| [ Index ] |
PHP Cross Reference of Nuke-Evolution v2.0.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /*======================================================================= 3 Nuke-Evolution Basic: Enhanced PHP-Nuke Web Portal System 4 =======================================================================*/ 5 6 /*************************************************************************** 7 * functions.php 8 * ------------------- 9 * begin : Saturday, Feb 13, 2001 10 * copyright : (C) 2001 The phpBB Group 11 * email : support@phpbb.com 12 * 13 * Id: functions.php,v 1.133.2.35 2005/07/19 20:01:11 acydburn Exp 14 * 15 ***************************************************************************/ 16 17 /*************************************************************************** 18 * 19 * This program is free software; you can redistribute it and/or modify 20 * it under the terms of the GNU General Public License as published by 21 * the Free Software Foundation; either version 2 of the License, or 22 * (at your option) any later version. 23 * 24 ***************************************************************************/ 25 26 /*****[CHANGES]********************************************************** 27 -=[Mod]=- 28 Attachment Mod v2.4.1 07/20/2005 29 Advanced Username Color v1.0.5 06/11/2005 30 Simply Merge Threads v1.0.1 06/12/2005 31 Global Announcements v1.2.8 06/13/2005 32 Topic display order v1.0.2 06/15/2005 33 Ranks summarize v1.0.4 06/24/2005 34 Goto Specific Page v1.0.0 06/24/2005 35 Advanced Time Management v2.2.0 07/26/2005 36 XData v1.0.3 02/08/2007 37 At a Glance Options v1.0.0 08/17/2005 38 Log Actions Mod - Topic View v2.0.0 09/18/2005 39 Remote Avatar Resize v1.1.4 11/19/2005 40 ************************************************************************/ 41 42 if (!defined('IN_PHPBB') && !defined('NUKE_EVO')) 43 { 44 die('Hacking attempt'); 45 } 46 47 /** 48 * set_var 49 * 50 * Set variable, used by {@link request_var the request_var function} 51 * 52 * @access: private 53 */ 54 function set_var(&$result, $var, $type, $multibyte = false) 55 { 56 settype($var, $type); 57 $result = $var; 58 59 if ($type == 'string') 60 { 61 $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result))); 62 //$result = (STRIP) ? stripslashes($result) : $result; 63 64 // Check for possible multibyte characters to save a preg_replace call if nothing is in there... 65 if ($multibyte && strpos($result, '&#') !== false) 66 { 67 $result = preg_replace('#&(\#[0-9]+;)#', '&\1', $result); 68 } 69 } 70 } 71 72 /** 73 * request_var 74 * 75 * Used to get passed variable 76 */ 77 function request_var($var_name, $default, $multibyte = false) 78 { 79 if (!isset($_REQUEST[$var_name]) || (is_array($_REQUEST[$var_name]) && !is_array($default)) || (is_array($default) && !is_array($_REQUEST[$var_name]))) 80 { 81 return (is_array($default)) ? array() : $default; 82 } 83 84 $var = $_REQUEST[$var_name]; 85 if (!is_array($default)) 86 { 87 $type = gettype($default); 88 } 89 else 90 { 91 list($key_type, $type) = each($default); 92 $type = gettype($type); 93 $key_type = gettype($key_type); 94 } 95 96 if (is_array($var)) 97 { 98 $_var = $var; 99 $var = array(); 100 101 foreach ($_var as $k => $v) 102 { 103 if (is_array($v)) 104 { 105 foreach ($v as $_k => $_v) 106 { 107 set_var($k, $k, $key_type); 108 set_var($_k, $_k, $key_type); 109 set_var($var[$k][$_k], $_v, $type, $multibyte); 110 } 111 } 112 else 113 { 114 set_var($k, $k, $key_type); 115 set_var($var[$k], $v, $type, $multibyte); 116 } 117 } 118 } 119 else 120 { 121 set_var($var, $var, $type, $multibyte); 122 } 123 124 return $var; 125 } 126 /*****[BEGIN]****************************************** 127 [ Mod: Topic display order v1.0.2 ] 128 ******************************************************/ 129 function get_forum_display_sort_option($selected_row=0, $action='list', $list='sort') 130 { 131 global $lang; 132 133 $forum_display_sort = array( 134 'lang_key' => array('Last_Post', 'Sort_Topic_Title', 'Sort_Time', 'Sort_Author'), 135 