Common.php old and new

<?php
<?php
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// //
// //
// Copyright (C) 2016 Phorum Development Team //
// Copyright (C) 2008 Phorum Development Team //
// http://www.phorum.org //
// http://www.phorum.org //
// //
// //
// This program is free software. You can redistribute it and/or modify //
// This program is free software. You can redistribute it and/or modify //
// it under the terms of either the current Phorum License (viewable at //
// it under the terms of either the current Phorum License (viewable at //
// phorum.org) or the Phorum License that was distributed with this file //
// phorum.org) or the Phorum License that was distributed with this file //
// //
// //
// This program is distributed in the hope that it will be useful, //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// //
// //
// You should have received a copy of the Phorum License //
// You should have received a copy of the Phorum License //
// along with this program. //
// along with this program. //
// //
// //
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
// Check that this file is not loaded directly.
// Check that this file is not loaded directly.
if ( basename( __FILE__ ) == basename( $_SERVER["PHP_SELF"] ) ) exit();
if ( basename( __FILE__ ) == basename( $_SERVER["PHP_SELF"] ) ) exit();
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Initialize variables and constants and load required libraries
// Initialize variables and constants and load required libraries
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// the Phorum version
// the Phorum version
define( "PHORUM", "5.2.23" );
define( "PHORUM", "5.2.14" );
// our database schema version in format of year-month-day-serial
// our database schema version in format of year-month-day-serial
define( "PHORUM_SCHEMA_VERSION", "2010101500" );
define( "PHORUM_SCHEMA_VERSION", "2007031400" );
// our database patch level in format of year-month-day-serial
// our database patch level in format of year-month-day-serial
define( "PHORUM_SCHEMA_PATCHLEVEL", "2016101000" );
define( "PHORUM_SCHEMA_PATCHLEVEL", "2008091900" );
// Initialize the global $PHORUM variable, which holds all Phorum data.
// Initialize the global $PHORUM variable, which holds all Phorum data.
global $PHORUM;
global $PHORUM;
$PHORUM = array
$PHORUM = array
(
(
// The DATA member holds the template variables.
// The DATA member holds the template variables.
'DATA' => array(
'DATA' => array(
'GET_VARS' => array(),
'GET_VARS' => array(),
'POST_VARS' => ''
'POST_VARS' => ''
),
),
// The TMP member hold template {DEFINE ..} definitions, temporary
// The TMP member hold template {DEFINE ..} definitions, temporary
// arrays and such in template code.
// arrays and such in template code.
'TMP' => array(),
'TMP' => array(),
// Query arguments.
// Query arguments.
'args' => array(),
'args' => array(),
// The active forum id.
// The active forum id.
'forum_id' => 0
'forum_id' => 0
);
);
// Load all constants from ./include/constants.php
// Load all constants from ./include/constants.php
require_once( "./include/constants.php" );
require_once( "./include/constants.php" );
// Load the API code that is required for all pages.
// Load the API code that is required for all pages.
require_once("./include/api/base.php");
require_once("./include/api/base.php");
require_once("./include/api/user.php");
require_once("./include/api/user.php");
// PHP 5.x fallback for random_bytes and random_int functions.
//
// Thanks to Paragon Initiative Enterprises for the implementation of his
// Random_* Compatibility Library. See: https://github.com/paragonie/random_compat
if (!function_exists('random_int') || !function_exists('random_bytes'))
{
require_once('./include/random_compat-2.0.2/lib/random.php');
}
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Load the database layer and setup a connection
// Load the database layer and setup a connection
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Get the database settings. It is possible to override the database
// Get the database settings. It is possible to override the database
// settings by defining a global variable $PHORUM_ALT_DBCONFIG which
// settings by defining a global variable $PHORUM_ALT_DBCONFIG which
// overrides $PHORUM["DBCONFIG"] (from include/db/config.php). This is
// overrides $PHORUM["DBCONFIG"] (from include/db/config.php). This is
// only allowed if "PHORUM_WRAPPER" is defined and if the alternative
// only allowed if "PHORUM_WRAPPER" is defined and if the alternative
// configuration wasn't passed as a request parameter (which could
// configuration wasn't passed as a request parameter (which could
// set $PHORUM_ALT_DBCONFIG if register_globals is enabled for PHP).
// set $PHORUM_ALT_DBCONFIG if register_globals is enabled for PHP).
if (empty( $GLOBALS["PHORUM_ALT_DBCONFIG"] ) || $GLOBALS["PHORUM_ALT_DBCONFIG"]==$_REQUEST["PHORUM_ALT_DBCONFIG"] || !defined("PHORUM_WRAPPER")) {
if (empty( $GLOBALS["PHORUM_ALT_DBCONFIG"] ) || $GLOBALS["PHORUM_ALT_DBCONFIG"]==$_REQUEST["PHORUM_ALT_DBCONFIG"] || !defined("PHORUM_WRAPPER")) {
// Backup display_errors setting.
// Backup display_errors setting.
$orig = ini_get("display_errors");
$orig = ini_get("display_errors");
@ini_set("display_errors", 0);
@ini_set("display_errors", 0);
// Use output buffering so we don't get header errors if there's
// Use output buffering so we don't get header errors if there's
// some additional output in the database config file (e.g. a UTF-8
// some additional output in the database config file (e.g. a UTF-8
// byte order marker).
// byte order marker).
ob_start();
ob_start();
// Load configuration.
// Load configuration.
if (! include_once( "./include/db/config.php" )) {
if (! include_once( "./include/db/config.php" )) {
print '<html><head><title>Phorum error</title></head><body>';
print '<html><head><title>Phorum error</title></head><body>';
print '<h2>Phorum database configuration error</h2>';
print '<h2>Phorum database configuration error</h2>';
// No database configuration found.
