+ die('Fatal: ' . $this->cache_dir . ' is NOT writable.');

+ die('Fatal: Not able to open ' . $this->cache_dir . 'data_global.' . $phpEx);

+<?php

+/**

+*

+* @package acm

+* @copyright (c) 2011 phpBB Group

+* @license http://opensource.org/licenses/gpl-license.php GNU Public License

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+// Include the abstract base

+if (!class_exists('acm_memory'))

+{

+ require("{$phpbb_root_path}includes/acm/acm_memory.$phpEx");

+}

+

+if (!defined('PHPBB_ACM_REDIS_PORT'))

+{

+ define('PHPBB_ACM_REDIS_PORT', 6379);

+}

+

+if (!defined('PHPBB_ACM_REDIS_HOST'))

+{

+ define('PHPBB_ACM_REDIS_HOST', 'localhost');

+}

+

+/**

+* ACM for Redis

+*

+* Compatible with the php extension phpredis available

+* at https://github.com/nicolasff/phpredis

+*

+* @package acm

+*/

+class acm extends acm_memory

+{

+ var $extension = 'redis';

+

+ var $redis;

+

+ function acm()

+ {

+ // Call the parent constructor

+ parent::acm_memory();

+

+ $this->redis = new Redis();

+ $this->redis->connect(PHPBB_ACM_REDIS_HOST, PHPBB_ACM_REDIS_PORT);

+

+ if (defined('PHPBB_ACM_REDIS_PASSWORD'))

+ {

+ if (!$this->redis->auth(PHPBB_ACM_REDIS_PASSWORD))

+ {

+ global $acm_type;

+

+ trigger_error("Incorrect password for the ACM module $acm_type.", E_USER_ERROR);

+ }

+ }

+

+ $this->redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_PHP);

+ $this->redis->setOption(Redis::OPT_PREFIX, $this->key_prefix);

+

+ if (defined('PHPBB_ACM_REDIS_DB'))

+ {

+ if (!$this->redis->select(PHPBB_ACM_REDIS_DB))

+ {

+ global $acm_type;

+

+ trigger_error("Incorrect database for the ACM module $acm_type.", E_USER_ERROR);

+ }

+ }

+ }

+

+ /**

+ * Unload the cache resources

+ *

+ * @return void

+ */

+ function unload()

+ {

+ parent::unload();

+

+ $this->redis->close();

+ }

+

+ /**

+ * Purge cache data

+ *

+ * @return void

+ */

+ function purge()

+ {

+ $this->redis->flushDB();

+

+ parent::purge();

+ }

+

+ /**

+ * Fetch an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return mixed Cached data

+ */

+ function _read($var)

+ {

+ return $this->redis->get($var);

+ }

+

+ /**

+ * Store data in the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @param mixed $data Data to store

+ * @param int $ttl Time-to-live of cached data

+ * @return bool True if the operation succeeded

+ */

+ function _write($var, $data, $ttl = 2592000)

+ {

+ return $this->redis->setex($var, $ttl, $data);

+ }

+

+ /**

+ * Remove an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return bool True if the operation succeeded

+ */

+ function _delete($var)

+ {

+ if ($this->redis->delete($var) > 0)

+ {

+ return true;

+ }

+ return false;

+ }

+}

+<?php

+/**

+*

+* @package acm

+* @copyright (c) 2010 phpBB Group

+* @license http://opensource.org/licenses/gpl-license.php GNU Public License

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+// Include the abstract base

+if (!class_exists('acm_memory'))

+{

+ require("{$phpbb_root_path}includes/acm/acm_memory.$phpEx");

+}

+

+/**

+* ACM for WinCache

+* @package acm

+*/

+class acm extends acm_memory

+{

+ var $extension = 'wincache';

+

+ /**

+ * Purge cache data

+ *

+ * @return void

+ */

+ function purge()

+ {

+ wincache_ucache_clear();

+

+ parent::purge();

+ }

+

+ /**

+ * Fetch an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return mixed Cached data

+ */

+ function _read($var)

+ {

+ $success = false;

+ $result = wincache_ucache_get($this->key_prefix . $var, $success);

+

+ return ($success) ? $result : false;

+ }

+

+ /**

+ * Store data in the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @param mixed $data Data to store

+ * @param int $ttl Time-to-live of cached data

+ * @return bool True if the operation succeeded

+ */

+ function _write($var, $data, $ttl = 2592000)

+ {

+ return wincache_ucache_set($this->key_prefix . $var, $data, $ttl);

+ }

+

+ /**

+ * Remove an item from the cache

+ *

+ * @access protected

+ * @param string $var Cache key

+ * @return bool True if the operation succeeded

+ */

+ function _delete($var)

+ {

+ return wincache_ucache_delete($this->key_prefix . $var);

+ }

+}

+ $banned_options = $excluded_options = array();

+ $option = '<option value="' . $row['ban_id'] . '">' . $row[$field] . '</option>';

+

+ if ($row['ban_exclude'])

+ {

+ $excluded_options[] = $option;

+ }

+ else

+ {

+ $banned_options[] = $option;

+ }

+ $options = '';

+ if ($excluded_options)

+ {

+ $options .= '<optgroup label="' . $user->lang['OPTIONS_EXCLUDED'] . '">';

+ $options .= implode('', $excluded_options);

+ $options .= '</optgroup>';

+ }

+

+ if ($banned_options)

+ {

+ $options .= '<optgroup label="' . $user->lang['OPTIONS_BANNED'] . '">';

+ $options .= implode('', $banned_options);

+ $options .= '</optgroup>';

+ }

+

+ 'S_BANNED_OPTIONS' => ($banned_options || $excluded_options) ? true : false,

+ 'BANNED_OPTIONS' => $options,

+ ));

+ if ($bbcode_id > BBCODE_LIMIT)

+ 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:1', 'type' => 'text:4:6', 'explain' => true),

+ 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'select', 'method' => 'select_acc_activation', 'explain' => true),

+ 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),

+ 'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true),

+ 'ip_login_limit_max' => array('lang' => 'IP_LOGIN_LIMIT_MAX', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true),

+ 'ip_login_limit_time' => array('lang' => 'IP_LOGIN_LIMIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),

+ 'ip_login_limit_use_forwarded' => array('lang' => 'IP_LOGIN_LIMIT_USE_FORWARDED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),

+ function select_acc_activation($selected_value, $value)

+ $act_ary = array(

+ 'ACC_DISABLE' => USER_ACTIVATION_DISABLE,

+ 'ACC_NONE' => USER_ACTIVATION_NONE,

+ );

+ $act_ary['ACC_USER'] = USER_ACTIVATION_SELF;

+ $act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN;

+ }

+ $act_options = '';

+

+ foreach ($act_ary as $key => $value)

+ {

+ $selected = ($selected_value == $value) ? ' selected="selected"' : '';

+ $act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>';

+ return $act_options;

+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);

+ var $db_tools;

+ if (!class_exists('phpbb_db_tools'))

+ {

+ require($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);

+ }

+ $this->db_tools = new phpbb_db_tools($db);

+

+ $table = array_intersect($this->db_tools->sql_list_tables(), request_var('table', array('')));

+ $tables = $this->db_tools->sql_list_tables();

+ $download = request_var('download', '');

+ else if ($download || confirm_box(true))

+ else if (!$download)

+ {

+ confirm_box(false, $user->lang['RESTORE_SELECTED_BACKUP'], build_hidden_fields(array('file' => $file)));

+ }

+ $sql = 'SELECT disallow_id

+ FROM ' . DISALLOW_TABLE . "

+ WHERE disallow_username = '" . $db->sql_escape($disallowed_user) . "'";

+ $result = $db->sql_query($sql);

+ $row = $db->sql_fetchrow($result);

+ $db->sql_freeresult($result);

+

+ if ($row)

+ {

+ trigger_error($user->lang['DISALLOWED_ALREADY'] . adm_back_link($this->u_action), E_USER_WARNING);

+ }

+

+ $sql_ary = array(

+ 'SELECT' => 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type',

+ 'FROM' => array(

+ USERS_TABLE => 'u',

+ USER_GROUP_TABLE => 'ug',

+ ),

+ 'WHERE' => 'ug.group_id = ' . $group_id . '

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',

+ 'ORDER_BY' => 'u.user_lang, u.user_notify_type',

+ );

+ $sql_ary = array(

+ 'SELECT' => 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type',

+ 'FROM' => array(

+ USERS_TABLE => 'u',

+ ),

+ 'WHERE' => 'u.user_allow_massemail = 1

+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',

+ 'ORDER_BY' => 'u.user_lang, u.user_notify_type',

+ );

+

+ // Mail banned or not

+ if (!isset($_REQUEST['mail_banned_flag']))

+ {

+ $sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL

+ OR b.ban_exclude = 1)';

+ $sql_ary['LEFT_JOIN'] = array(

+ array(

+ 'FROM' => array(

+ BANLIST_TABLE => 'b',

+ ),

+ 'ON' => 'u.user_id = b.ban_userid',

+ ),

+ );

+ }

+ $sql = $db->sql_build_query('SELECT', $sql_ary);

+ // Send with BCC

+ // Maximum number of bcc recipients

+ $max_chunk_size = (int) $config['email_max_chunk_size'];

+ $messenger->anti_abuse_headers($config, $user);

+ $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>');

+

+ if ($forum_data['forum_name'] == '')

+ else if (!file_exists($phpbb_root_path . $img_path . '/' . $image))

+ {

+ $errors[$image] = 'SMILIE_NO_FILE';

+ }

+ $messenger->anti_abuse_headers($config, $user);

+ $messenger->anti_abuse_headers($config, $user);

+ 'U_ACTION' => $this->u_action . "&amp;$u_sort_param&amp;users_per_page=$per_page&amp;start=$start",

+ // We want to notify the admin that custom profile fields need to be updated for the new language.

+ $notify_cpf_update = false;

+

+ $notify_cpf_update = true;

+ $notify_cpf_update = true;

+ $message = sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']);

+ $message .= ($notify_cpf_update) ? '<br /><br />' . $user->lang['LANGUAGE_PACK_CPF_UPDATE'] : '';

+ trigger_error($message . adm_back_link($this->u_action));

+ // index.htm files

+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/index.htm');

+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/email/index.htm');

+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/acp/index.htm');

+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/mods/index.htm');

+ $this->main_files = array("captcha_qa.$phpEx", "captcha_recaptcha.$phpEx", "common.$phpEx", "groups.$phpEx", "install.$phpEx", "mcp.$phpEx", "memberlist.$phpEx", "posting.$phpEx", "search.$phpEx", "ucp.$phpEx", "viewforum.$phpEx", "viewtopic.$phpEx", "help_bbcode.$phpEx", "help_faq.$phpEx");

+ $start = view_log($mode, $log_data, $log_count, $config['topics_per_page'], $start, $forum_id, 0, 0, $sql_where, $sql_sort, $keywords);

+ 'U_ACTION' => $this->u_action . "&amp;$u_sort_param$keywords_param&amp;start=$start",

+ $sql = 'SELECT MAX(post_id) as max_post_id

+ if ($auth->acl_get('a_server') && version_compare(PHP_VERSION, '5.3.2', '<'))

+ 'L_PHP_VERSION_OLD' => sprintf($user->lang['PHP_VERSION_OLD'], '<a href="http://www.phpbb.com/community/viewtopic.php?f=14&amp;t=2152375">', '</a>'),

+ 'S_VERSION_UP_TO_DATE' => phpbb_version_compare(trim($latest_version_info[0]), $config['version'], '<='),

+ 'U_VERSIONCHECK_FORCE' => append_sid("{$phpbb_admin_path}index.$phpEx", 'versioncheck_force=1'),

+ $log_count = false;

+ if (extension_loaded('mbstring'))

+ {

+ $template->assign_vars(array(

+ 'S_MBSTRING_LOADED' => true,

+ 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)),

+ 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0),

+ 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'),

+ 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'),

+ ));

+ }

+

+ // Fix invalid anchor names (eg "module_Zend Optimizer")

+ $output = preg_replace_callback('#<a name="([^"]+)">#', array($this, 'remove_spaces'), $output);

+

+

+ function remove_spaces($matches)

+ {

+ return '<a name="' . str_replace(' ', '_', $matches[1]) . '">';

+ }

+ else if ($field_type == FIELD_BOOL && $key == 'field_default_value')

+ // 'field_length' == 1 defines radio buttons. Possible values are 1 or 2 only.

