2 /***************************************************************************
5 * begin : Saturday, Feb 13, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
9 * $Id: functions.php,v 1.133.2.38 2005/12/19 18:01:36 acydburn Exp $
12 ***************************************************************************/
14 /***************************************************************************
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
22 ***************************************************************************/
24 function get_db_stat($mode)
31 $sql = "SELECT COUNT(user_id) AS total
32 FROM " . USERS_TABLE . "
33 WHERE user_id <> " . ANONYMOUS;
37 $sql = "SELECT user_id, username
38 FROM " . USERS_TABLE . "
39 WHERE user_id <> " . ANONYMOUS . "
46 $sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total
47 FROM " . FORUMS_TABLE;
51 if ( !($result = $db->sql_query($sql)) )
56 $row = $db->sql_fetchrow($result);
67 return $row['post_total'];
70 return $row['topic_total'];
77 // added at phpBB 2.0.11 to properly format the username
78 function phpbb_clean_username($username)
80 $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
81 $username = phpbb_rtrim($username, "\\");
82 $username = str_replace("'", "\'", $username);
88 * This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0
89 * Added in phpBB 2.0.18
91 function phpbb_ltrim($str, $charlist = false)
93 if ($charlist === false)
98 $php_version = explode('.', PHP_VERSION);
100 // php version < 4.1.0
101 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
103 while ($str{0} == $charlist)
105 $str = substr($str, 1);
110 $str = ltrim($str, $charlist);
116 // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
117 function phpbb_rtrim($str, $charlist = false)
119 if ($charlist === false)
124 $php_version = explode('.', PHP_VERSION);
126 // php version < 4.1.0
127 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
129 while ($str{strlen($str)-1} == $charlist)
131 $str = substr($str, 0, strlen($str)-1);
136 $str = rtrim($str, $charlist);
143 // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
145 function get_userdata($user, $force_str = false)
149 if (!is_numeric($user) || $force_str)
151 $user = phpbb_clean_username($user);
155 $user = intval($user);
159 FROM " . USERS_TABLE . "
161 $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
162 if ( !($result = $db->sql_query($sql)) )
164 message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
167 return ( $row = $db->sql_fetchrow($result) ) ? $row : false;
170 function make_jumpbox($action, $match_forum_id = 0)
172 global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID;
174 // $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
176 $sql = "SELECT c.cat_id, c.cat_title, c.cat_order
177 FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
178 WHERE f.cat_id = c.cat_id
179 GROUP BY c.cat_id, c.cat_title, c.cat_order
180 ORDER BY c.cat_order";
181 if ( !($result = $db->sql_query($sql)) )
183 message_die(GENERAL_ERROR, "Couldn't obtain category list.", "", __LINE__, __FILE__, $sql);
186 $category_rows = array();
187 while ( $row = $db->sql_fetchrow($result) )
189 $category_rows[] = $row;
192 if ( $total_categories = count($category_rows) )
195 FROM " . FORUMS_TABLE . "
196 ORDER BY cat_id, forum_order";
197 if ( !($result = $db->sql_query($sql)) )
199 message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql);
202 $boxstring = '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>';
204 $forum_rows = array();
205 while ( $row = $db->sql_fetchrow($result) )
207 $forum_rows[] = $row;
210 if ( $total_forums = count($forum_rows) )
212 for($i = 0; $i < $total_categories; $i++)
214 $boxstring_forums = '';
215 for($j = 0; $j < $total_forums; $j++)
217 if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG )
220 // if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $is_auth[$forum_rows[$j]['forum_id']]['auth_view'] )
222 $selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : '';
223 $boxstring_forums .= '<option value="' . $forum_rows[$j]['forum_id'] . '"' . $selected . '>' . $forum_rows[$j]['forum_name'] . '</option>';
226 // Add an array to $nav_links for the Mozilla navigation bar.
227 // 'chapter' and 'forum' can create multiple items, therefore we are using a nested array.
