' => '

')); } // This is long, but it makes things much easier and cleaner. if (!empty($possible['parameters'])) { $preg = array(); foreach ($possible['parameters'] as $p => $info) $preg[] = '(\s+' . $p . '=' . (empty($info['quoted']) ? '' : '"') . (isset($info['match']) ? $info['match'] : '(.+?)') . (empty($info['quoted']) ? '' : '"') . ')' . (empty($info['optional']) ? '' : '?'); // Okay, this may look ugly and it is, but it's not going to happen much and it is the best way of allowing any order of parameters but still parsing them right. $match = false; $orders = permute($preg); foreach ($orders as $p) if (preg_match('~^' . implode('', $p) . '\]~i', substr($message, $pos1 - 1), $matches) != 0) { $match = true; break; } // Didn't match our parameter list, try the next possible. if (!$match) continue; $params = array(); for ($i = 1, $n = count($matches); $i < $n; $i += 2) { $key = strtok(ltrim($matches[$i]), '='); if (isset($possible['parameters'][$key]['value'])) $params['{' . $key . '}'] = strtr($possible['parameters'][$key]['value'], array('$1' => $matches[$i + 1])); elseif (isset($possible['parameters'][$key]['validate'])) $params['{' . $key . '}'] = $possible['parameters'][$key]['validate']($matches[$i + 1]); else $params['{' . $key . '}'] = $matches[$i + 1]; // Just to make sure: replace any $ or { so they can't interpolate wrongly. $params['{' . $key . '}'] = strtr($params['{' . $key . '}'], array('$' => '$', '{' => '{')); } foreach ($possible['parameters'] as $p => $info) { if (!isset($params['{' . $p . '}'])) $params['{' . $p . '}'] = ''; } $tag = $possible; // Put the parameters into the string. if (isset($tag['before'])) $tag['before'] = strtr($tag['before'], $params); if (isset($tag['after'])) $tag['after'] = strtr($tag['after'], $params); if (isset($tag['content'])) $tag['content'] = strtr($tag['content'], $params); $pos1 += strlen($matches[0]) - 1; } else $tag = $possible; break; } // Item codes are complicated buggers... they are implicit [li]s and can make [list]s! if ($smileys !== false && $tag === null && isset($itemcodes[substr($message, $pos + 1, 1)]) && substr($message, $pos + 2, 1) == ']' && !isset($disabled['list']) && !isset($disabled['li'])) { if (substr($message, $pos + 1, 1) == '0' && !in_array(substr($message, $pos - 1, 1), array(';', ' ', "\t", '>'))) continue; $tag = $itemcodes[substr($message, $pos + 1, 1)]; // First let's set up the tree: it needs to be in a list, or after an li. if ($inside === null || ($inside['tag'] != 'list' && $inside['tag'] != 'li')) { $open_tags[] = array( 'tag' => 'list', 'after' => '', 'block_level' => true, 'require_children' => array('li'), 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); $code = '

'; } // We're in a list item already: another itemcode? Close it first. elseif ($inside['tag'] == 'li') { array_pop($open_tags); $code = ''; } else $code = ''; // Now we open a new tag. $open_tags[] = array( 'tag' => 'li', 'after' => '', 'trim' => 'outside', 'block_level' => true, 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); // First, open the tag... $code .= ''; $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos + 3); $pos += strlen($code) - 1 + 2; // Next, find the next break (if any.) If there's more itemcode after it, keep it going - otherwise close! $pos2 = strpos($message, '
', $pos); $pos3 = strpos($message, '[/', $pos); if ($pos2 !== false && ($pos2 <= $pos3 || $pos3 === false)) { preg_match('~^(
| |\s|\[)+~', substr($message, $pos2 + 6), $matches); $message = substr($message, 0, $pos2) . "\n" . (!empty($matches[0]) && substr($matches[0], -1) == '[' ? '[/li]' : '[/li][/list]') . "\n" . substr($message, $pos2); $open_tags[count($open_tags) - 2]['after'] = '

'; } // Tell the [list] that it needs to close specially. else { // Move the li over, because we're not sure what we'll hit. $open_tags[count($open_tags) - 1]['after'] = ''; $open_tags[count($open_tags) - 2]['after'] = ''; } continue; } // Implicitly close lists and tables if something other than what's required is in them. This is needed for itemcode. if ($tag === null && $inside !== null && !empty($inside['require_children'])) { array_pop($open_tags); $message = substr($message, 0, $pos) . "\n" . $inside['after'] . "\n" . substr($message, $pos); $pos += strlen($inside['after']) - 1 + 2; } // No tag? Keep looking, then. Silly people using brackets without actual tags. if ($tag === null) continue; // Propagate the list to the child (so wrapping the disallowed tag won't work either.) if (isset($inside['disallow_children'])) $tag['disallow_children'] = isset($tag['disallow_children']) ? array_unique(array_merge($tag['disallow_children'], $inside['disallow_children'])) : $inside['disallow_children']; // Is this tag disabled? if (isset($disabled[$tag['tag']])) { if (!isset($tag['disabled_before']) && !isset($tag['disabled_after']) && !isset($tag['disabled_content'])) { $tag['before'] = !empty($tag['block_level']) ? '

' : ''; $tag['after'] = !empty($tag['block_level']) ? '

' : ''; $tag['content'] = isset($tag['type']) && $tag['type'] == 'closed' ? '' : (!empty($tag['block_level']) ? '

$1

' : '$1'); } elseif (isset($tag['disabled_before']) || isset($tag['disabled_after'])) { $tag['before'] = isset($tag['disabled_before']) ? $tag['disabled_before'] : (!empty($tag['block_level']) ? '

' : ''); $tag['after'] = isset($tag['disabled_after']) ? $tag['disabled_after'] : (!empty($tag['block_level']) ? '

