phpBB - /branches/phpBB-3_0_0/phpBB/includes/functions.php - Annotate

root / branches / phpBB-3_0_0 / phpBB / includes / functions.php

History | View | Annotate | Download (137.6 kB)

-psotfx
+<?php
-acydburn
+/**
 acydburn
-acydburn
+* @package phpBB3
-acydburn
+* @version $Id$
-acydburn
+* @copyright (c) 2005 phpBB Group
-acydburn
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 acydburn
-acydburn
+*/
 psotfx
-acydburn
+/**
-acydburn
+* @ignore
-acydburn
+*/
-acydburn
+if (!defined('IN_PHPBB'))
 acydburn
-acydburn
+        exit;
 acydburn
 acydburn
-acydburn
+// Common global functions
 acydburn
-acydburn
+/**
-acydburn
+* set_var
 acydburn
-acydburn
+* Set variable, used by {@link request_var the request_var function}
 acydburn
-acydburn
+* @access private
-acydburn
+*/
-acydburn
+function set_var(&$result, $var, $type, $multibyte = false)
 acydburn
-acydburn
+        settype($var, $type);
-acydburn
+        $result = $var;
 acydburn
-acydburn
+        if ($type == 'string')
 acydburn
-acydburn
+                $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8'));
 acydburn
-naderman
+                if (!empty($result))
 acydburn
-naderman
+                        // Make sure multibyte characters are wellformed
-naderman
+                        if ($multibyte)
 naderman
-naderman
+                                if (!preg_match('/^./u', $result))
 naderman
-naderman
+                                        $result = '';
 naderman
 naderman
-naderman
+                        else
 naderman
-naderman
+                                // no multibyte, allow only ASCII (0-127)
-naderman
+                                $result = preg_replace('/[\x80-\xFF]/', '?', $result);
 naderman
 acydburn
 naderman
-naderman
+                $result = (STRIP) ? stripslashes($result) : $result;
 acydburn
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* request_var
 acydburn
-acydburn
+* Used to get passed variable
-acydburn
+*/
-grahamje
+function request_var($var_name, $default, $multibyte = false, $cookie = false)
 psotfx
-grahamje
+        if (!$cookie && isset($_COOKIE[$var_name]))
 grahamje
-grahamje
+                if (!isset($_GET[$var_name]) && !isset($_POST[$var_name]))
 grahamje
-grahamje
+                        return (is_array($default)) ? array() : $default;
 grahamje
-grahamje
+                $_REQUEST[$var_name] = isset($_POST[$var_name]) ? $_POST[$var_name] : $_GET[$var_name];
 grahamje
 grahamje
-bantu
+        $super_global = ($cookie) ? '_COOKIE' : '_REQUEST';
-bantu
+        if (!isset($GLOBALS[$super_global][$var_name]) || is_array($GLOBALS[$super_global][$var_name]) != is_array($default))
 psotfx
-acydburn
+                return (is_array($default)) ? array() : $default;
 psotfx
 acydburn
-bantu
+        $var = $GLOBALS[$super_global][$var_name];
-acydburn
+        if (!is_array($default))
 acydburn
-acydburn
+                $type = gettype($default);
 acydburn
-psotfx
+        else
 psotfx
-acydburn
+                list($key_type, $type) = each($default);
-acydburn
+                $type = gettype($type);
-acydburn
+                $key_type = gettype($key_type);
-naderman
+                if ($type == 'array')
 naderman
-naderman
+                        reset($default);
-acydburn
+                        $default = current($default);
-acydburn
+                        list($sub_key_type, $sub_type) = each($default);
-naderman
+                        $sub_type = gettype($sub_type);
-naderman
+                        $sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type;
-naderman
+                        $sub_key_type = gettype($sub_key_type);
 naderman
 acydburn
 psotfx
-acydburn
+        if (is_array($var))
 acydburn
-acydburn
+                $_var = $var;
-acydburn
+                $var = array();
 acydburn
-acydburn
+                foreach ($_var as $k => $v)
 psotfx
-naderman
+                        set_var($k, $k, $key_type);
-naderman
+                        if ($type == 'array' && is_array($v))
 psotfx
-acydburn
+                                foreach ($v as $_k => $_v)
 psotfx
-naderman
+                                        if (is_array($_v))
 naderman
-naderman
+                                                $_v = null;
 naderman
-git-gate
+                                        set_var($_k, $_k, $sub_key_type, $multibyte);
-naderman
+                                        set_var($var[$k][$_k], $_v, $sub_type, $multibyte);
 psotfx
 psotfx
-acydburn
+                        else
 acydburn
-naderman
+                                if ($type == 'array' || is_array($v))
 naderman
-naderman
+                                        $v = null;
 naderman
-acydburn
+                                set_var($var[$k], $v, $type, $multibyte);
 acydburn
 psotfx
 psotfx
-acydburn
+        else
 acydburn
-acydburn
+                set_var($var, $var, $type, $multibyte);
 acydburn
 acydburn
-acydburn
+        return $var;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Set config value. Creates missing config entry.
-acydburn
+*/
-acydburn
+function set_config($config_name, $config_value, $is_dynamic = false)
 ludovic_arnaud
-ludovic_arnaud
+        global $db, $cache, $config;
 ludovic_arnaud
-ludovic_arnaud
+        $sql = 'UPDATE ' . CONFIG_TABLE . "
-ludovic_arnaud
+                SET config_value = '" . $db->sql_escape($config_value) . "'
-acydburn
+                WHERE config_name = '" . $db->sql_escape($config_name) . "'";
-ludovic_arnaud
+        $db->sql_query($sql);
 ludovic_arnaud
-ludovic_arnaud
+        if (!$db->sql_affectedrows() && !isset($config[$config_name]))
 ludovic_arnaud
-acydburn
+                $sql = 'INSERT INTO ' . CONFIG_TABLE . ' ' . $db->sql_build_array('INSERT', array(
-acydburn
+                        'config_name'        => $config_name,
-acydburn
+                        'config_value'        => $config_value,
-acydburn
+                        'is_dynamic'        => ($is_dynamic) ? 1 : 0));
-ludovic_arnaud
+                $db->sql_query($sql);
 ludovic_arnaud
 ludovic_arnaud
-ludovic_arnaud
+        $config[$config_name] = $config_value;
 ludovic_arnaud
-ludovic_arnaud
+        if (!$is_dynamic)
 ludovic_arnaud
-ludovic_arnaud
+                $cache->destroy('config');
 ludovic_arnaud
 ludovic_arnaud
 ludovic_arnaud
-acydburn
+/**
-acydburn
+* Set dynamic config value with arithmetic operation.
-acydburn
+*/
-acydburn
+function set_config_count($config_name, $increment, $is_dynamic = false)
 acydburn
-acydburn
+        global $db, $cache;
 acydburn
-acydburn
+        switch ($db->sql_layer)
 acydburn
-acydburn
+                case 'firebird':
-git-gate
+                        // Precision must be from 1 to 18
-git-gate
+                        $sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
-acydburn
+                break;
 acydburn
-git-gate
+                case 'postgres':
-git-gate
+                        // Need to cast to text first for PostgreSQL 7.x
-git-gate
+                        $sql_update = 'CAST(CAST(config_value::text as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
-git-gate
+                break;
 git-gate
-acydburn
+                // MySQL, SQlite, mssql, mssql_odbc, oracle
-acydburn
+                default:
-acydburn
+                        $sql_update = 'config_value + ' . (int) $increment;
-acydburn
+                break;
 acydburn
 acydburn
-acydburn
+        $db->sql_query('UPDATE ' . CONFIG_TABLE . ' SET config_value = ' . $sql_update . " WHERE config_name = '" . $db->sql_escape($config_name) . "'");
 acydburn
-acydburn
+        if (!$is_dynamic)
 acydburn
-acydburn
+                $cache->destroy('config');
 acydburn
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Generates an alphanumeric random string of given length
 git-gate
-git-gate
+* @return string
-acydburn
+*/
-grahamje
+function gen_rand_string($num_chars = 8)
 psotfx
-git-gate
+        // [a, z] + [0, 9] = 36
-git-gate
+        return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars);
 git-gate
 git-gate
-git-gate
+/**
-git-gate
+* Generates a user-friendly alphanumeric random string of given length
-git-gate
+* We remove 0 and O so users cannot confuse those in passwords etc.
 git-gate
-git-gate
+* @return string
-git-gate
+*/
-git-gate
+function gen_rand_string_friendly($num_chars = 8)
 git-gate
-grahamje
+        $rand_str = unique_id();
 git-gate
-git-gate
+        // Remove Z and Y from the base_convert(), replace 0 with Z and O with Y
-git-gate
+        // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34
-bantu
+        $rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34)));
 psotfx
-grahamje
+        return substr($rand_str, 0, $num_chars);
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Return unique id
-acydburn
+* @param string $extra additional entropy
-acydburn
+*/
-grahamje
+function unique_id($extra = 'c')
 acydburn
-davidmj
+        static $dss_seeded = false;
-davidmj
+        global $config;
 grahamje
-grahamje
+        $val = $config['rand_seed'] . microtime();
-grahamje
+        $val = md5($val);
-grahamje
+        $config['rand_seed'] = md5($config['rand_seed'] . $val . $extra);
 acydburn
-grahamje
+        if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10)))
 grahamje
-git-gate
+                set_config('rand_seed_last_update', time(), true);
-acydburn
+                set_config('rand_seed', $config['rand_seed'], true);
-grahamje
+                $dss_seeded = true;
 grahamje
 grahamje
-grahamje
+        return substr($val, 4, 16);
 acydburn
 acydburn
-acydburn
+/**
-git-gate
+* Wrapper for mt_rand() which allows swapping $min and $max parameters.
 git-gate
-git-gate
+* PHP does not allow us to swap the order of the arguments for mt_rand() anymore.
-git-gate
+* (since PHP 5.3.4, see http://bugs.php.net/46587)
 git-gate
-git-gate
+* @param int $min                Lowest value to be returned
-git-gate
+* @param int $max                Highest value to be returned
 git-gate
-git-gate
+* @return int                        Random integer between $min and $max (or $max and $min)
-git-gate
+*/
-git-gate
+function phpbb_mt_rand($min, $max)
 git-gate
-git-gate
+        return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max);
 git-gate
 git-gate
-git-gate
+/**
-git-gate
+* Wrapper for getdate() which returns the equivalent array for UTC timestamps.
 git-gate
-git-gate
+* @param int $time                Unix timestamp (optional)
 git-gate
-git-gate
+* @return array                        Returns an associative array of information related to the timestamp.
-git-gate
+*                                                See http://www.php.net/manual/en/function.getdate.php
-git-gate
+*/
-git-gate
+function phpbb_gmgetdate($time = false)
 git-gate
-git-gate
+        if ($time === false)
 git-gate
-git-gate
+                $time = time();
 git-gate
 git-gate
-git-gate
+        // getdate() interprets timestamps in local time.
-git-gate
+        // What follows uses the fact that getdate() and
-git-gate
+        // date('Z') balance each other out.
-git-gate
+        return getdate($time - date('Z'));
 git-gate
 git-gate
-git-gate
+/**
-acydburn
+* Return formatted string for filesizes
 bantu
-bantu
+* @param int        $value                        filesize in bytes
-bantu
+* @param bool        $string_only        true if language string should be returned
-bantu
+* @param array        $allowed_units        only allow these units (data array indexes)
 bantu
-bantu
+* @return mixed                                        data array if $string_only is false
-bantu
+* @author bantu
-acydburn
+*/
-bantu
+function get_formatted_filesize($value, $string_only = true, $allowed_units = false)
 acydburn
-acydburn
+        global $user;
 acydburn
-bantu
+        $available_units = array(
-bantu
+                'gb' => array(
-bantu
+                        'min'                 => 1073741824, // pow(2, 30)
-bantu
+                        'index'                => 3,
-bantu
+                        'si_unit'        => 'GB',
-bantu
+                        'iec_unit'        => 'GIB',
-bantu
+                ),
-bantu
+                'mb' => array(
-bantu
+                        'min'                => 1048576, // pow(2, 20)
-bantu
+                        'index'                => 2,
-bantu
+                        'si_unit'        => 'MB',
-bantu
+                        'iec_unit'        => 'MIB',
-bantu
+                ),
-bantu
+                'kb' => array(
-bantu
+                        'min'                => 1024, // pow(2, 10)
-bantu
+                        'index'                => 1,
-bantu
+                        'si_unit'        => 'KB',
-bantu
+                        'iec_unit'        => 'KIB',
-bantu
+                ),
-bantu
+                'b' => array(
-bantu
+                        'min'                => 0,
-bantu
+                        'index'                => 0,
-bantu
+                        'si_unit'        => 'BYTES', // Language index
-bantu
+                        'iec_unit'        => 'BYTES',  // Language index
-bantu
+                ),
-bantu
+        );
 bantu
-bantu
+        foreach ($available_units as $si_identifier => $unit_info)
 acydburn
-bantu
+                if (!empty($allowed_units) && $si_identifier != 'b' && !in_array($si_identifier, $allowed_units))
 bantu
-bantu
+                        continue;
 bantu
 bantu
-bantu
+                if ($value >= $unit_info['min'])
 bantu
-bantu
+                        $unit_info['si_identifier'] = $si_identifier;
 bantu
-bantu
+                        break;
 bantu
 acydburn
-bantu
+        unset($available_units);
 acydburn
-bantu
+        for ($i = 0; $i < $unit_info['index']; $i++)
 acydburn
-bantu
+                $value /= 1024;
 acydburn
-bantu
+        $value = round($value, 2);
 acydburn
-bantu
+        // Lookup units in language dictionary
-bantu
+        $unit_info['si_unit'] = (isset($user->lang[$unit_info['si_unit']])) ? $user->lang[$unit_info['si_unit']] : $unit_info['si_unit'];
-bantu
+        $unit_info['iec_unit'] = (isset($user->lang[$unit_info['iec_unit']])) ? $user->lang[$unit_info['iec_unit']] : $unit_info['iec_unit'];
 bantu
-bantu
+        // Default to IEC
-bantu
+        $unit_info['unit'] = $unit_info['iec_unit'];
 bantu
-bantu
+        if (!$string_only)
 acydburn
-bantu
+                $unit_info['value'] = $value;
 bantu
-bantu
+                return $unit_info;
 acydburn
 acydburn
-bantu
+        return $value  . ' ' . $unit_info['unit'];
 acydburn
 acydburn
-acydburn
+/**
-naderman
+* Determine whether we are approaching the maximum execution time. Should be called once
-naderman
+* at the beginning of the script in which it's used.
-naderman
+* @return        bool        Either true if the maximum execution time is nearly reached, or false
-naderman
+*                                        if some time is still left.
-naderman
+*/
-naderman
+function still_on_time($extra_time = 15)
 naderman
-naderman
+        static $max_execution_time, $start_time;
 naderman
-naderman
+        $time = explode(' ', microtime());
-naderman
+        $current_time = $time[0] + $time[1];
 naderman
-naderman
+        if (empty($max_execution_time))
 naderman
-acydburn
+                $max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time');
 naderman
-naderman
+                // If zero, then set to something higher to not let the user catch the ten seconds barrier.
-naderman
+                if ($max_execution_time === 0)
 naderman
-naderman
+                        $max_execution_time = 50 + $extra_time;
 naderman
 naderman
-naderman
+                $max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50);
 naderman
-naderman
+                // For debugging purposes
-naderman
+                // $max_execution_time = 10;
 naderman
-naderman
+                global $starttime;
-naderman
+                $start_time = (empty($starttime)) ? $current_time : $starttime;
 naderman
 naderman
-naderman
+        return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
 naderman
 naderman
-acydburn
+/**
 acydburn
-acydburn
+* @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
 acydburn
-acydburn
+* Portable PHP password hashing framework.
 acydburn
-acydburn
+* Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
-acydburn
+* the public domain.
 acydburn
-acydburn
+* There's absolutely no warranty.
 acydburn
-acydburn
+* The homepage URL for this framework is:
 acydburn
-acydburn
+*        http://www.openwall.com/phpass/
 acydburn
-acydburn
+* Please be sure to update the Version line if you edit this file in any way.
-acydburn
+* It is suggested that you leave the main version number intact, but indicate
-acydburn
+* your project name (after the slash) and add your own revision information.
 acydburn
-acydburn
+* Please do not change the "private" password hashing method implemented in
-acydburn
+* here, thereby making your hashes incompatible.  However, if you must, please
-acydburn
+* change the hash type identifier (the "$P$") to something different.
 acydburn
-acydburn
+* Obviously, since this code is in the public domain, the above are not
-acydburn
+* requirements (there can be none), but merely suggestions.
 acydburn
 acydburn
-acydburn
+* Hash the password
-acydburn
+*/
-acydburn
+function phpbb_hash($password)
 psotfx
-acydburn
+        $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
 psotfx
-acydburn
+        $random_state = unique_id();
-acydburn
+        $random = '';
-acydburn
+        $count = 6;
 psotfx
-acydburn
+        if (($fh = @fopen('/dev/urandom', 'rb')))
 acydburn
-acydburn
+                $random = fread($fh, $count);
-acydburn
+                fclose($fh);
 acydburn
 acydburn
-acydburn
+        if (strlen($random) < $count)
 acydburn
-acydburn
+                $random = '';
 acydburn
-acydburn
+                for ($i = 0; $i < $count; $i += 16)
 acydburn
-acydburn
+                        $random_state = md5(unique_id() . $random_state);
-acydburn
+                        $random .= pack('H*', md5($random_state));
 acydburn
-acydburn
+                $random = substr($random, 0, $count);
 acydburn
 acydburn
-acydburn
+        $hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
 psotfx
-acydburn
+        if (strlen($hash) == 34)
 psotfx
-acydburn
+                return $hash;
 psotfx
 psotfx
-acydburn
+        return md5($password);
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Check for correct password
 acydburn
-acydburn
+* @param string $password The password in plain text
-acydburn
+* @param string $hash The stored password hash
 acydburn
-acydburn
+* @return bool Returns true if the password is correct, false if not.
-acydburn
+*/
-acydburn
+function phpbb_check_hash($password, $hash)
 acydburn
-acydburn
+        $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-acydburn
+        if (strlen($hash) == 34)
 psotfx
-acydburn
+                return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false;
 psotfx
 psotfx
-acydburn
+        return (md5($password) === $hash) ? true : false;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Generate salt for hash generation
-acydburn
+*/
-acydburn
+function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6)
 psotfx
-acydburn
+        if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
 psotfx
-acydburn
+                $iteration_count_log2 = 8;
 psotfx
 psotfx
-acydburn
+        $output = '$H$';
-acydburn
+        $output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)];
-acydburn
+        $output .= _hash_encode64($input, 6, $itoa64);
 psotfx
-acydburn
+        return $output;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Encode hash
-acydburn
+*/
-acydburn
+function _hash_encode64($input, $count, &$itoa64)
 acydburn
-acydburn
+        $output = '';
-acydburn
+        $i = 0;
 acydburn
-acydburn
+        do
 psotfx
-acydburn
+                $value = ord($input[$i++]);
-acydburn
+                $output .= $itoa64[$value & 0x3f];
 acydburn
-acydburn
+                if ($i < $count)
 acydburn
-acydburn
+                        $value |= ord($input[$i]) << 8;
 acydburn
 acydburn
-acydburn
+                $output .= $itoa64[($value >> 6) & 0x3f];
 acydburn
-acydburn
+                if ($i++ >= $count)
 psotfx
-acydburn
+                        break;
 psotfx
 psotfx
-acydburn
+                if ($i < $count)
 psotfx
-acydburn
+                        $value |= ord($input[$i]) << 16;
 psotfx
 acydburn
-acydburn
+                $output .= $itoa64[($value >> 12) & 0x3f];
 acydburn
-acydburn
+                if ($i++ >= $count)
 acydburn
-acydburn
+                        break;
 acydburn
 acydburn
-acydburn
+                $output .= $itoa64[($value >> 18) & 0x3f];
 acydburn
-acydburn
+        while ($i < $count);
 psotfx
-acydburn
+        return $output;
 acydburn
 psotfx
-acydburn
+/**
-acydburn
+* The crypt function/replacement
-acydburn
+*/
-acydburn
+function _hash_crypt_private($password, $setting, &$itoa64)
 acydburn
-acydburn
+        $output = '*';
 acydburn
-acydburn
+        // Check for correct hash
-git-gate
+        if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$')
 acydburn
-acydburn
+                return $output;
 acydburn
 acydburn
-acydburn
+        $count_log2 = strpos($itoa64, $setting[3]);
 acydburn
-acydburn
+        if ($count_log2 < 7 || $count_log2 > 30)
 acydburn
-acydburn
+                return $output;
 acydburn
 acydburn
-acydburn
+        $count = 1 << $count_log2;
-acydburn
+        $salt = substr($setting, 4, 8);
 acydburn
-acydburn
+        if (strlen($salt) != 8)
 acydburn
-acydburn
+                return $output;
 acydburn
 acydburn
-acydburn
+        /**
-acydburn
+        * We're kind of forced to use MD5 here since it's the only
-acydburn
+        * cryptographic primitive available in all versions of PHP
-acydburn
+        * currently in use.  To implement our own low-level crypto
-acydburn
+        * in PHP would result in much worse performance and
-acydburn
+        * consequently in lower iteration counts and hashes that are
-acydburn
+        * quicker to crack (by non-PHP code).
