUE; } ?> --- NEW FILE: functions_admin.php --- <?php /*************************************************************************** * functions_admin.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: functions_admin.php,v 1.1 2007/09/09 16:51:51 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * ***************************************************************************/ // // Simple version of jumpbox, just lists authed forums // function make_forum_select($box_name, $ignore_forum = false, $select_forum = '') { global $db, $userdata; $is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata); $sql = 'SELECT f.forum_id, f.forum_name FROM ' . CATEGORIES_TABLE . ' c, ' . FORUMS_TABLE . ' f WHERE f.cat_id = c.cat_id ORDER BY c.cat_order, f.forum_order'; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Couldn not obtain forums information', '', __LINE__, __FILE__, $sql); } $forum_list = ''; while( $row = $db->sql_fetchrow($result) ) { if ( $is_auth_ary[$row['forum_id']]['auth_read'] && $ignore_forum != $row['forum_id'] ) { $selected = ( $select_forum == $row['forum_id'] ) ? ' selected="selected"' : ''; $forum_list .= '<option value="' . $row['forum_id'] . '"' . $selected .'>' . $row['forum_name'] . '</option>'; } } $forum_list = ( $forum_list == '' ) ? '<option value="-1">-- ! No Forums ! --</option>' : '<select name="' . $box_name . '">' . $forum_list . '</select>'; return $forum_list; } // // Synchronise functions for forums/topics // function sync($type, $id = false) { global $db; switch($type) { case 'all forums': $sql = "SELECT forum_id FROM " . FORUMS_TABLE; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get forum IDs', '', __LINE__, __FILE__, $sql); } while( $row = $db->sql_fetchrow($result) ) { sync('forum', $row['forum_id']); } break; case 'all topics': $sql = "SELECT topic_id FROM " . TOPICS_TABLE; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql); } while( $row = $db->sql_fetchrow($result) ) { sync('topic', $row['topic_id']); } break; case 'forum': $sql = "SELECT MAX(post_id) AS last_post, COUNT(post_id) AS total FROM " . POSTS_TABLE . " WHERE forum_id = $id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get post ID', '', __LINE__, __FILE__, $sql); } if ( $row = $db->sql_fetchrow($result) ) { $last_post = ( $row['last_post'] ) ? $row['last_post'] : 0; $total_posts = ($row['total']) ? $row['total'] : 0; } else { $last_post = 0; $total_posts = 0; } $sql = "SELECT COUNT(topic_id) AS total FROM " . TOPICS_TABLE . " WHERE forum_id = $id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get topic count', '', __LINE__, __FILE__, $sql); } $total_topics = ( $row = $db->sql_fetchrow($result) ) ? ( ( $row['total'] ) ? $row['total'] : 0 ) : 0; $sql = "UPDATE " . FORUMS_TABLE . " SET forum_last_post_id = $last_post, forum_posts = $total_posts, forum_topics = $total_topics WHERE forum_id = $id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update forum', '', __LINE__, __FILE__, $sql); } break; case 'topic': $sql = "SELECT MAX(post_id) AS last_post, MIN(post_id) AS first_post, COUNT(post_id) AS total_posts FROM " . POSTS_TABLE . " WHERE topic_id = $id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not get post ID', '', __LINE__, __FILE__, $sql); } if ( $row = $db->sql_fetchrow($result) ) { if ($row['total_posts']) { // Correct the details of this topic $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . " WHERE topic_id = $id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql); } } else { // There are no replies to this topic // Check if it is a move stub $sql = 'SELECT topic_moved_id FROM ' . TOPICS_TABLE . " WHERE topic_id = $id"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { if (!$row['topic_moved_id']) { $sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql); } } } $db->sql_freeresult($result); } } break; } return true; } ?> --- NEW FILE: functions_post.php --- <?php /*************************************************************************** * functions_post.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: functions_post.php,v 1.1 2007/09/09 16:51:51 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ if (!defined('IN_PHPBB')) { die('Hacking attempt'); } $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#'); $html_entities_replace = array('&', '<', '>', '"'); $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); $unhtml_specialchars_replace = array('>', '<', '"', '&'); // // This function will prepare a posted message for // entry into the database. // function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0) { global $board_config, $html_entities_match, $html_entities_replace; // // Clean up the message // $message = trim($message); if ($html_on) { // If HTML is on, we try to make it safe // This approach is quite agressive and anything that does not look like a valid tag // is going to get converted to HTML entities $message = stripslashes($message); $html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#'; $matches = array(); $message_split = preg_split($html_match, $message); preg_match_all($html_match, $message, $matches); $message = ''; foreach ($message_split as $part) { $tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2])); $message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag); } $message = addslashes($message); $message = str_replace('"', '\"', $message); } else { $message = preg_replace($html_entities_match, $html_entities_replace, $message); } if($bbcode_on && $bbcode_uid != '') { $message = bbencode_first_pass($message, $bbcode_uid); } return $message; } function unprepare_message($message) { global $unhtml_specialchars_match, $unhtml_specialchars_replace; return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $message); } // // Prepare a message for posting // function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length) { global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path; // Check username if (!empty($username)) { $username = phpbb_clean_username($username); if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username'])) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); $result = validate_username($username); if ($result['error']) { $error_msg .