| [ Index ] |
PHP Cross Reference of Nuke-Evolution v2.0.5 |
[Summary view] [Print] [Text view]
1 <?php 2 3 /*======================================================================= 4 Nuke-Evolution Basic: Enhanced PHP-Nuke Web Portal System 5 =======================================================================*/ 6 7 /************************************************************************/ 8 /* PHP-NUKE: Advanced Content Management System */ 9 /* ============================================ */ 10 /* */ 11 /* Copyright (c) 2002 by Francisco Burzi */ 12 /* http://phpnuke.org */ 13 /* */ 14 /* This program is free software. You can redistribute it and/or modify */ 15 /* it under the terms of the GNU General Public License as published by */ 16 /* the Free Software Foundation; either version 2 of the License. */ 17 /************************************************************************/ 18 19 /*****[CHANGES]********************************************************** 20 -=[Base]=- 21 NukeSentinel v2.5.08 07/11/2006 22 Nuke Patched v3.1.0 06/26/2005 23 Language Selector v3.0.0 12/11/2005 24 Admin File Check v3.0.0 11/19/2005 25 PHP Input Filter v1.2.2 10/14/2005 26 HTML Parser v1.2.0 10/27/2005 27 Caching System v1.0.0 10/29/2005 28 Debugger v1.0.0 11/14/2005 29 Module Simplifications v1.0.0 11/17/2005 30 Evolution Functions v1.5.0 11/24/2005 31 Theme Management v1.0.2 12/14/2005 32 -=[Mod]=- 33 Admin Icon/Link Pos v1.0.0 06/02/2005 34 Advanced Username Color v1.0.5 06/11/2005 35 Evolution Version Checker v1.0.0 06/16/2005 36 Lock Modules v1.0.0 08/04/2005 37 Group Colors v1.0.0 10/20/2005 38 Censor v1.0.0 10/20/2005 39 NBBCode v9.26.0 11/23/2005 40 Color Toggle v1.0.0 11/25/2005 41 Lazy Google Tap v1.0.0 01/27/2005 42 Switch Content Script v2.0.0 03/30/2006 43 -=[Module]=- 44 CNB Your Account v4.4.2 06/15/2005 45 -=[Other]=- 46 SSL Administration v1.0.0 08/29/2005 47 Validation v1.1.0 10/17/2005 48 Extra Functions v1.0.0 12/22/2005 49 ************************************************************************/ 50 51 if(defined('NUKE_EVO')) return; 52 53 if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) { 54 exit('Access Denied'); 55 } 56 57 // Define File 58 define_once('NUKE_EVO', '2.0.5'); 59 define_once('EVO_EDITION', 'Basic'); 60 define('PHPVERS', @phpversion()); 61 define_once('EVO_VERSION', NUKE_EVO . ' ' . EVO_EDITION); 62 63 if (!ini_get('register_globals')) @import_request_variables('GPC'); 64 65 $admin = (isset($_COOKIE['admin'])) ? $_COOKIE['admin'] : false; 66 $user = (isset($_COOKIE['user'])) ? $_COOKIE['user'] : false; 67 if ((isset($_POST['name']) && !empty($_POST['name'])) && (isset($_GET['name']) && !empty($_GET['name']))) { 68 $name = (isset($_GET['name']) && !stristr($_GET['name'],'..') && !stristr($_GET['name'],'://')) ? addslashes(trim($_GET['name'])) : false; 69 } else { 70 $name = (isset($_REQUEST['name']) && !stristr($_REQUEST['name'],'..') && !stristr($_REQUEST['name'],'://')) ? addslashes(trim($_REQUEST['name'])) : false; 71 } 72 $start_mem = function_exists('memory_get_usage') ? memory_get_usage() : 0; 73 $start_time = get_microtime(); 74 75 // Stupid handle to create REQUEST_URI for IIS 5 servers 76 if (ereg('IIS', $_SERVER['SERVER_SOFTWARE']) && isset($_SERVER['SCRIPT_NAME'])) { 77 $requesturi = $_SERVER['SCRIPT_NAME']; 78 if (isset($_SERVER['QUERY_STRING'])) { 79 $requesturi .= '?'.$_SERVER['QUERY_STRING']; 80 } 81 $_SERVER['REQUEST_URI'] = $requesturi; 82 } 83 84 // PHP5 with register_long_arrays off? 85 if (version_compare(PHPVERS, '5.0.0', '>=') && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off')) { 86 $HTTP_POST_VARS =& $_POST; 87 $HTTP_GET_VARS =& $_GET; 88 $HTTP_SERVER_VARS =& $_SERVER; 89 $HTTP_COOKIE_VARS =& $_COOKIE; 90 $HTTP_ENV_VARS =& $_ENV; 91 $HTTP_POST_FILES =& $_FILES; 92 if (isset($_SESSION)) $HTTP_SESSION_VARS =& $_SESSION; 93 } 94 95 if (isset($_COOKIE['DONATION'])) { 96 setcookie('DONATION', null, time()-3600); 97 $type = preg_match('/IIS|Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ? 'Refresh: 0; URL=' : 'Location: '; 98 $url = str_replace('&', "&", $url); 99 header($type . 'modules.php?name=Donations&op=thankyou'); 100 } 101 102 //Inspired by phoenix-cms at website-portals.net 103 //Absolute Nuke directory 104 define('NUKE_BASE_DIR', dirname(__FILE__) . '/'); 105 //Absolute Nuke directory + includes 106 define('NUKE_BLOCKS_DIR', NUKE_BASE_DIR . 'blocks/'); 107 define('NUKE_IMAGES_DIR', NUKE_BASE_DIR . 'images/'); 108 define('NUKE_INCLUDE_DIR', NUKE_BASE_DIR . 'includes/'); 109 define('NUKE_LANGUAGE_DIR', NUKE_BASE_DIR . 'language/'); 110 define('NUKE_MODULES_DIR', NUKE_BASE_DIR . 'modules/'); 111 define('NUKE_THEMES_DIR', NUKE_BASE_DIR . 'themes/'); 112 define('NUKE_ADMIN_DIR', NUKE_BASE_DIR . 'admin/'); 113 define('NUKE_RSS_DIR', NUKE_INCLUDE_DIR . 'rss/'); 114 define('NUKE_DB_DIR', NUKE_INCLUDE_DIR . 'db/'); 115 define('NUKE_ADMIN_MODULE_DIR', NUKE_ADMIN_DIR . 'modules/'); 116 define('NUKE_FORUMS_DIR', (defined("IN_ADMIN") ? './../' : 'modules/Forums/')); 117 define('NUKE_CACHE_DIR', NUKE_INCLUDE_DIR . 'cache/'); 118 define('NUKE_CLASSES_DIR', NUKE_INCLUDE_DIR . 'classes/'); 119 // define the INCLUDE PATH 120 define('INCLUDE_PATH', NUKE_BASE_DIR); 121 122 define('GZIPSUPPORT', extension_loaded('zlib')); 123 define('GDSUPPORT', extension_loaded('gd')); 124 define('CAN_MOD_INI', !stristr(ini_get('disable_functions'), 'ini_set')); 125 126 //Check for these functions to see if we can use the new captcha 127 if(function_exists('imagecreatetruecolor') && function_exists('imageftbbox')) { 128 define('CAPTCHA',true); 129 } 130 131 if (CAN_MOD_INI) { 132 ini_set('magic_quotes_sybase', 0); 133 ini_set('zlib.output_compression', 0); 134 } 135 136 // Include config file 137 @require_once (NUKE_BASE_DIR.'config.php'); 138 if(!$directory_mode) { 139 $directory_mode = 0777; 140 } else { 141 $directory_mode = 0755; 142 } 143 if (!$file_mode) { 144 $file_mode = 0666; 145 } else { 146 $file_mode = 0644; 147 } 148 // Include the required files 149 @require_once(NUKE_DB_DIR.'db.php'); 150 //$db->debug = true; 151 // Include Error Logger and identify class 152 @require_once(NUKE_CLASSES_DIR.'class.identify.php'); 153 global $agent; 154 $agent = identify::identify_agent(); 155 @require_once(NUKE_INCLUDE_DIR.'log.php'); 156 157 if (ini_get('output_buffering') && !isset($agent['bot'])) { 158 ob_end_clean(); 159 header('Content-Encoding: none'); 160 } 161 162 $do_gzip_compress = false; 163 if (GZIPSUPPORT && !ini_get('zlib.output_compression') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && eregi('gzip', $_SERVER['HTTP_ACCEPT_ENCODING'])) { 164 if (version_compare(PHPVERS, '4.3.0', '>=')) { # PHP 4.2.x seems to give memleak 165 ob_start('ob_gzhandler'); 166 } else { 167 $do_gzip_compress = true; 168 ob_start(); 169 ob_implicit_flush(0); 170 header('Content-Encoding: gzip'); 171 } 172 } else { 173 ob_start(); 174 ob_implicit_flush(0); 175 } 176 177 @require_once(NUKE_CLASSES_DIR.'class.cache.php'); 178 @require_once(NUKE_CLASSES_DIR.'class.debugger.php'); 179 require_once(NUKE_INCLUDE_DIR.'functions_evo.php'); 180 include_once(NUKE_INCLUDE_DIR.'validation.php'); 181 182 /*****[BEGIN]****************************************** 183 [ Base: PHP Input Filter v1.2.2 ] 184 ******************************************************/ 185 if (PHPVERS > '4.0' && (!defined('NO_SECURITY') && !defined('ADMIN_FILE'))) { 186 require_once(NUKE_CLASSES_DIR.'class.inputfilter.php'); 187 $data = array_merge($_POST, $_GET); 188 //This is the new php input class it will filter out bad HTML code and XSS 189 //data from POSTs or GETs 190 if(defined('MEDIUM_SECURITY')) { 191 if(isset($_POST['message']) && !empty($_POST['message'])){ 192 if (preg_match("/(<.*?pre\s?.*?>.*<.*?pre\s?'.*?>|document.location.*?=.*document\..*)/i", $_POST['message'])) { 193 InputFilter::filtered('',$_POST['message']); 194 } 195 } 196 $filter = new InputFilter("", "", 1, 1, 0); 197 } else { 198 $filter = new InputFilter("", "", 1, 1, 1); 199 } 200 if(!empty($data)) { 201 $data = $filter->process($data); 202 } 203 define('INPUT_FILTER',true); 204 } 205 /*****[END]******************************************** 206 [ Base: PHP Input Filter v1.2.2 ] 207 ******************************************************/ 208 // We globalize the $cookie and $userinfo variables, 209 // so that they dont have to be called each time 210 // And as you can see, getusrinfo() is now deprecated. 211 // Because you dont have to call it anymore, just call $userinfo 212 if(is_user()) { 213 $cookie = cookiedecode(); 214 $userinfo = get_user_field('*', $cookie[1], true); 215 } else { 216 $cookie = array(); 217 $userinfo = get_user_field('*', 'Anonymous', true); 218 //$userinfo = array(); 219 } 220 221 if(stristr($_SERVER['REQUEST_URI'], '.php/')) { 222 redirect(str_replace('.php/', '.php', $_SERVER['REQUEST_URI'])); 223 } 224 225 include_once(NUKE_MODULES_DIR.'Your_Account/includes/mainfileend.php'); 226 227 if (isset($_POST['clear_cache'])) { 228 $cache->clear(); 229 } 230 231 define('NUKE_FILE', true); 232 $dbi = $db->db_connect_id; 233 $badreasons = 4; 234 $sitekey = md5($_SERVER['HTTP_HOST']); 235 $gfx_chk = 0; 236 $tipath = 'images/topics/'; 237 $reasons = array('As Is', 'Offtopic', 'Flamebait', 'Troll', 'Redundant', 'Insighful', 'Interesting', 'Informative', 'Funny', 'Overrated', 'Underrated'); 238 $AllowableHTML = array('b'=>1, 'i'=>1, 'a'=>2, 'em'=>1, 'br'=>1, 'strong'=>1, 'blockquote'=>1, 'tt'=>1, 'li'=>1, 'ol'=>1, 'ul'=>1, 'pre'=>1); 239 240 $nukeconfig = load_nukeconfig(); 241 foreach($nukeconfig as $var => $value) { 242 $$var = $value; 243 } 244 /*****[BEGIN]****************************************** 245 [ Base: Language Selector v3.0.0 ] 246 ******************************************************/ 247 @require_once(NUKE_INCLUDE_DIR.'language.php'); 248 /*****[END]******************************************** 249 [ Base: Language Selector v3.0.0 ] 250 ******************************************************/ 251 $adminmail = stripslashes($adminmail); 252 $foot1 = stripslashes($foot1); 253 $foot2 = stripslashes($foot2); 254 $foot3 = stripslashes($foot3); 255 $commentlimit = intval($commentlimit); 256 $minpass = intval($minpass); 257 $pollcomm = intval($pollcomm); 258 $articlecomm = intval($articlecomm); 259 $my_headlines = intval($my_headlines); 260 $top = intval($top); 261 $storyhome = intval($storyhome); 262 $user_news = intval($user_news); 263 $oldnum = intval($oldnum); 264 $ultramode = intval($ultramode); 265 $banners = intval($banners); 266 $multilingual = intval($multilingual); 267 $useflags = intval($useflags); 268 $notify = intval($notify); 269 $moderate = intval($moderate); 270 $admingraphic = intval($admingraphic); 271 $httpref = intval($httpref); 272 $httprefmax = intval($httprefmax); 273 $domain = str_replace('http://', '', $nukeurl); 274 if(isset($default_Theme)) $Default_Theme = $default_Theme; 275 if (CAN_MOD_INI) ini_set('sendmail_from', $adminmail); 276 /*****[BEGIN]****************************************** 277 [ Base: Evolution Functions v1.5.0 ] 278 ******************************************************/ 279 $evoconfig = load_evoconfig(); 280 $board_config = load_board_config(); 281 /*****[END]******************************************** 282 [ Base: Evolution Functions v1.5.0 ] 283 ******************************************************/ 284 /*****[BEGIN]****************************************** 285 [ Mod: Lock Modules v1.0.0 ] 286 [ Mod: Queries Count v2.0.0 ] 287 [ Other: SSL Administration v1.0.0 ] 288 [ Base: Censor v1.0.0 ] 289 [ Base: Caching System v3.0.0 ] 290 [ Mod: Color Toggle v1.0.0 ] 291 [ Mod: Lazy Google Tap v1.0.0 ] 292 [ Base: Switch Content Script v2.0.0 ] 293 ******************************************************/ 294 $lock_modules = intval($evoconfig['lock_modules']); 295 $queries_count = intval($evoconfig['queries_count']); 296 $adminssl = intval($evoconfig['adminssl']); 297 $censor_words = $evoconfig['censor_words']; 298 $censor = intval($evoconfig['censor']); 299 $usrclearcache = intval($evoconfig['usrclearcache']); 300 $use_colors = intval($evoconfig['use_colors']); 301 $lazy_tap = intval($evoconfig['lazy_tap']); 302 $img_resize = intval($evoconfig['img_resize']); 303 $img_width = intval($evoconfig['img_width']); 304 $img_height = intval($evoconfig['img_height']); 305 $wysiwyg = $evoconfig['textarea']; 306 $capfile = $evoconfig['capfile']; 307 $collapse = intval($evoconfig['collapse']); 308 $collapsetype = intval($evoconfig['collapsetype']); 309 $module_collapse = intval($evoconfig['module_collapse']); 310 $evouserinfo_ec = intval($evoconfig['evouserinfo_ec']); 311 312 $more_js = ''; 313 $more_styles = ''; 314 /*****[END]******************************************** 315 [ Mod: Lock Modules v1.0.0 ] 316 [ Mod: Queries Count v2.0.0 ] 317 [ Other: SSL Administration v1.0.0 ] 318 [ Base: Censor v1.0.0 ] 319 [ Base: Caching System v3.0.0 ] 320 [ Mod: Color Toggle v1.0.0 ] 321 [ Mod: Lazy Google Tap v1.0.0 ] 322 [ Base: Switch Content Script v2.0.0 ] 323 ******************************************************/ 324 325 /*****[BEGIN]****************************************** 326 [ Mod: Lazy Google Tap v1.0.0 ] 327 [ Base: Theme Management v1.0.2 ] 328 [ Base: NukeSentinel v2.5.08 ] 329 [ Mod: Custom Text Area v1.0.0 ] 330 ******************************************************/ 331 require_once(NUKE_INCLUDE_DIR.'functions_browser.php'); 332 require_once(NUKE_INCLUDE_DIR.'themes.php'); 333 include_once(NUKE_INCLUDE_DIR.'functions_tap.php'); 334 if (!defined('NO_SENTINEL')) { 335 require_once(NUKE_INCLUDE_DIR.'nukesentinel.php'); 336 } 337 include_once(NUKE_CLASSES_DIR.'class.wysiwyg.php'); 338 /*****[END]******************************************** 339 [ Mod: Lazy Google Tap v1.0.0 ] 340 [ Base: Theme Management v1.0.2 ] 341 [ Base: NukeSentinel v2.5.08 ] 342 [ Mod: Custom Text Area v1.0.0 ] 343 ******************************************************/ 344 345 @require_once(NUKE_CLASSES_DIR.'class.variables.php'); 346 347 if (file_exists(NUKE_INCLUDE_DIR.'custom_files/custom_mainfile.php')) { 348 require_once(NUKE_INCLUDE_DIR.'custom_files/custom_mainfile.php'); 349 } 350 351 if(!defined('FORUM_ADMIN') && !isset($ThemeSel) && !defined('RSS_FEED')) { 352 $ThemeSel = get_theme(); 353 include_once(NUKE_THEMES_DIR . $ThemeSel . '/theme.php'); 354 } 355 356 /*****[BEGIN]****************************************** 357 [ Base: Admin File Check v3.0.0 ] 358 ******************************************************/ 359 if (!defined('FORUM_ADMIN')) { 360 global $admin_file; 361 if(!isset($admin_file) || empty($admin_file)) { 362 die('You must set a value for $admin_file in config.php'); 363 } elseif (!empty($admin_file) && !file_exists(NUKE_BASE_DIR.$admin_file.'.php')) { 364 die('The $admin_file you defined in config.php does not exist'); 365 } 366 } 367 /*****[END]******************************************** 368 [ Base: Admin File Check v3.0.0 ] 369 ******************************************************/ 370 371 function define_once($constant, $value) { 372 if(!defined($constant)) { 373 define($constant, $value); 374 } 375 } 376 377 function is_admin($trash=0) { 378 static $adminstatus; 379 if(isset($adminstatus)) return $adminstatus; 380 $admincookie = isset($_COOKIE['admin']) ? $_COOKIE['admin'] : false; 381 if (!$admincookie) { return $adminstatus = 0; } 382 $admincookie = (!is_array($admincookie)) ? explode(':', base64_decode($admincookie)) : $admincookie; 383 $aid = $admincookie[0]; 384 $pwd = $admincookie[1]; 385 $aid = substr(addslashes($aid), 0, 25); 386 if (!empty($aid) && !empty($pwd)) { 387 if (!function_exists('get_admin_field')) { 388 global $db, $prefix; 389 $pass = $db->sql_ufetchrow("SELECT `pwd` FROM `" . $prefix . "_authors` WHERE `aid` = '" . str_replace("\'", "''", $aid) . "'", SQL_ASSOC); 390 $pass = (isset($pass['pwd'])) ? $pass['pwd'] : ''; 391 } else { 392 $pass = get_admin_field('pwd', $aid); 393 } 394 if ($pass == $pwd && !empty($pass)) { 395 return $adminstatus = 1; 396 } 397 } 398 return $adminstatus = 0; 399 } 400 401 function is_user($trash=0) { 402 static $userstatus; 403 if(isset($userstatus)) return $userstatus; 404 $usercookie = isset($_COOKIE['user']) ? $_COOKIE['user'] : false; 405 if (!$usercookie) { return $userstatus = 0; } 406 $usercookie = (!is_array($usercookie)) ? explode(':', base64_decode($usercookie)) : $usercookie; 407 $uid = $usercookie[0]; 408 $pwd = $usercookie[2]; 409 $uid = intval($uid); 410 if (!empty($uid) AND !empty($pwd)) { 411 $user_password = get_user_field('user_password', $uid); 412 if ($user_password == $pwd && !empty($user_password)) { 413 return $userstatus = 1; 414 } 415 } 416 return $userstatus = 0; 417 } 418 419 function cookiedecode($trash=0) { 420 global $cookie; 421 static $rcookie; 422 if(isset($rcookie)) { return $rcookie; } 423 $usercookie = $_COOKIE['user']; 424 $rcookie = (!is_array($usercookie)) ? explode(':', base64_decode($usercookie)) : $usercookie; 425 $pass = get_user_field('user_password', $rcookie[1], true); 426 if ($rcookie[2] == $pass && !empty($pass)) { 427 return $cookie = $rcookie; 428 } 429 return false; 430 } 431 432 function title($text) { 433 OpenTable(); 434 echo '<div class="title" style="text-align: center"><strong>'.$text.'</strong></div>'; 435 CloseTable(); 436 echo '<br />'; 437 } 438 439 function is_active($module) { 440 global $prefix, $db, $cache; 441 static $active_modules; 442 if (is_array($active_modules)) { 443 return(isset($active_modules[$module]) ? 1 : 0); 444 } 445 if ((($active_modules = $cache->load('active_modules', 'config')) === false) || empty($active_modules)) { 446 $active_modules = array(); 447 $result = $db->sql_query('SELECT `title` FROM `'.$prefix.'_modules` WHERE `active`="1"'); 448 while(list($title) = $db->sql_fetchrow($result, SQL_NUM)) { 449 $active_modules[$title] = 1; 450 } 451 $db->sql_freeresult($result); 452 $cache->save('active_modules', 'config', $active_modules); 453 } <