's)
fid: One or more forum IDs (comma-separated). If ignored,
topics from all readable forums will be pulled.
nfid: One or more forum IDs (comma-separated) that are to be
excluded. E.g. the ID of a a test forum.
tid: A topic ID from which to show posts. If a tid is supplied,
fid and nfid are ignored.
show: Any integer value between 1 and 50. The default is 15.
order: last_post - show topics ordered by when they were last
posted in, giving information about the reply.
posted - show topics ordered by when they were first
posted, giving information about the original post.
-----------------------------------------------------------------------------*/
define('PUN_QUIET_VISIT', 1);
if (!defined('PUN_ROOT'))
define('PUN_ROOT', dirname(__FILE__).'/');
require PUN_ROOT.'include/common.php';
// The length at which topic subjects will be truncated (for HTML output)
if (!defined('FORUM_EXTERN_MAX_SUBJECT_LENGTH'))
define('FORUM_EXTERN_MAX_SUBJECT_LENGTH', 30);
// If we're a guest and we've sent a username/pass, we can try to authenticate using those details
if ($pun_user['is_guest'] && isset($_SERVER['PHP_AUTH_USER']))
authenticate_user($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ($pun_user['g_read_board'] == '0')
{
http_authenticate_user();
exit($lang_common['No view']);
}
$action = isset($_GET['action']) ? strtolower($_GET['action']) : 'feed';
// Handle a couple old formats, from FluxBB 1.2
switch ($action)
{
case 'active':
$action = 'feed';
$_GET['order'] = 'last_post';
break;
case 'new':
$action = 'feed';
$_GET['order'] = 'posted';
break;
}
//
// Sends the proper headers for Basic HTTP Authentication
//
function http_authenticate_user()
{
global $pun_config, $pun_user;
if (!$pun_user['is_guest'])
return;
header('WWW-Authenticate: Basic realm="'.$pun_config['o_board_title'].' External Syndication"');
header('HTTP/1.0 401 Unauthorized');
}
//
// Output $feed as RSS 2.0
//
function output_rss($feed)
{
global $lang_common, $pun_config;
// Send XML/no cache headers
header('Content-Type: application/xml; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo ''."\n";
echo ''."\n";
echo "\t".''."\n";
echo "\t\t".''."\n";
echo "\t\t".''."\n";
echo "\t\t".''.pun_htmlspecialchars($feed['link']).''."\n";
echo "\t\t".''."\n";
echo "\t\t".''.gmdate('r', count($feed['items']) ? $feed['items'][0]['pubdate'] : time()).''."\n";
if ($pun_config['o_show_version'] == '1')
echo "\t\t".'FluxBB '.$pun_config['o_cur_version'].''."\n";
else
echo "\t\t".'FluxBB'."\n";
foreach ($feed['items'] as $item)
{
echo "\t\t".''."\n";
echo "\t\t\t".''."\n";
echo "\t\t\t".''.pun_htmlspecialchars($item['link']).''."\n";
echo "\t\t\t".''."\n";
echo "\t\t\t".''."\n";
echo "\t\t\t".''.gmdate('r', $item['pubdate']).''."\n";
echo "\t\t\t".''.pun_htmlspecialchars($item['link']).''."\n";
echo "\t\t".''."\n";
}
echo "\t".''."\n";
echo ''."\n";
}
//
// Output $feed as Atom 1.0
//
function output_atom($feed)
{
global $lang_common, $pun_config;
// Send XML/no cache headers
header('Content-Type: application/atom+xml; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo ''."\n";
echo ''."\n";
echo "\t".''."\n";
echo "\t".''."\n";
echo "\t".''."\n";
echo "\t".''.gmdate('Y-m-d\TH:i:s\Z', count($feed['items']) ? $feed['items'][0]['pubdate'] : time()).''."\n";
if ($pun_config['o_show_version'] == '1')
echo "\t".'FluxBB'."\n";
else
echo "\t".'FluxBB'."\n";
echo "\t".''.pun_htmlspecialchars($feed['link']).''."\n";
$content_tag = ($feed['type'] == 'posts') ? 'content' : 'summary';
foreach ($feed['items'] as $item)
{
echo "\t".''."\n";
echo "\t\t".''."\n";
echo "\t\t".''."\n";
echo "\t\t".'<'.$content_tag.' type="html">'.$content_tag.'>'."\n";
echo "\t\t".''."\n";
echo "\t\t\t".''."\n";
if (isset($item['author']['email']))
