| [Top level directory] [Classes] [Functions] [Constants] [Variables] |
XMB Open Source Forum Software - PHP Cross Reference |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * eXtreme Message Board 4 * XMB 1.9.11 5 * 6 * Developed And Maintained By The XMB Group 7 * Copyright (c) 2001-2010, The XMB Group 8 * http://www.xmbforum.com 9 * 10 * Sponsored By iEntry, Inc. 11 * http://www.ientry.com 12 * 13 * This program is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU General Public License 15 * as published by the Free Software Foundation; either version 2 16 * of the License, or (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program. If not, see <http://www.gnu.org/licenses/>. 25 * 26 **/ 27 28 29 /* Front Matter */ 30 31 if (!defined('X_SCRIPT')) { 32 header('HTTP/1.0 403 Forbidden'); 33 exit("Not allowed to run this file directly."); 34 } 35 if (!defined('ROOT')) define('ROOT', './'); 36 error_reporting(-1); // Report all errors until config.php loads successfully. 37 define('IN_CODE', TRUE); 38 require ROOT.'include/global.inc.php'; 39 40 41 /* Global Constants and Initialized Values */ 42 43 $versioncompany = 'The XMB Group'; 44 $versionshort = '1.9.11'; 45 $versiongeneral = 'XMB 1.9.11'; 46 $copyright = '2001-2010'; 47 $alpha = ''; 48 $beta = ''; 49 $gamma = ''; 50 $service_pack = ''; 51 $versionbuild = 20100126; 52 $mtime = explode(" ", microtime()); 53 $starttime = $mtime[1] + $mtime[0]; 54 $onlinetime = time(); 55 $time = $onlinetime; 56 $selHTML = 'selected="selected"'; 57 $cheHTML = 'checked="checked"'; 58 $server = substr($_SERVER['SERVER_SOFTWARE'], 0, 3); 59 $url = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''; 60 $onlineip = $_SERVER['REMOTE_ADDR']; 61 62 $canonical_link = ''; 63 $cookiepath = ''; 64 $cookiedomain = ''; 65 $bbcodescript = ''; 66 $database = ''; 67 $threadSubject = ''; 68 $filesize = 0; 69 $filename = ''; 70 $filetype = ''; 71 $full_url = ''; 72 $navigation = ''; 73 $newu2umsg = ''; 74 $othertid = ''; 75 $pluglink = ''; 76 $quickjump = ''; 77 $searchlink = ''; 78 $smiliesnum = 0; 79 $status = ''; 80 $wordsnum = 0; 81 $xmbuser = ''; 82 $xmbpw = ''; 83 84 $SETTINGS = array(); 85 $THEME = array(); 86 $censorcache = array(); 87 $footerstuff = array(); 88 $links = ''; 89 $lang = array(); 90 $mailer = array(); 91 $plugadmin = array(); 92 $plugimg = array(); 93 $plugname = array(); 94 $plugurl = array(); 95 $smiliecache = array(); 96 $tables = array( 97 'attachments', 98 'banned', 99 'buddys', 100 'captchaimages', 101 'favorites', 102 'forums', 103 'lang_base', 104 'lang_keys', 105 'lang_text', 106 'logs', 107 'members', 108 'posts', 109 'ranks', 110 'restricted', 111 'settings', 112 'smilies', 113 'templates', 114 'themes', 115 'threads', 116 'u2u', 117 'whosonline', 118 'words', 119 'vote_desc', 120 'vote_results', 121 'vote_voters' 122 ); 123 124 define('X_CACHE_GET', 1); 125 define('X_CACHE_PUT', 2); 126 define('X_ONLINE_TIMER', 600); // Visitors are offline after this many seconds. 127 define('X_REDIRECT_HEADER', 1); 128 define('X_REDIRECT_JS', 2); 129 define('X_SET_HEADER', 1); 130 define('X_SET_JS', 2); 131 define('X_SHORTEN_SOFT', 1); 132 define('X_SHORTEN_HARD', 2); 133 // permissions constants 134 define('X_PERMS_COUNT', 4); //Number of raw bit sets stored in postperm setting. 