/header.php
PHP | 325 lines | 277 code | 26 blank | 22 comment | 15 complexity | 1a0ab2d7e6ebf197d768fd40ea8b3430 MD5 | raw file
Possible License(s): GPL-2.0
- <?php
- /**
- * Copyright (C) 2008-2012 FluxBB
- * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
- * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
- */
- // Make sure no one attempts to run this script "directly"
- if (!defined('PUN'))
- exit;
- // Send no-cache headers
- header('Expires: Thu, 21 Jul 1977 07:30:00 GMT'); // When yours truly first set eyes on this world! :)
- header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
- header('Cache-Control: post-check=0, pre-check=0', false);
- header('Pragma: no-cache'); // For HTTP/1.0 compatibility
- // Send the Content-type header in case the web server is setup to send something else
- header('Content-type: text/html; charset=utf-8');
- // Load the template
- if (defined('PUN_ADMIN_CONSOLE'))
- $tpl_file = 'admin.tpl';
- else if (defined('PUN_HELP'))
- $tpl_file = 'help.tpl';
- else
- $tpl_file = 'main.tpl';
- if (file_exists(PUN_ROOT.'style/'.$pun_user['style'].'/'.$tpl_file))
- {
- $tpl_file = PUN_ROOT.'style/'.$pun_user['style'].'/'.$tpl_file;
- $tpl_inc_dir = PUN_ROOT.'style/'.$pun_user['style'].'/';
- }
- else
- {
- $tpl_file = PUN_ROOT.'include/template/'.$tpl_file;
- $tpl_inc_dir = PUN_ROOT.'include/user/';
- }
- $tpl_main = file_get_contents($tpl_file);
- // START SUBST - <pun_include "*">
- preg_match_all('%<pun_include "([^"]+)">%i', $tpl_main, $pun_includes, PREG_SET_ORDER);
- foreach ($pun_includes as $cur_include)
- {
- ob_start();
- $file_info = pathinfo($cur_include[1]);
-
- if (!in_array($file_info['extension'], array('php', 'php4', 'php5', 'inc', 'html', 'txt'))) // Allow some extensions
- error(sprintf($lang_common['Pun include extension'], pun_htmlspecialchars($cur_include[0]), basename($tpl_file), pun_htmlspecialchars($file_info['extension'])));
-
- if (strpos($file_info['dirname'], '..') !== false) // Don't allow directory traversal
- error(sprintf($lang_common['Pun include directory'], pun_htmlspecialchars($cur_include[0]), basename($tpl_file)));
- // Allow for overriding user includes, too.
- if (file_exists($tpl_inc_dir.$cur_include[1]))
- require $tpl_inc_dir.$cur_include[1];
- else if (file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
- require PUN_ROOT.'include/user/'.$cur_include[1];
- else
- error(sprintf($lang_common['Pun include error'], pun_htmlspecialchars($cur_include[0]), basename($tpl_file)));
- $tpl_temp = ob_get_contents();
- $tpl_main = str_replace($cur_include[0], $tpl_temp, $tpl_main);
- ob_end_clean();
- }
- // END SUBST - <pun_include "*">
- // START SUBST - <pun_language>
- $tpl_main = str_replace('<pun_language>', $lang_common['lang_identifier'], $tpl_main);
- // END SUBST - <pun_language>
- // START SUBST - <pun_content_direction>
- $tpl_main = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_main);
- // END SUBST - <pun_content_direction>
- // START SUBST - <pun_head>
- ob_start();
- // Define $p if it's not set to avoid a PHP notice
- $p = isset($p) ? $p : null;
- // Is this a page that we want search index spiders to index?
