<?php

* auth.php

/*

$type's accepted (pre-pend with AUTH_):

ATTACH

$types pending (for future versions, pre-pend with AUTH_):

Possible options ($type/forum_id combinations):

the single result returned

* If you set type to AUTH_ALL and specify a forum_id an array of all auth types

* If you provide a forum_id a specific lookup on that forum will be done

* If you set forum_id to AUTH_LIST_ALL and specify a type an array listing the

* If you set forum_id to AUTH_LIST_ALL and type to AUTH_ALL a multidimensional

array containing the auth permissions for all types and all forums for that

user is returned

{

$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "WHERE a.forum_id = $forum_id" : "";

$forum_match_sql";

$af_result = $db->sql_query($sql);

{

$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND a.forum_id = $forum_id" : "";

( au.group_id = ug.group_id

AND g.group_id <> 0 )

)

$forum_match_sql";*/

$forum_match_sql";

$a_result = $db->sql_query($sql);

if(!$a_result)

$auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0;

$auth_user[$key . '_type'] = $lang['Users_granted_access'];

break;

case AUTH_MOD:

$auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;

$auth_user[$key . '_type'] = $lang['Moderators'];

break;

case AUTH_ADMIN:

$auth_user[$key] = $is_admin;

$auth_user[$key . '_type'] = $lang['Administrators'];

$auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Users_granted_access'];

break;

case AUTH_MOD:

$auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Moderators'];

break;

case AUTH_ADMIN:

$auth_user[$f_forum_id][$key] = $is_admin;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Administrators'];

if(!$single_user)

{

$single_user = $u_access[$j]['group_single_user'];

$result = 0;

switch($type)

{

{

$auth_user = $is_admin;

}

return $auth_user;

}

*

***************************************************************************/

define("BBCODE_UID_LEN", 10);

/**

*

***************************************************************************/

//

// Constants

//

<?php

* db.php

switch($dbms)

{

// Make the database connection.

$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);

{

message_die(CRITICAL_ERROR, "Could not connect to the database");

}

***************************************************************************/

//

// The emailer class has support for attaching files, that isn't implemented

// in the 2.0 release but we can probable find some way of using it in a future

*

***************************************************************************/

/***************************************************************************

*

* This program is free software; you can redistribute it and/or modify

function make_forum_box($box_name, $default_forum = -1)

{

$limit_forums = "";

$sql = "SELECT forum_id, forum_name

}

return($boxstring);

//

// Initialise user settings on page load

function init_userprefs($userdata)

function validate_email($email)

{

global $db;

if($email != "")

{

$sql = "SELECT ban_email

}

}

$sql = "SELECT user_email

WHERE user_email = '" . $email . "'";

if(!$result = $db->sql_query($sql))

{

// So we have to use two queries

case 'mysql':

$sql_users = "SELECT u.username, g.group_name

OR LOWER(g.group_name) = '" . strtolower($username) . "' )";

$sql_disallow = "SELECT disallow_username

FROM " . DISALLOW_TABLE . "

default:

$sql = "SELECT u.username, g.group_name

OR LOWER(g.group_name) = '" . strtolower($username) . "' )

SELECT disallow_username, NULL

FROM " . DISALLOW_TABLE . "

WHERE disallow_username = '$username'";

}

{

global $db;

{

case 'forum':

$sql = "SELECT max(p.post_id) AS last_post FROM ".POSTS_TABLE." p, ".TOPICS_TABLE." t WHERE p.forum_id = $id AND p.topic_id = t.topic_id AND t.topic_status <> ".TOPIC_MOVED;

{

$last_post = 0;

}

$sql = "SELECT count(post_id) AS total FROM ".POSTS_TABLE." WHERE forum_id = $id";

if(!$result = $db->sql_query($sql))

{

{

$total_posts = $rowset[0]['total'];

}

$sql = "SELECT count(topic_id) AS total FROM ".TOPICS_TABLE." WHERE forum_id = $id";

if(!$result = $db->sql_query($sql, $db))

{

{

$total_topics = $rowset[0]['total'];

}

$sql = "UPDATE ".FORUMS_TABLE." SET forum_last_post_id = '$last_post', forum_posts = $total_posts, forum_topics = $total_topics WHERE forum_id = $id";

if(!$result = $db->sql_query($sql))

{

{

$last_post = $row[0]["last_post"];

}

$sql = "SELECT count(post_id) AS total FROM ".POSTS_TABLE." WHERE topic_id = $id";

if(!$result = $db->sql_query($sql))

{

global $db, $board_config, $lang;

$sql = "SELECT themes_id, themes_name

WHERE themes_name LIKE '" . $board_config['default_template'] . "-%'