// No database configuration found.
if (!file_exists("./include/db/config.php")) { ?>
if (!file_exists("./include/db/config.php")) { ?>
Phorum has been installed on this server, but the configuration<br />
Phorum has been installed on this server, but the configuration<br/>
for the database connection has not yet been made. Please read<br />
for the database connection has not yet been made. Please read<br/>
<a href="docs/install.txt">docs/install.txt</a> for installation
<a href="docs/install.txt">docs/install.txt</a> for installation
instructions. <?php
instructions. <?php
} else {
} else {
$fp = fopen("./include/db/config.php", "r");
$fp = fopen("./include/db/config.php", "r");
// Unable to read the configuration file.
// Unable to read the configuration file.
if (!$fp) { ?>
if (!$fp) { ?>
A database configuration file was found in
A database configuration file was found in
./include/db/config.php,<br />but Phorum was unable to read it.
./include/db/config.php,<br/>but Phorum was unable to read it.
Please check the file permissions<br />for this file. <?php
Please check the file permissions<br/>for this file. <?php
// Unknown error.
// Unknown error.
} else {
} else {
fclose($fp); ?>
fclose($fp); ?>
A database configuration file was found in
A database configuration file was found in
./include/dbconfig.php,<br />but it could not be loaded.
./include/dbconfig.php,<br/>but it could not be loaded.
It possibly contains one or more errors.<br />Please check
It possibly contains one or more errors.<br/>Please check
your configuration file. <?php
your configuration file. <?php
}
}
}
}
print '</body></html>';
print '</body></html>';
exit(1);
exit(1);
}
}
// Clean up the output buffer.
// Clean up the output buffer.
ob_end_clean();
ob_end_clean();
// Restore original display_errors setting.
// Restore original display_errors setting.
@ini_set("display_errors", $orig);
@ini_set("display_errors", $orig);
} else {
} else {
$PHORUM["DBCONFIG"] = $GLOBALS["PHORUM_ALT_DBCONFIG"];
$PHORUM["DBCONFIG"] = $GLOBALS["PHORUM_ALT_DBCONFIG"];
}
}
// Backward compatbility: the "mysqli" layer was merged with the "mysql"
// Backward compatbility: the "mysqli" layer was merged with the "mysql"
// layer, but people might still be using "mysqli" as their configured
// layer, but people might still be using "mysqli" as their configured
// database type.
// database type.
if ($PHORUM["DBCONFIG"]["type"] == "mysqli" &&
if ($PHORUM["DBCONFIG"]["type"] == "mysqli" &&
!file_exists("./include/db/mysqli.php")) {
!file_exists("./include/db/mysqli.php")) {
$PHORUM["DBCONFIG"]["type"] = "mysql";
$PHORUM["DBCONFIG"]["type"] = "mysql";
}
}
// Load the database layer.
// Load the database layer.
$PHORUM['DBCONFIG']['type'] = basename($PHORUM['DBCONFIG']['type']);
$PHORUM['DBCONFIG']['type'] = basename($PHORUM['DBCONFIG']['type']);
require_once( "./include/db/{$PHORUM['DBCONFIG']['type']}.php" );
require_once( "./include/db/{$PHORUM['DBCONFIG']['type']}.php" );
// Try to setup a connection to the database.
// Try to setup a connection to the database.
if(!phorum_db_check_connection()){
if(!phorum_db_check_connection()){
if(isset($PHORUM["DBCONFIG"]["down_page"])){
if(isset($PHORUM["DBCONFIG"]["down_page"])){
phorum_redirect_by_url($PHORUM["DBCONFIG"]["down_page"]);
phorum_redirect_by_url($PHORUM["DBCONFIG"]["down_page"]);
exit();
exit();
} else {
} else {
header('HTTP/1.1 500 Internal Server Error');
echo "The database connection failed. Please check your database configuration in include/db/config.php. If the configuration is okay, check if the database server is running.";
echo "The database connection failed. Please check your database configuration in include/db/config.php. If the configuration is okay, check if the database server is running.";
exit();
exit();
}
}
}
}
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Load and process the Phorum settings
// Load and process the Phorum settings
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Load the Phorum settings from the database.
// Load the Phorum settings from the database.
phorum_db_load_settings();
phorum_db_load_settings();
// checking for upgrade or new install
// checking for upgrade or new install
if (!defined('PHORUM_ADMIN')) {
if (!defined('PHORUM_ADMIN')) {
if (!isset($PHORUM['internal_version']))
if (!isset($PHORUM['internal_version']))
{
{
echo "<html><head><title>Phorum error</title></head><body>No Phorum settings were found. Either this is a brand new installation of Phorum or there is a problem with your database server. If this is a new install, please <a href=\"admin.php\">go to the admin page</a> to complete the installation. If not, check your database server.</body></html>";
echo "<html><head><title>Phorum error</title></head><body>No Phorum settings were found. Either this is a brand new installation of Phorum or there is a problem with your database server. If this is a new install, please <a href=\"admin.php\">go to the admin page</a> to complete the installation. If not, check your database server.</body></html>";
exit();
exit();
} elseif ($PHORUM['internal_version'] < PHORUM_SCHEMA_VERSION ||
} elseif ($PHORUM['internal_version'] < PHORUM_SCHEMA_VERSION ||
!isset($PHORUM['internal_patchlevel']) ||
!isset($PHORUM['internal_patchlevel']) ||
$PHORUM['internal_patchlevel'] < PHORUM_SCHEMA_PATCHLEVEL) {
$PHORUM['internal_patchlevel'] < PHORUM_SCHEMA_PATCHLEVEL) {
if (isset($PHORUM["DBCONFIG"]["upgrade_page"])) {
if (isset($PHORUM["DBCONFIG"]["upgrade_page"])) {
phorum_redirect_by_url($PHORUM["DBCONFIG"]["upgrade_page"]);
phorum_redirect_by_url($PHORUM["DBCONFIG"]["upgrade_page"]);
exit();
exit();
}
}
echo "<html><head><title>Upgrade notification</title></head><body>It looks like you have installed a new version of Phorum.<br />Please visit the admin page to complete the upgrade!</body></html>";
echo "<html><head><title>Upgrade notification</title></head><body>It looks like you have installed a new version of Phorum.<br/>Please visit the admin page to complete the upgrade!</body></html>";
exit();
exit();
}
}
}
}
// For command line scripts, disable caching.
