Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 894 lines (765 sloc) 33.903 kB
4775e82 # more line-ending properties
ts77 authored
1 <?php
2
3 ////////////////////////////////////////////////////////////////////////////////
4 // //
0ceef25 # Updated copyright notices to 2006
mmakaay authored
5 // Copyright (C) 2006 Phorum Development Team //
4775e82 # more line-ending properties
ts77 authored
6 // http://www.phorum.org //
7 // //
8 // This program is free software. You can redistribute it and/or modify //
9 // it under the terms of either the current Phorum License (viewable at //
10 // phorum.org) or the Phorum License that was distributed with this file //
11 // //
12 // This program is distributed in the hope that it will be useful, //
13 // but WITHOUT ANY WARRANTY, without even the implied warranty of //
14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
15 // //
16 // You should have received a copy of the Phorum License //
17 // along with this program. //
18 ////////////////////////////////////////////////////////////////////////////////
19
20 // Check that this file is not loaded directly.
21 if ( basename( __FILE__ ) == basename( $_SERVER["PHP_SELF"] ) ) exit();
22
23 // all other constants in ./include/constants.php
a2b66d1 # bumping dev version on trunk
brian authored
24 define( "PHORUM", "5.2-dev" );
4775e82 # more line-ending properties
ts77 authored
25
26 // our internal version in format of year-month-day-serial
0c4d577 MFB: added index for user_id, rarely used, i.e. for user-deletion (th…
ts77 authored
27 define( "PHORUMINTERNAL", "2006032300" );
4775e82 # more line-ending properties
ts77 authored
28
29 define( "DEBUG", 0 );
30
31 include_once( "./include/constants.php" );
32
33 // setup the PHORUM var
34 $PHORUM = array();
35
36 // temp member to hold arrays and such in templates
37 $PHORUM["TMP"] = array();
38
39 // The data member is the data the templates can access
40 $PHORUM["DATA"] = array();
41 $PHORUM["DATA"]["GET_VARS"] = array();
42 $PHORUM["DATA"]["POST_VARS"] = "";
43
44 // get the forum id if set with a post
45 if ( isset( $_REQUEST["forum_id"] ) && is_numeric( $_REQUEST["forum_id"] ) ) {
46 $PHORUM["forum_id"] = $_REQUEST["forum_id"];
47 }
48
49 // strip the slashes off of POST data if magic_quotes is on
50 if ( get_magic_quotes_gpc() && count( $_REQUEST ) ) {
51 foreach( $_POST as $key => $value ) {
52 if ( !is_array( $value ) )
53 $_POST[$key] = stripslashes( $value );
54 else
55 $_POST[$key] = phorum_recursive_stripslashes( $value );
56 }
57 foreach( $_GET as $key => $value ) {
58 if ( !is_array( $value ) )
59 $_GET[$key] = stripslashes( $value );
60 else
61 $_GET[$key] = phorum_recursive_stripslashes( $value );
62 }
63 }
64
65 // look for and parse the QUERY_STRING
66 // this only applies to urls that we create.
67 // scrips using urls from forms (search) should use $_GET or $_POST
68 if ( !defined( "PHORUM_ADMIN" ) ) {
69 if ( isset( $_SERVER["QUERY_STRING"] ) || isset( $PHORUM["CUSTOM_QUERY_STRING"] ) ) {
70 $Q_STR = empty( $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"] ) ? $_SERVER["QUERY_STRING"]: $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"];
71
72 // ignore stuff past a #
73 if ( strstr( $Q_STR, "#" ) ) list( $Q_STR, $other ) = explode( "#", $Q_STR );
74
75 // explode it on comma
76 $PHORUM["args"] = explode( ",", $Q_STR );
77
78 // check for any assigned values
79 if ( strstr( $Q_STR, "=" ) ) {
80 foreach( $PHORUM["args"] as $key => $arg ) {
81
82 // if an arg has an = create an element in args
83 // with left part as key and right part as value
84 if ( strstr( $arg, "=" ) ) {
85 list( $var, $value ) = explode( "=", $arg );
86 $PHORUM["args"][$var] = urldecode( $value );
87 // get rid of the numbered arg, it is useless.
88 unset( $PHORUM["args"][$key] );
89 }
90 }
91 }
92
93 // set forum_id if not set already by
94 if ( empty( $PHORUM["forum_id"] ) && isset( $PHORUM["args"][0] ) ) {
95 $PHORUM["forum_id"] = ( int )$PHORUM["args"][0];
96 }
97 }
98 }
99
100 // set the forum_id to 0 if not set by now.
101 if ( empty( $PHORUM["forum_id"] ) ) $PHORUM["forum_id"] = 0;
102
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
103 // Get the database settings.
4775e82 # more line-ending properties
ts77 authored
104 if ( empty( $GLOBALS["PHORUM_ALT_DBCONFIG"] ) || $GLOBALS["PHORUM_ALT_DBCONFIG"]==$_REQUEST["PHORUM_ALT_DBCONFIG"] || !defined("PHORUM_WRAPPER") ) {
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
105 // Backup display_errors setting.
106 $orig = ini_get("display_errors");
72edf94 MFB: # Suppress error output in case ini_set is disabled for PHP
mmakaay authored
107 @ini_set("display_errors", 0);
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
108
109 // Load configuration.
81b7c74 # upgrade scripts for fixes to #156
ts77 authored
110 if (! include_once( "./include/db/config.php" )) {
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
111 print '<html><head><title>Phorum error</title></head><body>';
112 print '<h2>Phorum database configuration error</h2>';
113
114 // No database configuration found.
