$pref_name) {
$retrieve_prefs[$key] = preg_replace("/\W/", '', $pref_name);
}
} else {
unset($retrieve_prefs);
}
// setup error handling first of all.
$error_handler = new error_handler();
set_error_handler(array(&$error_handler, "handle_error"));
// Honest global beginning point for processing time
$eTimingStart = microtime();
$start_ob_level = ob_get_level();
define("e107_INIT", TRUE);
// setup some php options
ini_set('magic_quotes_runtime', 0);
ini_set('magic_quotes_sybase', 0);
ini_set('arg_separator.output', '&');
ini_set('session.use_only_cookies', 1);
ini_set('session.use_trans_sid', 0);
// Ensure thet '.' is the first part of the include path
$inc_path = explode(PATH_SEPARATOR, ini_get('include_path'));
if($inc_path[0] != ".") {
array_unshift($inc_path, ".");
$inc_path = implode(PATH_SEPARATOR, $inc_path);
ini_set("include_path", $inc_path);
}
unset($inc_path);
// Grab e107_config, get directory paths, and create the $e107 object
@include_once(realpath(dirname(__FILE__).'/e107_config.php'));
if(!isset($ADMIN_DIRECTORY)){
// e107_config.php is either empty, not valid or doesn't exist so redirect to installer..
header("Location: install.php");
}
// clever stuff that figures out where the paths are on the fly.. no more need fo hard-coded e_HTTP :)
e107_require_once(realpath(dirname(__FILE__).'/'.$HANDLERS_DIRECTORY).'/e107_class.php');
$e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY', 'THEMES_DIRECTORY', 'PLUGINS_DIRECTORY', 'HANDLERS_DIRECTORY', 'LANGUAGES_DIRECTORY', 'HELP_DIRECTORY', 'DOWNLOADS_DIRECTORY');
$e107 = new e107($e107_paths, realpath(dirname(__FILE__)));
$inArray = array("'", ";", "/**/", "/UNION/", "/SELECT/", "AS ");
if (strpos($_SERVER['PHP_SELF'], "trackback") === false) {
foreach($inArray as $res) {
if(stristr($_SERVER['QUERY_STRING'], $res)) {
die("Access denied.");
}
}
}
if (preg_match("#\[(.*?)](.*)#", $_SERVER['QUERY_STRING'], $matches)) {
define("e_MENU", $matches[1]);
define("e_QUERY", $matches[2]);
parse_str(e_MENU, $_emenu);
if(isset($_emenu['lan']))
{
$_GET['elan'] = $_emenu['lan'];
}
} else {
define("e_MENU", "");
define("e_QUERY", $_SERVER['QUERY_STRING']);
}
$e_QUERY = e_QUERY;
define("e_TBQS", $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = e_QUERY;
define("e_UC_PUBLIC", 0);
define("e_UC_READONLY", 251);
define("e_UC_GUEST", 252);
define("e_UC_MEMBER", 253);
define("e_UC_ADMIN", 254);
define("e_UC_NOBODY", 255);
define("ADMINDIR", $ADMIN_DIRECTORY);
// All debug objects and constants are defined in the debug handler
if (strpos(e_MENU, 'debug') !== FALSE || isset($_COOKIE['e107_debug_level'])) {
require_once(e_HANDLER.'debug_handler.php');
$db_debug = new e107_db_debug;
} else {
define('E107_DEBUG_LEVEL',0);
}
if(isset($db_debug) && is_object($db_debug)) {
$db_debug->Mark_Time('Start: Init ErrHandler');
}
// e107_config.php upgrade check
if (!$ADMIN_DIRECTORY && !$DOWNLOADS_DIRECTORY) {
message_handler("CRITICAL_ERROR", 8, ": generic, ", "e107_config.php");
exit;
}
@require_once(e_HANDLER.'traffic_class.php');
$eTraffic=new e107_traffic; // We start traffic counting ASAP
$eTraffic->Calibrate($eTraffic);
define("MPREFIX", $mySQLprefix);
e107_require_once(e_HANDLER."mysql_class.php");
e107_require_once(e_HANDLER.'e_parse_class.php');
$tp = new e_parse;
$sql =& new db;
$sql2 =& new db;
$sql->db_SetErrorReporting(FALSE);
$sql->db_Mark_Time('Start: SQL Connect');
$merror=$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb);
$sql->db_Mark_Time('Start: Prefs, misc tables');
require_once(e_HANDLER.'admin_log_class.php');
$admin_log = new e_admin_log();
if ($merror == "e1") {
message_handler("CRITICAL_ERROR", 6, ": generic, ", "class2.php");
exit;
}
else if ($merror == "e2") {
message_handler("CRITICAL_ERROR", 7, ": generic, ", "class2.php");
exit;
}
/* New compatabilty mode.
