PageRenderTime 48ms CodeModel.GetById 27ms RepoModel.GetById 1ms app.codeStats 0ms

/includes/functions.php

https://code.google.com/p/phpbbex/
PHP | 2495 lines | 1684 code | 352 blank | 459 comment | 389 complexity | 0e9439b0338b208fcbc91ddb1a1ccff0 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * @package phpBB3
    5. 

  5. * @version $Id$
    6. 

  6. * @copyright (c) 2005 phpBB Group
    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    8. 

  8. *
    9. 

  9. */
    10. 

  10. 

  11. /**
    12. 

  12. * @ignore
    13. 

  13. */
    14. 

  14. if (!defined('IN_PHPBB'))
    15. 

  15. {
    16. 

  16. 	exit;
    17. 

  17. }
    18. 

  18. 

  19. // Common global functions
    20. 

  20. 

  21. /**
    22. 

  22. * set_var
    23. 

  23. *
    24. 

  24. * Set variable, used by {@link request_var the request_var function}
    25. 

  25. *
    26. 

  26. * @access private
    27. 

  27. */
    28. 

  28. function set_var(&$result, $var, $type, $multibyte = false)
    29. 

  29. {
    30. 

  30. 	settype($var, $type);
    31. 

  31. 	$result = $var;
    32. 

  32. 

  33. 	if ($type == 'string')
    34. 

  34. 	{
    35. 

  35. 		$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8'));
    36. 

  36. 

  37. 		if (!empty($result))
    38. 

  38. 		{
    39. 

  39. 			// Make sure multibyte characters are wellformed
    40. 

  40. 			if ($multibyte)
    41. 

  41. 			{
    42. 

  42. 				if (!preg_match('/^./u', $result))
    43. 

  43. 				{
    44. 

  44. 					$result = '';
    45. 

  45. 				}
    46. 

  46. 			}
    47. 

  47. 			else
    48. 

  48. 			{
    49. 

  49. 				// no multibyte, allow only ASCII (0-127)
    50. 

  50. 				$result = preg_replace('/[\x80-\xFF]/', '?', $result);
    51. 

  51. 			}
    52. 

  52. 		}
    53. 

  53. 

  54. 		$result = (STRIP) ? stripslashes($result) : $result;
    55. 

  55. 	}
    56. 

  56. }
    57. 

  57. 

  58. /**
    59. 

  59. * request_var
    60. 

  60. *
    61. 

  61. * Used to get passed variable
    62. 

  62. */
    63. 

  63. function request_var($var_name, $default, $multibyte = false, $cookie = false)
    64. 

  64. {
    65. 

  65. 	if (!$cookie && isset($_COOKIE[$var_name]))
    66. 

  66. 	{
    67. 

  67. 		if (!isset($_GET[$var_name]) && !isset($_POST[$var_name]))
    68. 

  68. 		{
    69. 

  69. 			return (is_array($default)) ? array() : $default;
    70. 

  70. 		}
    71. 

  71. 		$_REQUEST[$var_name] = isset($_POST[$var_name]) ? $_POST[$var_name] : $_GET[$var_name];
    72. 

  72. 	}
    73. 

  73. 

  74. 	$super_global = ($cookie) ? '_COOKIE' : '_REQUEST';
    75. 

  75. 	if (!isset($GLOBALS[$super_global][$var_name]) || is_array($GLOBALS[$super_global][$var_name]) != is_array($default))
    76. 

  76. 	{
    77. 

  77. 		return (is_array($default)) ? array() : $default;
    78. 

  78. 	}
    79. 

  79. 

  80. 	$var = $GLOBALS[$super_global][$var_name];
    81. 

  81. 	if (!is_array($default))
    82. 

  82. 	{
    83. 

  83. 		$type = gettype($default);
    84. 

  84. 	}
    85. 

  85. 	else
    86. 

  86. 	{
    87. 

  87. 		list($key_type, $type) = each($default);
    88. 

  88. 		$type = gettype($type);
    89. 

  89. 		$key_type = gettype($key_type);
    90. 

  90. 		if ($type == 'array')
    91. 

  91. 		{
    92. 

  92. 			reset($default);
    93. 

  93. 			$default = current($default);
    94. 

  94. 			list($sub_key_type, $sub_type) = each($default);
    95. 

  95. 			$sub_type = gettype($sub_type);
    96. 

  96. 			$sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type;
    97. 

  97. 			$sub_key_type = gettype($sub_key_type);
    98. 

  98. 		}
    99. 

  99. 	}
    100. 

  100. 

  101. 	if (is_array($var))
    102. 

  102. 	{
    103. 

  103. 		$_var = $var;
    104. 

  104. 		$var = array();
    105. 

  105. 

  106. 		foreach ($_var as $k => $v)
    107. 

  107. 		{
    108. 

  108. 			set_var($k, $k, $key_type);
    109. 

  109. 			if ($type == 'array' && is_array($v))
    110. 

  110. 			{
    111. 

  111. 				foreach ($v as $_k => $_v)
    112. 

  112. 				{
    113. 

  113. 					if (is_array($_v))
    114. 

  114. 					{
    115. 

  115. 						$_v = null;
    116. 

  116. 					}
    117. 

  117. 					set_var($_k, $_k, $sub_key_type, $multibyte);
    118. 

  118. 					set_var($var[$k][$_k], $_v, $sub_type, $multibyte);
    119. 

  119. 				}
    120. 

  120. 			}
    121. 

  121. 			else
    122. 

  122. 			{
    123. 

  123. 				if ($type == 'array' || is_array($v))
    124. 

  124. 				{
    125. 

  125. 					$v = null;
    126. 

  126. 				}
    127. 

  127. 				set_var($var[$k], $v, $type, $multibyte);
    128. 

  128. 			}
    129. 

  129. 		}
    130. 

  130. 	}
    131. 

  131. 	else
    132. 

  132. 	{
    133. 

  133. 		set_var($var, $var, $type, $multibyte);
    134. 

  134. 	}
    135. 

  135. 

  136. 	return $var;
    137. 

  137. }
    138. 

  138. 

  139. /**
    140. 

  140. * Set config value. Creates missing config entry.
    141. 

  141. */
    142. 

  142. function set_config($config_name, $config_value, $is_dynamic = false)
    143. 

  143. {
    144. 

  144. 	global $db, $cache, $config;
    145. 

  145. 

  146. 	$sql = 'UPDATE ' . CONFIG_TABLE . "
    147. 

  147. 		SET config_value = '" . $db->sql_escape($config_value) . "'
    148. 

  148. 		WHERE config_name = '" . $db->sql_escape($config_name) . "'";
    149. 

  149. 	$db->sql_query($sql);
    150. 

  150. 

  151. 	if (!$db->sql_affectedrows() && !isset($config[$config_name]))
    152. 

  152. 	{
    153. 

  153. 		$sql = 'INSERT INTO ' . CONFIG_TABLE . ' ' . $db->sql_build_array('INSERT', array(
    154. 

  154. 			'config_name'	=> $config_name,
    155. 

  155. 			'config_value'	=> $config_value,
    156. 

  156. 			'is_dynamic'	=> ($is_dynamic) ? 1 : 0));
    157. 

  157. 		$db->sql_query($sql);
    158. 

  158. 	}
    159. 

  159. 

  160. 	$config[$config_name] = $config_value;
    161. 

  161. 

  162. 	if (!$is_dynamic)
    163. 

  163. 	{
    164. 

  164. 		$cache->destroy('config');
    165. 

  165. 	}
    166. 

  166. }
    167. 

  167. 

  168. /**
    169. 

  169. * Set dynamic config value with arithmetic operation.
    170. 

  170. */
    171. 

  171. function set_config_count($config_name, $increment, $is_dynamic = false)
    172. 

  172. {
    173. 

  173. 	global $db, $cache;
    174. 

  174. 

  175. 	switch ($db->sql_layer)
    176. 

  176. 	{
    177. 

  177. 		case 'firebird':
    178. 

  178. 			// Precision must be from 1 to 18
    179. 

  179. 			$sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
    180. 

  180. 		break;
    181. 

  181. 

  182. 		case 'postgres':
    183. 

  183. 			// Need to cast to text first for PostgreSQL 7.x
    184. 

  184. 			$sql_update = 'CAST(CAST(config_value::text as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
    185. 

  185. 		break;
    186. 

  186. 

  187. 		// MySQL, SQlite, mssql, mssql_odbc, oracle
    188. 

  188. 		default:
    189. 

  189. 			$sql_update = 'config_value + ' . (int) $increment;
    190. 

  190. 		break;
    191. 

  191. 	}
    192. 

  192. 

  193. 	$db->sql_query('UPDATE ' . CONFIG_TABLE . ' SET config_value = ' . $sql_update . " WHERE config_name = '" . $db->sql_escape($config_name) . "'");
    194. 

  194. 

  195. 	if (!$is_dynamic)
    196. 

  196. 	{
    197. 

  197. 		$cache->destroy('config');
    198. 

  198. 	}
    199. 

  199. }
    200. 

  200. 

  201. /**
    202. 

  202. * Generates an alphanumeric random string of given length
    203. 

  203. *
    204. 

  204. * @return string
    205. 

  205. */
    206. 

  206. function gen_rand_string($num_chars = 8)
    207. 

  207. {
    208. 

  208. 	// [a, z] + [0, 9] = 36
    209. 

  209. 	return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars);
    210. 

  210. }
    211. 

  211. 

  212. /**
    213. 

  213. * Generates a user-friendly alphanumeric random string of given length
    214. 

  214. * We remove 0 and O so users cannot confuse those in passwords etc.
    215. 

  215. *
    216. 

  216. * @return string
    217. 

  217. */
    218. 

  218. function gen_rand_string_friendly($num_chars = 8)
    219. 

  219. {
    220. 

  220. 	$rand_str = unique_id();
    221. 

  221. 

  222. 	// Remove Z and Y from the base_convert(), replace 0 with Z and O with Y
    223. 

  223. 	// [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34
    224. 

  224. 	$rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34)));
    225. 

  225. 

  226. 	return substr($rand_str, 0, $num_chars);
    227. 

  227. }
    228. 

  228. 

  229. /**
    230. 

  230. * Return unique id
    231. 

  231. * @param string $extra additional entropy
    232. 

  232. */
    233. 

  233. function unique_id($extra = 'c')
    234. 

  234. {
    235. 

  235. 	static $dss_seeded = false;
    236. 

  236. 	global $config;
    237. 

  237. 

  238. 	$val = $config['rand_seed'] . microtime();
    239. 

  239. 	$val = md5($val);
    240. 

  240. 	$config['rand_seed'] = md5($config['rand_seed'] . $val . $extra);
    241. 

  241. 

  242. 	if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10)))
    243. 

  243. 	{
    244. 

  244. 		set_config('rand_seed_last_update', time(), true);
    245. 

  245. 		set_config('rand_seed', $config['rand_seed'], true);
    246. 

  246. 		$dss_seeded = true;
    247. 

  247. 	}
    248. 

  248. 

  249. 	return substr($val, 4, 16);
    250. 

  250. }
    251. 

  251. 

  252. /**
    253. 

  253. * Wrapper for mt_rand() which allows swapping $min and $max parameters.
    254. 

  254. *
    255. 

  255. * PHP does not allow us to swap the order of the arguments for mt_rand() anymore.
    256. 

  256. * (since PHP 5.3.4, see http://bugs.php.net/46587)
    257. 

  257. *
    258. 

  258. * @param int $min		Lowest value to be returned
    259. 

  259. * @param int $max		Highest value to be returned
    260. 

  260. *
    261. 

  261. * @return int			Random integer between $min and $max (or $max and $min)
    262. 

  262. */
    263. 

  263. function phpbb_mt_rand($min, $max)
    264. 

  264. {
    265. 

  265. 	return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max);
    266. 

  266. }
    267. 

  267. 

  268. /**
    269. 

  269. * Wrapper for getdate() which returns the equivalent array for UTC timestamps.
    270. 

  270. *
    271. 

  271. * @param int $time		Unix timestamp (optional)
    272. 

  272. *
    273. 

  273. * @return array			Returns an associative array of information related to the timestamp.
    274. 

  274. *						See http://www.php.net/manual/en/function.getdate.php
    275. 

  275. */
    276. 

  276. function phpbb_gmgetdate($time = false)
    277. 

  277. {
    278. 

  278. 	if ($time === false)
    279. 

  279. 	{
    280. 

  280. 		$time = time();
    281. 

  281. 	}
    282. 

  282. 

  283. 	// getdate() interprets timestamps in local time.
    284. 

  284. 	// What follows uses the fact that getdate() and
    285. 

  285. 	// date('Z') balance each other out.
    286. 

  286. 	return getdate($time - date('Z'));
    287. 

  287. }
    288. 

  288. 

  289. /**
    290. 

  290. * Return formatted string for filesizes
    291. 

  291. *
    292. 

  292. * @param int	$value			filesize in bytes
    293. 

  293. * @param bool	$string_only	true if language string should be returned
    294. 

  294. * @param array	$allowed_units	only allow these units (data array indexes)
    295. 

  295. *
    296. 

  296. * @return mixed					data array if $string_only is false
    297. 

  297. * @author bantu
    298. 

  298. */
    299. 

  299. function get_formatted_filesize($value, $string_only = true, $allowed_units = false)
    300. 

  300. {
    301. 

  301. 	global $user;
    302. 

  302. 

  303. 	$available_units = array(
    304. 

  304. 		'gb' => array(
    305. 

  305. 			'min' 		=> 1073741824, // pow(2, 30)
    306. 

  306. 			'index'		=> 3,
    307. 

  307. 			'si_unit'	=> 'GB',
    308. 

  308. 			'iec_unit'	=> 'GIB',
    309. 

  309. 		),
    310. 

  310. 		'mb' => array(
    311. 

  311. 			'min'		=> 1048576, // pow(2, 20)
    312. 

  312. 			'index'		=> 2,
    313. 

  313. 			'si_unit'	=> 'MB',
    314. 

  314. 			'iec_unit'	=> 'MIB',
    315. 

  315. 		),
    316. 

  316. 		'kb' => array(
    317. 

  317. 			'min'		=> 1024, // pow(2, 10)
    318. 

  318. 			'index'		=> 1,
    319. 

  319. 			'si_unit'	=> 'KB',
    320. 

  320. 			'iec_unit'	=> 'KIB',
    321. 

  321. 		),
    322. 

  322. 		'b' => array(
    323. 

  323. 			'min'		=> 0,
    324. 

  324. 			'index'		=> 0,
    325. 

  325. 			'si_unit'	=> 'BYTES', // Language index
    326. 