115 if (!file_exists("./include/db/config.php")) { ?>
116 Phorum has been installed on this server, but the configuration<br/>
117 for the database connection has not yet been made. Please read<br/>
118 <a href="docs/install.txt">docs/install.txt</a> for installation instructions. <?php
81b7c74 # upgrade scripts for fixes to #156
ts77 authored
119 } else {
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
120 $fp = fopen("./include/db/config.php", "r");
121 // Unable to read the configuration file.
122 if (!$fp) { ?>
123 A database configuration file was found in ./include/db/config.php,<br/>
124 but Phorum was unable to read it. Please check the file permissions<br/>
125 for this file. <?php
126 // Unknown error.
81b7c74 # upgrade scripts for fixes to #156
ts77 authored
127 } else {
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
128 fclose($fp); ?>
129 A database configuration file was found in ./include/dbconfig.php,<br/>
130 but it could not be loaded. It possibly contains one or more errors.<br/>
131 Please check your configuration file. <?php
132 }
81b7c74 # upgrade scripts for fixes to #156
ts77 authored
133 }
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
134
135 print '</body></html>';
136 exit(1);
137 }
138
139 // Restore original display_errors setting.
72edf94 MFB: # Suppress error output in case ini_set is disabled for PHP
mmakaay authored
140 @ini_set("display_errors", $orig);
4775e82 # more line-ending properties
ts77 authored
141 } else {
142 $PHORUM["DBCONFIG"] = $GLOBALS["PHORUM_ALT_DBCONFIG"];
143 }
144
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
145 // Load the database layer.
4775e82 # more line-ending properties
ts77 authored
146 include_once( "./include/db/{$PHORUM['DBCONFIG']['type']}.php" );
147
148 if(!phorum_db_check_connection()){
149 if(isset($PHORUM["DBCONFIG"]["down_page"])){
150 header("Location: ".$PHORUM["DBCONFIG"]["down_page"]);
151 exit();
152 } else {
37c8617 # Message in case of a database failure wasn't good
mmakaay authored
153 echo "The database connection failed. Please check your database configuration in include/db/config.php. If the configuration is okay, check if the database server is running.";
4775e82 # more line-ending properties
ts77 authored
154 exit();
155 }
156 }
157
158 // get the Phorum settings
159 phorum_db_load_settings();
160
161 // a hook for rewriting vars at the beginning of common.php,
162 //right after loading the settings from the database
163 phorum_hook( "common_pre", "" );
164
165 include_once( "./include/cache.php" );
166
167 // stick some stuff from the settings into the DATA member
168 $PHORUM["DATA"]["TITLE"] = ( isset( $PHORUM["title"] ) ) ? $PHORUM["title"] : "";
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
169 $PHORUM["DATA"]["DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? $PHORUM["description"] : "";
4775e82 # more line-ending properties
ts77 authored
170 $PHORUM["DATA"]["HTML_TITLE"] = ( !empty( $PHORUM["html_title"] ) ) ? $PHORUM["html_title"] : $PHORUM["DATA"]["TITLE"];
171 $PHORUM["DATA"]["HEAD_TAGS"] = ( isset( $PHORUM["head_tags"] ) ) ? $PHORUM["head_tags"] : "";
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
172 $PHORUM["DATA"]["LOCALE"] = ( isset( $PHORUM["locale"] ) ) ? $PHORUM["locale"] : "";
3302bcb Private Messages are now separate from the Control Center.
brian authored
173 $PHORUM["DATA"]["FORUM_ID"] = $PHORUM["forum_id"];
4775e82 # more line-ending properties
ts77 authored
174
175 ////////////////////////////////////////////////////////////
176 // only do this stuff if we are not in the admin
177
178 if ( !defined( "PHORUM_ADMIN" ) ) {
179
180 // if the Phorum is disabled, display a message.
181 if(isset($PHORUM["status"]) && $PHORUM["status"]=="disabled"){
182 if(!empty($PHORUM["disabled_url"])){
183 header("Location: ".$PHORUM["disabled_url"]);
184 exit();
185 } else {
567d095 # Prevent permission conflicts on compiled settings.tpl for external …
mmakaay authored
186 echo "This Phorum is currently disabled. Please contact the web site owner at ".$PHORUM['system_email_from_address']." for more information.\n";
4775e82 # more line-ending properties
ts77 authored
187 exit();
188 }
189 }
190
191 // checking for upgrade or new install
192 if ( !isset( $PHORUM['internal_version'] ) ) {
115e527 # Give Phorum owners a bit more guidance when db/config.php cannot be…
mmakaay authored
193 echo "<html><head><title>Phorum error</title></head><body>No Phorum settings were found. Either this is a brand new installation of Phorum or there is an error with your database server. If this is a new install, please <a href=\"admin.php\">go to the admin page</a> to complete the installation. If not, check your database server.</body></html>";
4775e82 # more line-ending properties
ts77 authored
194 exit();
195 } elseif ( $PHORUM['internal_version'] < PHORUMINTERNAL ) {
196 echo "<html><head><title>Error</title></head><body>Looks like you have installed a new version. Go to the admin to complete the upgrade!</body></html>";
197 exit();
198 }
199
200 // load the forum's settings
201 if ( !empty( $PHORUM["forum_id"] ) ) {
202 $forum_settings = phorum_db_get_forums( $PHORUM["forum_id"] );
203 if ( empty( $forum_settings[$PHORUM["forum_id"]] ) ) {
08b2f83 # added another hook common_no_forum
ts77 authored
204 phorum_hook( "common_no_forum", "" );
4775e82 # more line-ending properties
ts77 authored
205 phorum_redirect_by_url( phorum_get_url( PHORUM_INDEX_URL ) );
206 exit();
207 }
208 $PHORUM = array_merge( $PHORUM, $forum_settings[$PHORUM["forum_id"]] );
209 } else {
210 // some defaults we might need if no forum is set (i.e. on the index-page)
211 $PHORUM['vroot']=0;
212 $PHORUM['parent_id']=0;
