+<Files *>

+ Order Allow,Deny

+ Deny from All

+</Files>

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if (!phpbb_is_writable($this->cache_dir))

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path, $phpEx;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if ($check && !phpbb_is_writable($this->cache_dir))

+if (!defined('PHPBB_ACM_MEMCACHE'))

+{

+ //can define multiple servers with host1/port1,host2/port2 format

+ define('PHPBB_ACM_MEMCACHE', PHPBB_ACM_MEMCACHE_HOST . '/' . PHPBB_ACM_MEMCACHE_PORT);

+}

+

+ foreach(explode(',', PHPBB_ACM_MEMCACHE) as $u)

+ {

+ $parts = explode('/', $u);

+ $this->memcache->addServer(trim($parts[0]), trim($parts[1]));

+ }

+?>

+ if (!function_exists('phpbb_is_writable'))

+ {

+ global $phpbb_root_path, $phpEx;

+ include($phpbb_root_path . 'includes/functions.' . $phpEx);

+ }

+

+ if ($check && !phpbb_is_writable($this->cache_dir))

+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

+ if ($group_id)

+ {

+ $sql .= ' AND group_id <> ' . $group_id;

+ }

+ $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name;

+ 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'],

+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];

+ if (!phpbb_is_writable($phpbb_root_path . $upload_dir))

+ 'A_REASON' => addslashes($reason),

+ 'A_REASON' => addslashes($reason),

+ 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'string', 'type' => 'select', 'function' => 'tz_select', 'params' => array('{CONFIG_VALUE}', 1), 'explain' => true),

+ 'load_unreads_search' => array('lang' => 'YES_UNREAD_SEARCH', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),

+ $user->timezone = $config['board_timezone'] * 3600;

+ $user->dst = $config['board_dst'] * 3600;

+ trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action), E_USER_WARNING);

+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING);

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ $backup_files[(int) $matches[1]] = $file;

+ 'NAME' => $user->format_date($name, 'd-m-Y H:i:s', true),

+ else if($db->sql_layer === 'mssqlnative')

+ {

+ $this->write_data_mssqlnative($table_name);

+ }

+

+ function write_data_mssqlnative($table_name)

+ {

+ global $db;

+ $ary_type = $ary_name = array();

+ $ident_set = false;

+ $sql_data = '';

+

+ // Grab all of the data from current table.

+ $sql = "SELECT * FROM $table_name";

+ $db->mssqlnative_set_query_options(array('Scrollable' => SQLSRV_CURSOR_STATIC));

+ $result = $db->sql_query($sql);

+

+ $retrieved_data = $db->mssqlnative_num_rows($result);

+

+ if (!$retrieved_data)

+ {

+ $db->sql_freeresult($result);

+ return;

+ }

+

+ $sql = "SELECT * FROM $table_name";

+ $result_fields = $db->sql_query_limit($sql, 1);

+

+ $row = new result_mssqlnative($result_fields);

+ $i_num_fields = $row->num_fields();

+

+ for ($i = 0; $i < $i_num_fields; $i++)

+ {

+ $ary_type[$i] = $row->field_type($i);

+ $ary_name[$i] = $row->field_name($i);

+ }

+ $db->sql_freeresult($result_fields);

+ $sql = "SELECT 1 as has_identity

+ FROM INFORMATION_SCHEMA.COLUMNS

+ WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1";

+ $result2 = $db->sql_query($sql);

+ $row2 = $db->sql_fetchrow($result2);

+

+ if (!empty($row2['has_identity']))

+ {

+ $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n";

+ $ident_set = true;

+ }

+ $db->sql_freeresult($result2);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $schema_vals = $schema_fields = array();

+

+ // Build the SQL statement to recreate the data.

+ for ($i = 0; $i < $i_num_fields; $i++)

+ {

+ $str_val = $row[$ary_name[$i]];

+

+ // defaults to type number - better quote just to be safe, so check for is_int too

+ if (is_int($ary_type[$i]) || preg_match('#char|text|bool|varbinary#i', $ary_type[$i]))

+ {

+ $str_quote = '';

+ $str_empty = "''";

+ $str_val = sanitize_data_mssql(str_replace("'", "''", $str_val));

+ }

+ else if (preg_match('#date|timestamp#i', $ary_type[$i]))

+ {

+ if (empty($str_val))

+ {

+ $str_quote = '';

+ }

+ else

+ {

+ $str_quote = "'";

+ }

+ }

+ else

+ {

+ $str_quote = '';

+ $str_empty = 'NULL';

+ }

+

+ if (empty($str_val) && $str_val !== '0' && !(is_int($str_val) || is_float($str_val)))

+ {

+ $str_val = $str_empty;

+ }

+

+ $schema_vals[$i] = $str_quote . $str_val . $str_quote;

+ $schema_fields[$i] = $ary_name[$i];

+ }

+

+ // Take the ordered fields and their associated data and build it

+ // into a valid sql statement to recreate that field in the data.

+ $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\nGO\n";

+

+ $this->flush($sql_data);

+ $sql_data = '';

+ }

+ $db->sql_freeresult($result);

+

+ if ($ident_set)

+ {

+ $sql_data .= "\nSET IDENTITY_INSERT $table_name OFF\nGO\n";

+ }

+ $this->flush($sql_data);

+ }

+

+ $forum_data['show_active'] = ($forum_data['forum_type'] == FORUM_POST) ? request_var('display_recent', true) : request_var('display_active', false);

+ $copied_permissions = false;

+ $copied_permissions = true;

+ if ($auth->acl_get('a_fauth') && !$copied_permissions)

+ if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth'))

+ 'S_DISPLAY_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_POST) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : true,

+ 'S_ENABLE_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_CAT) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : false,

+ trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&amp;parent_id=' . $this->parent_id), E_USER_WARNING);

+ // Delete shadow topics pointing to topics in this forum

+ delete_topic_shadows($forum_id);

+

+ // Amount of rows we select and delete in one iteration.

+ $batch_size = 500;

+

+ $result = $db->sql_query_limit($sql, $batch_size, $start);

+ while (sizeof($ids) == $batch_size);

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ // Validate the length of "Maximum number of allowed recipients per private message" setting.

+ // We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value

+ // which is the lowest amongst DBMSes supported by phpBB3

+ if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215))))

+ {

+ // Replace "error" string with its real, localised form

+ $error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));

+ }

+

+ if ($file[0] == '.' || !is_dir($phpbb_root_path . 'language/' . $file))

+ if (file_exists("{$phpbb_root_path}language/$file/iso.txt"))

+

+ phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES);

+ case 'mssqlnative':

+ 'users' => utf8_normalize_nfc(request_var('users', '', true)),

+ 'username' => utf8_normalize_nfc(request_var('username', '', true)),

+ $users = utf8_normalize_nfc(request_var('users', '', true));

+ $username = utf8_normalize_nfc(request_var('username', '', true));

+ case 'mssqlnative':

+ if ($file[0] == '.' || !is_dir($phpbb_root_path . 'styles/' . $file))

+ if (file_exists("{$phpbb_root_path}styles/$file/$subpath$mode.cfg"))

+ if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && phpbb_is_writable($file))

+ if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && phpbb_is_writable($file))

+ if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !phpbb_is_writable($check)))

+ else if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css"))

+ if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template"))

+ preg_match_all('/@import url\((["\'])(.*)\1\);/i', $stylesheet, $matches);

+

+ // remove commented stylesheets (very simple parser, allows only whitespace

+ // around an @import statement)

