PageRenderTime 55ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/campsite/src/include/phorum/common.php

https://github.com/joechrysler/Campsite
PHP | 835 lines | 595 code | 117 blank | 123 comment | 179 complexity | 42f58ba7a9dc68677a78a79d72e7112e MD5 | raw file
Possible License(s): BSD-3-Clause, AGPL-1.0, LGPL-2.1, Apache-2.0 
    

  1. <?php
    2. 

  2. 

  3. ////////////////////////////////////////////////////////////////////////////////
    4. 

  4. //                                                                            //
    5. 

  5. //   Copyright (C) 2006  Phorum Development Team                              //
    6. 

  6. //   http://www.phorum.org                                                    //
    7. 

  7. //                                                                            //
    8. 

  8. //   This program is free software. You can redistribute it and/or modify     //
    9. 

  9. //   it under the terms of either the current Phorum License (viewable at     //
    10. 

  10. //   phorum.org) or the Phorum License that was distributed with this file    //
    11. 

  11. //                                                                            //
    12. 

  12. //   This program is distributed in the hope that it will be useful,          //
    13. 

  13. //   but WITHOUT ANY WARRANTY, without even the implied warranty of           //
    14. 

  14. //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                     //
    15. 

  15. //                                                                            //
    16. 

  16. //   You should have received a copy of the Phorum License                    //
    17. 

  17. //   along with this program.                                                 //
    18. 

  18. ////////////////////////////////////////////////////////////////////////////////
    19. 

  19. 

  20. // Check that this file is not loaded directly.
    21. 

  21. if ( basename( __FILE__ ) == basename( $_SERVER["PHP_SELF"] ) ) exit();
    22. 

  22. 

  23. // all other constants in ./include/constants.php
    24. 

  24. define( "PHORUM", "5.1-dev" );
    25. 

  25. 

  26. // our internal version in format of year-month-day-serial
    27. 

  27. define( "PHORUMINTERNAL", "2006032300" );
    28. 

  28. 

  29. define( "DEBUG", 0 );
    30. 

  30. 

  31. include_once( "./include/constants.php" );
    32. 

  32. 

  33. // setup the PHORUM var
    34. 

  34. $PHORUM = array();
    35. 

  35. 

  36. // temp member to hold arrays and such in templates
    37. 

  37. $PHORUM["TMP"] = array();
    38. 

  38. 

  39. // The data member is the data the templates can access
    40. 

  40. $PHORUM["DATA"] = array();
    41. 

  41. $PHORUM["DATA"]["GET_VARS"] = array();
    42. 

  42. $PHORUM["DATA"]["POST_VARS"] = "";
    43. 

  43. 

  44. // get the forum id if set with a post
    45. 

  45. if ( isset( $_REQUEST["forum_id"] ) && is_numeric( $_REQUEST["forum_id"] ) ) {
    46. 

  46.     $PHORUM["forum_id"] = $_REQUEST["forum_id"];
    47. 

  47. }
    48. 

  48. 

  49. // strip the slashes off of POST data if magic_quotes is on
    50. 

  50. if ( get_magic_quotes_gpc() && count( $_REQUEST ) ) {
    51. 

  51.     foreach( $_POST as $key => $value ) {
    52. 

  52.         if ( !is_array( $value ) )
    53. 

  53.             $_POST[$key] = stripslashes( $value );
    54. 

  54.         else
    55. 

  55.             $_POST[$key] = phorum_recursive_stripslashes( $value );
    56. 

  56.     }
    57. 

  57.     foreach( $_GET as $key => $value ) {
    58. 

  58.         if ( !is_array( $value ) )
    59. 

  59.             $_GET[$key] = stripslashes( $value );
    60. 

  60.         else
    61. 

  61.             $_GET[$key] = phorum_recursive_stripslashes( $value );
    62. 

  62.     }
    63. 

  63. }
    64. 

  64. 

  65. // look for and parse the QUERY_STRING
    66. 

  66. // this only applies to urls that we create.
    67. 

  67. // scrips using urls from forms (search) should use $_GET or $_POST
    68. 

  68. if ( !defined( "PHORUM_ADMIN" ) ) {
    69. 

  69.     if ( isset( $_SERVER["QUERY_STRING"] ) || isset( $PHORUM["CUSTOM_QUERY_STRING"] ) ) {
    70. 

  70.         $Q_STR = empty( $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"] ) ? $_SERVER["QUERY_STRING"]: $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"];
    71. 

  71. 

  72.         // ignore stuff past a #
    73. 

  73.         if ( strstr( $Q_STR, "#" ) ) list( $Q_STR, $other ) = explode( "#", $Q_STR );
    74. 

  74. 

  75.         // explode it on comma
    76. 

  76.         $PHORUM["args"] = explode( ",", $Q_STR );
    77. 

  77. 

  78.         // check for any assigned values
    79. 

  79.         if ( strstr( $Q_STR, "=" ) ) {
    80. 

  80.             foreach( $PHORUM["args"] as $key => $arg ) {
    81. 

  81. 

  82.                 // if an arg has an = create an element in args
    83. 

  83.                 // with left part as key and right part as value
    84. 

  84.                 if ( strstr( $arg, "=" ) ) {
    85. 

  85.                     list( $var, $value ) = explode( "=", $arg );
    86. 

  86.                     $PHORUM["args"][$var] = urldecode( $value );
    87. 

  87.                     // get rid of the numbered arg, it is useless.
    88. 

  88.                     unset( $PHORUM["args"][$key] );
    89. 

  89.                 }
    90. 

  90.             }
    91. 

  91.         }
    92. 

  92. 

  93.         // set forum_id if not set already by
    94. 

  94.         if ( empty( $PHORUM["forum_id"] ) && isset( $PHORUM["args"][0] ) ) {
    95. 

  95.             $PHORUM["forum_id"] = ( int )$PHORUM["args"][0];
    96. 

  96.         }
    97. 

  97.     }
    98. 

  98. }
    99. 

  99. 

  100. // set the forum_id to 0 if not set by now.
    101. 

  101. if ( empty( $PHORUM["forum_id"] ) ) $PHORUM["forum_id"] = 0;
    102. 