229 $nav_links['chapter forum'][$forum_rows[$j]['forum_id']] = array (
230 'url' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id']),
231 'title' => $forum_rows[$j]['forum_name']
237 if ( $boxstring_forums != '' )
239 $boxstring .= '<option value="-1"> </option>';
240 $boxstring .= '<option value="-1">' . $category_rows[$i]['cat_title'] . '</option>';
241 $boxstring .= '<option value="-1">----------------</option>';
242 $boxstring .= $boxstring_forums;
247 $boxstring .= '</select>';
251 $boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
254 // Let the jumpbox work again in sites having additional session id checks.
255 // if ( !empty($SID) )
257 $boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
260 $template->set_filenames(array(
261 'jumpbox' => 'jumpbox.tpl')
263 $template->assign_vars(array(
264 'L_GO' => $lang['Go'],
265 'L_JUMP_TO' => $lang['Jump_to'],
266 'L_SELECT_FORUM' => $lang['Select_forum'],
268 'S_JUMPBOX_SELECT' => $boxstring,
269 'S_JUMPBOX_ACTION' => append_sid($action))
271 $template->assign_var_from_handle('JUMPBOX', 'jumpbox');
277 // Initialise user settings on page load
278 function init_userprefs($userdata)
280 global $board_config, $theme, $images;
281 global $template, $lang, $phpEx, $phpbb_root_path;
284 if ( $userdata['user_id'] != ANONYMOUS )
286 if ( !empty($userdata['user_lang']))
288 $board_config['default_lang'] = $userdata['user_lang'];
291 if ( !empty($userdata['user_dateformat']) )
293 $board_config['default_dateformat'] = $userdata['user_dateformat'];
296 if ( isset($userdata['user_timezone']) )
298 $board_config['board_timezone'] = $userdata['user_timezone'];
302 if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx)) )
304 $board_config['default_lang'] = 'english';
307 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
309 if ( defined('IN_ADMIN') )
311 if( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx)) )
313 $board_config['default_lang'] = 'english';
316 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx);
322 if ( !$board_config['override_user_style'] )
324 if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_style'] > 0 )
326 if ( $theme = setup_style($userdata['user_style']) )
333 $theme = setup_style($board_config['default_style']);
336 // Mozilla navigation bar
337 // Default items that should be valid on all pages.
338 // Defined here to correctly assign the Language Variables
339 // and be able to change the variables within code.
341 $nav_links['top'] = array (
342 'url' => append_sid($phpbb_root_path . 'index.' . $phpEx),
343 'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
345 $nav_links['search'] = array (
346 'url' => append_sid($phpbb_root_path . 'search.' . $phpEx),
347 'title' => $lang['Search']
349 $nav_links['help'] = array (
350 'url' => append_sid($phpbb_root_path . 'faq.' . $phpEx),
351 'title' => $lang['FAQ']
353 $nav_links['author'] = array (
354 'url' => append_sid($phpbb_root_path . 'memberlist.' . $phpEx),
355 'title' => $lang['Memberlist']
361 function setup_style($style)
363 global $db, $board_config, $template, $images, $phpbb_root_path;
366 FROM " . THEMES_TABLE . "
367 WHERE themes_id = $style";
368 if ( !($result = $db->sql_query($sql)) )
370 message_die(CRITICAL_ERROR, 'Could not query database for theme info');
373 if ( !($row = $db->sql_fetchrow($result)) )
375 message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
378 $template_path = 'templates/' ;
379 $template_name = $row['template_name'] ;
381 $template = new Template($phpbb_root_path . $template_path . $template_name);
385 $current_template_path = $template_path . $template_name;
386 @include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg');
388 if ( !defined('TEMPLATE_CONFIG') )
390 message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__);
393 $img_lang = ( file_exists(@phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english';
395 while( list($key, $value) = @each($images) )
397 if ( !is_array($value) )