135 // indexes used in permissions arrays 136 define('X_PERMS_RAWPOLL', 0); 137 define('X_PERMS_RAWTHREAD', 1); 138 define('X_PERMS_RAWREPLY', 2); 139 define('X_PERMS_RAWVIEW', 3); 140 define('X_PERMS_POLL', 40); 141 define('X_PERMS_THREAD', 41); 142 define('X_PERMS_REPLY', 42); 143 define('X_PERMS_VIEW', 43); //View is now = Rawview || Userlist 144 define('X_PERMS_USERLIST', 44); 145 define('X_PERMS_PASSWORD', 45); 146 // status string to bit field assignments 147 $status_enum = array( 148 'Super Administrator' => 1, 149 'Administrator' => 2, 150 'Super Moderator' => 4, 151 'Moderator' => 8, 152 'Member' => 16, 153 'Guest' => 32, 154 '' => 32, 155 'Reserved-Future-Use' => 64, 156 'Banned' => (1 << 30) 157 ); //$status['Banned'] == 2^30 158 // status bit to $lang key assignments 159 $status_translate = array( 160 1 => 'superadmin', 161 2 => 'textadmin', 162 4 => 'textsupermod', 163 8 => 'textmod', 164 16 => 'textmem', 165 32 => 'textguest1', 166 (1 << 30) => 'textbanned' 167 ); 168 169 // discover the most likely browser 170 // so we can use bbcode specifically made for it 171 $browser = 'opera'; // default to opera 172 if (isset($_SERVER['HTTP_USER_AGENT'])) { 173 if (false !== strpos($_SERVER['HTTP_USER_AGENT'], 'Gecko') && false === strpos($_SERVER['HTTP_USER_AGENT'], 'Safari')) { 174 $browser = 'mozilla'; 175 } 176 if (false !== strpos($_SERVER['HTTP_USER_AGENT'], 'Opera')) { 177 $browser = 'opera'; 178 } 179 if (false !== strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')) { 180 $browser = 'ie'; 181 } 182 } 183 define('IS_MOZILLA', ($browser == 'mozilla')); 184 define('IS_OPERA', ($browser == 'opera')); 185 define('IS_IE', ($browser == 'ie')); 186 187 assertEmptyOutputStream('header.php or global.inc.php'); 188 189 190 /* Load the Configuration Created by Install */ 191 192 require ROOT.'config.php'; 193 assertEmptyOutputStream('config.php'); 194 195 if (!$show_full_info) { 196 $versionshort = ''; 197 $versiongeneral = 'XMB'; 198 $alpha = ''; 199 $beta = ''; 200 $gamma = ''; 201 $service_pack = ''; 202 $versionbuild = '[HIDDEN]'; 203 } else { 204 $versiongeneral .= ' '; 205 } 206 $versionlong = 'Powered by '.$versiongeneral.$alpha.$beta.$gamma.$service_pack; 207 208 if (!defined('DEBUG')) define('DEBUG', FALSE); 209 if (!defined('LOG_MYSQL_ERRORS')) define('LOG_MYSQL_ERRORS', FALSE); 210 211 if (DEBUG) { 212 require (ROOT.'include/debug.inc.php'); 213 assertEmptyOutputStream('debug.inc.php'); 214 } else { 215 error_reporting(E_ERROR | E_PARSE | E_USER_ERROR); 216 } 217 218 $config_array = array( 219 'dbname' => 'DB/NAME', 220 'dbuser' => 'DB/USER', 221 'dbpw' => 'DB/PW', 222 'dbhost' => 'DB_HOST', 223 'database' => 'DB_TYPE', 224 'tablepre' => 'TABLE/PRE', 225 'full_url' => 'FULLURL', 226 'ipcheck' => 'IPCHECK', 227 'allow_spec_q' => 'SPECQ', 228 'show_full_info' => 'SHOWFULLINFO', 229 'comment_output' => 'COMMENTOUTPUT' 230 ); 231 foreach($config_array as $key => $value) { 232 if (${$key} === $value) { 233 header('HTTP/1.0 500 Internal Server Error'); 234 exit('Configuration Problem: XMB noticed that your config.php has not been fully configured.<br />The $'.$key.' has not been configured correctly.<br /><br />Please configure config.php before continuing.