-acydburn
+        */
-acydburn
+        if (PHP_VERSION >= 5)
 acydburn
-acydburn
+                $hash = md5($salt . $password, true);
-acydburn
+                do
 psotfx
-acydburn
+                        $hash = md5($hash . $password, true);
 psotfx
-acydburn
+                while (--$count);
 psotfx
-acydburn
+        else
 acydburn
-acydburn
+                $hash = pack('H*', md5($salt . $password));
-acydburn
+                do
 acydburn
-acydburn
+                        $hash = pack('H*', md5($hash . $password));
 acydburn
-acydburn
+                while (--$count);
 acydburn
 ludovic_arnaud
-acydburn
+        $output = substr($setting, 0, 12);
-acydburn
+        $output .= _hash_encode64($hash, 16, $itoa64);
 psotfx
-acydburn
+        return $output;
 psotfx
 psotfx
-acydburn
+/**
-bantu
+* Hashes an email address to a big integer
 bantu
-bantu
+* @param string $email                Email address
 bantu
-bantu
+* @return string                        Unsigned Big Integer
-nickvergessen
+*/
-nickvergessen
+function phpbb_email_hash($email)
 nickvergessen
-bantu
+        return sprintf('%u', crc32(strtolower($email))) . strlen($email);
 nickvergessen
 nickvergessen
-nickvergessen
+/**
-git-gate
+* Wrapper for version_compare() that allows using uppercase A and B
-git-gate
+* for alpha and beta releases.
 git-gate
-git-gate
+* See http://www.php.net/manual/en/function.version-compare.php
 git-gate
-git-gate
+* @param string $version1                First version number
-git-gate
+* @param string $version2                Second version number
-git-gate
+* @param string $operator                Comparison operator (optional)
 git-gate
-git-gate
+* @return mixed                                        Boolean (true, false) if comparison operator is specified.
-git-gate
+*                                                                Integer (-1, 0, 1) otherwise.
-git-gate
+*/
-git-gate
+function phpbb_version_compare($version1, $version2, $operator = null)
 git-gate
-git-gate
+        $version1 = strtolower($version1);
-git-gate
+        $version2 = strtolower($version2);
 git-gate
-git-gate
+        if (is_null($operator))
 git-gate
-git-gate
+                return version_compare($version1, $version2);
 git-gate
-git-gate
+        else
 git-gate
-git-gate
+                return version_compare($version1, $version2, $operator);
 git-gate
 git-gate
 git-gate
-git-gate
+/**
-acydburn
+* Global function for chmodding directories and files for internal use
 acydburn
-acydburn
+* This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions.
-acydburn
+* The function determines owner and group from common.php file and sets the same to the provided file.
-acydburn
+* The function uses bit fields to build the permissions.
-acydburn
+* The function sets the appropiate execute bit on directories.
 acydburn
-acydburn
+* Supported constants representing bit fields are:
 acydburn
-acydburn
+* CHMOD_ALL - all permissions (7)
-acydburn
+* CHMOD_READ - read permission (4)
-acydburn
+* CHMOD_WRITE - write permission (2)
-acydburn
+* CHMOD_EXECUTE - execute permission (1)
 acydburn
-acydburn
+* NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions.
 acydburn
-acydburn
+* @param string        $filename        The file/directory to be chmodded
-acydburn
+* @param int        $perms                Permissions to set
 acydburn
-acydburn
+* @return bool        true on success, otherwise false
-acydburn
+* @author faw, phpBB Group
-acydburn
+*/
-acydburn
+function phpbb_chmod($filename, $perms = CHMOD_READ)
 acydburn
-acydburn
+        static $_chmod_info;
 acydburn
-acydburn
+        // Return if the file no longer exists.
-acydburn
+        if (!file_exists($filename))
 acydburn
-acydburn
+                return false;
 acydburn
 acydburn
-acydburn
+        // Determine some common vars
-acydburn
+        if (empty($_chmod_info))
 acydburn
-acydburn
+                if (!function_exists('fileowner') || !function_exists('filegroup'))
 acydburn
-acydburn
+                        // No need to further determine owner/group - it is unknown
-acydburn
+                        $_chmod_info['process'] = false;
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        global $phpbb_root_path, $phpEx;
 acydburn
-acydburn
+                        // Determine owner/group of common.php file and the filename we want to change here
-acydburn
+                        $common_php_owner = @fileowner($phpbb_root_path . 'common.' . $phpEx);
-acydburn
+                        $common_php_group = @filegroup($phpbb_root_path . 'common.' . $phpEx);
 acydburn
-acydburn
+                        // And the owner and the groups PHP is running under.
-acydburn
+                        $php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false;
-acydburn
+                        $php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false;
 acydburn
-acydburn
+                        // If we are unable to get owner/group, then do not try to set them by guessing
-acydburn
+                        if (!$php_uid || empty($php_gids) || !$common_php_owner || !$common_php_group)
 acydburn
-acydburn
+                                $_chmod_info['process'] = false;
 acydburn
-acydburn
+                        else
 acydburn
-acydburn
+                                $_chmod_info = array(
-acydburn
+                                        'process'                => true,
-acydburn
+                                        'common_owner'        => $common_php_owner,
-acydburn
+                                        'common_group'        => $common_php_group,
-acydburn
+                                        'php_uid'                => $php_uid,
-acydburn
+                                        'php_gids'                => $php_gids,
-acydburn
+                                );
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+        if ($_chmod_info['process'])
 acydburn
-acydburn
+                $file_uid = @fileowner($filename);
-acydburn
+                $file_gid = @filegroup($filename);
 acydburn
-acydburn
+                // Change owner
-acydburn
+                if (@chown($filename, $_chmod_info['common_owner']))
 acydburn
-acydburn
+                        clearstatcache();
-acydburn
+                        $file_uid = @fileowner($filename);
 acydburn
 acydburn
-acydburn
+                // Change group
-acydburn
+                if (@chgrp($filename, $_chmod_info['common_group']))
 acydburn
-acydburn
+                        clearstatcache();
-acydburn
+                        $file_gid = @filegroup($filename);
 acydburn
 acydburn
-acydburn
+                // If the file_uid/gid now match the one from common.php we can process further, else we are not able to change something
-acydburn
+                if ($file_uid != $_chmod_info['common_owner'] || $file_gid != $_chmod_info['common_group'])
 acydburn
-acydburn
+                        $_chmod_info['process'] = false;
 acydburn
 acydburn
 acydburn
-acydburn
+        // Still able to process?
-acydburn
+        if ($_chmod_info['process'])
 acydburn
-acydburn
+                if ($file_uid == $_chmod_info['php_uid'])
 acydburn
-acydburn
+                        $php = 'owner';
 acydburn
-acydburn
+                else if (in_array($file_gid, $_chmod_info['php_gids']))
 acydburn
-acydburn
+                        $php = 'group';
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        // Since we are setting the everyone bit anyway, no need to do expensive operations
-acydburn
+                        $_chmod_info['process'] = false;
 acydburn
 acydburn
 acydburn
-acydburn
+        // We are not able to determine or change something
-acydburn
+        if (!$_chmod_info['process'])
 acydburn
-acydburn
+                $php = 'other';
 acydburn
 acydburn
-acydburn
+        // Owner always has read/write permission
-acydburn
+        $owner = CHMOD_READ | CHMOD_WRITE;
-acydburn
+        if (is_dir($filename))
 acydburn
-acydburn
+                $owner |= CHMOD_EXECUTE;
 acydburn
-acydburn
+                // Only add execute bit to the permission if the dir needs to be readable
-acydburn
+                if ($perms & CHMOD_READ)
 acydburn
-acydburn
+                        $perms |= CHMOD_EXECUTE;
 acydburn
 acydburn
 acydburn
-acydburn
+        switch ($php)
 acydburn
-acydburn
+                case 'owner':
-acydburn
+                        $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0));
 acydburn
-toonarmy
+                        clearstatcache();
 toonarmy
-git-gate
+                        if (is_readable($filename) && phpbb_is_writable($filename))
 acydburn
-acydburn
+                                break;
 acydburn
 acydburn
-acydburn
+                case 'group':
-acydburn
+                        $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0));
 acydburn
-toonarmy
+                        clearstatcache();
 toonarmy
-git-gate
+                        if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))
 acydburn
-acydburn
+                                break;
 acydburn
 acydburn
-acydburn
+                case 'other':
-acydburn
+                        $result = @chmod($filename, ($owner << 6) + ($perms << 3) + ($perms << 0));
 acydburn
-toonarmy
+                        clearstatcache();
 toonarmy
-git-gate
+                        if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename)))
 acydburn
-acydburn
+                                break;
 acydburn
 acydburn
-acydburn
+                default:
-acydburn
+                        return false;
-acydburn
+                break;
 acydburn
 acydburn
-acydburn
+        return $result;
 acydburn
 acydburn
-toonarmy
+/**
-acydburn
+* Test if a file/directory is writable
 acydburn
-acydburn
+* This function calls the native is_writable() when not running under
-acydburn
+* Windows and it is not disabled.
 acydburn
-acydburn
+* @param string $file Path to perform write test on
-acydburn
+* @return bool True when the path is writable, otherwise false.
-acydburn
+*/
-toonarmy
+function phpbb_is_writable($file)
 toonarmy
-acydburn
+        if (strtolower(substr(PHP_OS, 0, 3)) === 'win' || !function_exists('is_writable'))
 toonarmy
-toonarmy
+                if (file_exists($file))
 toonarmy
-toonarmy
+                        // Canonicalise path to absolute path
-toonarmy
+                        $file = phpbb_realpath($file);
 toonarmy
-toonarmy
+                        if (is_dir($file))
 toonarmy
-toonarmy
+                                // Test directory by creating a file inside the directory
-toonarmy
+                                $result = @tempnam($file, 'i_w');
 toonarmy
-toonarmy
+                                if (is_string($result) && file_exists($result))
 toonarmy
-toonarmy
+                                        unlink($result);
 toonarmy
-toonarmy
+                                        // Ensure the file is actually in the directory (returned realpathed)
-toonarmy
+                                        return (strpos($result, $file) === 0) ? true : false;
 toonarmy
 toonarmy
-toonarmy
+                        else
 toonarmy
-toonarmy
+                                $handle = @fopen($file, 'r+');
 toonarmy
-toonarmy
+                                if (is_resource($handle))
 toonarmy
-toonarmy
+                                        fclose($handle);
-toonarmy
+                                        return true;
 toonarmy
 toonarmy
 toonarmy
-toonarmy
+                else
 toonarmy
-toonarmy
+                        // file does not exist test if we can write to the directory
-toonarmy
+                        $dir = dirname($file);
 toonarmy
-toonarmy
+                        if (file_exists($dir) && is_dir($dir) && phpbb_is_writable($dir))
 toonarmy
-toonarmy
+                                return true;
 toonarmy
 toonarmy
 acydburn
-toonarmy
+                return false;
 toonarmy
-toonarmy
+        else
 toonarmy
-toonarmy
+                return is_writable($file);
 toonarmy
 toonarmy
 toonarmy
-acydburn
+// Compatibility functions
 acydburn
-acydburn
+if (!function_exists('array_combine'))
 acydburn
-acydburn
+        /**
-acydburn
+        * A wrapper for the PHP5 function array_combine()
-acydburn
+        * @param array $keys contains keys for the resulting array
-acydburn
+        * @param array $values contains values for the resulting array
 acydburn
-acydburn
+        * @return Returns an array by using the values from the keys array as keys and the
-acydburn
+        *         values from the values array as the corresponding values. Returns false if the
-acydburn
+        *         number of elements for each array isn't equal or if the arrays are empty.
-acydburn
+        */
-acydburn
+        function array_combine($keys, $values)
 acydburn
-acydburn
+                $keys = array_values($keys);
-acydburn
+                $values = array_values($values);
 acydburn
-acydburn
+                $n = sizeof($keys);
-acydburn
+                $m = sizeof($values);
-acydburn
+                if (!$n || !$m || ($n != $m))
 acydburn
-acydburn
+                        return false;
 acydburn
 acydburn
-acydburn
+                $combined = array();
-acydburn
+                for ($i = 0; $i < $n; $i++)
 acydburn
-acydburn
+                        $combined[$keys[$i]] = $values[$i];
 acydburn
-acydburn
+                return $combined;
 acydburn
 acydburn
 acydburn
-acydburn
+if (!function_exists('str_split'))
 acydburn
-acydburn
+        /**
-acydburn
+        * A wrapper for the PHP5 function str_split()
-acydburn
+        * @param array $string contains the string to be converted
-acydburn
+        * @param array $split_length contains the length of each chunk
 acydburn
-acydburn
+        * @return  Converts a string to an array. If the optional split_length parameter is specified,
-acydburn
+        *          the returned array will be broken down into chunks with each being split_length in length,
-acydburn
+        *          otherwise each chunk will be one character in length. FALSE is returned if split_length is
-acydburn
+        *          less than 1. If the split_length length exceeds the length of string, the entire string is
-acydburn
+        *          returned as the first (and only) array element.
-acydburn
+        */
-acydburn
+        function str_split($string, $split_length = 1)
 acydburn
-acydburn
+                if ($split_length < 1)
 acydburn
-acydburn
+                        return false;
 acydburn
-acydburn
+                else if ($split_length >= strlen($string))
 acydburn
-acydburn
+                        return array($string);
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        preg_match_all('#.{1,' . $split_length . '}#s', $string, $matches);
-acydburn
+                        return $matches[0];
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+if (!function_exists('stripos'))
 acydburn
-acydburn
+        /**
-acydburn
+        * A wrapper for the PHP5 function stripos
-acydburn
+        * Find position of first occurrence of a case-insensitive string
 acydburn
-acydburn
+        * @param string $haystack is the string to search in
-acydburn
+        * @param string $needle is the string to search for
 acydburn
-acydburn
+        * @return mixed Returns the numeric position of the first occurrence of needle in the haystack string. Unlike strpos(), stripos() is case-insensitive.
-acydburn
+        * Note that the needle may be a string of one or more characters.
-acydburn
+        * If needle is not found, stripos() will return boolean FALSE.
-acydburn
+        */
-acydburn
+        function stripos($haystack, $needle)
 acydburn
-acydburn
+                if (preg_match('#' . preg_quote($needle, '#') . '#i', $haystack, $m))
 acydburn
-acydburn
+                        return strpos($haystack, $m[0]);
 acydburn
 acydburn
-acydburn
+                return false;
 acydburn
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Checks if a path ($path) is absolute or relative
 acydburn
-acydburn
+* @param string $path Path to check absoluteness of
-acydburn
+* @return boolean
-acydburn
+*/
-acydburn
+function is_absolute($path)
 acydburn
-toonarmy
+        return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* @author Chris Smith <chris@project-minerva.org>
-acydburn
+* @copyright 2006 Project Minerva Team
-acydburn
+* @param string $path The path which we should attempt to resolve.
-acydburn
+* @return mixed
-acydburn
+*/
-acydburn
+function phpbb_own_realpath($path)
 acydburn
-acydburn
+        // Now to perform funky shizzle
 acydburn
-acydburn
+        // Switch to use UNIX slashes
-acydburn
+        $path = str_replace(DIRECTORY_SEPARATOR, '/', $path);
-acydburn
+        $path_prefix = '';
 acydburn
-acydburn
+        // Determine what sort of path we have
-acydburn
+        if (is_absolute($path))
 davidmj
-acydburn
+                $absolute = true;
 acydburn
-acydburn
+                if ($path[0] == '/')
 davidmj
-acydburn
+                        // Absolute path, *NIX style
-acydburn
+                        $path_prefix = '';
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        // Absolute path, Windows style
-acydburn
+                        // Remove the drive letter and colon
-acydburn
+                        $path_prefix = $path[0] . ':';
-acydburn
+                        $path = substr($path, 2);
 acydburn
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                // Relative Path
-acydburn
+                // Prepend the current working directory
-acydburn
+                if (function_exists('getcwd'))
 acydburn
-acydburn
+                        // This is the best method, hopefully it is enabled!
-acydburn
+                        $path = str_replace(DIRECTORY_SEPARATOR, '/', getcwd()) . '/' . $path;
-acydburn
+                        $absolute = true;
-acydburn
+                        if (preg_match('#^[a-z]:#i', $path))
 davidmj
-acydburn
+                                $path_prefix = $path[0] . ':';
-acydburn
+                                $path = substr($path, 2);
 acydburn
-acydburn
+                        else
 acydburn
-acydburn
+                                $path_prefix = '';
 acydburn
 acydburn
-acydburn
+                else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME']))
 acydburn
-acydburn
+                        // Warning: If chdir() has been used this will lie!
-acydburn
+                        // Warning: This has some problems sometime (CLI can create them easily)
-acydburn
+                        $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path;
-acydburn
+                        $absolute = true;
-acydburn
+                        $path_prefix = '';
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        // We have no way of getting the absolute path, just run on using relative ones.
-acydburn
+                        $absolute = false;
-acydburn
+                        $path_prefix = '.';
 acydburn
 acydburn
 acydburn
-acydburn
+        // Remove any repeated slashes
-acydburn
+        $path = preg_replace('#/{2,}#', '/', $path);
 acydburn
-acydburn
+        // Remove the slashes from the start and end of the path
-acydburn
+        $path = trim($path, '/');
 davidmj
-acydburn
+        // Break the string into little bits for us to nibble on
-acydburn
+        $bits = explode('/', $path);
 davidmj
-acydburn
+        // Remove any . in the path, renumber array for the loop below
-acydburn
+        $bits = array_values(array_diff($bits, array('.')));
 davidmj
-acydburn
+        // Lets get looping, run over and resolve any .. (up directory)
-acydburn
+        for ($i = 0, $max = sizeof($bits); $i < $max; $i++)
 acydburn
-acydburn
+                // @todo Optimise
-acydburn
+                if ($bits[$i] == '..' )
 acydburn
-acydburn
+                        if (isset($bits[$i - 1]))
 acydburn
-acydburn
+                                if ($bits[$i - 1] != '..')
 davidmj
-acydburn
+                                        // We found a .. and we are able to traverse upwards, lets do it!
-acydburn
+                                        unset($bits[$i]);
-acydburn
+                                        unset($bits[$i - 1]);
-acydburn
+                                        $i -= 2;
-acydburn
+                                        $max -= 2;
-acydburn
+                                        $bits = array_values($bits);
 davidmj
 acydburn
-acydburn
+                        else if ($absolute) // ie. !isset($bits[$i - 1]) && $absolute
 acydburn
-acydburn
+                                // We have an absolute path trying to descend above the root of the filesystem
-acydburn
+                                // ... Error!
-acydburn
+                                return false;
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+        // Prepend the path prefix
-acydburn
+        array_unshift($bits, $path_prefix);
 acydburn
-acydburn
+        $resolved = '';
 davidmj
-acydburn
+        $max = sizeof($bits) - 1;
 davidmj
-acydburn
+        // Check if we are able to resolve symlinks, Windows cannot.
-acydburn
+        $symlink_resolve = (function_exists('readlink')) ? true : false;
 davidmj
-acydburn
+        foreach ($bits as $i => $bit)
 acydburn
-acydburn
+                if (@is_dir("$resolved/$bit") || ($i == $max && @is_file("$resolved/$bit")))
 acydburn
-acydburn
+                        // Path Exists
-acydburn
+                        if ($symlink_resolve && is_link("$resolved/$bit") && ($link = readlink("$resolved/$bit")))
 acydburn
-acydburn
+                                // Resolved a symlink.
-acydburn
+                                $resolved = $link . (($i == $max) ? '' : '/');
-acydburn
+                                continue;
 acydburn
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        // Something doesn't exist here!
-acydburn
+                        // This is correct realpath() behaviour but sadly open_basedir and safe_mode make this problematic
-acydburn
+                        // return false;
 acydburn
-acydburn
+                $resolved .= $bit . (($i == $max) ? '' : '/');
 acydburn
 acydburn
-acydburn
+        // @todo If the file exists fine and open_basedir only has one path we should be able to prepend it
-acydburn
+        // because we must be inside that basedir, the question is where...
-acydburn
+        // @internal The slash in is_dir() gets around an open_basedir restriction
-git-gate
+        if (!@file_exists($resolved) || (!@is_dir($resolved . '/') && !is_file($resolved)))
 acydburn
-acydburn
+                return false;
 acydburn
 acydburn
-acydburn
+        // Put the slashes back to the native operating systems slashes
-acydburn
+        $resolved = str_replace('/', DIRECTORY_SEPARATOR, $resolved);
 acydburn
-acydburn
+        // Check for DIRECTORY_SEPARATOR at the end (and remove it!)
-acydburn
+        if (substr($resolved, -1) == DIRECTORY_SEPARATOR)
 acydburn
-acydburn
+                return substr($resolved, 0, -1);
 acydburn
 acydburn
-acydburn
+        return $resolved; // We got here, in the end!
 acydburn
 acydburn
-acydburn
+if (!function_exists('realpath'))
 acydburn
-acydburn
+        /**
-acydburn
+        * A wrapper for realpath
-acydburn
+        * @ignore
-acydburn
+        */
-acydburn
+        function phpbb_realpath($path)
 acydburn
-acydburn
+                return phpbb_own_realpath($path);
 acydburn
 acydburn
-acydburn
+else
 acydburn
-acydburn
+        /**
-acydburn
+        * A wrapper for realpath
-acydburn
+        */
-acydburn
+        function phpbb_realpath($path)
 acydburn
-acydburn
+                $realpath = realpath($path);
 acydburn
-acydburn
+                // Strangely there are provider not disabling realpath but returning strange values. :o
-acydburn
+                // We at least try to cope with them.
-acydburn
+                if ($realpath === $path || $realpath === false)
 acydburn
-acydburn
+                        return phpbb_own_realpath($path);
 acydburn
 acydburn
-acydburn
+                // Check for DIRECTORY_SEPARATOR at the end (and remove it!)
