+<Files *>

+ Order Allow,Deny

+ Deny from All

+</Files>

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if (!phpbb_is_writable($this->cache_dir))

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path, $phpEx;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if ($check && !phpbb_is_writable($this->cache_dir))

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path, $phpEx;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if ($check && !phpbb_is_writable($this->cache_dir))

+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

+ if ($group_id)

+ {

+ $sql .= ' AND group_id <> ' . $group_id;

+ }

+ $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name;

+ 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'],

+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

+ if (!phpbb_is_writable($phpbb_root_path . $upload_dir))

+ 'A_REASON' => addslashes($reason),

+ 'A_REASON' => addslashes($reason),

+ 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'string', 'type' => 'select', 'function' => 'tz_select', 'params' => array('{CONFIG_VALUE}', 1), 'explain' => true),

+ 'load_unreads_search' => array('lang' => 'YES_UNREAD_SEARCH', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),

+ $user->timezone = $config['board_timezone'] * 3600;

+ $user->dst = $config['board_dst'] * 3600;

+ trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action), E_USER_WARNING);

+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING);

+ case 'mssqlnative':

+ $ary_type = $ary_name = array();

+ $db->mssqlnative_set_query_options(array('Scrollable' => SQLSRV_CURSOR_STATIC));

+ $retrieved_data = $db->mssqlnative_num_rows($result);

+ if (!$retrieved_data)

+ {

+ $db->sql_freeresult($result);

+ return;

+ }

+

+ $sql = "SELECT * FROM $table_name";

+ $result_fields = $db->sql_query_limit($sql, 1);

+

+ $row = new result_mssqlnative($result_fields);

+ $i_num_fields = $row->num_fields();

+

+ $ary_type[$i] = $row->field_type($i);

+ $ary_name[$i] = $row->field_name($i);

+ $db->sql_freeresult($result_fields);

+

+ $sql = "SELECT 1 as has_identity

+ FROM INFORMATION_SCHEMA.COLUMNS

+ WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1";

+ $result2 = $db->sql_query($sql);

+ $row2 = $db->sql_fetchrow($result2);

+ if (!empty($row2['has_identity']))

+ $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n";

+ $ident_set = true;

+ $db->sql_freeresult($result2);

+ // defaults to type number - better quote just to be safe, so check for is_int too

+ if (is_int($ary_type[$i]) || preg_match('#char|text|bool|varbinary#i', $ary_type[$i]))

+ if ($ident_set)

+ $forum_data['show_active'] = ($forum_data['forum_type'] == FORUM_POST) ? request_var('display_recent', true) : request_var('display_active', false);

+ $copied_permissions = false;

+ $copied_permissions = true;

+ if ($auth->acl_get('a_fauth') && !$copied_permissions)

+ if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth'))

+ $parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, false, false, false);

+ $parents_list = make_forum_select($this->parent_id, false, false, false, false);

+ 'S_DISPLAY_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_POST) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : true,

+ 'S_ENABLE_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_CAT) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : false,

+ trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&amp;parent_id=' . $this->parent_id), E_USER_WARNING);

+ // Delete shadow topics pointing to topics in this forum

+ delete_topic_shadows($forum_id);

+

+ // Amount of rows we select and delete in one iteration.

+ $batch_size = 500;

+

+ $result = $db->sql_query_limit($sql, $batch_size, $start);

+ while (sizeof($ids) == $batch_size);

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ // Validate the length of "Maximum number of allowed recipients per private message" setting.

+ // We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value

+ // which is the lowest amongst DBMSes supported by phpBB3

+ if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215))))

+ {

+ // Replace "error" string with its real, localised form

+ $error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));

+ }

+

+

+ phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES);

+ case 'mssqlnative':

+ 'users' => utf8_normalize_nfc(request_var('users', '', true)),

+ 'username' => utf8_normalize_nfc(request_var('username', '', true)),

+ $users = utf8_normalize_nfc(request_var('users', '', true));

+ $username = utf8_normalize_nfc(request_var('username', '', true));

+ case 'mssqlnative':

+ if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && phpbb_is_writable($file))

+ if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && phpbb_is_writable($file))

+ if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !phpbb_is_writable($check)))

+ else if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css"))

+ if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template"))

+ preg_match_all('/@import url\((["\'])(.*)\1\);/i', $stylesheet, $matches);

+

+ // remove commented stylesheets (very simple parser, allows only whitespace

+ // around an @import statement)

+ preg_match_all('#/\*\s*@import url\((["\'])(.*)\1\);\s\*/#i', $stylesheet, $commented);

+ $matches[2] = array_diff($matches[2], $commented[2]);

+ if (isset($matches[2][$idx]))

+ {

+ $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[2][$idx]), $stylesheet);

+ }

+ if (!$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$path}/template"))

+ $result = $db->sql_query_limit($sql, 1);

+ if ($delete_type)

+ if (confirm_box(true))

+ {

+ user_delete($delete_type, $user_id, $user_row['username']);

+ add_log('admin', 'LOG_USER_DELETED', $user_row['username']);

+ trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));

+ }

+ else

+ {

+ confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(

+ 'u' => $user_id,

+ 'i' => $id,

+ 'mode' => $mode,

+ 'action' => $action,

+ 'update' => true,

+ 'delete' => 1,

+ 'delete_type' => $delete_type))

+ );

+ }

+ trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);

+ if ($user_id == ANONYMOUS)

+ {

+ trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);

+ }

+

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ // Check if user has an active session

+ if ($user_row['session_id'])

+ {

+ // We'll update the session if user_allow_viewonline has changed and the user is a bot

+ // Or if it's a regular user and the admin set it to hide the session

+ if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE

+ || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])

+ {

+ // We also need to check if the user has the permission to cloak.

+ $user_auth = new auth();

+ $user_auth->acl($user_row);

+

+ $session_sql_ary = array(

+ 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,

+ );

+

+ $sql = 'UPDATE ' . SESSIONS_TABLE . '

+ SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "

+ WHERE session_user_id = $user_id";

+ $db->sql_query($sql);

+

+ unset($user_auth);

+ }

+ }

+

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ if (avatar_process_user($error, $user_row, $can_upload))

+ $result = $db->sql_query_limit($sql, 1);

+ 'post' => array('title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION', 'ACP_MESSAGES')),

+ WHERE user_id = ' . (int) $row['user_id'] . '

+ AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;

+ WHERE user_id = ' . (int) $row['user_id'] . '

+ AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;

+ return $user->lang['LDAP_SEARCH_FAILED'];

+ // Unescape the asterisk to simplify further conversions

+ $row['word'] = str_replace('\*', '*', preg_quote($row['word'], '#'));

+

+ // Replace the asterisk inside the pattern, at the start and at the end of it with regexes

+ $row['word'] = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*(?=[\p{Nd}\p{L}_])#iu', '#^\*#', '#\*$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $row['word']);

+

+ // Generate the final substitution

+ $censors['match'][] = '#(?<![\p{Nd}\p{L}_-])(' . $row['word'] . ')(?![\p{Nd}\p{L}_-])#iu';

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ return $user->lang['RECAPTCHA_INCORRECT'];

+// Maximum login attempts

+// The value is arbitrary, but it has to fit into the user_login_attempts field.

+define('LOGIN_ATTEMPTS_MAX', 100);

+

+// Notify status

+define('NOTIFY_YES', 0);

+define('NOTIFY_NO', 1);

+

+ * add_index: adding an index (can be column:index_size if you need to provide size)

+ // remove index length unless MySQL4

+ if ('mysql_40' != $this->sql_layer)

+ {

+ $column = preg_replace('#:.*$#', '', $column);

+ }

+

+ // add index size to definition as required by MySQL4

+ foreach ($column as $i => $col)

+ {

+ if (false !== strpos($col, ':'))

+ {

+ list($col, $index_size) = explode(':', $col);

+ $column[$i] = "$col($index_size)";

+ }

+ }

+ // no break

+ * @param bool $use_cache forced to false for Interbase

+ function sql_server_info($raw = false, $use_cache = true)

+ /**

+ * force $use_cache false. I didn't research why the caching code there is no caching code

+ * but I assume its because the IB extension provides a direct method to access it

+ * without a query.

+ */

+

+ $use_cache = false;

+

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssqlodbc_version')) === false)

+ if (!empty($cache) && $use_cache)

+ var $query_options = array();

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ if (($this->query_result = @sqlsrv_query($this->db_connect_id, $query, array(), $this->query_options)) === false)

+ // reset options for next query

+ $this->query_options = array();

+ $code = 0;

+ $code = $error['code'];

+

+ return array(

+ 'message' => $error,

+ 'code' => $code,

+ );

+ * Requires a static or keyset cursor to be definde via

+ * mssqlnative_set_query_options()

+ return sqlsrv_num_rows($res);

+

+ /**

+ * Allows setting mssqlnative specific query options passed to sqlsrv_query as 4th parameter.

+ */

+ function mssqlnative_set_query_options($options)

+ {

+ $this->query_options = $options;

+ }

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mysql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mysqli_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache forced to false for Oracle

+ function sql_server_info($raw = false, $use_cache = true)

+ /**

+ * force $use_cache false. I didn't research why the caching code below is commented out

+ * but I assume its because the Oracle extension provides a direct method to access it

+ * without a query.

+ */

+

+ $use_cache = false;

+/* The code inside this comment block breaks clob handling, but does allow the

+ database restore script to work. If you want to allow no posts longer than 4KB

+ and/or need the db restore script, uncomment this.

+

+*/

+ // $sqlserver can carry a port separated by : for compatibility reasons

+ // If $sqlserver has more than one : it's probably an IPv6 address.

+ // In this case we only allow passing a port via the $port variable.

+ if (substr_count($sqlserver, ':') === 1)

+ if ($this->persistency)

+ {

+ $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW);

+ }

+ else

+ {

+ $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW);

+ }

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('pgsql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache if true, it is safe to retrieve the stored value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('sqlite_version')) === false)

+

+ if (!empty($cache) && $use_cache)

+ {

+ $cache->put('sqlite_version', $this->sql_server_version);

+ }

+ $sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';

+*

+* @return string

+ // [a, z] + [0, 9] = 36

+ return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars);

+}

+

+/**

+* Generates a user-friendly alphanumeric random string of given length

+* We remove 0 and O so users cannot confuse those in passwords etc.

+*

+* @return string

+*/

+function gen_rand_string_friendly($num_chars = 8)

+{

+

+ // Remove Z and Y from the base_convert(), replace 0 with Z and O with Y

+ // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34

+ if (is_readable($filename) && phpbb_is_writable($filename))

+ if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))

+ if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))

+* @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start

+function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)

+ $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);

+ $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);

+ if ($key === '')

+ {

+ continue;

+ }

+

+/**

+* Outputs correct status line header.

+*

+* Depending on php sapi one of the two following forms is used:

+*

+* Status: 404 Not Found

+*

+* HTTP/1.x 404 Not Found

+*

+* HTTP version is taken from HTTP_VERSION environment variable,

+* and defaults to 1.0.

+*

+* Sample usage:

+*

+* send_status_line(404, 'Not Found');

+*

+* @param int $code HTTP status code

+* @param string $message Message for the status code

+* @return void

+*/

+function send_status_line($code, $message)

+{

+ if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi')

+ {

+ // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though

+ header("Status: $code $message", true, $code);

+ }

+ else

+ {

+ if (isset($_SERVER['HTTP_VERSION']))

+ {

+ $version = $_SERVER['HTTP_VERSION'];

+ }

+ else

+ {

+ $version = 'HTTP/1.0';

+ }

+ header("$version $code $message", true, $code);

+ }

+}

+

+ // Regex written by James Watts and Francisco Jose Martin Moreno

+ // http://fightingforalostcause.net/misc/2006/compare-email-regex.php

+ return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';

+ return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i';

+* @param string $host Fully-Qualified Domain Name

+* @param string $type Resource record type to lookup

+* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME

+* Other types may work or may not work

+* @return mixed true if entry found,

+* false if entry not found,

+* null if this function is not supported by this environment

+*

+* Since null can also be returned, you probably want to compare the result

+* with === true or === false,

+*

+* @author bantu

+function phpbb_checkdnsrr($host, $type = 'MX')

+ // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)

+ if (substr($host, -1) == '.')

+ {

+ $host_fqdn = $host;

+ $host = substr($host, 0, -1);

+ }

+ else

+ {

+ $host_fqdn = $host . '.';

+ }

+ // $host has format some.host.example.com

+ // $host_fqdn has format some.host.example.com.

+ // If we're looking for an A record we can use gethostbyname()

+ if ($type == 'A' && function_exists('gethostbyname'))

+ return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true;

+ }

+

+ // checkdnsrr() is available on Windows since PHP 5.3,

+ // but until 5.3.3 it only works for MX records

+ // See: http://bugs.php.net/bug.php?id=51844

+

+ // Call checkdnsrr() if

+ // we're looking for an MX record or

+ // we're not on Windows or

+ // we're running a PHP version where #51844 has been fixed

+

+ // checkdnsrr() supports AAAA since 5.0.0

+ // checkdnsrr() supports TXT since 5.2.4

+ if (

+ ($type == 'MX' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.3', '>=')) &&

+ ($type != 'AAAA' || version_compare(PHP_VERSION, '5.0.0', '>=')) &&

+ ($type != 'TXT' || version_compare(PHP_VERSION, '5.2.4', '>=')) &&

+ function_exists('checkdnsrr')

+ )

+ {

+ return checkdnsrr($host_fqdn, $type);

+ }

+

+ // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows,

+ // but on Windows it does not work reliable for AAAA records before PHP 5.3.1

+

+ // Call dns_get_record() if

+ // we're not looking for an AAAA record or

+ // we're not on Windows or

+ // we're running a PHP version where AAAA lookups work reliable

+ if (

+ ($type != 'AAAA' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.1', '>=')) &&

+ function_exists('dns_get_record')

+ )

+ {

+ // dns_get_record() expects an integer as second parameter

+ // We have to convert the string $type to the corresponding integer constant.

+ $type_constant = 'DNS_' . $type;

+ $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY;

+

+ // dns_get_record() might throw E_WARNING and return false for records that do not exist

+ $resultset = @dns_get_record($host_fqdn, $type_param);

+

+ if (empty($resultset) || !is_array($resultset))

+ return false;

+ }

+ else if ($type_param == DNS_ANY)

+ {

+ // $resultset is a non-empty array

+ return true;

+ }

+

+ foreach ($resultset as $result)

+ {

+ if (

+ isset($result['host']) && $result['host'] == $host &&

+ isset($result['type']) && $result['type'] == $type

+ )

+ {

+ return true;

+ }

+ return false;

+ }

+

+ // If we're on Windows we can still try to call nslookup via exec() as a last resort

+ if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec'))

+ {

+ @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output);

+ $line = trim($line);

+

+ if (empty($line))

+ // Squash tabs and multiple whitespaces to a single whitespace.

+ $line = preg_replace('/\s+/', ' ', $line);

+

+ switch ($type)

+ case 'MX':

+ if (stripos($line, "$host MX") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'NS':

+ if (stripos($line, "$host nameserver") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'TXT':

+ if (stripos($line, "$host text") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'CNAME':

+ if (stripos($line, "$host canonical name") === 0)

+ {

+ return true;

+ }

+

+ default:

+ case 'A':

+ case 'AAAA':

+ if (!empty($host_matches))

+ {

+ // Second line

+ if (stripos($line, "Address: ") === 0)

+ {

+ return true;

+ }

+ else

+ {

+ $host_matches = false;

+ }

+ }

+ else if (stripos($line, "Name: $host") === 0)

+ {

+ // First line

+ $host_matches = true;

+ }

+ break;

+ send_status_line(503, 'Service Unavailable');

+ if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER')

+ {

+ send_status_line(404, 'Not Found');

+ }

+

+ send_status_line(401, 'Unauthorized');

+

+ send_status_line(401, 'Unauthorized');

+ 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,

+

+ 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->data['user_lang']),

+ if (!$ignore_acl && $auth->acl_gets(array('f_list', 'a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id']))

+ $forum_ids[] = (int) $row['forum_id'];

+ $topic_ids[] = (int) $row['topic_id'];

+ SET forum_id = ' . (int) $forum_row['forum_id'] . ", topic_id = $topic_id

+ $forum_ids[] = (int) $forum_row['forum_id'];

+ $table_ary = array(BOOKMARKS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, POLL_VOTES_TABLE, POLL_OPTIONS_TABLE, TOPICS_WATCH_TABLE, TOPICS_TABLE);

+* Deletes shadow topics pointing to a specified forum.

+*

+* @param int $forum_id The forum id

+* @param string $sql_more Additional WHERE statement, e.g. t.topic_time < (time() - 1234)

+* @param bool $auto_sync Will call sync() if this is true

+*

+* @return array Array with affected forums

+*

+* @author bantu

+function delete_topic_shadows($forum_id, $sql_more = '', $auto_sync = true)

+ global $db;

+ if (!$forum_id)

+ // Nothing to do.

+ return;

+ }

+ // Set of affected forums we have to resync

+ $sync_forum_ids = array();

+ // Amount of topics we select and delete at once.

+ $batch_size = 500;

+ do

+ {

+ $sql = 'SELECT t2.forum_id, t2.topic_id

+ FROM ' . TOPICS_TABLE . ' t2, ' . TOPICS_TABLE . ' t

+ WHERE t2.topic_moved_id = t.topic_id

+ AND t.forum_id = ' . (int) $forum_id . '

+ ' . (($sql_more) ? 'AND ' . $sql_more : '');

+ $result = $db->sql_query_limit($sql, $batch_size);

+

+ $topic_ids = array();

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $topic_ids[] = (int) $row['topic_id'];

+

+ $sync_forum_ids[(int) $row['forum_id']] = (int) $row['forum_id'];

+ }

+ $db->sql_freeresult($result);

+

+ if (!empty($topic_ids))

+ {

+ $sql = 'DELETE FROM ' . TOPICS_TABLE . '

+ WHERE ' . $db->sql_in_set('topic_id', $topic_ids);

+ $db->sql_query($sql);

+ }

+ while (sizeof($topic_ids) == $batch_size);

+ sync('forum', 'forum_id', $sync_forum_ids, true, true);

+

+ return $sync_forum_ids;

+ /**

+ * Commented out, as adding the folders produces corrupted archives

+ */

+ /**

+ * Commented out, as adding the folders produces corrupted archives

+ */

+ 'sig_bbcode' => array('bit' => 15, 'default' => 1),

+ 'sig_smilies' => array('bit' => 16, 'default' => 1),

+ 'sig_links' => array('bit' => 17, 'default' => 1),

+ if (!phpbb_is_writable($path))

+ if (!phpbb_is_writable($trg_path))

+ if (!phpbb_is_writable($trg_path . $dir))

+ $folder_alt = ($forum_unread) ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS';

+ $s_subforums_list[] = '<a href="' . $subforum['link'] . '" class="subforum ' . (($subforum['unread']) ? 'unread' : 'read') . '" title="' . (($subforum['unread']) ? $user->lang['UNREAD_POSTS'] : $user->lang['NO_UNREAD_POSTS']) . '">' . $subforum['name'] . '</a>';

+ $folder_alt = ($unread_topic) ? 'UNREAD_POSTS' : (($topic_row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_UNREAD_POSTS');

+ $fid_m_approve = $auth->acl_getf('m_approve', true);

+ $sql_m_approve = (!empty($fid_m_approve)) ? 'OR ' . $db->sql_in_set('forum_id', array_keys($fid_m_approve)) : '';

+

+ AND (post_approved = 1

+ $sql_m_approve)

+ AND (post_approved = 1

+ $sql_m_approve)

+ if ($notify_status != NOTIFY_YES)

+ SET notify_status = " . NOTIFY_YES . "

+ VALUES ($user_id, $match_id, " . NOTIFY_YES . ')';

+ /*

+ * This code is commented out because it causes problems on some web hosts.

+ * The core problem is rather restrictive email sending limits.

+ * This code is nly useful if you have no such restrictions from the

+ * web host and the package size setting is wrong.

+

+ */

+ 'S_CHECKED' => ($cur_topic_type == POST_NORMAL) ? ' checked="checked"' : '',

+ unset($rowset[$post_list[$i]]);

+ AND w.notify_status = " . NOTIFY_YES . '

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')

+ AND fw.notify_status = " . NOTIFY_YES . '

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')

+ $sql = 'UPDATE ' . TOPICS_WATCH_TABLE . '

+ SET notify_status = ' . NOTIFY_NO . "

+ $sql = 'UPDATE ' . FORUMS_WATCH_TABLE . '

+ SET notify_status = ' . NOTIFY_NO . "

+ markread('post', $data['forum_id'], $data['topic_id']);

+ if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval)

+ // First of all make sure the subject are having the correct length.

+ $subject = truncate_string($subject);

+

+ $title = $row['message_subject'];

+

+ case 'mssqlnative':

+ // Date should display as the same date for every user regardless of timezone, so remove offset

+ // to compensate for the offset added by user::format_date()

+ return $user->format_date(gmmktime(0, 0, 0, $month, $day, $year) - ($user->timezone + $user->dst), $user->lang['DATE_FORMAT'], true);

+ $name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name'];

+ $name = trim(utf8_htmlspecialchars(utf8_basename($name)));

+ $this->realname = $this->uploadname = $name;

+ $block = @fread($fsock, 1024);

+ $filesize += strlen($block);

+

+ if ($this->max_filesize && $filesize > $this->max_filesize)

+ {

+ $max_filesize = get_formatted_filesize($this->max_filesize, false);

+

+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));

+ return $file;

+ }

+

+ $data .= $block;

+ else if ($this->max_filesize && stripos($line, 'content-length: ') !== false)

+ {

+ $length = (int) str_replace('content-length: ', '', strtolower($line));

+

+ if ($length && $length > $this->max_filesize)

+ {

+ $max_filesize = get_formatted_filesize($this->max_filesize, false);

+

+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));

+ return $file;

+ }

+ }

+ $user_row['group_id'] = $add_group_id;

+ $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE);

+ $time_offset = (isset($user->timezone) && isset($user->dst)) ? (int) $user->timezone + (int) $user->dst : 0;

+ $ban_end = max($current_time, gmmktime(0, 0, 0, (int)$ban_other[1], (int)$ban_other[2], (int)$ban_other[0]) - $time_offset);

+ // Do not allow banning yourself, the guest account, or founders.

+ $non_bannable = array($user->data['user_id'], ANONYMOUS);

+ $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true);

+ $sql .= ' AND ' . $db->sql_in_set('user_id', $non_bannable, true);

+* Internet Protocol Address Whois

+* RFC3912: WHOIS Protocol Specification

+* @param string $ip Ip address, either IPv4 or IPv6.

+*

+* @return string Empty string if not a valid ip address.

+* Otherwise make_clickable()'ed whois result.

+ if (empty($ip))

+ {

+ return '';

+ }

+ if (preg_match(get_preg_expression('ipv4'), $ip))

+ {

+ // IPv4 address

+ $whois_host = 'whois.arin.net.';

+ }

+ else if (preg_match(get_preg_expression('ipv6'), $ip))

+ {

+ // IPv6 address

+ $whois_host = 'whois.sixxs.net.';

+ }

+ else

+ $ipwhois = '';

+

+ if (($fsk = @fsockopen($whois_host, 43)))

+ // Test for referrals from $whois_host to other whois databases, roll on rwhois

+ // Use the result from $whois_host if we don't get any result here

+function avatar_process_user(&$error, $custom_userdata = false, $can_upload = null)

+ if (is_null($can_upload))

+ {

+ $can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $change_avatar && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;

+ }

+ list($sql_ary['user_avatar_width'], $sql_ary['user_avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . urldecode($sql_ary['user_avatar']));

+ if ($topic_data['enable_indexing'])

+ {

+ // Select the search method and do some additional checks to ensure it can actually be utilised

+ $search_type = basename($config['search_type']);

+

+ if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))

+ {

+ trigger_error('NO_SUCH_SEARCH_MODULE');

+ }

+

+ if (!class_exists($search_type))

+ {

+ include("{$phpbb_root_path}includes/search/$search_type.$phpEx");

+ }

+

+ $error = false;

+ $search = new $search_type($error);

+ $search_mode = 'post';

+

+ if ($error)

+ {

+ trigger_error($error);

+ }

+ }

+ else

+ {

+ $search_type = false;

+ }

+

+ if ($search_type)

+ {

+ $search->index($search_mode, $sql_ary['post_id'], $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id);

+ $search_mode = 'reply'; // After one we index replies

+ }

+

+ 'U_MCP_ACTION' => "$url&amp;i=main&amp;quickmod=1&amp;mode=post_details", // Use this for mode paramaters

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],

+ if ($config['email_enable'] || $config['jab_enable'])

+ foreach ($post_info as $post_data)

+ if ($post_data['poster_id'] == ANONYMOUS)

+ {

+ continue;

+ }

+ else

+ {

+ $show_notify = true;

+ break;

+ }

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ $stats = @getimagesize(htmlspecialchars_decode($in));

+ $match = array('#\sand\s#iu', '#\sor\s#iu', '#\snot\s#iu', '#(^|\s)\+#', '#(^|\s)-#', '#(^|\s)\|#');

+ <dl>

+ <dt><label>' . $user->lang['MIN_SEARCH_CHARS'] . ':</label><br /><span>' . $user->lang['FULLTEXT_MYSQL_MIN_SEARCH_CHARS_EXPLAIN'] . '</span></dt>

+ <dd>' . $config['fulltext_mysql_min_word_len'] . '</dd>

+ </dl>

+ <dl>

+ <dt><label>' . $user->lang['MAX_SEARCH_CHARS'] . ':</label><br /><span>' . $user->lang['FULLTEXT_MYSQL_MAX_SEARCH_CHARS_EXPLAIN'] . '</span></dt>

+ <dd>' . $config['fulltext_mysql_max_word_len'] . '</dd>

+ </dl>

+ $tokens = '+-|()*';

+

+ $keywords = trim($this->cleanup($keywords, $tokens));

+ case '*':

+ if ($i === 0 || ($keywords[$i - 1] !== '*' && strcspn($keywords[$i - 1], $tokens) === 0))

+ {

+ if ($i === $n - 1 || ($keywords[$i + 1] !== '*' && strcspn($keywords[$i + 1], $tokens) === 0))

+ {

+ $keywords = substr($keywords, 0, $i) . substr($keywords, $i + 1);

+ }

+ }

+ break;

+ // Quick check for IPv4-mapped address in IPv6

+ if (stripos($ip, '::ffff:') === 0)

+ {

+ $ipv4 = substr($ip, 7);

+

+ if (preg_match(get_preg_expression('ipv4'), $ipv4))

+ {

+ $ip = $ipv4;

+ }

+ }

+

+ send_status_line(503, 'Service Unavailable');

+ send_status_line(503, 'Service Unavailable');

+ if ($this->load > floatval($config['limit_load']) && !defined('IN_LOGIN') && !defined('IN_ADMIN'))

+ send_status_line(503, 'Service Unavailable');

+ // Show date <= 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future

+ if ($delta <= 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO']))

+ 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')),

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ $folder_alt = ($unread_topic) ? 'UNREAD_POSTS' : (($row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_UNREAD_POSTS');

+ $folder_alt = ($unread_forum) ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS';

+ 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0,

+ 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false,

+ 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&amp;mode=pm_report_details&amp;r=' . $row['report_id']) : '',

+ 'REPORTED_IMG' => $user->img('icon_topic_reported', 'PM_REPORTED'),

+ $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour, p.message_reported

+ $pm_reported = array();

+ if ($row['message_reported'])

+ {

+ $pm_reported[] = $row['msg_id'];

+ }

+ // Fetch the report_ids, if there are any reported pms.

+ if (!empty($pm_reported) && $auth->acl_getf_global('m_report'))

+ {

+ $sql = 'SELECT pm_id, report_id

+ FROM ' . REPORTS_TABLE . '

+ WHERE report_closed = 0

+ AND ' . $db->sql_in_set('pm_id', $pm_reported);

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $rowset[$row['pm_id']]['report_id'] = $row['report_id'];

+ }

+ $db->sql_freeresult($result);

+ }

+

+ if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email'))

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;

+ if (avatar_process_user($error, false, $can_upload))

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));

+ $user_actkey = gen_rand_string(mt_rand(6, 10));