213 $PHORUM['active']=1;
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
214 $PHORUM['folder_flag']=1;
0a6aa47 MFB: sanitizing rss-url
ts77 authored
215 $PHORUM["template"] = $PHORUM["default_template"];
4775e82 # more line-ending properties
ts77 authored
216 }
217
218 // stick some stuff from the settings into the DATA member
219 $PHORUM["DATA"]["NAME"] = ( isset( $PHORUM["name"] ) ) ? $PHORUM["name"] : "";
28f3067 # more template related changes for 5.2
brian authored
220 $PHORUM["DATA"]["DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? strip_tags( preg_replace("!\s+!", " ", $PHORUM["description"]) ) : "";
4775e82 # more line-ending properties
ts77 authored
221 $PHORUM["DATA"]["ENABLE_PM"] = ( isset( $PHORUM["enable_pm"] ) ) ? $PHORUM["enable_pm"] : "";
222 if ( !empty( $PHORUM["DATA"]["HTML_TITLE"] ) && !empty( $PHORUM["DATA"]["NAME"] ) ) {
223 $PHORUM["DATA"]["HTML_TITLE"] .= PHORUM_SEPARATOR;
224 }
225 $PHORUM["DATA"]["HTML_TITLE"] .= $PHORUM["DATA"]["NAME"];
226
227 // check the user session
228 include_once( "./include/users.php" );
229 if ( phorum_user_check_session() ) {
230 $PHORUM["DATA"]["LOGGEDIN"] = true;
ba5300d New security feature! Users must confirm their login before posting …
brian authored
231
b1d9b7c # new session code to hopefully solve problems in tickets #134 and #135
brian authored
232 if(!$PHORUM["tight_security"] || phorum_user_check_session( PHORUM_SESSION_SHORT_TERM )){
ba5300d New security feature! Users must confirm their login before posting …
brian authored
233 $PHORUM["DATA"]["FULLY_LOGGEDIN"] = true;
234 } else {
235 $PHORUM["DATA"]["FULLY_LOGGEDIN"] = false;
236 }
237
4775e82 # more line-ending properties
ts77 authored
238 // if the user has overridden thread settings, change it here.
239 if ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) {
240 if ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_ON ) {
241 $PHORUM["threaded_list"] = true;
242 } elseif ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_OFF ) {
243 $PHORUM["threaded_list"] = false;
244 }
245 if ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_ON ) {
246 $PHORUM["threaded_read"] = true;
247 } elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_OFF ) {
248 $PHORUM["threaded_read"] = false;
249 }
250 }
251 }
252
253 // set up the blank user if not logged in
254 if ( empty( $PHORUM["user"] ) ) {
255 $PHORUM["user"] = array( "user_id" => 0, "username" => "", "admin" => false, "newinfo" => array() );
256 $PHORUM["DATA"]["LOGGEDIN"] = false;
257 }
258
259
260 // a hook for rewriting vars in common.php after loading the user
261 phorum_hook( "common_post_user", "" );
262
263
264 // set up the template
265
266 // check for a template being passed on the url
5c87d60 # Prevent the use of illegal template paths from the URL.
mmakaay authored
267 // only use valid template names
4775e82 # more line-ending properties
ts77 authored
268 if ( !empty( $PHORUM["args"]["template"] ) ) {
5c87d60 # Prevent the use of illegal template paths from the URL.
mmakaay authored
269 $template = basename( $PHORUM["args"]["template"] );
43c4da7 # Fallback to default template if user_template does not exist (anymore)
mmakaay authored
270 if ($template != '..') {
5c87d60 # Prevent the use of illegal template paths from the URL.
mmakaay authored
271 $PHORUM["template"] = $template;
272 }
4775e82 # more line-ending properties
ts77 authored
273 }
274
275 // user output buffering so we don't get header errors
567d095 # Prevent permission conflicts on compiled settings.tpl for external …
mmakaay authored
276 // not loaded if we are running an external or scheduled script
277 if (! defined('PHORUM_SCRIPT')) {
278 ob_start();
279 include_once( phorum_get_template( "settings" ) );
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
280 $PHORUM["DATA"]["TEMPLATE"] = $PHORUM['template'];
567d095 # Prevent permission conflicts on compiled settings.tpl for external …
mmakaay authored
281 ob_end_clean();
282 }
4775e82 # more line-ending properties
ts77 authored
283
284 // get the language file
285 if ( ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) && isset( $PHORUM['user']['user_language'] ) && !empty($PHORUM['user']['user_language']) )
286 $PHORUM['language'] = $PHORUM['user']['user_language'];
287
288 if ( !isset( $PHORUM["language"] ) || empty( $PHORUM["language"] ) || !file_exists( "./include/lang/$PHORUM[language].php" ) )
289 $PHORUM["language"] = $PHORUM["default_language"];
290
291 if ( file_exists( "./include/lang/$PHORUM[language].php" ) ) {
292 include_once( "./include/lang/$PHORUM[language].php" );
293 }
294 // load languages for localized modules
b6560f6 "# fixing some php5-related errors"
ts77 authored
295 if ( isset( $PHORUM["hooks"]["lang"] ) && is_array($PHORUM["hooks"]["lang"]) ) {
4775e82 # more line-ending properties
ts77 authored
296 foreach( $PHORUM["hooks"]["lang"]["mods"] as $mod ) {
297 // load mods for this hook
298 if ( file_exists( "./mods/$mod/lang/$PHORUM[language].php" ) ) {
299 include_once "./mods/$mod/lang/$PHORUM[language].php";
300 }
301 elseif ( file_exists( "./mods/$mod/lang/english.php" ) ) {
302 include_once "./mods/$mod/lang/english.php";
303 }
304 }
305 }
306
b080ff0 added newflag caching
ts77 authored
307
308 // just setting this up for upgraded installs where this might not be set up
309 if(!isset($PHORUM['cache_newflags'])) {
310 $PHORUM['cache_newflags'] = 0;
311 }
312
313 if(!isset($PHORUM['cache_messages'])) {
314 $PHORUM['cache_messages'] = 0;
315 }
316
cc1e271 # Fixed escaping problems for HTML_TITLE and NAME members in $PHORUM[…
mmakaay authored
317 // HTML titles can't contain HTML code, so we strip HTML tags
318 // and HTML escape the title.