+ preg_match_all('#/\*\s*@import url\((["\'])(.*)\1\);\s\*/#i', $stylesheet, $commented);

+ $matches[2] = array_diff($matches[2], $commented[2]);

+ if (isset($matches[2][$idx]))

+ {

+ $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[2][$idx]), $stylesheet);

+ }

+ if (!$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$path}/template"))

+ // next feature release

+ $next_feature_version = $next_feature_announcement_url = false;

+ if (isset($info[2]) && trim($info[2]) !== '')

+ {

+ $next_feature_version = trim($info[2]);

+ $next_feature_announcement_url = trim($info[3]);

+ }

+

+ 'NEXT_FEATURE_VERSION' => $next_feature_version,

+ 'UPGRADE_INSTRUCTIONS' => $next_feature_version ? $user->lang('UPGRADE_INSTRUCTIONS', $next_feature_version, $next_feature_announcement_url) : false,

+ $result = $db->sql_query_limit($sql, 1);

+ if ($delete_type)

+ if (confirm_box(true))

+ {

+ user_delete($delete_type, $user_id, $user_row['username']);

+ add_log('admin', 'LOG_USER_DELETED', $user_row['username']);

+ trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));

+ }

+ else

+ {

+ confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(

+ 'u' => $user_id,

+ 'i' => $id,

+ 'mode' => $mode,

+ 'action' => $action,

+ 'update' => true,

+ 'delete' => 1,

+ 'delete_type' => $delete_type))

+ );

+ }

+ trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);

+ if ($user_id == ANONYMOUS)

+ {

+ trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);

+ }

+

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ // Check if user has an active session

+ if ($user_row['session_id'])

+ {

+ // We'll update the session if user_allow_viewonline has changed and the user is a bot

+ // Or if it's a regular user and the admin set it to hide the session

+ if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE

+ || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])

+ {

+ // We also need to check if the user has the permission to cloak.

+ $user_auth = new auth();

+ $user_auth->acl($user_row);

+

+ $session_sql_ary = array(

+ 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,

+ );

+

+ $sql = 'UPDATE ' . SESSIONS_TABLE . '

+ SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "

+ WHERE session_user_id = $user_id";

+ $db->sql_query($sql);

+

+ unset($user_auth);

+ }

+ }

+

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ if (avatar_process_user($error, $user_row, $can_upload))

+ $result = $db->sql_query_limit($sql, 1);

+ 'post' => array('title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION', 'ACP_MESSAGES')),

+ WHERE user_id = ' . (int) $row['user_id'] . '

+ AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;

+ WHERE user_id = ' . (int) $row['user_id'] . '

+ AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX;

+ return $user->lang['LDAP_SEARCH_FAILED'];

+ $unicode = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false;

+

+ if ($unicode)

+ // Unescape the asterisk to simplify further conversions

+ $row['word'] = str_replace('\*', '*', preg_quote($row['word'], '#'));

+

+ // Replace the asterisk inside the pattern, at the start and at the end of it with regexes

+ $row['word'] = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*(?=[\p{Nd}\p{L}_])#iu', '#^\*#', '#\*$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $row['word']);

+

+ // Generate the final substitution

+ $censors['match'][] = '#(?<![\p{Nd}\p{L}_-])(' . $row['word'] . ')(?![\p{Nd}\p{L}_-])#iu';

+ case 'mssqlnative':

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));

+ return $user->lang['RECAPTCHA_INCORRECT'];

+define('PHPBB_VERSION', '3.0.8');

+// Maximum login attempts

+// The value is arbitrary, but it has to fit into the user_login_attempts field.

+define('LOGIN_ATTEMPTS_MAX', 100);

+

+// Notify status

+define('NOTIFY_YES', 0);

+define('NOTIFY_NO', 1);

+

+ 'mssqlnative' => array(

+ 'INT:' => '[int]',

+ 'BINT' => '[float]',

+ 'UINT' => '[int]',

+ 'UINT:' => '[int]',

+ 'TINT:' => '[int]',

+ 'USINT' => '[int]',

+ 'BOOL' => '[int]',

+ 'VCHAR' => '[varchar] (255)',

+ 'VCHAR:' => '[varchar] (%d)',

+ 'CHAR:' => '[char] (%d)',

+ 'XSTEXT' => '[varchar] (1000)',

+ 'STEXT' => '[varchar] (3000)',

+ 'TEXT' => '[varchar] (8000)',

+ 'MTEXT' => '[text]',

+ 'XSTEXT_UNI'=> '[varchar] (100)',

+ 'STEXT_UNI' => '[varchar] (255)',

+ 'TEXT_UNI' => '[varchar] (4000)',

+ 'MTEXT_UNI' => '[text]',

+ 'TIMESTAMP' => '[int]',

+ 'DECIMAL' => '[float]',

+ 'DECIMAL:' => '[float]',

+ 'PDECIMAL' => '[float]',

+ 'PDECIMAL:' => '[float]',

+ 'VCHAR_UNI' => '[varchar] (255)',

+ 'VCHAR_UNI:'=> '[varchar] (%d)',

+ 'VCHAR_CI' => '[varchar] (255)',

+ 'VARBINARY' => '[varchar] (255)',

+ ),

+

+ var $supported_dbms = array('firebird', 'mssql', 'mssqlnative', 'mysql_40', 'mysql_41', 'oracle', 'postgres', 'sqlite');

+ case 'mssqlnative':

+ $this->sql_layer = 'mssqlnative';

+ break;

+

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ * add_index: adding an index (can be column:index_size if you need to provide size)

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ case 'mssqlnative':

+ // remove index length unless MySQL4

+ if ('mysql_40' != $this->sql_layer)

+ {

+ $column = preg_replace('#:.*$#', '', $column);

+ }

+

+ // add index size to definition as required by MySQL4

+ foreach ($column as $i => $col)

+ {

+ if (false !== strpos($col, ':'))

+ {

+ list($col, $index_size) = explode(':', $col);

+ $column[$i] = "$col($index_size)";

+ }

+ }

+ // no break

+ case 'mssqlnative':

+ if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')

+ case 'mssqlnative':

+ * @param bool $use_cache forced to false for Interbase

+ function sql_server_info($raw = false, $use_cache = true)

+ /**

+ * force $use_cache false. I didn't research why the caching code there is no caching code

+ * but I assume its because the IB extension provides a direct method to access it

+ * without a query.

+ */

+

+ $use_cache = false;

+

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssqlodbc_version')) === false)

+ if (!empty($cache) && $use_cache)

+<?php

+/**

+*

+* @package dbal

+* @version $Id$

+* @copyright (c) 2010 phpBB Group

+* @license http://opensource.org/licenses/gpl-license.php GNU Public License

+*

+* This is the MS SQL Server Native database abstraction layer.

+* PHP mssql native driver required.

+* @author Chris Pucci

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);

+

+/**

+ * Prior to version 1.1 the SQL Server Native PHP driver didn't support sqlsrv_num_rows, or cursor based seeking so we recall all rows into an array

+ * and maintain our own cursor index into that array.