' : ''); } else $tag['content'] = $tag['disabled_content']; } // The only special case is 'html', which doesn't need to close things. if (!empty($tag['block_level']) && $tag['tag'] != 'html' && empty($inside['block_level'])) { $n = count($open_tags) - 1; while (empty($open_tags[$n]['block_level']) && $n >= 0) $n--; // Close all the non block level tags so this tag isn't surrounded by them. for ($i = count($open_tags) - 1; $i > $n; $i--) { $message = substr($message, 0, $pos) . "\n" . $open_tags[$i]['after'] . "\n" . substr($message, $pos); $pos += strlen($open_tags[$i]['after']) + 2; $pos1 += strlen($open_tags[$i]['after']) + 2; // Trim or eat trailing stuff... see comment at the end of the big loop. if (!empty($open_tags[$i]['block_level']) && substr($message, $pos, 6) == '
') $message = substr($message, 0, $pos) . substr($message, $pos + 6); if (!empty($open_tags[$i]['trim']) && $tag['trim'] != 'inside' && preg_match('~(
| |\s)*~', substr($message, $pos), $matches) != 0) $message = substr($message, 0, $pos) . substr($message, $pos + strlen($matches[0])); array_pop($open_tags); } } // No type means 'parsed_content'. if (!isset($tag['type'])) { // !!! Check for end tag first, so people can say "I like that [i] tag"? $open_tags[] = $tag; $message = substr($message, 0, $pos) . "\n" . $tag['before'] . "\n" . substr($message, $pos1); $pos += strlen($tag['before']) - 1 + 2; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_content') { $pos2 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); if (!empty($tag['block_level']) && substr($data, 0, 6) == '
') $data = substr($data, 6); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; $last_pos = $pos + 1; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_equals_content') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2); if ($pos3 === false) continue; $data = array( substr($message, $pos2 + ($quoted == false ? 1 : 7), $pos3 - ($pos2 + ($quoted == false ? 1 : 7))), substr($message, $pos1, $pos2 - $pos1) ); if (!empty($tag['block_level']) && substr($data[0], 0, 6) == '
') $data[0] = substr($data[0], 6); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data[0], '$2' => $data[1])); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; } // A closed tag, with no content or value. elseif ($tag['type'] == 'closed') { $pos2 = strpos($message, ']', $pos); $message = substr($message, 0, $pos) . "\n" . $tag['content'] . "\n" . substr($message, $pos2 + 1); $pos += strlen($tag['content']) - 1 + 2; } // This one is sorta ugly... :/. Unfortunately, it's needed for flash. elseif ($tag['type'] == 'unparsed_commas_content') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2); if ($pos3 === false) continue; // We want $1 to be the content, and the rest to be csv. $data = explode(',', ',' . substr($message, $pos1, $pos2 - $pos1)); $data[0] = substr($message, $pos2 + 1, $pos3 - $pos2 - 1); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = $tag['content']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; } // This has parsed content, and a csv value which is unparsed. elseif ($tag['type'] == 'unparsed_commas') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $data = explode(',', substr($message, $pos1, $pos2 - $pos1)); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // Fix after, for disabled code mainly. foreach ($data as $k => $d) $tag['after'] = strtr($tag['after'], array('$' . ($k + 1) => trim($d))); $open_tags[] = $tag; // Replace them out, $1, $2, $3, $4, etc. $code = $tag['before']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 1); $pos += strlen($code) - 1 + 2; } // A tag set to a value, parsed or not. elseif ($tag['type'] == 'unparsed_equals' || $tag['type'] == 'parsed_equals') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // For parsed content, we must recurse to avoid security problems. if ($tag['type'] != 'unparsed_equals') $data = parse_bbc($data, !empty($tag['parsed_tags_allowed']) ? false : true, '', !empty($tag['parsed_tags_allowed']) ? $tag['parsed_tags_allowed'] : array()); $tag['after'] = strtr($tag['after'], array('$1' => $data)); $open_tags[] = $tag; $code = strtr($tag['before'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + ($quoted == false ? 1 : 7)); $pos += strlen($code) - 1 + 2; } // If this is block level, eat any breaks after it. if (!empty($tag['block_level']) && substr($message, $pos + 1, 6) == '
') $message = substr($message, 0, $pos + 1) . substr($message, $pos + 7); // Are we trimming outside this tag? if (!empty($tag['trim']) && $tag['trim'] != 'outside' && preg_match('~(
| |\s)*~', substr($message, $pos + 1), $matches) != 0) $message = substr($message, 0, $pos + 1) . substr($message, $pos + 1 + strlen($matches[0])); } // Close any remaining tags. while ($tag = array_pop($open_tags)) $message .= "\n" . $tag['after'] . "\n"; // Parse the smileys within the parts where it can be done safely. if ($smileys === true) { $message_parts = explode("\n", $message); for ($i = 0, $n = count($message_parts); $i < $n; $i += 2) parsesmileys($message_parts[$i]); $message = implode('', $message_parts); } // No smileys, just get rid of the markers. else $message = strtr($message, array("\n" => '')); if (substr($message, 0, 1) == ' ') $message = ' ' . substr($message, 1); // Cleanup whitespace. $message = strtr($message, array(' ' => '  ', "\r" => '', "\n" => '
', '
' => '
 ', ' ' => "\n")); // Cache the output if it took some time... if (isset($cache_key, $cache_t) && array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.05) cache_put_data($cache_key, $message, 240); // If this was a force parse revert if needed. if (!empty($parse_tags)) { if (empty($temp_bbc)) $bbc_codes = array(); else { $bbc_codes = $temp_bbc; unset($temp_bbc); } } return $message; } // Parse smileys in the passed message. function parsesmileys(&$message) { global $modSettings, $txt, $user_info, $context, $smcFunc; static $smileyPregSearch = array(), $smileyPregReplacements = array(); // No smiley set at all?! if ($user_info['smiley_set'] == 'none') return; // If the smiley array hasn't been set, do it now. if (empty($smileyPregSearch)) { // Use the default smileys if it is disabled. (better for "portability" of smileys.) if (empty($modSettings['smiley_enable'])) { $smileysfrom = array('>:D', ':D', '::)', '>:(', ':))', ':)', ';)', ';D', ':(', ':o', '8)', ':P', '???', ':-[', ':-X', ':-*', ':\'(', ':-\\', '^-^', 'O0', 'C:-)', '0:)'); $smileysto = array('evil.gif', 'cheesy.gif', 'rolleyes.gif', 'angry.gif', 'laugh.gif', 'smiley.gif', 'wink.gif', 'grin.gif', 'sad.gif', 'shocked.gif', 'cool.gif', 'tongue.gif', 'huh.gif', 'embarrassed.gif', 'lipsrsealed.gif', 'kiss.gif', 'cry.gif', 'undecided.gif', 'azn.gif', 'afro.gif', 'police.gif', 'angel.gif'); $smileysdescs = array('', $txt['icon_cheesy'], $txt['icon_rolleyes'], $txt['icon_angry'], '', $txt['icon_smiley'], $txt['icon_wink'], $txt['icon_grin'], $txt['icon_sad'], $txt['icon_shocked'], $txt['icon_cool'], $txt['icon_tongue'], $txt['icon_huh'], $txt['icon_embarrassed'], $txt['icon_lips'], $txt['icon_kiss'], $txt['icon_cry'], $txt['icon_undecided'], '', '', '', ''); } else { // Load the smileys in reverse order by length so they don't get parsed wrong. if (($temp = cache_get_data('parsing_smileys', 480)) == null) { $result = $smcFunc['db_query']('', ' SELECT code, filename, description FROM {db_prefix}smileys', array( ) ); $smileysfrom = array(); $smileysto = array(); $smileysdescs = array(); while ($row = $smcFunc['db_fetch_assoc']($result)) { $smileysfrom[] = $row['code']; $smileysto[] = $row['filename']; $smileysdescs[] = $row['description']; } $smcFunc['db_free_result']($result); cache_put_data('parsing_smileys', array($smileysfrom, $smileysto, $smileysdescs), 480); } else list ($smileysfrom, $smileysto, $smileysdescs) = $temp; } // The non-breaking-space is a complex thing... $non_breaking_space = $context['utf8'] ? ($context['server']['complex_preg_chars'] ? '\x{A0}' : "\xC2\xA0") : '\xA0'; // This smiley regex makes sure it doesn't parse smileys within code tags (so [url=mailto:David@bla.com] doesn't parse the :D smiley) $smileyPregReplacements = array(); $searchParts = array(); for ($i = 0, $n = count($smileysfrom); $i < $n; $i++) { $smileyCode = ''; $smileyPregReplacements[$smileysfrom[$i]] = $smileyCode; $smileyPregReplacements[htmlspecialchars($smileysfrom[$i], ENT_QUOTES)] = $smileyCode; $searchParts[] = preg_quote($smileysfrom[$i], '~'); $searchParts[] = preg_quote(htmlspecialchars($smileysfrom[$i], ENT_QUOTES), '~'); } $smileyPregSearch = '~(?<=[>:\?\.\s' . $non_breaking_space . '[\]()*\\\;]|^)(' . implode('|', $searchParts) . ')(?=[^[:alpha:]0-9]|$)~' . ($context['utf8'] ? 'u' : ''); } // Replace away! // TODO: When SMF supports only PHP 5.3+, we can change this to "uses" keyword and simplify this. $context['smiley_replacements'] = $smileyPregReplacements; $message = preg_replace_callback($smileyPregSearch, 'smileyPregReplaceCallback', $message); } // This allows use to do delayed argument binding and bring in the replacement variables for some preg replacements. function pregReplaceCurry($func, $arity) { return create_function('', " \$args = func_get_args(); if(count(\$args) >= $arity) return call_user_func_array('$func', \$args); \$args = var_export(\$args, 1); return create_function('',' \$a = func_get_args(); \$z = ' . \$args . '; \$a = array_merge(\$z,\$a); return call_user_func_array(\'$func\', \$a); '); "); } // Our callback that does the actual smiley replacements. function smileyPregReplaceCallback($matches) { global $context; return $context['smiley_replacements'][$matches[1]]; } // Highlight any code... function highlight_php_code($code) { global $context; // Remove special characters. $code = un_htmlspecialchars(strtr($code, array('
' => "\n", "\t" => 'SMF_TAB();', '[' => '['))); $oldlevel = error_reporting(0); // It's easier in 4.2.x+. if (@version_compare(PHP_VERSION, '4.2.0') == -1) { ob_start(); @highlight_string($code); $buffer = str_replace(array("\n", "\r"), '', ob_get_contents()); ob_end_clean(); } else $buffer = str_replace(array("\n", "\r"), '', @highlight_string($code, true)); error_reporting($oldlevel); // Yes, I know this is kludging it, but this is the best way to preserve tabs from PHP :P. $buffer = preg_replace('~SMF_TAB(?:<(?:font color|span style)="[^"]*?">)?\\(\\);~', '

' . "\t" . '