At a later date add a check to load e107 compat mode by $pref
PHP Compatabilty should *always* be on. */
e107_require_once(e_HANDLER."php_compatibility_handler.php");
e107_require_once(e_HANDLER."e107_Compat_handler.php");
$aj = new textparse; // required for backwards compatibility with 0.6 plugins.
e107_require_once(e_HANDLER."pref_class.php");
$sysprefs = new prefs;
// Extract core prefs from the database
e107_require_once(e_HANDLER.'cache_handler.php');
e107_require_once(e_HANDLER.'arraystorage_class.php');
$eArrayStorage = new ArrayData();
$sql->db_Mark_Time('Start: Extracting Core Prefs');
$PrefCache = ecache::retrieve('SitePrefs', 24 * 60, true);
if(!$PrefCache){
// No cache of the prefs array, going for the db copy..
$retrieve_prefs[] = 'SitePrefs';
$sysprefs->ExtractPrefs($retrieve_prefs, TRUE);
$PrefData = $sysprefs->get('SitePrefs');
$pref = $eArrayStorage->ReadArray($PrefData);
if(!$pref){
$admin_log->log_event("Core Prefs Error", "Core is attempting to restore prefs from automatic backup.", E_LOG_WARNING);
// Try for the automatic backup..
$PrefData = $sysprefs->get('SitePrefs_Backup');
$pref = $eArrayStorage->ReadArray($PrefData);
if(!$pref){
// No auto backup, try for the 'old' prefs system.
$PrefData = $sysprefs->get('pref');
$pref = unserialize($PrefData);
if(!is_array($pref)){
message_handler("CRITICAL_ERROR", 3, __LINE__, __FILE__);
// No old system, so point in the direction of resetcore :(
message_handler("CRITICAL_ERROR", 4, __LINE__, __FILE__);
$admin_log->log_event("Core Prefs Error", "Core could not restore from automatic backup. Execution halted.", E_LOG_FATAL);
exit;
} else {
// old prefs found, remove old system, and update core with new system
$PrefOutput = $eArrayStorage->WriteArray($pref);
if(!$sql->db_Update('core', "e107_value='{$PrefOutput}' WHERE e107_name='SitePrefs'")){
$sql->db_Insert('core', "'SitePrefs', '{$PrefOutput}'");
}
if(!$sql->db_Update('core', "e107_value='{$PrefOutput}' WHERE e107_name='SitePrefs_Backup'")){
$sql->db_Insert('core', "'SitePrefs_Backup', '{$PrefOutput}'");
}
$sql->db_Delete('core', "`e107_name` = 'pref'");
}
} else {
message_handler("CRITICAL_ERROR", 3, __LINE__, __FILE__);
// auto backup found, use backup to restore the core
if(!$sql->db_Update('core', "`e107_value` = '".addslashes($PrefData)."' WHERE `e107_name` = 'SitePrefs'")){
$sql->db_Insert('core', "'SitePrefs', '".addslashes($PrefData)."'");
}
}
}
// write pref cache array
$PrefCache = $eArrayStorage->WriteArray($pref, false);
// store the prefs in cache if cache is enabled
ecache::set('SitePrefs', $PrefCache);
} else {
// cache of core prefs was found, so grab all the useful core rows we need
$sysprefs->DefaultIgnoreRows .= '|SitePrefs';
$sysprefs->prefVals['core']['SitePrefs'] = $PrefCache;
if(isset($retrieve_prefs))
{
$sysprefs->ExtractPrefs($retrieve_prefs, TRUE);
}
$pref = $eArrayStorage->ReadArray($PrefCache);
}
$e107->set_base_path();
// extract menu prefs
$menu_pref = unserialize(stripslashes($sysprefs->get('menu_pref')));
$sql->db_Mark_Time('(Extracting Core Prefs Done)');
define("SITEURLBASE", ($pref['ssl_enabled'] == '1' ? "https://" : "http://").$_SERVER['HTTP_HOST']);
define("SITEURL", SITEURLBASE.e_HTTP);
// if a cookie name pref isn't set, make one :)
if (!$pref['cookie_name']) {
$pref['cookie_name'] = "e107cookie";
}
// start a session if session based login is enabled
if ($pref['user_tracking'] == "session") {
session_start();
}
define("e_SELF", ($pref['ssl_enabled'] == '1' ? "https://".$_SERVER['HTTP_HOST'].($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_FILENAME']) : "http://".$_SERVER['HTTP_HOST'].($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_FILENAME'])));