-acydburn
+                if (substr($realpath, -1) == DIRECTORY_SEPARATOR)
 acydburn
-acydburn
+                        $realpath = substr($realpath, 0, -1);
 acydburn
 acydburn
-acydburn
+                return $realpath;
 acydburn
 acydburn
 acydburn
-davidmj
+if (!function_exists('htmlspecialchars_decode'))
 davidmj
-acydburn
+        /**
-acydburn
+        * A wrapper for htmlspecialchars_decode
-acydburn
+        * @ignore
-acydburn
+        */
-davidmj
+        function htmlspecialchars_decode($string, $quote_style = ENT_COMPAT)
 davidmj
-davidmj
+                return strtr($string, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style)));
 davidmj
 davidmj
 davidmj
-acydburn
+// functions used for building option fields
 acydburn
-acydburn
+/**
-acydburn
+* Pick a language, any language ...
-acydburn
+*/
-psotfx
+function language_select($default = '')
 psotfx
-psotfx
+        global $db;
 psotfx
-psotfx
+        $sql = 'SELECT lang_iso, lang_local_name
-psotfx
+                FROM ' . LANG_TABLE . '
-psotfx
+                ORDER BY lang_english_name';
-acydburn
+        $result = $db->sql_query($sql);
 psotfx
-psotfx
+        $lang_options = '';
-psotfx
+        while ($row = $db->sql_fetchrow($result))
 psotfx
-psotfx
+                $selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : '';
-psotfx
+                $lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>';
 psotfx
-psotfx
+        $db->sql_freeresult($result);
 psotfx
-psotfx
+        return $lang_options;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Pick a template/theme combo,
-acydburn
+*/
-psotfx
+function style_select($default = '', $all = false)
 psotfx
-psotfx
+        global $db;
 psotfx
-psotfx
+        $sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
-psotfx
+        $sql = 'SELECT style_id, style_name
-psotfx
+                FROM ' . STYLES_TABLE . "
-psotfx
+                $sql_where
-psotfx
+                ORDER BY style_name";
-psotfx
+        $result = $db->sql_query($sql);
 psotfx
-psotfx
+        $style_options = '';
-psotfx
+        while ($row = $db->sql_fetchrow($result))
 psotfx
-psotfx
+                $selected = ($row['style_id'] == $default) ? ' selected="selected"' : '';
-psotfx
+                $style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>';
 psotfx
-psotfx
+        $db->sql_freeresult($result);
 psotfx
-psotfx
+        return $style_options;
 psotfx
 thefinn
-acydburn
+/**
-acydburn
+* Pick a timezone
-acydburn
+*/
-acydburn
+function tz_select($default = '', $truncate = false)
 psotfx
-davidmj
+        global $user;
 psotfx
-acydburn
+        $tz_select = '';
-acydburn
+        foreach ($user->lang['tz_zones'] as $offset => $zone)
 thefinn
-acydburn
+                if ($truncate)
 acydburn
-acydburn
+                        $zone_trunc = truncate_string($zone, 50, 255, false, '...');
 acydburn
-dhn2
+                else
 dhn2
-dhn2
+                        $zone_trunc = $zone;
 acydburn
 acydburn
-psotfx
+                if (is_numeric($offset))
 psotfx
-psotfx
+                        $selected = ($offset == $default) ? ' selected="selected"' : '';
-toonarmy
+                        $tz_select .= '<option title="' . $zone . '" value="' . $offset . '"' . $selected . '>' . $zone_trunc . '</option>';
 psotfx
 thefinn
 psotfx
-psotfx
+        return $tz_select;
 psotfx
 psotfx
-acydburn
+// Functions handling topic/post tracking/marking
 acydburn
-acydburn
+/**
-acydburn
+* Marks a topic/forum as read
-acydburn
+* Marks a topic as posted to
 naderman
-naderman
+* @param int $user_id can only be used with $mode == 'post'
-acydburn
+*/
-naderman
+function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
 bartvb
-acydburn
+        global $db, $user, $config;
 acydburn
-acydburn
+        if ($mode == 'all')
 acydburn
-acydburn
+                if ($forum_id === false || !sizeof($forum_id))
 acydburn
-acydburn
+                        if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                                // Mark all forums read (index page)
-acydburn
+                                $db->sql_query('DELETE FROM ' . TOPICS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
-acydburn
+                                $db->sql_query('DELETE FROM ' . FORUMS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
-acydburn
+                                $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
 acydburn
-acydburn
+                        else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                                $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
-davidmj
+                                $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 psotfx
-acydburn
+                                unset($tracking_topics['tf']);
-acydburn
+                                unset($tracking_topics['t']);
-acydburn
+                                unset($tracking_topics['f']);
-acydburn
+                                $tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36);
 acydburn
-davidmj
+                                $user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
-acydburn
+                                $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics);
 acydburn
-acydburn
+                                unset($tracking_topics);
 acydburn
-acydburn
+                                if ($user->data['is_registered'])
 acydburn
-acydburn
+                                        $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
 acydburn
 acydburn
 acydburn
 acydburn
-bartvb
+                return;
 bartvb
-acydburn
+        else if ($mode == 'topics')
 acydburn
-acydburn
+                // Mark all topics in forums read
-acydburn
+                if (!is_array($forum_id))
 acydburn
-acydburn
+                        $forum_id = array($forum_id);
 acydburn
 acydburn
-acydburn
+                // Add 0 to forums array to mark global announcements correctly
-rxu
+                // $forum_id[] = 0;
 psotfx
-acydburn
+                if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                        $sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . "
-acydburn
+                                WHERE user_id = {$user->data['user_id']}
-acydburn
+                                        AND " . $db->sql_in_set('forum_id', $forum_id);
-acydburn
+                        $db->sql_query($sql);
 acydburn
-acydburn
+                        $sql = 'SELECT forum_id
-acydburn
+                                FROM ' . FORUMS_TRACK_TABLE . "
-acydburn
+                                WHERE user_id = {$user->data['user_id']}
-acydburn
+                                        AND " . $db->sql_in_set('forum_id', $forum_id);
-acydburn
+                        $result = $db->sql_query($sql);
 acydburn
-acydburn
+                        $sql_update = array();
-acydburn
+                        while ($row = $db->sql_fetchrow($result))
 bartvb
-toonarmy
+                                $sql_update[] = (int) $row['forum_id'];
 acydburn
-acydburn
+                        $db->sql_freeresult($result);
 psotfx
-acydburn
+                        if (sizeof($sql_update))
 acydburn
-acydburn
+                                $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
-acydburn
+                                        SET mark_time = ' . time() . "
-acydburn
+                                        WHERE user_id = {$user->data['user_id']}
-acydburn
+                                                AND " . $db->sql_in_set('forum_id', $sql_update);
-acydburn
+                                $db->sql_query($sql);
 acydburn
 acydburn
-acydburn
+                        if ($sql_insert = array_diff($forum_id, $sql_update))
 acydburn
-acydburn
+                                $sql_ary = array();
-acydburn
+                                foreach ($sql_insert as $f_id)
 psotfx
-acydburn
+                                        $sql_ary[] = array(
-acydburn
+                                                'user_id'        => (int) $user->data['user_id'],
-acydburn
+                                                'forum_id'        => (int) $f_id,
-acydburn
+                                                'mark_time'        => time()
-acydburn
+                                        );
 psotfx
 psotfx
-acydburn
+                                $db->sql_multi_insert(FORUMS_TRACK_TABLE, $sql_ary);
 acydburn
 acydburn
-acydburn
+                else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                        $tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
-davidmj
+                        $tracking = ($tracking) ? tracking_unserialize($tracking) : array();
 acydburn
-acydburn
+                        foreach ($forum_id as $f_id)
 acydburn
-acydburn
+                                $topic_ids36 = (isset($tracking['tf'][$f_id])) ? $tracking['tf'][$f_id] : array();
 acydburn
-naderman
+                                if (isset($tracking['tf'][$f_id]))
 naderman
-naderman
+                                        unset($tracking['tf'][$f_id]);
 naderman
 naderman
-acydburn
+                                foreach ($topic_ids36 as $topic_id36)
 acydburn
-acydburn
+                                        unset($tracking['t'][$topic_id36]);
 psotfx
 acydburn
-naderman
+                                if (isset($tracking['f'][$f_id]))
 naderman
-naderman
+                                        unset($tracking['f'][$f_id]);
 naderman
 naderman
-acydburn
+                                $tracking['f'][$f_id] = base_convert(time() - $config['board_startdate'], 10, 36);
 acydburn
 psotfx
-acydburn
+                        if (isset($tracking['tf']) && empty($tracking['tf']))
 acydburn
-acydburn
+                                unset($tracking['tf']);
 acydburn
 acydburn
-davidmj
+                        $user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
-acydburn
+                        $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
 acydburn
-acydburn
+                        unset($tracking);
 acydburn
 acydburn
-acydburn
+                return;
 acydburn
-acydburn
+        else if ($mode == 'topic')
 acydburn
-acydburn
+                if ($topic_id === false || $forum_id === false)
 acydburn
-acydburn
+                        return;
 acydburn
 acydburn
-acydburn
+                if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                        $sql = 'UPDATE ' . TOPICS_TRACK_TABLE . '
-acydburn
+                                SET mark_time = ' . (($post_time) ? $post_time : time()) . "
-acydburn
+                                WHERE user_id = {$user->data['user_id']}
-acydburn
+                                        AND topic_id = $topic_id";
-acydburn
+                        $db->sql_query($sql);
 acydburn
-acydburn
+                        // insert row
-acydburn
+                        if (!$db->sql_affectedrows())
 acydburn
-acydburn
+                                $db->sql_return_on_error(true);
 acydburn
-acydburn
+                                $sql_ary = array(
-acydburn
+                                        'user_id'                => (int) $user->data['user_id'],
-acydburn
+                                        'topic_id'                => (int) $topic_id,
-acydburn
+                                        'forum_id'                => (int) $forum_id,
-acydburn
+                                        'mark_time'                => ($post_time) ? (int) $post_time : time(),
-acydburn
+                                );
 acydburn
-acydburn
+                                $db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
 acydburn
-acydburn
+                                $db->sql_return_on_error(false);
 acydburn
 acydburn
-acydburn
+                else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                        $tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
-davidmj
+                        $tracking = ($tracking) ? tracking_unserialize($tracking) : array();
 acydburn
-acydburn
+                        $topic_id36 = base_convert($topic_id, 10, 36);
 acydburn
-acydburn
+                        if (!isset($tracking['t'][$topic_id36]))
 acydburn
-acydburn
+                                $tracking['tf'][$forum_id][$topic_id36] = true;
 acydburn
 acydburn
-acydburn
+                        $post_time = ($post_time) ? $post_time : time();
-acydburn
+                        $tracking['t'][$topic_id36] = base_convert($post_time - $config['board_startdate'], 10, 36);
 acydburn
-acydburn
+                        // If the cookie grows larger than 10000 characters we will remove the smallest value
-acydburn
+                        // This can result in old topics being unread - but most of the time it should be accurate...
-acydburn
+                        if (isset($_COOKIE[$config['cookie_name'] . '_track']) && strlen($_COOKIE[$config['cookie_name'] . '_track']) > 10000)
 acydburn
-acydburn
+                                //echo 'Cookie grown too large' . print_r($tracking, true);
 acydburn
-acydburn
+                                // We get the ten most minimum stored time offsets and its associated topic ids
-acydburn
+                                $time_keys = array();
-acydburn
+                                for ($i = 0; $i < 10 && sizeof($tracking['t']); $i++)
 acydburn
-acydburn
+                                        $min_value = min($tracking['t']);
-acydburn
+                                        $m_tkey = array_search($min_value, $tracking['t']);
-acydburn
+                                        unset($tracking['t'][$m_tkey]);
 acydburn
-acydburn
+                                        $time_keys[$m_tkey] = $min_value;
 acydburn
 acydburn
-acydburn
+                                // Now remove the topic ids from the array...
-acydburn
+                                foreach ($tracking['tf'] as $f_id => $topic_id_ary)
 psotfx
-acydburn
+                                        foreach ($time_keys as $m_tkey => $min_value)
 psotfx
-acydburn
+                                                if (isset($topic_id_ary[$m_tkey]))
 acydburn
-acydburn
+                                                        $tracking['f'][$f_id] = $min_value;
-acydburn
+                                                        unset($tracking['tf'][$f_id][$m_tkey]);
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+                                if ($user->data['is_registered'])
 acydburn
-acydburn
+                                        $user->data['user_lastmark'] = intval(base_convert(max($time_keys) + $config['board_startdate'], 36, 10));
-acydburn
+                                        $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . $user->data['user_lastmark'] . " WHERE user_id = {$user->data['user_id']}");
 acydburn
-acydburn
+                                else
 acydburn
-acydburn
+                                        $tracking['l'] = max($time_keys);
 acydburn
 acydburn
 acydburn
-davidmj
+                        $user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
-acydburn
+                        $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
 acydburn
 psotfx
-acydburn
+                return;
 acydburn
-acydburn
+        else if ($mode == 'post')
 acydburn
-acydburn
+                if ($topic_id === false)
 acydburn
-acydburn
+                        return;
 acydburn
 psotfx
-acydburn
+                $use_user_id = (!$user_id) ? $user->data['user_id'] : $user_id;
 psotfx
-acydburn
+                if ($config['load_db_track'] && $use_user_id != ANONYMOUS)
 acydburn
-acydburn
+                        $db->sql_return_on_error(true);
 acydburn
-acydburn
+                        $sql_ary = array(
-acydburn
+                                'user_id'                => (int) $use_user_id,
-acydburn
+                                'topic_id'                => (int) $topic_id,
-acydburn
+                                'topic_posted'        => 1
-acydburn
+                        );
 acydburn
-acydburn
+                        $db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
 acydburn
-acydburn
+                        $db->sql_return_on_error(false);
 acydburn
 acydburn
-acydburn
+                return;
 acydburn
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Get topic tracking info by using already fetched info
-acydburn
+*/
-acydburn
+function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $global_announce_list = false)
 acydburn
-acydburn
+        global $config, $user;
 acydburn
-acydburn
+        $last_read = array();
 acydburn
-acydburn
+        if (!is_array($topic_ids))
 acydburn
-acydburn
+                $topic_ids = array($topic_ids);
 acydburn
 acydburn
-acydburn
+        foreach ($topic_ids as $topic_id)
 acydburn
-acydburn
+                if (!empty($rowset[$topic_id]['mark_time']))
 acydburn
-acydburn
+                        $last_read[$topic_id] = $rowset[$topic_id]['mark_time'];
 acydburn
 acydburn
 acydburn
-acydburn
+        $topic_ids = array_diff($topic_ids, array_keys($last_read));
 acydburn
-acydburn
+        if (sizeof($topic_ids))
 acydburn
-acydburn
+                $mark_time = array();
 acydburn
-acydburn
+                // Get global announcement info
-acydburn
+                if ($global_announce_list && sizeof($global_announce_list))
 acydburn
-acydburn
+                        if (!isset($forum_mark_time[0]))
 acydburn
-acydburn
+                                global $db;
 acydburn
-acydburn
+                                $sql = 'SELECT mark_time
-acydburn
+                                        FROM ' . FORUMS_TRACK_TABLE . "
-acydburn
+                                        WHERE user_id = {$user->data['user_id']}
-acydburn
+                                                AND forum_id = 0";
-acydburn
+                                $result = $db->sql_query($sql);
-acydburn
+                                $row = $db->sql_fetchrow($result);
-acydburn
+                                $db->sql_freeresult($result);
 acydburn
-acydburn
+                                if ($row)
 acydburn
-acydburn
+                                        $mark_time[0] = $row['mark_time'];
 bartvb
 psotfx
-psotfx
+                        else
 psotfx
-acydburn
+                                if ($forum_mark_time[0] !== false)
 psotfx
-acydburn
+                                        $mark_time[0] = $forum_mark_time[0];
 psotfx
 acydburn
 acydburn
 psotfx
-acydburn
+                if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false)
 acydburn
-acydburn
+                        $mark_time[$forum_id] = $forum_mark_time[$forum_id];
 acydburn
 acydburn
-acydburn
+                $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
 acydburn
-acydburn
+                foreach ($topic_ids as $topic_id)
 acydburn
-acydburn
+                        if ($global_announce_list && isset($global_announce_list[$topic_id]))
 acydburn
-acydburn
+                                $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
 bartvb
-acydburn
+                        else
 acydburn
-acydburn
+                                $last_read[$topic_id] = $user_lastmark;
 acydburn
 acydburn
 acydburn
 psotfx
-acydburn
+        return $last_read;
 acydburn
 psotfx
-acydburn
+/**
-acydburn
+* Get topic tracking info from db (for cookie based tracking only this function is used)
-acydburn
+*/
-acydburn
+function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_list = false)
 acydburn
-acydburn
+        global $config, $user;
 acydburn
-acydburn
+        $last_read = array();
 acydburn
-acydburn
+        if (!is_array($topic_ids))
 acydburn
-acydburn
+                $topic_ids = array($topic_ids);
 acydburn
 acydburn
-acydburn
+        if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                global $db;
 acydburn
-acydburn
+                $sql = 'SELECT topic_id, mark_time
-acydburn
+                        FROM ' . TOPICS_TRACK_TABLE . "
-acydburn
+                        WHERE user_id = {$user->data['user_id']}
-acydburn
+                                AND " . $db->sql_in_set('topic_id', $topic_ids);
-acydburn
+                $result = $db->sql_query($sql);
 acydburn
-acydburn
+                while ($row = $db->sql_fetchrow($result))
 acydburn
-acydburn
+                        $last_read[$row['topic_id']] = $row['mark_time'];
 acydburn
-acydburn
+                $db->sql_freeresult($result);
 acydburn
-acydburn
+                $topic_ids = array_diff($topic_ids, array_keys($last_read));
 acydburn
-acydburn
+                if (sizeof($topic_ids))
 acydburn
-acydburn
+                        $sql = 'SELECT forum_id, mark_time
-acydburn
+                                FROM ' . FORUMS_TRACK_TABLE . "
-acydburn
+                                WHERE user_id = {$user->data['user_id']}
-acydburn
+                                        AND forum_id " .