+ // 'field_length' == 2 defines checkbox. Possible values are 0 or 1 only.

+ // If we switch the type on step 2, we have to adjust field value.

+ // 1 is a common value for the checkbox and radio buttons.

+

+ // Adjust unchecked checkbox value.

+ // If we return or save settings from 2nd/3rd page

+ // and the checkbox is unchecked, set the value to 0.

+ if (isset($_REQUEST['step']) && !isset($_REQUEST[$key]))

+ {

+ $var = 0;

+ }

+

+ // If we switch to the checkbox type but former radio buttons value was 2,

+ // which is not the case for the checkbox, set it to 0 (unchecked).

+ if ($cp->vars['field_length'] == 2 && $var == 2)

+ {

+ $var = 0;

+ }

+ // If we switch to the radio buttons but the former checkbox value was 0,

+ // which is not the case for the radio buttons, set it to 0.

+ else if ($cp->vars['field_length'] == 1 && $var == 0)

+ {

+ $var = 2;

+ }

+ }

+ if ($action == 'create' && request_var('field_default_value', '') === '')

+ else if ($field_type == FIELD_BOOL && $key == 'field_default_value')

+ {

+ $_new_key_ary[$key] = request_var($key, $cp->vars[$key]);

+ }

+ $min_posts = ($special_rank) ? 0 : max(0, request_var('min_posts', 0));

+ 'S_SPECIAL_RANK' => (isset($ranks['rank_special']) && $ranks['rank_special']) ? true : false,

+ $buffer = $db->sql_buffer_nested_transactions();

+

+ if ($buffer)

+ {

+ $rows = $db->sql_fetchrowset($result);

+ $rows[] = false; // indicate end of array for while loop below

+

+ $db->sql_freeresult($result);

+ }

+

+ $i = 0;

+ while ($row = ($buffer ? $rows[$i++] : $db->sql_fetchrow($result)))

+ if (!$buffer)

+ {

+ $db->sql_freeresult($result);

+ }

+# Template inheritance

+# See http://blog.phpbb.com/2008/07/31/templating-just-got-easier/

+# Set value to empty or this template name to ignore template inheritance.

+inherit_from = {INHERIT_FROM}

+';

+ $cache->destroy('imageset_site_logo_md5');

+ $sql_sort = 'LOWER(' . $mode . '_name)';

+ $sql_sort = 'style_active DESC, ' . $sql_sort;

+

+ default:

+ trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING);

+ FROM $sql_from

+ ORDER BY $sql_sort ASC";

+

+ 'S_INACTIVE' => ($mode == 'style' && !$row['style_active']) ? true : false,

+ // The array key is used for sorting later on.

+ // $file is appended because $name doesn't have to be unique.

+ $new_ary[$name . $file] = array(

+ ksort($new_ary);

+

+ $template_file = preg_replace('#\.{2,}#', '.', $template_file);

+ $sql_select = 'style_id, style_name, template_id, theme_id, imageset_id';

+ $sql_select = 'template_id, template_name, template_path, template_storedb';

+ $sql_select = 'theme_id, theme_name, theme_path, theme_storedb';

+ $sql_select = 'imageset_id, imageset_name, imageset_path';

+ $s_only_component = $this->display_component_options($mode, $style_row[$mode . '_id'], $style_row);

+ if ($s_only_component)

+ $sql = "DELETE FROM $sql_from

+ WHERE {$mode}_id = $style_id";

+ $db->sql_query($sql);

+

+

+ // Remove the components

+ $components = array('template', 'theme', 'imageset');

+ foreach ($components as $component)

+ {

+ $new_id = request_var('new_' . $component . '_id', 0);

+ $component_id = $style_row[$component . '_id'];

+ $this->remove_component($component, $component_id, $new_id, $style_id);

+ }

+ $this->remove_component($mode, $style_id, $new_id);

+

+ if ($mode == 'style')

+ {

+ $template->assign_vars(array(

+ 'S_DELETE_STYLE' => true,

+ ));

+ }

+ }

+

+ /**

+ * Remove template/theme/imageset entry from the database

+ */

+ function remove_component($component, $component_id, $new_id, $style_id = false)

+ {

+ global $db;

+

+ if (($new_id == 0) || ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id))))

+ {

+ // We can not delete the template, as the user wants to keep the component or an other template is inheriting from this one.

+ return;

+ }

+

+ $component_in_use = array();

+ if ($component != 'style')

+ {

+ $component_in_use = $this->component_in_use($component, $component_id, $style_id);

+ }

+

+ if (($new_id == -1) && !empty($component_in_use))

+ {

+ // We can not delete the component, as it is still in use

+ return;

+ }

+

+ if ($component == 'imageset')

+ {

+ $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . "

+ WHERE imageset_id = $component_id";

+ $db->sql_query($sql);

+ }

+

+ switch ($component)

+ {

+ case 'template':

+ $sql_from = STYLES_TEMPLATE_TABLE;

+ break;

+

+ case 'theme':

+ $sql_from = STYLES_THEME_TABLE;

+ break;

+

+ case 'imageset':

+ $sql_from = STYLES_IMAGESET_TABLE;;

+ break;

+ }

+

+ $sql = "DELETE FROM $sql_from

+ WHERE {$component}_id = $component_id";

+ $db->sql_query($sql);

+

+ $sql = 'UPDATE ' . STYLES_TABLE . "

+ SET {$component}_id = $new_id

+ WHERE {$component}_id = $component_id";

+ $db->sql_query($sql);

+ }

+

+ /**

+ * Display the options which can be used to replace a style/template/theme/imageset

+ *

+ * @return boolean Returns true if the component is the only component and can not be deleted.

+ */

+ function display_component_options($component, $component_id, $style_row = false, $style_id = false)

+ {

+ global $db, $template, $user;

+

+ $is_only_component = true;

+ $component_in_use = array();

+ if ($component != 'style')

+ {

+ $component_in_use = $this->component_in_use($component, $component_id, $style_id);

+ }

+

+ $sql_where = '';

+ switch ($component)

+ {

+ case 'style':

+ $sql_from = STYLES_TABLE;

+ $sql_where = 'WHERE style_active = 1';

+ break;

+

+ case 'template':

+ $sql_from = STYLES_TEMPLATE_TABLE;

+ $sql_where = 'WHERE template_inherits_id <> ' . $component_id;

+ break;

+

+ case 'theme':

+ $sql_from = STYLES_THEME_TABLE;

+ break;

+

+ case 'imageset':

+ $sql_from = STYLES_IMAGESET_TABLE;

+ break;

+ }

+

+ $s_options = '';

+ if (($component != 'style') && empty($component_in_use))

+ {

+ // If it is not in use, there must be another component

+ $is_only_component = false;

+

+ $sql = "SELECT {$component}_id, {$component}_name

+ FROM $sql_from

+ WHERE {$component}_id = {$component_id}";

+ $result = $db->sql_query($sql);

+ $row = $db->sql_fetchrow($result);

+ $db->sql_freeresult($result);

+

+ $s_options .= '<option value="-1" selected="selected">' . $user->lang['DELETE_' . strtoupper($component)] . '</option>';

+ $s_options .= '<option value="0">' . sprintf($user->lang['KEEP_' . strtoupper($component)], $row[$component . '_name']) . '</option>';

+ }

+ else

+ {

+ $sql = "SELECT {$component}_id, {$component}_name

+ FROM $sql_from

+ $sql_where

+ ORDER BY {$component}_name ASC";

+ $result = $db->sql_query($sql);

+

+ $s_keep_option = $s_options = '';

+ while ($row = $db->sql_fetchrow($result))

+ {

+ if ($row[$component . '_id'] != $component_id)

+ {

+ $is_only_component = false;

+ $s_options .= '<option value="' . $row[$component . '_id'] . '">' . sprintf($user->lang['REPLACE_WITH_OPTION'], $row[$component . '_name']) . '</option>';

+ }

+ else if ($component != 'style')

+ {

+ $s_keep_option = '<option value="0" selected="selected">' . sprintf($user->lang['KEEP_' . strtoupper($component)], $row[$component . '_name']) . '</option>';

+ }

+ }

+ $db->sql_freeresult($result);

+ $s_options = $s_keep_option . $s_options;

+ }

+

+ if (!$style_row)

+ {

+ $template->assign_var('S_REPLACE_' . strtoupper($component) . '_OPTIONS', $s_options);

+ }

+ else

+ {

+ $template->assign_var('S_REPLACE_OPTIONS', $s_options);

+ if ($component == 'style')

+ {

+ $components = array('template', 'theme', 'imageset');

+ foreach ($components as $component)

+ {

+ $this->display_component_options($component, $style_row[$component . '_id'], false, $component_id, true);

+ }

+ }

+ }

+

+ return $is_only_component;

+ }

+

+ /**

+ * Check whether the component is still used by another style or component

+ */

+ function component_in_use($component, $component_id, $style_id = false)

+ {

+ global $db;

+

+ $component_in_use = array();

+

+ if ($style_id)

+ {

+ $sql = 'SELECT style_id, style_name

+ FROM ' . STYLES_TABLE . "

+ WHERE {$component}_id = {$component_id}

+ AND style_id <> {$style_id}

+ ORDER BY style_name ASC";

+ }

+ else

+ {

+ $sql = 'SELECT style_id, style_name

+ FROM ' . STYLES_TABLE . "

+ WHERE {$component}_id = {$component_id}

+ ORDER BY style_name ASC";

+ }

+ $result = $db->sql_query($sql);

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $component_in_use[] = $row['style_name'];

+ }

+ $db->sql_freeresult($result);

+

+ if ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id)))

+ {

+ foreach ($conflicts as $temp_id => $conflict_data)

+ {

+ $component_in_use[] = $conflict_data['template_name'];

+ }

+ }

+

+ return $component_in_use;

+ $use_template_name = $style_row['template_name'];

+ $template_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}', '{INHERIT_FROM}'), array($mode, $style_row['template_name'], $style_row['template_copyright'], $config['version'], $use_template_name), $this->template_cfg);

+

+ $info = obtain_latest_version_info(request_var('versioncheck_force', false));

+ 'S_UP_TO_DATE' => phpbb_version_compare($latest_version, $config['version'], '<='),

+ 'S_UP_TO_DATE_AUTO' => phpbb_version_compare($latest_version, $current_version, '<='),

+ $messenger->anti_abuse_headers($config, $user);

+ $messenger->anti_abuse_headers($config, $user);

+ $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false;

+ $sql = 'SELECT post_id

+ FROM ' . POSTS_TABLE . '

+ WHERE poster_id = '. $user_id;

+ $result = $db->sql_query_limit($sql, 1);

+ $user_row['user_has_posts'] = (bool) $db->sql_fetchfield('post_id');

+ $db->sql_freeresult($result);

+

+ 'USER_HAS_POSTS' => $user_row['user_has_posts'],

+ $start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);

+ * Set option bit field for user options in a user row array.

+ *

+ * Optionset replacement for this module based on $user->optionset.

+ *

+ * @param array $user_row Row from the users table.

+ * @param int $key Option key, as defined in $user->keyoptions property.

+ * @param bool $value True to set the option, false to clear the option.

+ * @param int $data Current bit field value, or false to use $user_row['user_options']

+ * @return int|bool If $data is false, the bit field is modified and

+ * written back to $user_row['user_options'], and

+ * return value is true if the bit field changed and

+ * false otherwise. If $data is not false, the new

+ * bitfield value is returned.

+ $var = ($data !== false) ? $data : $user_row['user_options'];

+ $new_var = phpbb_optionset($user->keyoptions[$key], $value, $var);

+ if ($data === false)

+ if ($new_var != $var)

+ {

+ $user_row['user_options'] = $new_var;

+ return true;

+ }

+ else

+ {

+ return false;

+ }

+ return $new_var;

+ * Get option bit field from user options in a user row array.