  326. 			'iec_unit'	=> 'BYTES',  // Language index
    327. 

  327. 		),
    328. 

  328. 	);
    329. 

  329. 

  330. 	foreach ($available_units as $si_identifier => $unit_info)
    331. 

  331. 	{
    332. 

  332. 		if (!empty($allowed_units) && $si_identifier != 'b' && !in_array($si_identifier, $allowed_units))
    333. 

  333. 		{
    334. 

  334. 			continue;
    335. 

  335. 		}
    336. 

  336. 

  337. 		if ($value >= $unit_info['min'])
    338. 

  338. 		{
    339. 

  339. 			$unit_info['si_identifier'] = $si_identifier;
    340. 

  340. 

  341. 			break;
    342. 

  342. 		}
    343. 

  343. 	}
    344. 

  344. 	unset($available_units);
    345. 

  345. 

  346. 	for ($i = 0; $i < $unit_info['index']; $i++)
    347. 

  347. 	{
    348. 

  348. 		$value /= 1024;
    349. 

  349. 	}
    350. 

  350. 	$value = round($value, 2);
    351. 

  351. 

  352. 	// Lookup units in language dictionary
    353. 

  353. 	$unit_info['si_unit'] = (isset($user->lang[$unit_info['si_unit']])) ? $user->lang[$unit_info['si_unit']] : $unit_info['si_unit'];
    354. 

  354. 	$unit_info['iec_unit'] = (isset($user->lang[$unit_info['iec_unit']])) ? $user->lang[$unit_info['iec_unit']] : $unit_info['iec_unit'];
    355. 

  355. 

  356. 	// Default to IEC
    357. 

  357. 	$unit_info['unit'] = $unit_info['iec_unit'];
    358. 

  358. 

  359. 	if (!$string_only)
    360. 

  360. 	{
    361. 

  361. 		$unit_info['value'] = $value;
    362. 

  362. 

  363. 		return $unit_info;
    364. 

  364. 	}
    365. 

  365. 

  366. 	return $value  . ' ' . $unit_info['unit'];
    367. 

  367. }
    368. 

  368. 

  369. /**
    370. 

  370. * Determine whether we are approaching the maximum execution time. Should be called once
    371. 

  371. * at the beginning of the script in which it's used.
    372. 

  372. * @return	bool	Either true if the maximum execution time is nearly reached, or false
    373. 

  373. *					if some time is still left.
    374. 

  374. */
    375. 

  375. function still_on_time($extra_time = 15)
    376. 

  376. {
    377. 

  377. 	static $max_execution_time, $start_time;
    378. 

  378. 

  379. 	$time = explode(' ', microtime());
    380. 

  380. 	$current_time = $time[0] + $time[1];
    381. 

  381. 

  382. 	if (empty($max_execution_time))
    383. 

  383. 	{
    384. 

  384. 		$max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time');
    385. 

  385. 

  386. 		// If zero, then set to something higher to not let the user catch the ten seconds barrier.
    387. 

  387. 		if ($max_execution_time === 0)
    388. 

  388. 		{
    389. 

  389. 			$max_execution_time = 50 + $extra_time;
    390. 

  390. 		}
    391. 

  391. 

  392. 		$max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50);
    393. 

  393. 

  394. 		// For debugging purposes
    395. 

  395. 		// $max_execution_time = 10;
    396. 

  396. 

  397. 		global $starttime;
    398. 

  398. 		$start_time = (empty($starttime)) ? $current_time : $starttime;
    399. 

  399. 	}
    400. 

  400. 

  401. 	return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
    402. 

  402. }
    403. 

  403. 

  404. /**
    405. 

  405. *
    406. 

  406. * @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
    407. 

  407. *
    408. 

  408. * Portable PHP password hashing framework.
    409. 

  409. *
    410. 

  410. * Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
    411. 

  411. * the public domain.
    412. 

  412. *
    413. 

  413. * There's absolutely no warranty.
    414. 

  414. *
    415. 

  415. * The homepage URL for this framework is:
    416. 

  416. *
    417. 

  417. *	http://www.openwall.com/phpass/
    418. 

  418. *
    419. 

  419. * Please be sure to update the Version line if you edit this file in any way.
    420. 

  420. * It is suggested that you leave the main version number intact, but indicate
    421. 

  421. * your project name (after the slash) and add your own revision information.
    422. 

  422. *
    423. 

  423. * Please do not change the "private" password hashing method implemented in
    424. 

  424. * here, thereby making your hashes incompatible.  However, if you must, please
    425. 

  425. * change the hash type identifier (the "$P$") to something different.
    426. 

  426. *
    427. 

  427. * Obviously, since this code is in the public domain, the above are not
    428. 

  428. * requirements (there can be none), but merely suggestions.
    429. 

  429. *
    430. 

  430. *
    431. 

  431. * Hash the password
    432. 

  432. */
    433. 

  433. function phpbb_hash($password)
    434. 

  434. {
    435. 

  435. 	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
    436. 

  436. 

  437. 	$random_state = unique_id();
    438. 

  438. 	$random = '';
    439. 

  439. 	$count = 6;
    440. 

  440. 

  441. 	if (($fh = @fopen('/dev/urandom', 'rb')))
    442. 

  442. 	{
    443. 

  443. 		$random = fread($fh, $count);
    444. 

  444. 		fclose($fh);
    445. 

  445. 	}
    446. 

  446. 

  447. 	if (strlen($random) < $count)
    448. 

  448. 	{
    449. 

  449. 		$random = '';
    450. 

  450. 

  451. 		for ($i = 0; $i < $count; $i += 16)
    452. 

  452. 		{
    453. 

  453. 			$random_state = md5(unique_id() . $random_state);
    454. 

  454. 			$random .= pack('H*', md5($random_state));
    455. 

  455. 		}
    456. 

  456. 		$random = substr($random, 0, $count);
    457. 

  457. 	}
    458. 

  458. 

  459. 	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
    460. 

  460. 

  461. 	if (strlen($hash) == 34)
    462. 

  462. 	{
    463. 

  463. 		return $hash;
    464. 

  464. 	}
    465. 

  465. 

  466. 	return md5($password);
    467. 

  467. }
    468. 

  468. 

  469. /**
    470. 

  470. * Check for correct password
    471. 

  471. *
    472. 

  472. * @param string $password The password in plain text
    473. 

  473. * @param string $hash The stored password hash
    474. 

  474. *
    475. 

  475. * @return bool Returns true if the password is correct, false if not.
    476. 

  476. */
    477. 

  477. function phpbb_check_hash($password, $hash)
    478. 

  478. {
    479. 

  479. 	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
    480. 

  480. 	if (strlen($hash) == 34)
    481. 

  481. 	{
    482. 

  482. 		return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false;
    483. 

  483. 	}
    484. 

  484. 

  485. 	return (md5($password) === $hash) ? true : false;
    486. 

  486. }
    487. 

  487. 

  488. /**
    489. 

  489. * Generate salt for hash generation
    490. 

  490. */
    491. 

  491. function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6)
    492. 

  492. {
    493. 

  493. 	if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
    494. 

  494. 	{
    495. 

  495. 		$iteration_count_log2 = 8;
    496. 

  496. 	}
    497. 

  497. 

  498. 	$output = '$H$';
    499. 

  499. 	$output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)];
    500. 

  500. 	$output .= _hash_encode64($input, 6, $itoa64);
    501. 

  501. 

  502. 	return $output;
    503. 

  503. }
    504. 

  504. 

  505. /**
    506. 

  506. * Encode hash
    507. 

  507. */
    508. 

  508. function _hash_encode64($input, $count, &$itoa64)
    509. 

  509. {
    510. 

  510. 	$output = '';
    511. 

  511. 	$i = 0;
    512. 

  512. 

  513. 	do
    514. 

  514. 	{
    515. 

  515. 		$value = ord($input[$i++]);
    516. 

  516. 		$output .= $itoa64[$value & 0x3f];
    517. 

  517. 

  518. 		if ($i < $count)
    519. 

  519. 		{
    520. 

  520. 			$value |= ord($input[$i]) << 8;
    521. 

  521. 		}
    522. 

  522. 

  523. 		$output .= $itoa64[($value >> 6) & 0x3f];
    524. 

  524. 

  525. 		if ($i++ >= $count)
    526. 

  526. 		{
    527. 

  527. 			break;
    528. 

  528. 		}
    529. 

  529. 

  530. 		if ($i < $count)
    531. 

  531. 		{
    532. 

  532. 			$value |= ord($input[$i]) << 16;
    533. 

  533. 		}
    534. 

  534. 

  535. 		$output .= $itoa64[($value >> 12) & 0x3f];
    536. 

  536. 

  537. 		if ($i++ >= $count)
    538. 

  538. 		{
    539. 

  539. 			break;
    540. 

  540. 		}
    541. 

  541. 

  542. 		$output .= $itoa64[($value >> 18) & 0x3f];
    543. 

  543. 	}
    544. 

  544. 	while ($i < $count);
    545. 

  545. 

  546. 	return $output;
    547. 

  547. }
    548. 

  548. 

  549. /**
    550. 

  550. * The crypt function/replacement
    551. 

  551. */
    552. 

  552. function _hash_crypt_private($password, $setting, &$itoa64)
    553. 

  553. {
    554. 

  554. 	$output = '*';
    555. 

  555. 

  556. 	// Check for correct hash
    557. 

  557. 	if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$')
    558. 

  558. 	{
    559. 

  559. 		return $output;
    560. 

  560. 	}
    561. 

  561. 

  562. 	$count_log2 = strpos($itoa64, $setting[3]);
    563. 

  563. 

  564. 	if ($count_log2 < 7 || $count_log2 > 30)
    565. 

  565. 	{
    566. 

  566. 		return $output;
    567. 

  567. 	}
    568. 

  568. 

  569. 	$count = 1 << $count_log2;
    570. 

  570. 	$salt = substr($setting, 4, 8);
    571. 

  571. 

  572. 	if (strlen($salt) != 8)
    573. 

  573. 	{
    574. 

  574. 		return $output;
    575. 

  575. 	}
    576. 

  576. 

  577. 	/**
    578. 

  578. 	* We're kind of forced to use MD5 here since it's the only
    579. 

  579. 	* cryptographic primitive available in all versions of PHP
    580. 

  580. 	* currently in use.  To implement our own low-level crypto
    581. 

  581. 	* in PHP would result in much worse performance and
    582. 

  582. 	* consequently in lower iteration counts and hashes that are
    583. 

  583. 	* quicker to crack (by non-PHP code).
    584. 

  584. 	*/
    585. 

  585. 	if (PHP_VERSION >= 5)
    586. 

  586. 	{
    587. 

  587. 		$hash = md5($salt . $password, true);
    588. 

  588. 		do
    589. 

  589. 		{
    590. 

  590. 			$hash = md5($hash . $password, true);
    591. 

  591. 		}
    592. 

  592. 		while (--$count);
    593. 

  593. 	}
    594. 

  594. 	else
    595. 

  595. 	{
    596. 

  596. 		$hash = pack('H*', md5($salt . $password));
    597. 

  597. 		do
    598. 

  598. 		{
    599. 

  599. 			$hash = pack('H*', md5($hash . $password));
    600. 

  600. 		}
    601. 

  601. 		while (--$count);
    602. 

  602. 	}
    603. 

  603. 

  604. 	$output = substr($setting, 0, 12);
    605. 

  605. 	$output .= _hash_encode64($hash, 16, $itoa64);
    606. 

  606. 

  607. 	return $output;
    608. 

  608. }
    609. 

  609. 

  610. /**
    611. 

  611. * Hashes an email address to a big integer
    612. 

  612. *
    613. 

  613. * @param string $email		Email address
    614. 

  614. *
    615. 

  615. * @return string			Unsigned Big Integer
    616. 

  616. */
    617. 

  617. function phpbb_email_hash($email)
    618. 

  618. {
    619. 

  619. 	return sprintf('%u', crc32(strtolower($email))) . strlen($email);
    620. 

  620. }
    621. 

  621. 

  622. /**
    623. 

  623. * Wrapper for version_compare() that allows using uppercase A and B
    624. 

  624. * for alpha and beta releases.
    625. 

  625. *
    626. 

  626. * See http://www.php.net/manual/en/function.version-compare.php
    627. 

  627. *
    628. 

  628. * @param string $version1		First version number
    629. 

  629. * @param string $version2		Second version number
    630. 

  630. * @param string $operator		Comparison operator (optional)
    631. 

  631. *
    632. 

  632. * @return mixed					Boolean (true, false) if comparison operator is specified.
    633. 

  633. *								Integer (-1, 0, 1) otherwise.
    634. 

  634. */
    635. 

  635. function phpbb_version_compare($version1, $version2, $operator = null)
    636. 

  636. {
    637. 

  637. 	$version1 = strtolower($version1);
    638. 

  638. 	$version2 = strtolower($version2);
    639. 

  639. 

  640. 	if (is_null($operator))
    641. 

  641. 	{
    642. 

  642. 		return version_compare($version1, $version2);
    643. 

  643. 	}
    644. 

  644. 	else
    645. 

  645. 	{
    646. 

  646. 		return version_compare($version1, $version2, $operator);
    647. 

  647. 	}
    648. 

  648. }
    649. 

  649. 

  650. /**
    651. 

  651. * Global function for chmodding directories and files for internal use
    652. 

  652. *
    653. 

  653. * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions.
    654. 

  654. * The function determines owner and group from common.php file and sets the same to the provided file.
    655. 

  655. * The function uses bit fields to build the permissions.
    656. 

  656. * The function sets the appropiate execute bit on directories.
    657. 

  657. *
    658. 

  658. * Supported constants representing bit fields are:
    659. 

  659. *
    660. 

  660. * CHMOD_ALL - all permissions (7)
    661. 

  661. * CHMOD_READ - read permission (4)
    662. 

  662. * CHMOD_WRITE - write permission (2)
    663. 

  663. * CHMOD_EXECUTE - execute permission (1)
    664. 

  664. *
    665. 

  665. * NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions.
    666. 

  666. *
    667. 

  667. * @param string	$filename	The file/directory to be chmodded
    668. 

  668. * @param int	$perms		Permissions to set
    669. 

  669. *
    670. 

  670. * @return bool	true on success, otherwise false
    671. 

  671. * @author faw, phpBB Group
    672. 

  672. */
    673. 

  673. function phpbb_chmod($filename, $perms = CHMOD_READ)
    674. 

  674. {
    675. 

  675. 	static $_chmod_info;
    676. 

  676. 

  677. 	// Return if the file no longer exists.
    678. 

