Context Navigation

source: trunk/web/punbb/include/functions.php @ 1

Last change on this file since 1 was 1, checked in by dj3c1t, 13 years ago
import initial
File size: 35.9 KB

Rev	Line
[1]	1	<?php
	2	/***********************************************************************
	3
	4	Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org)
	5
	6	This file is part of PunBB.
	7
	8	PunBB is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU General Public License as published
	10	by the Free Software Foundation; either version 2 of the License,
	11	or (at your option) any later version.
	12
	13	PunBB is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	GNU General Public License for more details.
	17
	18	You should have received a copy of the GNU General Public License
	19	along with this program; if not, write to the Free Software
	20	Foundation, Inc., 59 Temple Place, Suite 330, Boston,
	21	MA 02111-1307 USA
	22
	23	************************************************************************/
	24
	25	//
	26	// Cookie stuff!
	27	//
	28	function check_cookie(&$pun_user)
	29	{
	30	global $db, $pun_config, $cookie_name, $cookie_seed;
	31
	32	$now = time();
	33	$expire = $now + 31536000; // The cookie expires after a year
	34
	35	// We assume it's a guest
	36	$cookie = array('user_id' => 1, 'password_hash' => 'InvitÃ©');
	37
	38	// If a cookie is set, we get the user_id and password hash from it
	39	if (isset($_COOKIE[$cookie_name]))
	40	list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]);
	41
	42	if ($cookie['user_id'] > 1)
	43	{
	44	// Check if there's a user with the user ID and password hash from the cookie
	45	$_query = 'SELECT u., g., o.logged, o.idle FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.user_id=u.id WHERE u.id='.intval($cookie['user_id']);
	46	$result = $db->query($_query) or error('Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error());
	47	$pun_user = $db->fetch_assoc($result);
	48
	49	// If user authorisation failed
	50	if (!isset($pun_user['id']) \|\| md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash'])
	51	{
	52	pun_setcookie(0, random_pass(8), $expire);
	53	set_default_user();
	54
	55	return;
	56	}
	57
	58	// Set a default language if the user selected language no longer exists
	59	if (!$pun_user['language'] \|\| !@file_exists(PUN_ROOT.'lang/'.$pun_user['language']))
	60	$pun_user['language'] = $pun_config['o_default_lang'];
	61
	62	// Set a default style if the user selected style no longer exists
	63	if (!@file_exists(PUN_ROOT.'style/'.$pun_user['style'].'.css'))
	64	$pun_user['style'] = $pun_config['o_default_style'];
	65
	66	if (!$pun_user['disp_topics'])
	67	$pun_user['disp_topics'] = $pun_config['o_disp_topics_default'];
	68	if (!$pun_user['disp_posts'])
	69	$pun_user['disp_posts'] = $pun_config['o_disp_posts_default'];
	70
	71	if ($pun_user['save_pass'] == '0')
	72	$expire = 0;
	73
	74	// Define this if you want this visit to affect the online list and the users last visit data
	75	if (!defined('PUN_QUIET_VISIT'))
	76	{
	77	// Update the online list
	78	if (!$pun_user['logged'])
	79	$db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Impossbile d\'insÃ©rer dans la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	80	else
	81	{
	82	// Special case: We've timed out, but no other user has browsed the forums since we timed out
	83	if ($pun_user['logged'] < ($now-$pun_config['o_timeout_visit']))
	84	{
	85	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Impossible de mettre Ã jour les donnÃ©es de visite de l\'utilisateur', __FILE__, __LINE__, $db->error());
	86	$pun_user['last_visit'] = $pun_user['logged'];
	87	}
	88
	89	$idle_sql = ($pun_user['idle'] == '1') ? ', idle=0' : '';
	90	$db->query('UPDATE '.$db->prefix.'online SET logged='.$now.$idle_sql.' WHERE user_id='.$pun_user['id']) or error('Impossible de mettre Ã jour la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	91	}
	92	}
	93
	94	$pun_user['is_guest'] = false;
	95	}
	96	else
	97	set_default_user();
	98	}
	99
	100
	101	//
	102	// Fill $pun_user with default values (for guests)
	103	//
	104	function set_default_user()
	105	{
	106	global $db, $pun_user, $pun_config;
	107
	108	$remote_addr = get_remote_address();
	109
	110	// Fetch guest user
	111	$result = $db->query('SELECT u., g., o.logged FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.ident=\''.$remote_addr.'\' WHERE u.id=1') or error('Impossible de retrouver les informations d\'invitÃ©', __FILE__, __LINE__, $db->error());
	112	if (!$db->num_rows($result))
	113	exit('Impossible de retrouver les informations invitÃ©. La table \''.$db->prefix.'users\' doit contenir une entrÃ©e avec un id = 1 qui reprÃ©sente les utilisateurs anonymes.');
	114
	115	$pun_user = $db->fetch_assoc($result);
	116
	117	// Update online list
	118	if (!$pun_user['logged'])
	119	$db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.time().')') or error('Impossbile d\'insÃ©rer dans la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	120	else
	121	$db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Impossible de mettre Ã jour la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	122
	123	$pun_user['disp_topics'] = $pun_config['o_disp_topics_default'];
	124	$pun_user['disp_posts'] = $pun_config['o_disp_posts_default'];
	125	$pun_user['timezone'] = $pun_config['o_server_timezone'];
	126	$pun_user['language'] = $pun_config['o_default_lang'];
	127	$pun_user['style'] = $pun_config['o_default_style'];
	128	$pun_user['is_guest'] = true;
	129
	130	}
	131
	132
	133	//
	134	// Set a cookie, PunBB style!