+ *

+ * Optionget replacement for this module based on $user->optionget.

+ *

+ * @param array $user_row Row from the users table.

+ * @param int $key option key, as defined in $user->keyoptions property.

+ * @param int $data bit field value to use, or false to use $user_row['user_options']

+ * @return bool true if the option is set in the bit field, false otherwise

+ $var = ($data !== false) ? $data : $user_row['user_options'];

+ return phpbb_optionget($user->keyoptions[$key], $var);

+ // Replace multiple consecutive asterisks with single one as those are not needed

+ $word = preg_replace('#\*{2,}#', '*', $word);

+

+ $seq_cache = array();

+ if (isset($seq_cache[$subseq]))

+ {

+ $converted = $seq_cache[$subseq];

+ }

+ else

+ {

+ $converted = $seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);

+ }

+

+ $this->acl[$f] .= $converted;

+ *

+ * Be careful when using this function with permissions a_, m_, u_ and f_ !

+ * It may not work correctly. When a user group grants an a_* permission,

+ * e.g. a_foo, but the user's a_foo permission is set to "Never", then

+ * the user does not in fact have the a_ permission.

+ * But the user will still be listed as having the a_ permission.

+ *

+ * For more information see: http://tracker.phpbb.com/browse/PHPBB3-10252

+ $login = $method($username, $password, $user->ip, $user->browser, $user->forwarded_for);

+*

+* @param string $username

+* @param string $password

+* @param string $ip IP address the login is taking place from. Used to

+* limit the number of login attempts per IP address.

+* @param string $browser The user agent used to login

+* @param string $forwarded_for X_FORWARDED_FOR header sent with login request

+* @return array A associative array of the format

+* array(

+* 'status' => status constant

+* 'error_msg' => string

+* 'user_row' => array

+* )

+function login_db($username, $password, $ip = '', $browser = '', $forwarded_for = '')

+ $username_clean = utf8_clean_string($username);

+

+ WHERE username_clean = '" . $db->sql_escape($username_clean) . "'";

+ if (($ip && !$config['ip_login_limit_use_forwarded']) ||

+ ($forwarded_for && $config['ip_login_limit_use_forwarded']))

+ {

+ $sql = 'SELECT COUNT(*) AS attempts

+ FROM ' . LOGIN_ATTEMPT_TABLE . '

+ WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']);

+ if ($config['ip_login_limit_use_forwarded'])

+ {

+ $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'";

+ }

+ else

+ {

+ $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' ";

+ }

+

+ $result = $db->sql_query($sql);

+ $attempts = (int) $db->sql_fetchfield('attempts');

+ $db->sql_freeresult($result);

+

+ $attempt_data = array(

+ 'attempt_ip' => $ip,

+ 'attempt_browser' => trim(substr($browser, 0, 149)),

+ 'attempt_forwarded_for' => $forwarded_for,

+ 'attempt_time' => time(),

+ 'user_id' => ($row) ? (int) $row['user_id'] : 0,

+ 'username' => $username,

+ 'username_clean' => $username_clean,

+ );

+ $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data);

+ $result = $db->sql_query($sql);

+ }

+ else

+ {

+ $attempts = 0;

+ }

+

+ if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max'])

+ {

+ return array(

+ 'status' => LOGIN_ERROR_ATTEMPTS,

+ 'error_msg' => 'LOGIN_ERROR_ATTEMPTS',

+ 'user_row' => array('user_id' => ANONYMOUS),

+ );

+ }

+

+

+ $show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) ||

+ ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']);

+

+ set_var($password_new_format, stripslashes($password_old_format), 'string', true);

+ $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . '

+ WHERE user_id = ' . $row['user_id'];

+ $db->sql_query($sql);

+

+?>

+ return array(

+ 'status' => LOGIN_ERROR_EXTERNAL_AUTH,

+ 'error_msg' => 'LDAP_NO_SERVER_CONNECTION',

+ 'user_row' => array('user_id' => ANONYMOUS),

+ );

+ <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd>

+ $code = str_replace("\n ", "\n&nbsp;", $code);

+

+ // keep space at the beginning

+ if (!empty($code) && $code[0] == ' ')

+ {

+ $code = '&nbsp;' . substr($code, 1);

+ }

+ $censors['match'][] = get_censor_preg_expression($row['word']);

+ $offset[$i] = phpbb_mt_rand(0, (int) round((1.5 * $width_avail) / $denom));

+ $noise[$i] = new char_cube3d($noise_bitmaps, mt_rand(1, sizeof($noise_bitmaps['data'])));

+ 'A' => $chars['A'][mt_rand(0, min(sizeof($chars['A']), $config['captcha_gd_fonts']) -1)],

+ 'B' => $chars['B'][mt_rand(0, min(sizeof($chars['B']), $config['captcha_gd_fonts']) -1)],

+ 'C' => $chars['C'][mt_rand(0, min(sizeof($chars['C']), $config['captcha_gd_fonts']) -1)],

+ 'D' => $chars['D'][mt_rand(0, min(sizeof($chars['D']), $config['captcha_gd_fonts']) -1)],

+ 'E' => $chars['E'][mt_rand(0, min(sizeof($chars['E']), $config['captcha_gd_fonts']) -1)],

+ 'F' => $chars['F'][mt_rand(0, min(sizeof($chars['F']), $config['captcha_gd_fonts']) -1)],

+ 'G' => $chars['G'][mt_rand(0, min(sizeof($chars['G']), $config['captcha_gd_fonts']) -1)],

+ 'H' => $chars['H'][mt_rand(0, min(sizeof($chars['H']), $config['captcha_gd_fonts']) -1)],

+ 'I' => $chars['I'][mt_rand(0, min(sizeof($chars['I']), $config['captcha_gd_fonts']) -1)],

+ 'J' => $chars['J'][mt_rand(0, min(sizeof($chars['J']), $config['captcha_gd_fonts']) -1)],

+ 'K' => $chars['K'][mt_rand(0, min(sizeof($chars['K']), $config['captcha_gd_fonts']) -1)],

+ 'L' => $chars['L'][mt_rand(0, min(sizeof($chars['L']), $config['captcha_gd_fonts']) -1)],

+ 'M' => $chars['M'][mt_rand(0, min(sizeof($chars['M']), $config['captcha_gd_fonts']) -1)],

+ 'N' => $chars['N'][mt_rand(0, min(sizeof($chars['N']), $config['captcha_gd_fonts']) -1)],

+ 'O' => $chars['O'][mt_rand(0, min(sizeof($chars['O']), $config['captcha_gd_fonts']) -1)],

+ 'P' => $chars['P'][mt_rand(0, min(sizeof($chars['P']), $config['captcha_gd_fonts']) -1)],

+ 'Q' => $chars['Q'][mt_rand(0, min(sizeof($chars['Q']), $config['captcha_gd_fonts']) -1)],

+ 'R' => $chars['R'][mt_rand(0, min(sizeof($chars['R']), $config['captcha_gd_fonts']) -1)],

+ 'S' => $chars['S'][mt_rand(0, min(sizeof($chars['S']), $config['captcha_gd_fonts']) -1)],

+ 'T' => $chars['T'][mt_rand(0, min(sizeof($chars['T']), $config['captcha_gd_fonts']) -1)],

+ 'U' => $chars['U'][mt_rand(0, min(sizeof($chars['U']), $config['captcha_gd_fonts']) -1)],

+ 'V' => $chars['V'][mt_rand(0, min(sizeof($chars['V']), $config['captcha_gd_fonts']) -1)],

+ 'W' => $chars['W'][mt_rand(0, min(sizeof($chars['W']), $config['captcha_gd_fonts']) -1)],

+ 'X' => $chars['X'][mt_rand(0, min(sizeof($chars['X']), $config['captcha_gd_fonts']) -1)],

+ 'Y' => $chars['Y'][mt_rand(0, min(sizeof($chars['Y']), $config['captcha_gd_fonts']) -1)],

+ 'Z' => $chars['Z'][mt_rand(0, min(sizeof($chars['Z']), $config['captcha_gd_fonts']) -1)],

+ 'x' => mt_rand($img_x - 45, $img_x - 5),

+ 'y' => mt_rand($img_y - 15, $img_y - 0),

+ 'lang' => array('INDEX', 'lang_iso'),

+ 'qid' => array('INDEX', 'question_id'),

+ var $recaptcha_server = 'http://www.google.com/recaptcha/api';

+ var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :(

+

+ // We are opening a socket to port 80 of this host and send

+ // the POST request asking for verification to the path specified here.

+ var $recaptcha_verify_server = 'www.google.com';

+ var $recaptcha_verify_path = '/recaptcha/api/verify';

+

+ $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path,

+define('PHPBB_VERSION', '3.0.11-RC1');

+// BBCode hard limit

+define('BBCODE_LIMIT', 1511);

+

+define('LOGIN_ATTEMPT_TABLE', $table_prefix . 'login_attempts');

+?>

+ * Gets a list of tables in the database.

+ *

+ * @return array Array of table names (all lower case)

+ */

+ function sql_list_tables()

+ {

+ switch ($this->db->sql_layer)

+ {

+ case 'mysql':

+ case 'mysql4':

+ case 'mysqli':

+ $sql = 'SHOW TABLES';

+ break;

+

+ case 'sqlite':

+ $sql = 'SELECT name

+ FROM sqlite_master

+ WHERE type = "table"';

+ break;

+

+ case 'mssql':

+ case 'mssql_odbc':

+ case 'mssqlnative':

+ $sql = "SELECT name

+ FROM sysobjects

+ WHERE type='U'";

+ break;

+

+ case 'postgres':

+ $sql = 'SELECT relname

+ FROM pg_stat_user_tables';

+ break;

+

+ case 'firebird':

+ $sql = 'SELECT rdb$relation_name

+ FROM rdb$relations

+ WHERE rdb$view_source is null

+ AND rdb$system_flag = 0';

+ break;

+

+ case 'oracle':

+ $sql = 'SELECT table_name

+ FROM USER_TABLES';

+ break;

+ }

+

+ $result = $this->db->sql_query($sql);

+

+ $tables = array();

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ $name = current($row);

+ $tables[$name] = $name;

+ }

+ $this->db->sql_freeresult($result);

+

+ return $tables;

+ }

+

+ /**

+ if (isset($prepared_column['auto_increment']) && strlen($column_name) > 26) // "${column_name}_gen"

+ {

+ trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum auto increment column length is 26 characters.", E_USER_ERROR);

+ }

+

+ $table_sql .= "\n)";

+ $trigger .= "\tFROM dual;\n";

+ $statements[] = "CREATE GENERATOR {$table_name}_gen;";

+ $statements[] = "SET GENERATOR {$table_name}_gen TO 0;";

+

+ $trigger = "CREATE TRIGGER t_$table_name FOR $table_name\n";

+ $trigger .= "BEFORE INSERT\nAS\nBEGIN\n";

+ $trigger .= "\tNEW.{$create_sequence} = GEN_ID({$table_name}_gen, 1);\nEND;";

+ $statements[] = $trigger;

+ // Drop tables?

+ if (!empty($schema_changes['drop_tables']))

+ {

+ foreach ($schema_changes['drop_tables'] as $table)

+ {

+ // only drop table if it exists

+ if ($this->sql_table_exists($table))

+ {

+ $result = $this->sql_table_drop($table);

+ if ($this->return_statements)

+ {

+ $statements = array_merge($statements, $result);

+ }

+ }

+ }

+ }

+

+ // Add tables?

+ if (!empty($schema_changes['add_tables']))

+ {

+ foreach ($schema_changes['add_tables'] as $table => $table_data)

+ {

+ $result = $this->sql_create_table($table, $table_data);

+ if ($this->return_statements)

+ {

+ $statements = array_merge($statements, $result);

+ }

+ }

+ }

+

+ // Only add the column if it does not exist yet

+ continue;

+ // This is commented out here because it can take tremendous time on updates

+// $result = $this->sql_column_change($table, $column_name, $column_data, true);

+ continue;

+// $sqlite_data[$table]['change_columns'][] = $result;

+ if (!$this->sql_index_exists($table, $index_name))

+ {

+ continue;

+ }

+

+ if ($this->sql_unique_index_exists($table, $index_name))

+ {

+ continue;

+ }

+

+ if ($this->sql_index_exists($table, $index_name))

+ {

+ continue;

+ }

+

+ * Gets a list of columns of a table.