// For command line scripts, disable caching.
// The command line user is often different from the web server
// The command line user is often different from the web server
// user, possibly causing permission problems on the cache.
// user, possibly causing permission problems on the cache.
if (defined('PHORUM_SCRIPT'))
if (defined('PHORUM_SCRIPT'))
{
{
$PHORUM['cache_banlists'] = 0;
$PHORUM['cache_banlists'] = 0;
$PHORUM['cache_css'] = 0;
$PHORUM['cache_css'] = 0;
$PHORUM['cache_javascript'] = 0;
$PHORUM['cache_javascript'] = 0;
$PHORUM['cache_layer'] = 0;
$PHORUM['cache_layer'] = 0;
$PHORUM['cache_messages'] = 0;
$PHORUM['cache_messages'] = 0;
$PHORUM['cache_newflags'] = 0;
$PHORUM['cache_newflags'] = 0;
$PHORUM['cache_rss'] = 0;
$PHORUM['cache_rss'] = 0;
$PHORUM['cache_users'] = 0;
$PHORUM['cache_users'] = 0;
}
}
// If we have no private key for signing data, generate one now,
// If we have no private key for signing data, generate one now,
// but only if it's not a fresh install.
// but only if it's not a fresh install.
if ( isset($PHORUM['internal_version']) && $PHORUM['internal_version'] >= PHORUM_SCHEMA_VERSION && (!isset($PHORUM["private_key"]) || empty($PHORUM["private_key"]))) {
if ( isset($PHORUM['internal_version']) && $PHORUM['internal_version'] >= PHORUM_SCHEMA_VERSION && (!isset($PHORUM["private_key"]) || empty($PHORUM["private_key"]))) {
$chars = "0123456789!@#$%&abcdefghijklmnopqr".
$chars = "0123456789!@#$%&abcdefghijklmnopqr".
"stuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
"stuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$private_key = "";
$private_key = "";
for ($i = 0; $i<40; $i++) {
for ($i = 0; $i<40; $i++) {
$private_key .= substr($chars, random_int(0, strlen($chars)-1), 1);
$private_key .= substr($chars, rand(0, strlen($chars)-1), 1);
}
}
$PHORUM["private_key"] = $private_key;
$PHORUM["private_key"] = $private_key;
phorum_db_update_settings(array("private_key" => $PHORUM["private_key"]));
phorum_db_update_settings(array("private_key" => $PHORUM["private_key"]));
}
}
// Determine the caching layer to load.
// Determine the caching layer to load.
if(!isset($PHORUM['cache_layer']) || empty($PHORUM['cache_layer'])) {
if(!isset($PHORUM['cache_layer']) || empty($PHORUM['cache_layer'])) {
$PHORUM['cache_layer'] = 'file';
$PHORUM['cache_layer'] = 'file';
} else {
} else {
// Safeguard for wrongly selected cache-layers.
// Safeguard for wrongly selected cache-layers.
// Falling back to file-layer if descriptive functions aren't existing.
// Falling back to file-layer if descriptive functions aren't existing.
if($PHORUM['cache_layer'] == 'memcached' && !function_exists('memcache_connect')) {
if($PHORUM['cache_layer'] == 'memcached' && !function_exists('memcache_connect')) {
$PHORUM['cache_layer'] = 'file';
$PHORUM['cache_layer'] = 'file';
} elseif($PHORUM['cache_layer'] == 'apc' && !function_exists('apc_fetch')) {
} elseif($PHORUM['cache_layer'] == 'apc' && !function_exists('apc_fetch')) {
$PHORUM['cache_layer'] = 'file';
$PHORUM['cache_layer'] = 'file';
}
}
}
}
// Load the caching-layer. You can specify a different one in the settings.
// Load the caching-layer. You can specify a different one in the settings.
// One caching layer *needs* to be loaded.
// One caching layer *needs* to be loaded.
$PHORUM['cache_layer'] = basename($PHORUM['cache_layer']);
$PHORUM['cache_layer'] = basename($PHORUM['cache_layer']);
require_once( "./include/cache/$PHORUM[cache_layer].php" );
require_once( "./include/cache/$PHORUM[cache_layer].php" );
// Load phorum_get_url().
// Load phorum_get_url().
// This function is used for generating all Phorum URLs.
// This function is used for generating all Phorum URLs.
require_once("./include/phorum_get_url.php");
require_once("./include/phorum_get_url.php");
// Setup the template path and http path. These are put in a variable to give
// Setup the template path and http path. These are put in a variable to give
// module authors a chance to override them. This can be especially useful
// module authors a chance to override them. This can be especially useful
// for distibuting a module that contains a full Phorum template as well.
// for distibuting a module that contains a full Phorum template as well.
// For switching, the function phorum_switch_template() can be used.