	135	//
	136	function pun_setcookie($user_id, $password_hash, $expire)
	137	{
	138	global $cookie_name, $cookie_path, $cookie_domain, $cookie_secure, $cookie_seed;
	139
	140	// Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)
	141	// @header('P3P: CP="CUR ADM"');
	142
	143	setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure);
	144	}
	145
	146
	147	//
	148	// Check whether the connecting user is banned (and delete any expired bans while we're at it)
	149	//
	150	function check_bans()
	151	{
	152	global $db, $pun_config, $lang_common, $pun_user, $pun_bans;
	153
	154	// Admins aren't affected
	155	if ($pun_user['g_id'] == PUN_ADMIN \|\| !$pun_bans)
	156	return;
	157
	158	// Add a dot at the end of the IP address to prevent banned address 192.168.0.5 from matching e.g. 192.168.0.50
	159	$user_ip = get_remote_address().'.';
	160	$bans_altered = false;
	161
	162	foreach ($pun_bans as $cur_ban)
	163	{
	164	// Has this ban expired?
	165	if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time())
	166	{
	167	$db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$cur_ban['id']) or error('Impossible de supprimÃ© le bannissement expirÃ©', __FILE__, __LINE__, $db->error());
	168	$bans_altered = true;
	169	continue;
	170	}
	171
	172	if ($cur_ban['username'] != '' && !strcasecmp($pun_user['username'], $cur_ban['username']))
	173	{
	174	$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Impossible de supprimer de la liste des utilisateur en ligne', __FILE__, __LINE__, $db->error());
	175	message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
	176	}
	177
	178	if ($cur_ban['ip'] != '')
	179	{
	180	$cur_ban_ips = explode(' ', $cur_ban['ip']);
	181
	182	for ($i = 0; $i < count($cur_ban_ips); ++$i)
	183	{
	184	$cur_ban_ips[$i] = $cur_ban_ips[$i].'.';
	185
	186	if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i])
	187	{
	188	$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Impossible de supprimer de la liste des utilisateur en ligne', __FILE__, __LINE__, $db->error());
	189	message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
	190	}
	191	}
	192	}
	193	}
	194
	195	// If we removed any expired bans during our run-through, we need to regenerate the bans cache
	196	if ($bans_altered)
	197	{
	198	require_once PUN_ROOT.'include/cache.php';
	199	generate_bans_cache();
	200	}
	201	}
	202
	203
	204	//
	205	// Update "Users online"
	206	//
	207	function update_users_online()
	208	{
	209	global $db, $pun_config, $pun_user;
	210
	211	$now = time();
	212
	213	// Fetch all online list entries that are older than "o_timeout_online"
	214	$result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Impossible de retrouver les anciennes entrÃ©es de la liste des utilisateurs', __FILE__, __LINE__, $db->error());
	215	while ($cur_user = $db->fetch_assoc($result))
	216	{
	217	// If the entry is a guest, delete it
	218	if ($cur_user['user_id'] == '1')
	219	$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($cur_user['ident']).'\'') or error('Impossible de supprimer de la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	220	else
	221	{
	222	// If the entry is older than "o_timeout_visit", update last_visit for the user in question, then delete him/her from the online list
	223	if ($cur_user['logged'] < ($now-$pun_config['o_timeout_visit']))
	224	{
	225	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$cur_user['logged'].' WHERE id='.$cur_user['user_id']) or error('Impossible de mettre Ã jour les donnÃ©es de visite de l\'utilisateur', __FILE__, __LINE__, $db->error());
	226	$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$cur_user['user_id']) or error('Impossible de supprimer de la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	227	}
	228	else if ($cur_user['idle'] == '0')
	229	$db->query('UPDATE '.$db->prefix.'online SET idle=1 WHERE user_id='.$cur_user['user_id']) or error('Impossible d\'insÃ©rer Ã la liste des utilisateurs en ligne', __FILE__, __LINE__, $db->error());
	230	}
	231	}
	232	}
	233
	234
	235	//
	236	// Generate the "navigator" that appears at the top of every page
	237	//
	238	function generate_navlinks()
	239	{
	240	global $pun_config, $lang_common, $pun_user;
	241
	242	// Index and Userlist should always be displayed
	243	$links[] = '<li id="navindex"><a href="index.php">'.$lang_common['Index'].'</a>';
	244	$links[] = '<li id="navuserlist"><a href="userlist.php">'.$lang_common['User list'].'</a>';
	245
	246	if ($pun_config['o_rules'] == '1')
	247	$links[] = '<li id="navrules"><a href="misc.php?action=rules">'.$lang_common['Rules'].'</a>';
	248
	249	if ($pun_user['is_guest'])
	250	{
	251	if ($pun_user['g_search'] == '1')
	252	$links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';
	253
	254	$links[] = '<li id="navregister"><a href="register.php">'.$lang_common['Register'].'</a>';
	255	$links[] = '<li id="navlogin"><a href="login.php">'.$lang_common['Login'].'</a>';
	256
	257	$info = $lang_common['Not logged in'];
	258	}
	259	else
	260	{
	261	if ($pun_user['g_id'] > PUN_MOD)
	262	{
	263	if ($pun_user['g_search'] == '1')
	264	$links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';
	265
	266	$links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
	267	$links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';
	268	}
	269	else
	270	{
	271	$links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';
	272	$links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
	273	$links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>';
	274	$links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';
	275	}
	276	}
	277
	278	// Are there any additional navlinks we should insert into the array before imploding it?