  678. 	if (!file_exists($filename))
    679. 

  679. 	{
    680. 

  680. 		return false;
    681. 

  681. 	}
    682. 

  682. 

  683. 	// Determine some common vars
    684. 

  684. 	if (empty($_chmod_info))
    685. 

  685. 	{
    686. 

  686. 		if (!function_exists('fileowner') || !function_exists('filegroup'))
    687. 

  687. 		{
    688. 

  688. 			// No need to further determine owner/group - it is unknown
    689. 

  689. 			$_chmod_info['process'] = false;
    690. 

  690. 		}
    691. 

  691. 		else
    692. 

  692. 		{
    693. 

  693. 			global $phpbb_root_path, $phpEx;
    694. 

  694. 

  695. 			// Determine owner/group of common.php file and the filename we want to change here
    696. 

  696. 			$common_php_owner = @fileowner($phpbb_root_path . 'common.' . $phpEx);
    697. 

  697. 			$common_php_group = @filegroup($phpbb_root_path . 'common.' . $phpEx);
    698. 

  698. 

  699. 			// And the owner and the groups PHP is running under.
    700. 

  700. 			$php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false;
    701. 

  701. 			$php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false;
    702. 

  702. 

  703. 			// If we are unable to get owner/group, then do not try to set them by guessing
    704. 

  704. 			if (!$php_uid || empty($php_gids) || !$common_php_owner || !$common_php_group)
    705. 

  705. 			{
    706. 

  706. 				$_chmod_info['process'] = false;
    707. 

  707. 			}
    708. 

  708. 			else
    709. 

  709. 			{
    710. 

  710. 				$_chmod_info = array(
    711. 

  711. 					'process'		=> true,
    712. 

  712. 					'common_owner'	=> $common_php_owner,
    713. 

  713. 					'common_group'	=> $common_php_group,
    714. 

  714. 					'php_uid'		=> $php_uid,
    715. 

  715. 					'php_gids'		=> $php_gids,
    716. 

  716. 				);
    717. 

  717. 			}
    718. 

  718. 		}
    719. 

  719. 	}
    720. 

  720. 

  721. 	if ($_chmod_info['process'])
    722. 

  722. 	{
    723. 

  723. 		$file_uid = @fileowner($filename);
    724. 

  724. 		$file_gid = @filegroup($filename);
    725. 

  725. 

  726. 		// Change owner
    727. 

  727. 		if (@chown($filename, $_chmod_info['common_owner']))
    728. 

  728. 		{
    729. 

  729. 			clearstatcache();
    730. 

  730. 			$file_uid = @fileowner($filename);
    731. 

  731. 		}
    732. 

  732. 

  733. 		// Change group
    734. 

  734. 		if (@chgrp($filename, $_chmod_info['common_group']))
    735. 

  735. 		{
    736. 

  736. 			clearstatcache();
    737. 

  737. 			$file_gid = @filegroup($filename);
    738. 

  738. 		}
    739. 

  739. 

  740. 		// If the file_uid/gid now match the one from common.php we can process further, else we are not able to change something
    741. 

  741. 		if ($file_uid != $_chmod_info['common_owner'] || $file_gid != $_chmod_info['common_group'])
    742. 

  742. 		{
    743. 

  743. 			$_chmod_info['process'] = false;
    744. 

  744. 		}
    745. 

  745. 	}
    746. 

  746. 

  747. 	// Still able to process?
    748. 

  748. 	if ($_chmod_info['process'])
    749. 

  749. 	{
    750. 

  750. 		if ($file_uid == $_chmod_info['php_uid'])
    751. 

  751. 		{
    752. 

  752. 			$php = 'owner';
    753. 

  753. 		}
    754. 

  754. 		else if (in_array($file_gid, $_chmod_info['php_gids']))
    755. 

  755. 		{
    756. 

  756. 			$php = 'group';
    757. 

  757. 		}
    758. 

  758. 		else
    759. 

  759. 		{
    760. 

  760. 			// Since we are setting the everyone bit anyway, no need to do expensive operations
    761. 

  761. 			$_chmod_info['process'] = false;
    762. 

  762. 		}
    763. 

  763. 	}
    764. 

  764. 

  765. 	// We are not able to determine or change something
    766. 

  766. 	if (!$_chmod_info['process'])
    767. 

  767. 	{
    768. 

  768. 		$php = 'other';
    769. 

  769. 	}
    770. 

  770. 

  771. 	// Owner always has read/write permission
    772. 

  772. 	$owner = CHMOD_READ | CHMOD_WRITE;
    773. 

  773. 	if (is_dir($filename))
    774. 

  774. 	{
    775. 

  775. 		$owner |= CHMOD_EXECUTE;
    776. 

  776. 

  777. 		// Only add execute bit to the permission if the dir needs to be readable
    778. 

  778. 		if ($perms & CHMOD_READ)
    779. 

  779. 		{
    780. 

  780. 			$perms |= CHMOD_EXECUTE;
    781. 

  781. 		}
    782. 

  782. 	}
    783. 

  783. 

  784. 	switch ($php)
    785. 

  785. 	{
    786. 

  786. 		case 'owner':
    787. 

  787. 			$result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0));
    788. 

  788. 

  789. 			clearstatcache();
    790. 

  790. 

  791. 			if (is_readable($filename) && phpbb_is_writable($filename))
    792. 

  792. 			{
    793. 

  793. 				break;
    794. 

  794. 			}
    795. 

  795. 

  796. 		case 'group':
    797. 

  797. 			$result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0));
    798. 

  798. 

  799. 			clearstatcache();
    800. 

  800. 

  801. 			if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))
    802. 

  802. 			{
    803. 

  803. 				break;
    804. 

  804. 			}
    805. 

  805. 

  806. 		case 'other':
    807. 

  807. 			$result = @chmod($filename, ($owner << 6) + ($perms << 3) + ($perms << 0));
    808. 

  808. 

  809. 			clearstatcache();
    810. 

  810. 

  811. 			if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))
    812. 

  812. 			{
    813. 

  813. 				break;
    814. 

  814. 			}
    815. 

  815. 

  816. 		default:
    817. 

  817. 			return false;
    818. 

  818. 		break;
    819. 

  819. 	}
    820. 

  820. 

  821. 	return $result;
    822. 

  822. }
    823. 

  823. 

  824. /**
    825. 

  825. * Test if a file/directory is writable
    826. 

  826. *
    827. 

  827. * This function calls the native is_writable() when not running under
    828. 

  828. * Windows and it is not disabled.
    829. 

  829. *
    830. 

  830. * @param string $file Path to perform write test on
    831. 

  831. * @return bool True when the path is writable, otherwise false.
    832. 

  832. */
    833. 

  833. function phpbb_is_writable($file)
    834. 

  834. {
    835. 

  835. 	if (strtolower(substr(PHP_OS, 0, 3)) === 'win' || !function_exists('is_writable'))
    836. 

  836. 	{
    837. 

  837. 		if (file_exists($file))
    838. 

  838. 		{
    839. 

  839. 			// Canonicalise path to absolute path
    840. 

  840. 			$file = phpbb_realpath($file);
    841. 

  841. 

  842. 			if (is_dir($file))
    843. 

  843. 			{
    844. 

  844. 				// Test directory by creating a file inside the directory
    845. 

  845. 				$result = @tempnam($file, 'i_w');
    846. 

  846. 

  847. 				if (is_string($result) && file_exists($result))
    848. 

  848. 				{
    849. 

  849. 					unlink($result);
    850. 

  850. 

  851. 					// Ensure the file is actually in the directory (returned realpathed)
    852. 

  852. 					return (strpos($result, $file) === 0) ? true : false;
    853. 

  853. 				}
    854. 

  854. 			}
    855. 

  855. 			else
    856. 

  856. 			{
    857. 

  857. 				$handle = @fopen($file, 'r+');
    858. 

  858. 

  859. 				if (is_resource($handle))
    860. 

  860. 				{
    861. 

  861. 					fclose($handle);
    862. 

  862. 					return true;
    863. 

  863. 				}
    864. 

  864. 			}
    865. 

  865. 		}
    866. 

  866. 		else
    867. 

  867. 		{
    868. 

  868. 			// file does not exist test if we can write to the directory
    869. 

  869. 			$dir = dirname($file);
    870. 

  870. 

  871. 			if (file_exists($dir) && is_dir($dir) && phpbb_is_writable($dir))
    872. 

  872. 			{
    873. 

  873. 				return true;
    874. 

  874. 			}
    875. 

  875. 		}
    876. 

  876. 

  877. 		return false;
    878. 

  878. 	}
    879. 

  879. 	else
    880. 

  880. 	{
    881. 

  881. 		return is_writable($file);
    882. 

  882. 	}
    883. 

  883. }
    884. 

  884. 

  885. // Compatibility functions
    886. 

  886. 

  887. if (!function_exists('array_combine'))
    888. 

  888. {
    889. 

  889. 	/**
    890. 

  890. 	* A wrapper for the PHP5 function array_combine()
    891. 

  891. 	* @param array $keys contains keys for the resulting array
    892. 

  892. 	* @param array $values contains values for the resulting array
    893. 

  893. 	*
    894. 

  894. 	* @return Returns an array by using the values from the keys array as keys and the
    895. 

  895. 	* 	values from the values array as the corresponding values. Returns false if the
    896. 

  896. 	* 	number of elements for each array isn't equal or if the arrays are empty.
    897. 

  897. 	*/
    898. 

  898. 	function array_combine($keys, $values)
    899. 

  899. 	{
    900. 

  900. 		$keys = array_values($keys);
    901. 

  901. 		$values = array_values($values);
    902. 

  902. 

  903. 		$n = sizeof($keys);
    904. 

  904. 		$m = sizeof($values);
    905. 

  905. 		if (!$n || !$m || ($n != $m))
    906. 

  906. 		{
    907. 

  907. 			return false;
    908. 

  908. 		}
    909. 

  909. 

  910. 		$combined = array();
    911. 

  911. 		for ($i = 0; $i < $n; $i++)
    912. 

  912. 		{
    913. 

  913. 			$combined[$keys[$i]] = $values[$i];
    914. 

  914. 		}
    915. 

  915. 		return $combined;
    916. 

  916. 	}
    917. 

  917. }
    918. 

  918. 

  919. if (!function_exists('str_split'))
    920. 

  920. {
    921. 

  921. 	/**
    922. 

  922. 	* A wrapper for the PHP5 function str_split()
    923. 

  923. 	* @param array $string contains the string to be converted
    924. 

  924. 	* @param array $split_length contains the length of each chunk
    925. 

  925. 	*
    926. 

  926. 	* @return  Converts a string to an array. If the optional split_length parameter is specified,
    927. 

  927. 	*  	the returned array will be broken down into chunks with each being split_length in length,
    928. 

  928. 	*  	otherwise each chunk will be one character in length. FALSE is returned if split_length is
    929. 

  929. 	*  	less than 1. If the split_length length exceeds the length of string, the entire string is
    930. 

  930. 	*  	returned as the first (and only) array element.
    931. 

  931. 	*/
    932. 

  932. 	function str_split($string, $split_length = 1)
    933. 

  933. 	{
    934. 

  934. 		if ($split_length < 1)
    935. 

  935. 		{
    936. 

  936. 			return false;
    937. 

  937. 		}
    938. 

  938. 		else if ($split_length >= strlen($string))
    939. 

  939. 		{
    940. 

  940. 			return array($string);
    941. 

  941. 		}
    942. 

  942. 		else
    943. 

  943. 		{
    944. 

  944. 			preg_match_all('#.{1,' . $split_length . '}#s', $string, $matches);
    945. 

  945. 			return $matches[0];
    946. 

  946. 		}
    947. 

  947. 	}
    948. 

  948. }
    949. 

  949. 

  950. if (!function_exists('stripos'))
    951. 

  951. {
    952. 

  952. 	/**
    953. 

  953. 	* A wrapper for the PHP5 function stripos
    954. 

  954. 	* Find position of first occurrence of a case-insensitive string
    955. 

  955. 	*
    956. 

  956. 	* @param string $haystack is the string to search in
    957. 

  957. 	* @param string $needle is the string to search for
    958. 

  958. 	*
    959. 

  959. 	* @return mixed Returns the numeric position of the first occurrence of needle in the haystack string. Unlike strpos(), stripos() is case-insensitive.
    960. 

  960. 	* Note that the needle may be a string of one or more characters.
    961. 

  961. 	* If needle is not found, stripos() will return boolean FALSE.
    962. 

  962. 	*/
    963. 

  963. 	function stripos($haystack, $needle)
    964. 

  964. 	{
    965. 

  965. 		if (preg_match('#' . preg_quote($needle, '#') . '#i', $haystack, $m))
    966. 

  966. 		{
    967. 

  967. 			return strpos($haystack, $m[0]);
    968. 

  968. 		}
    969. 

  969. 

  970. 		return false;
    971. 

  971. 	}
    972. 

  972. }
    973. 

  973. 

  974. /**
    975. 

  975. * Checks if a path ($path) is absolute or relative
    976. 

  976. *
    977. 

  977. * @param string $path Path to check absoluteness of
    978. 

  978. * @return boolean
    979. 

  979. */
    980. 

  980. function is_absolute($path)
    981. 

  981. {
    982. 

  982. 	return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false;
    983. 

  983. }
    984. 

  984. 

  985. /**
    986. 

  986. * @author Chris Smith <chris@project-minerva.org>
    987. 

  987. * @copyright 2006 Project Minerva Team
    988. 

  988. * @param string $path The path which we should attempt to resolve.
    989. 

  989. * @return mixed
    990. 

  990. */
    991. 

  991. function phpbb_own_realpath($path)
    992. 

  992. {
    993. 

  993. 	// Now to perform funky shizzle
    994. 

  994. 

  995. 	// Switch to use UNIX slashes
    996. 

  996. 	$path = str_replace(DIRECTORY_SEPARATOR, '/', $path);
    997. 

  997. 	$path_prefix = '';
    998. 

  998. 

  999. 	// Determine what sort of path we have
    1000. 

  1000. 	if (is_absolute($path))
    1001. 

  1001. 	{
    1002. 

  1002. 		$absolute = true;
    1003. 

  1003. 

  1004. 		if ($path[0] == '/')
    1005. 

  1005. 		{
    1006. 

  1006. 			// Absolute path, *NIX style
    1007. 

  1007. 			$path_prefix = '';
    1008. 

  1008. 		}
    1009. 

  1009. 		else
    1010. 

  1010. 		{
    1011. 

  1011. 			// Absolute path, Windows style
    1012. 