  102. 

  103. // Get the database settings.
    104. 

  104. if ( empty( $GLOBALS["PHORUM_ALT_DBCONFIG"] ) || $GLOBALS["PHORUM_ALT_DBCONFIG"]==$_REQUEST["PHORUM_ALT_DBCONFIG"] || !defined("PHORUM_WRAPPER") ) {
    105. 

  105.     // Backup display_errors setting.
    106. 

  106.     $orig = ini_get("display_errors");
    107. 

  107.     ini_set("display_errors", 0);
    108. 

  108. 

  109.     // Load configuration.
    110. 

  110.     if (! include_once( "./include/db/config.php" )) {
    111. 

  111.         print '<html><head><title>Phorum error</title></head><body>';
    112. 

  112.         print '<h2>Phorum database configuration error</h2>';
    113. 

  113. 

  114.         // No database configuration found.
    115. 

  115.         if (!file_exists("./include/db/config.php")) { ?>
    116. 

  116.             Phorum has been installed on this server, but the configuration<br/>
    117. 

  117.             for the database connection has not yet been made. Please read<br/>
    118. 

  118.             <a href="docs/install.txt">docs/install.txt</a> for installation instructions. <?php
    119. 

  119.         } else {
    120. 

  120.             $fp = fopen("./include/db/config.php", "r");
    121. 

  121.             // Unable to read the configuration file.
    122. 

  122.             if (!$fp) { ?>
    123. 

  123.                 A database configuration file was found in ./include/db/config.php,<br/>
    124. 

  124.                 but Phorum was unable to read it. Please check the file permissions<br/>
    125. 

  125.                 for this file. <?php
    126. 

  126.             // Unknown error.
    127. 

  127.             } else {
    128. 

  128.                 fclose($fp); ?>
    129. 

  129.                 A database configuration file was found in ./include/dbconfig.php,<br/>
    130. 

  130.                 but it could not be loaded. It possibly contains one or more errors.<br/>
    131. 

  131.                 Please check your configuration file. <?php
    132. 

  132.             }
    133. 

  133.         }
    134. 

  134. 

  135.         print '</body></html>';
    136. 

  136.         exit(1);
    137. 

  137.     }
    138. 

  138. 

  139.     // Restore original display_errors setting.
    140. 

  140.     ini_set("display_errors", $orig);
    141. 

  141. } else {
    142. 

  142.     $PHORUM["DBCONFIG"] = $GLOBALS["PHORUM_ALT_DBCONFIG"];
    143. 

  143. }
    144. 

  144. 

  145. // Load the database layer.
    146. 

  146. include_once( "./include/db/{$PHORUM['DBCONFIG']['type']}.php" );
    147. 

  147. 

  148. if(!phorum_db_check_connection()){
    149. 

  149.     if(isset($PHORUM["DBCONFIG"]["down_page"])){
    150. 

  150.         header("Location: ".$PHORUM["DBCONFIG"]["down_page"]);
    151. 

  151.         exit();
    152. 

  152.     } else {
    153. 

  153.         echo "The database connection failed. Please check your database configuration in include/db/config.php. If the configuration is okay, check if the database server is running.";
    154. 

  154.         exit();
    155. 

  155.     }
    156. 

  156. }
    157. 

  157. 

  158. // get the Phorum settings
    159. 

  159. phorum_db_load_settings();
    160. 

  160. 

  161. // a hook for rewriting vars at the beginning of common.php,
    162. 

  162. //right after loading the settings from the database
    163. 

  163. phorum_hook( "common_pre", "" );
    164. 

  164. 

  165. include_once( "./include/cache.php" );
    166. 

  166. 

  167. // stick some stuff from the settings into the DATA member
    168. 

  168. $PHORUM["DATA"]["TITLE"] = ( isset( $PHORUM["title"] ) ) ? $PHORUM["title"] : "";
    169. 

  169. $PHORUM["DATA"]["HTML_TITLE"] = ( !empty( $PHORUM["html_title"] ) ) ? $PHORUM["html_title"] : $PHORUM["DATA"]["TITLE"];
    170. 

  170. $PHORUM["DATA"]["HEAD_TAGS"] = ( isset( $PHORUM["head_tags"] ) ) ? $PHORUM["head_tags"] : "";
    171. 

  171. $PHORUM["DATA"]["FORUM_ID"] = $PHORUM["forum_id"];
    172. 

  172. 

  173. ////////////////////////////////////////////////////////////
    174. 

  174. // only do this stuff if we are not in the admin
    175. 

  175. 

  176. if ( !defined( "PHORUM_ADMIN" ) ) {
    177. 

  177. 

  178.     // if the Phorum is disabled, display a message.
    179. 

  179.     if(isset($PHORUM["status"]) && $PHORUM["status"]=="disabled"){
    180. 

  180.         if(!empty($PHORUM["disabled_url"])){
    181. 

  181.             header("Location: ".$PHORUM["disabled_url"]);
    182. 

  182.             exit();
    183. 

  183.         } else {
    184. 

  184.             echo "This Phorum is currently disabled.  Please contact the web site owner at ".$PHORUM['system_email_from_address']." for more information.\n";
    185. 

  185.             exit();
    186. 

  186.         }
    187. 

  187.     }
    188. 

  188. 

  189.     // checking for upgrade or new install
    190. 

  190.     if ( !isset( $PHORUM['internal_version'] ) ) {
    191. 

  191.         echo "<html><head><title>Phorum error</title></head><body>No Phorum settings were found. Either this is a brand new installation of Phorum or there is an error with your database server. If this is a new install, please <a href=\"admin.php\">go to the admin page</a> to complete the installation. If not, check your database server.</body></html>";
    192. 

  192.         exit();
    193. 

  193.     } elseif ( $PHORUM['internal_version'] < PHORUMINTERNAL ) {
    194. 

  194.         echo "<html><head><title>Error</title></head><body>Looks like you have installed a new version. Go to the admin to complete the upgrade!</body></html>";
    195. 

  195.         exit();
    196. 

  196.     }
    197. 

  197. 

  198.     // load the forum's settings
    199. 