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
319 $PHORUM["DATA"]["HTML_TITLE"] = htmlentities(strip_tags($PHORUM["DATA"]["HTML_TITLE"]), ENT_COMPAT, $PHORUM["DATA"]["CHARSET"]);
cc1e271 # Fixed escaping problems for HTML_TITLE and NAME members in $PHORUM[…
mmakaay authored
320
4775e82 # more line-ending properties
ts77 authored
321 // if the Phorum is disabled, display a message.
322 if(isset($PHORUM["status"]) && $PHORUM["status"]=="admin-only" && !$PHORUM["user"]["admin"]){
323 // set all our URL's
324 phorum_build_common_urls();
325
326 $PHORUM["DATA"]["MESSAGE"]=$PHORUM["DATA"]["LANG"]["AdminOnlyMessage"];
327 include phorum_get_template("header");
328 phorum_hook("after_header");
329 include phorum_get_template("message");
330 phorum_hook("before_footer");
331 include phorum_get_template("footer");
332 exit();
333
334 }
335
f2735f3 # Added new template settings.tpl define 'show_notify_for_pages'.
mmakaay authored
336 // If moderator notifications are on and the person is a mod,
337 // lets find out if anything is new.
338
339 $PHORUM["user"]["NOTICE"]["MESSAGES"] = false;
340 $PHORUM["user"]["NOTICE"]["USERS"] = false;
341 $PHORUM["user"]["NOTICE"]["GROUPS"] = false;
342
343 if ( $PHORUM["DATA"]["LOGGEDIN"] ) {
344
345 // By default, only bug the user on the list, index and cc pages.
346 // The template can override this behaviour by setting a comma
347 // separated list of phorum_page names in a template define statement
348 // like this: {DEFINE show_notify_for_pages "page 1,page 2,..,page n"}
349 if (isset($PHORUM["TMP"]["show_notify_for_pages"])) {
350 $show_notify_for_pages = explode(",", $PHORUM["TMP"]["show_notify_for_pages"]);
351 } else {
352 $show_notify_for_pages = array('index','list','cc');
353 }
354
355 if ( in_array(phorum_page, $show_notify_for_pages) ) {
356
357 if ( $PHORUM["enable_moderator_notifications"] ) {
358 $forummodlist = phorum_user_access_list( PHORUM_USER_ALLOW_MODERATE_MESSAGES );
359 if ( count( $forummodlist ) > 0 ) {
360 $PHORUM["user"]["NOTICE"]["MESSAGES"] = ( count( phorum_db_get_unapproved_list( $forummodlist, true ) ) > 0 );
361 $PHORUM["DATA"]["URL"]["NOTICE"]["MESSAGES"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_UNAPPROVED );
362 }
363 if ( phorum_user_access_allowed( PHORUM_USER_ALLOW_MODERATE_USERS ) ) {
364 $PHORUM["user"]["NOTICE"]["USERS"] = ( count( phorum_db_user_get_unapproved() ) > 0 );
365 $PHORUM["DATA"]["URL"]["NOTICE"]["USERS"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_USERS );
366 }
367 if ( phorum_user_allow_moderate_group() ) {
368 $groups = phorum_user_get_moderator_groups();
369 if ( count( $groups ) > 0 ) {
370 $PHORUM["user"]["NOTICE"]["GROUPS"] = count( phorum_db_get_group_members( array_keys( $groups ), PHORUM_USER_GROUP_UNAPPROVED ) );
371 $PHORUM["DATA"]["URL"]["NOTICE"]["GROUPS"] = phorum_get_url( PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_GROUP_MODERATION );
372 }
373 }
374 }
0a6aa47 MFB: sanitizing rss-url
ts77 authored
375
f2735f3 # Added new template settings.tpl define 'show_notify_for_pages'.
mmakaay authored
376 $PHORUM["user"]["NOTICE"]["SHOW"] = $PHORUM["user"]["NOTICE"]["MESSAGES"] || $PHORUM["user"]["NOTICE"]["USERS"] || $PHORUM["user"]["NOTICE"]["GROUPS"];
377 }
0a6aa47 MFB: sanitizing rss-url
ts77 authored
378 }
4775e82 # more line-ending properties
ts77 authored
379
380 // a hook for rewriting vars at the end of common.php
381 phorum_hook( "common", "" );
382
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
383 $PHORUM['DATA']['USER'] = $PHORUM['user'];
84abc50 # Added some useful variables to the template data
mmakaay authored
384 $PHORUM['DATA']['PHORUM_PAGE'] = phorum_page;
385 $PHORUM['DATA']['USERTRACK'] = $PHORUM['track_user_activity'];
4775e82 # more line-ending properties
ts77 authored
386 }
387
388
389 //////////////////////////////////////////////////////////
390 // functions
391
392 /**
393 * A common function to check that a user is logged in
394 */
395 function phorum_require_login()
396 {
397 $PHORUM = $GLOBALS['PHORUM'];
398 if ( !$PHORUM["user"]["user_id"] ) {
399 $url = phorum_get_url( PHORUM_LOGIN_URL, "redir=" . urlencode( $PHORUM["http_path"] . "/" . basename( $_SERVER["PHP_SELF"] ) . "?" . $_SERVER["QUERY_STRING"] ) );
400 phorum_redirect_by_url( $url );
401 exit();
402 }
403 }
404
405 /**
406 * A common function for checking the read-permissions for a forum-page
407 * returns false if access is not allowed and an error page-was output
408 */
409 function phorum_check_read_common()
410 {
411 $PHORUM = $GLOBALS['PHORUM'];
412
413 $retval = true;
414
415 if ( $PHORUM["forum_id"] > 0 && !$PHORUM["folder_flag"] && !phorum_user_access_allowed( PHORUM_USER_ALLOW_READ ) ) {
416 if ( $PHORUM["DATA"]["LOGGEDIN"] ) {
417 // if they are logged in and not allowed, they don't have rights
418 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoRead"];
419 } else {
420 // check if they could read if logged in.