+ * @param string $table Table name

+ * @return array Array of column names (all lower case)

+ function sql_list_columns($table)

+ $columns = array();

+

+

+ $column = strtolower($entities[0]);

+ $columns[$column] = $column;

+ }

+

+ return $columns;

+ break;

+ }

+

+ $result = $this->db->sql_query($sql);

+

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ $column = strtolower(current($row));

+ $columns[$column] = $column;

+ }

+ $this->db->sql_freeresult($result);

+

+ return $columns;

+ }

+

+ /**

+ * Check whether a specified column exist in a table

+ *

+ * @param string $table Table to check

+ * @param string $column_name Column to check

+ *

+ * @return bool True if column exists, false otherwise

+ */

+ function sql_column_exists($table, $column_name)

+ {

+ $columns = $this->sql_list_columns($table);

+

+ return isset($columns[$column_name]);

+ }

+

+ /**

+ * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.

+ *

+ * @param string $table_name Table to check the index at

+ * @param string $index_name The index name to check

+ *

+ * @return bool True if index exists, else false

+ */

+ function sql_index_exists($table_name, $index_name)

+ {

+ if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')

+ {

+ $sql = "EXEC sp_statistics '$table_name'";

+ $result = $this->db->sql_query($sql);

+

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ if ($row['TYPE'] == 3)

+ {

+ if (strtolower($row['INDEX_NAME']) == strtolower($index_name))

+ $this->db->sql_freeresult($result);

+ }

+ $this->db->sql_freeresult($result);

+

+ return false;

+ }

+

+ switch ($this->sql_layer)

+ {

+ case 'firebird':

+ $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name

+ FROM RDB\$INDICES

+ WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "'

+ AND RDB\$UNIQUE_FLAG IS NULL

+ AND RDB\$FOREIGN_KEY IS NULL";

+ $col = 'index_name';

+ break;

+

+ case 'postgres':

+ $sql = "SELECT ic.relname as index_name

+ FROM pg_class bc, pg_class ic, pg_index i

+ WHERE (bc.oid = i.indrelid)

+ AND (ic.oid = i.indexrelid)

+ AND (bc.relname = '" . $table_name . "')

+ AND (i.indisunique != 't')

+ AND (i.indisprimary != 't')";

+ $col = 'index_name';

+ break;

+

+ case 'mysql_40':

+ case 'mysql_41':

+ $sql = 'SHOW KEYS

+ FROM ' . $table_name;

+ $col = 'Key_name';

+

+ case 'oracle':

+ $sql = "SELECT index_name

+ FROM user_indexes

+ WHERE table_name = '" . strtoupper($table_name) . "'

+ AND generated = 'N'

+ AND uniqueness = 'NONUNIQUE'";

+ $col = 'index_name';

+ break;

+

+ case 'sqlite':

+ $sql = "PRAGMA index_list('" . $table_name . "');";

+ $col = 'name';

+ break;

+ }

+

+ $result = $this->db->sql_query($sql);

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && !$row['Non_unique'])

+ {

+ continue;

+ }

+

+ // These DBMS prefix index name with the table name

+ switch ($this->sql_layer)

+ {

+ case 'firebird':

+ case 'oracle':

+ case 'postgres':

+ case 'sqlite':

+ $row[$col] = substr($row[$col], strlen($table_name) + 1);

+ break;

+ }

+

+ if (strtolower($row[$col]) == strtolower($index_name))

+ {

+ $this->db->sql_freeresult($result);

+ return true;

+ }

+ $this->db->sql_freeresult($result);

+

+ return false;

+ }

+

+ /**

+ * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.

+ *

+ * @param string $table_name Table to check the index at

+ * @param string $index_name The index name to check

+ *

+ * @return bool True if index exists, else false

+ */

+ function sql_unique_index_exists($table_name, $index_name)

+ {

+ if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')

+ {

+ $sql = "EXEC sp_statistics '$table_name'";

+ $result = $this->db->sql_query($sql);

+

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ // Usually NON_UNIQUE is the column we want to check, but we allow for both

+ if ($row['TYPE'] == 3)

+ {

+ if (strtolower($row['INDEX_NAME']) == strtolower($index_name))

+ {

+ $this->db->sql_freeresult($result);

+ return true;

+ }

+ }

+ }

+ $this->db->sql_freeresult($result);

+ return false;

+ }

+

+ switch ($this->sql_layer)

+ {

+ case 'firebird':

+ $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name

+ FROM RDB\$INDICES

+ WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "'

+ AND RDB\$UNIQUE_FLAG IS NOT NULL

+ AND RDB\$FOREIGN_KEY IS NULL";

+ $col = 'index_name';

+ break;

+

+ case 'postgres':

+ $sql = "SELECT ic.relname as index_name, i.indisunique

+ FROM pg_class bc, pg_class ic, pg_index i

+ WHERE (bc.oid = i.indrelid)

+ AND (ic.oid = i.indexrelid)

+ AND (bc.relname = '" . $table_name . "')

+ AND (i.indisprimary != 't')";

+ $col = 'index_name';

+ break;

+

+ case 'mysql_40':

+ case 'mysql_41':

+ $sql = 'SHOW KEYS

+ FROM ' . $table_name;

+ $col = 'Key_name';

+ break;

+

+ case 'oracle':

+ $sql = "SELECT index_name, table_owner

+ FROM user_indexes

+ WHERE table_name = '" . strtoupper($table_name) . "'

+ AND generated = 'N'

+ AND uniqueness = 'UNIQUE'";

+ $col = 'index_name';

+ break;

+

+ case 'sqlite':

+ $sql = "PRAGMA index_list('" . $table_name . "');";

+ $col = 'name';

+ break;

+ }

+

+ $result = $this->db->sql_query($sql);

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && ($row['Non_unique'] || $row[$col] == 'PRIMARY'))

+ {

+ continue;

+ }

+

+ if ($this->sql_layer == 'sqlite' && !$row['unique'])

+ {

+ continue;

+ }

+

+ if ($this->sql_layer == 'postgres' && $row['indisunique'] != 't')

+ {

+ continue;

+ }

+

+ // These DBMS prefix index name with the table name

+ switch ($this->sql_layer)

+ {

+ case 'oracle':

+ // Two cases here... prefixed with U_[table_owner] and not prefixed with table_name

+ if (strpos($row[$col], 'U_') === 0)

+ {

+ $row[$col] = substr($row[$col], strlen('U_' . $row['table_owner']) + 1);

+ }

+ else if (strpos($row[$col], strtoupper($table_name)) === 0)

+ {

+ $row[$col] = substr($row[$col], strlen($table_name) + 1);

+ }

+ break;

+

+ case 'firebird':

+ case 'postgres':

+ case 'sqlite':

+ $row[$col] = substr($row[$col], strlen($table_name) + 1);

+ break;

+ }

+

+ if (strtolower($row[$col]) == strtolower($index_name))

+ {

+ $this->db->sql_freeresult($result);

+ return true;

+ }

+ }

+ $this->db->sql_freeresult($result);

+

+ return false;

+ if (strlen($column_name) > 30)

+ {

+ trigger_error("Column name '$column_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR);

+ }

+

+ // Does not support AFTER statement, only POSITION (and there you need the column position)

+ // Does not support AFTER, only through temporary table

+ $after = (!empty($column_data['after'])) ? ' AFTER ' . $column_data['after'] : '';

+ $statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql'] . $after;

+ // Does not support AFTER, only through temporary table

+ // Does not support AFTER, only through temporary table

+ $statements[] = 'ALTER TABLE ' . $table_name . ' DROP COLUMN ' . $column_name;

+ break;

+ $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config)

+ if (strlen($table_name . $index_name) - strlen($table_prefix) > 24)

+ {

+ $max_length = strlen($table_prefix) + 24;

+ trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR);

+ }

+

+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD UNIQUE INDEX ' . $index_name . '(' . implode(', ', $column) . ')';

+ $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config)

+ if (strlen($table_name . $index_name) - strlen($table_prefix) > 24)

+ {

+ $max_length = strlen($table_prefix) + 24;

+ trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR);

+ }

+

+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD INDEX ' . $index_name . '(' . implode(', ', $column) . ')';

+ // TODO: try to change pkey without removing trigger, generator or constraints. ATM this query may fail.

+ * Seek to given row number

+ * rownum is zero-based

+ */

+ function sql_rowseek($rownum, &$query_id)

+ {

+ global $cache;

+

+ if ($query_id === false)

+ {

+ $query_id = $this->query_result;

+ }

+

+ if (isset($cache->sql_rowset[$query_id]))

+ {

+ return $cache->sql_rowseek($rownum, $query_id);

+ }

+

+ if ($query_id === false)

+ {

+ return false;

+ }

+

+ $this->sql_freeresult($query_id);

+ $query_id = $this->sql_query($this->last_query_text);

+

+ if ($query_id === false)

+ {

+ return false;

+ }

+

+ // We do not fetch the row for rownum == 0 because then the next resultset would be the second row

+ for ($i = 0; $i < $rownum; $i++)

+ {

+ if (!$this->sql_fetchrow($query_id))

+ {

+ return false;

+ }

+ }

+

+ return true;

+ }

+

+ /**

+ * Returns whether results of a query need to be buffered to run a transaction while iterating over them.

+ *

+ * @return bool Whether buffering is required.

+ */

+ function sql_buffer_nested_transactions()

+ {

+ return false;

+ }

+

+ /**

+ * Run LOWER() on DB column of type text (i.e. neither varchar nor char).

+ *

+ * @param string $column_name The column name to use

+ *

+ * @return string A SQL statement like "LOWER($column_name)"

+ */

+ function sql_lower_text($column_name)

+ {

+ return "LOWER($column_name)";

+ }

+

+ /**

+ $sql .= $this->_sql_custom_build('FROM', implode(' CROSS JOIN ', $table_array));

+ Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group

+

+ /**

+ * Gets the estimated number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Number of rows in $table_name.

+ * Prefixed with ~ if estimated (otherwise exact).

+ *

+ * @access public

+ */

+ function get_estimated_row_count($table_name)

+ {

+ return $this->get_row_count($table_name);

+ }

+

+ /**

+ * Gets the exact number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Exact number of rows in $table_name.

+ *

+ * @access public

+ */

+ function get_row_count($table_name)

+ {

+ $sql = 'SELECT COUNT(*) AS rows_total

+ FROM ' . $this->sql_escape($table_name);

+ $result = $this->sql_query($sql);

+ $rows_total = $this->sql_fetchfield('rows_total');

+ $this->sql_freeresult($result);

+

+ return $rows_total;

+ }

+ var $connect_error = '';

+ if ($this->persistency)

+ {

+ if (!function_exists('ibase_pconnect'))

+ {

+ $this->connect_error = 'ibase_pconnect function does not exist, is interbase extension installed?';

+ return $this->sql_error('');

+ }

+ $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3);

+ }

+ else

+ {

+ if (!function_exists('ibase_connect'))

+ {

+ $this->connect_error = 'ibase_connect function does not exist, is interbase extension installed?';

+ return $this->sql_error('');

+ }

+ $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3);

+ }

+ // Do not call ibase_service_attach if connection failed,

+ // otherwise error message from ibase_(p)connect call will be clobbered.

+ if ($this->db_connect_id && function_exists('ibase_service_attach') && $this->server)

+ {

+ $this->service_handle = @ibase_service_attach($this->server, $this->user, $sqlpassword);

+ }

+ else

+ {

+ $this->service_handle = false;

+ }

+ // Need special handling here because ibase_errmsg returns

+ // connection errors, however if the interbase extension

+ // is not installed then ibase_errmsg does not exist and

+ // we cannot call it.

+ if (function_exists('ibase_errmsg'))

+ {

+ $msg = @ibase_errmsg();

+ if (!$msg)

+ {

+ $msg = $this->connect_error;

+ }

+ }

+ else

+ {

+ $msg = $this->connect_error;

+ }

+ 'message' => $msg,

+ * {@inheritDoc}

+ */

+ function sql_lower_text($column_name)

+ {

+ return "LOWER(SUBSTRING($column_name, 1, DATALENGTH($column_name)))";

+ }

+

+ /**

+ * {@inheritDoc}

+ */

+ function sql_lower_text($column_name)

+ {

+ return "LOWER(SUBSTRING($column_name, 1, DATALENGTH($column_name)))";

+ }

+

+ /**

+ $this->m_row_count = sizeof($this->m_rows);

+ * {@inheritDoc}

+ */

+ function sql_buffer_nested_transactions()

+ {

+ return true;

+ }

+

+ /**

+ return (!empty($this->query_result)) ? @sqlsrv_rows_affected($this->query_result) : false;

+ * {@inheritDoc}

+ */

+ function sql_lower_text($column_name)

+ {

+ return "LOWER(SUBSTRING($column_name, 1, DATALENGTH($column_name)))";

+ }

+

+ /**

+

+ * Gets the estimated number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Number of rows in $table_name.

+ * Prefixed with ~ if estimated (otherwise exact).

+ *

+ * @access public

+ */

+ function get_estimated_row_count($table_name)

+ {

+ $table_status = $this->get_table_status($table_name);

+

+ if (isset($table_status['Engine']))

+ {

+ if ($table_status['Engine'] === 'MyISAM')

+ {

+ return $table_status['Rows'];

+ }

+ else if ($table_status['Engine'] === 'InnoDB' && $table_status['Rows'] > 100000)

+ {

+ return '~' . $table_status['Rows'];

+ }

+ }

+

+ return parent::get_row_count($table_name);

+ }

+

+ /**

+ * Gets the exact number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Exact number of rows in $table_name.

+ *

+ * @access public

+ */

+ function get_row_count($table_name)

+ {

+ $table_status = $this->get_table_status($table_name);

+

+ if (isset($table_status['Engine']) && $table_status['Engine'] === 'MyISAM')

+ {

+ return $table_status['Rows'];

+ }

+

+ return parent::get_row_count($table_name);

+ }

+

+ /**

+ * Gets some information about the specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return array

+ *

+ * @access protected

+ */

+ function get_table_status($table_name)

+ {

+ $sql = "SHOW TABLE STATUS

+ LIKE '" . $this->sql_escape($table_name) . "'";

+ $result = $this->sql_query($sql);

+ $table_status = $this->sql_fetchrow($result);

+ $this->sql_freeresult($result);

+

+ return $table_status;

+ }

+

+ /**

+ // Mysqli extension supports persistent connection since PHP 5.3.0

+ $this->persistency = (version_compare(PHP_VERSION, '5.3.0', '>=')) ? $persistency : false;

+

+ // If persistent connection, set dbhost to localhost when empty and prepend it with 'p:' prefix

+ $this->server = ($this->persistency) ? 'p:' . (($sqlserver) ? $sqlserver : 'localhost') : $sqlserver;

+

+ // If port is set and it is not numeric, most likely mysqli socket is set.

+ // Try to map it to the $socket parameter.

+ $socket = NULL;

+ if ($port)

+ {

+ if (is_numeric($port))

+ {

+ $port = (int) $port;

+ }

+ else

+ {

+ $socket = $port;

+ $port = NULL;

+ }

+ }

+

+ $this->db_connect_id = @mysqli_connect($this->server, $this->user, $sqlpassword, $this->dbname, $port, $socket);

+ if ($query_id !== false)

+ {

+ $result = @mysqli_fetch_assoc($query_id);

+ return $result !== null ? $result : false;

+ }

+

+ return false;

+ * Gets the estimated number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Number of rows in $table_name.

+ * Prefixed with ~ if estimated (otherwise exact).

+ *

+ * @access public

+ */

+ function get_estimated_row_count($table_name)

+ {

+ $table_status = $this->get_table_status($table_name);

+

+ if (isset($table_status['Engine']))

+ {

+ if ($table_status['Engine'] === 'MyISAM')

+ {

+ return $table_status['Rows'];

+ }

+ else if ($table_status['Engine'] === 'InnoDB' && $table_status['Rows'] > 100000)

+ {

+ return '~' . $table_status['Rows'];

+ }

+ }

+

+ return parent::get_row_count($table_name);

+ }

+

+ /**

+ * Gets the exact number of rows in a specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return string Exact number of rows in $table_name.

+ *

+ * @access public

+ */

+ function get_row_count($table_name)

+ {

+ $table_status = $this->get_table_status($table_name);

+

+ if (isset($table_status['Engine']) && $table_status['Engine'] === 'MyISAM')

+ {

+ return $table_status['Rows'];

+ }

+

+ return parent::get_row_count($table_name);

+ }

+

+ /**

+ * Gets some information about the specified table.

+ *

+ * @param string $table_name Table name

+ *

+ * @return array

+ *

+ * @access protected

+ */

+ function get_table_status($table_name)

+ {

+ $sql = "SHOW TABLE STATUS

+ LIKE '" . $this->sql_escape($table_name) . "'";

+ $result = $this->sql_query($sql);

+ $table_status = $this->sql_fetchrow($result);

+ $this->sql_freeresult($result);

+

+ return $table_status;

+ }

+

+ /**

+ preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER);

+

+if (!class_exists('phpbb_error_collector'))

+{

+ include($phpbb_root_path . 'includes/error_collector.' . $phpEx);

+}

+

+ var $connect_error = '';

+ if (!function_exists('pg_pconnect'))

+ {

+ $this->connect_error = 'pg_pconnect function does not exist, is pgsql extension installed?';

+ return $this->sql_error('');

+ }

+ $collector = new phpbb_error_collector;

+ $collector->install();

+ if (!function_exists('pg_connect'))

+ {

+ $this->connect_error = 'pg_connect function does not exist, is pgsql extension installed?';

+ return $this->sql_error('');

+ }

+ $collector = new phpbb_error_collector;

+ $collector->install();

+ $collector->uninstall();

+

+ $this->connect_error = $collector->format_errors();

+ // pg_last_error only works when there is an established connection.

+ // Connection errors have to be tracked by us manually.

+ if ($this->db_connect_id)

+ {

+ $message = @pg_last_error($this->db_connect_id);

+ }

+ else

+ {

+ $message = $this->connect_error;

+ }

+

+ 'message' => $message,

+<?php

+/**

+*

+* @package phpBB

+* @version $Id$

+* @copyright (c) 2011 phpBB Group

+* @license http://opensource.org/licenses/gpl-license.php GNU Public License

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+class phpbb_error_collector

+{

+ var $errors;

+

+ function phpbb_error_collector()

+ {

+ $this->errors = array();

+ }

+

+ function install()

+ {

+ set_error_handler(array(&$this, 'error_handler'));

+ }

+

+ function uninstall()

+ {

+ restore_error_handler();

+ }

+

+ function error_handler($errno, $msg_text, $errfile, $errline)

+ {

+ $this->errors[] = array($errno, $msg_text, $errfile, $errline);

+ }

+

+ function format_errors()

+ {

+ $text = '';

+ foreach ($this->errors as $error)

+ {

+ if (!empty($text))

+ {

+ $text .= "<br />\n";

+ }

+

+ list($errno, $msg_text, $errfile, $errline) = $error;

+

+ // Prevent leakage of local path to phpBB install

+ $errfile = phpbb_filter_root_path($errfile);

+

+ $text .= "Errno $errno: $msg_text at $errfile line $errline";

+ }

+

+ return $text;

+ }

+}

+ // Precision must be from 1 to 18

+ $sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))';

+ break;

+

+ // Need to cast to text first for PostgreSQL 7.x

+ $sql_update = 'CAST(CAST(config_value::text as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';

+ set_config('rand_seed', $config['rand_seed'], true);

+* Wrapper for mt_rand() which allows swapping $min and $max parameters.

+*

+* PHP does not allow us to swap the order of the arguments for mt_rand() anymore.

+* (since PHP 5.3.4, see http://bugs.php.net/46587)

+*

+* @param int $min Lowest value to be returned

+* @param int $max Highest value to be returned

+*

+* @return int Random integer between $min and $max (or $max and $min)

+*/

+function phpbb_mt_rand($min, $max)

+{

+ return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max);

+}

+

+/**

+* Wrapper for getdate() which returns the equivalent array for UTC timestamps.

+*

+* @param int $time Unix timestamp (optional)

+*

+* @return array Returns an associative array of information related to the timestamp.

+* See http://www.php.net/manual/en/function.getdate.php

+*/

+function phpbb_gmgetdate($time = false)

+{

+ if ($time === false)

+ {

+ $time = time();

+ }

+

+ // getdate() interprets timestamps in local time.

+ // What follows uses the fact that getdate() and

+ // date('Z') balance each other out.

+ return getdate($time - date('Z'));

+}

+

+/**

+ if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$')

+* Wrapper for version_compare() that allows using uppercase A and B

+* for alpha and beta releases.

+*

+* See http://www.php.net/manual/en/function.version-compare.php

+*

+* @param string $version1 First version number

+* @param string $version2 Second version number

+* @param string $operator Comparison operator (optional)

+*

+* @return mixed Boolean (true, false) if comparison operator is specified.

+* Integer (-1, 0, 1) otherwise.

+*/

+function phpbb_version_compare($version1, $version2, $operator = null)

+{

+ $version1 = strtolower($version1);

+ $version2 = strtolower($version2);

+

+ if (is_null($operator))

+ {

+ return version_compare($version1, $version2);

+ }

+ else

+ {

+ return version_compare($version1, $version2, $operator);

+ }

+}

+

+/**

+ $last_mark = (int) $user->data['user_lastmark'];

+ t.topic_last_post_time > $last_mark AND

+ (tt.mark_time IS NULL AND ft.mark_time IS NULL)

+ global $db, $tracking_topics, $user, $config, $auth;

+ // Handle update of unapproved topics info.

+ // Only update for moderators having m_approve permission for the forum.

+ $sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1';

+

+ $sql = 'SELECT t.forum_id

+ FROM ' . TOPICS_TABLE . ' t

+ LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt

+ ON (tt.topic_id = t.topic_id

+ AND tt.user_id = ' . $user->data['user_id'] . ')

+ AND t.topic_moved_id = 0 ' .

+ $sql_update_unapproved . '

+ AND (tt.topic_id IS NULL

+ OR tt.mark_time < t.topic_last_post_time)';

+ $sql = 'SELECT t.topic_id

+ FROM ' . TOPICS_TABLE . ' t

+ WHERE t.forum_id = ' . $forum_id . '

+ AND t.topic_last_post_time > ' . $mark_time_forum . '

+ AND t.topic_moved_id = 0 ' .

+ $sql_update_unapproved;

+ $page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $seperator;

+ $page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $seperator;

+ if ($params === '' || (is_array($params) && empty($params)))

+ {

+ // Do not append the ? if the param-list is empty anyway.

+ $params = false;

+ }

+

+*

+*

+* @return string the generated board url

+ if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/'))

+ if (!file_exists($pathinfo['dirname'] . '/'))

+ if (!empty($_SERVER['SERVER_PROTOCOL']))

+ $version = $_SERVER['SERVER_PROTOCOL'];

+

+ if (isset($parsed_items['inherit_from']) && isset($parsed_items['name']) && $parsed_items['inherit_from'] == $parsed_items['name'])

+ {

+ unset($parsed_items['inherit_from']);

+ }

+* Return a nicely formatted backtrace.

+*

+* Turns the array returned by debug_backtrace() into HTML markup.

+* Also filters out absolute paths to phpBB root.

+*

+* @return string HTML markup

+ // We skip the first one, because it only shows this file/function

+ unset($backtrace[0]);

+ foreach ($backtrace as $trace)

+ {

+ $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));

+ $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];

+ // Only show function arguments for include etc.

+ // Other parameters may contain sensible information

+ $argument = '';

+ if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once')))

+ $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));

+ $output .= '<b>FILE:</b> ' . $trace['file'] . '<br />';

+ $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);

+ $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />';

+ return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';

+

+ case 'table_prefix':

+ return '#^[a-zA-Z][a-zA-Z0-9_]*$#';

+ break;

+* Generate regexp for naughty words censoring

+* Depends on whether installed PHP version supports unicode properties

+*

+* @param string $word word template to be replaced

+* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode

+*

+* @return string $preg_expr regex to use with word censor

+*/

+function get_censor_preg_expression($word, $use_unicode = true)

+{

+ static $unicode_support = null;

+

+ // Check whether PHP version supports unicode properties

+ if (is_null($unicode_support))

+ {

+ $unicode_support = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false;

+ }

+

+ // Unescape the asterisk to simplify further conversions

+ $word = str_replace('\*', '*', preg_quote($word, '#'));

+

+ if ($use_unicode && $unicode_support)

+ {

+ // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes

+ $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word);

+

+ // Generate the final substitution

+ $preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu';

+ }

+ else

+ {

+ // Replace the asterisk inside the pattern, at the start and at the end of it with regexes

+ $word = preg_replace(array('#(?<=\S)\*+(?=\S)#iu', '#^\*+#', '#\*+$#'), array('(\x20*?\S*?)', '\S*?', '\S*?'), $word);

+

+ // Generate the final substitution

+ $preg_expr = '#(?<!\S)(' . $word . ')(?!\S)#iu';

+ }

+

+ return $preg_expr;

+}

+

+/**

+ // Call checkdnsrr() if

+ // Call dns_get_record() if

+ isset($result['host']) && $result['host'] == $host &&

+ break;

+ // AAAA records returned by nslookup on Windows XP/2003 have this format.

+ // Later Windows versions use the A record format below for AAAA records.

+ if (stripos($line, "$host AAAA IPv6 address") === 0)

+ {

+ return true;

+ }

+ // No break

+

+ case 'A':

+ $errfile = phpbb_filter_root_path($errfile);

+ $msg_text = phpbb_filter_root_path($msg_text);

+ $error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice';

+ echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";

+ $log_text = $msg_text;

+ $backtrace = get_backtrace();

+ if ($backtrace)

+ {

+ $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace;

+ }

+

+ if (defined('IN_INSTALL') || defined('DEBUG_EXTRA') || isset($auth) && $auth->acl_get('a_'))

+ {

+ $msg_text = $log_text;

+ }

+

+ add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text);

+ echo ' Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';

+* Removes absolute path to phpBB root directory from error messages

+* and converts backslashes to forward slashes.

+*

+* @param string $errfile Absolute file path

+* (e.g. /var/www/phpbb3/phpBB/includes/functions.php)

+* Please note that if $errfile is outside of the phpBB root,

+* the root path will not be found and can not be filtered.

+* @return string Relative file path

+* (e.g. /includes/functions.php)

+*/

+function phpbb_filter_root_path($errfile)

+{

+ static $root_path;

+

+ if (empty($root_path))

+ {

+ $root_path = phpbb_realpath(dirname(__FILE__) . '/../');

+ }

+

+ return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);

+}

+

+/**

+ }

+ global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;

+ // to avoid partially compressed output resulting in blank pages in

+ // the browser or error messages, compression is disabled in a few cases:

+ //

+ // 1) if headers have already been sent, this indicates plaintext output

+ // has been started so further content must not be compressed

+ // 2) the length of the current output buffer is non-zero. This means

+ // there is already some uncompressed content in this output buffer

+ // so further output must not be compressed

+ // 3) if more than one level of output buffering is used because we

+ // cannot test all output buffer level content lengths. One level

+ // could be caused by php.ini output_buffering. Anything

+ // beyond that is manual, so the code wrapping phpBB in output buffering

+ // can easily compress the output itself.

+ //

+ if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0)

+ $s_search_hidden_fields = array();

+ if ($_SID)

+ {

+ $s_search_hidden_fields['sid'] = $_SID;

+ }

+

+ if (!empty($_EXTRA_URL))

+ {

+ foreach ($_EXTRA_URL as $url_param)

+ {

+ $url_param = explode('=', $url_param, 2);

+ $s_search_hidden_fields[$url_param[0]] = $url_param[1];

+ }

+ }

+

+ 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields),

+

+ 'T_THEME_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme',

+ 'T_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',

+ 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . rawurlencode($user->theme['template_inherit_path']) . '/template' : "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',

+ 'T_IMAGESET_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset',

+ 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset/' . $user->lang_name,

+ 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->lang_name),

+ 'T_THEME_NAME' => rawurlencode($user->theme['theme_path']),

+ 'T_TEMPLATE_NAME' => rawurlencode($user->theme['template_path']),

+ 'T_SUPER_TEMPLATE_NAME' => rawurlencode((isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path']),

+ 'T_IMAGESET_NAME' => rawurlencode($user->theme['imageset_path']),

+ if (!empty($user->data['is_bot']))

+ {

+ // Let reverse proxies know we detected a bot.

+ header('X-PHPBB-IS-BOT: yes');

+ }

+

+ 'CREDIT_LINE' => $user->lang('POWERED_BY', '<a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),

+ if (!defined('IN_CRON') && $run_cron && !$config['board_disable'] && !$user->data['is_bot'])

+ (ob_get_level() > 0) ? @ob_flush() : @flush();

+* If $log_count is set to false, we will skip counting all entries in the database.

+ $sql_lower = $db->sql_lower_text('l.log_data');

+ $sql_keywords .= "$sql_lower " . implode(" OR $sql_lower ", $keywords) . ')';

+ }

+

+ if ($log_count !== false)

+ {

+ $sql = 'SELECT COUNT(l.log_id) AS total_entries

+ FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u

+ WHERE l.log_type = $log_type

+ AND l.user_id = u.user_id

+ AND l.log_time >= $limit_days

+ $sql_keywords

+ $sql_forum";

+ $result = $db->sql_query($sql);

+ $log_count = (int) $db->sql_fetchfield('total_entries');

+ $db->sql_freeresult($result);

+ }

+

+ // $log_count may be false here if false was passed in for it,

+ // because in this case we did not run the COUNT() query above.

+ // If we ran the COUNT() query and it returned zero rows, return;

+ // otherwise query for logs below.

+ if ($log_count === 0)

+ {

+ // Save the queries, because there are no logs to display

+ return 0;

+ }

+

+ if ($offset >= $log_count)

+ {

+ $offset = ($offset - $limit < 0) ? 0 : $offset - $limit;

+ return $offset;

+ if ($user_count == 0)

+ {

+ // Save the queries, because there are no users to display

+ return 0;

+ }

+

+function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6)

+ $timer_stop = time() + $timeout;

+ stream_set_timeout($fsock, $timeout);

+

+

+ $stream_meta_data = stream_get_meta_data($fsock);

+

+ if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)

+ {

+ $errstr = $user->lang['FSOCK_TIMEOUT'];

+ return false;

+ }

+* NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_length) and is deprecated.

+ // check for trailing slash

+ if (rtrim($convert->convertor['avatar_gallery_path'], '/') === '')

+ // check for trailing slash

+ if (rtrim($convert->convertor['upload_path'], '/') === '')

+ // check for trailing slash

+ if (rtrim($convert->convertor['smilies_path'], '/') === '')

+ // check for trailing slash

+ if (rtrim($convert->convertor['avatar_path'], '/') === '')

+ 'Bing [Bot]' => array('bingbot/', ''),

+ // Handle marking everything read

+ if ($mark_read == 'all')

+ {

+ $redirect = build_url(array('mark', 'hash'));

+ meta_refresh(3, $redirect);

+

+ if (check_link_hash(request_var('hash', ''), 'global'))

+ {

+ markread('all');

+

+ trigger_error(

+ $user->lang['FORUMS_MARKED'] . '<br /><br />' .

+ sprintf($user->lang['RETURN_INDEX'], '<a href="' . $redirect . '">', '</a>')

+ );

+ }

+ else

+ {

+ trigger_error(sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));

+ }

+ }

+

+ if ($mark_read == 'forums')

+

+ continue;

+ if ($mark_read == 'forums')

+ // Add 0 to forums array to mark global announcements correctly

+ $forum_ids[] = 0;

+ markread('topics', $forum_ids);

+ $message = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect . '">', '</a>');

+ 'S_AUTH_READ' => $auth->acl_get('f_read', $row['forum_id']),

+ 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false,

+ $pagination .= '<span class="page-dots"> ... </span>';

+ // We need to exclude passworded forums here so we do not leak the topic title

+ $forum_ary_topic = array_unique(array_merge($forum_ary, $user->get_passworded_forums()));

+ $forum_sql_topic = (!empty($forum_ary_topic)) ? 'AND ' . $db->sql_in_set('forum_id', $forum_ary_topic, true) : '';

+

+ $forum_sql_topic

+function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0, $item_title = '')

+ $is_watching = 0;

+ $token = request_var('hash', '');

+

+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))

+ if ($uid != $user_id || $_GET['unwatch'] != $mode)

+ {

+ $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");

+ $message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');

+ trigger_error($message);

+ }

+ $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");

+ $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />';

+ $message .= sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');

+ meta_refresh(3, $redirect_url);

+ trigger_error($message);

+ }

+ else

+ {

+ $s_hidden_fields = array(

+ 'uid' => $user->data['user_id'],

+ 'unwatch' => $mode,

+ 'start' => $start,

+ 'f' => $forum_id,

+ );

+ if ($mode != 'forum')

+ {

+ $s_hidden_fields['t'] = $topic_id;

+ }

+ if ($item_title == '')

+ {

+ $confirm_box_message = 'UNWATCH_' . strtoupper($mode);

+ }

+ else

+ {

+ $confirm_box_message = $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title);

+ }

+ confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields));

+ }

+ $uid = request_var('uid', 0);

+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))

+ if ($uid != $user_id || $_GET['watch'] != $mode)

+ {

+ $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");

+ $message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');

+ trigger_error($message);

+ }

+

+

+ $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");

+ meta_refresh(3, $redirect_url);

+ trigger_error($message);

+ $s_hidden_fields = array(

+ 'uid' => $user->data['user_id'],

+ 'watch' => $mode,

+ 'start' => $start,

+ 'f' => $forum_id,

+ );

+ if ($mode != 'forum')

+ {

+ $s_hidden_fields['t'] = $topic_id;

+ }

+ $confirm_box_message = (($item_title == '') ? 'WATCH_' . strtoupper($mode) : $user->lang('WATCH_' . strtoupper($mode) . '_DETAILED', $item_title));

+ confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields));

+ }

+ if ((isset($_GET['unwatch']) && $_GET['unwatch'] == $mode) || (isset($_GET['watch']) && $_GET['watch'] == $mode))

+*

+* @deprecated

+function get_tables(&$db)

+ if (!class_exists('phpbb_db_tools'))

+ global $phpbb_root_path, $phpEx;

+ require($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);

+ $db_tools = new phpbb_db_tools($db);

+ return $db_tools->sql_list_tables();

+* Removes comments from schema files

+function remove_comments($sql)

+ // Remove /* */ comments (http://ostermiller.org/findcomment.html)

+ $sql = preg_replace('#/\*(.|[\r\n])*?\*/#', "\n", $sql);

+

+ // Remove # style comments

+

+ return $sql;

+/**

+* Creates the output to be stored in a phpBB config.php file

+*

+* @param array $data Array containing the database connection information

+* @param string $dbms The name of the DBAL class to use

+* @param array $load_extensions Array of additional extensions that should be loaded

+* @param bool $debug If the debug constants should be enabled by default or not

+*

+* @return string The output to write to the file

+*/

+function phpbb_create_config_file_data($data, $dbms, $load_extensions, $debug = false)

+{

+ $load_extensions = implode(',', $load_extensions);

+

+ $config_data = "<?php\n";

+ $config_data .= "// phpBB 3.0.x auto-generated configuration file\n// Do not change anything in this file!\n";

+

+ $config_data_array = array(

+ 'dbms' => $dbms,

+ 'dbhost' => $data['dbhost'],

+ 'dbport' => $data['dbport'],

+ 'dbname' => $data['dbname'],

+ 'dbuser' => $data['dbuser'],

+ 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']),

+ 'table_prefix' => $data['table_prefix'],

+ 'acm_type' => 'file',

+ 'load_extensions' => $load_extensions,

+ );