echo "\t\t\t".''."\n";
if (isset($item['author']['uri']))
echo "\t\t\t".''.pun_htmlspecialchars($item['author']['uri']).''."\n";
echo "\t\t".''."\n";
echo "\t\t".''.gmdate('Y-m-d\TH:i:s\Z', $item['pubdate']).''."\n";
echo "\t\t".''.pun_htmlspecialchars($item['link']).''."\n";
echo "\t".''."\n";
}
echo ''."\n";
}
//
// Output $feed as XML
//
function output_xml($feed)
{
global $lang_common, $pun_config;
// Send XML/no cache headers
header('Content-Type: application/xml; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo ''."\n";
echo ''."\n";
}
//
// Output $feed as HTML (using
tags)
//
function output_html($feed)
{
// Send the Content-type header in case the web server is setup to send something else
header('Content-type: text/html; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
foreach ($feed['items'] as $item)
{
if (utf8_strlen($item['title']) > FORUM_EXTERN_MAX_SUBJECT_LENGTH)
$subject_truncated = pun_htmlspecialchars(pun_trim(utf8_substr($item['title'], 0, (FORUM_EXTERN_MAX_SUBJECT_LENGTH - 5)))).' …';
else
$subject_truncated = pun_htmlspecialchars($item['title']);
echo '
'."\n";
}
}
// Show recent discussions
if ($action == 'feed')
{
require PUN_ROOT.'include/parser.php';
// Determine what type of feed to output
$type = isset($_GET['type']) ? strtolower($_GET['type']) : 'html';
if (!in_array($type, array('html', 'rss', 'atom', 'xml')))
$type = 'html';
$show = isset($_GET['show']) ? intval($_GET['show']) : 15;
if ($show < 1 || $show > 50)
$show = 15;
// Was a topic ID supplied?
if (isset($_GET['tid']))
{
$tid = intval($_GET['tid']);
// Fetch topic subject
$result = $db->query('SELECT t.subject, t.first_post_id FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.moved_to IS NULL AND t.id='.$tid) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
{
http_authenticate_user();
exit($lang_common['Bad request']);
}
$cur_topic = $db->fetch_assoc($result);
if ($pun_config['o_censoring'] == '1')
$cur_topic['subject'] = censor_words($cur_topic['subject']);
// Setup the feed
$feed = array(
'title' => $pun_config['o_board_title'].$lang_common['Title separator'].$cur_topic['subject'],
'link' => get_base_url(true).'/viewtopic.php?id='.$tid,
'description' => sprintf($lang_common['RSS description topic'], $cur_topic['subject']),
'items' => array(),
'type' => 'posts'
);
// Fetch $show posts
$result = $db->query('SELECT p.id, p.poster, p.message, p.hide_smilies, p.posted, p.poster_id, u.email_setting, u.email, p.poster_email FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'users AS u ON u.id=p.poster_id WHERE p.topic_id='.$tid.' ORDER BY p.posted DESC LIMIT '.$show) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
while ($cur_post = $db->fetch_assoc($result))
{
$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
$item = array(
'id' => $cur_post['id'],
'title' => $cur_topic['first_post_id'] == $cur_post['id'] ? $cur_topic['subject'] : $lang_common['RSS reply'].$cur_topic['subject'],
'link' => get_base_url(true).'/viewtopic.php?pid='.$cur_post['id'].'#p'.$cur_post['id'],
'description' => $cur_post['message'],
'author' => array(
'name' => $cur_post['poster'],
),
'pubdate' => $cur_post['posted']
);
if ($cur_post['poster_id'] > 1)
{
if ($cur_post['email_setting'] == '0' && !$pun_user['is_guest'])
$item['author']['email'] = $cur_post['email'];
$item['author']['uri'] = get_base_url(true).'/profile.php?id='.$cur_post['poster_id'];
}
else if ($cur_post['poster_email'] != '' && !$pun_user['is_guest'])
$item['author']['email'] = $cur_post['poster_email'];
$feed['items'][] = $item;
}
$output_func = 'output_'.$type;
$output_func($feed);
}
else
{
$order_posted = isset($_GET['order']) && strtolower($_GET['order']) == 'posted';
$forum_name = '';
$forum_sql = '';
// Were any forum IDs supplied?