// if the option to force users to use a particular url for the site is enabled, redirect users there
if($pref['redirectsiteurl'] && $pref['siteurl']) {
$siteurl = SITEURLBASE."/";
if (strpos($pref['siteurl'], $siteurl) === FALSE && strpos(e_SELF, ADMINDIR) === FALSE) {
$location = str_replace($siteurl, $pref['siteurl'], e_SELF).(e_QUERY ? "?".e_QUERY : "");
header("Location: {$location}", true, 301); // send 301 header, not 302
exit();
}
}
$page = substr(strrchr($_SERVER['PHP_SELF'], "/"), 1);
define("e_PAGE", $page);
// sort out the users language selection
if (isset($_POST['setlanguage']) || isset($_GET['elan'])) {
if($_GET['elan']){ // query support, for language selection splash pages. etc
$_POST['sitelanguage'] = $_GET['elan'];
}
$sql->mySQLlanguage = $_POST['sitelanguage'];
if ($pref['user_tracking'] == "session") {
$_SESSION['e107language_'.$pref['cookie_name']] = $_POST['sitelanguage'];
} else {
setcookie('e107language_'.$pref['cookie_name'], $_POST['sitelanguage'], time() + 86400, "/");
$_COOKIE['e107language_'.$pref['cookie_name']] = $_POST['sitelanguage'];
if (strpos(e_SELF, ADMINDIR) === FALSE) {
$locat = (!$_GET['elan'] && e_QUERY) ? e_SELF."?".e_QUERY : e_SELF;
header("Location:".$locat);
}
}
}
$user_language='';
// Multi-language options.
if (isset($pref['multilanguage']) && $pref['multilanguage']) {
if ($pref['user_tracking'] == "session") {
$user_language=(array_key_exists('e107language_'.$pref['cookie_name'], $_SESSION) ? $_SESSION['e107language_'.$pref['cookie_name']] : "");
$sql->mySQLlanguage=($user_language) ? $user_language : "";
} else {
$user_language=$_COOKIE['e107language_'.$pref['cookie_name']];
$sql->mySQLlanguage=($user_language) ? $user_language : "";
}
}
// Get Language List for rights checking.
if(!$tmplan = getcachedvars("language-list")){
$handle=opendir(e_LANGUAGEDIR);
while ($file = readdir($handle)) {
if (is_dir(e_LANGUAGEDIR.$file) && $file !="." && $file !=".." && $file !="CVS") {
$lanlist[] = $file;
}
}
closedir($handle);
$tmplan = implode(",",$lanlist);
cachevars("language-list", $tmplan);
}
define("e_LANLIST",(isset($tmplan) ? $tmplan : ""));
$sql->db_Mark_Time('(Start: Pref/multilang done)');
$language=(isset($_COOKIE['e107language_'.$pref['cookie_name']]) ? $_COOKIE['e107language_'.$pref['cookie_name']] : ($pref['sitelanguage'] ? $pref['sitelanguage'] : "English"));
define("e_LAN", $language);
define("USERLAN", ($user_language && (strpos(e_SELF, $PLUGINS_DIRECTORY) !== FALSE || (strpos(e_SELF, $ADMIN_DIRECTORY) === FALSE && file_exists(e_LANGUAGEDIR.$user_language."/lan_".e_PAGE)) || (strpos(e_SELF, $ADMIN_DIRECTORY) !== FALSE && file_exists(e_LANGUAGEDIR.$user_language."/admin/lan_".e_PAGE)) || file_exists(dirname($_SERVER['SCRIPT_FILENAME'])."/languages/".$user_language."/lan_".e_PAGE) || ( (strpos(e_SELF, $ADMIN_DIRECTORY) == FALSE) && (strpos(e_SELF, $PLUGINS_DIRECTORY) == FALSE) && file_exists(e_LANGUAGEDIR.$user_language."/".$user_language.".php") ) ) ? $user_language : FALSE));
define("e_LANGUAGE", (!USERLAN || !defined("USERLAN") ? $language : USERLAN));
e107_include(e_LANGUAGEDIR.e_LANGUAGE."/".e_LANGUAGE.".php");
e107_include_once(e_LANGUAGEDIR.e_LANGUAGE."/".e_LANGUAGE."_custom.php");
define("MAGIC_QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE));
// online user tracking class
$e_online = new e_online();
// cache class
$e107cache = new ecache;
if (isset($pref['del_unv']) && $pref['del_unv'] && $pref['user_reg_veri'] != 2) {
$threshold=(time() - ($pref['del_unv'] * 60));
$sql->db_Delete("user", "user_ban = 2 AND user_join < '{$threshold}' ");
}