ORDER BY themes_name";

if($result = $db->sql_query($sql))

}

else

{

}

}

else

if(empty($smilies))

{

FROM " . SMILIES_TABLE;

if($result = $db->sql_query($sql))

{

<?php

* message.php

//

// This function gets called to output any message or error

//

// $msg_code takes one of four constant values:

//

// board configuration data is available

//

// CRITICAL_ERROR -> Used whenever a DB connection cannot be

// configuration data. Shouldn't be used in general

// no templates are used)

//

{

global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path;

global $userdata, $user_ip, $session_length;

*

***************************************************************************/

define(HEADER_INC, TRUE);

//

else if($phpver > "4.0")

{

if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip'))

if(extension_loaded("zlib"))

{

$do_gzip_compress = TRUE;

ob_start();

}

}

}

// Get basic (usernames + totals) online

// situation

//

FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s

WHERE u.user_id = s.session_user_id

AND s.session_time >= ".( time() - 300 );

//

if($userdata['session_logged_in'])

{

AND privmsgs_to_userid = " . $userdata['user_id'];

$result_pm = $db->sql_query($sql);

if(!$result_pm)

"L_PROFILE" => $lang['Profile'],

"L_SEARCH" => $lang['Search'],

"L_PRIVATEMSGS" => $lang['Private_msgs'],

"L_MEMBERLIST" => $lang['Memberlist'],

"L_FAQ" => $lang['FAQ'],

"L_USERGROUPS" => $lang['Usergroups'],

"L_NEWPOSTS" => $lang['New_posts'],

"L_NONEWPOSTS_HOT" => $lang['No_new_posts_hot'],

"L_NEWPOSTS_HOT" => $lang['New_posts_hot'],

"L_POSTED" => $lang['Posted'],

"L_JOINED" => $lang['Joined'],

"L_AUTO_LOGIN" => $lang['Log_me_in'],

"T_TR_COLOR1" => "#".$theme['tr_color1'],

"T_TR_COLOR2" => "#".$theme['tr_color2'],

"T_TR_COLOR3" => "#".$theme['tr_color3'],

"T_TH_COLOR1" => "#".$theme['th_color1'],

"T_TH_COLOR2" => "#".$theme['th_color2'],

"T_TH_COLOR3" => "#".$theme['th_color3'],

"T_TD_COLOR1" => "#".$theme['td_color1'],

"T_TD_COLOR2" => "#".$theme['td_color2'],

"T_TD_COLOR3" => "#".$theme['td_color3'],

"T_FONTFACE1" => $theme['fontface1'],

"T_FONTFACE2" => $theme['fontface2'],

"T_FONTFACE3" => $theme['fontface3'],

"T_FONTCOLOR1" => "#".$theme['fontcolor1'],

"T_FONTCOLOR2" => "#".$theme['fontcolor2'],

"T_FONTCOLOR3" => "#".$theme['fontcolor3'],

"T_SPAN_CLASS3" => $theme['span_class3'])

);

*

***************************************************************************/

//

// Show the overall footer.

//

//

// Borrowed from php.net!

//

echo pack("V", $gzip_crc);

echo pack("V", $gzip_size);

}

<?php

*

* $Id$

//

// entry into the database.

//

function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)

}

}

{

$message = str_replace(substr($message, $start, $length), htmlspecialchars(substr($message, $start, $length)), $message);

}

<?php

/***************************************************************************

* prune.php

* $Id$

function prune($forum_id, $prune_date)

{

global $db, $lang;

AND p.post_id = t.topic_last_post_id";

// Do we want to delete everything in the forum?

if ($prune_date != FALSE)

{

}

if(!$result_topics = $db->sql_query($sql))

{

}

$pruned_topics = $db->sql_numrows($result_topics);

AND t.topic_type = " . POST_NORMAL;

// Do we want to delete everything in the forum?

if ($prune_date != FALSE)

{

}

if(!$result_posts = $db->sql_query($sql))

{

}

$sql_post_text = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE " . $sql_post_text;

if(!$result = $db->sql_query($sql_post_text, BEGIN_TRANSACTION))

{

}

}

WHERE forum_id = $forum_id";

if(!$result = $db->sql_query($sql))

{

$one_day = 60 * 60 * 24;

WHERE forum_id = $forum_id";

if(!$result = $db->sql_query($sql))

{

message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__);

*

***************************************************************************/

//

// session_begin()

//

***************************************************************************/

/****************************************************************************

* This script should be included if the admin has configured the board for

* smtp mail instead of standard sendmail. It includes a function smtpmail

* Description: This funtion processes the smtp server's response codes

* Usage: This function is only used interanally by the smtpmail

* function. It takes two arguments the first a socket pointer

* response code you are looking for.