', $buffer); return strtr($buffer, array('\'' => ''', '' => '', '' => '')); } // Put this user in the online log. function writeLog($force = false) { global $user_info, $user_settings, $context, $modSettings, $settings, $topic, $board, $smcFunc, $sourcedir; // If we are showing who is viewing a topic, let's see if we are, and force an update if so - to make it accurate. if (!empty($settings['display_who_viewing']) && ($topic || $board)) { // Take the opposite approach! $force = true; // Don't update for every page - this isn't wholly accurate but who cares. if ($topic) { if (isset($_SESSION['last_topic_id']) && $_SESSION['last_topic_id'] == $topic) $force = false; $_SESSION['last_topic_id'] = $topic; } } // Are they a spider we should be tracking? Mode = 1 gets tracked on its spider check... if (!empty($user_info['possibly_robot']) && !empty($modSettings['spider_mode']) && $modSettings['spider_mode'] > 1) { require_once($sourcedir . '/ManageSearchEngines.php'); logSpider(); } // Don't mark them as online more than every so often. if (!empty($_SESSION['log_time']) && $_SESSION['log_time'] >= (time() - 8) && !$force) return; if (!empty($modSettings['who_enabled'])) { $serialized = $_GET + array('USER_AGENT' => $_SERVER['HTTP_USER_AGENT']); // In the case of a dlattach action, session_var may not be set. if (!isset($context['session_var'])) $context['session_var'] = $_SESSION['session_var']; unset($serialized['sesc'], $serialized[$context['session_var']]); $serialized = serialize($serialized); } else $serialized = ''; // Guests use 0, members use their session ID. $session_id = $user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id(); // Grab the last all-of-SMF-specific log_online deletion time. $do_delete = cache_get_data('log_online-update', 30) < time() - 30; // If the last click wasn't a long time ago, and there was a last click... if (!empty($_SESSION['log_time']) && $_SESSION['log_time'] >= time() - $modSettings['lastActive'] * 20) { if ($do_delete) { $smcFunc['db_query']('delete_log_online_interval', ' DELETE FROM {db_prefix}log_online WHERE log_time < {int:log_time} AND session != {string:session}', array( 'log_time' => time() - $modSettings['lastActive'] * 60, 'session' => $session_id, ) ); // Cache when we did it last. cache_put_data('log_online-update', time(), 30); } $smcFunc['db_query']('', ' UPDATE {db_prefix}log_online SET log_time = {int:log_time}, ip = IFNULL(INET_ATON({string:ip}), 0), url = {string:url} WHERE session = {string:session}', array( 'log_time' => time(), 'ip' => $user_info['ip'], 'url' => $serialized, 'session' => $session_id, ) ); // Guess it got deleted. if ($smcFunc['db_affected_rows']() == 0) $_SESSION['log_time'] = 0; } else $_SESSION['log_time'] = 0; // Otherwise, we have to delete and insert. if (empty($_SESSION['log_time'])) { if ($do_delete || !empty($user_info['id'])) $smcFunc['db_query']('', ' DELETE FROM {db_prefix}log_online WHERE ' . ($do_delete ? 'log_time < {int:log_time}' : '') . ($do_delete && !empty($user_info['id']) ? ' OR ' : '') . (empty($user_info['id']) ? '' : 'id_member = {int:current_member}'), array( 'current_member' => $user_info['id'], 'log_time' => time() - $modSettings['lastActive'] * 60, ) ); $smcFunc['db_insert']($do_delete ? 'ignore' : 'replace', '{db_prefix}log_online', array('session' => 'string', 'id_member' => 'int', 'id_spider' => 'int', 'log_time' => 'int', 'ip' => 'raw', 'url' => 'string'), array($session_id, $user_info['id'], empty($_SESSION['id_robot']) ? 0 : $_SESSION['id_robot'], time(), 'IFNULL(INET_ATON(\'' . $user_info['ip'] . '\'), 0)', $serialized), array('session') ); } // Mark your session as being logged. $_SESSION['log_time'] = time(); // Well, they are online now. if (empty($_SESSION['timeOnlineUpdated'])) $_SESSION['timeOnlineUpdated'] = time(); // Set their login time, if not already done within the last minute. if (SMF != 'SSI' && !empty($user_info['last_login']) && $user_info['last_login'] < time() - 60) { // Don't count longer than 15 minutes. if (time() - $_SESSION['timeOnlineUpdated'] > 60 * 15) $_SESSION['timeOnlineUpdated'] = time(); $user_settings['total_time_logged_in'] += time() - $_SESSION['timeOnlineUpdated']; updateMemberData($user_info['id'], array('last_login' => time(), 'member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP'], 'total_time_logged_in' => $user_settings['total_time_logged_in'])); if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) cache_put_data('user_settings-' . $user_info['id'], $user_settings, 60); $user_info['total_time_logged_in'] += time() - $_SESSION['timeOnlineUpdated']; $_SESSION['timeOnlineUpdated'] = time(); } } // Make sure the browser doesn't come back and repost the form data. Should be used whenever anything is posted. function redirectexit($setLocation = '', $refresh = false) { global $scripturl, $context, $modSettings, $db_show_debug, $db_cache; // In case we have mail to send, better do that - as obExit doesn't always quite make it... if (!empty($context['flush_mail'])) AddMailQueue(true); $add = preg_match('~^(ftp|http)[s]?://~', $setLocation) == 0 && substr($setLocation, 0, 6) != 'about:'; if (WIRELESS) { // Add the scripturl on if needed. if ($add) $setLocation = $scripturl . '?' . $setLocation; $char = strpos($setLocation, '?') === false ? '?' : ';'; if (strpos($setLocation, '#') !== false) $setLocation = strtr($setLocation, array('#' => $char . WIRELESS_PROTOCOL . '#')); else $setLocation .= $char . WIRELESS_PROTOCOL; } elseif ($add) $setLocation = $scripturl . ($setLocation != '' ? '?' . $setLocation : ''); // Put the session ID in. if (defined('SID') && SID != '') $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')\\??/', $scripturl . '?' . SID . ';', $setLocation); // Keep that debug in their for template debugging! elseif (isset($_GET['debug'])) $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '\\??/', $scripturl . '?debug;', $setLocation); if (!empty($modSettings['queryless_urls']) && (empty($context['server']['is_cgi']) || @ini_get('cgi.fix_pathinfo') == 1 || @get_cfg_var('cgi.fix_pathinfo') == 1) && (!empty($context['server']['is_apache']) || !empty($context['server']['is_lighttpd']))) { if (defined('SID') && SID != '') $setLocation = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?(?:' . SID . '(?:;|&|&))((?:board|topic)=[^#]+?)(#[^"]*?)?$~', 'fix_redirect_sid__preg_callback', $setLocation); else $setLocation = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+?)(#[^"]*?)?$~', 'fix_redirect_path__preg_callback', $setLocation); } // Maybe integrations want to change where we are heading? call_integration_hook('integrate_redirect', array(&$setLocation, &$refresh)); // We send a Refresh header only in special cases because Location looks better. (and is quicker...) if ($refresh && !WIRELESS) header('Refresh: 0; URL=' . strtr($setLocation, array(' ' => '%20'))); else header('Location: ' . str_replace(' ', '%20', $setLocation)); // Debugging. if (isset($db_show_debug) && $db_show_debug === true) $_SESSION['debug_redirect'] = $db_cache; obExit(false); } // Ends execution. Takes care of template loading and remembering the previous URL. function obExit($header = null, $do_footer = null, $from_index = false, $from_fatal_error = false) { global $context, $settings, $modSettings, $txt, $smcFunc; static $header_done = false, $footer_done = false, $level = 0, $has_fatal_error = false; // Attempt to prevent a recursive loop. ++$level; if ($level > 1 && !$from_fatal_error && !$has_fatal_error) exit; if ($from_fatal_error) $has_fatal_error = true; // Clear out the stat cache. trackStats(); // If we have mail to send, send it. if (!empty($context['flush_mail'])) AddMailQueue(true); $do_header = $header === null ? !$header_done : $header; if ($do_footer === null) $do_footer = $do_header; // Has the template/header been done yet? if ($do_header) { // Was the page title set last minute? Also update the HTML safe one. if (!empty($context['page_title']) && empty($context['page_title_html_safe'])) $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])); // Start up the session URL fixer. ob_start('ob_sessrewrite'); if (!empty($settings['output_buffers']) && is_string($settings['output_buffers'])) $buffers = explode(',', $settings['output_buffers']); elseif (!empty($settings['output_buffers'])) $buffers = $settings['output_buffers']; else $buffers = array(); if (isset($modSettings['integrate_buffer'])) $buffers = array_merge(explode(',', $modSettings['integrate_buffer']), $buffers); if (!empty($buffers)) foreach ($buffers as $function) { $function = trim($function); $call = strpos($function, '::') !== false ? explode('::', $function) : $function; // Is it valid? if (is_callable($call)) ob_start($call); } // Display the screen in the logical order. template_header(); $header_done = true; } if ($do_footer) { if (WIRELESS && !isset($context['sub_template'])) fatal_lang_error('wireless_error_notyet', false); // Just show the footer, then. loadSubTemplate(isset($context['sub_template']) ? $context['sub_template'] : 'main'); // Anything special to put out? if (!empty($context['insert_after_template']) && !isset($_REQUEST['xml'])) echo $context['insert_after_template']; // Just so we don't get caught in an endless loop of errors from the footer... if (!$footer_done) { $footer_done = true; template_footer(); // (since this is just debugging... it's okay that it's after .) if (!isset($_REQUEST['xml'])) db_debug_junk(); } } // Remember this URL in case someone doesn't like sending HTTP_REFERER. if (strpos($_SERVER['REQUEST_URL'], 'action=dlattach') === false && strpos($_SERVER['REQUEST_URL'], 'action=viewsmfile') === false) $_SESSION['old_url'] = $_SERVER['REQUEST_URL']; // For session check verfication.... don't switch browsers... $_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; if (!empty($settings['strict_doctype'])) { // The theme author wants to use the STRICT doctype (only God knows why). $temp = ob_get_contents(); if (function_exists('ob_clean')) ob_clean(); else { ob_end_clean(); ob_start('ob_sessrewrite'); } echo strtr($temp, array( 'var smf_iso_case_folding' => 'var target_blank = \'_blank\'; var smf_iso_case_folding', 'target="_blank"' => 'onclick="this.target=target_blank"')); } // Hand off the output to the portal, etc. we're integrated with. call_integration_hook('integrate_exit', array($do_footer && !WIRELESS)); // Don't exit if we're coming from index.php; that will pass through normally. if (!$from_index || WIRELESS) exit; } // Usage: logAction('remove', array('starter' => $id_member_started)); function logAction($action, $extra = array(), $log_type = 'moderate') { global $modSettings, $user_info, $smcFunc, $sourcedir; $log_types = array( 'moderate' => 1, 'user' => 2, 'admin' => 3, 'topic_solved' => 4, ); if (!is_array($extra)) trigger_error('logAction(): data is not an array with action \'' . $action . '\'', E_USER_NOTICE); // Pull out the parts we want to store separately, but also make sure that the data is proper if (isset($extra['topic'])) { if (!is_numeric($extra['topic'])) trigger_error('logAction(): data\'s topic is not a number', E_USER_NOTICE); $topic_id = empty($extra['topic']) ? '0' : (int)$extra['topic']; unset($extra['topic']); } else $topic_id = '0'; if (isset($extra['message'])) { if (!is_numeric($extra['message'])) trigger_error('logAction(): data\'s message is not a number', E_USER_NOTICE); $msg_id = empty($extra['message']) ? '0' : (int)$extra['message']; unset($extra['message']); } else $msg_id = '0'; // Is there an associated report on this? if (in_array($action, array('move', 'remove', 'split', 'merge'))) { $request = $smcFunc['db_query']('', ' SELECT id_report FROM {db_prefix}log_reported WHERE {raw:column_name} = {int:reported} LIMIT 1', array( 'column_name' => !empty($msg_id) ? 'id_msg' : 'id_topic', 'reported' => !empty($msg_id) ? $msg_id : $topic_id, )); // Alright, if we get any result back, update open reports. if ($smcFunc['db_num_rows']($request) > 0) { require_once($sourcedir . '/ModerationCenter.php'); updateSettings(array('last_mod_report_action' => time())); recountOpenReports(); } $smcFunc['db_free_result']($request); } // No point in doing anything else, if the log isn't even enabled. if (empty($modSettings['modlog_enabled']) || !isset($log_types[$log_type])) return false; if (isset($extra['member']) && !is_numeric($extra['member'])) trigger_error('logAction(): data\'s member is not a number', E_USER_NOTICE); if (isset($extra['board'])) { if (!is_numeric($extra['board'])) trigger_error('logAction(): data\'s board is not a number', E_USER_NOTICE); $board_id = empty($extra['board']) ? '0' : (int)$extra['board']; unset($extra['board']); } else $board_id = '0'; if (isset($extra['board_to'])) { if (!is_numeric($extra['board_to'])) trigger_error('logAction(): data\'s board_to is not a number', E_USER_NOTICE); if (empty($board_id)) { $board_id = empty($extra['board_to']) ? '0' : (int)$extra['board_to']; unset($extra['board_to']); } } $smcFunc['db_insert']('', '{db_prefix}log_actions', array( 'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string', 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534', ), array( time(), $log_types[$log_type], $user_info['id'], $user_info['ip'], $action, $board_id, $topic_id, $msg_id, serialize($extra), ), array('id_action') ); return $smcFunc['db_insert_id']('{db_prefix}log_actions', 'id_action'); } // Track Statistics. function trackStats($stats = array()) { global $modSettings, $smcFunc; static $cache_stats = array(); if (empty($modSettings['trackStats'])) return false; if (!empty($stats)) return $cache_stats = array_merge($cache_stats, $stats); elseif (empty($cache_stats)) return false; $setStringUpdate = ''; $insert_keys = array(); $date = strftime('%Y-%m-%d', forum_time(false)); $update_parameters = array( 'current_date' => $date, ); foreach ($cache_stats as $field => $change) { $setStringUpdate .