- if (!defined('PUN_ALLOW_INDEX'))
- echo '<meta name="ROBOTS" content="NOINDEX, FOLLOW" />'."\n";
- ?>
- <title><?php echo generate_page_title($page_title, $p) ?></title>
- <link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" />
- <?php
- if (defined('PUN_ADMIN_CONSOLE'))
- {
- if (file_exists(PUN_ROOT.'style/'.$pun_user['style'].'/base_admin.css'))
- echo '<link rel="stylesheet" type="text/css" href="style/'.$pun_user['style'].'/base_admin.css" />'."\n";
- else
- echo '<link rel="stylesheet" type="text/css" href="style/imports/base_admin.css" />'."\n";
- }
- if (isset($required_fields))
- {
- // Output JavaScript to validate form (make sure required fields are filled out)
- ?>
- <script type="text/javascript">
- /* <![CDATA[ */
- function process_form(the_form)
- {
- var required_fields = {
- <?php
- // Output a JavaScript object with localised field names
- $tpl_temp = count($required_fields);
- foreach ($required_fields as $elem_orig => $elem_trans)
- {
- echo "\t\t\"".$elem_orig.'": "'.addslashes(str_replace(' ', ' ', $elem_trans));
- if (--$tpl_temp) echo "\",\n";
- else echo "\"\n\t};\n";
- }
- ?>
- if (document.all || document.getElementById)
- {
- for (var i = 0; i < the_form.length; ++i)
- {
- var elem = the_form.elements[i];
- if (elem.name && required_fields[elem.name] && !elem.value && elem.type && (/^(?:text(?:area)?|password|file)$/i.test(elem.type)))
- {
- alert('"' + required_fields[elem.name] + '" <?php echo $lang_common['required field'] ?>');
- elem.focus();
- return false;
- }
- }
- }
- return true;
- }
- /* ]]> */
- </script>
- <?php
- }
- // JavaScript tricks for IE6 and older
- echo '<!--[if lte IE 6]><script type="text/javascript" src="style/imports/minmax.js"></script><![endif]-->'."\n";
- if (!empty($page_head))
- echo implode("\n", $page_head)."\n";
- $tpl_temp = trim(ob_get_contents());
- $tpl_main = str_replace('<pun_head>', $tpl_temp, $tpl_main);
- ob_end_clean();
- // END SUBST - <pun_head>
- // START SUBST - <body>
- if (isset($focus_element))
- {
- $tpl_main = str_replace('<body onload="', '<body onload="document.getElementById(\''.$focus_element[0].'\').elements[\''.$focus_element[1].'\'].focus();', $tpl_main);
- $tpl_main = str_replace('<body>', '<body onload="document.getElementById(\''.$focus_element[0].'\').elements[\''.$focus_element[1].'\'].focus()">', $tpl_main);
- }
- // END SUBST - <body>
- // START SUBST - <pun_page>
- $tpl_main = str_replace('<pun_page>', htmlspecialchars(basename($_SERVER['PHP_SELF'], '.php')), $tpl_main);
- // END SUBST - <pun_page>
- // START SUBST - <pun_title>
- $tpl_main = str_replace('<pun_title>', '<h1><a href="index.php">'.pun_htmlspecialchars($pun_config['o_board_title']).'</a></h1>', $tpl_main);
- // END SUBST - <pun_title>
- // START SUBST - <pun_desc>
- $tpl_main = str_replace('<pun_desc>', '<div id="brddesc">'.$pun_config['o_board_desc'].'</div>', $tpl_main);
- // END SUBST - <pun_desc>
- // START SUBST - <pun_navlinks>
- $links = array();
- // Index should always be displayed
- $links[] = '<li id="navindex"'.((PUN_ACTIVE_PAGE == 'index') ? ' class="isactive"' : '').'><a href="index.php">'.$lang_common['Index'].'</a></li>';
- if ($pun_user['g_read_board'] == '1' && $pun_user['g_view_users'] == '1')
- $links[] = '<li id="navuserlist"'.((PUN_ACTIVE_PAGE == 'userlist') ? ' class="isactive"' : '').'><a href="userlist.php">'.$lang_common['User list'].'</a></li>';
- if ($pun_config['o_rules'] == '1' && (!$pun_user['is_guest'] || $pun_user['g_read_board'] == '1' || $pun_config['o_regs_allow'] == '1'))
- $links[] = '<li id="navrules"'.((PUN_ACTIVE_PAGE == 'rules') ? ' class="isactive"' : '').'><a href="misc.php?action=rules">'.$lang_common['Rules'].'</a></li>';
- if ($pun_user['g_read_board'] == '1' && $pun_user['g_search'] == '1')
- $links[] = '<li id="navsearch"'.((PUN_ACTIVE_PAGE == 'search') ? ' class="isactive"' : '').'><a href="search.php">'.$lang_common['Search'].'</a></li>';
- if ($pun_user['is_guest'])
- {
- $links[] = '<li id="navregister"'.((PUN_ACTIVE_PAGE == 'register') ? ' class="isactive"' : '').'><a href="register.php">'.$lang_common['Register'].'</a></li>';
- $links[] = '<li id="navlogin"'.((PUN_ACTIVE_PAGE == 'login') ? ' class="isactive"' : '').'><a href="login.php">'.$lang_common['Login'].'</a></li>';
- }
- else
- {
- $links[] = '<li id="navprofile"'.((PUN_ACTIVE_PAGE == 'profile') ? ' class="isactive"' : '').'><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a></li>';
- if ($pun_user['is_admmod'])
- $links[] = '<li id="navadmin"'.((PUN_ACTIVE_PAGE == 'admin') ? ' class="isactive"' : '').'><a href="admin_index.php">'.$lang_common['Admin'].'</a></li>';
- $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'&csrf_token='.pun_hash($pun_user['id'].pun_hash(get_remote_address())).'">'.$lang_common['Logout'].'</a></li>';
- }
- // Are there any additional navlinks we should insert into the array before imploding it?