if (isset($_GET['fid']) && is_scalar($_GET['fid']) && $_GET['fid'] != '')
{
$fids = explode(',', pun_trim($_GET['fid']));
$fids = array_map('intval', $fids);
if (!empty($fids))
$forum_sql .= ' AND t.forum_id IN('.implode(',', $fids).')';
if (count($fids) == 1)
{
// Fetch forum name
$result = $db->query('SELECT f.forum_name FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fids[0]) or error('Unable to fetch forum name', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
$forum_name = $lang_common['Title separator'].$db->result($result);
}
}
// Any forum IDs to exclude?
if (isset($_GET['nfid']) && is_scalar($_GET['nfid']) && $_GET['nfid'] != '')
{
$nfids = explode(',', pun_trim($_GET['nfid']));
$nfids = array_map('intval', $nfids);
if (!empty($nfids))
$forum_sql .= ' AND t.forum_id NOT IN('.implode(',', $nfids).')';
}
// Only attempt to cache if caching is enabled and we have all or a single forum
if ($pun_config['o_feed_ttl'] > 0 && ($forum_sql == '' || ($forum_name != '' && !isset($_GET['nfid']))))
$cache_id = 'feed'.sha1($pun_user['g_id'].'|'.$lang_common['lang_identifier'].'|'.($order_posted ? '1' : '0').($forum_name == '' ? '' : '|'.$fids[0]));
// Load cached feed
if (isset($cache_id) && file_exists(FORUM_CACHE_DIR.'cache_'.$cache_id.'.php'))
include FORUM_CACHE_DIR.'cache_'.$cache_id.'.php';
$now = time();
if (!isset($feed) || $cache_expire < $now)
{
// Setup the feed
$feed = array(
'title' => $pun_config['o_board_title'].$forum_name,
'link' => '/index.php',
'description' => sprintf($lang_common['RSS description'], $pun_config['o_board_title']),
'items' => array(),
'type' => 'topics'
);
// Fetch $show topics
$result = $db->query('SELECT t.id, t.poster, t.subject, t.posted, t.last_post, t.last_poster, p.message, p.hide_smilies, u.email_setting, u.email, p.poster_id, p.poster_email FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'posts AS p ON p.id='.($order_posted ? 't.first_post_id' : 't.last_post_id').' INNER JOIN '.$db->prefix.'users AS u ON u.id=p.poster_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.moved_to IS NULL'.$forum_sql.' ORDER BY '.($order_posted ? 't.posted' : 't.last_post').' DESC LIMIT '.(isset($cache_id) ? 50 : $show)) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
while ($cur_topic = $db->fetch_assoc($result))
{
if ($pun_config['o_censoring'] == '1')
$cur_topic['subject'] = censor_words($cur_topic['subject']);
$cur_topic['message'] = parse_message($cur_topic['message'], $cur_topic['hide_smilies']);
$item = array(
'id' => $cur_topic['id'],
'title' => $cur_topic['subject'],
'link' => '/viewtopic.php?id='.$cur_topic['id'].($order_posted ? '' : '&action=new'),
'description' => $cur_topic['message'],
'author' => array(
'name' => $order_posted ? $cur_topic['poster'] : $cur_topic['last_poster']
),
'pubdate' => $order_posted ? $cur_topic['posted'] : $cur_topic['last_post']
);
if ($cur_topic['poster_id'] > 1)
{
if ($cur_topic['email_setting'] == '0' && !$pun_user['is_guest'])
$item['author']['email'] = $cur_topic['email'];
$item['author']['uri'] = '/profile.php?id='.$cur_topic['poster_id'];
}
else if ($cur_topic['poster_email'] != '' && !$pun_user['is_guest'])
$item['author']['email'] = $cur_topic['poster_email'];
$feed['items'][] = $item;
}
// Output feed as PHP code
if (isset($cache_id))
{
$fh = @fopen(FORUM_CACHE_DIR.'cache_'.$cache_id.'.php', 'wb');
if (!$fh)
error('Unable to write feed cache file to cache directory. Please make sure PHP has write access to the directory \''.pun_htmlspecialchars(FORUM_CACHE_DIR).'\'', __FILE__, __LINE__);