	279	if ($pun_config['o_additional_navlinks'] != '')
	280	{
	281	if (preg_match_all('#([0-9]+)\s=\s(.*?)\n#s', $pun_config['o_additional_navlinks']."\n", $extra_links))
	282	{
	283	// Insert any additional links into the $links array (at the correct index)
	284	for ($i = 0; $i < count($extra_links[1]); ++$i)
	285	array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra'.($i + 1).'">'.$extra_links[2][$i]));
	286	}
	287	}
	288
	289	return '<ul>'."\n\t\t\t\t".implode($lang_common['Link separator'].'</li>'."\n\t\t\t\t", $links).'</li>'."\n\t\t\t".'</ul>';
	290	}
	291
	292
	293	//
	294	// Display the profile navigation menu
	295	//
	296	function generate_profile_menu($page = '')
	297	{
	298	global $lang_profile, $pun_config, $pun_user, $id;
	299
	300	?>
	301	<div id="profile" class="block2col">
	302	<div class="blockmenu">
	303	<h2><span><?php echo $lang_profile['Profile menu'] ?></span></h2>
	304	<div class="box">
	305	<div class="inbox">
	306	<ul>
	307	<li<?php if ($page == 'essentials') echo ' class="isactive"'; ?>><a href="profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li>
	308	<li<?php if ($page == 'personal') echo ' class="isactive"'; ?>><a href="profile.php?section=personal&id=<?php echo $id ?>"><?php echo $lang_profile['Section personal'] ?></a></li>
	309	<li<?php if ($page == 'messaging') echo ' class="isactive"'; ?>><a href="profile.php?section=messaging&id=<?php echo $id ?>"><?php echo $lang_profile['Section messaging'] ?></a></li>
	310	<li<?php if ($page == 'personality') echo ' class="isactive"'; ?>><a href="profile.php?section=personality&id=<?php echo $id ?>"><?php echo $lang_profile['Section personality'] ?></a></li>
	311	<li<?php if ($page == 'display') echo ' class="isactive"'; ?>><a href="profile.php?section=display&id=<?php echo $id ?>"><?php echo $lang_profile['Section display'] ?></a></li>
	312	<li<?php if ($page == 'privacy') echo ' class="isactive"'; ?>><a href="profile.php?section=privacy&id=<?php echo $id ?>"><?php echo $lang_profile['Section privacy'] ?></a></li>
	313	<?php if ($pun_user['g_id'] == PUN_ADMIN \|\| ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '1')): ?> <li<?php if ($page == 'admin') echo ' class="isactive"'; ?>><a href="profile.php?section=admin&id=<?php echo $id ?>"><?php echo $lang_profile['Section admin'] ?></a></li>
	314	<?php endif; ?> </ul>
	315	</div>
	316	</div>
	317	</div>
	318	<?php
	319
	320	}
	321
	322
	323	//
	324	// Update posts, topics, last_post, last_post_id and last_poster for a forum (redirect topics are not included)
	325	//
	326	function update_forum($forum_id)
	327	{
	328	global $db;
	329
	330	$result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE moved_to IS NULL AND forum_id='.$forum_id) or error('Impossible de retrouver le total de discussions du forum', __FILE__, __LINE__, $db->error());
	331	list($num_topics, $num_posts) = $db->fetch_row($result);
	332
	333	$num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts)
	334
	335	$result = $db->query('SELECT last_post, last_post_id, last_poster FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id.' AND moved_to IS NULL ORDER BY last_post DESC LIMIT 1') or error('Impossible de retrouver last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
	336	if ($db->num_rows($result)) // There are topics in the forum
	337	{
	338	list($last_post, $last_post_id, $last_poster) = $db->fetch_row($result);
	339
	340	$db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Impossible de mettre Ã jour last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
	341	}
	342	else // There are no topics
	343	$db->query('UPDATE '.$db->prefix.'forums SET num_topics=0, num_posts=0, last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Impossible de mettre Ã jour last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
	344	}
	345
	346
	347	//
	348	// Delete a topic and all of it's posts
	349	//
	350	function delete_topic($topic_id)
	351	{
	352	global $db;
	353
	354	// Delete the topic and any redirect topics
	355	$db->query('DELETE FROM '.$db->prefix.'topics WHERE id='.$topic_id.' OR moved_to='.$topic_id) or error('Impossible de supprimer le sujet', __FILE__, __LINE__, $db->error());
	356
	357	// Create a list of the post ID's in this topic
	358	$post_ids = '';
	359	$result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Impossible de retrouver les messages', __FILE__, __LINE__, $db->error());
	360	while ($row = $db->fetch_row($result))
	361	$post_ids .= ($post_ids != '') ? ','.$row[0] : $row[0];
	362
	363	// Make sure we have a list of post ID's
	364	if ($post_ids != '')
	365	{
	366	strip_search_index($post_ids);
	367
	368	// Delete posts in topic
	369	$db->query('DELETE FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Impossible de supprimer les messages', __FILE__, __LINE__, $db->error());
	370	}
	371
	372	// Delete any subscriptions for this topic