  1012. 			// Remove the drive letter and colon
    1013. 

  1013. 			$path_prefix = $path[0] . ':';
    1014. 

  1014. 			$path = substr($path, 2);
    1015. 

  1015. 		}
    1016. 

  1016. 	}
    1017. 

  1017. 	else
    1018. 

  1018. 	{
    1019. 

  1019. 		// Relative Path
    1020. 

  1020. 		// Prepend the current working directory
    1021. 

  1021. 		if (function_exists('getcwd'))
    1022. 

  1022. 		{
    1023. 

  1023. 			// This is the best method, hopefully it is enabled!
    1024. 

  1024. 			$path = str_replace(DIRECTORY_SEPARATOR, '/', getcwd()) . '/' . $path;
    1025. 

  1025. 			$absolute = true;
    1026. 

  1026. 			if (preg_match('#^[a-z]:#i', $path))
    1027. 

  1027. 			{
    1028. 

  1028. 				$path_prefix = $path[0] . ':';
    1029. 

  1029. 				$path = substr($path, 2);
    1030. 

  1030. 			}
    1031. 

  1031. 			else
    1032. 

  1032. 			{
    1033. 

  1033. 				$path_prefix = '';
    1034. 

  1034. 			}
    1035. 

  1035. 		}
    1036. 

  1036. 		else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME']))
    1037. 

  1037. 		{
    1038. 

  1038. 			// Warning: If chdir() has been used this will lie!
    1039. 

  1039. 			// Warning: This has some problems sometime (CLI can create them easily)
    1040. 

  1040. 			$path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path;
    1041. 

  1041. 			$absolute = true;
    1042. 

  1042. 			$path_prefix = '';
    1043. 

  1043. 		}
    1044. 

  1044. 		else
    1045. 

  1045. 		{
    1046. 

  1046. 			// We have no way of getting the absolute path, just run on using relative ones.
    1047. 

  1047. 			$absolute = false;
    1048. 

  1048. 			$path_prefix = '.';
    1049. 

  1049. 		}
    1050. 

  1050. 	}
    1051. 

  1051. 

  1052. 	// Remove any repeated slashes
    1053. 

  1053. 	$path = preg_replace('#/{2,}#', '/', $path);
    1054. 

  1054. 

  1055. 	// Remove the slashes from the start and end of the path
    1056. 

  1056. 	$path = trim($path, '/');
    1057. 

  1057. 

  1058. 	// Break the string into little bits for us to nibble on
    1059. 

  1059. 	$bits = explode('/', $path);
    1060. 

  1060. 

  1061. 	// Remove any . in the path, renumber array for the loop below
    1062. 

  1062. 	$bits = array_values(array_diff($bits, array('.')));
    1063. 

  1063. 

  1064. 	// Lets get looping, run over and resolve any .. (up directory)
    1065. 

  1065. 	for ($i = 0, $max = sizeof($bits); $i < $max; $i++)
    1066. 

  1066. 	{
    1067. 

  1067. 		// @todo Optimise
    1068. 

  1068. 		if ($bits[$i] == '..' )
    1069. 

  1069. 		{
    1070. 

  1070. 			if (isset($bits[$i - 1]))
    1071. 

  1071. 			{
    1072. 

  1072. 				if ($bits[$i - 1] != '..')
    1073. 

  1073. 				{
    1074. 

  1074. 					// We found a .. and we are able to traverse upwards, lets do it!
    1075. 

  1075. 					unset($bits[$i]);
    1076. 

  1076. 					unset($bits[$i - 1]);
    1077. 

  1077. 					$i -= 2;
    1078. 

  1078. 					$max -= 2;
    1079. 

  1079. 					$bits = array_values($bits);
    1080. 

  1080. 				}
    1081. 

  1081. 			}
    1082. 

  1082. 			else if ($absolute) // ie. !isset($bits[$i - 1]) && $absolute
    1083. 

  1083. 			{
    1084. 

  1084. 				// We have an absolute path trying to descend above the root of the filesystem
    1085. 

  1085. 				// ... Error!
    1086. 

  1086. 				return false;
    1087. 

  1087. 			}
    1088. 

  1088. 		}
    1089. 

  1089. 	}
    1090. 

  1090. 

  1091. 	// Prepend the path prefix
    1092. 

  1092. 	array_unshift($bits, $path_prefix);
    1093. 

  1093. 

  1094. 	$resolved = '';
    1095. 

  1095. 

  1096. 	$max = sizeof($bits) - 1;
    1097. 

  1097. 

  1098. 	// Check if we are able to resolve symlinks, Windows cannot.
    1099. 

  1099. 	$symlink_resolve = (function_exists('readlink')) ? true : false;
    1100. 

  1100. 

  1101. 	foreach ($bits as $i => $bit)
    1102. 

  1102. 	{
    1103. 

  1103. 		if (@is_dir("$resolved/$bit") || ($i == $max && @is_file("$resolved/$bit")))
    1104. 

  1104. 		{
    1105. 

  1105. 			// Path Exists
    1106. 

  1106. 			if ($symlink_resolve && is_link("$resolved/$bit") && ($link = readlink("$resolved/$bit")))
    1107. 

  1107. 			{
    1108. 

  1108. 				// Resolved a symlink.
    1109. 

  1109. 				$resolved = $link . (($i == $max) ? '' : '/');
    1110. 

  1110. 				continue;
    1111. 

  1111. 			}
    1112. 

  1112. 		}
    1113. 

  1113. 		else
    1114. 

  1114. 		{
    1115. 

  1115. 			// Something doesn't exist here!
    1116. 

  1116. 			// This is correct realpath() behaviour but sadly open_basedir and safe_mode make this problematic
    1117. 

  1117. 			// return false;
    1118. 

  1118. 		}
    1119. 

  1119. 		$resolved .= $bit . (($i == $max) ? '' : '/');
    1120. 

  1120. 	}
    1121. 

  1121. 

  1122. 	// @todo If the file exists fine and open_basedir only has one path we should be able to prepend it
    1123. 

  1123. 	// because we must be inside that basedir, the question is where...
    1124. 

  1124. 	// @internal The slash in is_dir() gets around an open_basedir restriction
    1125. 

  1125. 	if (!@file_exists($resolved) || (!@is_dir($resolved . '/') && !is_file($resolved)))
    1126. 

  1126. 	{
    1127. 

  1127. 		return false;
    1128. 

  1128. 	}
    1129. 

  1129. 

  1130. 	// Put the slashes back to the native operating systems slashes
    1131. 

  1131. 	$resolved = str_replace('/', DIRECTORY_SEPARATOR, $resolved);
    1132. 

  1132. 

  1133. 	// Check for DIRECTORY_SEPARATOR at the end (and remove it!)
    1134. 

  1134. 	if (substr($resolved, -1) == DIRECTORY_SEPARATOR)
    1135. 

  1135. 	{
    1136. 

  1136. 		return substr($resolved, 0, -1);
    1137. 

  1137. 	}
    1138. 

  1138. 

  1139. 	return $resolved; // We got here, in the end!
    1140. 

  1140. }
    1141. 

  1141. 

  1142. if (!function_exists('realpath'))
    1143. 

  1143. {
    1144. 

  1144. 	/**
    1145. 

  1145. 	* A wrapper for realpath
    1146. 

  1146. 	* @ignore
    1147. 

  1147. 	*/
    1148. 

  1148. 	function phpbb_realpath($path)
    1149. 

  1149. 	{
    1150. 

  1150. 		return phpbb_own_realpath($path);
    1151. 

  1151. 	}
    1152. 

  1152. }
    1153. 

  1153. else
    1154. 

  1154. {
    1155. 

  1155. 	/**
    1156. 

  1156. 	* A wrapper for realpath
    1157. 

  1157. 	*/
    1158. 

  1158. 	function phpbb_realpath($path)
    1159. 

  1159. 	{
    1160. 

  1160. 		$realpath = realpath($path);
    1161. 

  1161. 

  1162. 		// Strangely there are provider not disabling realpath but returning strange values. :o
    1163. 

  1163. 		// We at least try to cope with them.
    1164. 

  1164. 		if ($realpath === $path || $realpath === false)
    1165. 

  1165. 		{
    1166. 

  1166. 			return phpbb_own_realpath($path);
    1167. 

  1167. 		}
    1168. 

  1168. 

  1169. 		// Check for DIRECTORY_SEPARATOR at the end (and remove it!)
    1170. 

  1170. 		if (substr($realpath, -1) == DIRECTORY_SEPARATOR)
    1171. 

  1171. 		{
    1172. 

  1172. 			$realpath = substr($realpath, 0, -1);
    1173. 

  1173. 		}
    1174. 

  1174. 

  1175. 		return $realpath;
    1176. 

  1176. 	}
    1177. 

  1177. }
    1178. 

  1178. 

  1179. if (!function_exists('htmlspecialchars_decode'))
    1180. 

  1180. {
    1181. 

  1181. 	/**
    1182. 

  1182. 	* A wrapper for htmlspecialchars_decode
    1183. 

  1183. 	* @ignore
    1184. 

  1184. 	*/
    1185. 

  1185. 	function htmlspecialchars_decode($string, $quote_style = ENT_COMPAT)
    1186. 

  1186. 	{
    1187. 

  1187. 		return strtr($string, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style)));
    1188. 

  1188. 	}
    1189. 

  1189. }
    1190. 

  1190. 

  1191. // functions used for building option fields
    1192. 

  1192. 

  1193. /**
    1194. 

  1194. * Pick a language, any language ...
    1195. 

  1195. */
    1196. 

  1196. function language_select($default = '')
    1197. 

  1197. {
    1198. 

  1198. 	global $db;
    1199. 

  1199. 

  1200. 	$sql = 'SELECT lang_iso, lang_local_name
    1201. 

  1201. 		FROM ' . LANG_TABLE . '
    1202. 

  1202. 		ORDER BY lang_english_name';
    1203. 

  1203. 	$result = $db->sql_query($sql);
    1204. 

  1204. 

  1205. 	$lang_options = '';
    1206. 

  1206. 	while ($row = $db->sql_fetchrow($result))
    1207. 

  1207. 	{
    1208. 

  1208. 		$selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : '';
    1209. 

  1209. 		$lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>';
    1210. 

  1210. 	}
    1211. 

  1211. 	$db->sql_freeresult($result);
    1212. 

  1212. 

  1213. 	return $lang_options;
    1214. 

  1214. }
    1215. 

  1215. 

  1216. /**
    1217. 

  1217. * Pick a template/theme combo,
    1218. 

  1218. */
    1219. 

  1219. function style_select($default = '', $all = false)
    1220. 

  1220. {
    1221. 

  1221. 	global $db;
    1222. 

  1222. 

  1223. 	$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
    1224. 

  1224. 	$sql = 'SELECT style_id, style_name
    1225. 

  1225. 		FROM ' . STYLES_TABLE . "
    1226. 

  1226. 		$sql_where
    1227. 

  1227. 		ORDER BY style_name";
    1228. 

  1228. 	$result = $db->sql_query($sql);
    1229. 

  1229. 

  1230. 	$style_options = '';
    1231. 

  1231. 	while ($row = $db->sql_fetchrow($result))
    1232. 

  1232. 	{
    1233. 

  1233. 		$selected = ($row['style_id'] == $default) ? ' selected="selected"' : '';
    1234. 

  1234. 		$style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>';
    1235. 

  1235. 	}
    1236. 

  1236. 	$db->sql_freeresult($result);
    1237. 

  1237. 

  1238. 	return $style_options;
    1239. 

  1239. }
    1240. 

  1240. 

  1241. /**
    1242. 

  1242. * Pick a timezone
    1243. 

  1243. */
    1244. 

  1244. function tz_select($default = '', $truncate = false)
    1245. 

  1245. {
    1246. 

  1246. 	global $user;
    1247. 

  1247. 

  1248. 	$tz_select = '';
    1249. 

  1249. 	foreach ($user->lang['tz_zones'] as $offset => $zone)
    1250. 

  1250. 	{
    1251. 

  1251. 		if ($truncate)
    1252. 

  1252. 		{
    1253. 

  1253. 			$zone_trunc = truncate_string($zone, 50, 255, false, '...');
    1254. 

  1254. 		}
    1255. 

  1255. 		else
    1256. 

  1256. 		{
    1257. 

  1257. 			$zone_trunc = $zone;
    1258. 

  1258. 		}
    1259. 

  1259. 

  1260. 		if (is_numeric($offset))
    1261. 

  1261. 		{
    1262. 

  1262. 			$selected = ($offset == $default) ? ' selected="selected"' : '';
    1263. 

  1263. 			$tz_select .= '<option title="' . $zone . '" value="' . $offset . '"' . $selected . '>' . $zone_trunc . '</option>';
    1264. 

  1264. 		}
    1265. 

  1265. 	}
    1266. 

  1266. 

  1267. 	return $tz_select;
    1268. 

  1268. }
    1269. 

  1269. 

  1270. // Functions handling topic/post tracking/marking
    1271. 

  1271. 

  1272. /**
    1273. 

  1273. * Marks a topic/forum as read
    1274. 

  1274. * Marks a topic as posted to
    1275. 

  1275. *
    1276. 

  1276. * @param int $user_id can only be used with $mode == 'post'
    1277. 

  1277. */
    1278. 

  1278. function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
    1279. 

  1279. {
    1280. 

  1280. 	global $db, $user, $config;
    1281. 

  1281. 

  1282. 	if ($mode == 'all')
    1283. 

  1283. 	{
    1284. 

  1284. 		if ($forum_id === false || !sizeof($forum_id))
    1285. 

  1285. 		{
    1286. 

  1286. 			if ($config['load_db_lastread'] && $user->data['is_registered'])
    1287. 

  1287. 			{
    1288. 

  1288. 				// Mark all forums read (index page)
    1289. 

  1289. 				$db->sql_query('DELETE FROM ' . TOPICS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
    1290. 

  1290. 				$db->sql_query('DELETE FROM ' . FORUMS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
    1291. 

  1291. 				$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
    1292. 

  1292. 			}
    1293. 

  1293. 			else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1294. 

  1294. 			{
    1295. 

  1295. 				$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
    1296. 

  1296. 				$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1297. 

  1297. 

  1298. 				unset($tracking_topics['tf']);
    1299. 

  1299. 				unset($tracking_topics['t']);
    1300. 

  1300. 				unset($tracking_topics['f']);
    1301. 

  1301. 				$tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36);
    1302. 

  1302. 

  1303. 				$user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
    1304. 

  1304. 				$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics);
    1305. 

  1305. 

  1306. 				unset($tracking_topics);
    1307. 

  1307. 