<br />Refresh the browser after uploading the new config.php (when asked if you want to resubmit POST data, click the \'OK\'-button).'); 235 } 236 } 237 unset($config_array); 238 239 240 /* Validate URL Configuration and Security */ 241 242 if (empty($full_url)) { 243 header('HTTP/1.0 500 Internal Server Error'); 244 exit('<b>ERROR: </b><i>Please fill the $full_url variable in your config.php!</i>'); 245 } else { 246 $array = parse_url($full_url); 247 248 $cookiesecure = ($array['scheme'] == 'https'); 249 250 $cookiedomain = $array['host']; 251 if (strpos($cookiedomain, '.') === FALSE || preg_match("/^([0-9]{1,3}\.){3}[0-9]{1,3}$/", $cookiedomain)) { 252 $cookiedomain = ''; 253 } elseif (substr($cookiedomain, 0, 4) === 'www.') { 254 $cookiedomain = substr($cookiedomain, 3); 255 } 256 257 if (!isset($array['path'])) { 258 $array['path'] = '/'; 259 } 260 $cookiepath = $array['path']; 261 262 if (DEBUG) { 263 debugURLsettings($cookiesecure, $cookiedomain, $cookiepath); 264 } elseif (0 == strlen($url)) { 265 header('HTTP/1.0 500 Internal Server Error'); 266 exit('Error: URL Not Found. Set DEBUG to TRUE in config.php to see diagnostic details.'); 267 } 268 unset($array); 269 } 270 271 // Common XSS Protection: XMB disallows '<' and unencoded ':/' in all URLs. 272 if (X_SCRIPT != 'search.php') { 273 $url_check = Array('%3c', '<', ':/'); 274 foreach($url_check as $name) { 275 if (strpos(strtolower($url), $name) !== FALSE) { 276 header('HTTP/1.0 403 Forbidden'); 277 exit('403 Forbidden - URL rejected by XMB'); 278 } 279 } 280 unset($url_check); 281 } 282 283 // Check for double-slash problems in REQUEST_URI 284 if (substr($url, 0, strlen($cookiepath)) != $cookiepath Or substr($url, strlen($cookiepath), 1) == '/') { 285 $fixed_url = str_replace('//', '/', $url); 286 if (substr($fixed_url, 0, strlen($cookiepath)) != $cookiepath Or substr($fixed_url, strlen($cookiepath), 1) == '/' Or $fixed_url != preg_replace('/[^\x20-\x7e]/', '', $fixed_url)) { 287 header('HTTP/1.0 404 Not Found'); 288 exit('XMB detected an invalid URL. Set DEBUG to TRUE in config.php to see diagnostic details.'); 289 } else { 290 $fixed_url = $full_url.substr($fixed_url, strlen($cookiepath)); 291 header('HTTP/1.0 301 Moved Permanently'); 292 header("Location: $fixed_url"); 293 exit('XMB detected an invalid URL'); 294 } 295 } 296 297 298 /* Assert Additional Security */ 299 300 if (file_exists('./install/')) { 301 header('HTTP/1.0 500 Internal Server Error'); 302 exit('<h1>Error:</h1><br />The installation files ("./install/") have been found on the server. Please remove them as soon as possible. If you have not yet installed XMB, please do so at this time. Just <a href="./install/index.php">click here</a>.'); 303 } 304 if (file_exists('./Upgrade/') && !@rmdir('./Upgrade/') Or file_exists('./upgrade/') && !@rmdir('./upgrade/')) { 305 header('HTTP/1.0 503 Service Unavailable'); 306 header('Retry-After: 3600'); 307 exit('<h1>Error:</h1><br />The upgrade tool ("./upgrade/") has been found on the server, but could not be removed. Please remove it as soon as possible.'); 308 } 309 if (file_exists('./upgrade.php') And X_SCRIPT != 'upgrade.php') { 310 header('HTTP/1.0 503 Service Unavailable'); 311 header('Retry-After: 3600'); 312 exit('<h1>Error:</h1><br />The upgrade tool ("./upgrade.php") has been found on the server. Please remove it as soon as possible.'); 313 } 314 315 //Checks the IP-format, if it's not a IPv4 type, it will be blocked, safe to remove.... 