'fields' => array('t.topic_last_post_id', 't.topic_title', 't.topic_time', 'u.username'), 136 ); 137 $forum_display_order = array( 138 'lang_key' => array('Sort_Descending', 'Sort_Ascending'), 139 'fields' => array('DESC', 'ASC'), 140 ); 141 142 // get the good list 143 $list_name = 'forum_display_' . $list; 144 $listrow = $$list_name; 145 146 // init the result 147 $res = ''; 148 if ( $selected_row > count($listrow['lang_key']) ) 149 { 150 $selected_row = 0; 151 } 152 153 // build list 154 if ($action == 'list') 155 { 156 for ($i=0; $i < count($listrow['lang_key']); $i++) 157 { 158 $selected = ($i==$selected_row) ? ' selected="selected"' : ''; 159 $l_value = (isset($lang[$listrow['lang_key'][$i]])) ? $lang[$listrow['lang_key'][$i]] : $listrow['lang_key'][$i]; 160 $res .= '<option value="' . $i . '"' . $selected . '>' . $l_value . '</option>'; 161 } 162 } 163 else 164 { 165 // field 166 $res = $listrow['fields'][$selected_row]; 167 } 168 return $res; 169 } 170 /*****[END]******************************************** 171 [ Mod: Topic display order v1.0.2 ] 172 ******************************************************/ 173 174 function get_db_stat($mode) 175 { 176 global $db; 177 178 switch( $mode ) 179 { 180 case 'usercount': 181 $sql = "SELECT COUNT(user_id) AS total 182 FROM " . USERS_TABLE . " 183 WHERE user_id <> " . ANONYMOUS; 184 break; 185 186 case 'newestuser': 187 $sql = "SELECT user_id, username 188 FROM " . USERS_TABLE . " 189 WHERE user_id <> " . ANONYMOUS . " 190 ORDER BY user_id DESC 191 LIMIT 1"; 192 break; 193 194 case 'postcount': 195 case 'topiccount': 196 $sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total 197 FROM " . FORUMS_TABLE; 198 break; 199 } 200 201 if ( !($result = $db->sql_query($sql)) ) 202 { 203 return false; 204 } 205 206 $row = $db->sql_fetchrow($result); 207 208 switch ( $mode ) 209 { 210 case 'usercount': 211 return $row['total']; 212 break; 213 case 'newestuser': 214 return $row; 215 break; 216 case 'postcount': 217 return $row['post_total']; 218 break; 219 case 'topiccount': 220 return $row['topic_total']; 221 break; 222 } 223 224 return false; 225 } 226 227 // added at phpBB 2.0.11 to properly format the username 228 function phpbb_clean_username($username) 229 { 230 $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25); 231 $username = phpbb_rtrim($username, "\\"); 232 $username = str_replace("'", "\'", $username); 233 234 return $username; 235 } 236 /** 237 * This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0 238 * Added in phpBB 2.0.18 239 */ 240 function phpbb_ltrim($str, $charlist = false) 241 { 242 if ($charlist === false) 243 { 244 return ltrim($str); 245 } 246 247 $php_version = explode('.', PHP_VERSION); 248 249 // php version < 4.1.0 250 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) 251 { 252 while ($str{0} == $charlist) 253 { 254 $str = substr($str, 1); 255 } 256 } 257 else 258 { 259 $str = ltrim($str, $charlist); 260 } 261 262 return $str; 263 } 264 // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0) 265 function phpbb_rtrim($str, $charlist = false) 266 { 267 if ($charlist === false) 268 { 269 return rtrim($str); 270 } 271 272 $php_version = explode('.', PHP_VERSION); 273 274 // php version < 4.1.0 275 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) 276 { 277 while ($str{strlen($str)-1} == $charlist) 278 { 279 $str = substr($str, 0, strlen($str)-1); 280 } 281 } 282 else 283 { 284 $str = rtrim($str, $charlist); 285 } 286 287 return $str; 288 } 289 290 /** 291 * Our own generator of random values 292 * This uses a constantly changing value as the base for generating the values 293 * The board wide setting is updated once per page if this code is called 294 * With thanks to Anthrax101 for the inspiration on this one 295 * Added in phpBB 2.0.20 296 */ 297 function dss_rand() 298 { 299 global $db, $board_config, $dss_seeded; 300 301 $val = $board_config['rand_seed'] . microtime(); 302 $val = md5($val); 303 $board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a'); 304 305 if($dss_seeded !