  1308. 				if ($user->data['is_registered'])
    1309. 

  1309. 				{
    1310. 

  1310. 					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
    1311. 

  1311. 				}
    1312. 

  1312. 			}
    1313. 

  1313. 		}
    1314. 

  1314. 

  1315. 		return;
    1316. 

  1316. 	}
    1317. 

  1317. 	else if ($mode == 'topics')
    1318. 

  1318. 	{
    1319. 

  1319. 		// Mark all topics in forums read
    1320. 

  1320. 		if (!is_array($forum_id))
    1321. 

  1321. 		{
    1322. 

  1322. 			$forum_id = array($forum_id);
    1323. 

  1323. 		}
    1324. 

  1324. 

  1325. 		// Add 0 to forums array to mark global announcements correctly
    1326. 

  1326. 		// $forum_id[] = 0;
    1327. 

  1327. 

  1328. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    1329. 

  1329. 		{
    1330. 

  1330. 			$sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . "
    1331. 

  1331. 				WHERE user_id = {$user->data['user_id']}
    1332. 

  1332. 					AND " . $db->sql_in_set('forum_id', $forum_id);
    1333. 

  1333. 			$db->sql_query($sql);
    1334. 

  1334. 

  1335. 			$sql = 'SELECT forum_id
    1336. 

  1336. 				FROM ' . FORUMS_TRACK_TABLE . "
    1337. 

  1337. 				WHERE user_id = {$user->data['user_id']}
    1338. 

  1338. 					AND " . $db->sql_in_set('forum_id', $forum_id);
    1339. 

  1339. 			$result = $db->sql_query($sql);
    1340. 

  1340. 

  1341. 			$sql_update = array();
    1342. 

  1342. 			while ($row = $db->sql_fetchrow($result))
    1343. 

  1343. 			{
    1344. 

  1344. 				$sql_update[] = (int) $row['forum_id'];
    1345. 

  1345. 			}
    1346. 

  1346. 			$db->sql_freeresult($result);
    1347. 

  1347. 

  1348. 			if (sizeof($sql_update))
    1349. 

  1349. 			{
    1350. 

  1350. 				$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
    1351. 

  1351. 					SET mark_time = ' . time() . "
    1352. 

  1352. 					WHERE user_id = {$user->data['user_id']}
    1353. 

  1353. 						AND " . $db->sql_in_set('forum_id', $sql_update);
    1354. 

  1354. 				$db->sql_query($sql);
    1355. 

  1355. 			}
    1356. 

  1356. 

  1357. 			if ($sql_insert = array_diff($forum_id, $sql_update))
    1358. 

  1358. 			{
    1359. 

  1359. 				$sql_ary = array();
    1360. 

  1360. 				foreach ($sql_insert as $f_id)
    1361. 

  1361. 				{
    1362. 

  1362. 					$sql_ary[] = array(
    1363. 

  1363. 						'user_id'	=> (int) $user->data['user_id'],
    1364. 

  1364. 						'forum_id'	=> (int) $f_id,
    1365. 

  1365. 						'mark_time'	=> time()
    1366. 

  1366. 					);
    1367. 

  1367. 				}
    1368. 

  1368. 

  1369. 				$db->sql_multi_insert(FORUMS_TRACK_TABLE, $sql_ary);
    1370. 

  1370. 			}
    1371. 

  1371. 		}
    1372. 

  1372. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1373. 

  1373. 		{
    1374. 

  1374. 			$tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
    1375. 

  1375. 			$tracking = ($tracking) ? tracking_unserialize($tracking) : array();
    1376. 

  1376. 

  1377. 			foreach ($forum_id as $f_id)
    1378. 

  1378. 			{
    1379. 

  1379. 				$topic_ids36 = (isset($tracking['tf'][$f_id])) ? $tracking['tf'][$f_id] : array();
    1380. 

  1380. 

  1381. 				if (isset($tracking['tf'][$f_id]))
    1382. 

  1382. 				{
    1383. 

  1383. 					unset($tracking['tf'][$f_id]);
    1384. 

  1384. 				}
    1385. 

  1385. 

  1386. 				foreach ($topic_ids36 as $topic_id36)
    1387. 

  1387. 				{
    1388. 

  1388. 					unset($tracking['t'][$topic_id36]);
    1389. 

  1389. 				}
    1390. 

  1390. 

  1391. 				if (isset($tracking['f'][$f_id]))
    1392. 

  1392. 				{
    1393. 

  1393. 					unset($tracking['f'][$f_id]);
    1394. 

  1394. 				}
    1395. 

  1395. 

  1396. 				$tracking['f'][$f_id] = base_convert(time() - $config['board_startdate'], 10, 36);
    1397. 

  1397. 			}
    1398. 

  1398. 

  1399. 			if (isset($tracking['tf']) && empty($tracking['tf']))
    1400. 

  1400. 			{
    1401. 

  1401. 				unset($tracking['tf']);
    1402. 

  1402. 			}
    1403. 

  1403. 

  1404. 			$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
    1405. 

  1405. 			$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
    1406. 

  1406. 

  1407. 			unset($tracking);
    1408. 

  1408. 		}
    1409. 

  1409. 

  1410. 		return;
    1411. 

  1411. 	}
    1412. 

  1412. 	else if ($mode == 'topic')
    1413. 

  1413. 	{
    1414. 

  1414. 		if ($topic_id === false || $forum_id === false)
    1415. 

  1415. 		{
    1416. 

  1416. 			return;
    1417. 

  1417. 		}
    1418. 

  1418. 

  1419. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    1420. 

  1420. 		{
    1421. 

  1421. 			$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . '
    1422. 

  1422. 				SET mark_time = ' . (($post_time) ? $post_time : time()) . "
    1423. 

  1423. 				WHERE user_id = {$user->data['user_id']}
    1424. 

  1424. 					AND topic_id = $topic_id";
    1425. 

  1425. 			$db->sql_query($sql);
    1426. 

  1426. 

  1427. 			// insert row
    1428. 

  1428. 			if (!$db->sql_affectedrows())
    1429. 

  1429. 			{
    1430. 

  1430. 				$db->sql_return_on_error(true);
    1431. 

  1431. 

  1432. 				$sql_ary = array(
    1433. 

  1433. 					'user_id'		=> (int) $user->data['user_id'],
    1434. 

  1434. 					'topic_id'		=> (int) $topic_id,
    1435. 

  1435. 					'forum_id'		=> (int) $forum_id,
    1436. 

  1436. 					'mark_time'		=> ($post_time) ? (int) $post_time : time(),
    1437. 

  1437. 				);
    1438. 

  1438. 

  1439. 				$db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
    1440. 

  1440. 

  1441. 				$db->sql_return_on_error(false);
    1442. 

  1442. 			}
    1443. 

  1443. 		}
    1444. 

  1444. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1445. 

  1445. 		{
    1446. 

  1446. 			$tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
    1447. 

  1447. 			$tracking = ($tracking) ? tracking_unserialize($tracking) : array();
    1448. 

  1448. 

  1449. 			$topic_id36 = base_convert($topic_id, 10, 36);
    1450. 

  1450. 

  1451. 			if (!isset($tracking['t'][$topic_id36]))
    1452. 

  1452. 			{
    1453. 

  1453. 				$tracking['tf'][$forum_id][$topic_id36] = true;
    1454. 

  1454. 			}
    1455. 

  1455. 

  1456. 			$post_time = ($post_time) ? $post_time : time();
    1457. 

  1457. 			$tracking['t'][$topic_id36] = base_convert($post_time - $config['board_startdate'], 10, 36);
    1458. 

  1458. 

  1459. 			// If the cookie grows larger than 10000 characters we will remove the smallest value
    1460. 

  1460. 			// This can result in old topics being unread - but most of the time it should be accurate...
    1461. 

  1461. 			if (isset($_COOKIE[$config['cookie_name'] . '_track']) && strlen($_COOKIE[$config['cookie_name'] . '_track']) > 10000)
    1462. 

  1462. 			{
    1463. 

  1463. 				//echo 'Cookie grown too large' . print_r($tracking, true);
    1464. 

  1464. 

  1465. 				// We get the ten most minimum stored time offsets and its associated topic ids
    1466. 

  1466. 				$time_keys = array();
    1467. 

  1467. 				for ($i = 0; $i < 10 && sizeof($tracking['t']); $i++)
    1468. 

  1468. 				{
    1469. 

  1469. 					$min_value = min($tracking['t']);
    1470. 

  1470. 					$m_tkey = array_search($min_value, $tracking['t']);
    1471. 

  1471. 					unset($tracking['t'][$m_tkey]);
    1472. 

  1472. 

  1473. 					$time_keys[$m_tkey] = $min_value;
    1474. 

  1474. 				}
    1475. 

  1475. 

  1476. 				// Now remove the topic ids from the array...
    1477. 

  1477. 				foreach ($tracking['tf'] as $f_id => $topic_id_ary)
    1478. 

  1478. 				{
    1479. 

  1479. 					foreach ($time_keys as $m_tkey => $min_value)
    1480. 

  1480. 					{
    1481. 

  1481. 						if (isset($topic_id_ary[$m_tkey]))
    1482. 

  1482. 						{
    1483. 

  1483. 							$tracking['f'][$f_id] = $min_value;
    1484. 

  1484. 							unset($tracking['tf'][$f_id][$m_tkey]);
    1485. 

  1485. 						}
    1486. 

  1486. 					}
    1487. 

  1487. 				}
    1488. 

  1488. 

  1489. 				if ($user->data['is_registered'])
    1490. 

  1490. 				{
    1491. 

  1491. 					$user->data['user_lastmark'] = intval(base_convert(max($time_keys) + $config['board_startdate'], 36, 10));
    1492. 

  1492. 					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . $user->data['user_lastmark'] . " WHERE user_id = {$user->data['user_id']}");
    1493. 

  1493. 				}
    1494. 

  1494. 				else
    1495. 

  1495. 				{
    1496. 

  1496. 					$tracking['l'] = max($time_keys);
    1497. 

  1497. 				}
    1498. 

  1498. 			}
    1499. 

  1499. 

  1500. 			$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
    1501. 

  1501. 			$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
    1502. 

  1502. 		}
    1503. 

  1503. 

  1504. 		return;
    1505. 

  1505. 	}
    1506. 

  1506. 	else if ($mode == 'post')
    1507. 

  1507. 	{
    1508. 

  1508. 		if ($topic_id === false)
    1509. 

  1509. 		{
    1510. 

  1510. 			return;
    1511. 

  1511. 		}
    1512. 

  1512. 

  1513. 		$use_user_id = (!$user_id) ? $user->data['user_id'] : $user_id;
    1514. 

  1514. 

  1515. 		if ($config['load_db_track'] && $use_user_id != ANONYMOUS)
    1516. 

  1516. 		{
    1517. 

  1517. 			$db->sql_return_on_error(true);
    1518. 

  1518. 

  1519. 			$sql_ary = array(
    1520. 

  1520. 				'user_id'		=> (int) $use_user_id,
    1521. 

  1521. 				'topic_id'		=> (int) $topic_id,
    1522. 

  1522. 				'topic_posted'	=> 1
    1523. 

  1523. 			);
    1524. 

  1524. 

  1525. 			$db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
    1526. 

  1526. 

  1527. 			$db->sql_return_on_error(false);
    1528. 

  1528. 		}
    1529. 

  1529. 

  1530. 		return;
    1531. 

  1531. 	}
    1532. 

  1532. }
    1533. 

  1533. 

  1534. /**
    1535. 

  1535. * Get topic tracking info by using already fetched info
    1536. 

  1536. */
    1537. 

  1537. function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $global_announce_list = false)
    1538. 

  1538. {
    1539. 

  1539. 	global $config, $user;
    1540. 

  1540. 

  1541. 	$last_read = array();
    1542. 

  1542. 

  1543. 	if (!is_array($topic_ids))
    1544. 

  1544. 	{
    1545. 

  1545. 		$topic_ids = array($topic_ids);
    1546. 

  1546. 	}
    1547. 

  1547. 

  1548. 	foreach ($topic_ids as $topic_id)
    1549. 

  1549. 	{
    1550. 

  1550. 		if (!empty($rowset[$topic_id]['mark_time']))
    1551. 

  1551. 		{
    1552. 

  1552. 			$last_read[$topic_id] = $rowset[$topic_id]['mark_time'];
    1553. 

  1553. 		}
    1554. 

  1554. 	}
    1555. 

  1555. 

  1556. 	$topic_ids = array_diff($topic_ids, array_keys($last_read));
    1557. 

  1557. 

  1558. 	if (sizeof($topic_ids))
    1559. 

  1559. 	{
    1560. 

  1560. 		$mark_time = array();
    1561. 

  1561. 

  1562. 		if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false)
    1563. 

  1563. 		{
    1564. 

  1564. 			$mark_time[$forum_id] = $forum_mark_time[$forum_id];
    1565. 

  1565. 		}
    1566. 

  1566. 

  1567. 		$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
    1568. 

  1568. 

  1569. 		foreach ($topic_ids as $topic_id)
    1570. 

  1570. 		{
    1571. 

  1571. 			$last_read[$topic_id] = $user_lastmark;
    1572. 

  1572. 		}
    1573. 

  1573. 	}
    1574. 

  1574. 

  1575. 	return $last_read;
    1576. 

  1576. }
    1577. 

  1577. 

  1578. /**
    1579. 

  1579. * Get topic tracking info from db (for cookie based tracking only this function is used)
    1580. 

  1580. */
    1581. 

  1581. function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_list = false)
    1582. 

  1582. {
    1583. 

  1583. 	global $config, $user;
    1584. 

  1584. 

  1585. 	$last_read = array();
    1586. 

  1586. 

  1587. 	if (!is_array($topic_ids))
    1588. 

  1588. 	{
    1589. 

  1589. 		$topic_ids = array($topic_ids);
    1590. 

  1590. 	}
    1591. 

  1591. 

  1592. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    1593. 

  1593. 	{
    1594. 

  1594. 		global $db;
    1595. 

  1595. 

  1596. 		$sql = 'SELECT topic_id, mark_time
    1597. 

  1597. 			FROM ' . TOPICS_TRACK_TABLE . "
    1598. 

  1598. 			WHERE user_id = {$user->data['user_id']}
    1599. 

  1599. 				AND " . $db->sql_in_set('topic_id', $topic_ids);
    1600. 

  1600. 		$result = $db->sql_query($sql);
    1601. 

  1601. 

  1602. 		while ($row = $db->sql_fetchrow($result))
    1603. 

  1603. 		{
    1604. 