399 $images[$key] = str_replace('{LANG}', 'lang_' . $img_lang, $value);
407 function encode_ip($dotquad_ip)
409 $ip_sep = explode('.', $dotquad_ip);
410 return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
413 function decode_ip($int_ip)
415 $hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
416 return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
420 // Create date/time from format and timezone
422 function create_date($format, $gmepoch, $tz)
424 global $board_config, $lang;
427 if ( empty($translate) && $board_config['default_lang'] != 'english' )
429 @reset($lang['datetime']);
430 while ( list($match, $replace) = @each($lang['datetime']) )
432 $translate[$match] = $replace;
436 return ( !empty($translate) ) ? strtr(@gmdate($format, $gmepoch + (3600 * $tz)), $translate) : @gmdate($format, $gmepoch + (3600 * $tz));
440 // Pagination routine, generates
441 // page number sequence
443 function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE)
447 $total_pages = ceil($num_items/$per_page);
449 if ( $total_pages == 1 )
454 $on_page = floor($start_item / $per_page) + 1;
457 if ( $total_pages > 10 )
459 $init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages;
461 for($i = 1; $i < $init_page_max + 1; $i++)
463 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
464 if ( $i < $init_page_max )
466 $page_string .= ", ";
470 if ( $total_pages > 3 )
472 if ( $on_page > 1 && $on_page < $total_pages )
474 $page_string .= ( $on_page > 5 ) ? ' ... ' : ', ';
476 $init_page_min = ( $on_page > 4 ) ? $on_page : 5;
477 $init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4;
479 for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++)
481 $page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
482 if ( $i < $init_page_max + 1 )
484 $page_string .= ', ';
488 $page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', ';
492 $page_string .= ' ... ';
495 for($i = $total_pages - 2; $i < $total_pages + 1; $i++)
497 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
498 if( $i < $total_pages )
500 $page_string .= ", ";
507 for($i = 1; $i < $total_pages + 1; $i++)
509 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
510 if ( $i < $total_pages )
512 $page_string .= ', ';
517 if ( $add_prevnext_text )
521 $page_string = ' <a href="' . append_sid($base_url . "&start=" . ( ( $on_page - 2 ) * $per_page ) ) . '">' . $lang['Previous'] . '</a> ' . $page_string;
524 if ( $on_page < $total_pages )
526 $page_string .= ' <a href="' . append_sid($base_url . "&start=" . ( $on_page * $per_page ) ) . '">' . $lang['Next'] . '</a>';
531 $page_string = $lang['Goto_page'] . ' ' . $page_string;
537 // This does exactly what preg_quote() does in PHP 4-ish
538 // If you just need the 1-parameter preg_quote call, then don't bother using this.
540 function phpbb_preg_quote($str, $delimiter)
542 $text = preg_quote($str);
543 $text = str_replace($delimiter, '\\' . $delimiter, $text);
549 // Obtain list of naughty words and build preg style replacement arrays for use by the
550 // calling script, note that the vars are passed as references this just makes it easier
551 // to return both sets of arrays
553 function obtain_word_list(&$orig_word, &$replacement_word)
558 // Define censored word matches
560 $sql = "SELECT word, replacement
561 FROM " . WORDS_TABLE;
562 if( !($result = $db->sql_query($sql)) )
564 message_die(GENERAL_ERROR, 'Could not get censored words from database', '', __LINE__, __FILE__, $sql);
567 if ( $row = $db->sql_fetchrow($result) )
571 $orig_word[] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i';
572 $replacement_word[] = $row['replacement'];
574 while ( $row = $db->sql_fetchrow($result) );
581 // This is general replacement for die(), allows templated
582 // output in users (or default) language, etc.
584 // $msg_code can be one of these constants:
586 // GENERAL_MESSAGE : Use for any simple text message, eg. results
587 // of an operation, authorisation failures, etc.