// For switching, the function phorum_switch_template() can be used.
$PHORUM['template_path'] = './templates';
$PHORUM['template_path'] = './templates';
$PHORUM['template_http_path'] = $PHORUM['http_path'].'/templates';
$PHORUM['template_http_path'] = $PHORUM['http_path'].'/templates';
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Parse and handle request data
// Parse and handle request data
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Thanks a lot for magic quotes :-/
// Thanks a lot for magic quotes :-/
// In PHP7, magic quotes are (finally) removed, so we have to check for
// In PHP6, magic quotes are (finally) removed, so we have to check for
// the get_magic_quotes_gpc() function here. The "@" is for suppressing
// the get_magic_quotes_gpc() function here. The "@" is for suppressing
// deprecation warnings that are spawned by PHP 5.3 and higher when
// deprecation warnings that are spawned by PHP 5.3 and higher when
// using the get_magic_quotes_gpc() function.
// using the get_magic_quotes_gpc() function.
if ( function_exists('get_magic_quotes_gpc') &&
if ( function_exists('get_magic_quotes_gpc') &&
@get_magic_quotes_gpc() && count( $_REQUEST ) ) {
@get_magic_quotes_gpc() && count( $_REQUEST ) ) {
foreach( $_POST as $key => $value ) {
foreach( $_POST as $key => $value ) {
if ( !is_array( $value ) )
if ( !is_array( $value ) )
$_POST[$key] = stripslashes( $value );
$_POST[$key] = stripslashes( $value );
else
else
$_POST[$key] = phorum_recursive_stripslashes( $value );
$_POST[$key] = phorum_recursive_stripslashes( $value );
}
}
foreach( $_GET as $key => $value ) {
foreach( $_GET as $key => $value ) {
if ( !is_array( $value ) )
if ( !is_array( $value ) )
$_GET[$key] = stripslashes( $value );
$_GET[$key] = stripslashes( $value );
else
else
$_GET[$key] = phorum_recursive_stripslashes( $value );
$_GET[$key] = phorum_recursive_stripslashes( $value );
}
}
}
}
// Also make sure that magic_quotes_runtime is disabled.
// Also make sure that magic_quotes_runtime is disabled.
if (function_exists('set_magic_quotes_runtime')) {
if (function_exists('set_magic_quotes_runtime')) {
@set_magic_quotes_runtime(FALSE);
@set_magic_quotes_runtime(FALSE);
}
}
// Thanks a lot for configurable argument separators :-/
// Thanks a lot for configurable argument separators :-/
// In some cases we compose GET based URLs, with & and = as respectively
// In some cases we compose GET based URLs, with & and = as respectively
// argument and key/value separators. On some systems, the "&" character
// argument and key/value separators. On some systems, the "&" character
// is not configured as a valid separator. For those systems, we have
// is not configured as a valid separator. For those systems, we have
// to parse the query string ourselves.
// to parse the query string ourselves.
if (isset($_SERVER['QUERY_STRING']) &&
if (isset($_SERVER['QUERY_STRING']) &&
strpos($_SERVER['QUERY_STRING'], '&') !== FALSE)
strpos($_SERVER['QUERY_STRING'], '&') !== FALSE)
{
{
$separator = get_cfg_var('arg_separator.input');
$separator = get_cfg_var('arg_separator.input');
if ($separator !== FALSE && strpos($separator, '&') === FALSE)
if ($separator !== FALSE && strpos($separator, '&') === FALSE)
{
{
$parts = explode('&', $_SERVER['QUERY_STRING']);
$parts = explode('&', $_SERVER['QUERY_STRING']);
$_GET = array();
$_GET = array();
foreach ($parts as $part)
foreach ($parts as $part)
{
{
list ($key, $val) = explode('=', rawurldecode($part), 2);
list ($key, $val) = explode('=', rawurldecode($part), 2);
// Handle array[] style GET arguments.
// Handle array[] style GET arguments.
if (preg_match('/^(.+)\[(.*)\]$/', $key, $m))
if (preg_match('/^(.+)\[(.*)\]$/', $key, $m))
{
{
if (!isset($_GET[$m[1]]) || !is_array($_GET[$m[1]])) {
if (!isset($_GET[$m[1]]) || !is_array($_GET[$m[1]])) {
$_GET[$m[1]] = array();
$_GET[$m[1]] = array();
}
}
if ($m[2] == '') {
if ($m[2] == '') {
$_GET[$m[1]][] = $val;
$_GET[$m[1]][] = $val;
} else {
} else {
$_GET[$m[1]][$m[2]] = $val;
$_GET[$m[1]][$m[2]] = $val;
}
}
}
}
// Handle standard GET arguments.
// Handle standard GET arguments.
else
else
{
{
$_GET[$key] = $val;
$_GET[$key] = $val;
$_REQUEST[$key] = $val;
$_REQUEST[$key] = $val;
}
}
}
}
}
}
}
}
/*
/*
* [hook]
* [hook]
* parse_request
* parse_request
*
*
* [description]
* [description]
* This hook gives modules a chance to tweak the request environment,
* This hook gives modules a chance to tweak the request environment,
* before Phorum parses and handles the request data. For tweaking the
* before Phorum parses and handles the request data. For tweaking the
* request environment, some of the options are:
* request environment, some of the options are:
* <ul>
* <ul>
* <li>
* <li>
* Changing the value of <literal>$_REQUEST["forum_id"]</literal>
* Changing the value of <literal>$_REQUEST["forum_id"]</literal>
* to override the used forum_id.
* to override the used forum_id.
* </li>
* </li>
* <li>
* <li>
* Changing the value of <literal>$_SERVER["QUERY_STRING"]</literal>
* Changing the value of <literal>$_SERVER["QUERY_STRING"]</literal>
* or setting the global override variable
* or setting the global override variable
* <literal>$PHORUM_CUSTOM_QUERY_STRING</literal> to feed Phorum a
* <literal>$PHORUM_CUSTOM_QUERY_STRING</literal> to feed Phorum a
* different query string than the one provided by the webserver.
* different query string than the one provided by the webserver.
* </li>
* </li>
* </ul>
* </ul>
* Tweaking the request data should result in data that Phorum can handle.
* Tweaking the request data should result in data that Phorum can handle.
*
*
* [category]
* [category]
* Request initialization
* Request initialization
*
*
* [when]
* [when]
* Right before Phorum runs the request parsing code in
* Right before Phorum runs the request parsing code in
* <filename>common.php</filename>.
* <filename>common.php</filename>.
*
*
* [input]
* [input]
* No input.
* No input.
*
*
* [output]
* [output]
* No output.
* No output.
*
*
* [example]
* [example]
* <hookcode>
* <hookcode>
* function phorum_mod_foo_parse_request()
* function phorum_mod_foo_parse_request()
* {
* {
* // Override the query string.
* // Override the query string.
* global $PHORUM_CUSTOM_QUERY_STRING
* global $PHORUM_CUSTOM_QUERY_STRING
* $PHORUM_CUSTOM_QUERY_STRING = "1,some,phorum,query=string";
* $PHORUM_CUSTOM_QUERY_STRING = "1,some,phorum,query=string";
*
*
* // Override the forum_id.
* // Override the forum_id.
* $_SERVER['forum_id'] = "1234";
* $_SERVER['forum_id'] = "1234";
* }
* }
* </hookcode>
* </hookcode>
*/
*/
if (isset($PHORUM["hooks"]["parse_request"])) {
if (isset($PHORUM["hooks"]["parse_request"])) {
phorum_hook("parse_request");
phorum_hook("parse_request");
}
}
// Get the forum id if set using a request parameter.
// Get the forum id if set using a request parameter.
if ( isset( $_REQUEST["forum_id"] ) && is_numeric( $_REQUEST["forum_id"] ) ) {
if ( isset( $_REQUEST["forum_id"] ) && is_numeric( $_REQUEST["forum_id"] ) ) {
$PHORUM["forum_id"] = $_REQUEST["forum_id"];
$PHORUM["forum_id"] = $_REQUEST["forum_id"];
}
}
// Look for and parse the QUERY_STRING.
// Look for and parse the QUERY_STRING.
// This only applies to URLs that we create using phorum_get_url().
// This only applies to URLs that we create using phorum_get_url().
// Scripts using data originating from standard HTML forms (e.g. search)
// Scripts using data originating from standard HTML forms (e.g. search)
// will have to use $_GET or $_POST.
// will have to use $_GET or $_POST.
if (!defined("PHORUM_ADMIN") && (isset($_SERVER["QUERY_STRING"]) || isset($GLOBALS["PHORUM_CUSTOM_QUERY_STRING"]))) {
if (!defined("PHORUM_ADMIN") && (isset($_SERVER["QUERY_STRING"]) || isset($GLOBALS["PHORUM_CUSTOM_QUERY_STRING"]))) {
$Q_STR = empty( $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"] )
if(strpos($_SERVER["QUERY_STRING"], "&")!==false){
? $_SERVER["QUERY_STRING"]
: $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"];
if(strpos($Q_STR, "&")!==false){
$PHORUM["args"] = $_GET;
$PHORUM["args"] = $_GET;
} else {
} else {
$Q_STR = empty( $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"] )
? $_SERVER["QUERY_STRING"]
: $GLOBALS["PHORUM_CUSTOM_QUERY_STRING"];
// ignore stuff past a #
// ignore stuff past a #
if ( strstr( $Q_STR, "#" ) ) list( $Q_STR, $other ) = explode( "#", $Q_STR, 2 );
if ( strstr( $Q_STR, "#" ) ) list( $Q_STR, $other ) = explode( "#", $Q_STR, 2 );
// explode it on comma
// explode it on comma
$PHORUM["args"] = $Q_STR == '' ? array() : explode( ",", $Q_STR );
$PHORUM["args"] = $Q_STR == '' ? array() : explode( ",", $Q_STR );
// check for any assigned values
// check for any assigned values
if ( strstr( $Q_STR, "=" ) ) {
if ( strstr( $Q_STR, "=" ) ) {
foreach( $PHORUM["args"] as $key => $arg ) {
foreach( $PHORUM["args"] as $key => $arg ) {
// if an arg has an = create an element in args
// if an arg has an = create an element in args
// with left part as key and right part as value
// with left part as key and right part as value
if ( strstr( $arg, "=" ) ) {
if ( strstr( $arg, "=" ) ) {
list( $var, $value ) = explode( "=", $arg, 2 );
list( $var, $value ) = explode( "=", $arg, 2 );
// get rid of the numbered arg, it is useless.
// get rid of the numbered arg, it is useless.
unset( $PHORUM["args"][$key] );
unset( $PHORUM["args"][$key] );
// add the named arg
// add the named arg
// TODO: Why is urldecode() used here? IMO this can be omitted.
// TODO: Why is urldecode() used here? IMO this can be omitted.
$PHORUM["args"][$var] = urldecode( $value );
$PHORUM["args"][$var] = urldecode( $value );
}
}
}
}
}
}
}
}
// Handle path info based URLs for the file script.
// Handle path info based URLs for the file script.
if (phorum_page == 'file' &&
if (phorum_page == 'file' &&
!empty($_SERVER['PATH_INFO']) &&
!empty($_SERVER['PATH_INFO']) &&
preg_match('!^/(download/)?(\d+)/(\d+)/!', $_SERVER['PATH_INFO'], $m))
preg_match('!^/(download/)?(\d+)/(\d+)/!', $_SERVER['PATH_INFO'], $m))
{
{
$PHORUM['args']['file'] = $m[3];
$PHORUM['args']['file'] = $m[3];
$PHORUM['args'][0] = $PHORUM['forum_id'] = $m[2];
$PHORUM['args'][0] = $PHORUM['forum_id'] = $m[2];
$PHORUM['args']['download'] = empty($m[1]) ? 0 : 1;
$PHORUM['args']['download'] = empty($m[1]) ? 0 : 1;
}
}
// set forum_id if not set already by a forum_id request parameter
// set forum_id if not set already by a forum_id request parameter
if ( empty( $PHORUM["forum_id"] ) && isset( $PHORUM["args"][0] ) ) {
if ( empty( $PHORUM["forum_id"] ) && isset( $PHORUM["args"][0] ) ) {
$PHORUM["forum_id"] = ( int )$PHORUM["args"][0];
$PHORUM["forum_id"] = ( int )$PHORUM["args"][0];
}
}
}
}
// set the forum_id to 0 if not set by now.
// set the forum_id to 0 if not set by now.
if ( empty( $PHORUM["forum_id"] ) ) $PHORUM["forum_id"] = 0;
if ( empty( $PHORUM["forum_id"] ) ) $PHORUM["forum_id"] = 0;
/*
/*
* [hook]
* [hook]
* common_pre
* common_pre
*
*
* [description]
* [description]
* This hook can be used for overriding settings that were loaded and
* This hook can be used for overriding settings that were loaded and
* setup at the start of the <filename>common.php</filename> script.
* setup at the start of the <filename>common.php</filename> script.
* If you want to dynamically assign and tweak certain settings, then
* If you want to dynamically assign and tweak certain settings, then
* this is the designated hook to use for that.<sbr/>
* this is the designated hook to use for that.<sbr/>
* <sbr/>
* <sbr/>
* Because the hook was put after the request parsing phase, you can
* Because the hook was put after the request parsing phase, you can
* make use of the request data that is stored in the global variables
* make use of the request data that is stored in the global variables
* <literal>$PHORUM['forum_id']</literal> and
* <literal>$PHORUM['forum_id']</literal> and
* <literal>$PHORUM['args']</literal>.
* <literal>$PHORUM['args']</literal>.
*
*
* [category]
* [category]
* Request initialization
* Request initialization
*
*
* [when]
* [when]
* Right after loading the settings from the database and parsing the
* Right after loading the settings from the database and parsing the
* request, but before making descisions on user, language and template.
* request, but before making descisions on user, language and template.
*
*
* [input]
* [input]
* No input.
* No input.
*
*
* [output]
* [output]
* No output.
* No output.
*
*
* [example]
* [example]
* <hookcode>
* <hookcode>
* function phorum_mod_foo_common_pre()
* function phorum_mod_foo_common_pre()
* {
* {
* global $PHORUM;
* global $PHORUM;
*
*
* // If we are in the forum with id = 10, we set the administrator
* // If we are in the forum with id = 10, we set the administrator
* // email information to a different value than the one configured
* // email information to a different value than the one configured
* // in the general settings.
* // in the general settings.
* if ($PHORUM["forum_id"] == 10)
* if ($PHORUM["forum_id"] == 10)
* {
* {
* $PHORUM["system_email_from_name"] = "John Doe";
* $PHORUM["system_email_from_name"] = "John Doe";
* $PHORUM["system_email_from_address"] = "John.Doe@example.com";
* $PHORUM["system_email_from_address"] = "John.Doe@example.com";
* }
* }
* }
* }
* </hookcode>
* </hookcode>
*/
*/
if (isset($PHORUM["hooks"]["common_pre"])) {
if (isset($PHORUM["hooks"]["common_pre"])) {
phorum_hook("common_pre", "");
phorum_hook("common_pre", "");
}
}
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// Setup data for standard (not admin) pages
// Setup data for standard (not admin) pages
// ----------------------------------------------------------------------
// ----------------------------------------------------------------------
// TODO: Do we ever need this in admin? If not, it can go inside the block.
// TODO: Do we ever need this in admin? If not, it can go inside the block.
// stick some stuff from the settings into the DATA member
// stick some stuff from the settings into the DATA member
$PHORUM["DATA"]["TITLE"] = ( isset( $PHORUM["title"] ) ) ? $PHORUM["title"] : "";
$PHORUM["DATA"]["TITLE"] = ( isset( $PHORUM["title"] ) ) ? $PHORUM["title"] : "";
$PHORUM["DATA"]["DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? $PHORUM["description"] : "";
$PHORUM["DATA"]["DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? $PHORUM["description"] : "";
$PHORUM["DATA"]["HTML_TITLE"] = ( !empty( $PHORUM["html_title"] ) ) ? $PHORUM["html_title"] : $PHORUM["DATA"]["TITLE"];
$PHORUM["DATA"]["HTML_TITLE"] = ( !empty( $PHORUM["html_title"] ) ) ? $PHORUM["html_title"] : $PHORUM["DATA"]["TITLE"];
$PHORUM["DATA"]["HEAD_TAGS"] = ( isset( $PHORUM["head_tags"] ) ) ? $PHORUM["head_tags"] : "";
$PHORUM["DATA"]["HEAD_TAGS"] = ( isset( $PHORUM["head_tags"] ) ) ? $PHORUM["head_tags"] : "";
$PHORUM["DATA"]["FORUM_ID"] = $PHORUM["forum_id"];
$PHORUM["DATA"]["FORUM_ID"] = $PHORUM["forum_id"];
if ( !defined( "PHORUM_ADMIN" ) ) {
if ( !defined( "PHORUM_ADMIN" ) ) {
// if the Phorum is disabled, display a message.
// if the Phorum is disabled, display a message.
if(isset($PHORUM["status"]) && $PHORUM["status"]==PHORUM_MASTER_STATUS_DISABLED){
if(isset($PHORUM["status"]) && $PHORUM["status"]==PHORUM_MASTER_STATUS_DISABLED){
if(!empty($PHORUM["disabled_url"])){
if(!empty($PHORUM["disabled_url"])){
header("Location: ".$PHORUM["disabled_url"]);
header("Location: ".$PHORUM["disabled_url"]);
exit();
exit();
} else {
} else {
echo "This Phorum is currently disabled. Please contact the web site owner at ".$PHORUM['system_email_from_address']." for more information.\n";
echo "This Phorum is currently disabled. Please contact the web site owner at ".$PHORUM['system_email_from_address']." for more information.\n";
exit();
exit();
}
}
}
}
// load the forum's settings
// load the forum's settings
if(!empty($PHORUM["forum_id"])){
if(!empty($PHORUM["forum_id"])){
$forum_settings = phorum_db_get_forums( $PHORUM["forum_id"] );
$forum_settings = phorum_db_get_forums( $PHORUM["forum_id"] );
if ( !isset($forum_settings[$PHORUM["forum_id"]]) )
if ( !isset($forum_settings[$PHORUM["forum_id"]]) )
{
{
/*
/*
* [hook]
* [hook]
* common_no_forum
* common_no_forum
*
*
* [description]
* [description]
* This hook is called in case a forum_id is requested for
* This hook is called in case a forum_id is requested for
* an unknown or inaccessible forum. It can be used for
* an unknown or inaccessible forum. It can be used for
* doing things like logging the bad requests or fully
* doing things like logging the bad requests or fully
* overriding Phorum's default behavior for these cases
* overriding Phorum's default behavior for these cases
* (which is redirecting the user back to the index page).
* (which is redirecting the user back to the index page).
*
*
* [category]
* [category]
* Request initialization
* Request initialization
*
*
* [when]
* [when]
* In <filename>common.php</filename>, right after detecting
* In <filename>common.php</filename>, right after detecting
* that a requested forum does not exist or is inaccessible
* that a requested forum does not exist or is inaccessible
* and right before redirecting the user back to the Phorum
* and right before redirecting the user back to the Phorum
* index page.
* index page.
*
*
* [input]
* [input]
* No input.
* No input.
*
*
* [output]
* [output]
* No output.
* No output.
*
*
* [example]
* [example]
* <hookcode>
* <hookcode>
* function phorum_mod_foo_common_no_forum()
* function phorum_mod_foo_common_no_forum()
* {
* {
* // Return a 404 Not found error instead of redirecting
* // Return a 404 Not found error instead of redirecting
* // the user back to the index.
* // the user back to the index.
* header("HTTP/1.0 404 Not Found");
* header("HTTP/1.0 404 Not Found");
* print "<html><head>\n";
* print "<html><head>\n";
* print " <title>404 - Not Found</title>\n";
* print " <title>404 - Not Found</title>\n";
* print "</head><body>";
* print "</head><body>";
* print " <h1>404 - Forum Not Found</h1>";
* print " <h1>404 - Forum Not Found</h1>";
* print "</body></html>";
* print "</body></html>";
* exit();
* exit();
* }
* }
* </hookcode>
* </hookcode>
*/
*/
if (isset($PHORUM["hooks"]["common_no_forum"])) {
if (isset($PHORUM["hooks"]["common_no_forum"])) {
phorum_hook("common_no_forum", "");
phorum_hook("common_no_forum", "");
}
}
phorum_redirect_by_url( phorum_get_url( PHORUM_INDEX_URL ) );
phorum_redirect_by_url( phorum_get_url( PHORUM_INDEX_URL ) );
exit();
exit();
}
}
$PHORUM = array_merge( $PHORUM, $forum_settings[$PHORUM["forum_id"]] );
$PHORUM = array_merge( $PHORUM, $forum_settings[$PHORUM["forum_id"]] );
} elseif(isset($PHORUM["forum_id"]) && $PHORUM["forum_id"]==0){
} elseif(isset($PHORUM["forum_id"]) && $PHORUM["forum_id"]==0){
$PHORUM = array_merge( $PHORUM, $PHORUM["default_forum_options"] );
$PHORUM = array_merge( $PHORUM, $PHORUM["default_forum_options"] );
// some hard settings are needed if we are looking at forum_id 0
// some hard settings are needed if we are looking at forum_id 0
$PHORUM['vroot']=0;
$PHORUM['vroot']=0;
$PHORUM['parent_id']=0;
$PHORUM['parent_id']=0;
$PHORUM['active']=1;
$PHORUM['active']=1;
$PHORUM['folder_flag']=1;
$PHORUM['folder_flag']=1;
$PHORUM['cache_version']=0;
$PHORUM['cache_version']=0;
}
}
// handling vroots
// handling vroots
if(!empty($PHORUM['vroot'])) {
if(!empty($PHORUM['vroot'])) {
$vroot_folders = phorum_db_get_forums($PHORUM['vroot']);
$vroot_folders = phorum_db_get_forums($PHORUM['vroot']);
$PHORUM["title"] = $vroot_folders[$PHORUM['vroot']]['name'];