  199.     if ( !empty( $PHORUM["forum_id"] ) ) {
    200. 

  200.         $forum_settings = phorum_db_get_forums( $PHORUM["forum_id"] );
    201. 

  201.         if ( empty( $forum_settings[$PHORUM["forum_id"]] ) ) {
    202. 

  202.             phorum_hook( "common_no_forum", "" );
    203. 

  203.             phorum_redirect_by_url( phorum_get_url( PHORUM_INDEX_URL ) );
    204. 

  204.             exit();
    205. 

  205.         }
    206. 

  206.         $PHORUM = array_merge( $PHORUM, $forum_settings[$PHORUM["forum_id"]] );
    207. 

  207.     } else {
    208. 

  208.         // some defaults we might need if no forum is set (i.e. on the index-page)
    209. 

  209.         $PHORUM['vroot']=0;
    210. 

  210.         $PHORUM['parent_id']=0;
    211. 

  211.         $PHORUM['active']=1;
    212. 

  212.         $PHORUM['folder_flag']=1;
    213. 

  213.     }
    214. 

  214. 

  215.     // stick some stuff from the settings into the DATA member
    216. 

  216.     $PHORUM["DATA"]["NAME"] = ( isset( $PHORUM["name"] ) ) ? $PHORUM["name"] : "";
    217. 

  217.     $PHORUM["DATA"]["DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? $PHORUM["description"] : "";
    218. 

  218.     $PHORUM["DATA"]["ENABLE_PM"] = ( isset( $PHORUM["enable_pm"] ) ) ? $PHORUM["enable_pm"] : "";
    219. 

  219.     if ( !empty( $PHORUM["DATA"]["HTML_TITLE"] ) && !empty( $PHORUM["DATA"]["NAME"] ) ) {
    220. 

  220.         $PHORUM["DATA"]["HTML_TITLE"] .= PHORUM_SEPARATOR;
    221. 

  221.     }
    222. 

  222.     $PHORUM["DATA"]["HTML_TITLE"] .= $PHORUM["DATA"]["NAME"];
    223. 

  223. 

  224.     // check the user session
    225. 

  225.     include_once( "./include/users.php" );
    226. 

  226.     if ( phorum_user_check_session() ) {
    227. 

  227.         $PHORUM["DATA"]["LOGGEDIN"] = true;
    228. 

  228. 

  229.         if(!$PHORUM["tight_security"] || phorum_user_check_session( PHORUM_SESSION_SHORT_TERM )){
    230. 

  230.             $PHORUM["DATA"]["FULLY_LOGGEDIN"] = true;
    231. 

  231.         } else {
    232. 

  232.             $PHORUM["DATA"]["FULLY_LOGGEDIN"] = false;
    233. 

  233.         }
    234. 

  234. 

  235.         // Let the templates know whether we have new private messages.
    236. 

  236.         $PHORUM["DATA"]["NEW_PRIVATE_MESSAGES"] = 0;
    237. 

  237.         if ( $PHORUM["enable_pm"] && isset($PHORUM["user"]["new_private_messages"]) ) {
    238. 

  238.              $PHORUM["DATA"]["NEW_PRIVATE_MESSAGES"] = $PHORUM["user"]["new_private_messages"];
    239. 

  239.         }
    240. 

  240. 

  241.         $PHORUM["DATA"]["notice_messages"] = false;
    242. 

  242.         $PHORUM["DATA"]["notice_users"] = false;
    243. 

  243.         $PHORUM["DATA"]["notice_groups"] = false;
    244. 

  244. 

  245.         // if moderator notifications are on and the person is a mod, lets find out if anything is new
    246. 

  246.         if ( $PHORUM["enable_moderator_notifications"] ) {
    247. 

  247.             $forummodlist = phorum_user_access_list( PHORUM_USER_ALLOW_MODERATE_MESSAGES );
    248. 

  248.             if ( count( $forummodlist ) > 0 ) {
    249. 

  249.                 $PHORUM["DATA"]["notice_messages"] = ( count( phorum_db_get_unapproved_list( $forummodlist, true ) ) > 0 );
    250. 

  250.                 $PHORUM["DATA"]["notice_messages_url"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_UNAPPROVED );
    251. 

  251.             }
    252. 

  252.             if ( phorum_user_access_allowed( PHORUM_USER_ALLOW_MODERATE_USERS ) ) {
    253. 

  253.                 $PHORUM["DATA"]["notice_users"] = ( count( phorum_db_user_get_unapproved() ) > 0 );
    254. 

  254.                 $PHORUM["DATA"]["notice_users_url"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_USERS );
    255. 

  255.             }
    256. 

  256.             if ( phorum_user_allow_moderate_group() ) {
    257. 

  257.                 $groups = phorum_user_get_moderator_groups();
    258. 

  258.                 if ( count( $groups ) > 0 ) {
    259. 

  259.                     $PHORUM["DATA"]["notice_groups"] = count( phorum_db_get_group_members( array_keys( $groups ), PHORUM_USER_GROUP_UNAPPROVED ) );
    260. 

  260.                     $PHORUM["DATA"]["notice_groups_url"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_GROUP_MODERATION );
    261. 

  261.                 }
    262. 

  262.             }
    263. 

  263.         }
    264. 

  264. 

  265.         $PHORUM["DATA"]["notice_all"] = ( $PHORUM["enable_pm"] && phorum_page!="pm" && $PHORUM["DATA"]["NEW_PRIVATE_MESSAGES"] ) || $PHORUM["DATA"]["notice_messages"] || $PHORUM["DATA"]["notice_users"] || $PHORUM["DATA"]["notice_groups"];
    266. 

  266. 

  267.         // if the user has overridden thread settings, change it here.
    268. 

  268.         if ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) {
    269. 

  269.             if ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_ON ) {
    270. 

  270.                 $PHORUM["threaded_list"] = true;
    271. 

  271.             } elseif ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_OFF ) {
    272. 

  272.                 $PHORUM["threaded_list"] = false;
    273. 

  273.             }
    274. 

  274.             if ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_ON ) {
    275. 

  275.                 $PHORUM["threaded_read"] = true;
    276. 