-acydburn
+                                        (($global_announce_list && sizeof($global_announce_list)) ? "IN (0, $forum_id)" : "= $forum_id");
-acydburn
+                        $result = $db->sql_query($sql);
 acydburn
-acydburn
+                        $mark_time = array();
-acydburn
+                        while ($row = $db->sql_fetchrow($result))
 acydburn
-acydburn
+                                $mark_time[$row['forum_id']] = $row['mark_time'];
 acydburn
-acydburn
+                        $db->sql_freeresult($result);
 psotfx
-acydburn
+                        $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
 acydburn
-acydburn
+                        foreach ($topic_ids as $topic_id)
 bartvb
-acydburn
+                                if ($global_announce_list && isset($global_announce_list[$topic_id]))
 bartvb
-acydburn
+                                        $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
 acydburn
-acydburn
+                                else
 acydburn
-acydburn
+                                        $last_read[$topic_id] = $user_lastmark;
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+        else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                global $tracking_topics;
 ludovic_arnaud
-acydburn
+                if (!isset($tracking_topics) || !sizeof($tracking_topics))
 acydburn
-acydburn
+                        $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
-davidmj
+                        $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 acydburn
 ludovic_arnaud
-acydburn
+                if (!$user->data['is_registered'])
 acydburn
-acydburn
+                        $user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        $user_lastmark = $user->data['user_lastmark'];
 acydburn
 acydburn
-acydburn
+                foreach ($topic_ids as $topic_id)
 acydburn
-acydburn
+                        $topic_id36 = base_convert($topic_id, 10, 36);
 acydburn
-acydburn
+                        if (isset($tracking_topics['t'][$topic_id36]))
 acydburn
-acydburn
+                                $last_read[$topic_id] = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
 psotfx
 acydburn
 acydburn
-acydburn
+                $topic_ids = array_diff($topic_ids, array_keys($last_read));
 acydburn
-acydburn
+                if (sizeof($topic_ids))
 acydburn
-acydburn
+                        $mark_time = array();
-acydburn
+                        if ($global_announce_list && sizeof($global_announce_list))
 psotfx
-acydburn
+                                if (isset($tracking_topics['f'][0]))
 psotfx
-acydburn
+                                        $mark_time[0] = base_convert($tracking_topics['f'][0], 36, 10) + $config['board_startdate'];
 psotfx
 acydburn
 psotfx
-acydburn
+                        if (isset($tracking_topics['f'][$forum_id]))
 acydburn
-acydburn
+                                $mark_time[$forum_id] = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
 acydburn
 acydburn
-acydburn
+                        $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user_lastmark;
 acydburn
-acydburn
+                        foreach ($topic_ids as $topic_id)
 acydburn
-acydburn
+                                if ($global_announce_list && isset($global_announce_list[$topic_id]))
 psotfx
-acydburn
+                                        $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark;
 psotfx
-acydburn
+                                else
 acydburn
-acydburn
+                                        $last_read[$topic_id] = $user_lastmark;
 acydburn
 bartvb
 acydburn
 bartvb
 acydburn
-acydburn
+        return $last_read;
 bartvb
 bartvb
-acydburn
+/**
-bantu
+* Get list of unread topics
 bantu
-bantu
+* @param int $user_id                        User ID (or false for current user)
-bantu
+* @param string $sql_extra                Extra WHERE SQL statement
-rxu
+* @param string $sql_sort                ORDER BY SQL sorting statement
-rxu
+* @param string $sql_limit                Limits the size of unread topics list, 0 for unlimited query
-git-gate
+* @param string $sql_limit_offset  Sets the offset of the first row to search, 0 to search from the start
 bantu
-bantu
+* @return array[int][int]                Topic ids as keys, mark_time of topic as value
-bantu
+*/
-git-gate
+function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)
 bantu
-bantu
+        global $config, $db, $user;
 bantu
-bantu
+        $user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id;
 bantu
-bantu
+        // Data array we're going to return
-bantu
+        $unread_topics = array();
 bantu
-rxu
+        if (empty($sql_sort))
 rxu
-rxu
+                $sql_sort = 'ORDER BY t.topic_last_post_time DESC';
 rxu
 rxu
-bantu
+        if ($config['load_db_lastread'] && $user->data['is_registered'])
 bantu
-acydburn
+                // Get list of the unread topics
-git-gate
+                $last_mark = (int) $user->data['user_lastmark'];
 acydburn
-acydburn
+                $sql_array = array(
-acydburn
+                        'SELECT'                => 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time',
 bantu
-acydburn
+                        'FROM'                        => array(TOPICS_TABLE => 't'),
 bantu
-acydburn
+                        'LEFT_JOIN'                => array(
-acydburn
+                                array(
-acydburn
+                                        'FROM'        => array(TOPICS_TRACK_TABLE => 'tt'),
-acydburn
+                                        'ON'        => "tt.user_id = $user_id AND t.topic_id = tt.topic_id",
-acydburn
+                                ),
-acydburn
+                                array(
-acydburn
+                                        'FROM'        => array(FORUMS_TRACK_TABLE => 'ft'),
-acydburn
+                                        'ON'        => "ft.user_id = $user_id AND t.forum_id = ft.forum_id",
-acydburn
+                                ),
-acydburn
+                        ),
 bantu
-acydburn
+                        'WHERE'                        => "
-git-gate
+                                 t.topic_last_post_time > $last_mark AND
 acydburn
-bantu
+                                (tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR
-bantu
+                                (tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR
-git-gate
+                                (tt.mark_time IS NULL AND ft.mark_time IS NULL)
 acydburn
-rxu
+                                $sql_extra
-acydburn
+                                $sql_sort",
-acydburn
+                );
 bantu
-acydburn
+                $sql = $db->sql_build_query('SELECT', $sql_array);
-git-gate
+                $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
 bantu
-acydburn
+                while ($row = $db->sql_fetchrow($result))
 acydburn
-acydburn
+                        $topic_id = (int) $row['topic_id'];
-acydburn
+                        $unread_topics[$topic_id] = ($row['topic_mark_time']) ? (int) $row['topic_mark_time'] : (($row['forum_mark_time']) ? (int) $row['forum_mark_time'] : $last_mark);
 bantu
-acydburn
+                $db->sql_freeresult($result);
 bantu
-bantu
+        else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 bantu
-rxu
+                global $tracking_topics;
 rxu
-bantu
+                if (empty($tracking_topics))
 rxu
-bantu
+                        $tracking_topics = request_var($config['cookie_name'] . '_track', '', false, true);
-rxu
+                        $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 rxu
 rxu
-rxu
+                if (!$user->data['is_registered'])
 rxu
-rxu
+                        $user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
 rxu
-rxu
+                else
 rxu
-bantu
+                        $user_lastmark = (int) $user->data['user_lastmark'];
 rxu
 rxu
-rxu
+                $sql = 'SELECT t.topic_id, t.forum_id, t.topic_last_post_time
-rxu
+                        FROM ' . TOPICS_TABLE . ' t
-rxu
+                        WHERE t.topic_last_post_time > ' . $user_lastmark . "
-rxu
+                        $sql_extra
-rxu
+                        $sql_sort";
-git-gate
+                $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
 rxu
-rxu
+                while ($row = $db->sql_fetchrow($result))
 rxu
-rxu
+                        $forum_id = (int) $row['forum_id'];
-rxu
+                        $topic_id = (int) $row['topic_id'];
-rxu
+                        $topic_id36 = base_convert($topic_id, 10, 36);
 rxu
-rxu
+                        if (isset($tracking_topics['t'][$topic_id36]))
 rxu
-bantu
+                                $last_read = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
 bantu
-bantu
+                                if ($row['topic_last_post_time'] > $last_read)
 rxu
-bantu
+                                        $unread_topics[$topic_id] = $last_read;
 rxu
 rxu
-rxu
+                        else if (isset($tracking_topics['f'][$forum_id]))
 rxu
-bantu
+                                $mark_time = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
 bantu
-bantu
+                                if ($row['topic_last_post_time'] > $mark_time)
 rxu
-bantu
+                                        $unread_topics[$topic_id] = $mark_time;
 rxu
 rxu
-rxu
+                        else
 rxu
-bantu
+                                $unread_topics[$topic_id] = $user_lastmark;
 rxu
 rxu
-rxu
+                $db->sql_freeresult($result);
 bantu
 bantu
-bantu
+        return $unread_topics;
 bantu
 bantu
-bantu
+/**
-acydburn
+* Check for read forums and update topic tracking info accordingly
 acydburn
-acydburn
+* @param int $forum_id the forum id to check
-acydburn
+* @param int $forum_last_post_time the forums last post time
-acydburn
+* @param int $f_mark_time the forums last mark time if user is registered and load_db_lastread enabled
-acydburn
+* @param int $mark_time_forum false if the mark time needs to be obtained, else the last users forum mark time
 acydburn
-acydburn
+* @return true if complete forum got marked read, else false.
-acydburn
+*/
-acydburn
+function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
 acydburn
-git-gate
+        global $db, $tracking_topics, $user, $config, $auth;
 acydburn
-acydburn
+        // Determine the users last forum mark time if not given.
-acydburn
+        if ($mark_time_forum === false)
 acydburn
-acydburn
+                if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                        $mark_time_forum = (!empty($f_mark_time)) ? $f_mark_time : $user->data['user_lastmark'];
 acydburn
-acydburn
+                else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                        $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
-acydburn
+                        $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 acydburn
-acydburn
+                        if (!$user->data['is_registered'])
 acydburn
-acydburn
+                                $user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0;
 acydburn
 acydburn
-acydburn
+                        $mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark'];
 acydburn
 acydburn
 acydburn
-git-gate
+        // Handle update of unapproved topics info.
-git-gate
+        // Only update for moderators having m_approve permission for the forum.
-git-gate
+        $sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1';
 git-gate
-acydburn
+        // Check the forum for any left unread topics.
-acydburn
+        // If there are none, we mark the forum as read.
-acydburn
+        if ($config['load_db_lastread'] && $user->data['is_registered'])
 acydburn
-acydburn
+                if ($mark_time_forum >= $forum_last_post_time)
 acydburn
-acydburn
+                        // We do not need to mark read, this happened before. Therefore setting this to true
-acydburn
+                        $row = true;
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        $sql = 'SELECT t.forum_id FROM ' . TOPICS_TABLE . ' t
-acydburn
+                                LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')
-acydburn
+                                WHERE t.forum_id = ' . $forum_id . '
-acydburn
+                                        AND t.topic_last_post_time > ' . $mark_time_forum . '
-git-gate
+                                        AND t.topic_moved_id = 0 ' .
-git-gate
+                                        $sql_update_unapproved . '
-acydburn
+                                        AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time)
-acydburn
+                                GROUP BY t.forum_id';
-acydburn
+                        $result = $db->sql_query_limit($sql, 1);
-acydburn
+                        $row = $db->sql_fetchrow($result);
-acydburn
+                        $db->sql_freeresult($result);
 acydburn
 acydburn
-acydburn
+        else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 acydburn
-acydburn
+                // Get information from cookie
-acydburn
+                $row = false;
 acydburn
-acydburn
+                if (!isset($tracking_topics['tf'][$forum_id]))
 acydburn
-acydburn
+                        // We do not need to mark read, this happened before. Therefore setting this to true
-acydburn
+                        $row = true;
 acydburn
-acydburn
+                else
 acydburn
-git-gate
+                        $sql = 'SELECT t.topic_id
-git-gate
+                                FROM ' . TOPICS_TABLE . ' t
-git-gate
+                                WHERE t.forum_id = ' . $forum_id . '
-git-gate
+                                        AND t.topic_last_post_time > ' . $mark_time_forum . '
-git-gate
+                                        AND t.topic_moved_id = 0 ' .
-git-gate
+                                        $sql_update_unapproved;
-acydburn
+                        $result = $db->sql_query($sql);
 acydburn
-acydburn
+                        $check_forum = $tracking_topics['tf'][$forum_id];
-acydburn
+                        $unread = false;
 acydburn
-acydburn
+                        while ($row = $db->sql_fetchrow($result))
 acydburn
-acydburn
+                                if (!isset($check_forum[base_convert($row['topic_id'], 10, 36)]))
 acydburn
-acydburn
+                                        $unread = true;
-acydburn
+                                        break;
 acydburn
 acydburn
-acydburn
+                        $db->sql_freeresult($result);
 acydburn
-acydburn
+                        $row = $unread;
 acydburn
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                $row = true;
 acydburn
 acydburn
-acydburn
+        if (!$row)
 acydburn
-acydburn
+                markread('topics', $forum_id);
-acydburn
+                return true;
 acydburn
 acydburn
-acydburn
+        return false;
 acydburn
 acydburn
-davidmj
+/**
-davidmj
+* Transform an array into a serialized format
-davidmj
+*/
-davidmj
+function tracking_serialize($input)
 davidmj
-davidmj
+        $out = '';
-davidmj
+        foreach ($input as $key => $value)
 davidmj
-davidmj
+                if (is_array($value))
 davidmj
-acydburn
+                        $out .= $key . ':(' . tracking_serialize($value) . ');';
 davidmj
-davidmj
+                else
 davidmj
-davidmj
+                        $out .= $key . ':' . $value . ';';
 davidmj
 davidmj
-davidmj
+        return $out;
 davidmj
 davidmj
-davidmj
+/**
-davidmj
+* Transform a serialized array into an actual array
-davidmj
+*/
-davidmj
+function tracking_unserialize($string, $max_depth = 3)
 davidmj
-davidmj
+        $n = strlen($string);
-davidmj
+        if ($n > 10010)
 davidmj
-davidmj
+                die('Invalid data supplied');
 davidmj
-davidmj
+        $data = $stack = array();
-davidmj
+        $key = '';
-davidmj
+        $mode = 0;
-davidmj
+        $level = &$data;
-davidmj
+        for ($i = 0; $i < $n; ++$i)
 davidmj
-davidmj
+                switch ($mode)
 davidmj
-davidmj
+                        case 0:
-davidmj
+                                switch ($string[$i])
 davidmj
-davidmj
+                                        case ':':
-davidmj
+                                                $level[$key] = 0;
-davidmj
+                                                $mode = 1;
-davidmj
+                                        break;
-davidmj
+                                        case ')':
-davidmj
+                                                unset($level);
-davidmj
+                                                $level = array_pop($stack);
-davidmj
+                                                $mode = 3;
-davidmj
+                                        break;
-davidmj
+                                        default:
-davidmj
+                                                $key .= $string[$i];
 davidmj
-davidmj
+                        break;
 davidmj
-davidmj
+                        case 1:
-davidmj
+                                switch ($string[$i])
 davidmj
-davidmj
+                                        case '(':
-davidmj
+                                                if (sizeof($stack) >= $max_depth)
 davidmj
-davidmj
+                                                        die('Invalid data supplied');
 davidmj
-davidmj
+                                                $stack[] = &$level;
-davidmj
+                                                $level[$key] = array();
-davidmj
+                                                $level = &$level[$key];
-davidmj
+                                                $key = '';
-davidmj
+                                                $mode = 0;
-davidmj
+                                        break;
-davidmj
+                                        default:
-davidmj
+                                                $level[$key] = $string[$i];
-davidmj
+                                                $mode = 2;
-davidmj
+                                        break;
 davidmj
-davidmj
+                        break;
 acydburn
-davidmj
+                        case 2:
-davidmj
+                                switch ($string[$i])
 davidmj
-davidmj
+                                        case ')':
-davidmj
+                                                unset($level);
-davidmj
+                                                $level = array_pop($stack);
-davidmj
+                                                $mode = 3;
-davidmj
+                                        break;
-davidmj
+                                        case ';':
-davidmj
+                                                $key = '';
-davidmj
+                                                $mode = 0;
-davidmj
+                                        break;
-davidmj
+                                        default:
-davidmj
+                                                $level[$key] .= $string[$i];
-davidmj
+                                        break;
 davidmj
-davidmj
+                        break;
 acydburn
-davidmj
+                        case 3:
-davidmj
+                                switch ($string[$i])
 davidmj
-davidmj
+                                        case ')':
-davidmj
+                                                unset($level);
-davidmj
+                                                $level = array_pop($stack);
-davidmj
+                                        break;
-davidmj
+                                        case ';':
-davidmj
+                                                $key = '';
-davidmj
+                                                $mode = 0;
-davidmj
+                                        break;
-davidmj
+                                        default:
-davidmj
+                                                die('Invalid data supplied');
-davidmj
+                                        break;
 davidmj
-davidmj
+                        break;
 davidmj
 davidmj
 davidmj
-davidmj
+        if (sizeof($stack) != 0 || ($mode != 0 && $mode != 3))
 davidmj
-davidmj
+                die('Invalid data supplied');
 davidmj
 acydburn
-davidmj
+        return $level;
 davidmj
 davidmj
-acydburn
+// Pagination functions
 acydburn
-acydburn
+/**
-acydburn
+* Pagination routine, generates page number sequence
-acydburn
+* tpl_prefix is for using different pagination blocks at one page
-acydburn
+*/
-acydburn
+function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = false, $tpl_prefix = '')
 psotfx
-psotfx
+        global $template, $user;
 thefinn
-acydburn
+        // Make sure $per_page is a valid value
-acydburn
+        $per_page = ($per_page <= 0) ? 1 : $per_page;
 acydburn
-shs
+        $seperator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>';
-acydburn
+        $total_pages = ceil($num_items / $per_page);
 psotfx
-psotfx
+        if ($total_pages == 1 || !$num_items)
 psotfx
-psotfx
+                return false;
 psotfx
 psotfx
-psotfx
+        $on_page = floor($start_item / $per_page) + 1;
-Kellanved
+        $url_delim = (strpos($base_url, '?') === false) ? '?' : ((strpos($base_url, '?') === strlen($base_url) - 1) ? '' : '&amp;');
 acydburn
-acydburn
+        $page_string = ($on_page == 1) ? '<strong>1</strong>' : '<a href="' . $base_url . '">1</a>';
 psotfx
-psotfx
+        if ($total_pages > 5)
 psotfx
-psotfx
+                $start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
-psotfx
+                $end_cnt = max(min($total_pages, $on_page + 4), 6);
 psotfx
-git-gate
+                $page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $seperator;
 psotfx
-acydburn
+                for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
 psotfx
-acydburn
+                        $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
-psotfx
+                        if ($i < $end_cnt - 1)
 psotfx
-acydburn
+                                $page_string .= $seperator;
 psotfx
 psotfx
 psotfx
-git-gate
+                $page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $seperator;
 psotfx
-psotfx
+        else
 psotfx
-acydburn
+                $page_string .= $seperator;
 psotfx
-acydburn
+                for ($i = 2; $i < $total_pages; $i++)
 psotfx
-acydburn
+                        $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
-psotfx
+                        if ($i < $total_pages)
 psotfx
-acydburn
+                                $page_string .= $seperator;
 psotfx
 psotfx
 psotfx
 thefinn
-acydburn
+        $page_string .= ($on_page == $total_pages) ? '<strong>' . $total_pages . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a>';
 psotfx
-acydburn
+        if ($add_prevnext_text)
 acydburn
-acydburn
+                if ($on_page != 1)
 acydburn
-acydburn
+                        $page_string = '<a href="' . $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page) . '">' . $user->lang['PREVIOUS'] . '</a>&nbsp;&nbsp;' . $page_string;
 acydburn
 acydburn
-acydburn
+                if ($on_page != $total_pages)
 acydburn
-acydburn
+                        $page_string .= '&nbsp;&nbsp;<a href="' . $base_url . "{$url_delim}start=" . ($on_page * $per_page) . '">' . $user->lang['NEXT'] . '</a>';
 acydburn
 acydburn
 acydburn
-acydburn
+        $template->assign_vars(array(
-acydburn
+                $tpl_prefix . 'BASE_URL'                => $base_url,
-acydburn
+                'A_' . $tpl_prefix . 'BASE_URL'        => addslashes($base_url),
-acydburn
+                $tpl_prefix . 'PER_PAGE'                => $per_page,
 psotfx
-acydburn
+                $tpl_prefix . 'PREVIOUS_PAGE'        => ($on_page == 1) ? '' : $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page),
-acydburn
+                $tpl_prefix . 'NEXT_PAGE'                => ($on_page == $total_pages) ? '' : $base_url . "{$url_delim}start=" . ($on_page * $per_page),
-acydburn
+                $tpl_prefix . 'TOTAL_PAGES'                => $total_pages,
-acydburn
+        ));
 psotfx
-psotfx
+        return $page_string;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Return current page (pagination)
-acydburn
+*/
-psotfx
+function on_page($num_items, $per_page, $start)
 psotfx
-psotfx
+        global $template, $user;
 psotfx
-acydburn
+        // Make sure $per_page is a valid value
-acydburn
+        $per_page = ($per_page <= 0) ? 1 : $per_page;
 acydburn
-psotfx
+        $on_page = floor($start / $per_page) + 1;
 psotfx
-acydburn
+        $template->assign_vars(array(
-acydburn
+                'ON_PAGE'                => $on_page)
-acydburn
+        );
 psotfx
-psotfx
+        return sprintf($user->lang['PAGE_OF'], $on_page, max(ceil($num_items / $per_page), 1));
 psotfx
 psotfx
-acydburn
+// Server functions (building urls, redirecting...)
 acydburn
-acydburn
+/**
-acydburn
+* Append session id to url.
-acydburn
+* This function supports hooks.
 acydburn
-acydburn
+* @param string $url The url the session id needs to be appended to (can have params)
-acydburn
+* @param mixed $params String or array of additional url parameters
-acydburn
+* @param bool $is_amp Is url using &amp; (true) or & (false)
-acydburn
+* @param string $session_id Possibility to use a custom session id instead of the global one
 acydburn
-acydburn
+* Examples:
-acydburn
+* <code>
-acydburn
+* append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1&amp;f=2");
-acydburn
+* append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&amp;f=2');
-acydburn
+* append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&f=2', false);
-acydburn
+* append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2));
-acydburn
+* </code>
 acydburn
-acydburn
+*/
-acydburn
+function append_sid($url, $params = false, $is_amp = true, $session_id = false)
 acydburn
-acydburn
+        global $_SID, $_EXTRA_URL, $phpbb_hook;
 acydburn
-git-gate
+        if ($params === '' || (is_array($params) && empty($params)))
 git-gate
-git-gate
+                // Do not append the ? if the param-list is empty anyway.
-git-gate
+                $params = false;
 git-gate
 git-gate
-git-gate
+        // Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.
-git-gate
+        // They could mimic most of what is within this function
-acydburn
+        if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
 acydburn
-acydburn
+                if ($phpbb_hook->hook_return(__FUNCTION__))
 acydburn
-acydburn
+                        return $phpbb_hook->hook_return_result(__FUNCTION__);
 acydburn
 acydburn
 acydburn
-acydburn
+        $params_is_array = is_array($params);
 acydburn
-acydburn
+        // Get anchor
-acydburn
+        $anchor = '';
-acydburn
+        if (strpos($url, '#') !== false)
 acydburn
-acydburn
+                list($url, $anchor) = explode('#', $url, 2);
-acydburn
+                $anchor = '#' . $anchor;
 acydburn
-acydburn
+        else if (!$params_is_array && strpos($params, '#') !== false)
 acydburn
-acydburn
+                list($params, $anchor) = explode('#', $params, 2);
-acydburn
+                $anchor = '#' . $anchor;
 acydburn
 acydburn
-acydburn
+        // Handle really simple cases quickly
-acydburn
+        if ($_SID == '' && $session_id === false && empty($_EXTRA_URL) && !$params_is_array && !$anchor)
 acydburn
-acydburn
+                if ($params === false)
 acydburn
-acydburn
+                        return $url;
 acydburn
 acydburn
-acydburn
+                $url_delim = (strpos($url, '?') === false) ? '?' : (($is_amp) ? '&amp;' : '&');
-acydburn
+                return $url . ($params !== false ? $url_delim. $params : '');
 acydburn
 acydburn
-acydburn
+        // Assign sid if session id is not specified
-acydburn
+        if ($session_id === false)
 acydburn
-acydburn
+                $session_id = $_SID;
 acydburn
 acydburn
-acydburn
+        $amp_delim = ($is_amp) ? '&amp;' : '&';
-acydburn
+        $url_delim = (strpos($url, '?') === false) ? '?' : $amp_delim;
 acydburn
-acydburn
+        // Appending custom url parameter?
-acydburn
+        $append_url = (!empty($_EXTRA_URL)) ? implode($amp_delim, $_EXTRA_URL) : '';
 acydburn
-acydburn
+        // Use the short variant if possible ;)
-acydburn
+        if ($params === false)
 acydburn
-acydburn
+                // Append session id
-acydburn
+                if (!$session_id)
 acydburn
-acydburn
+                        return $url . (($append_url) ? $url_delim . $append_url : '') . $anchor;
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . 'sid=' . $session_id . $anchor;
 acydburn
 acydburn
 acydburn
-acydburn
+        // Build string if parameters are specified as array
-acydburn
+        if (is_array($params))
 acydburn
-acydburn
+                $output = array();
 acydburn
-acydburn
+                foreach ($params as $key => $item)
 acydburn
-acydburn
+                        if ($item === NULL)
 acydburn
-acydburn
+                                continue;
 acydburn
 acydburn
-acydburn
+                        if ($key == '#')
 acydburn
-acydburn
+                                $anchor = '#' . $item;
-acydburn
+                                continue;
 acydburn
 acydburn
-acydburn
+                        $output[] = $key . '=' . $item;
 acydburn
 acydburn
-acydburn
+                $params = implode($amp_delim, $output);
 acydburn
 acydburn
-acydburn
+        // Append session id and parameters (even if they are empty)
-acydburn
+        // If parameters are empty, the developer can still append his/her parameters without caring about the delimiter
-acydburn
+        return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . $params . ((!$session_id) ? '' : $amp_delim . 'sid=' . $session_id) . $anchor;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Generate board url (example: http://www.example.com/phpBB)
 git-gate
-acydburn
+* @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com)
 git-gate
-git-gate
+* @return string the generated board url
-acydburn
+*/
-acydburn
+function generate_board_url($without_script_path = false)
 psotfx
-acydburn
+        global $config, $user;
 psotfx
-acydburn
+        $server_name = $user->host;
-acydburn
+        $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
 ludovic_arnaud
-acydburn
+        // Forcing server vars is the only way to specify/override the protocol
-acydburn
+        if ($config['force_server_vars'] || !$server_name)
 acydburn
-acydburn
+                $server_protocol = ($config['server_protocol']) ? $config['server_protocol'] : (($config['cookie_secure']) ? 'https://' : 'http://');
-acydburn
+                $server_name = $config['server_name'];
-acydburn
+                $server_port = (int) $config['server_port'];
-acydburn
+                $script_path = $config['script_path'];
 acydburn
-acydburn
+                $url = $server_protocol . $server_name;
-acydburn
+                $cookie_secure = $config['cookie_secure'];
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                // Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
-acydburn
+                $cookie_secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
-acydburn
+                $url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;
 acydburn
-acydburn
+                $script_path = $user->page['root_script_path'];
 acydburn
 acydburn
-acydburn
+        if ($server_port && (($cookie_secure && $server_port <> 443) || (!$cookie_secure && $server_port <> 80)))
 acydburn
-acydburn
+                // HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true)
-acydburn
+                if (strpos($server_name, ':') === false)
 acydburn
-acydburn
+                        $url .= ':' . $server_port;
 acydburn
 acydburn
 acydburn
-acydburn
+        if (!$without_script_path)
 acydburn
-acydburn
+                $url .= $script_path;
 acydburn
 acydburn
-acydburn
+        // Strip / from the end
-acydburn
+        if (substr($url, -1, 1) == '/')
 acydburn
-acydburn
+                $url = substr($url, 0, -1);
 acydburn
 acydburn
-acydburn
+        return $url;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Redirects the user to another page then exits the script nicely
-acydburn
+* This function is intended for urls within the board. It's not meant to redirect to cross-domains.
 acydburn
-acydburn
+* @param string $url The url to redirect to
-acydburn
+* @param bool $return If true, do not redirect but return the sanitized URL. Default is no return.
-acydburn
+* @param bool $disable_cd_check If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false.
-acydburn
+*/
-acydburn
+function redirect($url, $return = false, $disable_cd_check = false)
 ludovic_arnaud
-acydburn
+        global $db, $cache, $config, $user, $phpbb_root_path;
 psotfx
-git-gate
+        $failover_flag = false;
 git-gate
-acydburn
+        if (empty($user->lang))
 ludovic_arnaud
-acydburn
+                $user->add_lang('common');
 ludovic_arnaud
 psotfx
-davidmj
+        if (!$return)
 davidmj
-davidmj
+                garbage_collection();
 davidmj
 ludovic_arnaud
-acydburn
+        // Make sure no &amp;'s are in, this will break the redirect
-acydburn
+        $url = str_replace('&amp;', '&', $url);
 acydburn
-acydburn
+        // Determine which type of redirect we need to handle...
-acydburn
+        $url_parts = @parse_url($url);
 acydburn
-acydburn
+        if ($url_parts === false)
 acydburn
-acydburn
+                // Malformed url, redirect to current page...
-acydburn
+                $url = generate_board_url() . '/' . $user->page['page'];
 acydburn
-acydburn
+        else if (!empty($url_parts['scheme']) && !empty($url_parts['host']))
 acydburn
-acydburn
+                // Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
-acydburn
+                if (!$disable_cd_check && $url_parts['host'] !== $user->host)
 Kellanved
-Kellanved
+                        $url = generate_board_url();
 Kellanved
 acydburn
-acydburn
+        else if ($url[0] == '/')
 acydburn
-acydburn
+                // Absolute uri, prepend direct url...
-acydburn
+                $url = generate_board_url(true) . $url;
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                // Relative uri
-acydburn
+                $pathinfo = pathinfo($url);
 acydburn
-git-gate
+                if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/'))
 jelly_doughnut
-jelly_doughnut
+                        $url = str_replace('../', '', $url);
-jelly_doughnut
+                        $pathinfo = pathinfo($url);
 jelly_doughnut
-git-gate
+                        if (!file_exists($pathinfo['dirname'] . '/'))
 jelly_doughnut
-jelly_doughnut
+                                // fallback to "last known user page"
-git-gate
+                                // at least this way we know the user does not leave the phpBB root
-jelly_doughnut
+                                $url = generate_board_url() . '/' . $user->page['page'];
-git-gate
+                                $failover_flag = true;
 jelly_doughnut
 jelly_doughnut
 jelly_doughnut
-git-gate
+                if (!$failover_flag)
 acydburn
-git-gate
+                        // Is the uri pointing to the current directory?
-git-gate
+                        if ($pathinfo['dirname'] == '.')
 acydburn
-git-gate
+                                $url = str_replace('./', '', $url);
 acydburn
-git-gate
+                                // Strip / from the beginning
-git-gate
+                                if ($url && substr($url, 0, 1) == '/')
 git-gate
-git-gate
+                                        $url = substr($url, 1);
 git-gate
 git-gate
-git-gate
+                                if ($user->page['page_dir'])
 git-gate
-git-gate
+                                        $url = generate_board_url() . '/' . $user->page['page_dir'] . '/' . $url;
 git-gate
-git-gate
+                                else
 git-gate
-git-gate
+                                        $url = generate_board_url() . '/' . $url;
 git-gate
 acydburn
-acydburn
+                        else
 acydburn
-git-gate
+                                // Used ./ before, but $phpbb_root_path is working better with urls within another root path
-git-gate
+                                $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($phpbb_root_path)));
-git-gate
+                                $page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($pathinfo['dirname'])));
-git-gate
+                                $intersection = array_intersect_assoc($root_dirs, $page_dirs);
 acydburn
-git-gate
+                                $root_dirs = array_diff_assoc($root_dirs, $intersection);
-git-gate
+                                $page_dirs = array_diff_assoc($page_dirs, $intersection);
 acydburn
-git-gate
+                                $dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs);
 acydburn
-git-gate
+                                // Strip / from the end
-git-gate
+                                if ($dir && substr($dir, -1, 1) == '/')
 git-gate
-git-gate
+                                        $dir = substr($dir, 0, -1);
 git-gate
 acydburn
-git-gate
+                                // Strip / from the beginning
-git-gate
+                                if ($dir && substr($dir, 0, 1) == '/')
 git-gate
-git-gate
+                                        $dir = substr($dir, 1);
 git-gate
 acydburn
-git-gate
+                                $url = str_replace($pathinfo['dirname'] . '/', '', $url);
 acydburn
-git-gate
+                                // Strip / from the beginning
-git-gate
+                                if (substr($url, 0, 1) == '/')
 git-gate
-git-gate
+                                        $url = substr($url, 1);
 git-gate
 git-gate
-git-gate
+                                $url = (!empty($dir) ? $dir . '/' : '') . $url;
-git-gate
+                                $url = generate_board_url() . '/' . $url;
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+        // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
-acydburn
+        if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false)
 acydburn
-acydburn
+                trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
 acydburn
 acydburn
-acydburn
+        // Now, also check the protocol and for a valid url the last time...
-acydburn
+        $allowed_protocols = array('http', 'https', 'ftp', 'ftps');
-acydburn
+        $url_parts = parse_url($url);
 acydburn
-acydburn
+        if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
 acydburn
-acydburn
+                trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
 acydburn
 acydburn
-acydburn
+        if ($return)
 acydburn
-acydburn
+                return $url;
 acydburn
 acydburn
-psotfx
+        // Redirect via an HTML form for PITA webservers
-psotfx
+        if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
 psotfx
-psotfx
+                header('Refresh: 0; URL=' . $url);
 acydburn
-acydburn
+                echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
-acydburn
+                echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '" xml:lang="' . $user->lang['USER_LANG'] . '">';
-acydburn
+                echo '<head>';
-acydburn
+                echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
-acydburn
+                echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&amp;', $url) . '" />';
-acydburn
+                echo '<title>' . $user->lang['REDIRECT'] . '</title>';
-acydburn
+                echo '</head>';
-acydburn
+                echo '<body>';
-acydburn
+                echo '<div style="text-align: center;">' . sprintf($user->lang['URL_REDIRECT'], '<a href="' . str_replace('&', '&amp;', $url) . '">', '</a>') . '</div>';
-acydburn
+                echo '</body>';
-acydburn
+                echo '</html>';
 acydburn
-psotfx
+                exit;
 psotfx
 psotfx
-psotfx
+        // Behave as per HTTP/1.1 spec for others
-psotfx
+        header('Location: ' . $url);
-ludovic_arnaud
+        exit;
 ludovic_arnaud
 ludovic_arnaud
-acydburn
+/**
-acydburn
+* Re-Apply session id after page reloads
-acydburn
+*/
-acydburn
+function reapply_sid($url)
 acydburn
-acydburn
+        global $phpEx, $phpbb_root_path;
 acydburn
-acydburn
+        if ($url === "index.$phpEx")
 acydburn
-acydburn
+                return append_sid("index.$phpEx");
 acydburn
-acydburn
+        else if ($url === "{$phpbb_root_path}index.$phpEx")
 acydburn
-acydburn
+                return append_sid("{$phpbb_root_path}index.$phpEx");
 acydburn
 acydburn
-acydburn
+        // Remove previously added sid
-leviatan21
+        if (strpos($url, 'sid=') !== false)
 acydburn
-leviatan21
+                // All kind of links
-leviatan21
+                $url = preg_replace('/(\?)?(&amp;|&)?sid=[a-z0-9]+/', '', $url);
-acydburn
+                // if the sid was the first param, make the old second as first ones
-leviatan21
+                $url = preg_replace("/$phpEx(&amp;|&)+?/", "$phpEx?", $url);
 acydburn
 acydburn
-acydburn
+        return append_sid($url);
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Returns url from the session/current page with an re-appended SID with optionally stripping vars from the url
-acydburn
+*/
-acydburn
+function build_url($strip_vars = false)
 acydburn
-acydburn
+        global $user, $phpbb_root_path;
 acydburn
-acydburn
+        // Append SID
-acydburn
+        $redirect = append_sid($user->page['page'], false, false);
 acydburn
-acydburn
+        // Add delimiter if not there...
-acydburn
+        if (strpos($redirect, '?') === false)
 acydburn
-acydburn
+                $redirect .= '?';
 acydburn
 acydburn
-acydburn
+        // Strip vars...
-acydburn
+        if ($strip_vars !== false && strpos($redirect, '?') !== false)
 acydburn
-acydburn
+                if (!is_array($strip_vars))
 acydburn
-acydburn
+                        $strip_vars = array($strip_vars);
 acydburn
 acydburn
-acydburn
+                $query = $_query = array();
 acydburn
-acydburn
+                $args = substr($redirect, strpos($redirect, '?') + 1);
-acydburn
+                $args = ($args) ? explode('&', $args) : array();
-acydburn
+                $redirect = substr($redirect, 0, strpos($redirect, '?'));
 acydburn
-acydburn
+                foreach ($args as $argument)
 acydburn
-acydburn
+                        $arguments = explode('=', $argument);
-acydburn
+                        $key = $arguments[0];
-acydburn
+                        unset($arguments[0]);
 acydburn
-git-gate
+                        if ($key === '')
 git-gate
-git-gate
+                                continue;
 git-gate
 git-gate
-acydburn
+                        $query[$key] = implode('=', $arguments);
 acydburn
 acydburn
-acydburn
+                // Strip the vars off
-acydburn
+                foreach ($strip_vars as $strip)
 acydburn
-acydburn
+                        if (isset($query[$strip]))
 acydburn
-acydburn
+                                unset($query[$strip]);
 acydburn
 acydburn
 acydburn
-acydburn
+                // Glue the remaining parts together... already urlencoded
-acydburn
+                foreach ($query as $key => $value)
 acydburn
-acydburn
+                        $_query[] = $key . '=' . $value;
 acydburn
-acydburn
+                $query = implode('&', $_query);
 acydburn
-acydburn
+                $redirect .= ($query) ? '?' . $query : '';
 acydburn
 acydburn
-acydburn
+        // We need to be cautious here.
-acydburn
+        // On some situations, the redirect path is an absolute URL, sometimes a relative path
-acydburn
+        // For a relative path, let's prefix it with $phpbb_root_path to point to the correct location,
-acydburn
+        // else we use the URL directly.
-acydburn
+        $url_parts = @parse_url($redirect);
 acydburn
-acydburn
+        // URL
-acydburn
+        if ($url_parts !== false && !empty($url_parts['scheme']) && !empty($url_parts['host']))
 acydburn
-acydburn
+                return str_replace('&', '&amp;', $redirect);
 acydburn
 acydburn
-acydburn
+        return $phpbb_root_path . str_replace('&', '&amp;', $redirect);
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Meta refresh assignment
-acydburn
+* Adds META template variable with meta http tag.
 acydburn
-acydburn
+* @param int $time Time in seconds for meta refresh tag
-acydburn
+* @param string $url URL to redirect to. The url will go through redirect() first before the template variable is assigned
-acydburn
+* @param bool $disable_cd_check If true, meta_refresh() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false.
-acydburn
+*/
-acydburn
+function meta_refresh($time, $url, $disable_cd_check = false)
 psotfx
-psotfx
+        global $template;
 psotfx
-acydburn
+        $url = redirect($url, true, $disable_cd_check);
-Kellanved
+        $url = str_replace('&', '&amp;', $url);
 acydburn
-acydburn
+        // For XHTML compatibility we change back & to &amp;
-psotfx
+        $template->assign_vars(array(
-Kellanved
+                'META' => '<meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />')
-psotfx
+        );
 acydburn
-Kellanved
+        return $url;
 psotfx
 psotfx
-git-gate
+/**
-git-gate
+* Outputs correct status line header.
 git-gate
-git-gate
+* Depending on php sapi one of the two following forms is used:
 git-gate
-git-gate
+* Status: 404 Not Found
 git-gate
-git-gate
+* HTTP/1.x 404 Not Found
 git-gate
-git-gate
+* HTTP version is taken from HTTP_VERSION environment variable,
-git-gate
+* and defaults to 1.0.
 git-gate
-git-gate
+* Sample usage:
 git-gate
-git-gate
+* send_status_line(404, 'Not Found');
 git-gate
-git-gate
+* @param int $code HTTP status code
-git-gate
+* @param string $message Message for the status code
-git-gate
+* @return void
-git-gate
+*/
-git-gate
+function send_status_line($code, $message)
 git-gate
-git-gate
+        if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi')
 git-gate
-git-gate
+                // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though
-git-gate
+                header("Status: $code $message", true, $code);
 git-gate
-git-gate
+        else
 git-gate
-git-gate
+                if (!empty($_SERVER['SERVER_PROTOCOL']))
 git-gate
-git-gate
+                        $version = $_SERVER['SERVER_PROTOCOL'];
 git-gate
-git-gate
+                else
 git-gate
-git-gate
+                        $version = 'HTTP/1.0';
 git-gate
-git-gate
+                header("$version $code $message", true, $code);
 git-gate
 git-gate
 git-gate
-kellanved
+//Form validation
 kellanved
 Kellanved
-kellanved
+/**
-Kellanved
+* Add a secret hash   for use in links/GET requests
-Kellanved
+* @param string  $link_name The name of the link; has to match the name used in check_link_hash, otherwise no restrictions apply
-Kellanved
+* @return string the hash
 Kellanved
-Kellanved
+*/
-Kellanved
+function generate_link_hash($link_name)
 Kellanved
-Kellanved
+        global $user;
 acydburn
-Kellanved
+        if (!isset($user->data["hash_$link_name"]))
 Kellanved
-Kellanved
+                $user->data["hash_$link_name"] = substr(sha1($user->data['user_form_salt'] . $link_name), 0, 8);
 Kellanved
 acydburn
-Kellanved
+        return $user->data["hash_$link_name"];
 Kellanved
 Kellanved
 Kellanved
-Kellanved
+/**
-Kellanved
+* checks a link hash - for GET requests
-acydburn
+* @param string $token the submitted token
-Kellanved
+* @param string $link_name The name of the link
-Kellanved
+* @return boolean true if all is fine
-Kellanved
+*/
-Kellanved
+function check_link_hash($token, $link_name)
 Kellanved
-Kellanved
+        return $token === generate_link_hash($link_name);
 Kellanved
 Kellanved
-Kellanved
+/**
-kellanved
+* Add a secret token to the form (requires the S_FORM_TOKEN template variable)
-kellanved
+* @param string  $form_name The name of the form; has to match the name used in check_form_key, otherwise no restrictions apply
-kellanved
+*/
-kellanved
+function add_form_key($form_name)
 kellanved
-kellanved
+        global $config, $template, $user;
 acydburn
-kellanved
+        $now = time();
-kellanved
+        $token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
-kellanved
+        $token = sha1($now . $user->data['user_form_salt'] . $form_name . $token_sid);
 kellanved
-kellanved
+        $s_fields = build_hidden_fields(array(
-acydburn
+                'creation_time' => $now,
-acydburn
+                'form_token'        => $token,
-kellanved
+        ));
 acydburn
-kellanved
+        $template->assign_vars(array(
-acydburn
+                'S_FORM_TOKEN'        => $s_fields,
-kellanved
+        ));
 kellanved
 kellanved
-kellanved
+/**
-kellanved
+* Check the form key. Required for all altering actions not secured by confirm_box
-kellanved
+* @param string  $form_name The name of the form; has to match the name used in add_form_key, otherwise no restrictions apply
-kellanved
+* @param int $timespan The maximum acceptable age for a submitted form in seconds. Defaults to the config setting.
-kellanved
+* @param string $return_page The address for the return link
-kellanved
+* @param bool $trigger If true, the function will triger an error when encountering an invalid form
-kellanved
+*/
-Kellanved
+function check_form_key($form_name, $timespan = false, $return_page = '', $trigger = false)
 kellanved
-kellanved
+        global $config, $user;
 kellanved
-acydburn
+        if ($timespan === false)
 kellanved
-kellanved
+                // we enforce a minimum value of half a minute here.
-kellanved
+                $timespan = ($config['form_token_lifetime'] == -1) ? -1 : max(30, $config['form_token_lifetime']);
 kellanved
 acydburn
-kellanved
+        if (isset($_POST['creation_time']) && isset($_POST['form_token']))
 kellanved
-kellanved
+                $creation_time        = abs(request_var('creation_time', 0));
-kellanved
+                $token = request_var('form_token', '');
 kellanved
-acydburn
+                $diff = time() - $creation_time;
 kellanved
-acydburn
+                // If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)...
-acydburn
+                if ($diff && ($diff <= $timespan || $timespan === -1))
 kellanved
-kellanved
+                        $token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
-acydburn
+                        $key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);
 acydburn
-kellanved
+                        if ($key === $token)
 kellanved
-kellanved
+                                return true;
 kellanved
 kellanved
 kellanved
 acydburn
-kellanved
+        if ($trigger)
 kellanved
-kellanved
+                trigger_error($user->lang['FORM_INVALID'] . $return_page);
 kellanved
 acydburn
-kellanved
+        return false;
 kellanved
 kellanved
-acydburn
+// Message/Login boxes
 acydburn
-acydburn
+/**
-acydburn
+* Build Confirm box
-acydburn
+* @param boolean $check True for checking if confirmed (without any additional parameters) and false for displaying the confirm box
-acydburn
+* @param string $title Title/Message used for confirm box.
-acydburn
+*                message text is _CONFIRM appended to title.
-acydburn
+*                If title cannot be found in user->lang a default one is displayed
-acydburn
+*                If title_CONFIRM cannot be found in user->lang the text given is used.