  1604. 			$last_read[$row['topic_id']] = $row['mark_time'];
    1605. 

  1605. 		}
    1606. 

  1606. 		$db->sql_freeresult($result);
    1607. 

  1607. 

  1608. 		$topic_ids = array_diff($topic_ids, array_keys($last_read));
    1609. 

  1609. 

  1610. 		if (sizeof($topic_ids))
    1611. 

  1611. 		{
    1612. 

  1612. 			$sql = 'SELECT forum_id, mark_time
    1613. 

  1613. 				FROM ' . FORUMS_TRACK_TABLE . "
    1614. 

  1614. 				WHERE user_id = {$user->data['user_id']}
    1615. 

  1615. 					AND forum_id = $forum_id";
    1616. 

  1616. 			$result = $db->sql_query($sql);
    1617. 

  1617. 

  1618. 			$mark_time = array();
    1619. 

  1619. 			while ($row = $db->sql_fetchrow($result))
    1620. 

  1620. 			{
    1621. 

  1621. 				$mark_time[$row['forum_id']] = $row['mark_time'];
    1622. 

  1622. 			}
    1623. 

  1623. 			$db->sql_freeresult($result);
    1624. 

  1624. 

  1625. 			$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
    1626. 

  1626. 

  1627. 			foreach ($topic_ids as $topic_id)
    1628. 

  1628. 			{
    1629. 

  1629. 				$last_read[$topic_id] = $user_lastmark;
    1630. 

  1630. 			}
    1631. 

  1631. 		}
    1632. 

  1632. 	}
    1633. 

  1633. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1634. 

  1634. 	{
    1635. 

  1635. 		global $tracking_topics;
    1636. 

  1636. 

  1637. 		if (!isset($tracking_topics) || !sizeof($tracking_topics))
    1638. 

  1638. 		{
    1639. 

  1639. 			$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
    1640. 

  1640. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1641. 

  1641. 		}
    1642. 

  1642. 

  1643. 		if (!$user->data['is_registered'])
    1644. 

  1644. 		{
    1645. 

  1645. 			$user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
    1646. 

  1646. 		}
    1647. 

  1647. 		else
    1648. 

  1648. 		{
    1649. 

  1649. 			$user_lastmark = $user->data['user_lastmark'];
    1650. 

  1650. 		}
    1651. 

  1651. 

  1652. 		foreach ($topic_ids as $topic_id)
    1653. 

  1653. 		{
    1654. 

  1654. 			$topic_id36 = base_convert($topic_id, 10, 36);
    1655. 

  1655. 

  1656. 			if (isset($tracking_topics['t'][$topic_id36]))
    1657. 

  1657. 			{
    1658. 

  1658. 				$last_read[$topic_id] = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
    1659. 

  1659. 			}
    1660. 

  1660. 		}
    1661. 

  1661. 

  1662. 		$topic_ids = array_diff($topic_ids, array_keys($last_read));
    1663. 

  1663. 

  1664. 		if (sizeof($topic_ids))
    1665. 

  1665. 		{
    1666. 

  1666. 			$mark_time = array();
    1667. 

  1667. 			if ($global_announce_list && sizeof($global_announce_list))
    1668. 

  1668. 			{
    1669. 

  1669. 				if (isset($tracking_topics['f'][0]))
    1670. 

  1670. 				{
    1671. 

  1671. 					$mark_time[0] = base_convert($tracking_topics['f'][0], 36, 10) + $config['board_startdate'];
    1672. 

  1672. 				}
    1673. 

  1673. 			}
    1674. 

  1674. 

  1675. 			if (isset($tracking_topics['f'][$forum_id]))
    1676. 

  1676. 			{
    1677. 

  1677. 				$mark_time[$forum_id] = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
    1678. 

  1678. 			}
    1679. 

  1679. 

  1680. 			$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user_lastmark;
    1681. 

  1681. 

  1682. 			foreach ($topic_ids as $topic_id)
    1683. 

  1683. 			{
    1684. 

  1684. 				if ($global_announce_list && isset($global_announce_list[$topic_id]))
    1685. 

  1685. 				{
    1686. 

  1686. 					$last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
    1687. 

  1687. 				}
    1688. 

  1688. 				else
    1689. 

  1689. 				{
    1690. 

  1690. 					$last_read[$topic_id] = $user_lastmark;
    1691. 

  1691. 				}
    1692. 

  1692. 			}
    1693. 

  1693. 		}
    1694. 

  1694. 	}
    1695. 

  1695. 

  1696. 	return $last_read;
    1697. 

  1697. }
    1698. 

  1698. 

  1699. /**
    1700. 

  1700. * Get list of unread topics
    1701. 

  1701. *
    1702. 

  1702. * @param int $user_id			User ID (or false for current user)
    1703. 

  1703. * @param string $sql_extra		Extra WHERE SQL statement
    1704. 

  1704. * @param string $sql_sort		ORDER BY SQL sorting statement
    1705. 

  1705. * @param string $sql_limit		Limits the size of unread topics list, 0 for unlimited query
    1706. 

  1706. * @param string $sql_limit_offset  Sets the offset of the first row to search, 0 to search from the start
    1707. 

  1707. *
    1708. 

  1708. * @return array[int][int]		Topic ids as keys, mark_time of topic as value
    1709. 

  1709. */
    1710. 

  1710. function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)
    1711. 

  1711. {
    1712. 

  1712. 	global $config, $db, $user;
    1713. 

  1713. 

  1714. 	$user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id;
    1715. 

  1715. 

  1716. 	// Data array we're going to return
    1717. 

  1717. 	$unread_topics = array();
    1718. 

  1718. 

  1719. 	if (empty($sql_sort))
    1720. 

  1720. 	{
    1721. 

  1721. 		$sql_sort = 'ORDER BY t.topic_last_post_time DESC';
    1722. 

  1722. 	}
    1723. 

  1723. 

  1724. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    1725. 

  1725. 	{
    1726. 

  1726. 		// Get list of the unread topics
    1727. 

  1727. 		$last_mark = (int) $user->data['user_lastmark'];
    1728. 

  1728. 

  1729. 		$sql_array = array(
    1730. 

  1730. 			'SELECT'		=> 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time',
    1731. 

  1731. 

  1732. 			'FROM'			=> array(TOPICS_TABLE => 't'),
    1733. 

  1733. 

  1734. 			'LEFT_JOIN'		=> array(
    1735. 

  1735. 				array(
    1736. 

  1736. 					'FROM'	=> array(TOPICS_TRACK_TABLE => 'tt'),
    1737. 

  1737. 					'ON'	=> "tt.user_id = $user_id AND t.topic_id = tt.topic_id",
    1738. 

  1738. 				),
    1739. 

  1739. 				array(
    1740. 

  1740. 					'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
    1741. 

  1741. 					'ON'	=> "ft.user_id = $user_id AND t.forum_id = ft.forum_id",
    1742. 

  1742. 				),
    1743. 

  1743. 			),
    1744. 

  1744. 

  1745. 			'WHERE'			=> "
    1746. 

  1746. 				 t.topic_last_post_time > $last_mark AND
    1747. 

  1747. 				(
    1748. 

  1748. 				(tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR
    1749. 

  1749. 				(tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR
    1750. 

  1750. 				(tt.mark_time IS NULL AND ft.mark_time IS NULL)
    1751. 

  1751. 				)
    1752. 

  1752. 				$sql_extra
    1753. 

  1753. 				$sql_sort",
    1754. 

  1754. 		);
    1755. 

  1755. 

  1756. 		$sql = $db->sql_build_query('SELECT', $sql_array);
    1757. 

  1757. 		$result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
    1758. 

  1758. 

  1759. 		while ($row = $db->sql_fetchrow($result))
    1760. 

  1760. 		{
    1761. 

  1761. 			$topic_id = (int) $row['topic_id'];
    1762. 

  1762. 			$unread_topics[$topic_id] = ($row['topic_mark_time']) ? (int) $row['topic_mark_time'] : (($row['forum_mark_time']) ? (int) $row['forum_mark_time'] : $last_mark);
    1763. 

  1763. 		}
    1764. 

  1764. 		$db->sql_freeresult($result);
    1765. 

  1765. 	}
    1766. 

  1766. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1767. 

  1767. 	{
    1768. 

  1768. 		global $tracking_topics;
    1769. 

  1769. 

  1770. 		if (empty($tracking_topics))
    1771. 

  1771. 		{
    1772. 

  1772. 			$tracking_topics = request_var($config['cookie_name'] . '_track', '', false, true);
    1773. 

  1773. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1774. 

  1774. 		}
    1775. 

  1775. 

  1776. 		if (!$user->data['is_registered'])
    1777. 

  1777. 		{
    1778. 

  1778. 			$user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
    1779. 

  1779. 		}
    1780. 

  1780. 		else
    1781. 

  1781. 		{
    1782. 

  1782. 			$user_lastmark = (int) $user->data['user_lastmark'];
    1783. 

  1783. 		}
    1784. 

  1784. 

  1785. 		$sql = 'SELECT t.topic_id, t.forum_id, t.topic_last_post_time
    1786. 

  1786. 			FROM ' . TOPICS_TABLE . ' t
    1787. 

  1787. 			WHERE t.topic_last_post_time > ' . $user_lastmark . "
    1788. 

  1788. 			$sql_extra
    1789. 

  1789. 			$sql_sort";
    1790. 

  1790. 		$result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
    1791. 

  1791. 

  1792. 		while ($row = $db->sql_fetchrow($result))
    1793. 

  1793. 		{
    1794. 

  1794. 			$forum_id = (int) $row['forum_id'];
    1795. 

  1795. 			$topic_id = (int) $row['topic_id'];
    1796. 

  1796. 			$topic_id36 = base_convert($topic_id, 10, 36);
    1797. 

  1797. 

  1798. 			if (isset($tracking_topics['t'][$topic_id36]))
    1799. 

  1799. 			{
    1800. 

  1800. 				$last_read = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
    1801. 

  1801. 

  1802. 				if ($row['topic_last_post_time'] > $last_read)
    1803. 

  1803. 				{
    1804. 

  1804. 					$unread_topics[$topic_id] = $last_read;
    1805. 

  1805. 				}
    1806. 

  1806. 			}
    1807. 

  1807. 			else if (isset($tracking_topics['f'][$forum_id]))
    1808. 

  1808. 			{
    1809. 

  1809. 				$mark_time = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
    1810. 

  1810. 

  1811. 				if ($row['topic_last_post_time'] > $mark_time)
    1812. 

  1812. 				{
    1813. 

  1813. 					$unread_topics[$topic_id] = $mark_time;
    1814. 

  1814. 				}
    1815. 

  1815. 			}
    1816. 

  1816. 			else
    1817. 

  1817. 			{
    1818. 

  1818. 				$unread_topics[$topic_id] = $user_lastmark;
    1819. 

  1819. 			}
    1820. 

  1820. 		}
    1821. 

  1821. 		$db->sql_freeresult($result);
    1822. 

  1822. 	}
    1823. 

  1823. 

  1824. 	return $unread_topics;
    1825. 

  1825. }
    1826. 

  1826. 

  1827. /**
    1828. 

  1828. * Check for read forums and update topic tracking info accordingly
    1829. 

  1829. *
    1830. 

  1830. * @param int $forum_id the forum id to check
    1831. 

  1831. * @param int $forum_last_post_time the forums last post time
    1832. 

  1832. * @param int $f_mark_time the forums last mark time if user is registered and load_db_lastread enabled
    1833. 

  1833. * @param int $mark_time_forum false if the mark time needs to be obtained, else the last users forum mark time
    1834. 

  1834. *
    1835. 

  1835. * @return true if complete forum got marked read, else false.
    1836. 

  1836. */
    1837. 

  1837. function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
    1838. 

  1838. {
    1839. 

  1839. 	global $db, $tracking_topics, $user, $config, $auth;
    1840. 

  1840. 

  1841. 	// Determine the users last forum mark time if not given.
    1842. 

  1842. 	if ($mark_time_forum === false)
    1843. 

  1843. 	{
    1844. 

  1844. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    1845. 

  1845. 		{
    1846. 

  1846. 			$mark_time_forum = (!empty($f_mark_time)) ? $f_mark_time : $user->data['user_lastmark'];
    1847. 

  1847. 		}
    1848. 

  1848. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1849. 

  1849. 		{
    1850. 

  1850. 			$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
    1851. 

  1851. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1852. 

  1852. 

  1853. 			if (!$user->data['is_registered'])
    1854. 

  1854. 			{
    1855. 

  1855. 				$user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0;
    1856. 

  1856. 			}
    1857. 

  1857. 

  1858. 			$mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark'];
    1859. 

  1859. 		}
    1860. 

  1860. 	}
    1861. 

  1861. 

  1862. 	// Handle update of unapproved topics info.
    1863. 

  1863. 	// Only update for moderators having m_approve permission for the forum.
    1864. 

  1864. 	$sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1';
    1865. 

  1865. 

  1866. 	// Check the forum for any left unread topics.
    1867. 

  1867. 	// If there are none, we mark the forum as read.
    1868. 

  1868. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    1869. 

  1869. 	{
    1870. 

  1870. 		if ($mark_time_forum >= $forum_last_post_time)
    1871. 

  1871. 		{
    1872. 

  1872. 			// We do not need to mark read, this happened before. Therefore setting this to true
    1873. 

  1873. 			$row = true;
    1874. 

  1874. 		}
    1875. 

  1875. 		else
    1876. 

  1876. 		{
    1877. 

  1877. 			$sql = 'SELECT t.forum_id FROM ' . TOPICS_TABLE . ' t
    1878. 

  1878. 				LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')
    1879. 

  1879. 				WHERE t.forum_id = ' . $forum_id . '
    1880. 

  1880. 					AND t.topic_last_post_time > ' . $mark_time_forum . '
    1881. 

  1881. 					AND t.topic_moved_id = 0 ' .
    1882. 

  1882. 					$sql_update_unapproved . '
    1883. 

  1883. 					AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time)
    1884. 

  1884. 				GROUP BY t.forum_id';
    1885. 

  1885. 			$result = $db->sql_query_limit($sql, 1);
    1886. 

  1886. 			$row = $db->sql_fetchrow($result);
    1887. 

  1887. 			$db->sql_freeresult($result);
    1888. 

  1888. 		}
    1889. 

  1889. 	}
    1890. 

  1890. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1891. 

  1891. 	{
    1892. 

  1892. 		// Get information from cookie
    1893. 

  1893. 		$row = false;
    1894. 

  1894. 

  1895. 		if (!isset($tracking_topics['tf'][$forum_id]))
    1896. 

  1896. 		{
    1897. 