e107_require_once(e_HANDLER."override_class.php");
$override=new override;
e107_require_once(e_HANDLER."event_class.php");
$e_event=new e107_event;
if (isset($pref['notify']) && $pref['notify'] == true) {
e107_require_once(e_HANDLER.'notify_class.php');
}
$sql -> db_Mark_Time('Start: Init session');
init_session();
if (isset($pref['modules']) && $pref['modules']) {
$mods=explode(",", $pref['modules']);
foreach ($mods as $mod) {
if (is_readable(e_PLUGIN."{$mod}/module.php")) {
require_once(e_PLUGIN."{$mod}/module.php");
}
}
}
//########### Module redefinable functions ###############
if (!function_exists('checkvalidtheme')) {
function checkvalidtheme($theme_check) {
// arg1 = theme to check
global $ADMIN_DIRECTORY, $tp, $e107;
if (strpos(e_QUERY, "themepreview") !== FALSE) {
list($action, $id) = explode('.', e_QUERY);
require_once(e_HANDLER."theme_handler.php");
$themeArray = themeHandler :: getThemes("id");
define("PREVIEWTHEME", e_THEME.$themeArray[$id]."/");
define("PREVIEWTHEMENAME", $themeArray[$id]);
define("THEME", e_THEME.$themeArray[$id]."/");
define("THEME_ABS", e_THEME_ABS.$themeArray[$id]."/");
return;
}
if (@fopen(e_THEME.$theme_check."/theme.php", "r")) {
define("THEME", e_THEME.$theme_check."/");
define("THEME_ABS", e_THEME_ABS.$theme_check."/");
$e107->site_theme = $theme_check;
} else {
function search_validtheme() {
global $e107;
$th=substr(e_THEME, 0, -1);
$handle=opendir($th);
while ($file = readdir($handle)) {
if (is_dir(e_THEME.$file) && is_readable(e_THEME.$file.'/theme.php')) {
closedir($handle);
$e107->site_theme = $file;
return $file;
}
}
closedir($handle);
}
$e107tmp_theme = search_validtheme();
define("THEME", e_THEME.$e107tmp_theme."/");
define("THEME_ABS", e_THEME_ABS.$e107tmp_theme."/");
if (ADMIN && strpos(e_SELF, $ADMIN_DIRECTORY) === FALSE) {
echo '';
}
}
$themes_dir = $e107->e107_dirs["THEMES_DIRECTORY"];
$e107->http_theme_dir = "{$e107->server_path}{$themes_dir}{$e107->site_theme}/";
}
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
if (!class_exists('e107_table')) {
class e107table {
function tablerender($caption, $text, $mode = "default", $return = false) {
/*
# Render style table
# - parameter #1: string $caption, caption text
# - parameter #2: string $text, body text
# - return null
# - scope public
*/
global $override;
if ($override_tablerender = $override->override_check('tablerender')) {
$result=call_user_func($override_tablerender, $caption, $text, $mode, $return);
if ($result == "return") {
return;
}
extract($result);
}
if ($return) {
ob_start();
tablestyle($caption, $text, $mode);
$ret=ob_get_contents();
ob_end_clean();
return $ret;
} else {
tablestyle($caption, $text, $mode);
}
}
}
}
//#############################################################
$ns=new e107table;
$e107->ban();
if($pref['force_userupdate'] && USER) {
if(force_userupdate()) {
header("Location: ".e_BASE."usersettings.php?update");
}
}
$sql->db_Mark_Time('Start: Signup/splash/admin');
define("e_SIGNUP", e_BASE.(file_exists(e_BASE."customsignup.php") ? "customsignup.php" : "signup.php"));
define("e_LOGIN", e_BASE.(file_exists(e_BASE."customlogin.php") ? "customlogin.php" : "login.php"));
if ($pref['membersonly_enabled'] && !USER && e_PAGE != e_SIGNUP && e_PAGE != "index.php" && e_PAGE != "fpw.php" && e_PAGE != e_LOGIN && strpos(e_PAGE, "admin") === FALSE && e_PAGE != 'membersonly.php' && e_PAGE != 'sitedown.php') {
header("Location: ".e_HTTP."membersonly.php");
exit;
}
$sql->db_Delete("tmp", "tmp_time < '".(time() - 300)."' AND tmp_ip!='data' AND tmp_ip!='submitted_link'");
// for multi-language these definitions needs to come after the language loaded.