= ' ' . $field . ' = ' . ($change === '+' ? $field . ' + 1' : '{int:' . $field . '}') . ','; if ($change === '+') $cache_stats[$field] = 1; else $update_parameters[$field] = $change; $insert_keys[$field] = 'int'; } $smcFunc['db_query']('', ' UPDATE {db_prefix}log_activity SET' . substr($setStringUpdate, 0, -1) . ' WHERE date = {date:current_date}', $update_parameters ); if ($smcFunc['db_affected_rows']() == 0) { $smcFunc['db_insert']('ignore', '{db_prefix}log_activity', array_merge($insert_keys, array('date' => 'date')), array_merge($cache_stats, array($date)), array('date') ); } // Don't do this again. $cache_stats = array(); return true; } // Make sure the user isn't posting over and over again. function spamProtection($error_type) { global $modSettings, $txt, $user_info, $smcFunc; // Certain types take less/more time. $timeOverrides = array( 'login' => 2, 'register' => 2, 'sendtopc' => $modSettings['spamWaitTime'] * 4, 'sendmail' => $modSettings['spamWaitTime'] * 5, 'reporttm' => $modSettings['spamWaitTime'] * 4, 'search' => !empty($modSettings['search_floodcontrol_time']) ? $modSettings['search_floodcontrol_time'] : 1, ); // Moderators are free... if (!allowedTo('moderate_board')) $timeLimit = isset($timeOverrides[$error_type]) ? $timeOverrides[$error_type] : $modSettings['spamWaitTime']; else $timeLimit = 2; // Delete old entries... $smcFunc['db_query']('', ' DELETE FROM {db_prefix}log_floodcontrol WHERE log_time < {int:log_time} AND log_type = {string:log_type}', array( 'log_time' => time() - $timeLimit, 'log_type' => $error_type, ) ); // Add a new entry, deleting the old if necessary. $smcFunc['db_insert']('replace', '{db_prefix}log_floodcontrol', array('ip' => 'string-16', 'log_time' => 'int', 'log_type' => 'string'), array($user_info['ip'], time(), $error_type), array('ip', 'log_type') ); // If affected is 0 or 2, it was there already. if ($smcFunc['db_affected_rows']() != 1) { // Spammer! You only have to wait a *few* seconds! fatal_lang_error($error_type . 'WaitTime_broken', false, array($timeLimit)); return true; } // They haven't posted within the limit. return false; } // Get the size of a specified image with better error handling. function url_image_size($url) { global $sourcedir; // Make sure it is a proper URL. $url = str_replace(' ', '%20', $url); // Can we pull this from the cache... please please? if (($temp = cache_get_data('url_image_size-' . md5($url), 240)) !== null) return $temp; $t = microtime(); // Get the host to pester... preg_match('~^\w+://(.+?)/(.*)$~', $url, $match); // Can't figure it out, just try the image size. if ($url == '' || $url == 'http://' || $url == 'https://') { return false; } elseif (!isset($match[1])) { $size = @getimagesize($url); } else { // Try to connect to the server... give it half a second. $temp = 0; $fp = @fsockopen($match[1], 80, $temp, $temp, 0.5); // Successful? Continue... if ($fp != false) { // Send the HEAD request (since we don't have to worry about chunked, HTTP/1.1 is fine here.) fwrite($fp, 'HEAD /' . $match[2] . ' HTTP/1.1' . "\r\n" . 'Host: ' . $match[1] . "\r\n" . 'User-Agent: PHP/SMF' . "\r\n" . 'Connection: close' . "\r\n\r\n"); // Read in the HTTP/1.1 or whatever. $test = substr(fgets($fp, 11), -1); fclose($fp); // See if it returned a 404/403 or something. if ($test < 4) { $size = @getimagesize($url); // This probably means allow_url_fopen is off, let's try GD. if ($size === false && function_exists('imagecreatefromstring')) { include_once($sourcedir . '/Subs-Package.php'); // It's going to hate us for doing this, but another request... $image = @imagecreatefromstring(fetch_web_data($url)); if ($image !== false) { $size = array(imagesx($image), imagesy($image)); imagedestroy($image); } } } } } // If we didn't get it, we failed. if (!isset($size)) $size = false; // If this took a long time, we may never have to do it again, but then again we might... if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.8) cache_put_data('url_image_size-' . md5($url), $size, 240); // Didn't work. return $size; } function determineTopicClass(&$topic_context) { // Set topic class depending on locked status and number of replies. if ($topic_context['is_very_hot']) $topic_context['class'] = 'veryhot'; elseif ($topic_context['is_hot']) $topic_context['class'] = 'hot'; else $topic_context['class'] = 'normal'; $topic_context['class'] .= $topic_context['is_poll'] ? '_poll' : '_post'; if ($topic_context['is_locked']) $topic_context['class'] .= '_locked'; if ($topic_context['is_sticky']) $topic_context['class'] .= '_sticky'; // This is so old themes will still work. $topic_context['extended_class'] = &$topic_context['class']; } // Sets up the basic theme context stuff. function setupThemeContext($forceload = false) { global $modSettings, $user_info, $scripturl, $context, $settings, $options, $txt, $maintenance; global $user_settings, $smcFunc, $boardurl, $image_proxy_enabled, $image_proxy_secret; static $loaded = false; // Under SSI this function can be called more then once. That can cause some problems. // So only run the function once unless we are forced to run it again. if ($loaded && !$forceload) return; $loaded = true; $context['in_maintenance'] = !empty($maintenance); $context['current_time'] = timeformat(time(), false); $context['current_action'] = isset($_GET['action']) ? $_GET['action'] : ''; $context['show_quick_login'] = !empty($modSettings['enableVBStyleLogin']) && $user_info['is_guest']; // Get some news... $context['news_lines'] = explode("\n", str_replace("\r", '', trim(addslashes($modSettings['news'])))); $context['fader_news_lines'] = array(); for ($i = 0, $n = count($context['news_lines']); $i < $n; $i++) { if (trim($context['news_lines'][$i]) == '') continue; // Clean it up for presentation ;). $context['news_lines'][$i] = parse_bbc(stripslashes(trim($context['news_lines'][$i])), true, 'news' . $i); // Gotta be special for the javascript. $context['fader_news_lines'][$i] = strtr(addslashes($context['news_lines'][$i]), array('/' => '\/', ' (isset($_SESSION['unread_messages']) ? $_SESSION['unread_messages'] : 0)) $context['user']['popup_messages'] = true; else $context['user']['popup_messages'] = false; $_SESSION['unread_messages'] = $user_info['unread_messages']; if (allowedTo('moderate_forum')) $context['unapproved_members'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($modSettings['approveAccountDeletion']) ? $modSettings['unapprovedMembers'] : 0; $context['show_open_reports'] = empty($user_settings['mod_prefs']) || $user_settings['mod_prefs'][0] == 1; $context['user']['avatar'] = array(); // Figure out the avatar... uploaded? if ($user_info['avatar']['url'] == '' && !empty($user_info['avatar']['id_attach'])) $context['user']['avatar']['href'] = $user_info['avatar']['custom_dir'] ? $modSettings['custom_avatar_url'] . '/' . $user_info['avatar']['filename'] : $scripturl . '?action=dlattach;attach=' . $user_info['avatar']['id_attach'] . ';type=avatar'; // Full URL? elseif (substr($user_info['avatar']['url'], 0, 7) == 'http://' || substr($user_info['avatar']['url'], 0, 8) == 'https://') { if (substr($user_info['avatar']['url'], 0, 8) != 'https://' && $image_proxy_enabled) $context['user']['avatar']['href'] = $boardurl . '/proxy.php?request=' . urlencode($user_info['avatar']['url']) . '&hash=' . md5($user_info['avatar']['url'] . $image_proxy_secret); else $context['user']['avatar']['href'] = $user_info['avatar']['url']; if ($modSettings['avatar_action_too_large'] == 'option_html_resize' || $modSettings['avatar_action_too_large'] == 'option_js_resize') { if (!empty($modSettings['avatar_max_width_external'])) $context['user']['avatar']['width'] = $modSettings['avatar_max_width_external']; if (!empty($modSettings['avatar_max_height_external'])) $context['user']['avatar']['height'] = $modSettings['avatar_max_height_external']; } } // Otherwise we assume it's server stored? elseif ($user_info['avatar']['url'] != '') $context['user']['avatar']['href'] = $modSettings['avatar_url'] . '/' . htmlspecialchars($user_info['avatar']['url']); if (!empty($context['user']['avatar'])) $context['user']['avatar']['image'] = ''; // Figure out how long they've been logged in. $context['user']['total_time_logged_in'] = array( 'days' => floor($user_info['total_time_logged_in'] / 86400), 'hours' => floor(($user_info['total_time_logged_in'] % 86400) / 3600), 'minutes' => floor(($user_info['total_time_logged_in'] % 3600) / 60) ); } else { $context['user']['messages'] = 0; $context['user']['unread_messages'] = 0; $context['user']['avatar'] = array(); $context['user']['total_time_logged_in'] = array('days' => 0, 'hours' => 0, 'minutes' => 0); $context['user']['popup_messages'] = false; if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) $txt['welcome_guest'] .= $txt['welcome_guest_activate']; // If we've upgraded recently, go easy on the passwords. if (!empty($modSettings['disableHashTime']) && ($modSettings['disableHashTime'] == 1 || time() < $modSettings['disableHashTime'])) $context['disable_login_hashing'] = true; elseif ($context['browser']['is_ie5'] || $context['browser']['is_ie5.5']) $context['disable_login_hashing'] = true; } // Setup the main menu items. setupMenuContext(); if (empty($settings['theme_version'])) $context['show_vBlogin'] = $context['show_quick_login']; // This is here because old index templates might still use it. $context['show_news'] = !empty($settings['enable_news']); // This is done to allow theme authors to customize it as they want. $context['show_pm_popup'] = $context['user']['popup_messages'] && !empty($options['popup_messages']) && (!isset($_REQUEST['action']) || $_REQUEST['action'] != 'pm'); // Resize avatars the fancy, but non-GD requiring way. if ($modSettings['avatar_action_too_large'] == 'option_js_resize' && (!empty($modSettings['avatar_max_width_external']) || !empty($modSettings['avatar_max_height_external']))) { $context['html_headers'] .= ' '; } // This looks weird, but it's because BoardIndex.php references the variable. $context['common_stats']['latest_member'] = array( 'id' => $modSettings['latestMember'], 'name' => $modSettings['latestRealName'], 'href' => $scripturl . '?action=profile;u=' . $modSettings['latestMember'], 'link' => '' . $modSettings['latestRealName'] . '', ); $context['common_stats'] = array( 'total_posts' => comma_format($modSettings['totalMessages']), 'total_topics' => comma_format($modSettings['totalTopics']), 'total_members' => comma_format($modSettings['totalMembers']), 'latest_member' => $context['common_stats']['latest_member'], ); if (empty($settings['theme_version'])) $context['html_headers'] .= ' '; if (!isset($context['page_title'])) $context['page_title'] = ''; // Set some specific vars. $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])); $context['meta_keywords'] = !empty($modSettings['meta_keywords']) ? $smcFunc['htmlspecialchars']($modSettings['meta_keywords']) : ''; } // This is the only template included in the sources... function template_rawdata() { global $context; echo $context['raw_data']; } function template_header() { global $txt, $modSettings, $context, $settings, $user_info, $boarddir, $cachedir; setupThemeContext(); // Print stuff to prevent caching of pages (except on attachment errors, etc.) if (empty($context['no_last_modified'])) { header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); } header('Content-Type: text/' . (isset($_REQUEST['xml']) ? 'xml' : 'html') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set'])); $checked_securityFiles = false; $showed_banned = false; foreach ($context['template_layers'] as $layer) { loadSubTemplate($layer . '_above', true); // May seem contrived, but this is done in case the body and main layer aren't there... if (in_array($layer, array('body', 'main')) && allowedTo('admin_forum') && !$user_info['is_guest'] && !$checked_securityFiles) { $checked_securityFiles = true; $securityFiles = array('install.php', 'webinstall.php', 'upgrade.php', 'convert.php', 'repair_paths.php', 'repair_settings.php', 'Settings.php~', 'Settings_bak.php~'); foreach ($securityFiles as $i => $securityFile) { if (!file_exists($boarddir . '/' . $securityFile)) unset($securityFiles[$i]); } if (!empty($securityFiles) || (!empty($modSettings['cache_enable']) && !is_writable($cachedir))) { echo '