316 if ($ipcheck == 'on') { 317 if (1 != preg_match('@^(\\d{1,3}\\.){3}\\d{1,3}$@', $onlineip)) { 318 header('HTTP/1.0 403 Forbidden'); 319 exit("Access to this website is currently not possible as your hostname/IP appears suspicous."); 320 } 321 } 322 323 324 /* Load Common Files and Establish Database Connection */ 325 326 define('X_PREFIX', $tablepre); // Secured table prefix constant 327 328 require ROOT.'db/'.$database.'.php'; 329 assertEmptyOutputStream('db/'.$database.'.php'); 330 331 require ROOT.'include/validate.inc.php'; 332 assertEmptyOutputStream('validate.inc.php'); 333 334 require ROOT.'include/functions.inc.php'; 335 assertEmptyOutputStream('functions.inc.php'); 336 337 $db = new dbstuff; 338 $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); 339 340 // Make all settings global, and put them in the $SETTINGS[] array 341 $squery = $db->query("SELECT * FROM ".X_PREFIX."settings"); 342 if ($db->num_rows($squery) == 0) { 343 header('HTTP/1.0 500 Internal Server Error'); 344 exit('Fatal Error: The XMB settings table is empty.'); 345 } 346 foreach($db->fetch_array($squery) as $key => $val) { 347 $$key = $val; 348 $SETTINGS[$key] = $val; 349 } 350 $db->free_result($squery); 351 352 if ($postperpage < 5) { 353 $postperpage = 30; 354 } 355 356 if ($topicperpage < 5) { 357 $topicperpage = 30; 358 } 359 360 if ($memberperpage < 5) { 361 $memberperpage = 30; 362 } 363 364 if ($onlinetodaycount < 5) { 365 $onlinetodaycount = 30; 366 } 367 368 // Validate maxattachsize with PHP configuration. 369 $inimax = phpShorthandValue('upload_max_filesize'); 370 if ($inimax < $SETTINGS['maxattachsize']) { 371 $SETTINGS['maxattachsize'] = $inimax; 372 } 373 unset($inimax); 374 375 376 /* Set Global HTTP Headers */ 377 378 if (X_SCRIPT != 'files.php') { 379 header("Cache-Control: no-store, no-cache, must-revalidate"); // HTTP/1.1 380 header("Cache-Control: post-check=0, pre-check=0", false); 381 header("Pragma: no-cache"); 382 } 383 384 // Fix annoying bug in windows... *sigh* 385 $action = postedVar('action', '', FALSE, FALSE, FALSE, 'g'); 386 if ($action != 'attachment' && !($action == 'templates' && isset($download)) && !($action == 'themes' && isset($download))) { 387 header("Content-type: text/html"); 388 } 389 390 // Update last visit cookies 391 $xmblva = getInt('xmblva', 'c'); // Last visit 392 $xmblvb = getInt('xmblvb', 'c'); // Duration of this visit (considered to be up to 600 seconds) 393 394 if ($xmblvb > 0) { 395 $thetime = $xmblvb; // lvb will expire in 600 seconds, so if it's there, we're in a current session 396 } else if ($xmblva > 0) { 397 $thetime = $xmblva; // Not currently logged in, so let's get the time from the last visit 398 } else { 399 $thetime = $onlinetime; // no cookie at all, so this is your first visit 400 } 401 402 put_cookie('xmblva', $onlinetime, ($onlinetime + (86400*365)), $cookiepath, $cookiedomain); // lva == now 403 put_cookie('xmblvb', $thetime, ($onlinetime + X_ONLINE_TIMER), $cookiepath, $cookiedomain); // lvb = 404 405 $lastvisit = $thetime; 406 407 if (isset($oldtopics)) { 408 put_cookie('oldtopics', $oldtopics, ($onlinetime + X_ONLINE_TIMER), $cookiepath, $cookiedomain); 409 } 410 411 412 /* Authorize User, Set Up Session, and Load Language Translation */ 413 414 $serror = ''; 415 416 // Check if the client