  276.             } elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_OFF ) {
    277. 

  277.                 $PHORUM["threaded_read"] = false;
    278. 

  278.             }
    279. 

  279.         }
    280. 

  280.     }
    281. 

  281. 

  282.     // set up the blank user if not logged in
    283. 

  283.     if ( empty( $PHORUM["user"] ) ) {
    284. 

  284.         $PHORUM["user"] = array( "user_id" => 0, "username" => "", "admin" => false, "newinfo" => array() );
    285. 

  285.         $PHORUM["DATA"]["LOGGEDIN"] = false;
    286. 

  286.     }
    287. 

  287. 

  288. 

  289.     // a hook for rewriting vars in common.php after loading the user
    290. 

  290.     phorum_hook( "common_post_user", "" );
    291. 

  291. 

  292. 

  293.     // set up the template
    294. 

  294. 

  295.     // check for a template being passed on the url
    296. 

  296.     // only use valid template names
    297. 

  297.     if ( !empty( $PHORUM["args"]["template"] ) ) {
    298. 

  298.         $template = basename( $PHORUM["args"]["template"] );
    299. 

  299.         if ($template != '..') {
    300. 

  300.             $PHORUM["template"] = $template;
    301. 

  301.         }
    302. 

  302.     }
    303. 

  303. 

  304.     // user output buffering so we don't get header errors
    305. 

  305.     // not loaded if we are running an external or scheduled script
    306. 

  306.     if (! defined('PHORUM_SCRIPT')) {
    307. 

  307.         ob_start();
    308. 

  308.         include_once( phorum_get_template( "settings" ) );
    309. 

  309.         ob_end_clean();
    310. 

  310.     }
    311. 

  311. 

  312.     // get the language file
    313. 

  313.     if ( ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) && isset( $PHORUM['user']['user_language'] ) && !empty($PHORUM['user']['user_language']) )
    314. 

  314.         $PHORUM['language'] = $PHORUM['user']['user_language'];
    315. 

  315. 

  316.     if ( !isset( $PHORUM["language"] ) || empty( $PHORUM["language"] ) || !file_exists( "./include/lang/$PHORUM[language].php" ) )
    317. 

  317.         $PHORUM["language"] = $PHORUM["default_language"];
    318. 

  318. 

  319.     if ( file_exists( "./include/lang/$PHORUM[language].php" ) ) {
    320. 

  320.         include_once( "./include/lang/$PHORUM[language].php" );
    321. 

  321.     }
    322. 

  322.     // load languages for localized modules
    323. 

  323.     if ( isset( $PHORUM["hooks"]["lang"] ) && is_array($PHORUM["hooks"]["lang"]) ) {
    324. 

  324.         foreach( $PHORUM["hooks"]["lang"]["mods"] as $mod ) {
    325. 

  325.             // load mods for this hook
    326. 

  326.             if ( file_exists( "./mods/$mod/lang/$PHORUM[language].php" ) ) {
    327. 

  327.                 include_once "./mods/$mod/lang/$PHORUM[language].php";
    328. 

  328.             }
    329. 

  329.             elseif ( file_exists( "./mods/$mod/lang/english.php" ) ) {
    330. 

  330.                 include_once "./mods/$mod/lang/english.php";
    331. 

  331.             }
    332. 

  332.         }
    333. 

  333.     }
    334. 

  334. 

  335.     // HTML titles can't contain HTML code, so we strip HTML tags
    336. 

  336.     // and HTML escape the title.
    337. 

  337. $PHORUM["DATA"]["HTML_TITLE"] = htmlentities(strip_tags($PHORUM["DATA"]["HTML_TITLE"]), ENT_COMPAT, $PHORUM["DATA"]["CHARSET"]);
    338. 

  338. 

  339.     // if the Phorum is disabled, display a message.
    340. 

  340.     if(isset($PHORUM["status"]) && $PHORUM["status"]=="admin-only" && !$PHORUM["user"]["admin"]){
    341. 

  341.         // set all our URL's
    342. 

  342.         phorum_build_common_urls();
    343. 

  343. 

  344.         $PHORUM["DATA"]["MESSAGE"]=$PHORUM["DATA"]["LANG"]["AdminOnlyMessage"];
    345. 

  345.         include phorum_get_template("header");
    346. 

  346.         phorum_hook("after_header");
    347. 

  347.         include phorum_get_template("message");
    348. 

  348.         phorum_hook("before_footer");
    349. 

  349.         include phorum_get_template("footer");
    350. 

  350.         exit();
    351. 

  351. 

  352.     }
    353. 

  353. 

  354. 

  355.     // a hook for rewriting vars at the end of common.php
    356. 

  356.     phorum_hook( "common", "" );
    357. 

  357. 

  358.     $PHORUM['DATA']['USERINFO'] = $PHORUM['user'];
    359. 

  359.     $PHORUM['DATA']['PHORUM_PAGE'] = phorum_page;
    360. 

  360.     $PHORUM['DATA']['USERTRACK'] = $PHORUM['track_user_activity'];
    361. 

  361. }
    362. 

  362. 

  363. 

  364. //////////////////////////////////////////////////////////
    365. 

  365. // functions
    366. 

  366. 

  367. /**
    368. 

  368.  * A common function to check that a user is logged in
    369. 

  369.  */
    370. 

  370. function phorum_require_login()
    371. 

  371. {
    372. 

  372.     $PHORUM = $GLOBALS['PHORUM'];
    373. 

  373.     if ( !$PHORUM["user"]["user_id"] ) {
    374. 

  374.         $url = phorum_get_url( PHORUM_LOGIN_URL, "redir=" . urlencode( $PHORUM["http_path"] . "/" . basename( $_SERVER["PHP_SELF"] ) . "?" . $_SERVER["QUERY_STRING"] ) );
    375. 

  375.         phorum_redirect_by_url( $url );
    376. 

  376.         exit();
    377. 

  377.     }
    378. 

  378. }
    379. 

  379. 

  380. /**
    381. 

  381.  * A common function for checking the read-permissions for a forum-page
    382. 

  382.  * returns false if access is not allowed and an error page-was output
    383. 

