+<?php

+

+// IP regular expressions

+

+$dec_octet = '(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])';

+$h16 = '[\dA-F]{1,4}';

+$ipv4 = "(?:$dec_octet\.){3}$dec_octet";

+$ls32 = "(?:$h16:$h16|$ipv4)";

+

+$ipv6_construct = array(

+ array(false, '', '{6}', $ls32),

+ array(false, '::', '{5}', $ls32),

+ array('', ':', '{4}', $ls32),

+ array('{1,2}', ':', '{3}', $ls32),

+ array('{1,3}', ':', '{2}', $ls32),

+ array('{1,4}', ':', '', $ls32),

+ array('{1,5}', ':', false, $ls32),

+ array('{1,6}', ':', false, $h16),

+ array('{1,7}', ':', false, '')

+);

+

+$ipv6 = '(?:';

+foreach ($ipv6_construct as $ip_type)

+{

+ $ipv6 .= '(?:';

+ if ($ip_type[0] !== false)

+ {

+ $ipv6 .= "(?:$h16:)" . $ip_type[0];

+ }

+ $ipv6 .= $ip_type[1];

+ if ($ip_type[2] !== false)

+ {

+ $ipv6 .= "(?:$h16:)" . $ip_type[2];

+ }

+ $ipv6 .= $ip_type[3] . ')|';

+}

+$ipv6 = substr($ipv6, 0, -1) . ')';

+

+echo 'IPv4: ' . $ipv4 . "<br />\nIPv6: " . $ipv6 . "<br />\n";

+

+// URL regular expressions

+

+$pct_encoded = "%[\dA-F]{2}";

+$unreserved = 'a-z0-9\-._~';

+$sub_delims = '!$&\'()*+,;=';

+$pchar = "(?:[$unreserved$sub_delims:@|]|$pct_encoded)"; // rfc: no "|"

+

+$scheme = '[a-z][a-z\d+\-.]*';

+$reg_name = "(?:[$unreserved$sub_delims|]|$pct_encoded)+"; // rfc: * instead of + and no "|"

+$authority = "(?:(?:[\w\-.~!$&'()*+,;=:]|$pct_encoded)*@){0,1}(?:$reg_name|$ipv4|\[$ipv6\])[:]?\d*";

+$userinfo = "(?:(?:[$unreserved$sub_delims:]|$pct_encoded))*";

+$ipv4_simple = '[0-9.]+';

+$ipv6_simple = '\[[a-z0-9.:]+\]';

+$host = "(?:$reg_name|$ipv4_simple|$ipv6_simple)";

+$port = '\d*';

+$authority = "(?:$userinfo@)?$host(?::$port)?";

+$segment = "$pchar*";

+$path_abempty = "(?:/$segment)*";

+$hier_part = "/{2}$authority$path_abempty";

+$query = "(?:[$unreserved$sub_delims:@/?|]|$pct_encoded)*"; // pchar | "/" | "?", rfc: no "|"

+$fragment = $query;

+

+$url = "$scheme:$hier_part(?:\?$query)?(?:\#$fragment)?";

+echo 'URL: ' . $url . "<br />\n";

+

+// no scheme, shortened authority, but host has to start with www.

+$www_url = "www\.$reg_name(?::$port)?$path_abempty(?:\?$query)?(?:\#$fragment)?";

+echo 'www.URL: ' . $www_url . "<br />\n";

+

+// no schema and no authority

+$relative_url = "$segment$path_abempty(?:\?$query)?(?:\#$fragment)?";

+echo 'relative URL: ' . $relative_url . "<br />\n";

+

+?> \ No newline at end of file

+ // evaluates to true as soon as acl_getf_global is true for one option

+ if ($this->acl_getf_global($check_option))

+ {

+ return true;

+ }

+ return false;

+ // as soon as the user has any permission we're done so return true

+ if ((!isset($this->cache[$f][$opt])) ? $this->acl_get($opt, $f) : $this->cache[$f][$opt])

+ return true;

+ return $this->acl_get($opt);

+ return false;

+ $magic_url_match[] = '#(^|[\n\t (])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url') . ')#ie';

+ $magic_url_replace[] = "'\$1<!-- l --><a href=\"\$2/' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '\">' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '</a><!-- l -->'";

+ //$magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('url') . ')([[ \t\n\r<"\'\)]|&(?!lt;|quot;))*#ie';

+ $magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('url') . ')#ie';

+ $magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('www_url') . ')#ie';

+* Use with / as delimiter for email mode and # for url modes

+* mode can be: email|bbcode_htm|url|www_url|relative_url

+

+ case 'url':

+ // generated with regex generation file in the develop folder

+ return "[a-z][a-z\d+\-.]*:/{2}(?:(?:(?:[a-z0-9\-._~!$&'()*+,;=:]|%[\dA-F]{2}))*@)?(?:(?:[a-z0-9\-._~!$&'()*+,;=|]|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?";

+ break;

+

+ case 'www_url':

+ return "www\.(?:[a-z0-9\-._~!$&'()*+,;=|]|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?";

+ break;

+

+ case 'relative_url':

+ return "(?:[a-z0-9\-._~!$&'()*+,;=:@|]|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]|%[\dA-F]{2})*)?";

+ break;

+ *

+ * @param string $var1 optional url parameter for url bbcode: [url(=$var1)]$var2[/url]

+ * @param string $var2 url bbcode content: [url(=$var1)]$var2[/url]

+ $valid = false;

+

+ $url = str_replace(' ', '%20', $url);

+

+ // Checking urls

+ if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) ||

+ preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) ||

+ preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url))

+ $valid = true;

+ // if there is no scheme, then add http schema

+ if (!preg_match('#^[a-z][a-z\d+\-.]*:/{2}#i', $url))

+ // Is this a link to somewhere inside this board? If so then remove the session id from the url

+ $alter = array();

+

+ if (version_compare($db->mysql_version, '4.1.3', '>='))

+ {

+ $alter[] = 'MODIFY post_subject varchar(100) COLLATE utf8_unicode_ci DEFAULT \'\' NOT NULL';

+ }

+ $alter[] = 'ADD FULLTEXT (post_subject)';

+ if (version_compare($db->mysql_version, '4.1.3', '>='))

+ {

+ $alter[] = 'MODIFY post_text mediumtext COLLATE utf8_unicode_ci NOT NULL';

+ }

+ $alter[] = 'ADD FULLTEXT (post_text)';

+ }

+

+ if (sizeof($alter))

+ {

+ $db->sql_query('ALTER TABLE ' . POSTS_TABLE . ' ' . implode(', ', $alter));

+ $alter = array();

+

+ $alter[] = 'DROP INDEX post_subject';

+ $alter[] = 'DROP INDEX post_text';

+ }

+

+ if (sizeof($alter))

+ {

+ $db->sql_query('ALTER TABLE ' . POSTS_TABLE . ' ' . implode(', ', $alter));

+ $ipv4 = '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#';

+ $ipv6 = '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){5}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:))$#i';

+ add_log('critical', 'LOG_IP_BROWSER_FORWARDED_CHECK', $u_ip, $s_ip, $u_browser, $s_browser, $u_forwarded_for, $s_forwarded_for);