  1897. 			// We do not need to mark read, this happened before. Therefore setting this to true
    1898. 

  1898. 			$row = true;
    1899. 

  1899. 		}
    1900. 

  1900. 		else
    1901. 

  1901. 		{
    1902. 

  1902. 			$sql = 'SELECT t.topic_id
    1903. 

  1903. 				FROM ' . TOPICS_TABLE . ' t
    1904. 

  1904. 				WHERE t.forum_id = ' . $forum_id . '
    1905. 

  1905. 					AND t.topic_last_post_time > ' . $mark_time_forum . '
    1906. 

  1906. 					AND t.topic_moved_id = 0 ' .
    1907. 

  1907. 					$sql_update_unapproved;
    1908. 

  1908. 			$result = $db->sql_query($sql);
    1909. 

  1909. 

  1910. 			$check_forum = $tracking_topics['tf'][$forum_id];
    1911. 

  1911. 			$unread = false;
    1912. 

  1912. 

  1913. 			while ($row = $db->sql_fetchrow($result))
    1914. 

  1914. 			{
    1915. 

  1915. 				if (!isset($check_forum[base_convert($row['topic_id'], 10, 36)]))
    1916. 

  1916. 				{
    1917. 

  1917. 					$unread = true;
    1918. 

  1918. 					break;
    1919. 

  1919. 				}
    1920. 

  1920. 			}
    1921. 

  1921. 			$db->sql_freeresult($result);
    1922. 

  1922. 

  1923. 			$row = $unread;
    1924. 

  1924. 		}
    1925. 

  1925. 	}
    1926. 

  1926. 	else
    1927. 

  1927. 	{
    1928. 

  1928. 		$row = true;
    1929. 

  1929. 	}
    1930. 

  1930. 

  1931. 	if (!$row)
    1932. 

  1932. 	{
    1933. 

  1933. 		markread('topics', $forum_id);
    1934. 

  1934. 		return true;
    1935. 

  1935. 	}
    1936. 

  1936. 

  1937. 	return false;
    1938. 

  1938. }
    1939. 

  1939. 

  1940. /**
    1941. 

  1941. * Transform an array into a serialized format
    1942. 

  1942. */
    1943. 

  1943. function tracking_serialize($input)
    1944. 

  1944. {
    1945. 

  1945. 	$out = '';
    1946. 

  1946. 	foreach ($input as $key => $value)
    1947. 

  1947. 	{
    1948. 

  1948. 		if (is_array($value))
    1949. 

  1949. 		{
    1950. 

  1950. 			$out .= $key . ':(' . tracking_serialize($value) . ');';
    1951. 

  1951. 		}
    1952. 

  1952. 		else
    1953. 

  1953. 		{
    1954. 

  1954. 			$out .= $key . ':' . $value . ';';
    1955. 

  1955. 		}
    1956. 

  1956. 	}
    1957. 

  1957. 	return $out;
    1958. 

  1958. }
    1959. 

  1959. 

  1960. /**
    1961. 

  1961. * Transform a serialized array into an actual array
    1962. 

  1962. */
    1963. 

  1963. function tracking_unserialize($string, $max_depth = 3)
    1964. 

  1964. {
    1965. 

  1965. 	$n = strlen($string);
    1966. 

  1966. 	if ($n > 10010)
    1967. 

  1967. 	{
    1968. 

  1968. 		die('Invalid data supplied');
    1969. 

  1969. 	}
    1970. 

  1970. 	$data = $stack = array();
    1971. 

  1971. 	$key = '';
    1972. 

  1972. 	$mode = 0;
    1973. 

  1973. 	$level = &$data;
    1974. 

  1974. 	for ($i = 0; $i < $n; ++$i)
    1975. 

  1975. 	{
    1976. 

  1976. 		switch ($mode)
    1977. 

  1977. 		{
    1978. 

  1978. 			case 0:
    1979. 

  1979. 				switch ($string[$i])
    1980. 

  1980. 				{
    1981. 

  1981. 					case ':':
    1982. 

  1982. 						$level[$key] = 0;
    1983. 

  1983. 						$mode = 1;
    1984. 

  1984. 					break;
    1985. 

  1985. 					case ')':
    1986. 

  1986. 						unset($level);
    1987. 

  1987. 						$level = array_pop($stack);
    1988. 

  1988. 						$mode = 3;
    1989. 

  1989. 					break;
    1990. 

  1990. 					default:
    1991. 

  1991. 						$key .= $string[$i];
    1992. 

  1992. 				}
    1993. 

  1993. 			break;
    1994. 

  1994. 

  1995. 			case 1:
    1996. 

  1996. 				switch ($string[$i])
    1997. 

  1997. 				{
    1998. 

  1998. 					case '(':
    1999. 

  1999. 						if (sizeof($stack) >= $max_depth)
    2000. 

  2000. 						{
    2001. 

  2001. 							die('Invalid data supplied');
    2002. 

  2002. 						}
    2003. 

  2003. 						$stack[] = &$level;
    2004. 

  2004. 						$level[$key] = array();
    2005. 

  2005. 						$level = &$level[$key];
    2006. 

  2006. 						$key = '';
    2007. 

  2007. 						$mode = 0;
    2008. 

  2008. 					break;
    2009. 

  2009. 					default:
    2010. 

  2010. 						$level[$key] = $string[$i];
    2011. 

  2011. 						$mode = 2;
    2012. 

  2012. 					break;
    2013. 

  2013. 				}
    2014. 

  2014. 			break;
    2015. 

  2015. 

  2016. 			case 2:
    2017. 

  2017. 				switch ($string[$i])
    2018. 

  2018. 				{
    2019. 

  2019. 					case ')':
    2020. 

  2020. 						unset($level);
    2021. 

  2021. 						$level = array_pop($stack);
    2022. 

  2022. 						$mode = 3;
    2023. 

  2023. 					break;
    2024. 

  2024. 					case ';':
    2025. 

  2025. 						$key = '';
    2026. 

  2026. 						$mode = 0;
    2027. 

  2027. 					break;
    2028. 

  2028. 					default:
    2029. 

  2029. 						$level[$key] .= $string[$i];
    2030. 

  2030. 					break;
    2031. 

  2031. 				}
    2032. 

  2032. 			break;
    2033. 

  2033. 

  2034. 			case 3:
    2035. 

  2035. 				switch ($string[$i])
    2036. 

  2036. 				{
    2037. 

  2037. 					case ')':
    2038. 

  2038. 						unset($level);
    2039. 

  2039. 						$level = array_pop($stack);
    2040. 

  2040. 					break;
    2041. 

  2041. 					case ';':
    2042. 

  2042. 						$key = '';
    2043. 

  2043. 						$mode = 0;
    2044. 

  2044. 					break;
    2045. 

  2045. 					default:
    2046. 

  2046. 						die('Invalid data supplied');
    2047. 

  2047. 					break;
    2048. 

  2048. 				}
    2049. 

  2049. 			break;
    2050. 

  2050. 		}
    2051. 

  2051. 	}
    2052. 

  2052. 

  2053. 	if (sizeof($stack) != 0 || ($mode != 0 && $mode != 3))
    2054. 

  2054. 	{
    2055. 

  2055. 		die('Invalid data supplied');
    2056. 

  2056. 	}
    2057. 

  2057. 

  2058. 	return $level;
    2059. 

  2059. }
    2060. 

  2060. 

  2061. // Pagination functions
    2062. 

  2062. 

  2063. /**
    2064. 

  2064. * Pagination routine, generates page number sequence
    2065. 

  2065. * tpl_prefix is for using different pagination blocks at one page
    2066. 

  2066. */
    2067. 

  2067. function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = false, $tpl_prefix = '')
    2068. 

  2068. {
    2069. 

  2069. 	global $template, $user;
    2070. 

  2070. 

  2071. 	// Make sure $per_page is a valid value
    2072. 

  2072. 	$per_page = ($per_page <= 0) ? 1 : $per_page;
    2073. 

  2073. 

  2074. 	$seperator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>';
    2075. 

  2075. 	$total_pages = ceil($num_items / $per_page);
    2076. 

  2076. 

  2077. 	if ($total_pages == 1 || !$num_items)
    2078. 

  2078. 	{
    2079. 

  2079. 		return false;
    2080. 

  2080. 	}
    2081. 

  2081. 

  2082. 	$on_page = floor($start_item / $per_page) + 1;
    2083. 

  2083. 	$url_delim = (strpos($base_url, '?') === false) ? '?' : ((strpos($base_url, '?') === strlen($base_url) - 1) ? '' : '&amp;');
    2084. 

  2084. 

  2085. 	$page_string = ($on_page == 1) ? '<strong>1</strong>' : '<a href="' . $base_url . '">1</a>';
    2086. 

  2086. 

  2087. 	if ($total_pages > 5)
    2088. 

  2088. 	{
    2089. 

  2089. 		$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
    2090. 

  2090. 		$end_cnt = max(min($total_pages, $on_page + 4), 6);
    2091. 

  2091. 

  2092. 		$page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $seperator;
    2093. 

  2093. 

  2094. 		for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
    2095. 

  2095. 		{
    2096. 

  2096. 			$page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
    2097. 

  2097. 			if ($i < $end_cnt - 1)
    2098. 

  2098. 			{
    2099. 

  2099. 				$page_string .= $seperator;
    2100. 

  2100. 			}
    2101. 

  2101. 		}
    2102. 

  2102. 

  2103. 		$page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $seperator;
    2104. 

  2104. 	}
    2105. 

  2105. 	else
    2106. 

  2106. 	{
    2107. 

  2107. 		$page_string .= $seperator;
    2108. 

  2108. 

  2109. 		for ($i = 2; $i < $total_pages; $i++)
    2110. 

  2110. 		{
    2111. 

  2111. 			$page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
    2112. 

  2112. 			if ($i < $total_pages)
    2113. 

  2113. 			{
    2114. 

  2114. 				$page_string .= $seperator;
    2115. 

  2115. 			}
    2116. 

  2116. 		}
    2117. 

  2117. 	}
    2118. 

  2118. 

  2119. 	$page_string .= ($on_page == $total_pages) ? '<strong>' . $total_pages . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a>';
    2120. 

  2120. 

  2121. 	if ($add_prevnext_text)
    2122. 

  2122. 	{
    2123. 

  2123. 		if ($on_page != 1)
    2124. 

  2124. 		{
    2125. 

  2125. 			$page_string = '<a href="' . $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page) . '">' . $user->lang['PREVIOUS'] . '</a>&nbsp;&nbsp;' . $page_string;
    2126. 

  2126. 		}
    2127. 

  2127. 

  2128. 		if ($on_page != $total_pages)
    2129. 

  2129. 		{
    2130. 

  2130. 			$page_string .= '&nbsp;&nbsp;<a href="' . $base_url . "{$url_delim}start=" . ($on_page * $per_page) . '">' . $user->lang['NEXT'] . '</a>';
    2131. 

  2131. 		}
    2132. 

  2132. 	}
    2133. 

  2133. 

  2134. 	$template->assign_vars(array(
    2135. 

  2135. 		$tpl_prefix . 'BASE_URL'		=> $base_url,
    2136. 

  2136. 		'A_' . $tpl_prefix . 'BASE_URL'	=> addslashes($base_url),
    2137. 

  2137. 		$tpl_prefix . 'PER_PAGE'		=> $per_page,
    2138. 

  2138. 

  2139. 		$tpl_prefix . 'PREVIOUS_PAGE'	=> ($on_page == 1) ? '' : $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page),
    2140. 

  2140. 		$tpl_prefix . 'NEXT_PAGE'		=> ($on_page == $total_pages) ? '' : $base_url . "{$url_delim}start=" . ($on_page * $per_page),
    2141. 

  2141. 		$tpl_prefix . 'TOTAL_PAGES'		=> $total_pages,
    2142. 

  2142. 	));
    2143. 

  2143. 

  2144. 	return $page_string;
    2145. 

  2145. }
    2146. 

  2146. 

  2147. /**
    2148. 

  2148. * Return current page (pagination)
    2149. 

  2149. */
    2150. 

  2150. function on_page($num_items, $per_page, $start)
    2151. 

  2151. {
    2152. 

  2152. 	global $template, $user;
    2153. 

  2153. 

  2154. 	// Make sure $per_page is a valid value
    2155. 

  2155. 	$per_page = ($per_page <= 0) ? 1 : $per_page;
    2156. 

  2156. 

  2157. 	$on_page = floor($start / $per_page) + 1;
    2158. 

  2158. 

  2159. 	$template->assign_vars(array(
    2160. 

  2160. 		'ON_PAGE'		=> $on_page)
    2161. 

  2161. 	);
    2162. 

  2162. 

  2163. 	return sprintf($user->lang['PAGE_OF'], $on_page, max(ceil($num_items / $per_page), 1));
    2164. 

  2164. }
    2165. 

  2165. 

  2166. // Server functions (building urls, redirecting...)
    2167. 

  2167. 

  2168. /**
    2169. 

  2169. * Append session id to url.
    2170. 

  2170. * This function supports hooks.
    2171. 

  2171. *
    2172. 

  2172. * @param string $url The url the session id needs to be appended to (can have params)
    2173. 

  2173. * @param mixed $params String or array of additional url parameters
    2174. 

  2174. * @param bool $is_amp Is url using &amp; (true) or & (false)
    2175. 

  2175. * @param string $session_id Possibility to use a custom session id instead of the global one
    2176. 

  2176. *
    2177. 

  2177. * Examples:
    2178. 

  2178. * <code>
    2179. 

  2179. * append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1&amp;f=2");
    2180. 

  2180. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&amp;f=2');
    2181. 

  2181. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&f=2', false);
    2182. 

  2182. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2));
    2183. 

  2183. * </code>
    2184. 

  2184. *
    2185. 

  2185. */
    2186. 

  2186. function append_sid($url, $params = false, $is_amp = true, $session_id = false)
    2187. 

  2187. {
    2188. 

  2188. 	global $_SID, $_EXTRA_URL, $phpbb_hook, $user;
    2189. 

  2189. 

  2190. 	if ($params === '' || (is_array($params) && empty($params)))
    2191. 

  2191. 	{
    2192. 

  2192. 		// Do not append the ? if the param-list is empty anyway.
    2193. 

  2193. 		$params = false;
    2194. 

  2194. 	}
    2195. 

  2195. 

  2196. 	// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.
    2197. 

  2197. 	// They could mimic most of what is within this function
    2198. 

  2198. 	if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
    2199. 

  2199. 	{
    2200. 

  2200. 		if ($phpbb_hook->hook_return(__FUNCTION__))
    2201. 