+ */

+class result_mssqlnative

+{

+ public function result_mssqlnative($queryresult = false)

+ {

+ $this->m_cursor = 0;

+ $this->m_rows = array();

+ $this->m_num_fields = sqlsrv_num_fields($queryresult);

+ $this->m_field_meta = sqlsrv_field_metadata($queryresult);

+

+ while ($row = sqlsrv_fetch_array($queryresult, SQLSRV_FETCH_ASSOC))

+ {

+ if ($row !== null)

+ {

+ foreach($row as $k => $v)

+ {

+ if (is_object($v) && method_exists($v, 'format'))

+ {

+ $row[$k] = $v->format("Y-m-d\TH:i:s\Z");

+ }

+ }

+ $this->m_rows[] = $row;//read results into memory, cursors are not supported

+ }

+ }

+

+ $this->m_row_count = count($this->m_rows);

+ }

+

+ private function array_to_obj($array, &$obj)

+ {

+ foreach ($array as $key => $value)

+ {

+ if (is_array($value))

+ {

+ $obj->$key = new stdClass();

+ array_to_obj($value, $obj->$key);

+ }

+ else

+ {

+ $obj->$key = $value;

+ }

+ }

+ return $obj;

+ }

+

+ public function fetch($mode = SQLSRV_FETCH_BOTH, $object_class = 'stdClass')

+ {

+ if ($this->m_cursor >= $this->m_row_count || $this->m_row_count == 0)

+ {

+ return false;

+ }

+

+ $ret = false;

+ $arr_num = array();

+

+ if ($mode == SQLSRV_FETCH_NUMERIC || $mode == SQLSRV_FETCH_BOTH)

+ {

+ foreach($this->m_rows[$this->m_cursor] as $key => $value)

+ {

+ $arr_num[] = $value;

+ }

+ }

+

+ switch ($mode)

+ {

+ case SQLSRV_FETCH_ASSOC:

+ $ret = $this->m_rows[$this->m_cursor];

+ break;

+ case SQLSRV_FETCH_NUMERIC:

+ $ret = $arr_num;

+ break;

+ case 'OBJECT':

+ $ret = $this->array_to_obj($this->m_rows[$this->m_cursor], $o = new $object_class);

+ break;

+ case SQLSRV_FETCH_BOTH:

+ default:

+ $ret = $this->m_rows[$this->m_cursor] + $arr_num;

+ break;

+ }

+ $this->m_cursor++;

+ return $ret;

+ }

+

+ public function get($pos, $fld)

+ {

+ return $this->m_rows[$pos][$fld];

+ }

+

+ public function num_rows()

+ {

+ return $this->m_row_count;

+ }

+

+ public function seek($iRow)

+ {

+ $this->m_cursor = min($iRow, $this->m_row_count);

+ }

+

+ public function num_fields()

+ {

+ return $this->m_num_fields;

+ }

+

+ public function field_name($nr)

+ {

+ $arr_keys = array_keys($this->m_rows[0]);

+ return $arr_keys[$nr];

+ }

+

+ public function field_type($nr)

+ {

+ $i = 0;

+ $int_type = -1;

+ $str_type = '';

+

+ foreach ($this->m_field_meta as $meta)

+ {

+ if ($nr == $i)

+ {

+ $int_type = $meta['Type'];

+ break;

+ }

+ $i++;

+ }

+

+ //http://msdn.microsoft.com/en-us/library/cc296183.aspx contains type table

+ switch ($int_type)

+ {

+ case SQLSRV_SQLTYPE_BIGINT: $str_type = 'bigint'; break;

+ case SQLSRV_SQLTYPE_BINARY: $str_type = 'binary'; break;

+ case SQLSRV_SQLTYPE_BIT: $str_type = 'bit'; break;

+ case SQLSRV_SQLTYPE_CHAR: $str_type = 'char'; break;

+ case SQLSRV_SQLTYPE_DATETIME: $str_type = 'datetime'; break;

+ case SQLSRV_SQLTYPE_DECIMAL/*($precision, $scale)*/: $str_type = 'decimal'; break;

+ case SQLSRV_SQLTYPE_FLOAT: $str_type = 'float'; break;

+ case SQLSRV_SQLTYPE_IMAGE: $str_type = 'image'; break;

+ case SQLSRV_SQLTYPE_INT: $str_type = 'int'; break;

+ case SQLSRV_SQLTYPE_MONEY: $str_type = 'money'; break;

+ case SQLSRV_SQLTYPE_NCHAR/*($charCount)*/: $str_type = 'nchar'; break;

+ case SQLSRV_SQLTYPE_NUMERIC/*($precision, $scale)*/: $str_type = 'numeric'; break;

+ case SQLSRV_SQLTYPE_NVARCHAR/*($charCount)*/: $str_type = 'nvarchar'; break;

+ case SQLSRV_SQLTYPE_NTEXT: $str_type = 'ntext'; break;

+ case SQLSRV_SQLTYPE_REAL: $str_type = 'real'; break;

+ case SQLSRV_SQLTYPE_SMALLDATETIME: $str_type = 'smalldatetime'; break;

+ case SQLSRV_SQLTYPE_SMALLINT: $str_type = 'smallint'; break;

+ case SQLSRV_SQLTYPE_SMALLMONEY: $str_type = 'smallmoney'; break;

+ case SQLSRV_SQLTYPE_TEXT: $str_type = 'text'; break;

+ case SQLSRV_SQLTYPE_TIMESTAMP: $str_type = 'timestamp'; break;

+ case SQLSRV_SQLTYPE_TINYINT: $str_type = 'tinyint'; break;

+ case SQLSRV_SQLTYPE_UNIQUEIDENTIFIER: $str_type = 'uniqueidentifier'; break;

+ case SQLSRV_SQLTYPE_UDT: $str_type = 'UDT'; break;

+ case SQLSRV_SQLTYPE_VARBINARY/*($byteCount)*/: $str_type = 'varbinary'; break;

+ case SQLSRV_SQLTYPE_VARCHAR/*($charCount)*/: $str_type = 'varchar'; break;

+ case SQLSRV_SQLTYPE_XML: $str_type = 'xml'; break;

+ default: $str_type = $int_type;

+ }

+ return $str_type;

+ }

+

+ public function free()

+ {

+ unset($this->m_rows);

+ return;

+ }

+}

+

+/**

+* @package dbal

+*/

+class dbal_mssqlnative extends dbal

+{

+ var $m_insert_id = NULL;

+ var $last_query_text = '';

+ var $query_options = array();

+

+ /**

+ * Connect to server

+ */

+ function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false)

+ {

+ # Test for driver support, to avoid suppressed fatal error

+ if (!function_exists('sqlsrv_connect'))

+ {

+ trigger_error('Native MS SQL Server driver for PHP is missing or needs to be updated. Version 1.1 or later is required to install phpBB3. You can download the driver from: http://www.microsoft.com/sqlserver/2005/en/us/PHP-Driver.aspx\n', E_USER_ERROR);

+ }

+

+ //set up connection variables

+ $this->persistency = $persistency;

+ $this->user = $sqluser;

+ $this->dbname = $database;

+ $port_delimiter = (defined('PHP_OS') && substr(PHP_OS, 0, 3) === 'WIN') ? ',' : ':';

+ $this->server = $sqlserver . (($port) ? $port_delimiter . $port : '');

+

+ //connect to database

+ error_reporting(E_ALL);

+ $this->db_connect_id = sqlsrv_connect($this->server, array(

+ 'Database' => $this->dbname,

+ 'UID' => $this->user,

+ 'PWD' => $sqlpassword

+ ));

+

+ return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');

+ }

+

+ /**

+ * Version information about used database

+ * @param bool $raw if true, only return the fetched sql_server_version

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ * @return string sql server version

+ */

+ function sql_server_info($raw = false, $use_cache = true)

+ {

+ global $cache;

+

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mssql_version')) === false)