define("SITENAME", trim($tp->toHTML($pref['sitename'], "", "emotes_off defs no_make_clickable")));
define("SITEBUTTON", $pref['sitebutton']);
define("SITETAG", $tp->toHTML($pref['sitetag'], FALSE, "emotes_off defs"));
define("SITEDESCRIPTION", $tp->toHTML($pref['sitedescription'], "", "emotes_off defs"));
define("SITEADMIN", $pref['siteadmin']);
define("SITEADMINEMAIL", $pref['siteadminemail']);
define("SITEDISCLAIMER", $tp->toHTML($pref['sitedisclaimer'], "", "emotes_off defs"));
define("SITECONTACTINFO", $tp->toHTML($pref['sitecontactinfo'], TRUE, "emotes_off defs"));
if ($pref['maintainance_flag'] && ADMIN == FALSE && strpos(e_SELF, "admin.php") === FALSE && strpos(e_SELF, "sitedown.php") === FALSE) {
header("Location: ".SITEURL."sitedown.php");
exit;
}
$sql->db_Mark_Time('(Start: Login/logout/ban/tz)');
if (isset($_POST['userlogin']) || isset($_POST['userlogin_x'])) {
e107_require_once(e_HANDLER."login.php");
$usr = new userlogin($_POST['username'], $_POST['userpass'], $_POST['autologin']);
}
if (e_QUERY == 'logout') {
$ip = $e107->getip();
$udata=(USER === TRUE) ? USERID.".".USERNAME : "0";
$sql->db_Update("online", "online_user_id = '0', online_pagecount=online_pagecount+1 WHERE online_user_id = '{$udata}' LIMIT 1");
if ($pref['user_tracking'] == "session") {
session_destroy();
$_SESSION[$pref['cookie_name']]="";
}
cookie($pref['cookie_name'], "", (time() - 2592000));
$e_event->trigger("logout");
echo "\n";
exit;
}
/*
* Calculate time zone offset, based on session cookie set in e107.js.
* (Buyer beware: this may be wrong for the first pageview in a session,
* which is while the user is logged out, so not a problem...)
*
* Time offset is SECONDS. Seconds is much better than hours as a base,
* as some places have 30 and 45 minute time zones.
* It matches user clock time, instead of only time zones.
* Add the offset to MySQL/server time to get user time.
* Subtract the offset from user time to get server time.
*
*/
$e_deltaTime=0;
if (isset($_COOKIE['e107_tdOffset'])) {
// Actual seconds of delay. See e107.js and footer_default.php
$e_deltaTime = $_COOKIE['e107_tdOffset'];
}
if (isset($_COOKIE['e107_tzOffset'])) {
// Relative client-to-server time zone offset in seconds.
$e_deltaTime += (-($_COOKIE['e107_tzOffset'] * 60 + date("Z")));
}
define("TIMEOFFSET", $e_deltaTime);
$sql->db_Mark_Time('Start: Get menus');
$menu_data = $e107cache->retrieve("menus_".USERCLASS_LIST."_".md5(e_LANGUAGE));
$menu_data = $eArrayStorage->ReadArray($menu_data);
if(!is_array($menu_data)) {
if ($sql->db_Select('menus', '*', "menu_location > 0 AND menu_class IN (".USERCLASS_LIST.") ORDER BY menu_order")) {
while ($row = $sql->db_Fetch()) {
$eMenuList[$row['menu_location']][]=$row;
$eMenuActive[]=$row['menu_name'];
}
}
$menu_data['menu_list'] = $eMenuList;
$menu_data['menu_active'] = $eMenuActive;
$menu_data = $eArrayStorage->WriteArray($menu_data, false);
$e107cache->set("menus_".USERCLASS_LIST."_".md5(e_LANGUAGE), $menu_data);
unset($menu_data);
} else {
$eMenuList = $menu_data['menu_list'];
$eMenuActive = $menu_data['menu_active'];
unset($menu_data);
}
$sql->db_Mark_Time('(Start: Find/Load Theme)');
if(!defined("THEME")){
if ((strpos(e_SELF, $ADMIN_DIRECTORY) !== FALSE || strpos(e_SELF, "admin") !== FALSE || (isset($eplug_admin) && $eplug_admin == TRUE)) && $pref['admintheme']) {
if (strpos(e_SELF.'?'.e_QUERY, 'menus.php?configure') !== FALSE) {
checkvalidtheme($pref['sitetheme']);
} else if (strpos(e_SELF, "newspost.php") !== FALSE) {
define("MAINTHEME", e_THEME.$pref['sitetheme']."/");
checkvalidtheme($pref['admintheme']);
}
else {
checkvalidtheme($pref['admintheme']);
}
} else {
if (USERTHEME !== FALSE && USERTHEME != "USERTHEME") {
checkvalidtheme(USERTHEME);
} else {