	373	$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE topic_id='.$topic_id) or error('Impossible de supprimer l\'abonnement', __FILE__, __LINE__, $db->error());
	374	}
	375
	376
	377	//
	378	// Delete a single post
	379	//
	380	function delete_post($post_id, $topic_id)
	381	{
	382	global $db;
	383
	384	$result = $db->query('SELECT id, poster, posted FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id.' ORDER BY id DESC LIMIT 2') or error('Impossible de retrouver les informations du message', __FILE__, __LINE__, $db->error());
	385	list($last_id, ,) = $db->fetch_row($result);
	386	list($second_last_id, $second_poster, $second_posted) = $db->fetch_row($result);
	387
	388	// Delete the post
	389	$db->query('DELETE FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Impossible de supprimer le message', __FILE__, __LINE__, $db->error());
	390
	391	strip_search_index($post_id);
	392
	393	// Count number of replies in the topic
	394	$result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Impossible de retrouver le total de messages pour la discussion', __FILE__, __LINE__, $db->error());
	395	$num_replies = $db->result($result, 0) - 1;
	396
	397	// If the message we deleted is the most recent in the topic (at the end of the topic)
	398	if ($last_id == $post_id)
	399	{
	400	// If there is a $second_last_id there is more than 1 reply to the topic
	401	if (!empty($second_last_id))
	402	$db->query('UPDATE '.$db->prefix.'topics SET last_post='.$second_posted.', last_post_id='.$second_last_id.', last_poster=\''.$db->escape($second_poster).'\', num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Impossible de mettre Ã jour la discussion', __FILE__, __LINE__, $db->error());
	403	else
	404	// We deleted the only reply, so now last_post/last_post_id/last_poster is posted/id/poster from the topic itself
	405	$db->query('UPDATE '.$db->prefix.'topics SET last_post=posted, last_post_id=id, last_poster=poster, num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Impossible de mettre Ã jour la discussion', __FILE__, __LINE__, $db->error());
	406	}
	407	else
	408	// Otherwise we just decrement the reply counter
	409	$db->query('UPDATE '.$db->prefix.'topics SET num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Impossible de mettre Ã jour la discussion', __FILE__, __LINE__, $db->error());
	410	}
	411
	412
	413	//
	414	// Replace censored words in $text
	415	//
	416	function censor_words($text)
	417	{
	418	global $db;
	419	static $search_for, $replace_with;
	420
	421	// If not already built in a previous call, build an array of censor words and their replacement text
	422	if (!isset($search_for))
	423	{
	424	$result = $db->query('SELECT search_for, replace_with FROM '.$db->prefix.'censoring') or error('Impossible de retrouver la liste des mots Ã censurer', __FILE__, __LINE__, $db->error());
	425	$num_words = $db->num_rows($result);
	426
	427	$search_for = array();
	428	for ($i = 0; $i < $num_words; ++$i)
	429	{
	430	list($search_for[$i], $replace_with[$i]) = $db->fetch_row($result);
	431	$search_for[$i] = '/\b('.str_replace('\', '\w?', preg_quote($search_for[$i], '/')).')\b/i';
	432	}
	433	}
	434
	435	if (!empty($search_for))
	436	$text = substr(preg_replace($search_for, $replace_with, ' '.$text.' '), 1, -1);
	437
	438	return $text;
	439	}
	440
	441
	442	//
	443	// Determines the correct title for $user
	444	// $user must contain the elements 'username', 'title', 'posts', 'g_id' and 'g_user_title'
	445	//
	446	function get_title($user)
	447	{
	448	global $db, $pun_config, $pun_bans, $lang_common;
	449	static $ban_list, $pun_ranks;
	450
	451	// If not already built in a previous call, build an array of lowercase banned usernames
	452	if (empty($ban_list))
	453	{
	454	$ban_list = array();
	455
	456	foreach ($pun_bans as $cur_ban)
	457	$ban_list[] = strtolower($cur_ban['username']);
	458	}
	459
	460	// If not already loaded in a previous call, load the cached ranks
	461	if ($pun_config['o_ranks'] == '1' && empty($pun_ranks))
	462	{
	463	@include PUN_ROOT.'cache/cache_ranks.php';
	464	if (!defined('PUN_RANKS_LOADED'))
	465	{
	466	require_once PUN_ROOT.'include/cache.php';
	467	generate_ranks_cache();
	468	require PUN_ROOT.'cache/cache_ranks.php';
	469	}
	470	}
	471
	472	// If the user has a custom title
	473	if ($user['title'] != '')
	474	$user_title = pun_htmlspecialchars($user['title']);
	475	// If the user is banned
	476	else if (in_array(strtolower($user['username']), $ban_list))
	477	$user_title = $lang_common['Banned'];
	478	// If the user group has a default user title
	479	else if ($user['g_user_title'] != '')
	480	$user_title = pun_htmlspecialchars($user['g_user_title']);
	481	// If the user is a guest
	482	else if ($user['g_id'] == PUN_GUEST)
	483	$user_title = $lang_common['Guest'];
	484	else
	485	{
	486	// Are there any ranks?