== true) 306 { 307 $sql = "UPDATE " . CONFIG_TABLE . " SET 308 config_value = '" . $board_config['rand_seed'] . "' 309 WHERE config_name = 'rand_seed'"; 310 311 if( !$db->sql_query($sql) ) 312 { 313 message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql); 314 } 315 316 $dss_seeded = true; 317 } 318 return substr($val, 4, 16); 319 } 320 321 // 322 // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced. 323 // 324 function get_userdata($user, $force_str = false) { 325 global $db; 326 $user = (!is_numeric($user) || $force_str) ? phpbb_clean_username($user) : intval($user); 327 $sql = "SELECT * FROM " . USERS_TABLE . " WHERE "; 328 $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS; 329 if ( !($result = $db->sql_query($sql)) ) { 330 message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql); 331 } 332 return ( $row = $db->sql_fetchrow($result) ) ? $row : false; 333 } 334 335 /*****[BEGIN]****************************************** 336 [ Mod: XData v1.0.3 ] 337 ******************************************************/ 338 /** 339 * FUNCTION set_user_xdata 340 * 341 * Sets a specefic custom profile field ($which_xdata) to the specefied 342 * value ($value) for the user ($user). 343 * 344 * @param int|string $user - user_id or username of the user we're editing 345 * @param int|string $which_xdata - the profile field being changed 346 * @param mixed $value - value to assign 347 * @global class $db 348 * @return null 349 */ 350 function set_user_xdata($user, $which_xdata, $value) 351 { 352 global $db; 353 354 // $value = trim(htmlspecialchars($value)); 355 $value = str_replace("\\'", "'", $value); 356 $value = str_replace("'", "\\'", $value); 357 358 $user_is_name = (!is_numeric($user)) ? true : false; 359 $xd_is_name = (!is_numeric($which_xdata)) ? true : false; 360 361 if ($user_is_name) 362 { 363 $user = phpbb_clean_username($user); 364 } 365 366 $user_where = ($user_is_name) ? ('u.username = \'' . $user . '\'') : ('u.user_id = ' . $user ); 367 $field_where = ($xd_is_name) ? ('xf.code_name = \'' . $which_xdata . '\'') : ('xf.field_id = ' . $which_xdata); 368 369 $sql = "SELECT u.user_id, xf.field_id FROM (" 370 . USERS_TABLE . " AS u, " . XDATA_FIELDS_TABLE . " AS xf) 371 WHERE " . $user_where . " AND " . $field_where . " 372 LIMIT 1"; 373 374 if ( !($result = $db->sql_query($sql)) ) 375 { 376 message_die(GENERAL_ERROR, $lang['XData_error_obtaining_userdata'], '', __LINE__, __FILE__, $sql); 377 } 378 379 $row = $db->sql_fetchrow($result); 380 381 $sql = "DELETE FROM " . XDATA_DATA_TABLE . " 382 WHERE user_id = " . $row['user_id'] . " AND field_id = " . $row['field_id'] . " 383 LIMIT 1"; 384 385 if ( !($db->sql_query($sql)) ) 386 { 387 message_die(GENERAL_ERROR, $lang['XData_failure_removing_data'], '', __LINE__, __FILE__, $sql); 388 } 389 390 if ($value !== '') 391 { 392 $sql = "INSERT INTO " . XDATA_DATA_TABLE . " 393 (user_id, field_id, xdata_value) 394 VALUES (" . $row['user_id'] . ", " . $row['field_id'] . ", '" . $value . "')"; 395 396 if ( !($db->sql_query($sql)) ) 397 { 398 message_die(GENERAL_ERROR, $lang['XData_failure_inserting_data'], '', __LINE__, __FILE__, $sql); 399 } 400 } 401 } 402 403 /** 404 * FUNCTION get_user_xdata 405 * 406 * retrieves the custom profile field data for the user ($user) 407 * similar to get_userdata 408 * 409 * @param int|string $user 410 * @param bool $force_str 411 * @global class $db 412 * @global array $lang 413 * @return array $data 414 */ 415 function get_user_xdata($user, $force_str = false) 416 { 417 global $db; 418 $is_name = ((intval($user) == 0) || $force_str); 419 420 if(!isset($user) || empty($user)) return ''; 421 422 if ($is_name) 423 { 424 $user = trim(htmlspecialchars($user)); 425 $user = substr(str_replace("\\'", "'", $user), 0, 25); 426 $user = str_replace("'", "\\'", $user); 427 428 $sql = "SELECT xf.field_type, xf.code_name, xd.xdata_value 429 FROM " . XDATA_DATA_TABLE . " xd, " . USERS_TABLE . " u, " . XDATA_FIELDS_TABLE . " xf 430 WHERE xf.field_id = xd.field_id AND xd.user_id = u.user_id AND u.username = '" . $user . "'"; 431 } 432 else 433 { 434 $user = intval($user); 435 436 $sql = "SELECT xf.field_type, xf.code_name, xd.xdata_value 437 FROM " . XDATA_DATA_TABLE . " xd, " . XDATA_FIELDS_TABLE . " xf 438 WHERE xf.field_id = xd.field_id AND xd.user_id = " . $user; 439 } 440 441 if ( !($result = $db->sql_query($sql)) ) 442 { 443 message_die(GENERAL_ERROR, $lang['XData_error_obtaining_user_xdata'], '', __LINE__, __FILE__, $sql); 444 } 445 446 $data = array(); 447 while ( $row = $db->sql_fetchrow($result) ) 448 { 449 $data[$row['code_name']] = ( $row['field_type'] != 'checkbox') ? $row['xdata_value'] : ( ( $row['xdata_value'] == 1 ) ? $lang['true'] : $lang['false']); 450 } 451 $db->sql_freeresult($result); 452 453 return $data; 454 } 455 456 /** 457 * FUNCTION get_xd_metadata 458 * 459 * get a list of xdata fields 460 * 461 * @param boolean $force_refresh - if true then we reselect the data from the db. 462 * - otherwise we use the data selected before 463 * @static array $meta - stores the previous selections 464 * @return array $meta - the data of the fields. 465 */ 466 function get_xd_metadata($force_refresh = false) 467 { 468 global $db; 469 static $meta = false; 470 471 if ( !is_array($meta) || $force_refresh ) 472 { 473 $sql = "SELECT 474 field_id, 475 field_name, 476 field_desc, 477 field_type, 478 field_order, 479 code_name, 480 field_length, 481 field_values, 482 field_regexp, 483 default_auth, 484 display_viewprofile, 485 display_register, 486 display_posting, 487 handle_input, 488 allow_bbcode, 489 allow_smilies, 490 allow_html, 491 viewtopic, 492 signup 493 FROM " . XDATA_FIELDS_TABLE . " 494 ORDER BY field_order ASC"; 495 496 if ( !($result = $db->sql_query($sql)) ) 497 { 498 message_die(GENERAL_ERROR, $lang['XData_failure_obtaining_field_data'], '', __LINE__, __FILE__, $sql); 499 } 500 501 $data = array(); 502 503 while ( $row = $db->sql_fetchrow($result) ) 504 { 505 $data[$row['code_name']] = $row; 506 507 if ($row['field_values'] != '') 508 { 509 $data[$row['code_name']]['values_array'] = array('toast'); 510 $values = array(); 511 preg_match_all("/(?<!\\\)'(.*?)(?<!\\\)'/", $row['field_values'], $values); 512 $data[$row['code_name']]['values_array'] = array_map(create_function('$a', "return str_replace(\"\\\\'\", \"'\", \$a);"), $values[1]); 513 } 514 else 515 { 516 $data[$row['code_name']]['values_array'] = array(); 517 } 518 } 519 520 $meta = $data; 521 } 522 523 return $meta; 524 } 525 526 function xdata_auth($fields, $userid, $meta = false) 527 { 528 global $db; 529 530 if(!isset($userid) || empty($userid)) return ''; 531 532 if ($field_id == false) 533 { 534 $field_sql = '1'; 535 } 536 elseif (is_array($fields)) 537 { 538 $field_sql = 'xf.code_name IN(' . implode(', ', $fields) . ')'; 539 } 540 else 541 { 542 $fields_sql = "xf.code_name = '$fields'"; 543 } 544 545 if ($meta == false) 546 { 547 $sql = "SELECT xf.default_auth AS default_auth, xf.code_name AS code_name FROM " . XDATA_FIELDS_TABLE . " xf 548 WHERE $field_sql"; 549 if (!($result = $db->sql_query($sql))) 550 { 551 message_die(GENERAL_ERROR, $lang['XData_failure_obtaining_field_data'], '', __LINE__, __FILE__, $sql); 552 } 553 554 $meta = array(); 555 while ($data = $db->sql_fetchrow($result)) 556 { 557 $meta[$data['code_name']]['default_auth'] = $data['default_auth']; 558 } 559 } 560 561 $sql = "SELECT xf.code_name, xa.auth_value, g.group_single_user 562 FROM " . XDATA_FIELDS_TABLE . " xf, " . XDATA_AUTH_TABLE . " xa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 563 WHERE xf.field_id = xa.field_id 564 AND xa.group_id = ug.group_id 565 AND xa.group_id = g.group_id 566 AND ug.user_id = $userid 567 AND $field_sql 568 ORDER BY g.group_single_user ASC"; 569 570 if (!($result = $db->sql_query($sql))) 571 { 572 message_die(GENERAL_ERROR, $lang['XData_failure_obtaining_field_auth'], '', __LINE__, __FILE__, $sql); 573 } 574 575 $auth = array(); 576 foreach($meta as $key => $value) 577 { 578 $auth[$key] = $value['default_auth']; 579 } 580 581 while($data = $db->sql_fetchrow($result)) 582 { 583