  383.  */
    384. 

  384. function phorum_check_read_common()
    385. 

  385. {
    386. 

  386.     $PHORUM = $GLOBALS['PHORUM'];
    387. 

  387. 

  388.     $retval = true;
    389. 

  389. 

  390.     if ( $PHORUM["forum_id"] > 0 && !$PHORUM["folder_flag"] && !phorum_user_access_allowed( PHORUM_USER_ALLOW_READ ) ) {
    391. 

  391.         if ( $PHORUM["DATA"]["LOGGEDIN"] ) {
    392. 

  392.             // if they are logged in and not allowed, they don't have rights
    393. 

  393.             $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoRead"];
    394. 

  394.         } else {
    395. 

  395.             // check if they could read if logged in.
    396. 

  396.             // if so, let them know to log in.
    397. 

  397.             if ( ( empty( $PHORUM["DATA"]["POST"]["parentid"] ) && $PHORUM["reg_perms"] &PHORUM_USER_ALLOW_READ ) ) {
    398. 

  398.                 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["PleaseLoginRead"];
    399. 

  399.             } else {
    400. 

  400.                 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoRead"];
    401. 

  401.             }
    402. 

  402.         }
    403. 

  403. 

  404.         phorum_build_common_urls();
    405. 

  405. 

  406.         include phorum_get_template( "header" );
    407. 

  407.         phorum_hook( "after_header" );
    408. 

  408.         include phorum_get_template( "message" );
    409. 

  409.         phorum_hook( "before_footer" );
    410. 

  410.         include phorum_get_template( "footer" );
    411. 

  411. 

  412.         $retval = false;
    413. 

  413.     }
    414. 

  414. 

  415.     return $retval;
    416. 

  416. }
    417. 

  417. 

  418. // used for all url creation.
    419. 

  419. function phorum_get_url()
    420. 

  420. {
    421. 

  421.     $PHORUM = $GLOBALS["PHORUM"];
    422. 

  422. 

  423.     $args = "";
    424. 

  424.     $url = "";
    425. 

  425.     $suffix = "";
    426. 

  426.     $add_forum_id = false;
    427. 

  427.     $add_get_vars = true;
    428. 

  428. 

  429.     $argv = func_get_args();
    430. 

  430.     $type = array_shift( $argv );
    431. 

  431. 

  432.     switch ( $type ) {
    433. 

  433.         case PHORUM_LIST_URL:
    434. 

  434.             $page = "list";
    435. 

  435.             if ( empty( $argv ) ) $add_forum_id = true;
    436. 

  436.             break;
    437. 

  437.         case PHORUM_READ_URL:
    438. 

  438.             $page = "read";
    439. 

  439.             $add_forum_id = true;
    440. 

  440.             if ( !empty( $argv[1] ) && is_numeric( $argv[1] ) ) $suffix = "#msg-$argv[1]";
    441. 

  441.             break;
    442. 

  442.         case PHORUM_FOREIGN_READ_URL:
    443. 

  443.             $page = "read";
    444. 

  444.             if ( !empty( $argv[2] ) && is_numeric( $argv[2] ) ) $suffix = "#msg-$argv[2]";
    445. 

  445.             break;
    446. 

  446.         case PHORUM_REPLY_URL:
    447. 

  447.             if(isset($PHORUM["reply_on_read_page"]) && $PHORUM["reply_on_read_page"]){
    448. 

  448.                 $page = "read";
    449. 

  449.                 $suffix = "#REPLY";
    450. 

  450.             } else {
    451. 

  451.                 $page = "posting";
    452. 

  452.                 // For reply on a separate page, we call posting.php on its own.
    453. 

  453.                 // In that case argv[0] is the editor mode we want to use
    454. 

  454.                 // (reply in this case). Currently, the thread id is in argv[0],
    455. 

  455.                 // but we don't need that one for posting.php. So we simply
    456. 

  456.                 // replace argv[0] with the correct argument.
    457. 

  457.                 $argv[0] = "reply";
    458. 

  458.             }
    459. 

  459.             $add_forum_id = true;
    460. 

  460.             break;
    461. 

  461.         case PHORUM_POSTING_URL:
    462. 

  462.             $page = "posting";
    463. 

  463.             $add_forum_id = true;
    464. 

  464.             break;
    465. 

  465.         case PHORUM_REDIRECT_URL:
    466. 

  466.             $page = "redirect";
    467. 

  467.             $add_forum_id = false;
    468. 

  468.             break;
    469. 

  469.         case PHORUM_SEARCH_URL:
    470. 

  470.             $page = "search";
    471. 

  471.             $add_forum_id = true;
    472. 

  472.             break;
    473. 

  473.         case PHORUM_SEARCH_ACTION_URL:
    474. 

  474.             $page = "search";
    475. 

  475.             $add_get_vars = true;
    476. 

  476.             break;
    477. 

  477.         case PHORUM_DOWN_URL:
    478. 

  478.             $page = "down";
    479. 

  479.             $add_forum_id = true;
    480. 

  480.             break;
    481. 

  481.         case PHORUM_VIOLATION_URL:
    482. 

  482.             $page = "violation";
    483. 

  483.             $add_forum_id = true;
    484. 

  484.             break;
    485. 

  485.         case PHORUM_INDEX_URL:
    486. 

  486.             $page = "index";
    487. 

  487.             break;
    488. 

  488.         case PHORUM_LOGIN_URL:
    489. 

  489.             $page = "login";
    490. 

  490.             $add_forum_id = true;
    491. 

  491.             break;
    492. 

  492.         case PHORUM_LOGIN_ACTION_URL:
    493. 

  493.             $page = "login";
    494. 

  494.             break;
    495. 

  495.         case PHORUM_REGISTER_URL:
    496. 

  496.             $page = "register";
    497. 

  497.             $add_forum_id = true;
    498. 

  498.             break;
    499. 

  499.         case PHORUM_REGISTER_ACTION_URL:
    500. 

  500.             $page = "register";
    501. 

  501.             break;
    502. 

  502.         case PHORUM_PROFILE_URL:
    503. 

  503.             $page = "profile";
    504. 

  504.             $add_forum_id = true;
    505. 