+ {

+ $arr_server_info = sqlsrv_server_info($this->db_connect_id);

+ $this->sql_server_version = $arr_server_info['SQLServerVersion'];

+

+ if (!empty($cache) && $use_cache)

+ {

+ $cache->put('mssql_version', $this->sql_server_version);

+ }

+ }

+

+ if ($raw)

+ {

+ return $this->sql_server_version;

+ }

+

+ return ($this->sql_server_version) ? 'MSSQL<br />' . $this->sql_server_version : 'MSSQL';

+ }

+

+ /**

+ * SQL Transaction

+ * @access private

+ */

+ function _sql_transaction($status = 'begin')

+ {

+ switch ($status)

+ {

+ case 'begin':

+ return sqlsrv_begin_transaction($this->db_connect_id);

+ break;

+

+ case 'commit':

+ return sqlsrv_commit($this->db_connect_id);

+ break;

+

+ case 'rollback':

+ return sqlsrv_rollback($this->db_connect_id);

+ break;

+ }

+ return true;

+ }

+

+ /**

+ * Base query method

+ *

+ * @param string $query Contains the SQL query which shall be executed

+ * @param int $cache_ttl Either 0 to avoid caching or the time in seconds which the result shall be kept in cache

+ * @return mixed When casted to bool the returned value returns true on success and false on failure

+ *

+ * @access public

+ */

+ function sql_query($query = '', $cache_ttl = 0)

+ {

+ if ($query != '')

+ {

+ global $cache;

+

+ // EXPLAIN only in extra debug mode

+ if (defined('DEBUG_EXTRA'))

+ {

+ $this->sql_report('start', $query);

+ }

+

+ $this->last_query_text = $query;

+ $this->query_result = ($cache_ttl && method_exists($cache, 'sql_load')) ? $cache->sql_load($query) : false;

+ $this->sql_add_num_queries($this->query_result);

+

+ if ($this->query_result === false)

+ {

+ if (($this->query_result = @sqlsrv_query($this->db_connect_id, $query, array(), $this->query_options)) === false)

+ {

+ $this->sql_error($query);

+ }

+ // reset options for next query

+ $this->query_options = array();

+

+ if (defined('DEBUG_EXTRA'))

+ {

+ $this->sql_report('stop', $query);

+ }

+

+ if ($cache_ttl && method_exists($cache, 'sql_save'))

+ {

+ $this->open_queries[(int) $this->query_result] = $this->query_result;

+ $cache->sql_save($query, $this->query_result, $cache_ttl);

+ }

+ else if (strpos($query, 'SELECT') === 0 && $this->query_result)

+ {

+ $this->open_queries[(int) $this->query_result] = $this->query_result;

+ }

+ }

+ else if (defined('DEBUG_EXTRA'))

+ {

+ $this->sql_report('fromcache', $query);

+ }

+ }

+ else

+ {

+ return false;

+ }

+ return $this->query_result;

+ }

+

+ /**

+ * Build LIMIT query

+ */

+ function _sql_query_limit($query, $total, $offset = 0, $cache_ttl = 0)

+ {

+ $this->query_result = false;

+

+ // total == 0 means all results - not zero results

+ if ($offset == 0 && $total !== 0)

+ {

+ if (strpos($query, "SELECT") === false)

+ {

+ $query = "TOP {$total} " . $query;

+ }

+ else

+ {

+ $query = preg_replace('/SELECT(\s*DISTINCT)?/Dsi', 'SELECT$1 TOP '.$total, $query);

+ }

+ }

+ else if ($offset > 0)

+ {

+ $query = preg_replace('/SELECT(\s*DISTINCT)?/Dsi', 'SELECT$1 TOP(10000000) ', $query);

+ $query = 'SELECT *

+ FROM (SELECT sub2.*, ROW_NUMBER() OVER(ORDER BY sub2.line2) AS line3

+ FROM (SELECT 1 AS line2, sub1.* FROM (' . $query . ') AS sub1) as sub2) AS sub3';

+

+ if ($total > 0)

+ {

+ $query .= ' WHERE line3 BETWEEN ' . ($offset+1) . ' AND ' . ($offset + $total);

+ }

+ else

+ {

+ $query .= ' WHERE line3 > ' . $offset;

+ }

+ }

+

+ $result = $this->sql_query($query, $cache_ttl);

+

+ return $result;

+ }

+

+ /**

+ * Return number of affected rows

+ */

+ function sql_affectedrows()

+ {

+ return ($this->db_connect_id) ? @sqlsrv_rows_affected($this->db_connect_id) : false;

+ }

+

+ /**

+ * Fetch current row

+ */

+ function sql_fetchrow($query_id = false)

+ {

+ global $cache;

+

+ if ($query_id === false)

+ {

+ $query_id = $this->query_result;

+ }

+

+ if (isset($cache->sql_rowset[$query_id]))

+ {

+ return $cache->sql_fetchrow($query_id);

+ }

+

+ if ($query_id === false)

+ {

+ return false;

+ }

+

+ $row = @sqlsrv_fetch_array($query_id, SQLSRV_FETCH_ASSOC);

+

+ if ($row)

+ {

+ foreach ($row as $key => $value)

+ {

+ $row[$key] = ($value === ' ' || $value === NULL) ? '' : $value;

+ }

+

+ // remove helper values from LIMIT queries

+ if (isset($row['line2']))

+ {

+ unset($row['line2'], $row['line3']);

+ }

+ }

+ return $row;

+ }

+

+ /**

+ * Seek to given row number

+ * rownum is zero-based

+ */

+ function sql_rowseek($rownum, &$query_id)

+ {

+ global $cache;

+

+ if (isset($cache->sql_rowset[$query_id]))

+ {

+ return $cache->sql_rowseek($rownum, $query_id);

+ }

+

+ $seek = new result_mssqlnative($query_id);

+ $row = $seek->seek($rownum);

+ return ($row = $seek->fetch()) ? $row : false;

+ }

+

+ /**

+ * Get last inserted id after insert statement

+ */

+ function sql_nextid()

+ {

+ $result_id = @sqlsrv_query($this->db_connect_id, 'SELECT @@IDENTITY');

+

+ if ($result_id !== false)

+ {

+ $row = @sqlsrv_fetch_array($result_id);

+ $id = $row[0];

+ @sqlsrv_free_stmt($result_id);

+ return $id;

+ }

+ else

+ {

+ return false;

+ }

+ }

+

+ /**

+ * Free sql result

+ */

+ function sql_freeresult($query_id = false)

+ {

+ global $cache;

+

+ if ($query_id === false)

+ {

+ $query_id = $this->query_result;

+ }

+

+ if (isset($cache->sql_rowset[$query_id]))

+ {

+ return $cache->sql_freeresult($query_id);

+ }

+

+ if (isset($this->open_queries[$query_id]))

+ {

+ unset($this->open_queries[$query_id]);

+ return @sqlsrv_free_stmt($query_id);

+ }

+ return false;

+ }

+

+ /**

+ * Escape string used in sql query

+ */

+ function sql_escape($msg)

+ {

+ return str_replace(array("'", "\0"), array("''", ''), $msg);

+ }

+

+ /**

+ * Build LIKE expression

+ * @access private

+ */

+ function _sql_like_expression($expression)

+ {

+ return $expression . " ESCAPE '\\'";

+ }

+

+ /**

+ * return sql error array

+ * @access private

+ */

+ function _sql_error()

+ {

+ $errors = @sqlsrv_errors(SQLSRV_ERR_ERRORS);

+ $error_message = '';