!!

', empty($securityFiles) ? $txt['cache_writable_head'] : $txt['security_risk'], '

'; foreach ($securityFiles as $securityFile) { echo ' ', $txt['not_removed'], '', $securityFile, '!
'; if ($securityFile == 'Settings.php~' || $securityFile == 'Settings_bak.php~') echo ' ', sprintf($txt['not_removed_extra'], $securityFile, substr($securityFile, 0, -1)), '
'; } if (!empty($modSettings['cache_enable']) && !is_writable($cachedir)) echo ' ', $txt['cache_writable'], '
'; echo '

'; } } // If the user is banned from posting inform them of it. elseif (in_array($layer, array('main', 'body')) && isset($_SESSION['ban']['cannot_post']) && !$showed_banned) { $showed_banned = true; echo '

', sprintf($txt['you_are_post_banned'], $user_info['is_guest'] ? $txt['guest_title'] : $user_info['name']); if (!empty($_SESSION['ban']['cannot_post']['reason'])) echo '

', $_SESSION['ban']['cannot_post']['reason'], '

'; if (!empty($_SESSION['ban']['expire_time'])) echo '

', sprintf($txt['your_ban_expires'], timeformat($_SESSION['ban']['expire_time'], false)), '

'; else echo '

', $txt['your_ban_expires_never'], '

'; echo '

'; } } if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['default_theme_url']; $settings['images_url'] = $settings['default_images_url']; $settings['theme_dir'] = $settings['default_theme_dir']; } } // Show the copyright... function theme_copyright($get_it = false) { global $forum_copyright, $context, $boardurl, $forum_version, $txt, $modSettings; // Don't display copyright for things like SSI. if (!isset($forum_version)) return; // Put in the version... $forum_copyright = sprintf($forum_copyright, $forum_version); echo ' ' . $forum_copyright . ' '; } function template_footer() { global $context, $settings, $modSettings, $time_start, $db_count; // Show the load time? (only makes sense for the footer.) $context['show_load_time'] = !empty($modSettings['timeLoadPageEnable']); $context['load_time'] = round(array_sum(explode(' ', microtime())) - array_sum(explode(' ', $time_start)), 3); $context['load_queries'] = $db_count; if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['actual_theme_url']; $settings['images_url'] = $settings['actual_images_url']; $settings['theme_dir'] = $settings['actual_theme_dir']; } foreach (array_reverse($context['template_layers']) as $layer) loadSubTemplate($layer . '_below', true); } // Debugging. function db_debug_junk() { global $context, $scripturl, $boarddir, $modSettings, $boarddir; global $db_cache, $db_count, $db_show_debug, $cache_count, $cache_hits, $txt; // Add to Settings.php if you want to show the debugging information. if (!isset($db_show_debug) || $db_show_debug !== true || (isset($_GET['action']) && $_GET['action'] == 'viewquery') || WIRELESS) return; if (empty($_SESSION['view_queries'])) $_SESSION['view_queries'] = 0; if (empty($context['debug']['language_files'])) $context['debug']['language_files'] = array(); if (empty($context['debug']['sheets'])) $context['debug']['sheets'] = array(); $files = get_included_files(); $total_size = 0; for ($i = 0, $n = count($files); $i < $n; $i++) { if (file_exists($files[$i])) $total_size += filesize($files[$i]); $files[$i] = strtr($files[$i], array($boarddir => '.')); } $warnings = 0; if (!empty($db_cache)) { foreach ($db_cache as $q => $qq) { if (!empty($qq['w'])) $warnings += count($qq['w']); } $_SESSION['debug'] = &$db_cache; } // Gotta have valid HTML ;). $temp = ob_get_contents(); if (function_exists('ob_clean')) ob_clean(); else { ob_end_clean(); ob_start('ob_sessrewrite'); } echo preg_replace('~\s*~', '', $temp), '

', $txt['debug_templates'], count($context['debug']['templates']), ': ', implode(', ', $context['debug']['templates']), '.
', $txt['debug_subtemplates'], count($context['debug']['sub_templates']), ': ', implode(', ', $context['debug']['sub_templates']), '.
', $txt['debug_language_files'], count($context['debug']['language_files']), ': ', implode(', ', $context['debug']['language_files']), '.
', $txt['debug_stylesheets'], count($context['debug']['sheets']), ': ', implode(', ', $context['debug']['sheets']), '.
', $txt['debug_files_included'], count($files), ' - ', round($total_size / 1024), $txt['debug_kb'], ' (', $txt['debug_show'], '', implode(', ', $files), ')
'; if (!empty($modSettings['cache_enable']) && !empty($cache_hits)) { $entries = array(); $total_t = 0; $total_s = 0; foreach ($cache_hits as $cache_hit) { $entries[] = $cache_hit['d'] . ' ' . $cache_hit['k'] . ': ' . sprintf($txt['debug_cache_seconds_bytes'], comma_format($cache_hit['t'], 5), $cache_hit['s']); $total_t += $cache_hit['t']; $total_s += $cache_hit['s']; } echo ' ', $txt['debug_cache_hits'], $cache_count, ': ', sprintf($txt['debug_cache_seconds_bytes_total'], comma_format($total_t, 5), comma_format($total_s)), ' (', $txt['debug_show'], '', implode(', ', $entries), ')
'; } echo ' ', $warnings == 0 ? sprintf($txt['debug_queries_used'], (int) $db_count) : sprintf($txt['debug_queries_used_and_warnings'], (int) $db_count, $warnings), '

'; if ($_SESSION['view_queries'] == 1 && !empty($db_cache)) foreach ($db_cache as $q => $qq) { $is_select = substr(trim($qq['q']), 0, 6) == 'SELECT' || preg_match('~^INSERT(?: IGNORE)? INTO \w+(?:\s+\([^)]+\))?\s+SELECT .+$~s', trim($qq['q'])) != 0; // Temporary tables created in earlier queries are not explainable. if ($is_select) { foreach (array('log_topics_unread', 'topics_posted_in', 'tmp_log_search_topics', 'tmp_log_search_messages') as $tmp) if (strpos(trim($qq['q']), $tmp) !== false) { $is_select = false; break; } } // But actual creation of the temporary tables are. elseif (preg_match('~^CREATE TEMPORARY TABLE .+?SELECT .+$~s', trim($qq['q'])) != 0) $is_select = true; // Make the filenames look a bit better. if (isset($qq['f'])) $qq['f'] = preg_replace('~^' . preg_quote($boarddir, '~') . '~', '...', $qq['f']); echo ' ', $is_select ? '' : '', nl2br(str_replace("\t", '   ', htmlspecialchars(ltrim($qq['q'], "\n\r")))) . ($is_select ? '' : '') . '
   '; if (!empty($qq['f']) && !empty($qq['l'])) echo sprintf($txt['debug_query_in_line'], $qq['f'], $qq['l']); if (isset($qq['s'], $qq['t']) && isset($txt['debug_query_which_took_at'])) echo sprintf($txt['debug_query_which_took_at'], round($qq['t'], 8), round($qq['s'], 8)) . '
'; elseif (isset($qq['t'])) echo sprintf($txt['debug_query_which_took'], round($qq['t'], 8)) . '
'; echo '
'; } echo ' ', $txt['debug_' . (empty($_SESSION['view_queries']) ? 'show' : 'hide') . '_queries'], '