+

+ foreach ($config_data_array as $key => $value)

+ {

+ $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n";

+ }

+

+ $config_data .= "\n@define('PHPBB_INSTALLED', true);\n";

+

+ if ($debug)

+ {

+ $config_data .= "@define('DEBUG', true);\n";

+ $config_data .= "@define('DEBUG_EXTRA', true);\n";

+ }

+ else

+ {

+ $config_data .= "// @define('DEBUG', true);\n";

+ $config_data .= "// @define('DEBUG_EXTRA', true);\n";

+ }

+

+ return $config_data;

+}

+

+ * Adds X-AntiAbuse headers

+ *

+ * @param array $config Configuration array

+ * @param user $user A user object

+ *

+ * @return null

+ */

+ function anti_abuse_headers($config, $user)

+ {

+ $this->headers('X-AntiAbuse: Board servername - ' . mail_encode($config['server_name']));

+ $this->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);

+ $this->headers('X-AntiAbuse: Username - ' . mail_encode($user->data['username']));

+ $this->headers('X-AntiAbuse: User IP - ' . $user->ip);

+ }

+

+ /**

+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);

+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);

+ if (!class_exists('phpbb_error_collector'))

+ {

+ global $phpbb_root_path, $phpEx;

+ include($phpbb_root_path . 'includes/error_collector.' . $phpEx);

+ }

+ $collector = new phpbb_error_collector;

+ $collector->install();

+ $collector->uninstall();

+ $error_contents = $collector->format_errors();

+ if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password']), $config['smtp_auth_method']))

+ global $config, $phpbb_root_path, $phpEx;

+ if (!class_exists('phpbb_error_collector'))

+ {

+ include($phpbb_root_path . 'includes/error_collector.' . $phpEx);

+ }

+

+ $collector = new phpbb_error_collector;

+ $collector->install();

+

+

+ $collector->uninstall();

+ $err_msg = $collector->format_errors();

+ if ($config['check_attachment_content'] && isset($config['mime_triggers']))

+ if ($auth->acl_get('a_'))

+ {

+ $filedata['error'][] = $user->lang['ATTACH_DISK_FULL'];

+ }

+ else

+ {

+ $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];

+ }

+ // Exclude guests, current user and banned users from notifications

+ if (!function_exists('phpbb_get_banned_user_ids'))

+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);

+ $sql_ignore_users = phpbb_get_banned_user_ids();

+ $sql_ignore_users[ANONYMOUS] = ANONYMOUS;

+ $sql_ignore_users[$user->data['user_id']] = $user->data['user_id'];

+ WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . '

+ AND ' . $db->sql_in_set('w.user_id', $sql_ignore_users, true) . '

+ AND w.notify_status = ' . NOTIFY_YES . '

+ $notify_user_id = (int) $row['user_id'];

+ $notify_rows[$notify_user_id] = array(

+ 'user_id' => $notify_user_id,

+

+ // Add users who have been already notified to ignore list

+ $sql_ignore_users[$notify_user_id] = $notify_user_id;

+ AND " . $db->sql_in_set('fw.user_id', $sql_ignore_users, true) . '

+ AND fw.notify_status = ' . NOTIFY_YES . '

+ $notify_user_id = (int) $row['user_id'];

+ $notify_rows[$notify_user_id] = array(

+ 'user_id' => $notify_user_id,

+

+ /*

+ * We also update the forums watch table for this user when we are

+ * sending out a topic notification to prevent sending out another

+ * notification in case this user is also subscribed to the forum

+ * this topic was posted in.

+ * Since an UPDATE query is used, this has no effect on users only

+ * subscribed to the topic (i.e. no row is created) and should not

+ * be a performance issue.

+ */

+ if ($row['notify_type'] === 'topic')

+ {

+ $update_notification['forum'][] = $row['user_id'];

+ }

+ $sql = 'SELECT p.post_id, p.poster_id, p.post_time, p.post_username, u.username, u.user_colour

+ $sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "', topic_time = " . (int) $row['post_time'];

+ if (isset($poll['poll_options']))

+ $poll_start = ($poll['poll_start'] || empty($poll['poll_options'])) ? $poll['poll_start'] : $current_time;

+ if (isset($poll['poll_options']))

+ if ($mode == 'edit')

+/**

+* Handle topic bumping

+* @param int $forum_id The ID of the forum the topic is being bumped belongs to

+* @param int $topic_id The ID of the topic is being bumping

+* @param array $post_data Passes some topic parameters:

+* - 'topic_title'

+* - 'topic_last_post_id'

+* - 'topic_last_poster_id'

+* - 'topic_last_post_subject'

+* - 'topic_last_poster_name'

+* - 'topic_last_poster_colour'

+* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time().

+* @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&amptopic_id=2&ampp=3#p3

+*/

+function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false)

+{

+ global $config, $db, $user, $phpEx, $phpbb_root_path;

+

+ if ($bump_time === false)

+ {

+ $bump_time = time();

+ }

+

+ // Begin bumping

+ $db->sql_transaction('begin');

+

+ // Update the topic's last post post_time

+ $sql = 'UPDATE ' . POSTS_TABLE . "

+ SET post_time = $bump_time

+ WHERE post_id = {$post_data['topic_last_post_id']}

+ AND topic_id = $topic_id";

+ $db->sql_query($sql);

+

+ // Sync the topic's last post time, the rest of the topic's last post data isn't changed

+ $sql = 'UPDATE ' . TOPICS_TABLE . "

+ SET topic_last_post_time = $bump_time,

+ topic_bumped = 1,

+ topic_bumper = " . $user->data['user_id'] . "

+ WHERE topic_id = $topic_id";

+ $db->sql_query($sql);

+

+ // Update the forum's last post info

+ $sql = 'UPDATE ' . FORUMS_TABLE . "

+ SET forum_last_post_id = " . $post_data['topic_last_post_id'] . ",

+ forum_last_poster_id = " . $post_data['topic_last_poster_id'] . ",

+ forum_last_post_subject = '" . $db->sql_escape($post_data['topic_last_post_subject']) . "',

+ forum_last_post_time = $bump_time,

+ forum_last_poster_name = '" . $db->sql_escape($post_data['topic_last_poster_name']) . "',

+ forum_last_poster_colour = '" . $db->sql_escape($post_data['topic_last_poster_colour']) . "'

+ WHERE forum_id = $forum_id";

+ $db->sql_query($sql);

+

+ // Update bumper's time of the last posting to prevent flood

+ $sql = 'UPDATE ' . USERS_TABLE . "

+ SET user_lastpost_time = $bump_time

+ WHERE user_id = " . $user->data['user_id'];

+ $db->sql_query($sql);

+

+ $db->sql_transaction('commit');

+

+ // Mark this topic as posted to

+ markread('post', $forum_id, $topic_id, $bump_time);

+

+ // Mark this topic as read

+ markread('topic', $forum_id, $topic_id, $bump_time);

+

+ // Update forum tracking info

+ if ($config['load_db_lastread'] && $user->data['is_registered'])

+ {

+ $sql = 'SELECT mark_time

+ FROM ' . FORUMS_TRACK_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'] . '

+ AND forum_id = ' . $forum_id;

+ $result = $db->sql_query($sql);

+ $f_mark_time = (int) $db->sql_fetchfield('mark_time');

+ $db->sql_freeresult($result);

+ }

+ else if ($config['load_anon_lastread'] || $user->data['is_registered'])

+ {

+ $f_mark_time = false;

+ }

+

+ if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered'])

+ {

+ // Update forum info

+ $sql = 'SELECT forum_last_post_time

+ FROM ' . FORUMS_TABLE . '

+ WHERE forum_id = ' . $forum_id;

+ $result = $db->sql_query($sql);

+ $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time');

+ $db->sql_freeresult($result);

+

+ update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time, false);

+ }

+

+ add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);

+

+ $url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";

+

+ return $url;

+}

+

+* Delete all PM(s) for a given user and delete the ones without references

+*

+* @param int $user_id ID of the user whose private messages we want to delete

+*

+* @return boolean False if there were no pms found, true otherwise.

+*/

+function phpbb_delete_user_pms($user_id)

+{

+ global $db, $user, $phpbb_root_path, $phpEx;

+

+ $user_id = (int) $user_id;

+

+ if (!$user_id)

+ {

+ return false;

+ }

+

+ // Get PM Information for later deleting

+ // The two queries where split, so we can use our indexes

+ // Part 1: get PMs the user received

+ $sql = 'SELECT msg_id, author_id, folder_id, pm_unread, pm_new

+ FROM ' . PRIVMSGS_TO_TABLE . '

+ WHERE user_id = ' . $user_id;

+ $result = $db->sql_query($sql);

+

+ $undelivered_msg = $undelivered_user = $delete_ids = array();

+ while ($row = $db->sql_fetchrow($result))

+ {

+ if ($row['author_id'] == $user_id && $row['folder_id'] == PRIVMSGS_NO_BOX)

+ {

+ // Undelivered messages

+ $undelivered_msg[] = $row['msg_id'];

+

+ if (isset($undelivered_user[$row['user_id']]))

+ {

+ ++$undelivered_user[$row['user_id']];

+ }

+ else

+ {

+ $undelivered_user[$row['user_id']] = 1;

+ }

+ }

+

+ $delete_ids[(int) $row['msg_id']] = (int) $row['msg_id'];

+ }

+ $db->sql_freeresult($result);

+

+ // Part 2: get PMs the user sent

+ $sql = 'SELECT msg_id, author_id, folder_id, pm_unread, pm_new

+ FROM ' . PRIVMSGS_TO_TABLE . '

+ WHERE author_id = ' . $user_id . '

+ AND folder_id = ' . PRIVMSGS_NO_BOX;

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ if ($row['author_id'] == $user_id && $row['folder_id'] == PRIVMSGS_NO_BOX)

+ {

+ // Undelivered messages

+ $undelivered_msg[] = $row['msg_id'];

+

+ if (isset($undelivered_user[$row['user_id']]))

+ {

+ ++$undelivered_user[$row['user_id']];

+ }

+ else

+ {

+ $undelivered_user[$row['user_id']] = 1;

+ }

+ }

+

+ $delete_ids[(int) $row['msg_id']] = (int) $row['msg_id'];

+ }

+ $db->sql_freeresult($result);

+

+ if (empty($delete_ids))

+ {

+ return false;

+ }

+

+ $db->sql_transaction('begin');

+

+ if (sizeof($undelivered_msg))

+ {

+ $sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '

+ WHERE ' . $db->sql_in_set('msg_id', $undelivered_msg);

+ $db->sql_query($sql);

+ }

+

+ // Reset the user´s pm count to 0

+ if (isset($undelivered_user[$user_id]))

+ {

+ $sql = 'UPDATE ' . USERS_TABLE . '

+ SET user_new_privmsg = 0,

+ user_unread_privmsg = 0

+ WHERE user_id = ' . $user_id;

+ $db->sql_query($sql);

+ unset($undelivered_user[$user_id]);

+ }

+

+ foreach ($undelivered_user as $_user_id => $count)

+ {

+ $sql = 'UPDATE ' . USERS_TABLE . '

+ SET user_new_privmsg = user_new_privmsg - ' . $count . ',

+ user_unread_privmsg = user_unread_privmsg - ' . $count . '

+ WHERE user_id = ' . $_user_id;

+ $db->sql_query($sql);

+ }

+

+ // Delete private message data

+ $sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . "

+ WHERE user_id = $user_id

+ AND " . $db->sql_in_set('msg_id', $delete_ids);

+ $db->sql_query($sql);

+

+ // Now we have to check which messages we can delete completely

+ $sql = 'SELECT msg_id

+ FROM ' . PRIVMSGS_TO_TABLE . '

+ WHERE ' . $db->sql_in_set('msg_id', $delete_ids);

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ unset($delete_ids[$row['msg_id']]);

+ }

+ $db->sql_freeresult($result);

+

+ if (!empty($delete_ids))

+ {

+ // Check if there are any attachments we need to remove

+ if (!function_exists('delete_attachments'))

+ {

+ include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);

+ }

+

+ delete_attachments('message', $delete_ids, false);

+

+ $sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '

+ WHERE ' . $db->sql_in_set('msg_id', $delete_ids);

+ $db->sql_query($sql);

+ }

+

+ // Set the remaining author id to anonymous

+ // This way users are still able to read messages from users being removed

+ $sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . '

+ SET author_id = ' . ANONYMOUS . '

+ WHERE author_id = ' . $user_id;

+ $db->sql_query($sql);

+

+ $sql = 'UPDATE ' . PRIVMSGS_TABLE . '

+ SET author_id = ' . ANONYMOUS . '

+ WHERE author_id = ' . $user_id;

+ $db->sql_query($sql);

+

+ $db->sql_transaction('commit');

+

+ return true;

+}

+

+/**

+ pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message'], $data['msg_id']);

+function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id)

+ // Exclude guests, current user and banned users from notifications

+ if (!function_exists('phpbb_get_banned_user_ids'))

+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);

+ $banned_users = phpbb_get_banned_user_ids(array_keys($recipients));

+ $recipients = array_diff(array_keys($recipients), $banned_users);

+ WHERE ' . $db->sql_in_set('user_id', $recipients);

+ 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox",

+ 'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=view&p=$msg_id",

+ ));

+

+ // retrieve option lang data if necessary

+ if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']]))

+ {

+ $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false);

+ }

+

+ if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value]))

+ {

+ return 'FIELD_INVALID_VALUE';

+ }

+

+ case 'FIELD_INVALID_VALUE':

+ // If a dropdown field is required, users

+ // cannot choose the "no value" option.