****************************************************************************/

function server_parse($socket, $response)

/****************************************************************************

* Function: smtpmail

* function, that uses smtp.

* Usage: The usage for this function is identical to that of php's

* built in mail function.

****************************************************************************/

{

// For now I'm using an array based $smtp_vars to hold the smtp server

// info, but it should probably change to $board_config...

// $board_config['smtp_port'].

global $board_config;

//

// Fix any bare linefeeds in the message to make it RFC821 Compliant.

//

if(sizeof($headers) > 1)

{

$headers = join("\r\n", $headers);

else

{

$headers = $headers[0];

}

$headers = chop($headers);

$headers = ereg_replace("[^\r]\n", "\r\n", $headers);

}

if(trim($mail_to) == "")

message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);

}

server_parse($socket, "220");

// Send the RFC821 specified HELO.

fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n");

// From this point onward most server response codes should be 250

server_parse($socket, "250");

// Specify who the mail is from....

fputs($socket, "MAIL FROM: $email_from\r\n");

server_parse($socket, "250");

server_parse($socket, "250");

$to_header .= "<$mail_to_address>, ";

}

// Ok now we tell the server we are ready to start sending data

fputs($socket, "DATA\r\n");

// This is the last response code we look for until the end of the message.

server_parse($socket, "354");

// Now any custom headers....

fputs($socket, "$headers\r\n\r\n");

// Ok now we are ready for the message...

fputs($socket, "$message\r\n");

<?php

* template.inc

* $Id$

/**

* Template class. By Nathan Codding of the phpBB group.

* The interface was originally inspired by PHPLib templates,

* and the template file formats are quite similar.

*/

class Template {

// if it's a root-level variable, it'll be like this:

// $this->_tpldata[.][0][varname] == value

var $_tpldata = array();

// Hash of filenames for each template handle.

var $files = array();

// Root template directory.

var $root = "";

// this will hash handle names to the compiled code for that handle.

var $compiled_code = array();

// This will hold the uncompiled code for that handle.

var $uncompiled_code = array();

/**

* Constructor. Simply sets the root dir.

*/

{

$this->set_rootdir($root);

}

/**

* Sets the template root directory for this Template object.

{

{

return false;

}

$this->root = $dir;

return true;

}

* Sets the template filenames for handles. $filename_array

* should be a hash of handle => filename pairs.

*/

{

if (!is_array($filename_array))

{

}

reset($filename_array);

{

$this->files[$handle] = $this->make_filename($filename);

}

return true;

}

/**

* Load the file for the handle, compile the file,

* and run the compiled code. This will print out

{

if (!$this->loadfile($handle))

{

}

// actually compile the template now.

if (!isset($this->compiled_code[$handle]) || empty($this->compiled_code[$handle]))

{

// Actually compile the code now.

$this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]);

}

// Run the compiled code.

eval($this->compiled_code[$handle]);

return true;

}

/**

* Inserts the uncompiled code for $handle as the

* value of $varname in the root-level. This can be used

* template.

* Note that all desired assignments to the variables in $handle should be done

* BEFORE calling this function.

{

if (!$this->loadfile($handle))

{

}

// Compile it, with the "no echo statements" option on.

$code = $this->compile($this->uncompiled_code[$handle], true);

// turn it into a variable assignment.

$code = '$_str = \'' . $code . '\';';

// evaluate the variable assignment.

eval($code);

// assign the value of the generated variable to the given varname.

$this->assign_var($varname, $_str);

return true;

}

/**

* Block-level variable assignment. Adds a new block iteration with the given

* iteration.

*/

function assign_block_vars($blockname, $vararray)

{

if (strstr($blockname, '.'))

{

$blocks = explode('.', $blockname);

$blockcount = sizeof($blocks) - 1;

$str = '$this->_tpldata';

// We're adding a new iteration to this block with the given

// variable assignments.

$str .= '[\'' . $blocks[$blockcount] . '.\'][] = $vararray;';

// Now we evaluate this assignment we've built up.

eval($str);

}

// we were given.

$this->_tpldata[$blockname . '.'][] = $vararray;

}

return true;

}

/**

* Root-level variable assignment. Adds to current assignments, overriding

* any existing variable assignment with the same name.

reset ($vararray);

while (list($key, $val) = each($vararray))

{

}

return true;

}

/**

* Root-level variable assignment. Adds to current assignments, overriding

* any existing variable assignment with the same name.

function assign_var($varname, $varval)

{

$this->_tpldata['.'][0][$varname] = $varval;

}

* Generates a full path+filename for the given filename, which can either

* be an absolute name, or a name relative to the rootdir for this Template

* object.