	487	if ($pun_config['o_ranks'] == '1' && !empty($pun_ranks))
	488	{
	489	@reset($pun_ranks);
	490	while (list(, $cur_rank) = @each($pun_ranks))
	491	{
	492	if (intval($user['num_posts']) >= $cur_rank['min_posts'])
	493	$user_title = pun_htmlspecialchars($cur_rank['rank']);
	494	}
	495	}
	496
	497	// If the user didn't "reach" any rank (or if ranks are disabled), we assign the default
	498	if (!isset($user_title))
	499	$user_title = $lang_common['Member'];
	500	}
	501
	502	return $user_title;
	503	}
	504
	505
	506	//
	507	// Generate a string with numbered links (for multipage scripts)
	508	//
	509	function paginate($num_pages, $cur_page, $link_to)
	510	{
	511	$pages = array();
	512	$link_to_all = false;
	513
	514	// If $cur_page == -1, we link to all pages (used in viewforum.php)
	515	if ($cur_page == -1)
	516	{
	517	$cur_page = 1;
	518	$link_to_all = true;
	519	}
	520
	521	if ($num_pages <= 1)
	522	$pages = array('<strong>1</strong>');
	523	else
	524	{
	525	if ($cur_page > 3)
	526	{
	527	$pages[] = '<a href="'.$link_to.'&p=1">1</a>';
	528
	529	if ($cur_page != 4)
	530	$pages[] = '…';
	531	}
	532
	533	// Don't ask me how the following works. It just does, OK? :-)
	534	for ($current = $cur_page - 2, $stop = $cur_page + 3; $current < $stop; ++$current)
	535	{
	536	if ($current < 1 \|\| $current > $num_pages)
	537	continue;
	538	else if ($current != $cur_page \|\| $link_to_all)
	539	$pages[] = '<a href="'.$link_to.'&p='.$current.'">'.$current.'</a>';
	540	else
	541	$pages[] = '<strong>'.$current.'</strong>';
	542	}
	543
	544	if ($cur_page <= ($num_pages-3))
	545	{
	546	if ($cur_page != ($num_pages-3))
	547	$pages[] = '…';
	548
	549	$pages[] = '<a href="'.$link_to.'&p='.$num_pages.'">'.$num_pages.'</a>';
	550	}
	551	}
	552
	553	return implode(' ', $pages);
	554	}
	555
	556
	557	//
	558	// Display a message
	559	//
	560	function message($message, $no_back_link = false)
	561	{
	562
	563	global $db, $lang_common, $pun_config, $pun_start, $tpl_main, $env;
	564
	565	if (!defined('PUN_HEADER'))
	566	{
	567	global $pun_user;
	568
	569	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Info'];
	570	require PUN_ROOT.'header.php';
	571	}
	572
	573	?>
	574
	575	<div id="msg" class="block">
	576	<h2><span><?php echo $lang_common['Info'] ?></span></h2>
	577	<div class="box">
	578	<div class="inbox">
	579	<p><?php echo $message ?></p>
	580	<?php if (!$no_back_link): ?> <p><a href="javascript: history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
	581	<?php endif; ?> </div>
	582	</div>
	583	</div>
	584	<?php
	585
	586	require PUN_ROOT.'footer.php';
	587	}
	588
	589
	590	//
	591	// Format a time string according to $time_format and timezones
	592	//
	593	function format_time($timestamp, $date_only = false)
	594	{
	595	global $pun_config, $lang_common, $pun_user;
	596
	597	if ($timestamp == '')
	598	return $lang_common['Never'];
	599
	600	$diff = ($pun_user['timezone'] - $pun_config['o_server_timezone']) * 3600;
	601	$timestamp += $diff;
	602	$now = time();
	603
	604	$date = date($pun_config['o_date_format'], $timestamp);
	605	$today = date($pun_config['o_date_format'], $now+$diff);
	606	$yesterday = date($pun_config['o_date_format'], $now+$diff-86400);
	607
	608	if ($date == $today)
	609	$date = $lang_common['Today'];
	610	else if ($date == $yesterday)
	611	$date = $lang_common['Yesterday'];
	612
	613	if (!$date_only)
	614	return $date.' '.date($pun_config['o_time_format'], $timestamp);
	615	else
	616	return $date;
	617	}
	618
	619
	620	//
	621	// If we are running pre PHP 4.3.0, we add our own implementation of file_get_contents
	622	//
	623	if (!function_exists('file_get_contents'))
	624	{
	625	function file_get_contents($filename, $use_include_path = 0)
	626	{
	627	$data = '';
	628
	629	if ($fh = fopen($filename, 'rb', $use_include_path))
	630	{
	631	$data = fread($fh, filesize($filename));
	632	fclose($fh);
	633	}
	634
	635	return $data;
	636	}
	637	}
	638
	639
	640	//
	641	// Make sure that HTTP_REFERER matches $pun_config['o_base_url']/$script
	642	//
	643	function confirm_referrer($script)
	644	{
	645	global $pun_config, $lang_common;
	646
	647	if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
	648	message($lang_common['Bad referrer']);
	649	}
	650
	651
	652	//
	653	// Generate a random password of length $len
	654	//
	655	function random_pass($len)
	656	{
	657	$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
	658
	659	$password = '';
	660	for ($i = 0; $i < $len; ++$i)
	661	$password .= substr($chars, (mt_rand() % strlen($chars)), 1);
	662
	663	return $password;
	664	}
	665
	666
	667	//
	668	// Compute a hash of $str
	669	// Uses sha1() if available. If not, SHA1 through mhash() if available. If not, fall back on md5().