= (!empty($error_msg)) ? '<br />' . $result['error_msg'] : $result['error_msg']; } } else { $username = ''; } } // Check subject if (!empty($subject)) { $subject = htmlspecialchars(trim($subject)); } else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject']; } // Check message if (!empty($message)) { $bbcode_uid = ($bbcode_on) ? make_bbcode_uid() : ''; $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); } else if ($mode != 'delete' && $mode != 'poll_delete') { $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message']; } // // Handle poll stuff // if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0; if (!empty($poll_title)) { $poll_title = htmlspecialchars(trim($poll_title)); } if(!empty($poll_options)) { $temp_option_text = array(); while(list($option_id, $option_text) = @each($poll_options)) { $option_text = trim($option_text); if (!empty($option_text)) { $temp_option_text[intval($option_id)] = htmlspecialchars($option_text); } } $option_text = $temp_option_text; if (count($poll_options) < 2) { $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options']; } else if (count($poll_options) > $board_config['max_poll_options']) { $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options']; } else if ($poll_title == '') { $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title']; } } } return; } // // Post a new topic/reply/poll or edit existing post/poll // function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; include($phpbb_root_path . 'includes/functions_search.'.$phpEx); $current_time = time(); if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') { // // Flood control // $where_sql = ($userdata['user_id'] == ANONYMOUS) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id']; $sql = "SELECT MAX(post_time) AS last_post_time FROM " . POSTS_TABLE . " WHERE $where_sql"; if ($result = $db->sql_query($sql)) { if ($row = $db->sql_fetchrow($result)) { if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($board_config['flood_interval'])) { mx_message_die(GENERAL_MESSAGE, $lang['Flood_Error']); } } } } if ($mode == 'editpost') { remove_search_post($post_id); } if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0; $sql = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type " . (($post_data['edit_vote'] || !empty($poll_title)) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode == 'newtopic') { $topic_id = $db->sql_nextid(); } } $edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : ""; $sql = ($mode != "editpost") ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)" : "UPDATE " . POSTS_TABLE . " SET post_username = '$post_username', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . " WHERE post_id = $post_id"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode != 'editpost') { $post_id = $db->sql_nextid(); } $sql = ($mode != 'editpost') ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject)); // // Add poll // if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2) { $sql = (!$post_data['has_poll']) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ($poll_length * 86400) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ($poll_length * 86400) . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $delete_option_sql = ''; $old_poll_result = array(); if ($mode == 'editpost' && $post_data['has_poll']) { $sql = "SELECT vote_option_id, vote_result FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id = $poll_id ORDER BY vote_option_id ASC"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $old_poll_result[$row['vote_option_id']] = $row['vote_result']; if (!isset($poll_options[$row['vote_option_id']])) { $delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id']; } } } else { $poll_id = $db->sql_nextid(); } @reset($poll_options); $poll_option_id = 1; while (list($option_id, $option_text) = each($poll_options)) { if (!empty($option_text)) { $option_text = str_replace("\'", "''", htmlspecialchars($option_text)); $poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0; $sql = ($mode != "editpost" || !isset($old_poll_result[$option_id])) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $poll_option_id++; } } if ($delete_option_sql != '') { $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_option_id IN ($delete_option_sql) AND vote_id = $poll_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql); } } } $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">'; $message = $lang['Stored'] . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); return false; } // // Update post stats and details // function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$user_id) { global $db; $sign = ($mode == 'delete') ? '- 1' : '+ 1'; $forum_update_sql = "forum_posts = forum_posts $sign"; $topic_update_sql = ''; if ($mode == 'delete') { if ($post_data['last_post']) { if ($post_data['first_post']) { $forum_update_sql .= ', forum_topics = forum_topics - 1'; } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; $sql = "SELECT MAX(post_id) AS last_post_id FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $topic_update_sql .= ', topic_last_post_id = ' . $row['last_post_id']; } } if ($post_data['last_topic']) { $sql = "SELECT MAX(post_id) AS last_post_id FROM " . POSTS_TABLE . " WHERE forum_id = $forum_id"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $forum_update_sql .