421 // if so, let them know to log in.
422 if ( ( empty( $PHORUM["DATA"]["POST"]["parentid"] ) && $PHORUM["reg_perms"] &PHORUM_USER_ALLOW_READ ) ) {
423 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["PleaseLoginRead"];
424 } else {
425 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoRead"];
426 }
427 }
428
429 phorum_build_common_urls();
430
431 include phorum_get_template( "header" );
432 phorum_hook( "after_header" );
433 include phorum_get_template( "message" );
434 phorum_hook( "before_footer" );
435 include phorum_get_template( "footer" );
436
437 $retval = false;
438 }
439
440 return $retval;
441 }
442
443 // used for all url creation.
444 function phorum_get_url()
445 {
446 $PHORUM = $GLOBALS["PHORUM"];
447
448 $args = "";
449 $url = "";
450 $suffix = "";
451 $add_forum_id = false;
452 $add_get_vars = true;
453
454 $argv = func_get_args();
455 $type = array_shift( $argv );
456
457 switch ( $type ) {
458 case PHORUM_LIST_URL:
459 $page = "list";
460 if ( empty( $argv ) ) $add_forum_id = true;
461 break;
462 case PHORUM_READ_URL:
463 $page = "read";
464 $add_forum_id = true;
465 if ( !empty( $argv[1] ) && is_numeric( $argv[1] ) ) $suffix = "#msg-$argv[1]";
466 break;
467 case PHORUM_FOREIGN_READ_URL:
468 $page = "read";
469 if ( !empty( $argv[2] ) && is_numeric( $argv[2] ) ) $suffix = "#msg-$argv[2]";
470 break;
471 case PHORUM_REPLY_URL:
f111da5 # Fixed undefined index errors in case 'reply_on_read_page' is not set
mmakaay authored
472 if(isset($PHORUM["reply_on_read_page"]) && $PHORUM["reply_on_read_page"]){
4775e82 # more line-ending properties
ts77 authored
473 $page = "read";
474 $suffix = "#REPLY";
475 } else {
59aaefd # Reply on separate page used the old reply.php script, instead of po…
mmakaay authored
476 $page = "posting";
12b0505 Final fix for [216] and [217]
mmakaay authored
477 // For reply on a separate page, we call posting.php on its own.
478 // In that case argv[0] is the editor mode we want to use
479 // (reply in this case). Currently, the thread id is in argv[0],
480 // but we don't need that one for posting.php. So we simply
481 // replace argv[0] with the correct argument.
482 $argv[0] = "reply";
4775e82 # more line-ending properties
ts77 authored
483 }
484 $add_forum_id = true;
485 break;
dd3a33b Activated the new editor code in the Phorum core.
mmakaay authored
486 case PHORUM_POSTING_URL:
487 $page = "posting";
488 $add_forum_id = true;
489 break;
ac0e09d # Added redirect.php functionality fully into core. This is used for …
mmakaay authored
490 case PHORUM_REDIRECT_URL:
491 $page = "redirect";
492 $add_forum_id = false;
493 break;
4775e82 # more line-ending properties
ts77 authored
494 case PHORUM_SEARCH_URL:
495 $page = "search";
496 $add_forum_id = true;
497 break;
498 case PHORUM_SEARCH_ACTION_URL:
499 $page = "search";
500 $add_get_vars = true;
501 break;
502 case PHORUM_DOWN_URL:
503 $page = "down";
504 $add_forum_id = true;
505 break;
506 case PHORUM_VIOLATION_URL:
507 $page = "violation";
508 $add_forum_id = true;
509 break;
510 case PHORUM_INDEX_URL:
511 $page = "index";
512 break;
513 case PHORUM_LOGIN_URL:
514 $page = "login";
515 $add_forum_id = true;
516 break;
517 case PHORUM_LOGIN_ACTION_URL:
518 $page = "login";
519 break;
520 case PHORUM_REGISTER_URL:
521 $page = "register";
522 $add_forum_id = true;
523 break;
524 case PHORUM_REGISTER_ACTION_URL:
525 $page = "register";
526 break;
527 case PHORUM_PROFILE_URL:
528 $page = "profile";
529 $add_forum_id = true;
530 break;
531 case PHORUM_SUBSCRIBE_URL:
532 $page = "subscribe";
533 $add_forum_id = true;
534 break;
535 case PHORUM_MODERATION_URL:
536 $page = "moderation";
537 $add_forum_id = true;
538 break;
539 case PHORUM_MODERATION_ACTION_URL:
540 $page = "moderation";
541 $add_get_vars = false;
542 break;
543 case PHORUM_PREPOST_URL:
544 $page = "control";
545 $argv[] = "panel=messages";
546 $add_forum_id = true;
547 break;
548 case PHORUM_CONTROLCENTER_URL:
549 $page = "control";
550 $add_forum_id = true;
551 break;
552 case PHORUM_CONTROLCENTER_ACTION_URL:
553 $page = "control";
554 break;
3302bcb Private Messages are now separate from the Control Center.