	670	//
	671	function pun_hash($str)
	672	{
	673	if (function_exists('sha1')) // Only in PHP 4.3.0+
	674	return sha1($str);
	675	else if (function_exists('mhash')) // Only if Mhash library is loaded
	676	return bin2hex(mhash(MHASH_SHA1, $str));
	677	else
	678	return md5($str);
	679	}
	680
	681
	682	//
	683	// Try to determine the correct remote IP-address
	684	//
	685	function get_remote_address()
	686	{
	687	return $_SERVER['REMOTE_ADDR'];
	688	}
	689
	690
	691	//
	692	// Equivalent to htmlspecialchars(), but allows &#[0-9]+ (for unicode)
	693	//
	694	function pun_htmlspecialchars($str)
	695	{
	696	$str = preg_replace('/&(?!#[0-9]+;)/s', '&', $str);
	697	$str = str_replace(array('<', '>', '"'), array('<', '>', '"'), $str);
	698
	699	return $str;
	700	}
	701
	702
	703	//
	704	// Equivalent to strlen(), but counts &#[0-9]+ as one character (for unicode)
	705	//
	706	function pun_strlen($str)
	707	{
	708	return strlen(preg_replace('/&#([0-9]+);/', '!', $str));
	709	}
	710
	711
	712	//
	713	// Convert \r\n and \r to \n
	714	//
	715	function pun_linebreaks($str)
	716	{
	717	return str_replace("\r", "\n", str_replace("\r\n", "\n", $str));
	718	}
	719
	720
	721	//
	722	// A more aggressive version of trim()
	723	//
	724	function pun_trim($str)
	725	{
	726	global $lang_common;
	727
	728	if (strpos($lang_common['lang_encoding'], '8859') !== false)
	729	{
	730	$fishy_chars = array(chr(0x81), chr(0x8D), chr(0x8F), chr(0x90), chr(0x9D), chr(0xA0));
	731	return trim(str_replace($fishy_chars, ' ', $str));
	732	}
	733	else
	734	return trim($str);
	735	}
	736
	737
	738	//
	739	// Display a message when board is in maintenance mode
	740	//
	741	function maintenance_message()
	742	{
	743	global $db, $pun_config, $lang_common, $pun_user;
	744
	745	// Deal with newlines, tabs and multiple spaces
	746	$pattern = array("\t", ' ', ' ');
	747	$replace = array('    ', '  ', '  ');
	748	$message = str_replace($pattern, $replace, $pun_config['o_maintenance_message']);
	749
	750
	751	// Load the maintenance template
	752	$tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));
	753
	754
	755	// START SUBST - <pun_content_direction>
	756	$tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);
	757	// END SUBST - <pun_content_direction>
	758
	759
	760	// START SUBST - <pun_char_encoding>
	761	$tpl_maint = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_maint);
	762	// END SUBST - <pun_char_encoding>
	763
	764
	765	// START SUBST - <pun_head>
	766	ob_start();
	767
	768	?>
	769	<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Maintenance'] ?></title>
	770	<link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" />
	771	<?php
	772
	773	$tpl_temp = trim(ob_get_contents());
	774	$tpl_maint = str_replace('<pun_head>', $tpl_temp, $tpl_maint);
	775	ob_end_clean();
	776	// END SUBST - <pun_head>
	777
	778
	779	// START SUBST - <pun_maint_heading>
	780	$tpl_maint = str_replace('<pun_maint_heading>', $lang_common['Maintenance'], $tpl_maint);
	781	// END SUBST - <pun_maint_heading>
	782
	783
	784	// START SUBST - <pun_maint_message>
	785	$tpl_maint = str_replace('<pun_maint_message>', $message, $tpl_maint);
	786	// END SUBST - <pun_maint_message>
	787
	788
	789	// End the transaction
	790	$db->end_transaction();
	791
	792
	793	// START SUBST - <pun_include "*">
	794	while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_maint, $cur_include))
	795	{
	796	if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
	797	error('Impossible de procÃ©der Ã l\'inclusion utilisateur <pun_include "'.htmlspecialchars($cur_include[1]).'"> depuis le template main.tpl. Il n\'y a pas de fichier dans le rÃ©pertoire /include/user/');
	798
	799	ob_start();
	800	include PUN_ROOT.'include/user/'.$cur_include[1];
	801	$tpl_temp = ob_get_contents();
	802	$tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
	803	ob_end_clean();
	804	}
	805	// END SUBST - <pun_include "*">
	806
	807