*/

{

// Check if it's an absolute or relative path.

if (substr($filename, 0, 1) != '/')

{

$filename = $this->root . '/' . $filename;

}

if (!file_exists($filename))

{

die("Template->make_filename(): Error - file $filename does not exist");

}

return $filename;

}

/**

* If not already done, load the file for the given handle and populate

* the uncompiled_code[] hash with its code. Do not compile.

*/

{

// If the file for this handle is already loaded and compiled, do nothing.

if (isset($this->uncompiled_code[$handle]) && !empty($this->uncompiled_code[$handle]))

}

// If we don't have a file assigned to this handle, die.

{

die("Template->loadfile(): No file specified for handle $handle");

}

$filename = $this->files[$handle];

$str = implode("", @file($filename));

{

die("Template->loadfile(): File $filename for handle $handle is empty");

}

$this->uncompiled_code[$handle] = $str;

return true;

}

/**

* Compiles the given string of code, and returns

* the result in a string.

* If "do_not_echo" is true, the returned code will not be directly

* for use in assign_code_from_handle().

*/

function compile($code, $do_not_echo = false)

// replace \ with \\ and then ' with \'.

$code = str_replace('\\', '\\\\', $code);

$code = str_replace('\'', '\\\'', $code);

// change template varrefs into PHP varrefs

// This one will handle varrefs WITH namespaces

$varrefs = array();

preg_match_all('#\{(([a-z0-9\-_]+?\.)+?)([a-z0-9\-_]+?)\}#is', $code, $varrefs);

$namespace = $varrefs[1][$i];

$varname = $varrefs[3][$i];

$new = $this->generate_block_varref($namespace, $varname);

$code = str_replace($varrefs[0][$i], $new, $code);

}

// This will handle the remaining root-level varrefs

$code = preg_replace('#\{([a-z0-9\-_]*?)\}#is', '\' . $this->_tpldata[\'.\'][0][\'\1\'] . \'', $code);

// Break it up into lines.

$code_lines = explode("\n", $code);

$block_nesting_level = 0;

$block_names = array();

$block_names[0] = ".";

// Second: prepend echo ', append ' . "\n"; to each line.

$line_count = sizeof($code_lines);

for ($i = 0; $i < $line_count; $i++)

else

{

// This block is nested.

// Generate a namespace string for this block.

$namespace = implode('.', $block_names);

// strip leading period from root level..

$namespace = substr($namespace, 2);

// current indices of all parent blocks.

$varref = $this->generate_block_data_ref($namespace, false);

// Create the for loop code to iterate over this block.

$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';

$code_lines[$i] .= "\n" . '{';

}

// We have the end of a block.

unset($block_names[$block_nesting_level]);

$block_nesting_level--;

else

{

// This block is nested.

// Generate a namespace string for this block.

$namespace = implode('.', $block_names);

// strip leading period from root level..

$namespace = substr($namespace, 2);

// current indices of all parent blocks.

$varref = $this->generate_block_data_ref($namespace, false);

// Create the for loop code to iterate over this block.

$code_lines[$i] = '$_' . $m[1] . '_count = sizeof(' . $varref . ');';

$code_lines[$i] .= "\n" . 'for ($_' . $m[1] . '_i = 0; $_' . $m[1] . '_i < $_' . $m[1] . '_count; $_' . $m[1] . '_i++)';

$code_lines[$i] .= "\n" . '{';

}

}

else if (preg_match('#<!-- END (.*?) -->#', $code_lines[$i], $m))

}

}

}

// Bring it back into a single string of lines of code.

return $code ;

}

/**

* Generates a reference to the given variable inside the given (possibly nested)

* block namespace. This is a string of the form:

{

// Strip the trailing period.

$namespace = substr($namespace, 0, strlen($namespace) - 1);

// Get a reference to the data block for this namespace.

$varref = $this->generate_block_data_ref($namespace, true);

// Prepend the necessary code to stick this in an echo line.

$varref = '\' . ' . $varref;

// Append the variable reference.

$varref .= '[\'' . $varname . '\'] . \'';

return $varref;

}

/**

* (possibly nested) block namespace. This is a string of the form:

* $this->_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['$childN']

*

// Build up the string with everything but the last child.

for ($i = 0; $i < $blockcount; $i++)

{

}

// Add the block reference for the last child.

$varref .= '[\'' . $blocks[$blockcount] . '.\']';

{

$varref .= '[$_' . $blocks[$blockcount] . '_i]';

}

return $varref;

}