fwrite($fh, '');
fclose($fh);
if (function_exists('apc_delete_file'))
@apc_delete_file(FORUM_CACHE_DIR.'cache_'.$cache_id.'.php');
}
}
// If we only want to show a few items but due to caching we have too many
if (count($feed['items']) > $show)
$feed['items'] = array_slice($feed['items'], 0, $show);
// Prepend the current base URL onto some links. Done after caching to handle http/https correctly
$feed['link'] = get_base_url(true).$feed['link'];
foreach ($feed['items'] as $key => $item)
{
$feed['items'][$key]['link'] = get_base_url(true).$item['link'];
if (isset($item['author']['uri']))
$feed['items'][$key]['author']['uri'] = get_base_url(true).$item['author']['uri'];
}
$output_func = 'output_'.$type;
$output_func($feed);
}
exit;
}
// Show users online
else if ($action == 'online' || $action == 'online_full')
{
// Load the index.php language file
require PUN_ROOT.'lang/'.$pun_config['o_default_lang'].'/index.php';
// Fetch users online info and generate strings for output
$num_guests = $num_users = 0;
$users = array();
$result = $db->query('SELECT user_id, ident FROM '.$db->prefix.'online WHERE idle=0 ORDER BY ident', true) or error('Unable to fetch online list', __FILE__, __LINE__, $db->error());
while ($pun_user_online = $db->fetch_assoc($result))
{
if ($pun_user_online['user_id'] > 1)
{
$users[] = ($pun_user['g_view_users'] == '1') ? ''.pun_htmlspecialchars($pun_user_online['ident']).'' : pun_htmlspecialchars($pun_user_online['ident']);
++$num_users;
}
else
++$num_guests;
}
// Send the Content-type header in case the web server is setup to send something else
header('Content-type: text/html; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo sprintf($lang_index['Guests online'], forum_number_format($num_guests)).' '."\n";
if ($action == 'online_full' && !empty($users))
echo sprintf($lang_index['Users online'], implode(', ', $users)).' '."\n";
else
echo sprintf($lang_index['Users online'], forum_number_format($num_users)).' '."\n";
exit;
}
// Show board statistics
else if ($action == 'stats')
{
// Load the index.php language file
require PUN_ROOT.'lang/'.$pun_config['o_default_lang'].'/index.php';
// Collect some statistics from the database
if (file_exists(FORUM_CACHE_DIR.'cache_users_info.php'))
include FORUM_CACHE_DIR.'cache_users_info.php';
if (!defined('PUN_USERS_INFO_LOADED'))
{
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
require PUN_ROOT.'include/cache.php';
generate_users_info_cache();
require FORUM_CACHE_DIR.'cache_users_info.php';
}
$result = $db->query('SELECT SUM(num_topics), SUM(num_posts) FROM '.$db->prefix.'forums') or error('Unable to fetch topic/post count', __FILE__, __LINE__, $db->error());
list($stats['total_topics'], $stats['total_posts']) = $db->fetch_row($result);
// Send the Content-type header in case the web server is setup to send something else
header('Content-type: text/html; charset=utf-8');
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo sprintf($lang_index['No of users'], forum_number_format($stats['total_users'])).' '."\n";
echo sprintf($lang_index['Newest user'], (($pun_user['g_view_users'] == '1') ? ''.pun_htmlspecialchars($stats['last_user']['username']).'' : pun_htmlspecialchars($stats['last_user']['username']))).' '."\n";
echo sprintf($lang_index['No of topics'], forum_number_format($stats['total_topics'])).' '."\n";
echo sprintf($lang_index['No of posts'], forum_number_format($stats['total_posts'])).' '."\n";
exit;
}
// If we end up here, the script was called with some wacky parameters
exit($lang_common['Bad request']);