-acydburn
+* @param string $hidden Hidden variables
-acydburn
+* @param string $html_body Template used for confirm box
-acydburn
+* @param string $u_action Custom form action
-acydburn
+*/
-acydburn
+function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '')
 acydburn
-acydburn
+        global $user, $template, $db;
-acydburn
+        global $phpEx, $phpbb_root_path;
 psotfx
-acydburn
+        if (isset($_POST['cancel']))
 acydburn
-acydburn
+                return false;
 acydburn
 psotfx
-acydburn
+        $confirm = false;
-acydburn
+        if (isset($_POST['confirm']))
 acydburn
-acydburn
+                // language frontier
-acydburn
+                if ($_POST['confirm'] === $user->lang['YES'])
 acydburn
-acydburn
+                        $confirm = true;
 acydburn
 acydburn
 acydburn
-acydburn
+        if ($check && $confirm)
 acydburn
-acydburn
+                $user_id = request_var('confirm_uid', 0);
-acydburn
+                $session_id = request_var('sess', '');
-acydburn
+                $confirm_key = request_var('confirm_key', '');
 acydburn
-acydburn
+                if ($user_id != $user->data['user_id'] || $session_id != $user->session_id || !$confirm_key || !$user->data['user_last_confirm_key'] || $confirm_key != $user->data['user_last_confirm_key'])
 acydburn
-acydburn
+                        return false;
 acydburn
 psotfx
-acydburn
+                // Reset user_last_confirm_key
-acydburn
+                $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = ''
-acydburn
+                        WHERE user_id = " . $user->data['user_id'];
-acydburn
+                $db->sql_query($sql);
 acydburn
-acydburn
+                return true;
 acydburn
-acydburn
+        else if ($check)
 acydburn
-acydburn
+                return false;
 acydburn
 psotfx
-acydburn
+        $s_hidden_fields = build_hidden_fields(array(
-acydburn
+                'confirm_uid'        => $user->data['user_id'],
-acydburn
+                'sess'                        => $user->session_id,
-acydburn
+                'sid'                        => $user->session_id,
-acydburn
+        ));
 acydburn
-acydburn
+        // generate activation key
-acydburn
+        $confirm_key = gen_rand_string(10);
 acydburn
-acydburn
+        if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin'])
 acydburn
-acydburn
+                adm_page_header((!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang[$title]);
 acydburn
-acydburn
+        else
 acydburn
-nickvergessen
+                page_header(((!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang[$title]), false);
 acydburn
 acydburn
-acydburn
+        $template->set_filenames(array(
-acydburn
+                'body' => $html_body)
-acydburn
+        );
 acydburn
-acydburn
+        // If activation key already exist, we better do not re-use the key (something very strange is going on...)
-acydburn
+        if (request_var('confirm_key', ''))
 acydburn
-acydburn
+                // This should not occur, therefore we cancel the operation to safe the user
-acydburn
+                return false;
 acydburn
 acydburn
-acydburn
+        // re-add sid / transform & to &amp; for user->page (user->page is always using &)
-acydburn
+        $use_page = ($u_action) ? $phpbb_root_path . $u_action : $phpbb_root_path . str_replace('&', '&amp;', $user->page['page']);
-acydburn
+        $u_action = reapply_sid($use_page);
-acydburn
+        $u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;
 acydburn
-acydburn
+        $template->assign_vars(array(
-acydburn
+                'MESSAGE_TITLE'                => (!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang[$title],
-acydburn
+                'MESSAGE_TEXT'                => (!isset($user->lang[$title . '_CONFIRM'])) ? $title : $user->lang[$title . '_CONFIRM'],
 acydburn
-acydburn
+                'YES_VALUE'                        => $user->lang['YES'],
-acydburn
+                'S_CONFIRM_ACTION'        => $u_action,
-acydburn
+                'S_HIDDEN_FIELDS'        => $hidden . $s_hidden_fields)
-acydburn
+        );
 psotfx
-acydburn
+        $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . $db->sql_escape($confirm_key) . "'
-acydburn
+                WHERE user_id = " . $user->data['user_id'];
-acydburn
+        $db->sql_query($sql);
 acydburn
-acydburn
+        if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin'])
 acydburn
-acydburn
+                adm_page_footer();
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                page_footer();
 acydburn
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Generate login box or verify password
-acydburn
+*/
-psotfx
+function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true)
 psotfx
-Kellanved
+        global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config;
 psotfx
-Kellanved
+        if (!class_exists('phpbb_captcha_factory'))
 Kellanved
-Kellanved
+                include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
 Kellanved
 acydburn
-psotfx
+        $err = '';
 psotfx
-acydburn
+        // Make sure user->setup() has been called
-acydburn
+        if (empty($user->lang))
 acydburn
-acydburn
+                $user->setup();
 acydburn
 acydburn
-acydburn
+        // Print out error if user tries to authenticate as an administrator without having the privileges...
-acydburn
+        if ($admin && !$auth->acl_get('a_'))
 acydburn
-acydburn
+                // Not authd
-acydburn
+                // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
-acydburn
+                if ($user->data['is_registered'])
 acydburn
-acydburn
+                        add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
 acydburn
-acydburn
+                trigger_error('NO_AUTH_ADMIN');
 acydburn
 acydburn
-psotfx
+        if (isset($_POST['login']))
 psotfx
-acydburn
+                // Get credential
-acydburn
+                if ($admin)
 acydburn
-acydburn
+                        $credential = request_var('credential', '');
 acydburn
-acydburn
+                        if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32)
 acydburn
-acydburn
+                                if ($user->data['is_registered'])
 acydburn
-acydburn
+                                        add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
 acydburn
-acydburn
+                                trigger_error('NO_AUTH_ADMIN');
 acydburn
 acydburn
-acydburn
+                        $password        = request_var('password_' . $credential, '', true);
 acydburn
-acydburn
+                else
 acydburn
-acydburn
+                        $password        = request_var('password', '', true);
 acydburn
 acydburn
-naderman
+                $username        = request_var('username', '', true);
-acydburn
+                $autologin        = (!empty($_POST['autologin'])) ? true : false;
-acydburn
+                $viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
-psotfx
+                $admin                 = ($admin) ? 1 : 0;
-davidmj
+                $viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline;
 psotfx
-acydburn
+                // Check if the supplied username is equal to the one stored within the database if re-authenticating
-naderman
+                if ($admin && utf8_clean_string($username) != utf8_clean_string($user->data['username']))
 acydburn
-acydburn
+                        // We log the attempt to use a different username...
-acydburn
+                        add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
-acydburn
+                        trigger_error('NO_AUTH_ADMIN_USER_DIFFER');
 acydburn
 acydburn
-psotfx
+                // If authentication is successful we redirect user to previous page
-acydburn
+                $result = $auth->login($username, $password, $autologin, $viewonline, $admin);
 acydburn
-acydburn
+                // If admin authentication and login, we will log if it was a success or not...
-acydburn
+                // We also break the operation on the first non-success login - it could be argued that the user already knows
-acydburn
+                if ($admin)
 psotfx
-acydburn
+                        if ($result['status'] == LOGIN_SUCCESS)
 acydburn
-acydburn
+                                add_log('admin', 'LOG_ADMIN_AUTH_SUCCESS');
 acydburn
-acydburn
+                        else
 acydburn
-acydburn
+                                // Only log the failed attempt if a real user tried to.
-acydburn
+                                // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions
-acydburn
+                                if ($user->data['is_registered'])
 acydburn
-acydburn
+                                        add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+                // The result parameter is always an array, holding the relevant information...
-acydburn
+                if ($result['status'] == LOGIN_SUCCESS)
 acydburn
-acydburn
+                        $redirect = request_var('redirect', "{$phpbb_root_path}index.$phpEx");
-acydburn
+                        $message = ($l_success) ? $l_success : $user->lang['LOGIN_REDIRECT'];
-acydburn
+                        $l_redirect = ($admin) ? $user->lang['PROCEED_TO_ACP'] : (($redirect === "{$phpbb_root_path}index.$phpEx" || $redirect === "index.$phpEx") ? $user->lang['RETURN_INDEX'] : $user->lang['RETURN_PAGE']);
 psotfx
-acydburn
+                        // append/replace SID (may change during the session for AOL users)
-acydburn
+                        $redirect = reapply_sid($redirect);
 acydburn
-acydburn
+                        // Special case... the user is effectively banned, but we allow founders to login
-acydburn
+                        if (defined('IN_CHECK_BAN') && $result['user_row']['user_type'] != USER_FOUNDER)
 acydburn
-acydburn
+                                return;
 acydburn
 acydburn
-Kellanved
+                        $redirect = meta_refresh(3, $redirect);
-acydburn
+                        trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
 psotfx
 psotfx
-acydburn
+                // Something failed, determine what...
-acydburn
+                if ($result['status'] == LOGIN_BREAK)
 psotfx
-acydburn
+                        trigger_error($result['error_msg']);
 psotfx
 psotfx
-acydburn
+                // Special cases... determine
-acydburn
+                switch ($result['status'])
 acydburn
-acydburn
+                        case LOGIN_ERROR_ATTEMPTS:
 acydburn
-Kellanved
+                                $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']);
-Kellanved
+                                $captcha->init(CONFIRM_LOGIN);
-Kellanved
+                                // $captcha->reset();
 acydburn
-acydburn
+                                $template->assign_vars(array(
-Kellanved
+                                        'CAPTCHA_TEMPLATE'                        => $captcha->get_template(),
-acydburn
+                                ));
 acydburn
-acydburn
+                                $err = $user->lang[$result['error_msg']];
-acydburn
+                        break;
 acydburn
-naderman
+                        case LOGIN_ERROR_PASSWORD_CONVERT:
-naderman
+                                $err = sprintf(
-naderman
+                                        $user->lang[$result['error_msg']],
-naderman
+                                        ($config['email_enable']) ? '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') . '">' : '',
-naderman
+                                        ($config['email_enable']) ? '</a>' : '',
-naderman
+                                        ($config['board_contact']) ? '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">' : '',
-naderman
+                                        ($config['board_contact']) ? '</a>' : ''
-naderman
+                                );
-naderman
+                        break;
 naderman
-acydburn
+                        // Username, password, etc...
-acydburn
+                        default:
-acydburn
+                                $err = $user->lang[$result['error_msg']];
 acydburn
-acydburn
+                                // Assign admin contact to some error messages
-acydburn
+                                if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD')
 acydburn
-acydburn
+                                        $err = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>');
 acydburn
 acydburn
-acydburn
+                        break;
 acydburn
 psotfx
 psotfx
-acydburn
+        // Assign credential for username/password pair
-acydburn
+        $credential = ($admin) ? md5(unique_id()) : false;
 psotfx
-acydburn
+        $s_hidden_fields = array(
-acydburn
+                'sid'                => $user->session_id,
-acydburn
+        );
 acydburn
-acydburn
+        if ($redirect)
 acydburn
-acydburn
+                $s_hidden_fields['redirect'] = $redirect;
 acydburn
 acydburn
-acydburn
+        if ($admin)
 acydburn
-acydburn
+                $s_hidden_fields['credential'] = $credential;
 acydburn
 acydburn
-acydburn
+        $s_hidden_fields = build_hidden_fields($s_hidden_fields);
 acydburn
-psotfx
+        $template->assign_vars(array(
-psotfx
+                'LOGIN_ERROR'                => $err,
-psotfx
+                'LOGIN_EXPLAIN'                => $l_explain,
 psotfx
-acydburn
+                'U_SEND_PASSWORD'                 => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '',
-terrafrost
+                'U_RESEND_ACTIVATION'        => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '',
-acydburn
+                'U_TERMS_USE'                        => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'),
-acydburn
+                'U_PRIVACY'                                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'),
 psotfx
-psotfx
+                'S_DISPLAY_FULL_LOGIN'        => ($s_display) ? true : false,
-acydburn
+                'S_HIDDEN_FIELDS'                 => $s_hidden_fields,
 acydburn
-acydburn
+                'S_ADMIN_AUTH'                        => $admin,
-acydburn
+                'USERNAME'                                => ($admin) ? $user->data['username'] : '',
 psotfx
-acydburn
+                'USERNAME_CREDENTIAL'        => 'username',
-acydburn
+                'PASSWORD_CREDENTIAL'        => ($admin) ? 'password_' . $credential : 'password',
-acydburn
+        ));
 Kellanved
-Kellanved
+        page_header($user->lang['LOGIN'], false);
 Kellanved
-Kellanved
+        $template->set_filenames(array(
-Kellanved
+                'body' => 'login_body.html')
-Kellanved
+        );
-acydburn
+        make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
 Kellanved
-Kellanved
+        page_footer();
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Generate forum login box
-acydburn
+*/
-acydburn
+function login_forum_box($forum_data)
 psotfx
-psotfx
+        global $db, $config, $user, $template, $phpEx;
 psotfx
-acydburn
+        $password = request_var('password', '', true);
 psotfx
-ludovic_arnaud
+        $sql = 'SELECT forum_id
-psotfx
+                FROM ' . FORUMS_ACCESS_TABLE . '
-psotfx
+                WHERE forum_id = ' . $forum_data['forum_id'] . '
-psotfx
+                        AND user_id = ' . $user->data['user_id'] . "
-acydburn
+                        AND session_id = '" . $db->sql_escape($user->session_id) . "'";
-psotfx
+        $result = $db->sql_query($sql);
-acydburn
+        $row = $db->sql_fetchrow($result);
-acydburn
+        $db->sql_freeresult($result);
 psotfx
-acydburn
+        if ($row)
 psotfx
-psotfx
+                return true;
 psotfx
 psotfx
-psotfx
+        if ($password)
 psotfx
-psotfx
+                // Remove expired authorised sessions
-acydburn
+                $sql = 'SELECT f.session_id
-acydburn
+                        FROM ' . FORUMS_ACCESS_TABLE . ' f
-acydburn
+                        LEFT JOIN ' . SESSIONS_TABLE . ' s ON (f.session_id = s.session_id)
-acydburn
+                        WHERE s.session_id IS NULL';
-psotfx
+                $result = $db->sql_query($sql);
 psotfx
-psotfx
+                if ($row = $db->sql_fetchrow($result))
 psotfx
-psotfx
+                        $sql_in = array();
-psotfx
+                        do
 psotfx
-acydburn
+                                $sql_in[] = (string) $row['session_id'];
 psotfx
-psotfx
+                        while ($row = $db->sql_fetchrow($result));
 psotfx
-acydburn
+                        // Remove expired sessions
-psotfx
+                        $sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . '
-acydburn
+                                WHERE ' . $db->sql_in_set('session_id', $sql_in);
-psotfx
+                        $db->sql_query($sql);
 psotfx
-psotfx
+                $db->sql_freeresult($result);
 psotfx
-kellanved
+                if (phpbb_check_hash($password, $forum_data['forum_password']))
 psotfx
-acydburn
+                        $sql_ary = array(
-acydburn
+                                'forum_id'                => (int) $forum_data['forum_id'],
-acydburn
+                                'user_id'                => (int) $user->data['user_id'],
-acydburn
+                                'session_id'        => (string) $user->session_id,
-acydburn
+                        );
 psotfx
-acydburn
+                        $db->sql_query('INSERT INTO ' . FORUMS_ACCESS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
 acydburn
-psotfx
+                        return true;
 psotfx
 psotfx
-psotfx
+                $template->assign_var('LOGIN_ERROR', $user->lang['WRONG_PASSWORD']);
 psotfx
 psotfx
-nickvergessen
+        page_header($user->lang['LOGIN'], false);
 acydburn
-acydburn
+        $template->assign_vars(array(
-acydburn
+                'S_LOGIN_ACTION'                => build_url(array('f')),
-acydburn
+                'S_HIDDEN_FIELDS'                => build_hidden_fields(array('f' => $forum_data['forum_id'])))
-acydburn
+        );
 acydburn
-psotfx
+        $template->set_filenames(array(
-psotfx
+                'body' => 'login_forum.html')
-psotfx
+        );
 acydburn
-psotfx
+        page_footer();
 psotfx
 psotfx
-acydburn
+// Little helpers
 acydburn
-acydburn
+/**
-acydburn
+* Little helper for the build_hidden_fields function
-acydburn
+*/
-acydburn
+function _build_hidden_fields($key, $value, $specialchar, $stripslashes)
 acydburn
-acydburn
+        $hidden_fields = '';
 acydburn
-acydburn
+        if (!is_array($value))
 acydburn
-acydburn
+                $value = ($stripslashes) ? stripslashes($value) : $value;
-acydburn
+                $value = ($specialchar) ? htmlspecialchars($value, ENT_COMPAT, 'UTF-8') : $value;
 acydburn
-acydburn
+                $hidden_fields .= '<input type="hidden" name="' . $key . '" value="' . $value . '" />' . "\n";
 acydburn
-acydburn
+        else
 acydburn
-acydburn
+                foreach ($value as $_key => $_value)
 acydburn
-acydburn
+                        $_key = ($stripslashes) ? stripslashes($_key) : $_key;
-acydburn
+                        $_key = ($specialchar) ? htmlspecialchars($_key, ENT_COMPAT, 'UTF-8') : $_key;
 acydburn
-acydburn
+                        $hidden_fields .= _build_hidden_fields($key . '[' . $_key . ']', $_value, $specialchar, $stripslashes);
 acydburn
 acydburn
 acydburn
-acydburn
+        return $hidden_fields;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Build simple hidden fields from array
 acydburn
-acydburn
+* @param array $field_ary an array of values to build the hidden field from
-acydburn
+* @param bool $specialchar if true, keys and values get specialchared
-acydburn
+* @param bool $stripslashes if true, keys and values get stripslashed
 acydburn
-acydburn
+* @return string the hidden fields
-acydburn
+*/
-acydburn
+function build_hidden_fields($field_ary, $specialchar = false, $stripslashes = false)
 acydburn
-acydburn
+        $s_hidden_fields = '';
 acydburn
-acydburn
+        foreach ($field_ary as $name => $vars)
 acydburn
-acydburn
+                $name = ($stripslashes) ? stripslashes($name) : $name;
-acydburn
+                $name = ($specialchar) ? htmlspecialchars($name, ENT_COMPAT, 'UTF-8') : $name;
 acydburn
-acydburn
+                $s_hidden_fields .= _build_hidden_fields($name, $vars, $specialchar, $stripslashes);
 acydburn
 acydburn
-acydburn
+        return $s_hidden_fields;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Parse cfg file
-acydburn
+*/
-acydburn
+function parse_cfg_file($filename, $lines = false)
 acydburn
-acydburn
+        $parsed_items = array();
 acydburn
-acydburn
+        if ($lines === false)
 acydburn
-acydburn
+                $lines = file($filename);
 acydburn
 acydburn
-acydburn
+        foreach ($lines as $line)
 acydburn
-acydburn
+                $line = trim($line);
 acydburn
-acydburn
+                if (!$line || $line[0] == '#' || ($delim_pos = strpos($line, '=')) === false)
 acydburn
-acydburn
+                        continue;
 acydburn
 acydburn
-acydburn
+                // Determine first occurrence, since in values the equal sign is allowed
-acydburn
+                $key = strtolower(trim(substr($line, 0, $delim_pos)));
-acydburn
+                $value = trim(substr($line, $delim_pos + 1));
 acydburn
-acydburn
+                if (in_array($value, array('off', 'false', '0')))
 acydburn
-acydburn
+                        $value = false;
 acydburn
-acydburn
+                else if (in_array($value, array('on', 'true', '1')))
 acydburn
-acydburn
+                        $value = true;
 acydburn
-acydburn
+                else if (!trim($value))
 acydburn
-acydburn
+                        $value = '';
 acydburn
-acydburn
+                else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
 acydburn
-acydburn
+                        $value = substr($value, 1, sizeof($value)-2);
 acydburn
 acydburn
-acydburn
+                $parsed_items[$key] = $value;
 acydburn
 git-gate
-git-gate
+        if (isset($parsed_items['inherit_from']) && isset($parsed_items['name']) && $parsed_items['inherit_from'] == $parsed_items['name'])
 git-gate
-git-gate
+                unset($parsed_items['inherit_from']);
 git-gate
 acydburn
-acydburn
+        return $parsed_items;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Add log event
-acydburn
+*/
-acydburn
+function add_log()
 acydburn
-acydburn
+        global $db, $user;
 acydburn
-acydburn
+        // In phpBB 3.1.x i want to have logging in a class to be able to control it
-acydburn
+        // For now, we need a quite hakish approach to circumvent logging for some actions
-acydburn
+        // @todo implement cleanly
-acydburn
+        if (!empty($GLOBALS['skip_add_log']))
 acydburn
-acydburn
+                return false;
 acydburn
 acydburn
-acydburn
+        $args = func_get_args();
 acydburn
-acydburn
+        $mode                        = array_shift($args);
-acydburn
+        $reportee_id        = ($mode == 'user') ? intval(array_shift($args)) : '';
-acydburn
+        $forum_id                = ($mode == 'mod') ? intval(array_shift($args)) : '';
-acydburn
+        $topic_id                = ($mode == 'mod') ? intval(array_shift($args)) : '';
-acydburn
+        $action                        = array_shift($args);
-acydburn
+        $data                        = (!sizeof($args)) ? '' : serialize($args);
 acydburn
-acydburn
+        $sql_ary = array(
-acydburn
+                'user_id'                => (empty($user->data)) ? ANONYMOUS : $user->data['user_id'],
-acydburn
+                'log_ip'                => $user->ip,
-acydburn
+                'log_time'                => time(),
-acydburn
+                'log_operation'        => $action,
-acydburn
+                'log_data'                => $data,
-acydburn
+        );
 acydburn
-acydburn
+        switch ($mode)
 acydburn
-acydburn
+                case 'admin':
-acydburn
+                        $sql_ary['log_type'] = LOG_ADMIN;
-acydburn
+                break;
 acydburn
-acydburn
+                case 'mod':
-acydburn
+                        $sql_ary += array(
-acydburn
+                                'log_type'        => LOG_MOD,
-acydburn
+                                'forum_id'        => $forum_id,
-acydburn
+                                'topic_id'        => $topic_id
-acydburn
+                        );
-acydburn
+                break;
 acydburn
-acydburn
+                case 'user':
-acydburn
+                        $sql_ary += array(
-acydburn
+                                'log_type'                => LOG_USERS,
-acydburn
+                                'reportee_id'        => $reportee_id
-acydburn
+                        );
-acydburn
+                break;
 acydburn
-acydburn
+                case 'critical':
-acydburn
+                        $sql_ary['log_type'] = LOG_CRITICAL;
-acydburn
+                break;
 acydburn
-acydburn
+                default:
-acydburn
+                        return false;
 acydburn
 acydburn
-acydburn
+        $db->sql_query('INSERT INTO ' . LOG_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
 grahamje
-grahamje
+        return $db->sql_nextid();
 acydburn
 acydburn
-acydburn
+/**
-git-gate
+* Return a nicely formatted backtrace.
 git-gate
-git-gate
+* Turns the array returned by debug_backtrace() into HTML markup.