'; } // Get an attachment's encrypted filename. If $new is true, won't check for file existence. function getAttachmentFilename($filename, $attachment_id, $dir = null, $new = false, $file_hash = '') { global $modSettings, $smcFunc; // Just make up a nice hash... if ($new) return sha1(md5($filename . time()) . mt_rand()); // Grab the file hash if it wasn't added. if ($file_hash === '') { $request = $smcFunc['db_query']('', ' SELECT file_hash FROM {db_prefix}attachments WHERE id_attach = {int:id_attach}', array( 'id_attach' => $attachment_id, )); if ($smcFunc['db_num_rows']($request) === 0) return false; list ($file_hash) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); } // In case of files from the old system, do a legacy call. if (empty($file_hash)) return getLegacyAttachmentFilename($filename, $attachment_id, $dir, $new); // Are we using multiple directories? if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = safe_unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$dir]; } else $path = $modSettings['attachmentUploadDir']; return $path . '/' . $attachment_id . '_' . $file_hash; } // Older attachments may still use this function. function getLegacyAttachmentFilename($filename, $attachment_id, $dir = null, $new = false) { global $modSettings, $db_character_set; $clean_name = $filename; // Remove international characters (windows-1252) // These lines should never be needed again. Still, behave. if (empty($db_character_set) || $db_character_set != 'utf8') { $clean_name = strtr($filename, "\x8a\x8e\x9a\x9e\x9f\xc0\xc1\xc2\xc3\xc4\xc5\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd1\xd2\xd3\xd4\xd5\xd6\xd8\xd9\xda\xdb\xdc\xdd\xe0\xe1\xe2\xe3\xe4\xe5\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf1\xf2\xf3\xf4\xf5\xf6\xf8\xf9\xfa\xfb\xfc\xfd\xff", 'SZszYAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy'); $clean_name = strtr($clean_name, array("\xde" => 'TH', "\xfe" => 'th', "\xd0" => 'DH', "\xf0" => 'dh', "\xdf" => 'ss', "\x8c" => 'OE', "\x9c" => 'oe', "\xc6" => 'AE', "\xe6" => 'ae', "\xb5" => 'u')); } // Sorry, no spaces, dots, or anything else but letters allowed. $clean_name = preg_replace(array('/\s/', '/[^\w_\.\-]/'), array('_', ''), $clean_name); $enc_name = $attachment_id . '_' . strtr($clean_name, '.', '_') . md5($clean_name); $clean_name = preg_replace('~\.[\.]+~', '.', $clean_name); if ($attachment_id == false || ($new && empty($modSettings['attachmentEncryptFilenames']))) return $clean_name; elseif ($new) return $enc_name; // Are we using multiple directories? if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = safe_unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$dir]; } else $path = $modSettings['attachmentUploadDir']; if (file_exists($path . '/' . $enc_name)) $filename = $path . '/' . $enc_name; else $filename = $path . '/' . $clean_name; return $filename; } // Convert a single IP to a ranged IP. function ip2range($fullip) { // Pretend that 'unknown' is 255.255.255.255. (since that can't be an IP anyway.) if ($fullip == 'unknown') $fullip = '255.255.255.255'; $ip_parts = explode('.', $fullip); $ip_array = array(); if (count($ip_parts) != 4) return array(); for ($i = 0; $i < 4; $i++) { if ($ip_parts[$i] == '*') $ip_array[$i] = array('low' => '0', 'high' => '255'); elseif (preg_match('/^(\d{1,3})\-(\d{1,3})$/', $ip_parts[$i], $range) == 1) $ip_array[$i] = array('low' => $range[1], 'high' => $range[2]); elseif (is_numeric($ip_parts[$i])) $ip_array[$i] = array('low' => $ip_parts[$i], 'high' => $ip_parts[$i]); } return $ip_array; } // Lookup an IP; try shell_exec first because we can do a timeout on it. function host_from_ip($ip) { global $modSettings; if (($host = cache_get_data('hostlookup-' . $ip, 600)) !== null) return $host; $t = microtime(); // If we can't access nslookup/host, PHP 4.1.x might just crash. if (@version_compare(PHP_VERSION, '4.2.0') == -1) $host = false; // Try the Linux host command, perhaps? if (!isset($host) && (strpos(strtolower(PHP_OS), 'win') === false || strpos(strtolower(PHP_OS), 'darwin') !== false) && mt_rand(0, 1) == 1) { if (!isset($modSettings['host_to_dis'])) $test = @shell_exec('host -W 1 ' . @escapeshellarg($ip)); else $test = @shell_exec('host ' . @escapeshellarg($ip)); // Did host say it didn't find anything? if (strpos($test, 'not found') !== false) $host = ''; // Invalid server option? elseif ((strpos($test, 'invalid option') || strpos($test, 'Invalid query name 1')) && !isset($modSettings['host_to_dis'])) updateSettings(array('host_to_dis' => 1)); // Maybe it found something, after all? elseif (preg_match('~\s([^\s]+?)\.\s~', $test, $match) == 1) $host = $match[1]; } // This is nslookup; usually only Windows, but possibly some Unix? if (!isset($host) && strpos(strtolower(PHP_OS), 'win') !== false && strpos(strtolower(PHP_OS), 'darwin') === false && mt_rand(0, 1) == 1) { $test = @shell_exec('nslookup -timeout=1 ' . @escapeshellarg($ip)); if (strpos($test, 'Non-existent domain') !== false) $host = ''; elseif (preg_match('~Name:\s+([^\s]+)~', $test, $match) == 1) $host = $match[1]; } // This is the last try :/. if (!isset($host) || $host === false) $host = @gethostbyaddr($ip); // It took a long time, so let's cache it! if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.5) cache_put_data('hostlookup-' . $ip, $host, 600); return $host; } // Chops a string into words and prepares them to be inserted into (or searched from) the database. function text2words($text, $max_chars = 20, $encrypt = false) { global $smcFunc, $context; // Step 1: Remove entities/things we don't consider words: $words = preg_replace('~(?:[\x0B\0' . ($context['utf8'] ? ($context['server']['complex_preg_chars'] ? '\x{A0}' : "\xC2\xA0") : '\xA0') . '\t\r\s\n(){}\\[\\]<>!@$%^*.,:+=`\~\?/\\\\]+|&(?:amp|lt|gt|quot);)+~' . ($context['utf8'] ? 'u' : ''), ' ', strtr($text, array('
' => ' '))); // Step 2: Entities we left to letters, where applicable, lowercase. $words = un_htmlspecialchars($smcFunc['strtolower']($words)); // Step 3: Ready to split apart and index! $words = explode(' ', $words); if ($encrypt) { $possible_chars = array_flip(array_merge(range(46, 57), range(65, 90), range(97, 122))); $returned_ints = array(); foreach ($words as $word) { if (($word = trim($word, '-_\'')) !== '') { $encrypted = substr(crypt($word, 'uk'), 2, $max_chars); $total = 0; for ($i = 0; $i < $max_chars; $i++) $total += $possible_chars[ord($encrypted{$i})] * pow(63, $i); $returned_ints[] = $max_chars == 4 ? min($total, 16777215) : $total; } } return array_unique($returned_ints); } else { // Trim characters before and after and add slashes for database insertion. $returned_words = array(); foreach ($words as $word) if (($word = trim($word, '-_\'')) !== '') $returned_words[] = $max_chars === null ? $word : substr($word, 0, $max_chars); // Filter out all words that occur more than once. return array_unique($returned_words); } } // Creates an image/text button function create_button($name, $alt, $label = '', $custom = '', $force_use = false) { global $settings, $txt, $context; // Does the current loaded theme have this and we are not forcing the usage of this function? if (function_exists('template_create_button') && !$force_use) return template_create_button($name, $alt, $label = '', $custom = ''); if (!$settings['use_image_buttons']) return $txt[$alt]; elseif (!empty($settings['use_buttons'])) return '' . ($label != '' ? '' . $txt[$label] . '' : ''); else return ''; } // Empty out the cache folder. function clean_cache($type = '') { global $cachedir, $sourcedir; // No directory = no game. if (!is_dir($cachedir)) return; // Remove the files in SMF's own disk cache, if any $dh = opendir($cachedir); while ($file = readdir($dh)) { if ($file != '.' && $file != '..' && $file != 'index.php' && $file != '.htaccess' && (!$type || substr($file, 0, strlen($type)) == $type)) @unlink($cachedir . '/' . $file); } closedir($dh); // Invalidate cache, to be sure! // ... as long as Load.php can be modified, anyway. @touch($sourcedir . '/' . 'Load.php'); clearstatcache(); } // Load classes that are both (E_STRICT) PHP 4 and PHP 5 compatible. function loadClassFile($filename) { global $sourcedir; static $files_included = array(); if (!file_exists($sourcedir . '/' . $filename)) fatal_lang_error('error_bad_file', 'general', array($sourcedir . '/' . $filename)); // Using a version below PHP 5.0? Do a compatibility conversion. if (@version_compare(PHP_VERSION, '5.0.0') != 1) { // Check if it was included before. if (in_array($filename, $files_included)) return; // Make sure we don't include it again. $files_included[] = $filename; // Do some replacements to make it PHP 4 compatible. eval('?' . '>' . preg_replace(array( '~class\s+([\w-_]+)([^}]+)function\s+__construct\s*\(~', '~([\s\t]+)public\s+\$~', '~([\s\t]+)private\s+\$~', '~([\s\t]+)protected\s+\$~', '~([\s\t]+)public\s+function\s+~', '~([\s\t]+)private\s+function\s+~', '~([\s\t]+)protected\s+function\s+~', ), array( 'class $1$2function $1(', '$1var $', '$1var $', '$1var $', '$1function ', '$1function ', '$1function ', ), rtrim(file_get_contents($sourcedir . '/' . $filename)))); } else require_once($sourcedir . '/' . $filename); } function setupMenuContext() { global $context, $modSettings, $user_info, $txt, $scripturl; // Set up the menu privileges. $context['allow_search'] = allowedTo('search_posts'); $context['allow_admin'] = allowedTo(array('admin_forum', 'manage_boards', 'manage_permissions', 'moderate_forum', 'manage_membergroups', 'manage_bans', 'send_mail', 'edit_news', 'manage_attachments', 'manage_smileys')); $context['allow_edit_profile'] = !