= ($row['last_post_id']) ? ', forum_last_post_id = ' . $row['last_post_id'] : ', forum_last_post_id = 0'; } } } else if ($post_data['first_post']) { $sql = "SELECT MIN(post_id) AS first_post_id FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $topic_update_sql .= 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $row['first_post_id']; } } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; } } else if ($mode != 'poll_delete') { $forum_update_sql .= ", forum_last_post_id = $post_id" . (($mode == 'newtopic') ? ", forum_topics = forum_topics $sign" : ""); $topic_update_sql = "topic_last_post_id = $post_id" . (($mode == 'reply') ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id"); } else { $topic_update_sql .= 'topic_vote = 0'; } if ($mode != 'poll_delete') { $sql = "UPDATE " . FORUMS_TABLE . " SET $forum_update_sql WHERE forum_id = $forum_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } if ($topic_update_sql != '') { $sql = "UPDATE " . TOPICS_TABLE . " SET $topic_update_sql WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } if ($mode != 'poll_delete') { $sql = "UPDATE " . USERS_TABLE . " SET user_posts = user_posts $sign WHERE user_id = $user_id"; if (!$db->sql_query($sql, END_TRANSACTION)) { mx_message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } return; } // // Delete a post/poll // function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; if ($mode != 'poll_delete') { include($phpbb_root_path . 'includes/functions_search.'.$phpEx); $sql = "DELETE FROM " . POSTS_TABLE . " WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($post_data['last_post']) { if ($post_data['first_post']) { $forum_update_sql .= ', forum_topics = forum_topics - 1'; $sql = "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $topic_id OR topic_moved_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } } } remove_search_post($post_id); } if ($mode == 'poll_delete' || ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) && $post_data['has_poll'] && $post_data['edit_poll']) { $sql = "DELETE FROM " . VOTE_DESC_TABLE . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id = $poll_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $poll_id"; if (!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } } if ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) { $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $forum_id) . '">'; $message = $lang['Deleted']; } else { $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . '=' . $topic_id) . '">'; $message = (($mode == 'poll_delete') ? $lang['Poll_delete'] : $lang['Deleted']) . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); } $message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); return; } // // Handle user notification on new post // function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; $current_time = time(); if ($mode != 'delete') { if ($mode == 'reply') { $sql = "SELECT ban_userid FROM " . BANLIST_TABLE; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql); } $user_id_sql = ''; while ($row = $db->sql_fetchrow($result)) { if (isset($row['ban_userid']) && !empty($row['ban_userid'])) { $user_id_sql .= ', ' . $row['ban_userid']; } } $sql = "SELECT u.user_id, u.user_email, u.user_lang FROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u WHERE tw.topic_id = $topic_id AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ") AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " AND u.user_id = tw.user_id"; if (!($result = $db->sql_query($sql))) { mx_message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql); } $update_watched_sql = ''; $bcc_list_ary = array(); if ($row = $db->sql_fetchrow($result)) { // Sixty second limit @set_time_limit(60); do { if ($row['user_email'] != '') { $bcc_list_ary[$row['user_lang']][] = $row['user_email']; } $update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id']; } while ($row = $db->sql_fetchrow($result)); // // Let's do some checking to make sure that mass mail functions // are working in win32 versions of php. // if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) { $ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var'; // We are running on windows, force delivery to use our smtp functions // since php's are broken by default $board_config['smtp_delivery'] = 1; $board_config['smtp_host'] = @$ini_val('SMTP'); } if (sizeof($bcc_list_ary)) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path'])); $script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx; $server_name = trim($board_config['server_name']); $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/'; $orig_word = array(); $replacement_word = array(); phpBB2::obtain_word_list($orig_word, $replacement_word); $emailer->from($board_config['board_email']); $emailer->replyto($board_config['board_email']); $topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title); @reset($bcc_list_ary); while (list($user_lang, $bcc_list) = each($bcc_list_ary)) { $emailer->use_template('topic_notify', $user_lang); for ($i = 0; $i < count($bcc_list); $i++) { $emailer->bcc($bcc_list[$i]); } // The Topic_reply_notification lang string below will be used // if for some reason the mail template subject cannot be read // ... note it will not necessarily be in the posters own language! $emailer->set_subject($lang['Topic_reply_notification']); // This is a nasty kludge to remove the username var ... till (if?) // translators update their templates $emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg); $emailer->assign_vars(array( 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'SITENAME' => $board_config['sitename'], 'TOPIC_TITLE' => $to... [truncated message content] |