- if ($pun_user['g_read_board'] == '1' && $pun_config['o_additional_navlinks'] != '')
- {
- if (preg_match_all('%([0-9]+)\s*=\s*(.*?)\n%s', $pun_config['o_additional_navlinks']."\n", $extra_links))
- {
- // Insert any additional links into the $links array (at the correct index)
- $num_links = count($extra_links[1]);
- for ($i = 0; $i < $num_links; ++$i)
- array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra'.($i + 1).'">'.$extra_links[2][$i].'</li>'));
- }
- }
- $tpl_temp = '<div id="brdmenu" class="inbox">'."\n\t\t\t".'<ul>'."\n\t\t\t\t".implode("\n\t\t\t\t", $links)."\n\t\t\t".'</ul>'."\n\t\t".'</div>';
- $tpl_main = str_replace('<pun_navlinks>', $tpl_temp, $tpl_main);
- // END SUBST - <pun_navlinks>
- // START SUBST - <pun_status>
- $page_statusinfo = $page_topicsearches = array();
- if ($pun_user['is_guest'])
- $page_statusinfo = '<p class="conl">'.$lang_common['Not logged in'].'</p>';
- else
- {
- $page_statusinfo[] = '<li><span>'.$lang_common['Logged in as'].' <strong>'.pun_htmlspecialchars($pun_user['username']).'</strong></span></li>';
- $page_statusinfo[] = '<li><span>'.sprintf($lang_common['Last visit'], format_time($pun_user['last_visit'])).'</span></li>';
- if ($pun_user['is_admmod'])
- {
- if ($pun_config['o_report_method'] == '0' || $pun_config['o_report_method'] == '2')
- {
- $result_header = $db->query('SELECT 1 FROM '.$db->prefix.'reports WHERE zapped IS NULL') or error('Unable to fetch reports info', __FILE__, __LINE__, $db->error());
- if ($db->result($result_header))
- $page_statusinfo[] = '<li class="reportlink"><span><strong><a href="admin_reports.php">'.$lang_common['New reports'].'</a></strong></span></li>';
- }
- if ($pun_config['o_maintenance'] == '1')
- $page_statusinfo[] = '<li class="maintenancelink"><span><strong><a href="admin_options.php#maintenance">'.$lang_common['Maintenance mode enabled'].'</a></strong></span></li>';
- }
- if ($pun_user['g_read_board'] == '1' && $pun_user['g_search'] == '1')
- {
- $page_topicsearches[] = '<a href="search.php?action=show_replies" title="'.$lang_common['Show posted topics'].'">'.$lang_common['Posted topics'].'</a>';
- $page_topicsearches[] = '<a href="search.php?action=show_new" title="'.$lang_common['Show new posts'].'">'.$lang_common['New posts header'].'</a>';
- }
- }
- // Quick searches
- if ($pun_user['g_read_board'] == '1' && $pun_user['g_search'] == '1')
- {
- $page_topicsearches[] = '<a href="search.php?action=show_recent" title="'.$lang_common['Show active topics'].'">'.$lang_common['Active topics'].'</a>';
- $page_topicsearches[] = '<a href="search.php?action=show_unanswered" title="'.$lang_common['Show unanswered topics'].'">'.$lang_common['Unanswered topics'].'</a>';
- }
- // Generate all that jazz
- $tpl_temp = '<div id="brdwelcome" class="inbox">';
- // The status information
- if (is_array($page_statusinfo))
- {
- $tpl_temp .= "\n\t\t\t".'<ul class="conl">';
- $tpl_temp .= "\n\t\t\t\t".implode("\n\t\t\t\t", $page_statusinfo);
- $tpl_temp .= "\n\t\t\t".'</ul>';
- }
- else
- $tpl_temp .= "\n\t\t\t".$page_statusinfo;
- // Generate quicklinks
- if (!empty($page_topicsearches))
- {
- $tpl_temp .= "\n\t\t\t".'<ul class="conr">';
- $tpl_temp .= "\n\t\t\t\t".'<li><span>'.$lang_common['Topic searches'].' '.implode(' | ', $page_topicsearches).'</span></li>';
- $tpl_temp .= "\n\t\t\t".'</ul>';
- }
- $tpl_temp .= "\n\t\t\t".'<div class="clearer"></div>'."\n\t\t".'</div>';
- $tpl_main = str_replace('<pun_status>', $tpl_temp, $tpl_main);
- // END SUBST - <pun_status>
- // START SUBST - <pun_announcement>
- if ($pun_user['g_read_board'] == '1' && $pun_config['o_announcement'] == '1')
- {
- ob_start();
- ?>
- <div id="announce" class="block">
- <div class="hd"><h2><span><?php echo $lang_common['Announcement'] ?></span></h2></div>
- <div class="box">
- <div id="announce-block" class="inbox">
- <div class="usercontent"><?php echo $pun_config['o_announcement_message'] ?></div>
- </div>
- </div>
- </div>
- <?php
- $tpl_temp = trim(ob_get_contents());
- $tpl_main = str_replace('<pun_announcement>', $tpl_temp, $tpl_main);
- ob_end_clean();
- }
- else
- $tpl_main = str_replace('<pun_announcement>', '', $tpl_main);
- // END SUBST - <pun_announcement>
- // START SUBST - <pun_main>
- ob_start();
- define('PUN_HEADER', 1);