checkvalidtheme($pref['sitetheme']);
}
}
}
if (strpos(e_SELF.'?'.e_QUERY, 'menus.php?configure') === FALSE && (strpos(e_SELF, $ADMIN_DIRECTORY) !== FALSE || strpos(e_SELF, "admin") !== FALSE || (isset($eplug_admin) && $eplug_admin == TRUE))) {
if (file_exists(THEME.'admin_theme.php')) {
require_once(THEME.'admin_theme.php');
} else {
require_once(THEME."theme.php");
}
} else {
require_once(THEME."theme.php");
}
if (strpos(e_SELF, $ADMIN_DIRECTORY) !== FALSE || strpos(e_SELF, "admin.php") !== FALSE) {
e107_include_once(e_LANGUAGEDIR.e_LANGUAGE."/admin/lan_".e_PAGE);
e107_include_once(e_LANGUAGEDIR."English/admin/lan_".e_PAGE);
} else if (strpos(e_SELF, $PLUGINS_DIRECTORY) === FALSE) {
e107_include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_".e_PAGE);
e107_include_once(e_LANGUAGEDIR."English/lan_".e_PAGE);
}
if(!defined("IMODE")) define("IMODE", "lite");
if ($pref['anon_post'] ? define("ANON", TRUE) : define("ANON", FALSE));
if (Empty($pref['newsposts']) ? define("ITEMVIEW", 15) : define("ITEMVIEW", $pref['newsposts']));
if ($pref['antiflood1'] == 1) {
define('FLOODPROTECT', TRUE);
define('FLOODTIMEOUT', $pref['antiflood_timeout']);
}
$layout = isset($layout) ? $layout : '_default';
define("HEADERF", e_THEME."templates/header{$layout}.php");
define("FOOTERF", e_THEME."templates/footer{$layout}.php");
if (!file_exists(HEADERF)) {
message_handler("CRITICAL_ERROR", "Unable to find file: ".HEADERF, __LINE__ - 2, __FILE__);
}
if (!file_exists(FOOTERF)) {
message_handler("CRITICAL_ERROR", "Unable to find file: ".FOOTERF, __LINE__ - 2, __FILE__);
}
define("LOGINMESSAGE", "");
define("OPEN_BASEDIR", (ini_get('open_basedir') ? TRUE : FALSE));
define("SAFE_MODE", (ini_get('safe_mode') ? TRUE : FALSE));
define("FILE_UPLOADS", (ini_get('file_uploads') ? TRUE : FALSE));
define("INIT", TRUE);
if(isset($_SERVER['HTTP_REFERER'])) {
$tmp = explode("?", $_SERVER['HTTP_REFERER']);
define("e_REFERER_SELF",($tmp[0] == e_SELF));
} else {
define('e_REFERER_SELF', FALSE);
}
if (!class_exists('convert'))
{
require_once(e_HANDLER."date_handler.php");
}
//@require_once(e_HANDLER."IPB_int.php");
//@require_once(e_HANDLER."debug_handler.php");
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
function js_location($qry){
echo "\n"; exit;
}
function check_email($email) {
return preg_match("/^([_a-zA-Z0-9-+]+)(\.[_a-zA-Z0-9-]+)*@([a-zA-Z0-9-]+)(\.[a-zA-Z0-9-]+)*(\.[a-zA-Z]{2,6})$/" , $email) ? $email : FALSE;
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
function check_class($var, $userclass = USERCLASS, $peer = FALSE, $debug = FALSE)
{
global $tp;
if($var == e_LANGUAGE){
return TRUE;
}
if (!$var || $var == "")
{
return TRUE;
}
if(strpos($var, ",") !== FALSE)
{
$lans = explode(",",e_LANLIST);
$varList = explode(",", $var);
rsort($varList); // check the language first.(ie. numbers come last)
foreach($varList as $v)
{
if (in_array($v,$lans) && strpos($v, e_LANGUAGE) === FALSE) {
return FALSE;
}
if(check_class($v, $userclass, $debug)) {
return TRUE;
}
}
return FALSE;
}
if (preg_match("/^([0-9]+)$/", $var) && !$peer)
{
if ($var == e_UC_MEMBER && USER == TRUE)
{
return TRUE;
}
if ($var == e_UC_GUEST && USER == FALSE) {
return TRUE;
}
if ($var == e_UC_PUBLIC) {
return TRUE;
}
if ($var == e_UC_NOBODY) {
return FALSE;
}
if ($var == e_UC_ADMIN && ADMIN) {
return TRUE;
}
if ($var == e_UC_READONLY) {
return TRUE;
}
}
if ($debug) {
echo "USERCLASS: ".$userclass.", \$var = $var : ";
}
if (!defined("USERCLASS") || $userclass == "") {
if ($debug) {
echo "FALSE
";
}
return FALSE;
}
// user has classes set - continue
if (preg_match("/^([0-9]+)$/", $var)) {
$tmp=explode(',', $userclass);
if (is_numeric(array_search($var, $tmp))) {
if ($debug) {
echo "TRUE
";
}
return TRUE;
}
} else {
// var is name of class ...