	808	// Close the db connection (and free up any result data)
	809	$db->close();
	810
	811	exit($tpl_maint);
	812	}
	813
	814
	815	//
	816	// Display $message and redirect user to $destination_url
	817	//
	818	function redirect($destination_url, $message)
	819	{
	820	global $db, $pun_config, $lang_common, $pun_user;
	821
	822	if ($destination_url == '')
	823	$destination_url = 'index.php';
	824
	825	// If the delay is 0 seconds, we might as well skip the redirect all together
	826	if ($pun_config['o_redirect_delay'] == '0')
	827	header('Location: '.str_replace('&', '&', $destination_url));
	828
	829
	830	// Load the redirect template
	831	$tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));
	832
	833
	834	// START SUBST - <pun_content_direction>
	835	$tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);
	836	// END SUBST - <pun_content_direction>
	837
	838
	839	// START SUBST - <pun_char_encoding>
	840	$tpl_redir = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_redir);
	841	// END SUBST - <pun_char_encoding>
	842
	843
	844	// START SUBST - <pun_head>
	845	ob_start();
	846
	847	?>
	848	<meta http-equiv="refresh" content="<?php echo $pun_config['o_redirect_delay'] ?>;URL=<?php echo str_replace(array('<', '>', '"'), array('<', '>', '"'), $destination_url) ?>" />
	849	<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Redirecting'] ?></title>
	850	<link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" />
	851	<?php
	852
	853	$tpl_temp = trim(ob_get_contents());
	854	$tpl_redir = str_replace('<pun_head>', $tpl_temp, $tpl_redir);
	855	ob_end_clean();
	856	// END SUBST - <pun_head>
	857
	858
	859	// START SUBST - <pun_redir_heading>
	860	$tpl_redir = str_replace('<pun_redir_heading>', $lang_common['Redirecting'], $tpl_redir);
	861	// END SUBST - <pun_redir_heading>
	862
	863
	864	// START SUBST - <pun_redir_text>
	865	$tpl_temp = $message.'<br /><br />'.'<a href="'.$destination_url.'">'.$lang_common['Click redirect'].'</a>';
	866	$tpl_redir = str_replace('<pun_redir_text>', $tpl_temp, $tpl_redir);
	867	// END SUBST - <pun_redir_text>
	868
	869
	870	// START SUBST - <pun_footer>
	871	ob_start();
	872
	873	// End the transaction
	874	$db->end_transaction();
	875
	876	// Display executed queries (if enabled)
	877	if (defined('PUN_SHOW_QUERIES'))
	878	display_saved_queries();
	879
	880	$tpl_temp = trim(ob_get_contents());
	881	$tpl_redir = str_replace('<pun_footer>', $tpl_temp, $tpl_redir);
	882	ob_end_clean();
	883	// END SUBST - <pun_footer>
	884
	885
	886	// START SUBST - <pun_include "*">
	887	while (preg_match('<pun_include "(.*?)">', $tpl_redir, $cur_include))
	888	{
	889	ob_start();
	890	include PUN_ROOT.$cur_include[1];
	891	$tpl_temp = ob_get_contents();
	892	$tpl_redir = str_replace('<'.$cur_include[0].'>', $tpl_temp, $tpl_redir);
	893	ob_end_clean();
	894	}
	895	// END SUBST - <pun_include "*">
	896
	897
	898	// Close the db connection (and free up any result data)
	899	$db->close();
	900
	901	exit($tpl_redir);
	902	}
	903
	904
	905	//
	906	// Display a simple error message
	907	//
	908	function error($message, $file, $line, $db_error = false)
	909	{
	910	global $pun_config;
	911
	912	// Set a default title if the script failed before $pun_config could be populated
	913	if (empty($pun_config))
	914	$pun_config['o_board_title'] = 'PunBB';
	915
	916	// Empty output buffer and stop buffering
	917	@ob_end_clean();
	918
	919	// "Restart" output buffering if we are using ob_gzhandler (since the gzip header is already sent)
	920	if (!empty($pun_config['o_gzip']) && extension_loaded('zlib') && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false \|\| strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'deflate') !== false))
	921	ob_start('ob_gzhandler');
	922
	923	?>
	924	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	925	<html dir="ltr">
	926	<head>
	927	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $lang_common["lang_encoding"] ?>" />