is ip-banned 417 if ($SETTINGS['ip_banning'] == 'on') { 418 $ips = explode(".", $onlineip); 419 $query = $db->query("SELECT id FROM ".X_PREFIX."banned WHERE ((ip1='$ips[0]' OR ip1='-1') AND (ip2='$ips[1]' OR ip2='-1') AND (ip3='$ips[2]' OR ip3='-1') AND (ip4='$ips[3]' OR ip4='-1')) AND NOT (ip1='-1' AND ip2='-1' AND ip3='-1' AND ip4='-1')"); 420 $result = $db->num_rows($query); 421 $db->free_result($query); 422 if ($result > 0) { 423 // Block all non-admins 424 $serror = 'ip'; 425 } 426 } 427 428 // Check if the board is offline 429 if ($SETTINGS['bbstatus'] == 'off' And $serror == '') { 430 if (($action == 'login' Or $action == 'lostpw') And X_SCRIPT == 'misc.php') { 431 // Allow login 432 } elseif ($SETTINGS['regstatus'] == 'on' And ($action == 'reg' Or $action == 'coppa' Or $action == 'captchaimage') And (X_SCRIPT == 'misc.php' Or X_SCRIPT == 'member.php')) { 433 // Allow registration 434 } else { 435 // Block all non-admins 436 $serror = 'bstatus'; 437 } 438 } 439 440 // Check if the board is set to 'reg-only' 441 if ($SETTINGS['regviewonly'] == 'on' And $serror == '') { 442 if (($action == 'login' Or $action == 'lostpw') And X_SCRIPT == 'misc.php') { 443 // Allow login 444 } elseif ($SETTINGS['regstatus'] == 'on' And ($action == 'reg' Or $action == 'coppa' Or $action == 'captchaimage') And (X_SCRIPT == 'misc.php' Or X_SCRIPT == 'member.php')) { 445 // Allow registration 446 } else { 447 // Block all guests 448 $serror = 'guest'; 449 } 450 } 451 452 $uinput = postedVar('xmbuser', '', FALSE, TRUE, FALSE, 'c'); 453 $pinput = postedVar('xmbpw', '', FALSE, FALSE, FALSE, 'c'); 454 if (!elevateUser($uinput, $pinput, FALSE, $serror)) { 455 // Delete cookies when authentication fails. 456 if ($uinput != '') { 457 put_cookie("xmbuser", '', 0, $cookiepath, $cookiedomain); 458 put_cookie("xmbpw", '', 0, $cookiepath, $cookiedomain); 459 } 460 } 461 unset($uinput, $pinput); 462 463 464 /* Set Up HTML Templates and Themes */ 465 466 // Create a base element so that links aren't broken if scripts are accessed using unexpected paths. 467 // XMB expects all links to be relative to $full_url + script name + query string. 468 $querystring = strstr($url, '?'); 469 if ($querystring === FALSE) { 470 $querystring = ''; 471 } 472 $querystring = preg_replace('/[^\x20-\x7e]/', '', $querystring); 473 if ($url == $cookiepath) { 474 $baseelement = '<base href="'.$full_url.'" />'; 475 } else { 476 $baseelement = '<base href="'.$full_url.X_SCRIPT.attrOut($querystring).'" />'; 477 } 478 479 // login/logout links 480 if (X_MEMBER) { 481 if (X_ADMIN) { 482 $cplink = ' - <a href="cp.php">'.$lang['textcp'].'</a>'; 483 } else { 484 $cplink = ''; 485 } 486 $loginout = '<a href="misc.php?action=logout">'.$lang['textlogout'].'</a>'; 487 $memcp = '<a href="memcp.php">'.$lang['textusercp'].'</a>'; 488 $u2ulink = "<a href=\"u2u.php\" onclick=\"Popup(this.href, 'Window', 700, 450); return false;\">{$lang['banu2u']}</a> - "; 489 $notify = $lang['loggedin'].' <a href="member.php?action=viewpro&member='.recodeOut($xmbuser).'">'.$xmbuser.'</a><br />['.$loginout.' - '.$u2ulink.''.$memcp.''.$cplink.']'; 490 491 // Update lastvisit in the header shown 492 $theTime = $xmblva + ($self['timeoffset'] * 3600) + ($SETTINGS['addtime'] * 3600); 493 $lastdate = gmdate($dateformat, $theTime); 494 $lasttime = gmdate($timecode, $theTime); 495 $lastvisittext = $lang['lastactive'].' '.