$user_info['is_guest'] && allowedTo(array('profile_view_own', 'profile_view_any', 'profile_identity_own', 'profile_identity_any', 'profile_extra_own', 'profile_extra_any', 'profile_remove_own', 'profile_remove_any', 'moderate_forum', 'manage_membergroups', 'profile_title_own', 'profile_title_any')); $context['allow_memberlist'] = allowedTo('view_mlist'); $context['allow_calendar'] = allowedTo('calendar_view') && !empty($modSettings['cal_enabled']); $context['allow_moderation_center'] = $context['user']['can_mod']; $context['allow_pm'] = allowedTo('pm_read'); $cacheTime = $modSettings['lastActive'] * 60; // All the buttons we can possible want and then some, try pulling the final list of buttons from cache first. if (($menu_buttons = cache_get_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $cacheTime)) === null || time() - $cacheTime <= $modSettings['settings_updated']) { $buttons = array( 'home' => array( 'title' => $txt['home'], 'href' => $scripturl, 'show' => true, 'sub_buttons' => array( ), 'is_last' => $context['right_to_left'], ), 'help' => array( 'title' => $txt['help'], 'href' => $scripturl . '?action=help', 'show' => true, 'sub_buttons' => array( ), ), 'search' => array( 'title' => $txt['search'], 'href' => $scripturl . '?action=search', 'show' => $context['allow_search'], 'sub_buttons' => array( ), ), 'admin' => array( 'title' => $txt['admin'], 'href' => $scripturl . '?action=admin', 'show' => $context['allow_admin'], 'sub_buttons' => array( 'featuresettings' => array( 'title' => $txt['modSettings_title'], 'href' => $scripturl . '?action=admin;area=featuresettings', 'show' => allowedTo('admin_forum'), ), 'packages' => array( 'title' => $txt['package'], 'href' => $scripturl . '?action=admin;area=packages', 'show' => allowedTo('admin_forum'), ), 'errorlog' => array( 'title' => $txt['errlog'], 'href' => $scripturl . '?action=admin;area=logs;sa=errorlog;desc', 'show' => allowedTo('admin_forum') && !empty($modSettings['enableErrorLogging']), ), 'permissions' => array( 'title' => $txt['edit_permissions'], 'href' => $scripturl . '?action=admin;area=permissions', 'show' => allowedTo('manage_permissions'), 'is_last' => true, ), ), ), 'moderate' => array( 'title' => $txt['moderate'], 'href' => $scripturl . '?action=moderate', 'show' => $context['allow_moderation_center'], 'sub_buttons' => array( 'modlog' => array( 'title' => $txt['modlog_view'], 'href' => $scripturl . '?action=moderate;area=modlog', 'show' => !empty($modSettings['modlog_enabled']) && !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', ), 'poststopics' => array( 'title' => $txt['mc_unapproved_poststopics'], 'href' => $scripturl . '?action=moderate;area=postmod;sa=posts', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'attachments' => array( 'title' => $txt['mc_unapproved_attachments'], 'href' => $scripturl . '?action=moderate;area=attachmod;sa=attachments', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'reports' => array( 'title' => $txt['mc_reported_posts'], 'href' => $scripturl . '?action=moderate;area=reports', 'show' => !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', 'is_last' => true, ), ), ), 'profile' => array( 'title' => $txt['profile'], 'href' => $scripturl . '?action=profile', 'show' => $context['allow_edit_profile'], 'sub_buttons' => array( 'summary' => array( 'title' => $txt['summary'], 'href' => $scripturl . '?action=profile', 'show' => true, ), 'account' => array( 'title' => $txt['account'], 'href' => $scripturl . '?action=profile;area=account', 'show' => allowedTo(array('profile_identity_any', 'profile_identity_own', 'manage_membergroups')), ), 'profile' => array( 'title' => $txt['forumprofile'], 'href' => $scripturl . '?action=profile;area=forumprofile', 'show' => allowedTo(array('profile_extra_any', 'profile_extra_own')), 'is_last' => true, ), ), ), 'pm' => array( 'title' => $txt['pm_short'], 'href' => $scripturl . '?action=pm', 'show' => $context['allow_pm'], 'sub_buttons' => array( 'pm_read' => array( 'title' => $txt['pm_menu_read'], 'href' => $scripturl . '?action=pm', 'show' => allowedTo('pm_read'), ), 'pm_send' => array( 'title' => $txt['pm_menu_send'], 'href' => $scripturl . '?action=pm;sa=send', 'show' => allowedTo('pm_send'), 'is_last' => true, ), ), ), 'bookmarks' => array( 'title' => $txt['bookmarks'], 'href' => $scripturl . '?action=bookmarks', 'show' => allowedTo('make_bookmarks'), 'sub_buttons' => array( ), ), 'calendar' => array( 'title' => $txt['calendar'], 'href' => $scripturl . '?action=calendar', 'show' => $context['allow_calendar'], 'sub_buttons' => array( 'view' => array( 'title' => $txt['calendar_menu'], 'href' => $scripturl . '?action=calendar', 'show' => allowedTo('calendar_post'), ), 'post' => array( 'title' => $txt['calendar_post_event'], 'href' => $scripturl . '?action=calendar;sa=post', 'show' => allowedTo('calendar_post'), 'is_last' => true, ), ), ), 'mlist' => array( 'title' => $txt['members_title'], 'href' => $scripturl . '?action=mlist', 'show' => $context['allow_memberlist'], 'sub_buttons' => array( 'mlist_view' => array( 'title' => $txt['mlist_menu_view'], 'href' => $scripturl . '?action=mlist', 'show' => true, ), 'mlist_search' => array( 'title' => $txt['mlist_search'], 'href' => $scripturl . '?action=mlist;sa=search', 'show' => true, 'is_last' => true, ), ), ), 'login' => array( 'title' => $txt['login'], 'href' => $scripturl . '?action=login', 'show' => $user_info['is_guest'], 'sub_buttons' => array( ), ), 'register' => array( 'title' => $txt['register'], 'href' => $scripturl . '?action=register', 'show' => $user_info['is_guest'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), 'logout' => array( 'title' => $txt['logout'], 'href' => $scripturl . '?action=logout;%1$s=%2$s', 'show' => !$user_info['is_guest'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), ); // Allow editing menu buttons easily. call_integration_hook('integrate_menu_buttons', array(&$buttons)); // Now we put the buttons in the context so the theme can use them. $menu_buttons = array(); foreach ($buttons as $act => $button) if (!empty($button['show'])) { $button['active_button'] = false; $button['accent_button'] = false; // Make sure the last button truely is the last button. if (!empty($button['is_last'])) { if (isset($last_button)) unset($menu_buttons[$last_button]['is_last']); $last_button = $act; } // Go through the sub buttons if there are any. if (!empty($button['sub_buttons'])) foreach ($button['sub_buttons'] as $key => $subbutton) { if (empty($subbutton['show'])) unset($button['sub_buttons'][$key]); // 2nd level sub buttons next... if (!empty($subbutton['sub_buttons'])) { foreach ($subbutton['sub_buttons'] as $key2 => $sub_button2) { if (empty($sub_button2['show'])) unset($button['sub_buttons'][$key]['sub_buttons'][$key2]); } } } $menu_buttons[$act] = $button; } if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) cache_put_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $menu_buttons, $cacheTime); } $context['menu_buttons'] = $menu_buttons; // Logging out requires the session id in the url. if (isset($context['menu_buttons']['logout'])) $context['menu_buttons']['logout']['href'] = sprintf($context['menu_buttons']['logout']['href'], $context['session_var'], $context['session_id']); // Figure out which action we are doing so we can set the active tab. // Default to home. $current_action = 'home'; if (isset($context['menu_buttons'][$context['current_action']])) $current_action = $context['current_action']; elseif ($context['current_action'] == 'search2') $current_action = 'search'; elseif ($context['current_action'] == 'theme') $current_action = isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? 'profile' : 'admin'; elseif ($context['current_action'] == 'register2') $current_action = 'register'; elseif ($context['current_action'] == 'login2' || ($user_info['is_guest'] && $context['current_action'] == 'reminder')) $current_action = 'login'; elseif ($context['current_action'] == 'groups' && $context['allow_moderation_center']) $current_action = 'moderate'; $context['menu_buttons'][$current_action]['active_button'] = true; if (!$user_info['is_guest'] && !empty($context['open_mod_reports']) && $context['show_open_reports'] && isset($context['menu_buttons']['moderate'])) { $context['menu_buttons']['moderate']['alttitle'] = $context['menu_buttons']['moderate']['title'] . ' [' . $context['open_mod_reports'] . ']'; $context['menu_buttons']['moderate']['title'] .= ' [' . $context['open_mod_reports'] . ']'; $context['menu_buttons']['moderate']['accent_button'] = true; } if (!$user_info['is_guest'] && $context['user']['unread_messages'] > 0 && isset($context['menu_buttons']['pm'])) { $context['menu_buttons']['pm']['alttitle'] = $context['menu_buttons']['pm']['title'] . ' [' . $context['user']['unread_messages'] . ']'; $context['menu_buttons']['pm']['title'] .= ' [' . $context['user']['unread_messages'] . ']'; $context['menu_buttons']['pm']['accent_button'] = true; } } // Generate a random seed and ensure it's stored in settings. function smf_seed_generator() { global $modSettings; // Never existed? if (empty($modSettings['rand_seed'])) { $modSettings['rand_seed'] = microtime() * 1000000; updateSettings(array('rand_seed' => $modSettings['rand_seed'])); } if (@version_compare(PHP_VERSION, '4.2.0') == -1) { $seed = ($modSettings['rand_seed'] + ((double) microtime() * 1000003)) & 0x7fffffff; mt_srand($seed); } // Change the seed. updateSettings(array('rand_seed' => mt_rand())); } // Process functions of an integration hook. function call_integration_hook($hook, $parameters = array()) { global $modSettings; $results = array(); if (empty($modSettings[$hook])) return $results; $functions = explode(',', $modSettings[$hook]); // Loop through each function. foreach ($functions as $function) { $function = trim($function); $call = strpos($function, '::') !