brian authored
555 case PHORUM_PM_URL:
556 $page = "pm";
557 $add_forum_id = true;
558 break;
559 case PHORUM_PM_ACTION_URL:
560 $page = "pm";
561 break;
4775e82 # more line-ending properties
ts77 authored
562 case PHORUM_FILE_URL:
563 $page = "file";
564 $add_forum_id = true;
565 break;
566 case PHORUM_FOLLOW_URL:
567 $page = "follow";
568 $add_forum_id = true;
569 break;
570 case PHORUM_FOLLOW_ACTION_URL:
571 $page = "follow";
572 $add_forum_id = false;
573 break;
574 case PHORUM_REPORT_URL:
575 $page = "report";
576 $add_forum_id = true;
577 break;
578 case PHORUM_RSS_URL:
579 switch(phorum_page){
580 case "list":
581 $add_forum_id = true;
582 break;
583 case "read":
584 $add_forum_id = true;
0a6aa47 MFB: sanitizing rss-url
ts77 authored
585 $thread_id = (int)$PHORUM["args"]["1"];
586 array_push($argv, $thread_id);
4775e82 # more line-ending properties
ts77 authored
587 break;
588 }
589 $page = "rss";
590 break;
591 // this is for adding own generic urls
592 case PHORUM_CUSTOM_URL:
593 $page = array_shift($argv); // first arg is our page
594 $add_forum_id_tmp=array_shift($argv); // second determining if we should add the forum_id
595 $add_forum_id = $add_forum_id_tmp?true:false;
73de356 "# avoided warning with custom-url"
ts77 authored
596 break;
4775e82 # more line-ending properties
ts77 authored
597
d6acb35 # Added PHORUM_BASE_URL as a type for phorum_get_url()
mmakaay authored
598 case PHORUM_BASE_URL:
77285fc # Set $page = '' for PHORUM_BASE_URL, so phorum_custom_get_url can use
mmakaay authored
599 // only to flag phorum_custom_get_url() that base url is requested
d9f0a78 "# bumped version"
ts77 authored
600 $page = '';
d6acb35 # Added PHORUM_BASE_URL as a type for phorum_get_url()
mmakaay authored
601 break;
602
4775e82 # more line-ending properties
ts77 authored
603 default:
604 trigger_error( "Unhandled page type.", E_USER_WARNING );
605 break;
606 }
607
608 // build the query string
609 $query_items = array();
610
611 if ( $add_forum_id ) {
612 $query_items[] = ( int )$PHORUM["forum_id"];
613 }
614
615 if ( count( $argv ) > 0 ) {
616 $query_items = array_merge( $query_items, $argv );
617 }
618
619 if ( !empty( $PHORUM["DATA"]["GET_VARS"] ) && $add_get_vars ) {
620 $query_items = array_merge( $query_items, $PHORUM["DATA"]["GET_VARS"] );
621 }
622 // build the url
623 if ( !function_exists( "phorum_custom_get_url" ) ) {
d6acb35 # Added PHORUM_BASE_URL as a type for phorum_get_url()
mmakaay authored
624 if ($type == PHORUM_BASE_URL) return $PHORUM["http_path"] . '/';
625
4775e82 # more line-ending properties
ts77 authored
626 $url = "$PHORUM[http_path]/$page." . PHORUM_FILE_EXTENSION;
627
628 if ( count( $query_items ) ) $url .= "?" . implode( ",", $query_items );
629
630 if ( !empty( $suffix ) ) $url .= $suffix;
631 } else {
632 $url = phorum_custom_get_url( $page, $query_items, $suffix );
633 }
634
635 return $url;
636 }
637
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
638 /**
639 * Find out what input and output files to use for a template file.
0a6aa47 MFB: sanitizing rss-url
ts77 authored
640 *
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
641 * @param $page - The template base name (e.g. "header", "css", etc.).
642 * @return $phpfile - The PHP file to include for the template base name.
643 * @return $tplfile - The file to use as template input. In case there's no
644 * .tpl file to pre-process, the value will be NULL.
0a6aa47 MFB: sanitizing rss-url
ts77 authored
645 * In that case, the $phpfile return value can be
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
646 * included directly.
0a6aa47 MFB: sanitizing rss-url
ts77 authored
647 */
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
648 function phorum_get_template_file( $page )
4775e82 # more line-ending properties
ts77 authored
649 {
650 $PHORUM = $GLOBALS["PHORUM"];
651
50279dd MFB: # Defend against relative path and \0 injection for template names.
mmakaay authored
652 $page = basename($page);
653
4775e82 # more line-ending properties
ts77 authored
654 if ( ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) && isset( $PHORUM['user']['user_template'] ) && !empty($PHORUM['user']['user_template'])) {
655 $PHORUM['template'] = $PHORUM['user']['user_template'];
656 }
657
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
658 // If no user template is set or if the template file cannot be found,
43c4da7 # Fallback to default template if user_template does not exist (anymore)
mmakaay authored
659 // fallback to the default template.