$lastdate.' '.$lang['textat'].' '.$lasttime; 496 } else { 497 // Checks for the possibility to register 498 if ($SETTINGS['regstatus'] == 'on') { 499 $reglink = '- <a href="member.php?action=coppa">'.$lang['textregister'].'</a>'; 500 } else { 501 $reglink = ''; 502 } 503 $loginout = '<a href="misc.php?action=login">'.$lang['textlogin'].'</a>'; 504 $notify = $lang['notloggedin'].' ['.$loginout.' '.$reglink.']'; 505 $lastvisittext = ''; 506 } 507 508 // Get themes, [fid, [tid]] 509 $forumtheme = 0; 510 $fid = getInt('fid', 'r'); 511 $tid = getInt('tid', 'r'); 512 if ($tid > 0 && $action != 'templates') { 513 $query = $db->query("SELECT f.fid, f.theme FROM ".X_PREFIX."forums f RIGHT JOIN ".X_PREFIX."threads t USING (fid) WHERE t.tid=$tid"); 514 $locate = $db->fetch_array($query); 515 $db->free_result($query); 516 $fid = $locate['fid']; 517 $forumtheme = $locate['theme']; 518 } else if ($fid > 0) { 519 $forum = getForum($fid); 520 if (($forum['type'] != 'forum' && $forum['type'] != 'sub') || $forum['status'] != 'on') { 521 $forumtheme = 0; 522 } else { 523 $forumtheme = $forum['theme']; 524 } 525 } 526 527 // Check what theme to use 528 $validtheme = FALSE; 529 if (!$validtheme And (int) $themeuser > 0) { 530 $theme = (int) $themeuser; 531 $query = $db->query("SELECT * FROM ".X_PREFIX."themes WHERE themeid=$theme"); 532 if (!$validtheme = ($db->num_rows($query) > 0)) { 533 $themeuser = 0; 534 $db->query("UPDATE ".X_PREFIX."members SET theme=0 WHERE uid={$self['uid']}"); 535 } 536 } 537 if (!$validtheme And (int) $forumtheme > 0) { 538 $theme = (int) $forumtheme; 539 $query = $db->query("SELECT * FROM ".X_PREFIX."themes WHERE themeid=$theme"); 540 if (!$validtheme = ($db->num_rows($query) > 0)) { 541 $themeuser = 0; 542 $db->query("UPDATE ".X_PREFIX."forums SET theme=0 WHERE fid=$fid"); 543 } 544 } 545 if (!$validtheme) { 546 $theme = (int) $SETTINGS['theme']; 547 $query = $db->query("SELECT * FROM ".X_PREFIX."themes WHERE themeid=$theme"); 548 $validtheme = ($db->num_rows($query) > 0); 549 } 550 if (!$validtheme) { 551 $query = $db->query("SELECT * FROM ".X_PREFIX."themes LIMIT 1"); 552 if ($validtheme = ($db->num_rows($query) > 0)) { 553 $row = $db->fetch_array($query); 554 $SETTINGS['theme'] = $row['themeid']; 555 $db->query("UPDATE ".X_PREFIX."settings SET theme={$SETTINGS['theme']}"); 556 $db->data_seek($query, 0); 557 } 558 } 559 if (!$validtheme) { 560 header('HTTP/1.0 500 Internal Server Error'); 561 exit('Fatal Error: The XMB themes table is empty.'); 562 } 563 564 // Make theme-vars semi-global 565 foreach($db->fetch_array($query) as $key=>$val) { 566 if ($key != "name") { 567 $$key = $val; 568 } else { 569 $val = stripslashes($val); 570 } 571 $THEME[$key] = $val; 572 } 573 $db->free_result($query); 574 575 // additional CSS to load? 576 if (file_exists(ROOT.$imgdir.'/theme.css')) { 577 $cssInclude = '<style type="text/css">'."\n"."@import url('".$imgdir."/theme.css');"."\n".'</style>'; 578 } else { 579 $cssInclude = ''; 580 } 581 582 // Alters certain visibility-variables 583 if (false === strpos($bgcolor, '.')) { 584 $bgcode = "background-color: $bgcolor;"; 585 } else { 586 $bgcode = "background-image: url('$imgdir/$bgcolor');"; 587 } 588 589 if (false === strpos($catcolor, '.')) { 590 $catbgcode = "bgcolor=\"$catcolor\""; 591 $catcss = 'background-color: '.