	928	<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>
	929	<style type="text/css">
	930	<!--
	931	BODY {MARGIN: 10% 20% auto 20%; font: 10px Verdana, Arial, Helvetica, sans-serif}
	932	#errorbox {BORDER: 1px solid #B84623}
	933	H2 {MARGIN: 0; COLOR: #FFFFFF; BACKGROUND-COLOR: #B84623; FONT-SIZE: 1.1em; PADDING: 5px 4px}
	934	#errorbox DIV {PADDING: 6px 5px; BACKGROUND-COLOR: #F1F1F1}
	935	-->
	936	</style>
	937	</head>
	938	<body>
	939
	940	<div id="errorbox">
	941	<h2>Une erreur s'est produite</h2>
	942	<div>
	943	<?php
	944
	945	if (defined('PUN_DEBUG'))
	946	{
	947	echo "\t\t".'<strong>Fichier :</strong> '.$file.'<br />'."\n\t\t".'<strong>Ligne :</strong> '.$line.'<br /><br />'."\n\t\t".'<strong>PunBB a rapportÃ© :</strong> '.$message."\n";
	948
	949	if ($db_error)
	950	{
	951	echo "\t\t".'<br /><br /><strong>La base de donnÃ©es a rapportÃ© :</strong> '.pun_htmlspecialchars($db_error['error_msg']).(($db_error['error_no']) ? ' (Errno: '.$db_error['error_no'].')' : '')."\n";
	952
	953	if ($db_error['error_sql'] != '')
	954	echo "\t\t".'<br /><br /><strong>RequÃªte Ã©chouÃ©e :</strong> '.pun_htmlspecialchars($db_error['error_sql'])."\n";
	955	}
	956	}
	957	else
	958	echo "\t\t".'Erreur : <strong>'.$message.'.</strong>'."\n";
	959
	960	?>
	961	</div>
	962	</div>
	963
	964	</body>
	965	</html>
	966	<?php
	967
	968	// If a database connection was established (before this error) we close it
	969	if ($db_error)
	970	$GLOBALS['db']->close();
	971
	972	exit;
	973	}
	974
	975	// DEBUG FUNCTIONS BELOW
	976
	977	//
	978	// Display executed queries (if enabled)
	979	//
	980	function display_saved_queries()
	981	{
	982	global $db, $lang_common;
	983
	984	// Get the queries so that we can print them out
	985	$saved_queries = $db->get_saved_queries();
	986
	987	?>
	988
	989	<div id="debug" class="blocktable">
	990	<h2><span><?php echo $lang_common['Debug table'] ?></span></h2>
	991	<div class="box">
	992	<div class="inbox">
	993	<table cellspacing="0">
	994	<thead>
	995	<tr>
	996	<th class="tcl" scope="col">Temps (s)</th>
	997	<th class="tcr" scope="col">RequÃªte</th>
	998	</tr>
	999	</thead>
	1000	<tbody>
	1001	<?php
	1002
	1003	$query_time_total = 0.0;
	1004	while (list(, $cur_query) = @each($saved_queries))
	1005	{
	1006	$query_time_total += $cur_query[1];
	1007
	1008	?>
	1009	<tr>
	1010	<td class="tcl"><?php echo ($cur_query[1] != 0) ? $cur_query[1] : ' ' ?></td>
	1011	<td class="tcr"><?php echo pun_htmlspecialchars($cur_query[0]) ?></td>
	1012	</tr>
	1013	<?php
	1014
	1015	}
	1016
	1017	?>
	1018	<tr>
	1019	<td class="tcl" colspan="2">Temps total requÃªte : <?php echo $query_time_total ?> s</td>
	1020	</tr>
	1021	</tbody>
	1022	</table>
	1023	</div>
	1024	</div>
	1025	</div>
	1026	<?php
	1027
	1028	}
	1029
	1030
	1031	//
	1032	// Unset any variables instantiated as a result of register_globals being enabled
	1033	//
	1034	function unregister_globals()
	1035	{
	1036	// Prevent script.php?GLOBALS[foo]=bar
	1037	if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))
	1038	exit('I\'ll have a steak sandwich and... a steak sandwich.');
	1039
	1040	// Variables that shouldn't be unset
	1041	$no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
	1042
	1043	// Remove elements in $GLOBALS that are present in any of the superglobals
	1044	$input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
	1045	foreach ($input as $k => $v)
	1046	{
	1047	if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))
	1048	unset($GLOBALS[$k]);
	1049	}
	1050	}
	1051
	1052
	1053	//
	1054	// Dump contents of variable(s)
	1055	//
	1056	function dump()
	1057	{
	1058	echo '<pre>';
	1059
	1060	$num_args = func_num_args();
	1061
	1062	for ($i = 0; $i < $num_args; ++$i)
	1063	{
	1064	print_r(func_get_arg($i));
	1065	echo "\n\n";
	1066	}
	1067
	1068	echo '</pre>';
	1069	exit;
	1070	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: