search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Codechange: Gruppierung der Ausgabe der Benutzerliste, Tabellen mit <thead> und ...
[wmmkf.git] / inc.php
bloba38b81fc0bad8b692a97bf9edb914cd3061c3925
1 <?php
2 ###############################################################################
3 # my little forum #
4 # Copyright (C) 2005 Alex #
5 # http://www.mylittlehomepage.net/ #
6 # #
7 # This program is free software; you can redistribute it and/or #
8 # modify it under the terms of the GNU General Public License #
9 # as published by the Free Software Foundation; either version 2 #
10 # of the License, or (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program; if not, write to the Free Software #
19 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #
20 ###############################################################################
21
22 #ini_set('display_errors', 1);
23 #error_reporting(E_ALL);
24
25 ini_set('arg_separator.output', '&amp;');
26 header('Content-Type: text/html; charset=UTF-8');
27
28 #ini_set("session.use_trans_sid","0");
29 session_start();
30
31 if (!extension_loaded('mbstring')) include_once('/functions/funcs.mb_replacements.php');
32 include("db_settings.php");
33 include("functions.php");
34
35 mb_internal_encoding('UTF-8');
36
37 # additional headers (caching)
38 if (mb_strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') === false) { header('Cache-Control: public, max-age=900'); }
39 $headerdate = gmdate('D, d M Y H:i:s',time()+60);
40 header('Expires: '.$headerdate.' GMT');
41
42 # for details see: http://de.php.net/manual/en/security.magicquotes.disabling.php
43 if (get_magic_quotes_gpc())
44 {
45 $_POST = array_map('stripslashes_deep', $_POST);
46 $_GET = array_map('stripslashes_deep', $_GET);
47 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
48 $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
49 }
50
51
52 $connid = connect_db($db_settings['host'], $db_settings['user'], $db_settings['pw'], $db_settings['db']);
53 $settings = get_settings();
54
55 /**
56 * set default for debug mode (no)
57 * if visitor is not admin and debug mode
58 * is not setted manually to different value
59 */
60 if (!isset($_SESSION[$settings['session_prefix'].'user_type'])
61 or $_SESSION[$settings['session_prefix'].'user_type']!='admin'
62 or ($_SESSION[$settings['session_prefix'].'user_type']=='admin'
63 and empty($_SESSION[$settings['session_prefix'].'debug']))) {
64 $_SESSION[$settings['session_prefix'].'debug'] = 'no';
65 }
66
67 include("lang/english.php");
68 $lang = outputLangDebugOrNot($lang, "english.php");
69 include("lang/".$settings['language_file']);
70 $lang = outputLangDebugOrNot($lang, $settings['language_file']);
71 setlocale(LC_ALL, $lang['locale']);
72 if (isset($_SESSION[$settings['session_prefix'].'user_id']))
73 {
74 $MyOwnSettings = getMyOwnSettings($_SESSION[$settings['session_prefix'].'user_id']);
75 }
76
77 if (basename($_SERVER['SCRIPT_NAME'])!='login.php'
78 && basename($_SERVER['SCRIPT_NAME'])!='info.php'
79 && (!(isset($_SESSION[$settings['session_prefix'].'user_type'])
80 && $_SESSION[$settings['session_prefix'].'user_type']=='admin'))
81 && $settings['forum_disabled']==1)
82 {
83 if (isset($_SESSION[$settings['session_prefix'].'user_type']) && $_SESSION[$settings['session_prefix'].'user_type'] != 'admin')
84 {
85 session_destroy();
86 setcookie("auto_login", "", 0);
87 }
88 header('location: '.$settings['forum_address'].'info.php?info=1');
89 die('<a href="info.php?info=1">further...</a>');
90 }
91
92 /**
93 * check for outdated IPs in the banlist
94 */
95 $queryCheckBannedIPs = "DELETE FROM ". $db_settings['banned_ips_table'] ."
96 WHERE DATE_SUB(NOW(), INTERVAL 60 DAY) > last_date
97 AND requests < 3";
98 @mysql_query($queryCheckBannedIPs, $connid);
99
100 /**
101 * look if IP is banned
102 */
103 $queryGetBannedIP = "SELECT
104 INET_NTOA(ip) AS match_ip,
105 last_date,
106 requests
107 FROM ". $db_settings['banned_ips_table'] ."
108 WHERE ip = INET_ATON('". mysql_real_escape_string($_SERVER["REMOTE_ADDR"]) ."')";
109 $ip_result = mysql_query($queryGetBannedIP, $connid);
110 if (!$ip_result) die($lang['db_error']);
111
112 if (mysql_num_rows($ip_result) > 0)
113 {
114 $data = mysql_fetch_assoc($ip_result);
115 if ($data['match_ip'] == $_SERVER["REMOTE_ADDR"])
116 {
117 $querySetBannedIP = "UPDATE ". $db_settings['banned_ips_table'] ." SET
118 ip = ip,
119 last_date = NOW(),
120 requests = IF(requests > 4, requests, requests + 1)
121 WHERE ip = INET_ATON('". mysql_real_escape_string($_SERVER["REMOTE_ADDR"]) ."')";
122 $ips_result = mysql_query($querySetBannedIP, $connid);
123 if ($data['requests'] >= 5)
124 {
125 # give back http status 503, if there are equal or more than 5 requests from a spam-IP
126 header('HTTP/1.1 503 Service Unavailable');
127 header("Status: 503 Service Unavailable");
128 header('Retry-After: 600');
129 header('Connection: close');
130 exit();
131 }
132 else
133 {
134 processLogOutUser("login.php?msg=user_banned", $lang['ip_no_access']);
135 }
136 }
137 }
138 mysql_free_result($ip_result);
139
140 /**
141 * look if user is banned:
142 */
143 if (isset($_SESSION[$settings['session_prefix'].'user_name']))
144 {
145 $ban_result = mysql_query("SELECT list FROM ".$db_settings['banlists_table']." WHERE name = 'users' LIMIT 1", $connid);
146 if (!$ban_result) die($lang['db_error']);
147 $data = mysql_fetch_assoc($ban_result);
148 mysql_free_result($ban_result);
149 if (trim($data['list']) != '')
150 {
151 $banned_users_array = explode(',', mb_strtolower(trim($data['list'])));
152 if (in_array(mb_strtolower($_SESSION[$settings['session_prefix'].'user_name']),$banned_users_array) && $_SESSION[$settings['session_prefix'].'user_type']!='admin')
153 {
154 processLogOutUser("login.php?msg=user_banned", $lang['user_banned']);
155 }
156 }
157 }
158
159 /**
160 * determine last visit:
161 */
162 if (empty($_SESSION[$settings['session_prefix']."user_id"])
163 && $settings['remember_last_visit'] == 1)
164 {
165 if (isset($_COOKIE['last_visit']))
166 {
167 $c_last_visit = explode(".", $_COOKIE['last_visit']);
168 $c_last_visit[0] = (isset($c_last_visit[0])) ? trim($c_last_visit[0]) : time();
169 $c_last_visit[1] = (isset($c_last_visit[1])) ? trim($c_last_visit[1]) : time();
170 if ($c_last_visit[1] < (time() - 600))
171 {
172 $c_last_visit[0] = $c_last_visit[1];
173 $c_last_visit[1] = time();
174 setcookie("last_visit", $c_last_visit[0].".".$c_last_visit[1], time()+(3600*24*30));
175 }
176 }
177 else
178 {
179 setcookie("last_visit", time().".".time(), time()+(3600*24*30));
180 }
181 }
182
183 $last_visit = (isset($c_last_visit)) ? $c_last_visit[0] : time();
184
185 # process the standard parameters
186 # and put them into the session
187 processStandardParametersGET();
188
189 $categories = get_categories();
190 $category_ids = get_category_ids($categories);
191 if ($category_ids !== false) $category_ids_query = implode(", ", $category_ids);
192
193 if (isset($_SESSION[$settings['session_prefix'].'user_id'])) $category_accession = category_accession();
194
195 /**
196 * count postings, threads, users and users online:
197 */
198 if ($categories === false)
199 {
200 # no categories defined
201 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['forum_table']." WHERE pid = 0", $connid);
202 list($thread_count) = mysql_fetch_row($count_result);
203 mysql_free_result($count_result);
204 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['forum_table'], $connid);
205 list($posting_count) = mysql_fetch_row($count_result);
206 mysql_free_result($count_result);
207 }
208 else if (is_array($categories))
209 {
210 # there are categories
211 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['forum_table']." WHERE pid = 0 AND category IN (".$category_ids_query.")", $connid);
212 list($thread_count) = mysql_fetch_row($count_result);
213 mysql_free_result($count_result);
214 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['forum_table']." WHERE category IN (".$category_ids_query.")", $connid);
215 list($posting_count) = mysql_fetch_row($count_result);
216 mysql_free_result($count_result);
217 }
218 else
219 {
220 $thread_count = 0;
221 $posting_count = 0;
222 }
223
224 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['userdata_table'], $connid);
225 list($user_count) = mysql_fetch_row($count_result);
226
227 if ($settings['count_users_online'] == 1)
228 {
229 processSetUsersOnline();
230 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['useronline_table']." WHERE user_id > 0", $connid);
231 list($useronline_count) = mysql_fetch_row($count_result);
232 $count_result = mysql_query("SELECT COUNT(*) FROM ".$db_settings['useronline_table']." WHERE user_id = 0", $connid);
233 list($guestsonline_count) = mysql_fetch_row($count_result);
234 $counter = str_replace("[postings]", $posting_count, $lang['counter_uo']);
235 $counter = str_replace("[threads]", $thread_count, $counter);
236 $counter = str_replace("[users]", $user_count, $counter);
237 $counter = str_replace("[total_online]", $useronline_count+$guestsonline_count, $counter);
238 $counter = str_replace("[user_online]", $useronline_count, $counter);
239 $counter = str_replace("[guests_online]", $guestsonline_count, $counter);
240 }
241 else
242 {
243 $counter = str_replace("[forum_name]", '<a href="'.$settings['forum_address'].'">'.$settings['forum_name'].'</a>', $lang['counter']);
244 $counter = str_replace("[contact]", '<a href="contact.php?forum_contact=true">'.$lang['contact_linkname'].'</a>', $counter);
245 $counter = str_replace("[postings]", $posting_count, $counter);
246 $counter = str_replace("[threads]", $thread_count, $counter);
247 $counter = str_replace("[users]", $user_count, $counter);
248 }
249 mysql_free_result($count_result);
250
251 $possViews = array();
252 if ($settings['board_view'] == 1) $possViews[] = 'board';
253 if ($settings['thread_view'] == 1) $possViews[] = 'thread';
254 if ($settings['mix_view'] == 1) $possViews[] = 'mix';
255
256 # look for the currently used view
257 if (isset($_GET['view']) and in_array($_GET['view'], $possViews))
258 {
259 $curr_view = $_GET['view'];
260 }
261 else if (isset($_POST['view']) and in_array($_POST['view'], $possViews))
262 {
263 $curr_view = $_POST['view'];
264 }
265 else if (isset($_SESSION[$settings['session_prefix'].'curr_view'])
266 and in_array($_SESSION[$settings['session_prefix'].'curr_view'], $possViews))
267 {
268 $curr_view = $_SESSION[$settings['session_prefix'].'curr_view'];
269 }
270 else if (isset($_COOKIE['curr_view']) and in_array($_COOKIE['curr_view'], $possViews))
271 {
272 $curr_view = $_COOKIE['curr_view'];
273 }
274 else
275 {
276 if (isset($_SESSION[$settings['session_prefix']."user_view"]))
277 {
278 $curr_view = $_SESSION[$settings['session_prefix']."user_view"];
279 }
280 else
281 {
282 $curr_view = $settings['standard'];
283 }
284 }
285 # save the current used view into the session or a cookie
286 if (isset($_SESSION[$settings['session_prefix'].'user_id']))
287 {
288 if ($curr_view != $_SESSION[$settings['session_prefix'].'curr_view'])
289 {
290 $_SESSION[$settings['session_prefix'].'curr_view'] = $curr_view;
291 }
292 }
293 else
294 {
295 if ($curr_view != $_COOKIE['curr_view'])
296 {
297 setcookie('curr_view', $curr_view, time()+(3600*24*30));
298 }
299 }
300 $cssLink = '<link rel="stylesheet" type="text/css" href="style.css" media="all" />';
301 if ((!empty($_SESSION[$settings['session_prefix'].'debug'])
302 and $_SESSION[$settings['session_prefix'].'debug'] == 'css')
303 and ($_SESSION[$settings['session_prefix'].'user_type'] == 'admin'
304 or $_SESSION[$settings['session_prefix'].'user_type'] == 'mod'))
305 {
306 $cssLink = '<link rel="stylesheet" type="text/css" href="data/test.css" media="all" />';
307 }
308 $postingPages = array('posting.php','user.php');
309 $additionalJS = '';
310 if (in_array(basename($_SERVER['SCRIPT_NAME']), $postingPages))
311 {
312 $additionalJS .= '<script type="text/javascript">'."\n";
313 if ($settings['bbcode'] == 1)
314 {
315 $additionalJS .= "var auge_buttons = \$A();\n";
316 $additionalJS .= "auge_buttons[0] = \$H({value:'i', text:'".strip_tags($lang['bbcode_italic'])."', titel:'".strip_tags($lang['bbcode_italic_title']).".'});\n";
317 $additionalJS .= "auge_buttons[1] = \$H({value:'b', text:'".strip_tags($lang['bbcode_bold'])."', titel:'".strip_tags($lang['bbcode_bold_title'])."'});\n";
318 $additionalJS .= "auge_buttons[2] = \$H({value:'code', text:'".strip_tags($lang['bbcode_code'])."', titel:'".strip_tags($lang['bbcode_code_title'])."'});\n";
319 if ($settings['bbcode_img']==1)
320 {
321 $additionalJS .= "auge_buttons[3] = \$H({value:'img', text:'".strip_tags($lang['bbcode_image'])."', titel:'".strip_tags($lang['bbcode_image_title'])."'});\n";
322 }
323 }
324 if ($settings['upload_images']==1)
325 {
326 $additionalJS .= "\nvar auge_upload = \$H({text:'".strip_tags($lang['upload_image'])."', title:'".strip_tags($lang['upload_image_title'])."'});";
327 }
328 if ($settings['smilies'] == 1)
329 {
330 $result = mysql_query("SELECT file, code_1, title FROM ".$db_settings['smilies_table']." ORDER BY order_id ASC", $connid);
331 if (mysql_num_rows($result) > 0)
332 {
333 $additionalJS .= "\nvar auge_smilies = \$A();\n";
334 $i=0;
335 while ($data = mysql_fetch_assoc($result))
336 {
337 $additionalJS .= "auge_smilies[".$i."] = \$H({value:'".$data['code_1']."', url:'".$data['file']."', title: '".strip_tags($lang['smiley_title'])."'});\n";
338 $i++;
339 }
340 $additionalJS .= "auge_smilies[".$i."] = \$H({value:'".strip_tags($lang['more_smilies_linkname'])."', url:'".$data['file']."', title: '".strip_tags($lang['more_smilies_linktitle'])."'});\n";
341 }
342 mysql_free_result($result);
343 }
344 $additionalJS .= "\nvar delete_text = '".strip_tags($lang['delete_link'])."';";
345 $additionalJS .= "\n".'</script>';
346 }
347
348 if ($settings['user_control_refresh']==1
349 and (isset($MyOwnSettings['control_refresh'])
350 and $MyOwnSettings['control_refresh'] == 'true')
351 and (basename($_SERVER['SCRIPT_NAME']) == 'board.php'
352 or basename($_SERVER['SCRIPT_NAME']) == 'forum.php'
353 or basename($_SERVER['SCRIPT_NAME']) == 'mix.php'))
354 {
355 $loadTime = time();
356 $reloadTime = $loadTime + 1200;
357 $loadTime = strftime(strip_tags($lang['time_format']), $loadTime);
358 $reloadTime = strftime(strip_tags($lang['time_format']), $reloadTime);
359 $additionalJS .= '<meta http-equiv="refresh" content="1200" />'."\n";
360 $lang['forum_load_message'] = str_replace('[load]', $loadTime, $lang['forum_load_message']);
361 $lang['forum_load_message'] = str_replace('[reload]', $reloadTime, $lang['forum_load_message']);
362 $lang['forum_load_message'] = '<p class="index">'.$lang['forum_load_message'].'</p>';
363 }
364 else
365 {
366 $lang['forum_load_message'] = '';
367 }
368
369 $time_difference = (isset($settings['time_difference'])) ? $settings['time_difference'] : 0;
370
371 if (isset($_SESSION[$settings['session_prefix'].'user_time_difference']))
372 {
373 $time_difference = $_SESSION[$settings['session_prefix'].'user_time_difference'] + $time_difference;
374 }
375 else if (isset($_COOKIE['user_time_difference']))
376 {
377 $time_difference = $_COOKIE['user_time_difference'] + $time_difference;
378 }
379
380 ?>
a fork of mylittleforum version 1