+ $code = 0;

+

+ if ($errors != null)

+ {

+ foreach ($errors as $error)

+ {

+ $error_message .= "SQLSTATE: ".$error[ 'SQLSTATE']."\n";

+ $error_message .= "code: ".$error[ 'code']."\n";

+ $code = $error['code'];

+ $error_message .= "message: ".$error[ 'message']."\n";

+ }

+ $this->last_error_result = $error_message;

+ $error = $this->last_error_result;

+ }

+ else

+ {

+ $error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();

+ }

+

+ return array(

+ 'message' => $error,

+ 'code' => $code,

+ );

+ }

+

+ /**

+ * Build db-specific query data

+ * @access private

+ */

+ function _sql_custom_build($stage, $data)

+ {

+ return $data;

+ }

+

+ /**

+ * Close sql connection

+ * @access private

+ */

+ function _sql_close()

+ {

+ return @sqlsrv_close($this->db_connect_id);

+ }

+

+ /**

+ * Build db-specific report

+ * @access private

+ */

+ function _sql_report($mode, $query = '')

+ {

+ switch ($mode)

+ {

+ case 'start':

+ $html_table = false;

+ @sqlsrv_query($this->db_connect_id, 'SET SHOWPLAN_TEXT ON;');

+ if ($result = @sqlsrv_query($this->db_connect_id, $query))

+ {

+ @sqlsrv_next_result($result);

+ while ($row = @sqlsrv_fetch_array($result))

+ {

+ $html_table = $this->sql_report('add_select_row', $query, $html_table, $row);

+ }

+ }

+ @sqlsrv_query($this->db_connect_id, 'SET SHOWPLAN_TEXT OFF;');

+ @sqlsrv_free_stmt($result);

+

+ if ($html_table)

+ {

+ $this->html_hold .= '</table>';

+ }

+ break;

+

+ case 'fromcache':

+ $endtime = explode(' ', microtime());

+ $endtime = $endtime[0] + $endtime[1];

+

+ $result = @sqlsrv_query($this->db_connect_id, $query);

+ while ($void = @sqlsrv_fetch_array($result))

+ {

+ // Take the time spent on parsing rows into account

+ }

+ @sqlsrv_free_stmt($result);

+

+ $splittime = explode(' ', microtime());

+ $splittime = $splittime[0] + $splittime[1];

+

+ $this->sql_report('record_fromcache', $query, $endtime, $splittime);

+

+ break;

+ }

+ }

+

+ /**

+ * Utility method used to retrieve number of rows

+ * Emulates mysql_num_rows

+ * Used in acp_database.php -> write_data_mssqlnative()

+ * Requires a static or keyset cursor to be definde via

+ * mssqlnative_set_query_options()

+ */

+ function mssqlnative_num_rows($res)

+ {

+ if ($res !== false)

+ {

+ return sqlsrv_num_rows($res);

+ }

+ else

+ {

+ return false;

+ }

+ }

+

+ /**

+ * Allows setting mssqlnative specific query options passed to sqlsrv_query as 4th parameter.

+ */

+ function mssqlnative_set_query_options($options)

+ {

+ $this->query_options = $options;

+ }

+}

+

+?>

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mysql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('mysqli_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache forced to false for Oracle

+ function sql_server_info($raw = false, $use_cache = true)

+ /**

+ * force $use_cache false. I didn't research why the caching code below is commented out

+ * but I assume its because the Oracle extension provides a direct method to access it

+ * without a query.

+ */

+

+ $use_cache = false;

+/* The code inside this comment block breaks clob handling, but does allow the

+ database restore script to work. If you want to allow no posts longer than 4KB

+ and/or need the db restore script, uncomment this.

+

+*/

+ // $sqlserver can carry a port separated by : for compatibility reasons

+ // If $sqlserver has more than one : it's probably an IPv6 address.

+ // In this case we only allow passing a port via the $port variable.

+ if (substr_count($sqlserver, ':') === 1)

+ if ($this->persistency)

+ {

+ $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW);

+ }

+ else

+ {

+ $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW);

+ }

+ * @param bool $use_cache If true, it is safe to retrieve the value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('pgsql_version')) === false)

+ if (!empty($cache) && $use_cache)

+ * @param bool $use_cache if true, it is safe to retrieve the stored value from the cache

+ function sql_server_info($raw = false, $use_cache = true)

+ if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('sqlite_version')) === false)

+

+ if (!empty($cache) && $use_cache)

+ {

+ $cache->put('sqlite_version', $this->sql_server_version);

+ }

+ set_var($_k, $_k, $sub_key_type, $multibyte);

+ $sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';

+*

+* @return string

+ // [a, z] + [0, 9] = 36

+ return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars);

+}

+

+/**

+* Generates a user-friendly alphanumeric random string of given length

+* We remove 0 and O so users cannot confuse those in passwords etc.

+*

+* @return string

+*/

+function gen_rand_string_friendly($num_chars = 8)

+{

+

+ // Remove Z and Y from the base_convert(), replace 0 with Z and O with Y

+ // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34

+ $rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34)));

+ if (is_readable($filename) && phpbb_is_writable($filename))

+ if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))

+ if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))

+ if (!@file_exists($resolved) || (!@is_dir($resolved . '/') && !is_file($resolved)))

+* @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start

+function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)

+ $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);

+ $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);

+ // Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.

+ // They could mimic most of what is within this function

+ $failover_flag = false;

+

+ if (!$disable_cd_check && !file_exists($pathinfo['dirname']))

+ $url = str_replace('../', '', $url);

+ $pathinfo = pathinfo($url);

+ if (!file_exists($pathinfo['dirname']))

+ // fallback to "last known user page"

+ // at least this way we know the user does not leave the phpBB root

+ $url = generate_board_url() . '/' . $user->page['page'];

+ $failover_flag = true;

+ }

+ if (!$failover_flag)

+ {

+ // Is the uri pointing to the current directory?

+ if ($pathinfo['dirname'] == '.')

+ $url = str_replace('./', '', $url);

+

+ // Strip / from the beginning

+ if ($url && substr($url, 0, 1) == '/')

+ {

+ $url = substr($url, 1);

+ }

+

+ if ($user->page['page_dir'])

+ {

+ $url = generate_board_url() . '/' . $user->page['page_dir'] . '/' . $url;

+ }

+ else

+ {

+ $url = generate_board_url() . '/' . $url;

+ }

+ // Used ./ before, but $phpbb_root_path is working better with urls within another root path

+ $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($phpbb_root_path)));

+ $page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($pathinfo['dirname'])));

+ $intersection = array_intersect_assoc($root_dirs, $page_dirs);

+ $root_dirs = array_diff_assoc($root_dirs, $intersection);

+ $page_dirs = array_diff_assoc($page_dirs, $intersection);

+ $dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs);

+ // Strip / from the end

+ if ($dir && substr($dir, -1, 1) == '/')

+ {

+ $dir = substr($dir, 0, -1);

+ }

+ // Strip / from the beginning

+ if ($dir && substr($dir, 0, 1) == '/')

+ {

+ $dir = substr($dir, 1);

+ }

+ $url = str_replace($pathinfo['dirname'] . '/', '', $url);

+ // Strip / from the beginning

+ if (substr($url, 0, 1) == '/')

+ {

+ $url = substr($url, 1);

+ }

+ $url = (!empty($dir) ? $dir . '/' : '') . $url;

+ $url = generate_board_url() . '/' . $url;

+ }

+ if ($key === '')

+ {

+ continue;

+ }

+

+/**

+* Outputs correct status line header.