  505.             break;
    506. 

  506.         case PHORUM_SUBSCRIBE_URL:
    507. 

  507.             $page = "subscribe";
    508. 

  508.             $add_forum_id = true;
    509. 

  509.             break;
    510. 

  510.         case PHORUM_MODERATION_URL:
    511. 

  511.             $page = "moderation";
    512. 

  512.             $add_forum_id = true;
    513. 

  513.             break;
    514. 

  514.         case PHORUM_MODERATION_ACTION_URL:
    515. 

  515.             $page = "moderation";
    516. 

  516.             $add_get_vars = false;
    517. 

  517.             break;
    518. 

  518.         case PHORUM_PREPOST_URL:
    519. 

  519.             $page = "control";
    520. 

  520.             $argv[] = "panel=messages";
    521. 

  521.             $add_forum_id = true;
    522. 

  522.             break;
    523. 

  523.         case PHORUM_CONTROLCENTER_URL:
    524. 

  524.             $page = "control";
    525. 

  525.             $add_forum_id = true;
    526. 

  526.             break;
    527. 

  527.         case PHORUM_CONTROLCENTER_ACTION_URL:
    528. 

  528.             $page = "control";
    529. 

  529.             break;
    530. 

  530.         case PHORUM_PM_URL:
    531. 

  531.             $page = "pm";
    532. 

  532.             $add_forum_id = true;
    533. 

  533.             break;
    534. 

  534.         case PHORUM_PM_ACTION_URL:
    535. 

  535.             $page = "pm";
    536. 

  536.             break;
    537. 

  537.         case PHORUM_FILE_URL:
    538. 

  538.             $page = "file";
    539. 

  539.             $add_forum_id = true;
    540. 

  540.             break;
    541. 

  541.         case PHORUM_FOLLOW_URL:
    542. 

  542.             $page = "follow";
    543. 

  543.             $add_forum_id = true;
    544. 

  544.             break;
    545. 

  545.         case PHORUM_FOLLOW_ACTION_URL:
    546. 

  546.             $page = "follow";
    547. 

  547.             $add_forum_id = false;
    548. 

  548.             break;
    549. 

  549.         case PHORUM_REPORT_URL:
    550. 

  550.             $page = "report";
    551. 

  551.             $add_forum_id = true;
    552. 

  552.             break;
    553. 

  553.         case PHORUM_RSS_URL:
    554. 

  554.             switch(phorum_page){
    555. 

  555.                 case "list":
    556. 

  556.                     $add_forum_id = true;
    557. 

  557.                     break;
    558. 

  558.                 case "read":
    559. 

  559.                     $add_forum_id = true;
    560. 

  560.                     array_push($argv, $PHORUM["args"]["1"]);
    561. 

  561.                     break;
    562. 

  562.             }
    563. 

  563.             $page = "rss";
    564. 

  564.             break;
    565. 

  565.         // this is for adding own generic urls
    566. 

  566.         case PHORUM_CUSTOM_URL:
    567. 

  567.             $page = array_shift($argv); // first arg is our page
    568. 

  568.             $add_forum_id_tmp=array_shift($argv); // second determining if we should add the forum_id
    569. 

  569.             $add_forum_id = $add_forum_id_tmp?true:false;
    570. 

  570.             break;
    571. 

  571. 

  572.         case PHORUM_BASE_URL:
    573. 

  573.             // only to flag phorum_custom_get_url() that base url is requested
    574. 

  574.             $page = '';
    575. 

  575.             break;
    576. 

  576. 

  577.         default:
    578. 

  578.             trigger_error( "Unhandled page type.", E_USER_WARNING );
    579. 

  579.             break;
    580. 

  580.     }
    581. 

  581. 

  582.     // build the query string
    583. 

  583.     $query_items = array();
    584. 

  584. 

  585.     if ( $add_forum_id ) {
    586. 

  586.         $query_items[] = ( int )$PHORUM["forum_id"];
    587. 

  587.     }
    588. 

  588. 

  589.     if ( count( $argv ) > 0 ) {
    590. 

  590.         $query_items = array_merge( $query_items, $argv );
    591. 

  591.     }
    592. 

  592. 

  593.     if ( !empty( $PHORUM["DATA"]["GET_VARS"] ) && $add_get_vars ) {
    594. 

  594.         $query_items = array_merge( $query_items, $PHORUM["DATA"]["GET_VARS"] );
    595. 

  595.     }
    596. 

  596.     // build the url
    597. 

  597.     if ( !function_exists( "phorum_custom_get_url" ) ) {
    598. 

  598.         if ($type == PHORUM_BASE_URL) return $PHORUM["http_path"] . '/';
    599. 

  599. 

  600.         $url = "$PHORUM[http_path]/$page." . PHORUM_FILE_EXTENSION;
    601. 

  601. 

  602.         if ( count( $query_items ) ) $url .= "?" . implode( ",", $query_items );
    603. 

  603. 

  604.         if ( !empty( $suffix ) ) $url .= $suffix;
    605. 

  605.     } else {
    606. 

  606.         $url = phorum_custom_get_url( $page, $query_items, $suffix );
    607. 

  607.     }
    608. 

  608. 

  609.     return $url;
    610. 

  610. }
    611. 

  611. 

  612. // retrieve the appropriate template file name
    613. 

  613. function phorum_get_template( $page, $is_include = false )
    614. 

  614. {
    615. 

  615.     $PHORUM = $GLOBALS["PHORUM"];
    616. 

  616. 

  617.     if ( ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) && isset( $PHORUM['user']['user_template'] ) && !empty($PHORUM['user']['user_template'])) {
    618. 

  618.         $PHORUM['template'] = $PHORUM['user']['user_template'];
    619. 

  619.     }
    620. 

  620. 

  621.     // If no user template is set or if the template folder cannot be found,
    622. 

  622.     // fallback to the default template.
    623. 

  623.     if (empty($PHORUM["template"]) || !file_exists("./templates/{$PHORUM['template']}")) {
    624. 

  624.         $PHORUM["template"] = $PHORUM["default_template"];
    625. 

  625.     }
    626. 

  626. 