== false ? explode('::', $function) : $function; // Is it valid? if (is_callable($call)) $results[$function] = call_user_func_array($call, $parameters); } return $results; } // Add a function for integration hook. function add_integration_function($hook, $function, $permanent = true) { global $smcFunc, $modSettings; // Is it going to be permanent? if ($permanent) { $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($function, $current_functions)) return; $permanent_functions = array_merge($current_functions, array($function)); } else $permanent_functions = array($function); updateSettings(array($hook => implode(',', $permanent_functions))); } // Make current function list usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // Do nothing, if it's already there. if (in_array($function, $functions)) return; $functions[] = $function; $modSettings[$hook] = implode(',', $functions); } // Decode numeric html entities to their ascii or UTF8 equivalent character. function replaceEntities__callback($matches) { global $context; if (!isset($matches[2])) return ''; $num = $matches[2][0] === 'x' ? hexdec(substr($matches[2], 1)) : (int) $matches[2]; // remove left to right / right to left overrides if ($num === 0x202D || $num === 0x202E) return ''; // Quote, Ampersand, Apostrophe, Less/Greater Than get html replaced if (in_array($num, array(0x22, 0x26, 0x27, 0x3C, 0x3E))) return '&#' . $num . ';'; if (empty($context['utf8'])) { // no control characters if ($num < 0x20) return ''; // text is text elseif ($num < 0x80) return chr($num); // all others get html-ised else return '&#' . $matches[2] . ';'; } else { // <0x20 are control characters, 0x20 is a space, > 0x10FFFF is past the end of the utf8 character set // 0xD800 >= $num <= 0xDFFF are surrogate markers (not valid for utf8 text) if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF)) return ''; // <0x80 (or less than 128) are standard ascii characters a-z A-Z 0-9 and puncuation elseif ($num < 0x80) return chr($num); // <0x800 (2048) elseif ($num < 0x800) return chr(($num >> 6) + 192) . chr(($num & 63) + 128); // < 0x10000 (65536) elseif ($num < 0x10000) return chr(($num >> 12) + 224) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); // <= 0x10FFFF (1114111) else return chr(($num >> 18) + 240) . chr((($num >> 12) & 63) + 128) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); } } // Converts html entities to utf8 equivalents. function fixchar__callback($matches) { if (!isset($matches[1])) return ''; $num = $matches[1][0] === 'x' ? hexdec(substr($matches[1], 1)) : (int) $matches[1]; // <0x20 are control characters, > 0x10FFFF is past the end of the utf8 character set // 0xD800 >= $num <= 0xDFFF are surrogate markers (not valid for utf8 text), 0x202D-E are left to right overrides if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num === 0x202D || $num === 0x202E) return ''; // <0x80 (or less than 128) are standard ascii characters a-z A-Z 0-9 and puncuation elseif ($num < 0x80) return chr($num); // <0x800 (2048) elseif ($num < 0x800) return chr(($num >> 6) + 192) . chr(($num & 63) + 128); // < 0x10000 (65536) elseif ($num < 0x10000) return chr(($num >> 12) + 224) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); // <= 0x10FFFF (1114111) else return chr(($num >> 18) + 240) . chr((($num >> 12) & 63) + 128) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); } // Strips out invalid html entities, replaces others with html style { codes. function entity_fix__callback($matches) { if (!isset($matches[2])) return ''; $num = $matches[2][0] === 'x' ? hexdec(substr($matches[2], 1)) : (int) $matches[2]; // we don't allow control characters, characters out of range, byte markers, etc if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num == 0x202D || $num == 0x202E) return ''; else return '&#' . $num . ';'; } // Remove an integration hook function. function remove_integration_function($hook, $function) { global $smcFunc, $modSettings; // Get the permanent functions. $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($function, $current_functions)) updateSettings(array($hook => implode(',', array_diff($current_functions, array($function))))); } // Turn the function list into something usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // You can only remove it if it's available. if (!in_array($function, $functions)) return; $functions = array_diff($functions, array($function)); $modSettings[$hook] = implode(',', $functions); } function word_break__preg_callback($matches) { global $modSettings, $context; return preg_replace('~(.{' . ($modSettings['fixLongWords'] - 1) . '})~' . ($context['utf8'] ? 'u' : ''), '$1< >', $matches[1]); } function fix_redirect_sid__preg_callback($matches) { global $scripturl; return $scripturl . '/' . strtr($matches[1], '&;=', '//,') . '.html?' . SID . (isset($matches[2]) ? $matches[2] : ''); } function fix_redirect_path__preg_callback($matches) { global $scripturl; return $scripturl . '/' . strtr($matches[1], '&;=', '//,') . '.html' . (isset($matches[2]) ? $matches[2] : ''); } function return_chr__preg_callback($matches) { return chr($matches[1]); } /** * Safe serialize() and unserialize() replacements * * @license Public Domain * * @author anthon (dot) pang (at) gmail (dot) com */ /** * Safe serialize() replacement. Recursive * - output a strict subset of PHP's native serialized representation * - does not serialize objects * * @param mixed $value * @return string */ function _safe_serialize($value) { if(is_null($value)) return 'N;'; if(is_bool($value)) return 'b:'. (int) $value .';'; if(is_int($value)) return 'i:'. $value .';'; if(is_float($value)) return 'd:'. str_replace(',', '.', $value) .';'; if(is_string($value)) return 's:'. strlen($value) .':"'. $value .'";'; if(is_array($value)) { $out = ''; foreach($value as $k => $v) $out .= _safe_serialize($k) . _safe_serialize($v); return 'a:'. count($value) .':{'. $out .'}'; } // safe_serialize cannot serialize resources or objects. return false; } /** * Wrapper for _safe_serialize() that handles exceptions and multibyte encoding issues. * * @param mixed $value * @return string */ function safe_serialize($value) { // Make sure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if (function_exists('mb_internal_encoding') && (((int) ini_get('mbstring.func_overload')) & 2)) { $mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_serialize($value); if (isset($mbIntEnc)) mb_internal_encoding($mbIntEnc); return $out; } /** * Safe unserialize() replacement * - accepts a strict subset of PHP's native serialized representation * - does not unserialize objects * * @param string $str * @return mixed * @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects) */ function _safe_unserialize($str) { // Input is not a string. if(empty($str) || !is_string($str)) return false; $stack = array(); $expected = array(); /* * states: * 0 - initial state, expecting a single value or array * 1 - terminal state * 2 - in array, expecting end of array or a key * 3 - in array, expecting value or another array */ $state = 0; while($state != 1) { $type = isset($str[0]) ? $str[0] : ''; if($type == '}') $str = substr($str, 1); else if($type == 'N' && $str[1] == ';') { $value = null; $str = substr($str, 2); } else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches)) { $value = $matches[1] == '1' ? true : false; $str = substr($str, 4); } else if($type == 'i' && preg_match('/^i:(-?[0-9]+);(.*)/s', $str, $matches)) { $value = (int)$matches[1]; $str = $matches[2]; } else if($type == 'd' && preg_match('/^d:(-?[0-9]+\.?[0-9]*(E[+-][0-9]+)?);(.*)/s', $str, $matches)) { $value = (float)$matches[1]; $str = $matches[3]; } else if($type == 's' && preg_match('/^s:([0-9]+):"(.*)/s', $str, $matches) && substr($matches[2], (int)$matches[1], 2) == '";') { $value = substr($matches[2], 0, (int)$matches[1]); $str = substr($matches[2], (int)$matches[1] + 2); } else if($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && $matches[1] < 256) { $expectedLength = (int)$matches[1]; $str = $matches[2]; } // Object or unknown/malformed type. else return false; switch($state) { case 3: // In array, expecting value or another array. if($type == 'a') { $stack[] = &$list; $list[$key] = array(); $list = &$list[$key]; $expected[] = $expectedLength; $state = 2; break; } if($type != '}') { $list[$key] = $value; $state = 2; break; } // Missing array value. return false; case 2: // in array, expecting end of array or a key if($type == '}') { // Array size is less than expected. if(count($list) < end($expected)) return false; unset($list); $list = &$stack[count($stack)-1]; array_pop($stack); // Go to terminal state if we're at the end of the root array. array_pop($expected); if(count($expected) == 0) $state = 1; break; } if($type == 'i' || $type == 's') { // Array size exceeds expected length. if(count($list) >= end($expected)) return false; $key = $value; $state = 3; break; } // Illegal array index type. return false; // Expecting array or value. case 0: if($type == 'a') { $data = array(); $list = &$data; $expected[] = $expectedLength; $state = 2; break; } if($type != '}') { $data = $value; $state = 1; break; } // Not in array. return false; } } // Trailing data in input. if(!empty($str)) return false; return $data; } /** * Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue * * @param string $str * @return mixed */ function safe_unserialize($str) { // Make sure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if (function_exists('mb_internal_encoding') && (((int) ini_get('mbstring.func_overload')) & 0x02)) { $mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_unserialize($str); if (isset($mbIntEnc)) mb_internal_encoding($mbIntEnc); return $out; } ?>