+*

+* Depending on php sapi one of the two following forms is used:

+*

+* Status: 404 Not Found

+*

+* HTTP/1.x 404 Not Found

+*

+* HTTP version is taken from HTTP_VERSION environment variable,

+* and defaults to 1.0.

+*

+* Sample usage:

+*

+* send_status_line(404, 'Not Found');

+*

+* @param int $code HTTP status code

+* @param string $message Message for the status code

+* @return void

+*/

+function send_status_line($code, $message)

+{

+ if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi')

+ {

+ // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though

+ header("Status: $code $message", true, $code);

+ }

+ else

+ {

+ if (isset($_SERVER['HTTP_VERSION']))

+ {

+ $version = $_SERVER['HTTP_VERSION'];

+ }

+ else

+ {

+ $version = 'HTTP/1.0';

+ }

+ header("$version $code $message", true, $code);

+ }

+}

+

+ // Regex written by James Watts and Francisco Jose Martin Moreno

+ // http://fightingforalostcause.net/misc/2006/compare-email-regex.php

+ return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';

+ return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i';

+* @param string $host Fully-Qualified Domain Name

+* @param string $type Resource record type to lookup

+* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME

+* Other types may work or may not work

+* @return mixed true if entry found,

+* false if entry not found,

+* null if this function is not supported by this environment

+*

+* Since null can also be returned, you probably want to compare the result

+* with === true or === false,

+*

+* @author bantu

+function phpbb_checkdnsrr($host, $type = 'MX')

+ // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)

+ if (substr($host, -1) == '.')

+ {

+ $host_fqdn = $host;

+ $host = substr($host, 0, -1);

+ }

+ else

+ {

+ $host_fqdn = $host . '.';

+ }

+ // $host has format some.host.example.com

+ // $host_fqdn has format some.host.example.com.

+

+ // If we're looking for an A record we can use gethostbyname()

+ if ($type == 'A' && function_exists('gethostbyname'))

+ {

+ return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true;

+ }

+

+ // checkdnsrr() is available on Windows since PHP 5.3,

+ // but until 5.3.3 it only works for MX records

+ // See: http://bugs.php.net/bug.php?id=51844

+

+ // Call checkdnsrr() if

+ // we're looking for an MX record or

+ // we're not on Windows or

+ // we're running a PHP version where #51844 has been fixed

+

+ // checkdnsrr() supports AAAA since 5.0.0

+ // checkdnsrr() supports TXT since 5.2.4

+ if (

+ ($type == 'MX' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.3', '>=')) &&

+ ($type != 'AAAA' || version_compare(PHP_VERSION, '5.0.0', '>=')) &&

+ ($type != 'TXT' || version_compare(PHP_VERSION, '5.2.4', '>=')) &&

+ function_exists('checkdnsrr')

+ )

+ {

+ return checkdnsrr($host_fqdn, $type);

+ }

+

+ // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows,

+ // but on Windows it does not work reliable for AAAA records before PHP 5.3.1

+ // Call dns_get_record() if

+ // we're not looking for an AAAA record or

+ // we're not on Windows or

+ // we're running a PHP version where AAAA lookups work reliable

+ if (

+ ($type != 'AAAA' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.1', '>=')) &&

+ function_exists('dns_get_record')

+ )

+ // dns_get_record() expects an integer as second parameter

+ // We have to convert the string $type to the corresponding integer constant.

+ $type_constant = 'DNS_' . $type;

+ $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY;

+

+ // dns_get_record() might throw E_WARNING and return false for records that do not exist

+ $resultset = @dns_get_record($host_fqdn, $type_param);

+

+ if (empty($resultset) || !is_array($resultset))

+ return false;

+ }

+ else if ($type_param == DNS_ANY)

+ {

+ // $resultset is a non-empty array

+ return true;

+ foreach ($resultset as $result)

+ {

+ if (

+ isset($result['host']) && $result['host'] == $host &&

+ isset($result['type']) && $result['type'] == $type

+ )

+ {

+ return true;

+ }

+ }

+

+ return false;

+ }

+

+ // If we're on Windows we can still try to call nslookup via exec() as a last resort

+ if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec'))

+ {

+ @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output);

+ $line = trim($line);

+

+ if (empty($line))

+ // Squash tabs and multiple whitespaces to a single whitespace.

+ $line = preg_replace('/\s+/', ' ', $line);

+

+ switch ($type)

+ case 'MX':

+ if (stripos($line, "$host MX") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'NS':

+ if (stripos($line, "$host nameserver") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'TXT':

+ if (stripos($line, "$host text") === 0)

+ {

+ return true;

+ }

+ break;

+

+ case 'CNAME':

+ if (stripos($line, "$host canonical name") === 0)

+ {

+ return true;

+ }

+

+ default:

+ case 'A':

+ case 'AAAA':

+ if (!empty($host_matches))

+ {

+ // Second line

+ if (stripos($line, "Address: ") === 0)

+ {

+ return true;

+ }

+ else

+ {

+ $host_matches = false;

+ }

+ }

+ else if (stripos($line, "Name: $host") === 0)

+ {

+ // First line

+ $host_matches = true;

+ }

+ break;

+ send_status_line(503, 'Service Unavailable');

+ if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER')

+ {

+ send_status_line(404, 'Not Found');

+ }

+

+ send_status_line(401, 'Unauthorized');

+

+ send_status_line(401, 'Unauthorized');

+ 'S_LOGIN_REDIRECT' => build_hidden_fields(array('redirect' => build_url())),

+ 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,

+

+ 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->data['user_lang']),

+ if (!$ignore_acl && $auth->acl_gets(array('f_list', 'a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id']))

+ $forum_ids[] = (int) $row['forum_id'];

+ $topic_ids[] = (int) $row['topic_id'];

+ SET forum_id = ' . (int) $forum_row['forum_id'] . ", topic_id = $topic_id

+ $forum_ids[] = (int) $forum_row['forum_id'];

+ $table_ary = array(BOOKMARKS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, POLL_VOTES_TABLE, POLL_OPTIONS_TABLE, TOPICS_WATCH_TABLE, TOPICS_TABLE);

+* Deletes shadow topics pointing to a specified forum.

+*

+* @param int $forum_id The forum id

+* @param string $sql_more Additional WHERE statement, e.g. t.topic_time < (time() - 1234)

+* @param bool $auto_sync Will call sync() if this is true

+*

+* @return array Array with affected forums

+*

+* @author bantu

+function delete_topic_shadows($forum_id, $sql_more = '', $auto_sync = true)

+ global $db;

+ if (!$forum_id)

+ // Nothing to do.

+ return;

+ }

+ // Set of affected forums we have to resync

+ $sync_forum_ids = array();

+ // Amount of topics we select and delete at once.

+ $batch_size = 500;

+ do

+ {

+ $sql = 'SELECT t2.forum_id, t2.topic_id

+ FROM ' . TOPICS_TABLE . ' t2, ' . TOPICS_TABLE . ' t

+ WHERE t2.topic_moved_id = t.topic_id

+ AND t.forum_id = ' . (int) $forum_id . '

+ ' . (($sql_more) ? 'AND ' . $sql_more : '');

+ $result = $db->sql_query_limit($sql, $batch_size);

+

+ $topic_ids = array();

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $topic_ids[] = (int) $row['topic_id'];

+

+ $sync_forum_ids[(int) $row['forum_id']] = (int) $row['forum_id'];

+ }

+ $db->sql_freeresult($result);

+

+ if (!empty($topic_ids))

+ {

+ $sql = 'DELETE FROM ' . TOPICS_TABLE . '

+ WHERE ' . $db->sql_in_set('topic_id', $topic_ids);

+ $db->sql_query($sql);

+ }

+ while (sizeof($topic_ids) == $batch_size);

+ sync('forum', 'forum_id', $sync_forum_ids, true, true);

+

+ return $sync_forum_ids;

+ case 'mssqlnative':

+ $info = get_remote_file('version.phpbb.com', '/phpbb',

+ /**

+ * Commented out, as adding the folders produces corrupted archives

+ */

+ /**

+ * Commented out, as adding the folders produces corrupted archives

+ */

+ $this->isgz = preg_match('#(\.tar\.gz|\.tgz)$#', $type);

+ $this->isbz = preg_match('#\.tar\.bz2$#', $type);

+ 'sig_bbcode' => array('bit' => 15, 'default' => 1),

+ 'sig_smilies' => array('bit' => 16, 'default' => 1),

+ 'sig_links' => array('bit' => 17, 'default' => 1),

+ case 'mssqlnative':

+ if (!phpbb_is_writable($path))

+ if (!phpbb_is_writable($trg_path))

+ if (!phpbb_is_writable($trg_path . $dir))

+ $folder_alt = ($forum_unread) ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS';

+ $s_subforums_list[] = '<a href="' . $subforum['link'] . '" class="subforum ' . (($subforum['unread']) ? 'unread' : 'read') . '" title="' . (($subforum['unread']) ? $user->lang['UNREAD_POSTS'] : $user->lang['NO_UNREAD_POSTS']) . '">' . $subforum['name'] . '</a>';

+ $pagination .= '<a href="' . $url . ($j == 0 ? '' : '&amp;start=' . $j) . '">' . $times . '</a>';

+ $folder_alt = ($unread_topic) ? 'UNREAD_POSTS' : (($topic_row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_UNREAD_POSTS');

+ $fid_m_approve = $auth->acl_getf('m_approve', true);

+ $sql_m_approve = (!empty($fid_m_approve)) ? 'OR ' . $db->sql_in_set('forum_id', array_keys($fid_m_approve)) : '';

+

+ AND (post_approved = 1

+ $sql_m_approve)

+ AND (post_approved = 1

+ $sql_m_approve)

+ if ($notify_status != NOTIFY_YES)

+ SET notify_status = " . NOTIFY_YES . "

+ VALUES ($user_id, $match_id, " . NOTIFY_YES . ')';

+ 'mssqlnative' => array(

+ 'LABEL' => 'MS SQL Server 2005+ [ Native ]',

+ 'SCHEMA' => 'mssql',

+ 'MODULE' => 'sqlsrv',

+ 'DELIM' => 'GO',

+ 'COMMENTS' => 'remove_comments',

+ 'DRIVER' => 'mssqlnative',

+ 'AVAILABLE' => true,

+ '2.0.x' => false,

+ ),

+ case 'mssqlnative':

+ case 'mssqlnative':

+ * Obtains exclusive lock on queue cache file.

+ * Returns resource representing the lock

+ */

+ function lock()

+ {

+ // For systems that can't have two processes opening

+ // one file for writing simultaneously

+ if (file_exists($this->cache_file . '.lock'))

+ {

+ $mode = 'rb';

+ }

+ else

+ {

+ $mode = 'wb';

+ }

+

+ $lock_fp = @fopen($this->cache_file . '.lock', $mode);

+

+ if ($mode == 'wb')

+ {

+ if (!$lock_fp)

+ {

+ // Two processes may attempt to create lock file at the same time.

+ // Have the losing process try opening the lock file again for reading

+ // on the assumption that the winning process created it

+ $mode = 'rb';

+ $lock_fp = @fopen($this->cache_file . '.lock', $mode);

+ }

+ else

+ {

+ // Only need to set mode when the lock file is written

+ @chmod($this->cache_file . '.lock', 0666);

+ }

+ }

+

+ if ($lock_fp)

+ {

+ @flock($lock_fp, LOCK_EX);

+ }

+

+ return $lock_fp;

+ }

+

+ /**

+ * Releases lock on queue cache file, using resource obtained from lock()

+ */

+ function unlock($lock_fp)

+ {

+ // lock() will return null if opening lock file, and thus locking, failed.

+ // Accept null values here so that client code does not need to check them

+ if ($lock_fp)

+ {

+ @flock($lock_fp, LOCK_UN);

+ fclose($lock_fp);

+ }

+ }

+

+ /**

+ $lock_fp = $this->lock();

+ set_config('last_queue_run', time(), true);

+ if (!file_exists($this->cache_file) || filemtime($this->cache_file) > time() - $config['queue_interval'])

+ $this->unlock($lock_fp);

+ /*

+ * This code is commented out because it causes problems on some web hosts.

+ * The core problem is rather restrictive email sending limits.

+ * This code is nly useful if you have no such restrictions from the

+ * web host and the package size setting is wrong.

+

+ */

+ $this->unlock($lock_fp);

+ $this->unlock($lock_fp);

+ $lock_fp = $this->lock();

+

+

+ $this->unlock($lock_fp);

+ $sql = 'SELECT smiley_url, MIN(emotion) as emotion, MIN(code) AS code, smiley_width, smiley_height, MIN(smiley_order) AS min_smiley_order

+ ORDER BY min_smiley_order';

+ 'S_CHECKED' => ($cur_topic_type == POST_NORMAL) ? ' checked="checked"' : '',

+ unset($rowset[$post_list[$i]]);

+ AND w.notify_status = " . NOTIFY_YES . '

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')

+ AND fw.notify_status = " . NOTIFY_YES . '

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')

+ $sql = 'UPDATE ' . TOPICS_WATCH_TABLE . '

+ SET notify_status = ' . NOTIFY_NO . "

+ $sql = 'UPDATE ' . FORUMS_WATCH_TABLE . '

+ SET notify_status = ' . NOTIFY_NO . "

+ markread('post', $data['forum_id'], $data['topic_id']);

+ if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval)

+ // First of all make sure the subject are having the correct length.

+ $subject = truncate_string($subject);

+

+ $title = $row['message_subject'];

+

+ case 'mssqlnative':

+ // Date should display as the same date for every user regardless of timezone, so remove offset

+ // to compensate for the offset added by user::format_date()

+ return $user->format_date(gmmktime(0, 0, 0, $month, $day, $year) - ($user->timezone + $user->dst), $user->lang['DATE_FORMAT'], true);

+ else if ($row['field_default_value'] === '' && $row['field_type'] == FIELD_INT)

+ {

+ // We cannot insert an empty string into an integer column.

+ $row['field_default_value'] = NULL;

+ }

+ $name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name'];

+ $name = trim(utf8_htmlspecialchars(utf8_basename($name)));

+ $this->realname = $this->uploadname = $name;

+ $block = @fread($fsock, 1024);

+ $filesize += strlen($block);

+

+ if ($this->max_filesize && $filesize > $this->max_filesize)

+ {

+ $max_filesize = get_formatted_filesize($this->max_filesize, false);

+

+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));

+ return $file;

+ }

+

+ $data .= $block;

+ else if ($this->max_filesize && stripos($line, 'content-length: ') !== false)

+ {

+ $length = (int) str_replace('content-length: ', '', strtolower($line));

+

+ if ($length && $length > $this->max_filesize)

+ {

+ $max_filesize = get_formatted_filesize($this->max_filesize, false);

+

+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));

+ return $file;

+ }

+ }

+ $user_row['group_id'] = $add_group_id;

+ $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE);

+ $time_offset = (isset($user->timezone) && isset($user->dst)) ? (int) $user->timezone + (int) $user->dst : 0;

+ $ban_end = max($current_time, gmmktime(0, 0, 0, (int)$ban_other[1], (int)$ban_other[2], (int)$ban_other[0]) - $time_offset);

+ // Do not allow banning yourself, the guest account, or founders.

+ $non_bannable = array($user->data['user_id'], ANONYMOUS);

+ $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true);

+ $sql .= ' AND ' . $db->sql_in_set('user_id', $non_bannable, true);

+* Internet Protocol Address Whois

+* RFC3912: WHOIS Protocol Specification

+* @param string $ip Ip address, either IPv4 or IPv6.

+*

+* @return string Empty string if not a valid ip address.

+* Otherwise make_clickable()'ed whois result.

+ if (empty($ip))

+ {

+ return '';

+ }

+ if (preg_match(get_preg_expression('ipv4'), $ip))

+ {

+ // IPv4 address

+ $whois_host = 'whois.arin.net.';

+ }

+ else if (preg_match(get_preg_expression('ipv6'), $ip))

+ {

+ // IPv6 address

+ $whois_host = 'whois.sixxs.net.';

+ }

+ else

+ $ipwhois = '';

+

+ if (($fsk = @fsockopen($whois_host, 43)))

+ // Test for referrals from $whois_host to other whois databases, roll on rwhois

+ // Use the result from $whois_host if we don't get any result here

+function avatar_process_user(&$error, $custom_userdata = false, $can_upload = null)

+ if (is_null($can_upload))

+ {

+ $can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $change_avatar && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;

+ }

+ list($sql_ary['user_avatar_width'], $sql_ary['user_avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . urldecode($sql_ary['user_avatar']));

+ if ($topic_data['enable_indexing'])

+ {

+ // Select the search method and do some additional checks to ensure it can actually be utilised

+ $search_type = basename($config['search_type']);

+

+ if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))

+ {

+ trigger_error('NO_SUCH_SEARCH_MODULE');

+ }

+

+ if (!class_exists($search_type))

+ {

+ include("{$phpbb_root_path}includes/search/$search_type.$phpEx");

+ }

+

+ $error = false;

+ $search = new $search_type($error);

+ $search_mode = 'post';

+

+ if ($error)

+ {

+ trigger_error($error);

+ }

+ }

+ else

+ {

+ $search_type = false;

+ }

+

+ if ($search_type)

+ {

+ $search->index($search_mode, $sql_ary['post_id'], $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id);

+ $search_mode = 'reply'; // After one we index replies

+ }

+

+ 'U_MCP_ACTION' => "$url&amp;i=main&amp;quickmod=1&amp;mode=post_details", // Use this for mode paramaters

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'],

+ if ($config['email_enable'] || $config['jab_enable'])

+ foreach ($post_info as $post_data)

+ if ($post_data['poster_id'] == ANONYMOUS)

+ {

+ continue;

+ }

+ else

+ {

+ $show_notify = true;

+ break;

+ }

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),

+ $stats = @getimagesize(htmlspecialchars_decode($in));

+ $in = str_replace(' ', '%20', $in);

+

+ // Make sure $in is a URL.

+ if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) &&

+ !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))

+ {

+ return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';

+ }

+

+ case 'mssqlnative':

+ $match = array('#\sand\s#iu', '#\sor\s#iu', '#\snot\s#iu', '#(^|\s)\+#', '#(^|\s)-#', '#(^|\s)\|#');

+ <dl>

+ <dt><label>' . $user->lang['MIN_SEARCH_CHARS'] . ':</label><br /><span>' . $user->lang['FULLTEXT_MYSQL_MIN_SEARCH_CHARS_EXPLAIN'] . '</span></dt>

+ <dd>' . $config['fulltext_mysql_min_word_len'] . '</dd>

+ </dl>

+ <dl>

+ <dt><label>' . $user->lang['MAX_SEARCH_CHARS'] . ':</label><br /><span>' . $user->lang['FULLTEXT_MYSQL_MAX_SEARCH_CHARS_EXPLAIN'] . '</span></dt>

+ <dd>' . $config['fulltext_mysql_max_word_len'] . '</dd>

+ </dl>

+ $tokens = '+-|()*';

+

+ $keywords = trim($this->cleanup($keywords, $tokens));

+ case '*':

+ if ($i === 0 || ($keywords[$i - 1] !== '*' && strcspn($keywords[$i - 1], $tokens) === 0))

+ {

+ if ($i === $n - 1 || ($keywords[$i + 1] !== '*' && strcspn($keywords[$i + 1], $tokens) === 0))

+ {

+ $keywords = substr($keywords, 0, $i) . substr($keywords, $i + 1);

+ }

+ }

+ break;

+ $page_name = (substr($script_name, -1, 1) == '/') ? '' : basename($script_name);

+ // Quick check for IPv4-mapped address in IPv6

+ if (stripos($ip, '::ffff:') === 0)

+ {

+ $ipv4 = substr($ip, 7);

+

+ if (preg_match(get_preg_expression('ipv4'), $ipv4))

+ {

+ $ip = $ipv4;

+ }

+ }

+

+ // Bot user, if they have a SID in the Request URI we need to get rid of it

+ // otherwise they'll index this page with the SID, duplicate content oh my!

+ if (isset($_GET['sid']))

+ {

+ redirect(build_url(array('sid')));

+ }

+ send_status_line(503, 'Service Unavailable');

+ if (!class_exists('phpbb_captcha_factory'))

+ send_status_line(503, 'Service Unavailable');

+ if ($this->load > floatval($config['limit_load']) && !defined('IN_LOGIN') && !defined('IN_ADMIN'))

+ send_status_line(503, 'Service Unavailable');

+ // Show date <= 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future

+ if ($delta <= 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO']))

+ 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')),

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;

+ $folder_alt = ($unread_topic) ? 'UNREAD_POSTS' : (($row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_UNREAD_POSTS');

+ $folder_alt = ($unread_forum) ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS';

+ 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0,

+ 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false,

+ 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&amp;mode=pm_report_details&amp;r=' . $row['report_id']) : '',

+ 'REPORTED_IMG' => $user->img('icon_topic_reported', 'PM_REPORTED'),

+ $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour, p.message_reported

+ $pm_reported = array();

+ if ($row['message_reported'])

+ {

+ $pm_reported[] = $row['msg_id'];

+ }

+ // Fetch the report_ids, if there are any reported pms.

+ if (!empty($pm_reported) && $auth->acl_getf_global('m_report'))

+ {

+ $sql = 'SELECT pm_id, report_id

+ FROM ' . REPORTS_TABLE . '

+ WHERE report_closed = 0

+ AND ' . $db->sql_in_set('pm_id', $pm_reported);

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $rowset[$row['pm_id']]['report_id'] = $row['report_id'];

+ }

+ $db->sql_freeresult($result);

+ }

+

+ if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email'))

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;

+ if (avatar_process_user($error, false, $can_upload))

+ $user_actkey = gen_rand_string(mt_rand(6, 10));

+ // Make password at least 8 characters long, make it longer if admin wants to.

+ // gen_rand_string() however has a limit of 12 or 13.

+ $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));

+

+ // For the activation key a random length between 6 and 10 will do.

+ $user_actkey = gen_rand_string(mt_rand(6, 10));