$catcolor.';'; 592 } else { 593 $catbgcode = "style=\"background-image: url($imgdir/$catcolor)\""; 594 $catcss = 'background-image: url('.$imgdir.'/'.$catcolor.');'; 595 } 596 597 if (false === strpos($top, '.')) { 598 $topbgcode = "bgcolor=\"$top\""; 599 } else { 600 $topbgcode = "style=\"background-image: url($imgdir/$top)\""; 601 } 602 603 if (false !== strpos($boardimg, ',')) { 604 $flashlogo = explode(",",$boardimg); 605 //check if it's an URL or just a filename 606 $l = array(); 607 $l = parse_url($flashlogo[0]); 608 if (!isset($l['scheme']) || !isset($l['host'])) { 609 $flashlogo[0] = $imgdir.'/'.$flashlogo[0]; 610 } 611 $logo = '<object type="application/x-shockwave-flash" data="'.$flashlogo[0].'" width="'.$flashlogo[1].'" height="'.$flashlogo[2].'"><param name="movie" value="'.$flashlogo[0].'" /><param name="AllowScriptAccess" value="never" /></object>'; 612 } else { 613 $l = array(); 614 $l = parse_url($boardimg); 615 if (!isset($l['scheme']) || !isset($l['host'])) { 616 $boardimg = $imgdir.'/'.$boardimg; 617 } 618 $logo = '<a href="./"><img src="'.$boardimg.'" alt="'.$bbname.'" border="0" /></a>'; 619 } 620 621 // Font stuff... 622 $fontedit = preg_replace('#(\D)#', '', $fontsize); 623 $fontsuf = preg_replace('#(\d)#', '', $fontsize); 624 $font1 = $fontedit-1 . $fontsuf; 625 $font3 = $fontedit+2 . $fontsuf; 626 627 // Set Extra Theme Keys 628 $THEME['bgcode'] = $bgcode; 629 $THEME['font1'] = $font1; 630 $THEME['font3'] = $font3; 631 632 633 /* Theme Ready. Make pretty errors. */ 634 635 switch ($serror) { 636 case 'ip': 637 if (!X_ADMIN) { 638 header('HTTP/1.0 403 Forbidden'); 639 error($lang['bannedmessage']); 640 } 641 break; 642 case 'bstatus': 643 if (!X_ADMIN) { 644 header('HTTP/1.0 503 Service Unavailable'); 645 header('Retry-After: 3600'); 646 if ($bboffreason != '') { 647 message(nl2br($bboffreason)); 648 } else { 649 message($lang['textbstatusdefault']); 650 } 651 } 652 break; 653 case 'guest': 654 if (X_GUEST) { 655 if ($SETTINGS['regstatus'] == 'on') { 656 $message = $lang['reggedonly'].' '.$reglink.' '.$lang['textor'].' <a href="misc.php?action=login">'.$lang['textlogin'].'</a>'; 657 } else { 658 $message = $lang['reggedonly'].' <a href="misc.php?action=login">'.$lang['textlogin'].'</a>'; 659 } 660 message($message); 661 } 662 break; 663 } 664 665 666 /* Finish HTML Templates */ 667 668 if ((X_ADMIN Or $SETTINGS['bbstatus'] == 'on') And (X_MEMBER Or $SETTINGS['regviewonly'] == 'off')) { 669 670 $links = array(); 671 672 // Search-link 673 $searchlink = makeSearchLink(); 674 675 // Faq-link 676 if ($SETTINGS['faqstatus'] == 'on') { 677 $links[] = '<img src="'.$imgdir.'/top_faq.gif" alt="'.$lang['altfaq'].'" border="0" /> <a href="faq.php"><font class="navtd">'.$lang['textfaq'].'</font></a>'; 678 } 679 680 // Memberlist-link 681 if ($SETTINGS['memliststatus'] == 'on') { 682 $links[] = '<img src="'.$imgdir.'/top_memberslist.gif" alt="'.$lang['altmemberlist'].'" border="0" /> <a href="misc.php?action=list"><font class="navtd">'.$lang['textmemberlist'].'</font></a>'; 683 } 684 685 // Today's posts-link 686 if ($SETTINGS['todaysposts'] == 'on') { 687 $links[] = '<img src="'.$imgdir.'/top_todaysposts.gif" alt="'.$lang['alttodayposts'].'" border="0" /> <a href="today.php"><font class="navtd">'.