+ // They must choose one of the other options.

+ // Therefore, here we treat a value equal to

+ // the "no value" as a lack of value, i.e. NULL.

+ if ($value == $ident_ary['data']['field_novalue'] && $ident_ary['data']['field_required'])

+ // checkbox - set the value to "true" if it has been set to 1

+ $value = (isset($_REQUEST[$profile_row['field_ident']]) && request_var($profile_row['field_ident'], $default_value) == 1) ? true : ((!isset($user->profile_fields[$user_ident]) || $preview) ? $default_value : $user->profile_fields[$user_ident]);

+ // Count the number of ! occurrences (not allowed in vars)

+ // Try to find out whether we have a IPv4 or IPv6 (control) connection

+ if (function_exists('stream_socket_get_name'))

+ $socket_name = stream_socket_get_name($this->connection, true);

+ $server_ip = substr($socket_name, 0, strrpos($socket_name, ':'));

+ if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip))

+ // Passive mode

+ $this->_send_command('PASV', '', false);

+

+ if (!$ip_port = $this->_check_command(true))

+ {

+ return false;

+ }

+

+ // open the connection to start sending the file

+ if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp))

+ {

+ // bad ip and port

+ return false;

+ }

+

+ $temp = explode(',', $temp[0]);

+ $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];

+ $server_port = $temp[4] * 256 + $temp[5];

+ }

+ else

+ {

+ // Extended Passive Mode - RFC2428

+ $this->_send_command('EPSV', '', false);

+

+ if (!$epsv_response = $this->_check_command(true))

+ {

+ return false;

+ }

+

+ // Response looks like "229 Entering Extended Passive Mode (|||12345|)"

+ // where 12345 is the tcp port for the data connection

+ if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match))

+ {

+ return false;

+ }

+ $server_port = (int) $match[1];

+

+ // fsockopen expects IPv6 address in square brackets

+ $server_ip = "[$server_ip]";

+ var $disallowed_content = array('body', 'head', 'html', 'img', 'plaintext', 'a href', 'pre', 'script', 'table', 'title');

+ $this->disallowed_content = array_diff($disallowed_content, array(''));

+ $remote_max_filesize = $this->max_filesize;

+ if (!$remote_max_filesize)

+ {

+ $max_filesize = @ini_get('upload_max_filesize');

+

+ if (!empty($max_filesize))

+ {

+ $unit = strtolower(substr($max_filesize, -1, 1));

+ $remote_max_filesize = (int) $max_filesize;

+

+ switch ($unit)

+ {

+ case 'g':

+ $remote_max_filesize *= 1024;

+ // no break

+ case 'm':

+ $remote_max_filesize *= 1024;

+ // no break

+ case 'k':

+ $remote_max_filesize *= 1024;

+ // no break

+ }

+ }

+ }

+

+ if ($remote_max_filesize && $filesize > $remote_max_filesize)

+ $max_filesize = get_formatted_filesize($remote_max_filesize, false);

+ if ($remote_max_filesize && $length && $length > $remote_max_filesize)

+ $max_filesize = get_formatted_filesize($remote_max_filesize, false);

+ // Clean the private messages tables from the user

+ if (!function_exists('phpbb_delete_user_pms'))

+ include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);

+ phpbb_delete_user_pms($user_id);

+ trigger_error('LENGTH_BAN_INVALID', E_USER_WARNING);

+ trigger_error('NO_USER_SPECIFIED', E_USER_WARNING);

+ trigger_error('NO_USERS', E_USER_WARNING);

+ trigger_error('NO_IPS_DEFINED', E_USER_WARNING);

+ trigger_error('NO_EMAILS_DEFINED', E_USER_WARNING);

+ trigger_error('NO_MODE', E_USER_WARNING);

+* Validate Language Pack ISO Name

+*

+* Tests whether a language name is valid and installed

+*

+* @param string $lang_iso The language string to test

+*

+* @return bool|string Either false if validation succeeded or

+* a string which will be used as the error message

+* (with the variable name appended)

+*/

+function validate_language_iso_name($lang_iso)

+{

+ global $db;

+

+ $sql = 'SELECT lang_id

+ FROM ' . LANG_TABLE . "

+ WHERE lang_iso = '" . $db->sql_escape($lang_iso) . "'";

+ $result = $db->sql_query($sql);

+ $lang_id = (int) $db->sql_fetchfield('lang_id');

+ $db->sql_freeresult($result);

+

+ return ($lang_id) ? false : 'WRONG_DATA';

+}

+

+/**

+ if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY')

+ // Password empty or no password complexity required.

+ // No break statements below ...

+ // We require strong passwords in case pass_complex is not set or is invalid

+ default:

+

+ // Require mixed case letters, numbers and symbols

+ case 'PASS_TYPE_SYMBOL':

+ $chars[] = $sym;

+ // Require mixed case letters and numbers

+ // Require mixed case letters

+ case 'PASS_TYPE_CASE':

+* Verifies whether a style ID corresponds to an active style.

+*

+* @param int $style_id The style_id of a style which should be checked if activated or not.

+* @return boolean

+*/

+function phpbb_style_is_active($style_id)

+{

+ global $db;

+

+ $sql = 'SELECT style_active

+ FROM ' . STYLES_TABLE . '

+ WHERE style_id = '. (int) $style_id;

+ $result = $db->sql_query($sql);

+

+ $style_is_active = (bool) $db->sql_fetchfield('style_active');

+ $db->sql_freeresult($result);

+

+ return $style_is_active;

+}

+

+/**

+ $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], (isset($config['mime_triggers']) ? explode('|', $config['mime_triggers']) : false));

+/**

+* Gets user ids of currently banned registered users.

+*

+* @param array $user_ids Array of users' ids to check for banning,

+* leave empty to get complete list of banned ids

+* @return array Array of banned users' ids if any, empty array otherwise

+*/

+function phpbb_get_banned_user_ids($user_ids = array())

+{

+ global $db;

+

+ $sql_user_ids = (!empty($user_ids)) ? $db->sql_in_set('ban_userid', $user_ids) : 'ban_userid <> 0';

+

+ // Get banned User ID's

+ // Ignore stale bans which were not wiped yet

+ $banned_ids_list = array();

+ $sql = 'SELECT ban_userid

+ FROM ' . BANLIST_TABLE . "

+ WHERE $sql_user_ids

+ AND ban_exclude <> 1

+ AND (ban_end > " . time() . '

+ OR ban_end = 0)';

+ $result = $db->sql_query($sql);

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $user_id = (int) $row['ban_userid'];

+ $banned_ids_list[$user_id] = $user_id;

+ }

+ $db->sql_freeresult($result);

+

+ return $banned_ids_list;

+}

+

+ $log_count = false;

+ $start = view_log('mod', $log_data, $log_count, $config['topics_per_page'], $start, $forum_list, $topic_id, 0, $sql_where, $sql_sort, $keywords);

+ 'U_POST_ACTION' => $this->u_action . "&amp;$u_sort_param$keywords_param&amp;start=$start",

+ $check_acl = false;

+ $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_acl, true);

+

+ if ($forum_id === false)

+ {

+ return;

+ }

+

+ foreach ($topic_data as $topic_id => $topic_row)

+ {

+ if (!isset($search_type) && $topic_row['enable_indexing'])

+ // Select the search method and do some additional checks to ensure it can actually be utilised

+ $search_type = basename($config['search_type']);

+ if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))

+ {

+ trigger_error('NO_SUCH_SEARCH_MODULE');

+ }

+ if (!class_exists($search_type))

+ {

+ include("{$phpbb_root_path}includes/search/$search_type.$phpEx");

+ }

+ $error = false;

+ $search = new $search_type($error);

+ $search_mode = 'post';

+

+ if ($error)

+ {

+ trigger_error($error);

+ }

+ }

+ else if (!isset($search_type) && !$topic_row['enable_indexing'])

+ $search_type = false;

+ if (!empty($search_type))

+ $search->index($search_mode, $new_post_id, $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id);

+ $start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort, $keywords);

+ $log_count = false;

+ if (!empty($log_data))

+ if ($auth->acl_get('m_report', $post_info['forum_id']))

+ 'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),

+ unset($_REQUEST['confirm_key']);

+ unset($_POST['confirm_key']);

+ $report['report_text'] = make_clickable(bbcode_nl2br($report['report_text']));

+ // Resync Topic?

+ if ($action == 'resync')

+ {

+ if (!function_exists('mcp_resync_topics'))

+ {

+ include($phpbb_root_path . 'includes/mcp/mcp_forum.' . $phpEx);

+ }

+ mcp_resync_topics(array($topic_id));

+ }

+

+ 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id'])),

+ 'S_POST_UNAPPROVED' => (!$row['post_approved'] && $auth->acl_get('m_approve', $topic_info['forum_id'])),

+ 'S_CAN_SYNC' => $auth->acl_get('m_', $topic_info['forum_id']),

+ get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src);

+ get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src);

+ function bbcode_init($allow_custom_bbcode = true)

+ // To parse multiline URL we enable dotall option setting only for URL text

+ // but not for link itself, thus [url][/url] is not affected.

+ 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")),

+ 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:=&quot;(.*?)&quot;)?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")),

+ 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")),

+ 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->bbcode_strong('\$1')")),

+ 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")),

+ 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")),

+ 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")),

+ 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uise' => "\$this->bbcode_size('\$1', '\$2')")),

+ 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uise' => "\$this->bbcode_color('\$1', '\$2')")),

+ 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uise' => "\$this->bbcode_underline('\$1')")),

+ 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uise' => "\$this->bbcode_parse_list('\$0')")),

+ 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uise' => "\$this->validate_email('\$1', '\$2')")),

+ 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#uie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')"))

+ if (!$allow_custom_bbcode)

+ {

+ return;

+ }

+

+ // 'u' modifier has been added to correctly parse smilies within unicode strings

+ // For details: http://tracker.phpbb.com/browse/PHPBB3-10117

+ $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#u', $this->message, $matches);

+ // 'u' modifier has been added to correctly parse smilies within unicode strings

+ // For details: http://tracker.phpbb.com/browse/PHPBB3-10117

+

+ $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#u' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#u'), $replace, $this->message));

+ $this->destroy_cache(array(), array_unique($author_ids));

+ $this->stats['total_posts'] = empty($this->stats) ? 0 : $db->get_estimated_row_count(POSTS_TABLE);

+ $this->destroy_cache(array_unique($word_texts), array_unique($author_ids));

+ $this->stats['total_words'] = $db->get_estimated_row_count(SEARCH_WORDLIST_TABLE);

+ $this->stats['total_matches'] = $db->get_estimated_row_count(SEARCH_WORDMATCH_TABLE);