  2201. 		{
    2202. 

  2202. 			return $phpbb_hook->hook_return_result(__FUNCTION__);
    2203. 

  2203. 		}
    2204. 

  2204. 	}
    2205. 

  2205. 

  2206. 	$params_is_array = is_array($params);
    2207. 

  2207. 

  2208. 	// Get anchor
    2209. 

  2209. 	$anchor = '';
    2210. 

  2210. 	if (strpos($url, '#') !== false)
    2211. 

  2211. 	{
    2212. 

  2212. 		list($url, $anchor) = explode('#', $url, 2);
    2213. 

  2213. 		$anchor = '#' . $anchor;
    2214. 

  2214. 	}
    2215. 

  2215. 	else if (!$params_is_array && strpos($params, '#') !== false)
    2216. 

  2216. 	{
    2217. 

  2217. 		list($params, $anchor) = explode('#', $params, 2);
    2218. 

  2218. 		$anchor = '#' . $anchor;
    2219. 

  2219. 	}
    2220. 

  2220. 

  2221. 	// Handle really simple cases quickly
    2222. 

  2222. 	if ($_SID == '' && $session_id === false && empty($_EXTRA_URL) && !$params_is_array && !$anchor)
    2223. 

  2223. 	{
    2224. 

  2224. 		if ($params === false)
    2225. 

  2225. 		{
    2226. 

  2226. 			return $url;
    2227. 

  2227. 		}
    2228. 

  2228. 

  2229. 		$url_delim = (strpos($url, '?') === false) ? '?' : (($is_amp) ? '&amp;' : '&');
    2230. 

  2230. 		return $url . ($params !== false ? $url_delim. $params : '');
    2231. 

  2231. 	}
    2232. 

  2232. 

  2233. 	// Assign sid if session id is not specified
    2234. 

  2234. 	if ($session_id === false && $user->data['user_id'] != ANONYMOUS && !$user->data['is_bot'])
    2235. 

  2235. 	{
    2236. 

  2236. 		$session_id = $_SID;
    2237. 

  2237. 	}
    2238. 

  2238. 

  2239. 	$amp_delim = ($is_amp) ? '&amp;' : '&';
    2240. 

  2240. 	$url_delim = (strpos($url, '?') === false) ? '?' : $amp_delim;
    2241. 

  2241. 

  2242. 	// Appending custom url parameter?
    2243. 

  2243. 	$append_url = (!empty($_EXTRA_URL)) ? implode($amp_delim, $_EXTRA_URL) : '';
    2244. 

  2244. 

  2245. 	// Use the short variant if possible ;)
    2246. 

  2246. 	if ($params === false)
    2247. 

  2247. 	{
    2248. 

  2248. 		// Append session id
    2249. 

  2249. 		if (!$session_id)
    2250. 

  2250. 		{
    2251. 

  2251. 			return $url . (($append_url) ? $url_delim . $append_url : '') . $anchor;
    2252. 

  2252. 		}
    2253. 

  2253. 		else
    2254. 

  2254. 		{
    2255. 

  2255. 			return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . 'sid=' . $session_id . $anchor;
    2256. 

  2256. 		}
    2257. 

  2257. 	}
    2258. 

  2258. 

  2259. 	// Build string if parameters are specified as array
    2260. 

  2260. 	if (is_array($params))
    2261. 

  2261. 	{
    2262. 

  2262. 		$output = array();
    2263. 

  2263. 

  2264. 		foreach ($params as $key => $item)
    2265. 

  2265. 		{
    2266. 

  2266. 			if ($item === NULL)
    2267. 

  2267. 			{
    2268. 

  2268. 				continue;
    2269. 

  2269. 			}
    2270. 

  2270. 

  2271. 			if ($key == '#')
    2272. 

  2272. 			{
    2273. 

  2273. 				$anchor = '#' . $item;
    2274. 

  2274. 				continue;
    2275. 

  2275. 			}
    2276. 

  2276. 

  2277. 			$output[] = $key . '=' . $item;
    2278. 

  2278. 		}
    2279. 

  2279. 

  2280. 		$params = implode($amp_delim, $output);
    2281. 

  2281. 	}
    2282. 

  2282. 

  2283. 	// Append session id and parameters (even if they are empty)
    2284. 

  2284. 	// If parameters are empty, the developer can still append his/her parameters without caring about the delimiter
    2285. 

  2285. 	return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . $params . ((!$session_id) ? '' : $amp_delim . 'sid=' . $session_id) . $anchor;
    2286. 

  2286. }
    2287. 

  2287. 

  2288. /**
    2289. 

  2289. * Generate board url (example: http://www.example.com/phpBB)
    2290. 

  2290. *
    2291. 

  2291. * @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com)
    2292. 

  2292. *
    2293. 

  2293. * @return string the generated board url
    2294. 

  2294. */
    2295. 

  2295. function generate_board_url($without_script_path = false)
    2296. 

  2296. {
    2297. 

  2297. 	global $config, $user;
    2298. 

  2298. 

  2299. 	$server_name = $user->host;
    2300. 

  2300. 	$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
    2301. 

  2301. 

  2302. 	// Forcing server vars is the only way to specify/override the protocol
    2303. 

  2303. 	if ($config['force_server_vars'] || !$server_name)
    2304. 

  2304. 	{
    2305. 

  2305. 		$server_protocol = ($config['server_protocol']) ? $config['server_protocol'] : (($config['cookie_secure']) ? 'https://' : 'http://');
    2306. 

  2306. 		$server_name = $config['server_name'];
    2307. 

  2307. 		$server_port = (int) $config['server_port'];
    2308. 

  2308. 		$script_path = $config['script_path'];
    2309. 

  2309. 

  2310. 		$url = $server_protocol . $server_name;
    2311. 

  2311. 		$cookie_secure = $config['cookie_secure'];
    2312. 

  2312. 	}
    2313. 

  2313. 	else
    2314. 

  2314. 	{
    2315. 

  2315. 		// Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
    2316. 

  2316. 		$cookie_secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
    2317. 

  2317. 		$url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;
    2318. 

  2318. 

  2319. 		$script_path = $user->page['root_script_path'];
    2320. 

  2320. 	}
    2321. 

  2321. 

  2322. 	if ($server_port && (($cookie_secure && $server_port <> 443) || (!$cookie_secure && $server_port <> 80)))
    2323. 

  2323. 	{
    2324. 

  2324. 		// HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true)
    2325. 

  2325. 		if (strpos($server_name, ':') === false)
    2326. 

  2326. 		{
    2327. 

  2327. 			$url .= ':' . $server_port;
    2328. 

  2328. 		}
    2329. 

  2329. 	}
    2330. 

  2330. 

  2331. 	if (!$without_script_path)
    2332. 

  2332. 	{
    2333. 

  2333. 		$url .= $script_path;
    2334. 

  2334. 	}
    2335. 

  2335. 

  2336. 	// Strip / from the end
    2337. 

  2337. 	if (substr($url, -1, 1) == '/')
    2338. 

  2338. 	{
    2339. 

  2339. 		$url = substr($url, 0, -1);
    2340. 

  2340. 	}
    2341. 

  2341. 

  2342. 	return $url;
    2343. 

  2343. }
    2344. 

  2344. 

  2345. /**
    2346. 

  2346. * Redirects the user to another page then exits the script nicely
    2347. 

  2347. * This function is intended for urls within the board. It's not meant to redirect to cross-domains.
    2348. 

  2348. *
    2349. 

  2349. * @param string $url The url to redirect to
    2350. 

  2350. * @param bool $return If true, do not redirect but return the sanitized URL. Default is no return.
    2351. 

  2351. * @param bool $disable_cd_check If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false.
    2352. 

  2352. */
    2353. 

  2353. function redirect($url, $return = false, $disable_cd_check = false)
    2354. 

  2354. {
    2355. 

  2355. 	global $db, $cache, $config, $user, $phpbb_root_path;
    2356. 

  2356. 

  2357. 	$failover_flag = false;
    2358. 

  2358. 

  2359. 	if (empty($user->lang))
    2360. 

  2360. 	{
    2361. 

  2361. 		$user->add_lang('common');
    2362. 

  2362. 	}
    2363. 

  2363. 

  2364. 	if (!$return)
    2365. 

  2365. 	{
    2366. 

  2366. 		garbage_collection();
    2367. 

  2367. 	}
    2368. 

  2368. 

  2369. 	// Make sure no &amp;'s are in, this will break the redirect
    2370. 

  2370. 	$url = str_replace('&amp;', '&', $url);
    2371. 

  2371. 

  2372. 	// Determine which type of redirect we need to handle...
    2373. 

  2373. 	$url_parts = @parse_url($url);
    2374. 

  2374. 

  2375. 	if ($url_parts === false)
    2376. 

  2376. 	{
    2377. 

  2377. 		// Malformed url, redirect to current page...
    2378. 

  2378. 		$url = generate_board_url() . '/' . $user->page['page'];
    2379. 

  2379. 	}
    2380. 

  2380. 	else if (!empty($url_parts['scheme']) && !empty($url_parts['host']))
    2381. 

  2381. 	{
    2382. 

  2382. 		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
    2383. 

  2383. 		if (!$disable_cd_check && $url_parts['host'] !== $user->host)
    2384. 

  2384. 		{
    2385. 

  2385. 			$url = generate_board_url();
    2386. 

  2386. 		}
    2387. 

  2387. 	}
    2388. 

  2388. 	else if ($url[0] == '/')
    2389. 

  2389. 	{
    2390. 

  2390. 		// Absolute uri, prepend direct url...
    2391. 

  2391. 		$url = generate_board_url(true) . $url;
    2392. 

  2392. 	}
    2393. 

  2393. 	else
    2394. 

  2394. 	{
    2395. 

  2395. 		// Relative uri
    2396. 

  2396. 		$pathinfo = pathinfo($url);
    2397. 

  2397. 

  2398. 		if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/'))
    2399. 

  2399. 		{
    2400. 

  2400. 			$url = str_replace('../', '', $url);
    2401. 

  2401. 			$pathinfo = pathinfo($url);
    2402. 

  2402. 

  2403. 			if (!file_exists($pathinfo['dirname'] . '/'))
    2404. 

  2404. 			{
    2405. 

  2405. 				// fallback to "last known user page"
    2406. 

  2406. 				// at least this way we know the user does not leave the phpBB root
    2407. 

  2407. 				$url = generate_board_url() . '/' . $user->page['page'];
    2408. 

  2408. 				$failover_flag = true;
    2409. 

  2409. 			}
    2410. 

  2410. 		}
    2411. 

  2411. 

  2412. 		if (!$failover_flag)
    2413. 

  2413. 		{
    2414. 

  2414. 			// Is the uri pointing to the current directory?
    2415. 

  2415. 			if ($pathinfo['dirname'] == '.')
    2416. 

  2416. 			{
    2417. 

  2417. 				$url = str_replace('./', '', $url);
    2418. 

  2418. 

  2419. 				// Strip / from the beginning
    2420. 

  2420. 				if ($url && substr($url, 0, 1) == '/')
    2421. 

  2421. 				{
    2422. 

  2422. 					$url = substr($url, 1);
    2423. 

  2423. 				}
    2424. 

  2424. 

  2425. 				if ($user->page['page_dir'])
    2426. 

  2426. 				{
    2427. 

  2427. 					$url = generate_board_url() . '/' . $user->page['page_dir'] . '/' . $url;
    2428. 

  2428. 				}
    2429. 

  2429. 				else
    2430. 

  2430. 				{
    2431. 

  2431. 					$url = generate_board_url() . '/' . $url;
    2432. 

  2432. 				}
    2433. 

  2433. 			}
    2434. 

  2434. 			else
    2435. 

  2435. 			{
    2436. 

  2436. 				// Used ./ before, but $phpbb_root_path is working better with urls within another root path
    2437. 

  2437. 				$root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($phpbb_root_path)));
    2438. 

  2438. 				$page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($pathinfo['dirname'])));
    2439. 

  2439. 				$intersection = array_intersect_assoc($root_dirs, $page_dirs);
    2440. 

  2440. 

  2441. 				$root_dirs = array_diff_assoc($root_dirs, $intersection);
    2442. 

  2442. 				$page_dirs = array_diff_assoc($page_dirs, $intersection);
    2443. 

  2443. 

  2444. 				$dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs);
    2445. 

  2445. 

  2446. 				// Strip / from the end
    2447. 

  2447. 				if ($dir && substr($dir, -1, 1) == '/')
    2448. 

  2448. 				{
    2449. 

  2449. 					$dir = substr($dir, 0, -1);
    2450. 

  2450. 				}
    2451. 

  2451. 

  2452. 				// Strip / from the beginning
    2453. 

  2453. 				if ($dir && substr($dir, 0, 1) == '/')
    2454. 

  2454. 				{
    2455. 

  2455. 					$dir = substr($dir, 1);
    2456. 

  2456. 				}
    2457. 

  2457. 

  2458. 				$url = str_replace($pathinfo['dirname'] . '/', '', $url);
    2459. 

  2459. 

  2460. 				// Strip / from the beginning
    2461. 

  2461. 				if (substr($url, 0, 1) == '/')
    2462. 

  2462. 				{
    2463. 

  2463. 					$url = substr($url, 1);
    2464. 

  2464. 				}
    2465. 

  2465. 

  2466. 				$url = (!empty($dir) ? $dir . '/' : '') . $url;
    2467. 

  2467. 				$url = generate_board_url() . '/' . $url;
    2468. 

  2468. 			}
    2469. 

  2469. 		}
    2470. 

  2470. 	}
    2471. 

  2471. 

  2472. 	// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
    2473. 

  2473. 	if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false)
    2474. 

  2474. 	{
    2475. 

  2475. 		trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
    2476. 

  2476. 	}
    2477. 

  2477. 

  2478. 	// Now, also check the protocol and for a valid url the last time...
    2479. 

  2479. 	$allowed_protocols = array('http', 'https', 'ftp', 'ftps');
    2480. 

  2480. 	$url_parts = parse_url($url);
    2481. 

  2481. 

  2482. 	if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
    2483. 

  2483. 	{
    2484. 

  2484. 		trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
    2485. 

  2485. 	}
    2486. 

  2486. 

  2487. 	if ($return)
    2488. 

  2488. 	{
    2489. 

  2489. 		return $url;
    2490. 

  2490. 	}
    2491. 

  2491. 

  2492. 	// Redirect via an HTML form for PITA webservers
    2493. 

  2493. 	if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
    2494. 

  2494. 	{
    2495. 

  2495. 		header('Refresh: 0; URL=' 
    2496.