$sql=new db;
if ($sql->db_Select("userclass_classes", "*", "userclass_name='".$tp -> toDB($var)."' ")) {
$row=$sql->db_Fetch();
$tmp=explode(',', $userclass);
if (is_numeric(array_search($row['userclass_id'], $tmp))) {
if ($debug) {
echo "TRUE
";
}
return TRUE;
}
}
}
if ($debug) {
echo "NOTNUM! FALSE
";
}
return FALSE;
}
function getperms($arg, $ap = ADMINPERMS) {
global $PLUGINS_DIRECTORY;
if ($ap == "0") {
return TRUE;
}
if ($ap == "") {
return FALSE;
}
$ap='.'.$ap;
if ($arg == 'P' && preg_match("#(.*?)/".$PLUGINS_DIRECTORY."(.*?)/(.*?)#", e_SELF, $matches)) {
$psql=new db;
if ($psql->db_Select('plugin', 'plugin_id', "plugin_path = '".$matches[2]."' ")) {
$row=$psql->db_Fetch();
$arg='P'.$row[0];
}
}
if (strpos($ap, ".".$arg.".") !== FALSE) {
return TRUE;
} else {
return FALSE;
}
}
/**
* Get the user data from user and user_extended tables
*
* @return array
*/
function get_user_data($uid, $extra = "")
{
global $pref, $sql;
$uid = intval($uid);
$var = array();
if($uid == 0) { return $var; }
if($ret = getcachedvars("userdata_{$uid}"))
{
return $ret;
}
$qry = "
SELECT u.*, ue.* FROM #user AS u
LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id
WHERE u.user_id='{$uid}' {$extra}
";
if (!$sql->db_Select_gen($qry))
{
$qry = "SELECT * FROM #user AS u WHERE u.user_id='{$uid}' {$extra}";
if(!$sql->db_Select_gen($qry))
{
return FALSE;
}
}
$var = $sql->db_Fetch();
$extended_struct = getcachedvars("extended_struct");
if(!$extended_struct)
{
unset($extended_struct);
$qry = "SHOW COLUMNS FROM #user_extended ";
if($sql->db_Select_gen($qry))
{
while($row = $sql->db_Fetch())
{
if($row['Default'] != "")
{
$extended_struct[] = $row;
}
}
if(isset($extended_struct))
{
cachevars("extended_struct", $extended_struct);
}
}
}
if(isset($extended_struct))
{
foreach($extended_struct as $row)
{
if($row['Default'] != "" && ($var[$row['Field']] == NULL || $var[$row['Field']] == "" ))
{
$var[$row['Field']] = $row['Default'];
}
}
}
cachevars("userdata_{$uid}", $var);
return $var;
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
function save_prefs($table = 'core', $uid = USERID, $row_val = '') {
global $pref, $user_pref, $tp, $PrefCache, $sql, $eArrayStorage;
if ($table == 'core') {
if ($row_val == '') {
// Save old version as a backup
if(!$sql->db_Update('core', "e107_value='".addslashes($PrefCache)."' WHERE e107_name='SitePrefs_Backup'")){
$sql->db_Insert('core', "'SitePrefs', '".addslashes($PrefCache)."'");
}
// traverse the pref array, with toDB on everything
$_pref = $tp -> toDB($pref, true, true);
// Create the data to be stored
$PrefCache1 = $eArrayStorage->WriteArray($_pref);
if(!$sql->db_Update('core', "e107_value='{$PrefCache1}' WHERE e107_name = 'SitePrefs'")){
$sql->db_Insert('core', "'SitePrefs', '{$PrefCache1}'");
}
ecache::clear('SitePrefs');
}
} else {
$_user_pref = $tp -> toDB($user_pref);
$tmp=addslashes(serialize($_user_pref));
$sql->db_Update("user", "user_prefs='$tmp' WHERE user_id=".intval($uid));
return $tmp;
}
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
class e_online {
function online($online_tracking = false, $flood_control = false) {
if($online_tracking == true || $flood_control == true) {
global $online_timeout, $online_warncount, $online_bancount;
if(!isset($online_timeout)) {
$online_timeout = 300;
}
if(!isset($online_warncount)) {
$online_warncount = 90;
}
if(!isset($online_bancount)) {
$online_bancount = 100;
}
global $sql, $pref, $e107, $listuserson, $e_event, $tp;
$page = (strpos(e_SELF, "forum_") !== FALSE) ? e_SELF.".".e_QUERY : e_SELF;
$page = (strpos(e_SELF, "comment") !== FALSE) ? e_SELF.".".e_QUERY : $page;
$page = (strpos(e_SELF, "content") !== FALSE) ? e_SELF.".".e_QUERY : $page;
$page = $tp -> toDB($page, true);
$ip = $e107->getip();
$udata = (USER === true ? USERID.".".USERNAME : "0");
if (USER) {
// Find record that matches IP or visitor, or matches user info
if ($sql->db_Select("online", "*", "(`online_ip` = '{$ip}' AND `online_user_id` = '0') OR `online_user_id` = '{$udata}'")) {
$row = $sql->db_Fetch();
if ($row['online_user_id'] == $udata) {
//Matching user record