$lang['navtodaysposts'].'</font></a>'; 688 } 689 690 // Stats-link 691 if ($SETTINGS['stats'] == 'on') { 692 $links[] = '<img src="'.$imgdir.'/top_stats.gif" alt="'.$lang['altstats'].'" border="0" /> <a href="stats.php"><font class="navtd">'.$lang['navstats'].'</font></a>'; 693 } 694 695 // 'Forum Rules'-link 696 if ($SETTINGS['bbrules'] == 'on') { 697 $links[] = '<img src="'.$imgdir.'/top_bbrules.gif" alt="'.$lang['altrules'].'" border="0" /> <a href="faq.php?page=forumrules"><font class="navtd">'.$lang['textbbrules'].'</font></a>'; 698 } 699 700 $links = implode(' ', $links); 701 702 // Show all plugins 703 $pluglinks = array(); 704 foreach($plugname as $plugnum => $item) { 705 if (!empty($plugurl[$plugnum]) && !empty($plugname[$plugnum])) { 706 if (trim($plugimg[$plugnum]) != '') { 707 $img = ' <img src="'.$plugimg[$plugnum].'" border="0" alt="'.$plugname[$plugnum].'" /> '; 708 } else { 709 $img = ''; 710 } 711 712 if ($plugadmin[$plugnum] != true || X_ADMIN) { 713 $pluglinks[] = $img.'<a href="'.$plugurl[$plugnum].'"><font class="navtd">'.$plugname[$plugnum].'</font></a> '; 714 } 715 } 716 } 717 718 if (count($pluglinks) == 0) { 719 $pluglink = ''; 720 } else { 721 $pluglink = implode(' ', $pluglinks); 722 } 723 724 // create forum jump 725 if ($SETTINGS['quickjump_status'] == 'on') { 726 $quickjump = forumJump(); 727 } 728 729 // check for new u2u's 730 if (X_MEMBER) { 731 $query = $db->query("SELECT COUNT(*) FROM ".X_PREFIX."u2u WHERE owner='$xmbuser' AND folder='Inbox' AND readstatus='no'"); 732 $newu2unum = $db->result($query, 0); 733 $db->free_result($query); 734 if ($newu2unum > 0) { 735 $newu2umsg = "<a href=\"u2u.php\" onclick=\"Popup(this.href, 'Window', 700, 450); return false;\">{$lang['newu2u1']} $newu2unum {$lang['newu2u2']}</a>"; 736 // Popup Alert 737 if ($self['u2ualert'] == 2 Or ($self['u2ualert'] == 1 And X_SCRIPT == 'index.php')) { 738 $newu2umsg .= '<script language="JavaScript" type="text/javascript">function u2uAlert() { '; 739 if ($newu2unum == 1) { 740 $newu2umsg .= 'u2uAlertMsg = "'.$lang['newu2u1'].' '.$newu2unum.$lang['u2ualert5'].'"; '; 741 } else { 742 $newu2umsg .= 'u2uAlertMsg = "'.$lang['newu2u1'].' '.$newu2unum.$lang['u2ualert6'].'"; '; 743 } 744 $newu2umsg .= "if (confirm(u2uAlertMsg)) { Popup('u2u.php', 'testWindow', 700, 450); } } setTimeout('u2uAlert();', 10);</script>"; 745 } 746 } 747 } 748 } 749 750 751 /* Perform HTTP Connection Maintenance */ 752 753 assertEmptyOutputStream('header.php'); 754 755 // Gzip-compression 756 if ($SETTINGS['gzipcompress'] == 'on' 757 && $action != 'captchaimage' 758 && X_SCRIPT != 'files.php' 759 && !DEBUG) { 760 if (($res = @ini_get('zlib.output_compression')) > 0) { 761 // leave it 762 } else if ($res === false) { 763 // ini_get not supported. So let's just leave it 764 } else { 765 if (function_exists('gzopen')) { 766 $r = @ini_set('zlib.output_compression', 4096); 767 $r2 = @ini_set('zlib.output_compression_level', '3'); 768 if (FALSE === $r || FALSE === $r2) { 769 ob_start('ob_gzhandler'); 770 } 771 } else { 772 ob_start('ob_gzhandler'); 773 } 774 } 775 } 776 777 assertEmptyOutputStream('header.php'); 778 return; 779 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Jan 26 20:11:23 2010 | Home | Forum | Download | SVN | Bug Tracker | Documentation | Cross-referenced by PHPXref 0.7 |