660 if (empty($PHORUM["template"]) || !file_exists("./templates/{$PHORUM['template']}")) {
4775e82 # more line-ending properties
ts77 authored
661 $PHORUM["template"] = $PHORUM["default_template"];
662 }
663
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
664 $tplbase = "./templates/$PHORUM[template]/$page";
665
4775e82 # more line-ending properties
ts77 authored
666 // check for straight PHP file
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
667 if ( file_exists( "$tplbase.php" ) ) {
668 return array("$tplbase.php", NULL);
669 // not there, look for a template
4775e82 # more line-ending properties
ts77 authored
670 } else {
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
671 $tplfile = "$tplbase.tpl";
cfc2663 # Minus signs in template directories and files are now allowed
mmakaay authored
672 $safetemplate = str_replace("-", "_", $PHORUM["template"]);
673 $safepage = str_replace("-", "_", $page);
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
674 $phpfile = "{$PHORUM["cache"]}/tpl-$safetemplate-$safepage-" .
675 md5(dirname(__FILE__)) . ".php";
4775e82 # more line-ending properties
ts77 authored
676
15fe7b7 Added a new function: phorum_get_template_file(), which is used for
mmakaay authored
677 return array($phpfile, $tplfile);
678 }
679 }
680
681 /**
682 * Returns the PHP file to include for a template file. This function will
683 * automatically compile .tpl files if no compiled template is available.
684 *
685 * @param $page - The template base name (e.g. "header", "css", etc.).
686 * @param $is_include - Whether the template is an include or not (deprecated).
687 * @return $phpfile - The PHP file to include for the template base name.
688 */
689 function phorum_get_template( $page )
690 {
691 list ($phpfile, $tplfile) = phorum_get_template_file($page);
692
693 // No template to pre-process.
694 if ($tplfile == NULL) return $phpfile;
695
696 // Pre-process template if the output file isn't available.
697 if (! file_exists($phpfile)) {
698 include_once "./include/templates.php";
699 phorum_import_template($page, $tplfile, $phpfile);
4775e82 # more line-ending properties
ts77 authored
700 }
701
702 return $phpfile;
703 }
704
705 // creates URLs used on most pages
706 function phorum_build_common_urls()
707 {
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
708 $PHORUM=$GLOBALS['PHORUM'];
709
1620d74 # beginning of template rewrite. Includes changes to core
brian authored
710 $GLOBALS["PHORUM"]["DATA"]["URL"]["BASE_URL"] = phorum_get_url( PHORUM_BASE_URL );
711
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
712 // those links are only needed in forums, not in folders
713 if(isset($PHORUM['folder_flag']) && !$PHORUM['folder_flag']) {
28f3067 # more template related changes for 5.2
brian authored
714 $GLOBALS["PHORUM"]["DATA"]["URL"]["LIST"] = phorum_get_url( PHORUM_LIST_URL );
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
715 $GLOBALS["PHORUM"]["DATA"]["URL"]["MARKREAD"] = phorum_get_url( PHORUM_LIST_URL, "markread=1" );
716 $GLOBALS["PHORUM"]["DATA"]["URL"]["POST"] = phorum_get_url( PHORUM_POSTING_URL );
717 $GLOBALS["PHORUM"]["DATA"]["URL"]["SUBSCRIBE"] = phorum_get_url( PHORUM_SUBSCRIBE_URL );
718 }
719
720 // those are general urls, needed nearly everywhere
4775e82 # more line-ending properties
ts77 authored
721 $GLOBALS["PHORUM"]["DATA"]["URL"]["SEARCH"] = phorum_get_url( PHORUM_SEARCH_URL );
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
722
723 // RSS-Url only makes sense on a couple of pages
b28f8f7 added a switch for using RSS and a link to the header for it
ts77 authored
724 if(isset($PHORUM['use_rss']) && $PHORUM['use_rss']
725 && (phorum_page=="index" || phorum_page=="list" || phorum_page=="read")){
4775e82 # more line-ending properties
ts77 authored
726 $GLOBALS["PHORUM"]["DATA"]["URL"]["RSS"] = phorum_get_url( PHORUM_RSS_URL );
727 }
728
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
729 $index_id=-1;
730 // in a folder
4775e82 # more line-ending properties
ts77 authored
731
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
732 if( $PHORUM['folder_flag'] && phorum_page != 'index'
733 && ($PHORUM['forum_id'] == 0 || $PHORUM['vroot'] == $PHORUM['forum_id'])) {
734 // folder where we usually don't show the index-link but on
735 // additional pages like search and login its shown
736 $index_id=$PHORUM['forum_id'];
4775e82 # more line-ending properties
ts77 authored
737
670bc17 "fixing index-links + #220"
ts77 authored
738 } elseif( ( $PHORUM['folder_flag'] &&
739 ($PHORUM['forum_id'] != 0 && $PHORUM['vroot'] != $PHORUM['forum_id'])) ||
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
740 (!$PHORUM['folder_flag'] && $PHORUM['active'])) {
741 // either a folder where the link should be shown (not vroot or root)
742 // or an active forum where the link should be shown
4775e82 # more line-ending properties
ts77 authored
743
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
744 if(isset($PHORUM["use_new_folder_style"]) && $PHORUM["use_new_folder_style"] ) {
745 // go to root or vroot
746 $index_id=$PHORUM["vroot"]; // vroot is either 0 (root) or another id
4775e82 # more line-ending properties
ts77 authored
747
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