if ($row['online_timestamp'] < (time() - $online_timeout)) {
//It has been at least 'timeout' seconds since this user has connected
//Update user record with timestamp, current IP, current page and set pagecount to 1
$query = "online_timestamp='".time()."', online_ip='{$ip}', online_location='{$page}', online_pagecount=1 WHERE online_user_id='{$row['online_user_id']}' LIMIT 1";
} else {
if (!ADMIN) {
$row['online_pagecount'] ++;
}
// Update user record with current IP, current page and increment pagecount
$query = "online_ip='{$ip}', `online_location` = '{$page}', `online_pagecount` = '".intval($row['online_pagecount'])."' WHERE `online_user_id` = '{$row['online_user_id']}' LIMIT 1";
}
} else {
//Found matching visitor record (ip only) for this user
if ($row['online_timestamp'] < (time() - $online_timeout)) {
// It has been at least 'timeout' seconds since this user has connected
// Update record with timestamp, current IP, current page and set pagecount to 1
$query = "`online_timestamp` = '".time()."', `online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
} else {
if (!ADMIN) {
$row['online_pagecount'] ++;
}
//Update record with current IP, current page and increment pagecount
$query = "`online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = ".intval($row['online_pagecount'])." WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
}
}
$sql->db_Update("online", $query);
} else {
$sql->db_Insert("online", " '".time()."', '0', '{$udata}', '{$ip}', '{$page}', 1");
}
} else {
//Current page request is from a visitor
if ($sql->db_Select("online", "*", "`online_ip` = '{$ip}' AND `online_user_id` = '0'")) {
$row = $sql->db_Fetch();
if ($row['online_timestamp'] < (time() - $online_timeout)) //It has been at least 'timeout' seconds since this ip has connected
{
//Update record with timestamp, current page, and set pagecount to 1
$query = "`online_timestamp` = '".time()."', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
} else {
//Update record with current page and increment pagecount
$row['online_pagecount'] ++;
// echo "here {$online_pagecount}";
$query="`online_location` = '{$page}', `online_pagecount` = {$row['online_pagecount']} WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
}
$sql->db_Update("online", $query);
} else {
$sql->db_Insert("online", " '".time()."', 'null', '0', '{$ip}', '{$page}', 1");
}
}
if (ADMIN || $pref['autoban'] != 1) {
$row['online_pagecount'] = 1;
}
if ($row['online_pagecount'] > $online_bancount && $row['online_ip'] != "127.0.0.1") {
$sql->db_Insert("banlist", "'{$ip}', '0', 'Hit count exceeded ({$row['online_pagecount']} requests within allotted time)' ");
$e_event->trigger("flood", $ip);
exit;
}
if ($row['online_pagecount'] >= $online_warncount && $row['online_ip'] != "127.0.0.1") {
echo "
'.print_r($var, true).''; return true; } else { return '
'.print_r($var, true).''; } } } function force_userupdate() { global $sql,$pref,$currentUser; if (e_PAGE == "usersettings.php" || strpos(e_SELF, ADMINDIR) == TRUE) { return FALSE; } $signup_option_names = array("realname", "signature", "image", "timezone", "class"); foreach($signup_option_names as $key => $value) { if ($pref['signup_option_'.$value] == 2 && !$currentUser['user_'.$value]) { return TRUE; } } if($sql -> db_Select("user_extended_struct", "user_extended_struct_name", "user_extended_struct_required = '1'")) { while($row = $sql -> db_Fetch()) { $user_extended_struct_name = "user_{$row['user_extended_struct_name']}"; if(!$currentUser[$user_extended_struct_name]) { return TRUE; } } } return FALSE; } class error_handler { var $errors; var $debug = false; function error_handler() { if ((isset($_SERVER['QUERY_STRING']) && strpos($_SERVER['QUERY_STRING'], 'debug=') !== FALSE) || isset($_COOKIE['e107_debug_level'])) { $this->debug = true; error_reporting(E_ALL); } else { error_reporting(E_ERROR | E_PARSE); } } function handle_error($type, $message, $file, $line, $context) { switch($type) { case E_NOTICE: if ($this->debug == true) { $error['short'] = "Notice: {$message}, Line {$line} of {$file}
{$value['short']} | \n\t |