-git-gate
+* Also filters out absolute paths to phpBB root.
 git-gate
-git-gate
+* @return string        HTML markup
-acydburn
+*/
-acydburn
+function get_backtrace()
 acydburn
-acydburn
+        $output = '<div style="font-family: monospace;">';
-acydburn
+        $backtrace = debug_backtrace();
 acydburn
-git-gate
+        // We skip the first one, because it only shows this file/function
-git-gate
+        unset($backtrace[0]);
 acydburn
-git-gate
+        foreach ($backtrace as $trace)
 git-gate
-acydburn
+                // Strip the current directory from path
-git-gate
+                $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));
-git-gate
+                $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];
 acydburn
-git-gate
+                // Only show function arguments for include etc.
-git-gate
+                // Other parameters may contain sensible information
-git-gate
+                $argument = '';
-git-gate
+                if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once')))
 acydburn
-git-gate
+                        $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));
 acydburn
 acydburn
-acydburn
+                $trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
-acydburn
+                $trace['type'] = (!isset($trace['type'])) ? '' : $trace['type'];
 acydburn
-acydburn
+                $output .= '<br />';
-git-gate
+                $output .= '<b>FILE:</b> ' . $trace['file'] . '<br />';
-acydburn
+                $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
 acydburn
-git-gate
+                $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);
-git-gate
+                $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />';
 acydburn
-acydburn
+        $output .= '</div>';
-acydburn
+        return $output;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* This function returns a regular expression pattern for commonly used expressions
-naderman
+* Use with / as delimiter for email mode and # for url modes
-acydburn
+* mode can be: email|bbcode_htm|url|url_inline|www_url|www_url_inline|relative_url|relative_url_inline|ipv4|ipv6
-acydburn
+*/
-acydburn
+function get_preg_expression($mode)
 acydburn
-acydburn
+        switch ($mode)
 acydburn
-acydburn
+                case 'email':
-git-gate
+                        // Regex written by James Watts and Francisco Jose Martin Moreno
-git-gate
+                        // http://fightingforalostcause.net/misc/2006/compare-email-regex.php
-git-gate
+                        return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';
-acydburn
+                break;
 acydburn
-acydburn
+                case 'bbcode_htm':
-acydburn
+                        return array(
-acydburn
+                                '#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
-naderman
+                                '#<!\-\- l \-\-><a (?:class="[\w-]+" )?href="(.*?)(?:(&amp;|\?)sid=[0-9a-f]{32})?">.*?</a><!\-\- l \-\->#',
-acydburn
+                                '#<!\-\- ([mw]) \-\-><a (?:class="[\w-]+" )?href="(.*?)">.*?</a><!\-\- \1 \-\->#',
-acydburn
+                                '#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
-acydburn
+                                '#<!\-\- .*? \-\->#s',
-acydburn
+                                '#<.*?>#s',
-acydburn
+                        );
-acydburn
+                break;
 naderman
-acydburn
+                // Whoa these look impressive!
-acydburn
+                // The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses
-acydburn
+                // can be found in the develop directory
-acydburn
+                case 'ipv4':
-acydburn
+                        return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#';
-acydburn
+                break;
 acydburn
-acydburn
+                case 'ipv6':
-git-gate
+                        return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i';
-acydburn
+                break;
 acydburn
-naderman
+                case 'url':
-naderman
+                case 'url_inline':
-naderman
+                        $inline = ($mode == 'url') ? ')' : '';
-naderman
+                        $scheme = ($mode == 'url') ? '[a-z\d+\-.]' : '[a-z\d+]'; // avoid automatic parsing of "word" in "last word.http://..."
-naderman
+                        // generated with regex generation file in the develop folder
-naderman
+                        return "[a-z]$scheme*:/{2}(?:(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
-naderman
+                break;
 naderman
-naderman
+                case 'www_url':
-naderman
+                case 'www_url_inline':
-naderman
+                        $inline = ($mode == 'www_url') ? ')' : '';
-naderman
+                        return "www\.(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
-naderman
+                break;
 naderman
-naderman
+                case 'relative_url':
-naderman
+                case 'relative_url_inline':
-naderman
+                        $inline = ($mode == 'relative_url') ? ')' : '';
-naderman
+                        return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
-naderman
+                break;
 git-gate
-git-gate
+                case 'table_prefix':
-git-gate
+                        return '#^[a-zA-Z][a-zA-Z0-9_]*$#';
-git-gate
+                break;
 acydburn
 acydburn
-acydburn
+        return '';
 acydburn
 acydburn
-acydburn
+/**
-git-gate
+* Generate regexp for naughty words censoring
-git-gate
+* Depends on whether installed PHP version supports unicode properties
 git-gate
-git-gate
+* @param string        $word                        word template to be replaced
-git-gate
+* @param bool        $use_unicode        whether or not to take advantage of PCRE supporting unicode
 git-gate
-git-gate
+* @return string $preg_expr                regex to use with word censor
-git-gate
+*/
-git-gate
+function get_censor_preg_expression($word, $use_unicode = true)
 git-gate
-git-gate
+        static $unicode_support = null;
 git-gate
-git-gate
+        // Check whether PHP version supports unicode properties
-git-gate
+        if (is_null($unicode_support))
 git-gate
-git-gate
+                $unicode_support = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false;
 git-gate
 git-gate
-git-gate
+        // Unescape the asterisk to simplify further conversions
-git-gate
+        $word = str_replace('\*', '*', preg_quote($word, '#'));
 git-gate
-git-gate
+        if ($use_unicode && $unicode_support)
 git-gate
-git-gate
+                // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes
-git-gate
+                $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word);
 git-gate
-git-gate
+                // Generate the final substitution
-git-gate
+                $preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu';
 git-gate
-git-gate
+        else
 git-gate
-git-gate
+                // Replace the asterisk inside the pattern, at the start and at the end of it with regexes
-git-gate
+                $word = preg_replace(array('#(?<=\S)\*+(?=\S)#iu', '#^\*+#', '#\*+$#'), array('(\x20*?\S*?)', '\S*?', '\S*?'), $word);
 git-gate
-git-gate
+                // Generate the final substitution
-git-gate
+                $preg_expr = '#(?<!\S)(' . $word . ')(?!\S)#iu';
 git-gate
 git-gate
-git-gate
+        return $preg_expr;
 git-gate
 git-gate
-git-gate
+/**
-naderman
+* Returns the first block of the specified IPv6 address and as many additional
-naderman
+* ones as specified in the length paramater.
-naderman
+* If length is zero, then an empty string is returned.
-naderman
+* If length is greater than 3 the complete IP will be returned
-naderman
+*/
-naderman
+function short_ipv6($ip, $length)
 naderman
-naderman
+        if ($length < 1)
 naderman
-naderman
+                return '';
 naderman
 naderman
-naderman
+        // extend IPv6 addresses
-naderman
+        $blocks = substr_count($ip, ':') + 1;
-naderman
+        if ($blocks < 9)
 naderman
-naderman
+                $ip = str_replace('::', ':' . str_repeat('0000:', 9 - $blocks), $ip);
 naderman
-naderman
+        if ($ip[0] == ':')
 naderman
-naderman
+                $ip = '0000' . $ip;
 naderman
-naderman
+        if ($length < 4)
 naderman
-naderman
+                $ip = implode(':', array_slice(explode(':', $ip), 0, 1 + $length));
 naderman
 naderman
-naderman
+        return $ip;
 naderman
 naderman
-naderman
+/**
-acydburn
+* Wrapper for php's checkdnsrr function.
 acydburn
-git-gate
+* @param string $host        Fully-Qualified Domain Name
-git-gate
+* @param string $type        Resource record type to lookup
-git-gate
+*                                                Supported types are: MX (default), A, AAAA, NS, TXT, CNAME
-git-gate
+*                                                Other types may work or may not work
 acydburn
-git-gate
+* @return mixed                true if entry found,
-git-gate
+*                                        false if entry not found,
-git-gate
+*                                        null if this function is not supported by this environment
 git-gate
-git-gate
+* Since null can also be returned, you probably want to compare the result
-git-gate
+* with === true or === false,
 git-gate
-git-gate
+* @author bantu
-acydburn
+*/
-git-gate
+function phpbb_checkdnsrr($host, $type = 'MX')
 acydburn
-git-gate
+        // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)
-git-gate
+        if (substr($host, -1) == '.')
 git-gate
-git-gate
+                $host_fqdn = $host;
-git-gate
+                $host = substr($host, 0, -1);
 git-gate
-git-gate
+        else
 git-gate
-git-gate
+                $host_fqdn = $host . '.';
 git-gate
-git-gate
+        // $host                has format        some.host.example.com
-git-gate
+        // $host_fqdn        has format        some.host.example.com.
 acydburn
-git-gate
+        // If we're looking for an A record we can use gethostbyname()
-git-gate
+        if ($type == 'A' && function_exists('gethostbyname'))
 acydburn
-git-gate
+                return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true;
 git-gate
 git-gate
-git-gate
+        // checkdnsrr() is available on Windows since PHP 5.3,
-git-gate
+        // but until 5.3.3 it only works for MX records
-git-gate
+        // See: http://bugs.php.net/bug.php?id=51844
 git-gate
-git-gate
+        // Call checkdnsrr() if
-git-gate
+        // we're looking for an MX record or
-git-gate
+        // we're not on Windows or
-git-gate
+        // we're running a PHP version where #51844 has been fixed
 git-gate
-git-gate
+        // checkdnsrr() supports AAAA since 5.0.0
-git-gate
+        // checkdnsrr() supports TXT since 5.2.4
-git-gate
+        if (
-git-gate
+                ($type == 'MX' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.3', '>=')) &&
-git-gate
+                ($type != 'AAAA' || version_compare(PHP_VERSION, '5.0.0', '>=')) &&
-git-gate
+                ($type != 'TXT' || version_compare(PHP_VERSION, '5.2.4', '>=')) &&
-git-gate
+                function_exists('checkdnsrr')
 git-gate
 git-gate
-git-gate
+                return checkdnsrr($host_fqdn, $type);
 git-gate
 acydburn
-git-gate
+        // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows,
-git-gate
+        // but on Windows it does not work reliable for AAAA records before PHP 5.3.1
 git-gate
-git-gate
+        // Call dns_get_record() if
-git-gate
+        // we're not looking for an AAAA record or
-git-gate
+        // we're not on Windows or
-git-gate
+        // we're running a PHP version where AAAA lookups work reliable
-git-gate
+        if (
-git-gate
+                ($type != 'AAAA' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.1', '>=')) &&
-git-gate
+                function_exists('dns_get_record')
 git-gate
 git-gate
-git-gate
+                // dns_get_record() expects an integer as second parameter
-git-gate
+                // We have to convert the string $type to the corresponding integer constant.
-git-gate
+                $type_constant = 'DNS_' . $type;
-git-gate
+                $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY;
 git-gate
-git-gate
+                // dns_get_record() might throw E_WARNING and return false for records that do not exist
-git-gate
+                $resultset = @dns_get_record($host_fqdn, $type_param);
 git-gate
-git-gate
+                if (empty($resultset) || !is_array($resultset))
 git-gate
-git-gate
+                        return false;
 git-gate
-git-gate
+                else if ($type_param == DNS_ANY)
 git-gate
-git-gate
+                        // $resultset is a non-empty array
-git-gate
+                        return true;
 git-gate
 git-gate
-git-gate
+                foreach ($resultset as $result)
 git-gate
-git-gate
+                        if (
-git-gate
+                                isset($result['host']) && $result['host'] == $host &&
-git-gate
+                                isset($result['type']) && $result['type'] == $type
 git-gate
 git-gate
-git-gate
+                                return true;
 git-gate
 git-gate
 git-gate
-git-gate
+                return false;
 git-gate
 git-gate
-git-gate
+        // If we're on Windows we can still try to call nslookup via exec() as a last resort
-git-gate
+        if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec'))
 git-gate
-git-gate
+                @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output);
 git-gate
-acydburn
+                // If output is empty, the nslookup failed
-acydburn
+                if (empty($output))
 acydburn
-acydburn
+                        return NULL;
 acydburn
 acydburn
-acydburn
+                foreach ($output as $line)
 acydburn
-git-gate
+                        $line = trim($line);
 git-gate
-git-gate
+                        if (empty($line))
 acydburn
-acydburn
+                                continue;
 acydburn
 acydburn
-git-gate
+                        // Squash tabs and multiple whitespaces to a single whitespace.
-git-gate
+                        $line = preg_replace('/\s+/', ' ', $line);
 git-gate
-git-gate
+                        switch ($type)
 acydburn
-git-gate
+                                case 'MX':
-git-gate
+                                        if (stripos($line, "$host MX") === 0)
 git-gate
-git-gate
+                                                return true;
 git-gate
-git-gate
+                                break;
 git-gate
-git-gate
+                                case 'NS':
-git-gate
+                                        if (stripos($line, "$host nameserver") === 0)
 git-gate
-git-gate
+                                                return true;
 git-gate
-git-gate
+                                break;
 git-gate
-git-gate
+                                case 'TXT':
-git-gate
+                                        if (stripos($line, "$host text") === 0)
 git-gate
-git-gate
+                                                return true;
 git-gate
-git-gate
+                                break;
 git-gate
-git-gate
+                                case 'CNAME':
-git-gate
+                                        if (stripos($line, "$host canonical name") === 0)
 git-gate
-git-gate
+                                                return true;
 git-gate
-git-gate
+                                break;
 git-gate
-git-gate
+                                default:
-git-gate
+                                case 'AAAA':
-git-gate
+                                        // AAAA records returned by nslookup on Windows XP/2003 have this format.
-git-gate
+                                        // Later Windows versions use the A record format below for AAAA records.
-git-gate
+                                        if (stripos($line, "$host AAAA IPv6 address") === 0)
 git-gate
-git-gate
+                                                return true;
 git-gate
-git-gate
+                                // No break
 git-gate
-git-gate
+                                case 'A':
-git-gate
+                                        if (!empty($host_matches))
 git-gate
-git-gate
+                                                // Second line
-git-gate
+                                                if (stripos($line, "Address: ") === 0)
 git-gate
-git-gate
+                                                        return true;
 git-gate
-git-gate
+                                                else
 git-gate
-git-gate
+                                                        $host_matches = false;
 git-gate
 git-gate
-git-gate
+                                        else if (stripos($line, "Name: $host") === 0)
 git-gate
-git-gate
+                                                // First line
-git-gate
+                                                $host_matches = true;
 git-gate
-git-gate
+                                break;
 acydburn
 acydburn
 acydburn
-acydburn
+                return false;
 acydburn
 acydburn
-acydburn
+        return NULL;
 acydburn
 acydburn
-acydburn
+// Handler, header and footer
 acydburn
-acydburn
+/**
-acydburn
+* Error and message handler, call with trigger_error if reqd
-acydburn
+*/
-psotfx
+function msg_handler($errno, $msg_text, $errfile, $errline)
 psotfx
-psotfx
+        global $cache, $db, $auth, $template, $config, $user;
-davidmj
+        global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text;
 psotfx
-acydburn
+        // Do not display notices if we suppress them via @
-toonarmy
+        if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE)
 acydburn
-acydburn
+                return;
 acydburn
 acydburn
-acydburn
+        // Message handler is stripping text. In case we need it, we are possible to define long text...
-acydburn
+        if (isset($msg_long_text) && $msg_long_text && !$msg_text)
 acydburn
-acydburn
+                $msg_text = $msg_long_text;
 acydburn
 acydburn
-aptx
+        if (!defined('E_DEPRECATED'))
 aptx
-aptx
+                define('E_DEPRECATED', 8192);
 aptx
 aptx
-psotfx
+        switch ($errno)
 psotfx
-acydburn
+                case E_NOTICE:
-acydburn
+                case E_WARNING:
 acydburn
-acydburn
+                        // Check the error reporting level and return if the error level does not match
-acydburn
+                        // If DEBUG is defined the default level is E_ALL
-acydburn
+                        if (($errno & ((defined('DEBUG')) ? E_ALL : error_reporting())) == 0)
 acydburn
-acydburn
+                                return;
 acydburn
 acydburn
-acydburn
+                        if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
 acydburn
-git-gate
+                                $errfile = phpbb_filter_root_path($errfile);
-git-gate
+                                $msg_text = phpbb_filter_root_path($msg_text);
-git-gate
+                                $error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice';
-git-gate
+                                echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
 acydburn
-Kellanved
+                                // we are writing an image - the user won't see the debug, so let's place it in the log
-Kellanved
+                                if (defined('IMAGE_OUTPUT') || defined('IN_CRON'))
 Kellanved
-Kellanved
+                                        add_log('critical', 'LOG_IMAGE_GENERATION_ERROR', $errfile, $errline, $msg_text);
 Kellanved
-acydburn
+                                // echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n";
 acydburn
 acydburn
-acydburn
+                        return;
 acydburn
-acydburn
+                break;
 acydburn
-psotfx
+                case E_USER_ERROR:
 acydburn
-acydburn
+                        if (!empty($user) && !empty($user->lang))
 acydburn
-acydburn
+                                $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text;
-acydburn
+                                $msg_title = (!isset($msg_title)) ? $user->lang['GENERAL_ERROR'] : ((!empty($user->lang[$msg_title])) ? $user->lang[$msg_title] : $msg_title);
 acydburn
-acydburn
+                                $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>');
-acydburn
+                                $l_notify = '';
 acydburn
-acydburn
+                                if (!empty($config['board_contact']))
 acydburn
-acydburn
+                                        $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>';
 acydburn
 acydburn
-acydburn
+                        else
 acydburn
-acydburn
+                                $msg_title = 'General Error';
-acydburn
+                                $l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>';
-acydburn
+                                $l_notify = '';
 acydburn
-acydburn
+                                if (!empty($config['board_contact']))
 acydburn
-acydburn
+                                        $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
 acydburn
 acydburn
 acydburn
-git-gate
+                        $log_text = $msg_text;
-git-gate
+                        $backtrace = get_backtrace();
-git-gate
+                        if ($backtrace)
 git-gate
-git-gate
+                                $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace;
 git-gate
 git-gate
-git-gate
+                        if (defined('IN_INSTALL') || defined('DEBUG_EXTRA') || isset($auth) && $auth->acl_get('a_'))
 git-gate
-git-gate
+                                $msg_text = $log_text;
 git-gate
 git-gate
-toonarmy
+                        if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db))
 Kellanved
-Kellanved
+                                // let's avoid loops
-Kellanved
+                                $db->sql_return_on_error(true);
-git-gate
+                                add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text);
-Kellanved
+                                $db->sql_return_on_error(false);
 Kellanved
 acydburn
-acydburn
+                        // Do not send 200 OK, but service unavailable on errors
-git-gate
+                        send_status_line(503, 'Service Unavailable');
 acydburn
-acydburn
+                        garbage_collection();
 psotfx
-acydburn
+                        // Try to not call the adm page data...
 acydburn
-grahamje
+                        echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
-grahamje
+                        echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">';
-grahamje
+                        echo '<head>';
-grahamje
+                        echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />';
-grahamje
+                        echo '<title>' . $msg_title . '</title>';
-acydburn
+                        echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
-acydburn
+                        echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
-acydburn
+                        echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } ';
-acydburn
+                        echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } ';
-acydburn
+                        echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px  #A9B8C2; } ';
-acydburn
+                        echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } ';
-acydburn
+                        echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } ';
-acydburn
+                        echo "\n" . '/* ]]> */' . "\n";
-acydburn
+                        echo '</style>';
-grahamje
+                        echo '</head>';
-grahamje
+                        echo '<body id="errorpage">';
-grahamje
+                        echo '<div id="wrap">';
-grahamje
+                        echo '        <div id="page-header">';
-acydburn
+                        echo '                ' . $l_return_index;
-grahamje
+                        echo '        </div>';
-shs
+                        echo '        <div id="acp">';
-acydburn
+                        echo '        <div class="panel">';
-acydburn
+                        echo '                <div id="content">';
-acydburn
+                        echo '                        <h1>' . $msg_title . '</h1>';
 acydburn
-acydburn
+                        echo '                        <div>' . $msg_text . '</div>';
 acydburn
-acydburn
+                        echo $l_notify;
 acydburn
-subblue
+                        echo '                </div>';
-subblue
+                        echo '        </div>';
-shs
+                        echo '        </div>';
-subblue
+                        echo '        <div id="page-footer">';
-git-gate
+                        echo '                Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';
-subblue
+                        echo '        </div>';
-subblue
+                        echo '</div>';
-subblue
+                        echo '</body>';
-subblue
+                        echo '</html>';
 acydburn
-acydburn
+                        exit_handler();
 acydburn
-acydburn
+                        // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here.