$PHORUM["title"] = $vroot_folders[$PHORUM['vroot']]['name'];
$PHORUM["DATA"]["TITLE"] = $PHORUM["title"];
$PHORUM["DATA"]["TITLE"] = $PHORUM["title"];
$PHORUM["DATA"]["HTML_TITLE"] = $PHORUM["title"];
$PHORUM["DATA"]["HTML_TITLE"] = $PHORUM["title"];
if($PHORUM['vroot'] == $PHORUM['forum_id']) {
if($PHORUM['vroot'] == $PHORUM['forum_id']) {
// unset the forum-name if we are in the vroot-index
// unset the forum-name if we are in the vroot-index
// otherwise the NAME and TITLE would be the same and still shown twice
// otherwise the NAME and TITLE would be the same and still shown twice
unset($PHORUM['name']);
unset($PHORUM['name']);
}
}
}
}
// stick some stuff from the settings into the DATA member
// stick some stuff from the settings into the DATA member
$PHORUM["DATA"]["NAME"] = ( isset( $PHORUM["name"] ) ) ? $PHORUM["name"] : "";
$PHORUM["DATA"]["NAME"] = ( isset( $PHORUM["name"] ) ) ? $PHORUM["name"] : "";
$PHORUM["DATA"]["HTML_DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? preg_replace("!\s+!", " ", $PHORUM["description"]) : "";
$PHORUM["DATA"]["HTML_DESCRIPTION"] = ( isset( $PHORUM["description"] ) ) ? preg_replace("!\s+!", " ", $PHORUM["description"]) : "";
$PHORUM["DATA"]["DESCRIPTION"] = strip_tags($PHORUM["DATA"]["HTML_DESCRIPTION"]);
$PHORUM["DATA"]["DESCRIPTION"] = strip_tags($PHORUM["DATA"]["HTML_DESCRIPTION"]);
// clean up some more stuff in the description without html
// clean up some more stuff in the description without html
$search_arr = array('\'','"');
$search_arr = array('\'','"');
$replace_arr = array('','');
$replace_arr = array('','');
$PHORUM["DATA"]["DESCRIPTION"]=str_replace($search_arr,$replace_arr,$PHORUM["DATA"]["DESCRIPTION"]);
$PHORUM["DATA"]["DESCRIPTION"]=str_replace($search_arr,$replace_arr,$PHORUM["DATA"]["DESCRIPTION"]);
$PHORUM["DATA"]["ENABLE_PM"] = ( isset( $PHORUM["enable_pm"] ) ) ? $PHORUM["enable_pm"] : "";
$PHORUM["DATA"]["ENABLE_PM"] = ( isset( $PHORUM["enable_pm"] ) ) ? $PHORUM["enable_pm"] : "";
if ( !empty( $PHORUM["DATA"]["HTML_TITLE"] ) && !empty( $PHORUM["DATA"]["NAME"] ) ) {
if ( !empty( $PHORUM["DATA"]["HTML_TITLE"] ) && !empty( $PHORUM["DATA"]["NAME"] ) ) {
$PHORUM["DATA"]["HTML_TITLE"] .= PHORUM_SEPARATOR;
$PHORUM["DATA"]["HTML_TITLE"] .= PHORUM_SEPARATOR;
}
}
$PHORUM["DATA"]["HTML_TITLE"] .= $PHORUM["DATA"]["NAME"];
$PHORUM["DATA"]["HTML_TITLE"] .= $PHORUM["DATA"]["NAME"];
// Try to restore a user session.
// Try to restore a user session.
if (phorum_api_user_session_restore(PHORUM_FORUM_SESSION))
if (phorum_api_user_session_restore(PHORUM_FORUM_SESSION))
{
{
// if the user has overridden thread settings, change it here.
// if the user has overridden thread settings, change it here.
if ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) {
if ( !isset( $PHORUM['display_fixed'] ) || !$PHORUM['display_fixed'] ) {
if ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_ON ) {
if ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_ON ) {
$PHORUM["threaded_list"] = true;
$PHORUM["threaded_list"] = true;
} elseif ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_OFF ) {
} elseif ( $PHORUM["user"]["threaded_list"] == PHORUM_THREADED_OFF ) {
$PHORUM["threaded_list"] = false;
$PHORUM["threaded_list"] = false;
}
}
if ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_ON ) {
if ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_ON ) {
$PHORUM["threaded_read"] = 1;
$PHORUM["threaded_read"] = 1;
} elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_OFF ) {
} elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_OFF ) {
$PHORUM["threaded_read"] = 0;
$PHORUM["threaded_read"] = 0;
} elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_HYBRID ) {
} elseif ( $PHORUM["user"]["threaded_read"] == PHORUM_THREADED_HYBRID ) {
$PHORUM["threaded_read"] = 2;
$PHORUM["threaded_read"] = 2;
}
}
}
}
// check if the user has new private messages
// check if the user has new private messages
if (!empty($PHORUM["enable_new_pm_count"]) &&
if (!empty($PHORUM["enable_new_pm_count"]) &&
!empty($PHORUM["enable_pm"])) {
!empty($PHORUM["enable_pm"])) {
$PHORUM['user']['new_private_messages'] =
$PHORUM['user']['new_private_messages'] =
phorum_db_pm_checknew($PHORUM[
phorum_db_pm_checknew($PHORUM['user']['user_id']);
}
}
/*
* [hook]
* common_post_user
*
* [description]
* This hook gives modules a chance to override Phorum variables
* and settings, after the active user has been loaded. The settings
* for the active forum are also loaded before this hook is called,
* therefore this hook can be used for overriding general