  627.     $tpl = "./templates/$PHORUM[template]/$page";
    628. 

  628.     // check for straight PHP file
    629. 

  629.     if ( file_exists( "$tpl.php" ) ) {
    630. 

  630.         $phpfile = "$tpl.php";
    631. 

  631.     } else {
    632. 

  632.         // not there, look for a template
    633. 

  633.         $tplfile = "$tpl.tpl";
    634. 

  634.         $safetemplate = str_replace("-", "_", $PHORUM["template"]);
    635. 

  635.         $safepage = str_replace("-", "_", $page);
    636. 

  636.         $phpfile = "$PHORUM[cache]/tpl-$safetemplate-$safepage-" .
    637. 

  637.                ($is_include ? "include" : "toplevel") . "-" .
    638. 

  638.                md5( dirname( __FILE__ ) ) . ".php";
    639. 

  639. 

  640.         if ( $is_include || !file_exists( $phpfile ) ) {
    641. 

  641.             include_once "./include/templates.php";
    642. 

  642.             phorum_import_template( $tplfile, $phpfile );
    643. 

  643.         }
    644. 

  644.     }
    645. 

  645. 

  646.     return $phpfile;
    647. 

  647. }
    648. 

  648. 

  649. // creates URLs used on most pages
    650. 

  650. function phorum_build_common_urls()
    651. 

  651. {
    652. 

  652.     $PHORUM=$GLOBALS['PHORUM'];
    653. 

  653. 

  654.     // those links are only needed in forums, not in folders
    655. 

  655.     if(isset($PHORUM['folder_flag']) && !$PHORUM['folder_flag']) {
    656. 

  656.         $GLOBALS["PHORUM"]["DATA"]["URL"]["TOP"] = phorum_get_url( PHORUM_LIST_URL );
    657. 

  657.         $GLOBALS["PHORUM"]["DATA"]["URL"]["MARKREAD"] = phorum_get_url( PHORUM_LIST_URL, "markread=1" );
    658. 

  658.         $GLOBALS["PHORUM"]["DATA"]["URL"]["POST"] = phorum_get_url( PHORUM_POSTING_URL );
    659. 

  659.         $GLOBALS["PHORUM"]["DATA"]["URL"]["SUBSCRIBE"] = phorum_get_url( PHORUM_SUBSCRIBE_URL );
    660. 

  660.     }
    661. 

  661. 

  662.     // those are general urls, needed nearly everywhere
    663. 

  663.     $GLOBALS["PHORUM"]["DATA"]["URL"]["SEARCH"] = phorum_get_url( PHORUM_SEARCH_URL );
    664. 

  664. 

  665.     // RSS-Url only makes sense on a couple of pages
    666. 

  666.     if(isset($PHORUM['use_rss']) && $PHORUM['use_rss']
    667. 

  667.         && (phorum_page=="index" || phorum_page=="list" || phorum_page=="read")){
    668. 

  668.         $GLOBALS["PHORUM"]["DATA"]["URL"]["RSS"] = phorum_get_url( PHORUM_RSS_URL );
    669. 

  669.     }
    670. 

  670. 

  671.     $index_id=-1;
    672. 

  672.     // in a folder
    673. 

  673. 

  674.     if( $PHORUM['folder_flag'] && phorum_page != 'index'
    675. 

  675.     && ($PHORUM['forum_id'] == 0 || $PHORUM['vroot'] == $PHORUM['forum_id'])) {
    676. 

  676.         // folder where we usually don't show the index-link but on
    677. 

  677.         // additional pages like search and login its shown
    678. 

  678.         $index_id=$PHORUM['forum_id'];
    679. 

  679. 

  680.     } elseif( ( $PHORUM['folder_flag'] &&
    681. 

  681.     ($PHORUM['forum_id'] != 0 && $PHORUM['vroot'] != $PHORUM['forum_id'])) ||
    682. 

  682.     (!$PHORUM['folder_flag'] && $PHORUM['active'])) {
    683. 

  683.         // either a folder where the link should be shown (not vroot or root)
    684. 

  684.         // or an active forum where the link should be shown
    685. 

  685. 

  686.         if(isset($PHORUM["use_new_folder_style"]) && $PHORUM["use_new_folder_style"] ) {
    687. 

  687.             // go to root or vroot
    688. 

  688.             $index_id=$PHORUM["vroot"]; // vroot is either 0 (root) or another id
    689. 

  689. 

  690.         } else {
    691. 

  691.             // go to parent
    692. 

  692.             $index_id=$PHORUM["parent_id"]; // parent_id is always set now
    693. 

  693. 

  694.         }
    695. 

  695. 

  696.     }
    697. 

  697.     if($index_id > -1) {
    698. 

  698.         // check if its the full root, avoid adding an id in this case (SE-optimized ;))
    699. 

  699.         if (!empty($index_id))
    700. 

  700.             $GLOBALS["PHORUM"]["DATA"]["URL"]["INDEX"] = phorum_get_url( PHORUM_INDEX_URL, $index_id );
    701. 

  701.         else
    702. 

  702.             $GLOBALS["PHORUM"]["DATA"]["URL"]["INDEX"] = phorum_get_url( PHORUM_INDEX_URL );
    703. 

  703.     }
    704. 

  704. 

  705.     // these urls depend on the login-status of a user
    706. 

  706.     if ( $GLOBALS["PHORUM"]["DATA"]["LOGGEDIN"] ) {
    707. 

  707.         $GLOBALS["PHORUM"]["DATA"]["URL"]["LOGINOUT"] = phorum_get_url( PHORUM_LOGIN_URL, "logout=1" );
    708. 

  708.         $GLOBALS["PHORUM"]["DATA"]["URL"]["REGISTERPROFILE"] = phorum_get_url( PHORUM_CONTROLCENTER_URL );
    709. 

  709.         $GLOBALS["PHORUM"]["DATA"]["URL"]["PM"] = phorum_get_url( PHORUM_PM_URL );
    710. 

  710.     } else {
    711. 

  711.         $GLOBALS["PHORUM"]["DATA"]["URL"]["LOGINOUT"] = phorum_get_url( PHORUM_LOGIN_URL );
    712. 