589 // GENERAL ERROR : Use for any error which occurs _AFTER_ the
590 // common.php include and session code, ie. most errors in
593 // CRITICAL_MESSAGE : Used when basic config data is available but
594 // a session may not exist, eg. banned users
596 // CRITICAL_ERROR : Used when config data cannot be obtained, eg
597 // no database connection. Should _not_ be used in 99.5% of cases
599 function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
601 global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links, $gen_simple_header, $images;
602 global $userdata, $user_ip, $session_length;
605 if(defined('HAS_DIED'))
607 die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
610 define('HAS_DIED', 1);
616 // Get SQL error if we are debugging. Do this as soon as possible to prevent
617 // subsequent queries from overwriting the status of sql_error()
619 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
621 $sql_error = $db->sql_error();
625 if ( $sql_error['message'] != '' )
627 $debug_text .= '<br /><br />SQL Error : ' . $sql_error['code'] . ' ' . $sql_error['message'];
630 if ( $sql_store != '' )
632 $debug_text .= "<br /><br />$sql_store";
635 if ( $err_line != '' && $err_file != '' )
637 $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
641 if( empty($userdata) && ( $msg_code == GENERAL_MESSAGE || $msg_code == GENERAL_ERROR ) )
643 $userdata = session_pagestart($user_ip, PAGE_INDEX);
644 init_userprefs($userdata);
648 // If the header hasn't been output then do it
650 if ( !defined('HEADER_INC') && $msg_code != CRITICAL_ERROR )
654 if ( !empty($board_config['default_lang']) )
656 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx);
660 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx);
664 if ( empty($template) )
666 $template = new Template($phpbb_root_path . 'templates/' . $board_config['board_template']);
670 $theme = setup_style($board_config['default_style']);
674 // Load the Page Header
676 if ( !defined('IN_ADMIN') )
678 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
682 include($phpbb_root_path . 'admin/page_header_admin.'.$phpEx);
688 case GENERAL_MESSAGE:
689 if ( $msg_title == '' )
691 $msg_title = $lang['Information'];
695 case CRITICAL_MESSAGE:
696 if ( $msg_title == '' )
698 $msg_title = $lang['Critical_Information'];
703 if ( $msg_text == '' )
705 $msg_text = $lang['An_error_occured'];
708 if ( $msg_title == '' )
710 $msg_title = $lang['General_Error'];
716 // Critical errors mean we cannot rely on _ANY_ DB information being
717 // available so we're going to dump out a simple echo'd statement
719 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx);
721 if ( $msg_text == '' )
723 $msg_text = $lang['A_critical_error'];
726 if ( $msg_title == '' )
728 $msg_title = 'phpBB : <b>' . $lang['Critical_Error'] . '</b>';
734 // Add on DEBUG info if we've enabled debug mode and this is an error. This
735 // prevents debug info being output for general messages should DEBUG be
736 // set TRUE by accident (preventing confusion for the end user!)
738 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
740 if ( $debug_text != '' )
742 $msg_text = $msg_text . '<br /><br /><b><u>DEBUG MODE</u></b>' . $debug_text;
746 if ( $msg_code != CRITICAL_ERROR )
748 if ( !empty($lang[$msg_text]) )
750 $msg_text = $lang[$msg_text];
753 if ( !defined('IN_ADMIN') )
755 $template->set_filenames(array(
756 'message_body' => 'message_body.tpl')
761 $template->set_filenames(array(
762 'message_body' => 'admin/admin_message_body.tpl')
766 $template->assign_vars(array(
767 'MESSAGE_TITLE' => $msg_title,
768 'MESSAGE_TEXT' => $msg_text)
770 $template->pparse('message_body');
772 if ( !defined('IN_ADMIN') )
774 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
778 include($phpbb_root_path . 'admin/page_footer_admin.'.$phpEx);
783 echo "<html>\n<body>\n" . $msg_title . "\n<br /><br />\n" . $msg_text . "</body>\n</html>";
790 // This function is for compatibility with PHP 4.x's realpath()
791 // function. In later versions of PHP, it needs to be called
792 // to do checks with some functions. Older versions of PHP don't
793 // seem to need this, so we'll just return the original value.
794 // dougk_ff7 <October 5, 2002>
795 function phpbb_realpath($path)
797 global $phpbb_root_path, $phpEx;
799 return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path);
802 function redirect($url)
804 global $db, $board_config;
811 if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
813 message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
816 $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
817 $server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name']));
818 $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
819 $script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path']));
820 $script_name = ($script_name == '') ? $script_name : '/' . $script_name;
821 $url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url));
823 // Redirect via an HTML form for PITA webservers
824 if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
826 header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url);
827 echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>';
831 // Behave as per HTTP/1.1 spec for others
832 header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url);