748 } else {
749 // go to parent
750 $index_id=$PHORUM["parent_id"]; // parent_id is always set now
4775e82 # more line-ending properties
ts77 authored
751
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
752 }
4775e82 # more line-ending properties
ts77 authored
753
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
754 }
755 if($index_id > -1) {
756 // check if its the full root, avoid adding an id in this case (SE-optimized ;))
757 if (!empty($index_id))
758 $GLOBALS["PHORUM"]["DATA"]["URL"]["INDEX"] = phorum_get_url( PHORUM_INDEX_URL, $index_id );
759 else
760 $GLOBALS["PHORUM"]["DATA"]["URL"]["INDEX"] = phorum_get_url( PHORUM_INDEX_URL );
761 }
4775e82 # more line-ending properties
ts77 authored
762
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
763 // these urls depend on the login-status of a user
4775e82 # more line-ending properties
ts77 authored
764 if ( $GLOBALS["PHORUM"]["DATA"]["LOGGEDIN"] ) {
765 $GLOBALS["PHORUM"]["DATA"]["URL"]["LOGINOUT"] = phorum_get_url( PHORUM_LOGIN_URL, "logout=1" );
766 $GLOBALS["PHORUM"]["DATA"]["URL"]["REGISTERPROFILE"] = phorum_get_url( PHORUM_CONTROLCENTER_URL );
3f75d93 streamlined index/messagelist/post-url creation should fix #199
ts77 authored
767 $GLOBALS["PHORUM"]["DATA"]["URL"]["PM"] = phorum_get_url( PHORUM_PM_URL );
4775e82 # more line-ending properties
ts77 authored
768 } else {
769 $GLOBALS["PHORUM"]["DATA"]["URL"]["LOGINOUT"] = phorum_get_url( PHORUM_LOGIN_URL );
770 $GLOBALS["PHORUM"]["DATA"]["URL"]["REGISTERPROFILE"] = phorum_get_url( PHORUM_REGISTER_URL );
771 }
772 }
773
774 // calls phorum mod functions
775 function phorum_hook( $hook, $arg = "" )
776 {
777 $PHORUM = $GLOBALS["PHORUM"];
778
b6560f6 "# fixing some php5-related errors"
ts77 authored
779 if ( isset( $PHORUM["hooks"][$hook] ) && is_array($PHORUM["hooks"][$hook])) {
780
4775e82 # more line-ending properties
ts77 authored
781 foreach( $PHORUM["hooks"][$hook]["mods"] as $mod ) {
782 // load mods for this hook
783 if ( file_exists( "./mods/$mod/$mod.php" ) ) {
784 include_once "./mods/$mod/$mod.php";
785 } elseif ( file_exists( "./mods/$mod.php" ) ) {
786 include_once "./mods/$mod.php";
787 }
788 }
789
790 foreach( $PHORUM["hooks"][$hook]["funcs"] as $func ) {
791 // call functions for this hook
792 if ( function_exists( $func ) ) {
793 $arg = call_user_func( $func, $arg );
794 }
795 }
796 }
797
798 return $arg;
799 }
800
801 // HTML encodes a string
802 function phorum_html_encode( $string )
803 {
804 $ret_string = "";
805 $len = strlen( $string );
806 for( $x = 0;$x < $len;$x++ ) {
807 $ord = ord( $string[$x] );
808 $ret_string .= "&#$ord;";
809 }
810 return $ret_string;
811 }
812
813 // removes slashes from all array-entries
814 function phorum_recursive_stripslashes( $array )
815 {
816 if ( !is_array( $array ) ) {
817 return $array;
818 } else {
819 foreach( $array as $key => $value ) {
820 if ( !is_array( $value ) )
821 $array[$key] = stripslashes( $value );
822 else
823 $array[$key] = phorum_recursive_stripslashes( $value );
824 }
825 }
826 return $array;
827 }
828
829 // returns the available templates as an array
830 function phorum_get_template_info()
831 {
832 $tpls = array();
833
834 $d = dir( "./templates" );
835 while ( false !== ( $entry = $d->read() ) ) {
cfc2663 # Minus signs in template directories and files are now allowed
mmakaay authored
836 if ( $entry != "." && $entry != ".." && file_exists( "./templates/$entry/info.php" ) ) {
4775e82 # more line-ending properties
ts77 authored
837 include "./templates/$entry/info.php";
838 if ( !isset( $template_hide ) || empty( $template_hide ) || defined( "PHORUM_ADMIN" ) ) {
839 $tpls[$entry] = "$name $version";
840 } else {
841 unset( $template_hide );
842 }
843 }
844 }
845
846 return $tpls;
847 }
848
849 // returns the available languages as an array
850 function phorum_get_language_info()
851 {
852 $langs = array();
853
854 $d = dir( "./include/lang" );
855 while ( false !== ( $entry = $d->read() ) ) {
856 if ( substr( $entry, -4 ) == ".php" && is_file( "./include/lang/$entry" ) ) {
857 @include "./include/lang/$entry";
858 if ( !isset( $language_hide ) || empty( $language_hide ) || defined( "PHORUM_ADMIN" ) ) {
859 $langs[str_replace( ".php", "", $entry )] = $language;
860 } else {
861 unset( $language_hide );
862 }
863 }
864 }
865
866 return $langs;
867 }
868
869 function phorum_redirect_by_url( $redir_url )
870 {
871 if ( stristr( $_SERVER['SERVER_SOFTWARE'], "Microsoft-IIS" ) ) {
872 // the ugly IIS-hack to avoid crashing IIS
873 print "<html><head>\n<title>Redirecting ...</title>\n";
874 print "<meta http-equiv=\"refresh\" content=\"0; URL=$redir_url\">";
875 print "</head>\n";
876 print "<body><a href=\"$redir_url\">Redirecting ...</a></body>\n";
877 print "</html>";
878 } else {
879 // our standard-way
880 header( "Location: $redir_url" );
881 }
b7b2805 # Added exit(0) after the redirect code for phorum_redirect_by_url()
mmakaay authored
882 exit(0);
4775e82 # more line-ending properties
ts77 authored
883 }
884
885 // might remove these, might not. Need it for debugging.
886 function print_var( $var )
887 {
888 echo "<xmp>";
889 print_r( $var );
890 echo "</xmp>";
891 }
892
893 ?>
Something went wrong with that request. Please try again.