  712.         $GLOBALS["PHORUM"]["DATA"]["URL"]["REGISTERPROFILE"] = phorum_get_url( PHORUM_REGISTER_URL );
    713. 

  713.     }
    714. 

  714. }
    715. 

  715. 

  716. // calls phorum mod functions
    717. 

  717. function phorum_hook( $hook, $arg = "" )
    718. 

  718. {
    719. 

  719.     $PHORUM = $GLOBALS["PHORUM"];
    720. 

  720. 

  721.     if ( isset( $PHORUM["hooks"][$hook] ) && is_array($PHORUM["hooks"][$hook])) {
    722. 

  722. 

  723.         foreach( $PHORUM["hooks"][$hook]["mods"] as $mod ) {
    724. 

  724.             // load mods for this hook
    725. 

  725.             if ( file_exists( "./mods/$mod/$mod.php" ) ) {
    726. 

  726.                 include_once "./mods/$mod/$mod.php";
    727. 

  727.             } elseif ( file_exists( "./mods/$mod.php" ) ) {
    728. 

  728.                 include_once "./mods/$mod.php";
    729. 

  729.             }
    730. 

  730.         }
    731. 

  731. 

  732.         foreach( $PHORUM["hooks"][$hook]["funcs"] as $func ) {
    733. 

  733.             // call functions for this hook
    734. 

  734.             if ( function_exists( $func ) ) {
    735. 

  735.                 $arg = call_user_func( $func, $arg );
    736. 

  736.             }
    737. 

  737.         }
    738. 

  738.     }
    739. 

  739. 

  740.     return $arg;
    741. 

  741. }
    742. 

  742. 

  743. // HTML encodes a string
    744. 

  744. function phorum_html_encode( $string )
    745. 

  745. {
    746. 

  746.     $ret_string = "";
    747. 

  747.     $len = strlen( $string );
    748. 

  748.     for( $x = 0;$x < $len;$x++ ) {
    749. 

  749.         $ord = ord( $string[$x] );
    750. 

  750.         $ret_string .= "&#$ord;";
    751. 

  751.     }
    752. 

  752.     return $ret_string;
    753. 

  753. }
    754. 

  754. 

  755. // removes slashes from all array-entries
    756. 

  756. function phorum_recursive_stripslashes( $array )
    757. 

  757. {
    758. 

  758.     if ( !is_array( $array ) ) {
    759. 

  759.         return $array;
    760. 

  760.     } else {
    761. 

  761.         foreach( $array as $key => $value ) {
    762. 

  762.             if ( !is_array( $value ) )
    763. 

  763.                 $array[$key] = stripslashes( $value );
    764. 

  764.             else
    765. 

  765.                 $array[$key] = phorum_recursive_stripslashes( $value );
    766. 

  766.         }
    767. 

  767.     }
    768. 

  768.     return $array;
    769. 

  769. }
    770. 

  770. 

  771. // returns the available templates as an array
    772. 

  772. function phorum_get_template_info()
    773. 

  773. {
    774. 

  774.     $tpls = array();
    775. 

  775. 

  776.     $d = dir( "./templates" );
    777. 

  777.     while ( false !== ( $entry = $d->read() ) ) {
    778. 

  778.         if ( $entry != "." && $entry != ".." && file_exists( "./templates/$entry/info.php" ) ) {
    779. 

  779.             include "./templates/$entry/info.php";
    780. 

  780.             if ( !isset( $template_hide ) || empty( $template_hide ) || defined( "PHORUM_ADMIN" ) ) {
    781. 

  781.                 $tpls[$entry] = "$name $version";
    782. 

  782.             } else {
    783. 

  783.                 unset( $template_hide );
    784. 

  784.             }
    785. 

  785.         }
    786. 

  786.     }
    787. 

  787. 

  788.     return $tpls;
    789. 

  789. }
    790. 

  790. 

  791. // returns the available languages as an array
    792. 

  792. function phorum_get_language_info()
    793. 

  793. {
    794. 

  794.     $langs = array();
    795. 

  795. 

  796.     $d = dir( "./include/lang" );
    797. 

  797.     while ( false !== ( $entry = $d->read() ) ) {
    798. 

  798.         if ( substr( $entry, -4 ) == ".php" && is_file( "./include/lang/$entry" ) ) {
    799. 

  799.             @include "./include/lang/$entry";
    800. 

  800.             if ( !isset( $language_hide ) || empty( $language_hide ) || defined( "PHORUM_ADMIN" ) ) {
    801. 

  801.                 $langs[str_replace( ".php", "", $entry )] = $language;
    802. 

  802.             } else {
    803. 

  803.                 unset( $language_hide );
    804. 

  804.             }
    805. 

  805.         }
    806. 

  806.     }
    807. 

  807. 

  808.     return $langs;
    809. 

  809. }
    810. 

  810. 

  811. function phorum_redirect_by_url( $redir_url )
    812. 

  812. {
    813. 

  813.     if ( stristr( $_SERVER['SERVER_SOFTWARE'], "Microsoft-IIS" ) ) {
    814. 

  814.         // the ugly IIS-hack to avoid crashing IIS
    815. 

  815.         print "<html><head>\n<title>Redirecting ...</title>\n";
    816. 

  816.         print "<meta http-equiv=\"refresh\" content=\"0; URL=$redir_url\">";
    817. 

  817.         print "</head>\n";
    818. 

  818.         print "<body><a href=\"$redir_url\">Redirecting ...</a></body>\n";
    819. 

  819.         print "</html>";
    820. 

  820.     } else {
    821. 

  821.         // our standard-way
    822. 

  822.         header( "Location: $redir_url" );
    823. 

  823.     }
    824. 

  824.     exit(0);
    825. 

  825. }
    826. 

  826. 

  827. // might remove these, might not.  Need it for debugging.
    828. 

  828. function print_var( $var )
    829. 

  829. {
    830. 

  830.     echo "<xmp>";
    831. 

  831.     print_r( $var );
    832. 

  832.     echo "</xmp>";
    833. 

  833. }
    834. 

  834. 

  835. ?>
    836. 

  836.