-acydburn
+                        exit;
-acydburn
+                break;
 psotfx
-acydburn
+                case E_USER_WARNING:
-psotfx
+                case E_USER_NOTICE:
 acydburn
-acydburn
+                        define('IN_ERROR_HANDLER', true);
 acydburn
-psotfx
+                        if (empty($user->data))
 psotfx
-acydburn
+                                $user->session_begin();
 psotfx
 acydburn
-acydburn
+                        // We re-init the auth array to get correct results on login/logout
-acydburn
+                        $auth->acl($user->data);
 acydburn
-psotfx
+                        if (empty($user->lang))
 psotfx
-psotfx
+                                $user->setup();
 psotfx
 psotfx
-git-gate
+                        if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER')
 git-gate
-git-gate
+                                send_status_line(404, 'Not Found');
 git-gate
 git-gate
-acydburn
+                        $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text;
-acydburn
+                        $msg_title = (!isset($msg_title)) ? $user->lang['INFORMATION'] : ((!empty($user->lang[$msg_title])) ? $user->lang[$msg_title] : $msg_title);
 acydburn
-psotfx
+                        if (!defined('HEADER_INC'))
 psotfx
-Kellanved
+                                if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin'])
 psotfx
-acydburn
+                                        adm_page_header($msg_title);
 psotfx
-psotfx
+                                else
 psotfx
-nickvergessen
+                                        page_header($msg_title, false);
 psotfx
 psotfx
 psotfx
-acydburn
+                        $template->set_filenames(array(
-acydburn
+                                'body' => 'message_body.html')
-acydburn
+                        );
 psotfx
-acydburn
+                        $template->assign_vars(array(
-acydburn
+                                'MESSAGE_TITLE'                => $msg_title,
-acydburn
+                                'MESSAGE_TEXT'                => $msg_text,
-acydburn
+                                'S_USER_WARNING'        => ($errno == E_USER_WARNING) ? true : false,
-acydburn
+                                'S_USER_NOTICE'                => ($errno == E_USER_NOTICE) ? true : false)
-acydburn
+                        );
 psotfx
-acydburn
+                        // We do not want the cron script to be called on error messages
-acydburn
+                        define('IN_CRON', true);
 acydburn
-Kellanved
+                        if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin'])
 acydburn
-acydburn
+                                adm_page_footer();
 acydburn
-acydburn
+                        else
 acydburn
-acydburn
+                                page_footer();
 acydburn
 acydburn
-acydburn
+                        exit_handler();
-acydburn
+                break;
 acydburn
-Kellanved
+                // PHP4 compatibility
-aptx
+                case E_DEPRECATED:
-aptx
+                        return true;
-aptx
+                break;
 acydburn
 acydburn
-acydburn
+        // If we notice an error not handled here we pass this back to PHP by returning false
-acydburn
+        // This may not work for all php versions
-acydburn
+        return false;
 psotfx
 psotfx
-acydburn
+/**
-git-gate
+* Removes absolute path to phpBB root directory from error messages
-git-gate
+* and converts backslashes to forward slashes.
 git-gate
-git-gate
+* @param string $errfile        Absolute file path
-git-gate
+*                                                        (e.g. /var/www/phpbb3/phpBB/includes/functions.php)
-git-gate
+*                                                        Please note that if $errfile is outside of the phpBB root,
-git-gate
+*                                                        the root path will not be found and can not be filtered.
-git-gate
+* @return string                        Relative file path
-git-gate
+*                                                        (e.g. /includes/functions.php)
-git-gate
+*/
-git-gate
+function phpbb_filter_root_path($errfile)
 git-gate
-git-gate
+        static $root_path;
 git-gate
-git-gate
+        if (empty($root_path))
 git-gate
-git-gate
+                $root_path = phpbb_realpath(dirname(__FILE__) . '/../');
 git-gate
 git-gate
-git-gate
+        return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);
 git-gate
 git-gate
-git-gate
+/**
-Kellanved
+* Queries the session table to get information about online guests
-nickvergessen
+* @param int $item_id Limits the search to the item with this id
-nickvergessen
+* @param string $item The name of the item which is stored in the session table as session_{$item}_id
-Kellanved
+* @return int The number of active distinct guest sessions
-acydburn
+*/
-nickvergessen
+function obtain_guest_count($item_id = 0, $item = 'forum')
 psotfx
-Kellanved
+        global $db, $config;
 acydburn
-nickvergessen
+        if ($item_id)
 acydburn
-nickvergessen
+                $reading_sql = ' AND s.session_' . $item . '_id = ' . (int) $item_id;
 acydburn
-Kellanved
+        else
 psotfx
-Kellanved
+                $reading_sql = '';
 psotfx
-acydburn
+        $time = (time() - (intval($config['load_online_time']) * 60));
 psotfx
-acydburn
+        // Get number of online guests
 acydburn
-Kellanved
+        if ($db->sql_layer === 'sqlite')
 psotfx
-Kellanved
+                $sql = 'SELECT COUNT(session_ip) as num_guests
-Kellanved
+                        FROM (
-Kellanved
+                                SELECT DISTINCT s.session_ip
-Kellanved
+                                FROM ' . SESSIONS_TABLE . ' s
-Kellanved
+                                WHERE s.session_user_id = ' . ANONYMOUS . '
-Kellanved
+                                        AND s.session_time >= ' . ($time - ((int) ($time % 60))) .
-Kellanved
+                                $reading_sql .
-Kellanved
+                        ')';
 psotfx
-psotfx
+        else
 psotfx
-Kellanved
+                $sql = 'SELECT COUNT(DISTINCT s.session_ip) as num_guests
-Kellanved
+                        FROM ' . SESSIONS_TABLE . ' s
-Kellanved
+                        WHERE s.session_user_id = ' . ANONYMOUS . '
-Kellanved
+                                AND s.session_time >= ' . ($time - ((int) ($time % 60))) .
-Kellanved
+                        $reading_sql;
 psotfx
-acydburn
+        $result = $db->sql_query($sql);
-Kellanved
+        $guests_online = (int) $db->sql_fetchfield('num_guests');
-Kellanved
+        $db->sql_freeresult($result);
 acydburn
-Kellanved
+        return $guests_online;
 Kellanved
 psotfx
-Kellanved
+/**
-Kellanved
+* Queries the session table to get information about online users
-nickvergessen
+* @param int $item_id Limits the search to the item with this id
-nickvergessen
+* @param string $item The name of the item which is stored in the session table as session_{$item}_id
-Kellanved
+* @return array An array containing the ids of online, hidden and visible users, as well as statistical info
-Kellanved
+*/
-nickvergessen
+function obtain_users_online($item_id = 0, $item = 'forum')
 Kellanved
-Kellanved
+        global $db, $config, $user;
 acydburn
-acydburn
+        $reading_sql = '';
-Kellanved
+        if ($item_id !== 0)
 Kellanved
-nickvergessen
+                $reading_sql = ' AND s.session_' . $item . '_id = ' . (int) $item_id;
 Kellanved
 acydburn
-Kellanved
+        $online_users = array(
-Kellanved
+                'online_users'                        => array(),
-Kellanved
+                'hidden_users'                        => array(),
-Kellanved
+                'total_online'                        => 0,
-Kellanved
+                'visible_online'                => 0,
-Kellanved
+                'hidden_online'                        => 0,
-Kellanved
+                'guests_online'                        => 0,
-Kellanved
+        );
 acydburn
-Kellanved
+        if ($config['load_online_guests'])
 Kellanved
-nickvergessen
+                $online_users['guests_online'] = obtain_guest_count($item_id, $item);
 Kellanved
 acydburn
-Kellanved
+        // a little discrete magic to cache this for 30 seconds
-acydburn
+        $time = (time() - (intval($config['load_online_time']) * 60));
 acydburn
-Kellanved
+        $sql = 'SELECT s.session_user_id, s.session_ip, s.session_viewonline
-Kellanved
+                FROM ' . SESSIONS_TABLE . ' s
-Kellanved
+                WHERE s.session_time >= ' . ($time - ((int) ($time % 30))) .
-Kellanved
+                        $reading_sql .
-Kellanved
+                ' AND s.session_user_id <> ' . ANONYMOUS;
-acydburn
+        $result = $db->sql_query($sql);
 psotfx
-Kellanved
+        while ($row = $db->sql_fetchrow($result))
 psotfx
-Kellanved
+                // Skip multiple sessions for one user
-Kellanved
+                if (!isset($online_users['online_users'][$row['session_user_id']]))
 psotfx
-acydburn
+                        $online_users['online_users'][$row['session_user_id']] = (int) $row['session_user_id'];
-Kellanved
+                        if ($row['session_viewonline'])
 davidmj
-Kellanved
+                                $online_users['visible_online']++;
 davidmj
-davidmj
+                        else
 davidmj
-acydburn
+                                $online_users['hidden_users'][$row['session_user_id']] = (int) $row['session_user_id'];
-Kellanved
+                                $online_users['hidden_online']++;
 davidmj
 acydburn
 Kellanved
-Kellanved
+        $online_users['total_online'] = $online_users['guests_online'] + $online_users['visible_online'] + $online_users['hidden_online'];
-Kellanved
+        $db->sql_freeresult($result);
 acydburn
-Kellanved
+        return $online_users;
 Kellanved
 acydburn
-Kellanved
+/**
-Kellanved
+* Uses the result of obtain_users_online to generate a localized, readable representation.
-Kellanved
+* @param mixed $online_users result of obtain_users_online - array with user_id lists for total, hidden and visible users, and statistics
-nickvergessen
+* @param int $item_id Indicate that the data is limited to one item and not global
-nickvergessen
+* @param string $item The name of the item which is stored in the session table as session_{$item}_id
-Kellanved
+* @return array An array containing the string for output to the template
-Kellanved
+*/
-nickvergessen
+function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum')
 Kellanved
-Kellanved
+        global $config, $db, $user, $auth;
 acydburn
-Kellanved
+        $user_online_link = $online_userlist = '';
-nickvergessen
+        // Need caps version of $item for language-strings
-nickvergessen
+        $item_caps = strtoupper($item);
 acydburn
-acydburn
+        if (sizeof($online_users['online_users']))
 Kellanved
-acydburn
+                $sql = 'SELECT username, username_clean, user_id, user_type, user_allow_viewonline, user_colour
-acydburn
+                                FROM ' . USERS_TABLE . '
-acydburn
+                                WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . '
-acydburn
+                                ORDER BY username_clean ASC';
-acydburn
+                $result = $db->sql_query($sql);
 psotfx
-psotfx
+                while ($row = $db->sql_fetchrow($result))
 psotfx
-acydburn
+                        // User is logged in and therefore not a guest
-acydburn
+                        if ($row['user_id'] != ANONYMOUS)
 psotfx
-Kellanved
+                                if (isset($online_users['hidden_users'][$row['user_id']]))
 psotfx
-Kellanved
+                                        $row['username'] = '<em>' . $row['username'] . '</em>';
 psotfx
 psotfx
-Kellanved
+                                if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline'))
 psotfx
-Kellanved
+                                        $user_online_link = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
-Kellanved
+                                        $online_userlist .= ($online_userlist != '') ? ', ' . $user_online_link : $user_online_link;
 psotfx
 psotfx
 psotfx
-acydburn
+                $db->sql_freeresult($result);
 Kellanved
 psotfx
-Kellanved
+        if (!$online_userlist)
 Kellanved
-Kellanved
+                $online_userlist = $user->lang['NO_ONLINE_USERS'];
 Kellanved
 Kellanved
-nickvergessen
+        if ($item_id === 0)
 Kellanved
-Kellanved
+                $online_userlist = $user->lang['REGISTERED_USERS'] . ' ' . $online_userlist;
 Kellanved
-Kellanved
+        else if ($config['load_online_guests'])
 Kellanved
-nickvergessen
+                $l_online = ($online_users['guests_online'] === 1) ? $user->lang['BROWSING_' . $item_caps . '_GUEST'] : $user->lang['BROWSING_' . $item_caps . '_GUESTS'];
-Kellanved
+                $online_userlist = sprintf($l_online, $online_userlist, $online_users['guests_online']);
 Kellanved
-Kellanved
+        else
 Kellanved
-nickvergessen
+                $online_userlist = sprintf($user->lang['BROWSING_' . $item_caps], $online_userlist);
 Kellanved
-Kellanved
+        // Build online listing
-Kellanved
+        $vars_online = array(
-Kellanved
+                'ONLINE'        => array('total_online', 'l_t_user_s', 0),
-Kellanved
+                'REG'                => array('visible_online', 'l_r_user_s', !$config['load_online_guests']),
-Kellanved
+                'HIDDEN'        => array('hidden_online', 'l_h_user_s', $config['load_online_guests']),
-Kellanved
+                'GUEST'                => array('guests_online', 'l_g_user_s', 0)
-Kellanved
+        );
 Kellanved
-Kellanved
+        foreach ($vars_online as $l_prefix => $var_ary)
 Kellanved
-Kellanved
+                if ($var_ary[2])
 Kellanved
-Kellanved
+                        $l_suffix = '_AND';
 Kellanved
-Kellanved
+                else
 Kellanved
-Kellanved
+                        $l_suffix = '';
 Kellanved
-Kellanved
+                switch ($online_users[$var_ary[0]])
 psotfx
-Kellanved
+                        case 0:
-Kellanved
+                                ${$var_ary[1]} = $user->lang[$l_prefix . '_USERS_ZERO_TOTAL' . $l_suffix];
-Kellanved
+                        break;
 Kellanved
-Kellanved
+                        case 1:
-Kellanved
+                                ${$var_ary[1]} = $user->lang[$l_prefix . '_USER_TOTAL' . $l_suffix];
-Kellanved
+                        break;
 Kellanved
-Kellanved
+                        default:
-Kellanved
+                                ${$var_ary[1]} = $user->lang[$l_prefix . '_USERS_TOTAL' . $l_suffix];
-Kellanved
+                        break;
 psotfx
 Kellanved
-Kellanved
+        unset($vars_online);
 psotfx
-Kellanved
+        $l_online_users = sprintf($l_t_user_s, $online_users['total_online']);
-Kellanved
+        $l_online_users .= sprintf($l_r_user_s, $online_users['visible_online']);
-Kellanved
+        $l_online_users .= sprintf($l_h_user_s, $online_users['hidden_online']);
 Kellanved
-Kellanved
+        if ($config['load_online_guests'])
 Kellanved
-Kellanved
+                $l_online_users .= sprintf($l_g_user_s, $online_users['guests_online']);
 Kellanved
 Kellanved
 Kellanved
 Kellanved
-Kellanved
+        return array(
-Kellanved
+                'online_userlist'        => $online_userlist,
-Kellanved
+                'l_online_users'        => $l_online_users,
-Kellanved
+        );
 Kellanved
 Kellanved
-acydburn
+/**
-acydburn
+* Get option bitfield from custom data
 acydburn
-acydburn
+* @param int        $bit                The bit/value to get
-acydburn
+* @param int        $data                Current bitfield to check
-acydburn
+* @return bool        Returns true if value of constant is set in bitfield, else false
-acydburn
+*/
-acydburn
+function phpbb_optionget($bit, $data)
 acydburn
-acydburn
+        return ($data & 1 << (int) $bit) ? true : false;
 acydburn
 Kellanved
-Kellanved
+/**
-acydburn
+* Set option bitfield
 acydburn
-acydburn
+* @param int        $bit                The bit/value to set/unset
-acydburn
+* @param bool        $set                True if option should be set, false if option should be unset.
-acydburn
+* @param int        $data                Current bitfield to change
 acydburn
-acydburn
+* @return int        The new bitfield
-acydburn
+*/
-acydburn
+function phpbb_optionset($bit, $set, $data)
 acydburn
-acydburn
+        if ($set && !($data & 1 << $bit))
 acydburn
-acydburn
+                $data += 1 << $bit;
 acydburn
-acydburn
+        else if (!$set && ($data & 1 << $bit))
 acydburn
-acydburn
+                $data -= 1 << $bit;
 acydburn
 acydburn
-acydburn
+        return $data;
 acydburn
 acydburn
-acydburn
+/**
-bantu
+* Login using http authenticate.
 bantu
-bantu
+* @param array        $param                Parameter array, see $param_defaults array.
 bantu
-bantu
+* @return void
-bantu
+*/
-bantu
+function phpbb_http_login($param)
 bantu
-bantu
+        global $auth, $user;
-bantu
+        global $config;
 bantu
-bantu
+        $param_defaults = array(
-bantu
+                'auth_message'        => '',
 bantu
-bantu
+                'autologin'                => false,
-bantu
+                'viewonline'        => true,
-bantu
+                'admin'                        => false,
-bantu
+        );
 bantu
-bantu
+        // Overwrite default values with passed values
-bantu
+        $param = array_merge($param_defaults, $param);
 bantu
-bantu
+        // User is already logged in
-bantu
+        // We will not overwrite his session
-bantu
+        if (!empty($user->data['is_registered']))
 bantu
-bantu
+                return;
 bantu
 bantu
-bantu
+        // $_SERVER keys to check
-bantu
+        $username_keys = array(
-bantu
+                'PHP_AUTH_USER',
-bantu
+                'Authorization',
-bantu
+                'REMOTE_USER', 'REDIRECT_REMOTE_USER',
-bantu
+                'HTTP_AUTHORIZATION', 'REDIRECT_HTTP_AUTHORIZATION',
-bantu
+                'REMOTE_AUTHORIZATION', 'REDIRECT_REMOTE_AUTHORIZATION',
-bantu
+                'AUTH_USER',
-bantu
+        );
 bantu
-bantu
+        $password_keys = array(
-bantu
+                'PHP_AUTH_PW',
-bantu
+                'REMOTE_PASSWORD',
-bantu
+                'AUTH_PASSWORD',
-bantu
+        );
 bantu
-bantu
+        $username = null;
-bantu
+        foreach ($username_keys as $k)
 bantu
-bantu
+                if (isset($_SERVER[$k]))
 bantu
-bantu
+                        $username = $_SERVER[$k];
-bantu
+                        break;
 bantu
 bantu
 bantu
-bantu
+        $password = null;
-bantu
+        foreach ($password_keys as $k)
 bantu
-bantu
+                if (isset($_SERVER[$k]))
 bantu
-bantu
+                        $password = $_SERVER[$k];
-bantu
+                        break;
 bantu
 bantu
 bantu
-bantu
+        // Decode encoded information (IIS, CGI, FastCGI etc.)
-bantu
+        if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0)
 bantu
-bantu
+                list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2);
 git-gate
 bantu
-bantu
+        if (!is_null($username) && !is_null($password))
 bantu
-bantu
+                set_var($username, $username, 'string', true);
-bantu
+                set_var($password, $password, 'string', true);
 bantu
-bantu
+                $auth_result = $auth->login($username, $password, $param['autologin'], $param['viewonline'], $param['admin']);
 bantu
-bantu
+                if ($auth_result['status'] == LOGIN_SUCCESS)
 bantu
-bantu
+                        return;
 bantu
-bantu
+                else if ($auth_result['status'] == LOGIN_ERROR_ATTEMPTS)
 bantu
-git-gate
+                        send_status_line(401, 'Unauthorized');
 git-gate
-bantu
+                        trigger_error('NOT_AUTHORISED');
 bantu
 bantu
 bantu
-bantu
+        // Prepend sitename to auth_message
-bantu
+        $param['auth_message'] = ($param['auth_message'] === '') ? $config['sitename'] : $config['sitename'] . ' - ' . $param['auth_message'];
 bantu
-bantu
+        // We should probably filter out non-ASCII characters - RFC2616
-bantu
+        $param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']);
 bantu
-bantu
+        header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"');
-git-gate
+        send_status_line(401, 'Unauthorized');
 bantu
-bantu
+        trigger_error('NOT_AUTHORISED');
 bantu
 bantu
-bantu
+/**
-Kellanved
+* Generate page header
-Kellanved
+*/
-nickvergessen
+function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
 Kellanved
-git-gate
+        global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
 Kellanved
-Kellanved
+        if (defined('HEADER_INC'))
 Kellanved
-Kellanved
+                return;
 Kellanved
 Kellanved
-Kellanved
+        define('HEADER_INC', true);
 Kellanved
-Kellanved
+        // gzip_compression
-Kellanved
+        if ($config['gzip_compress'])
 Kellanved
-git-gate
+                // to avoid partially compressed output resulting in blank pages in
-git-gate
+                // the browser or error messages, compression is disabled in a few cases:
-git-gate
+                //
-git-gate
+                // 1) if headers have already been sent, this indicates plaintext output
-git-gate
+                //    has been started so further content must not be compressed
-git-gate
+                // 2) the length of the current output buffer is non-zero. This means
-git-gate
+                //    there is already some uncompressed content in this output buffer
-git-gate
+                //    so further output must not be compressed
-git-gate
+                // 3) if more than one level of output buffering is used because we
-git-gate
+                //    cannot test all output buffer level content lengths. One level
-git-gate
+                //    could be caused by php.ini output_buffering. Anything
-git-gate
+                //    beyond that is manual, so the code wrapping phpBB in output buffering
-git-gate
+                //    can easily compress the output itself.
-git-gate
+                //
-git-gate
+                if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0)
 psotfx
-Kellanved
+                        ob_start('ob_gzhandler');
 psotfx
 Kellanved
 psotfx
-Kellanved
+        // Generate logged in/logged out status
-Kellanved
+        if ($user->data['user_id'] != ANONYMOUS)
 Kellanved
-Kellanved
+                $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout', true, $user->session_id);
-Kellanved
+                $l_login_logout = sprintf($user->lang['LOGOUT_USER'], $user->data['username']);
 Kellanved
-Kellanved
+        else
 Kellanved
-Kellanved
+                $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login');
-Kellanved
+                $l_login_logout = $user->lang['LOGIN'];
 Kellanved
 psotfx
-Kellanved
+        // Last visit date/time
-Kellanved
+        $s_last_visit = ($user->data['user_id'] != ANONYMOUS) ? $user->format_date($user->data['session_last_visit']) : '';
 Kellanved
-Kellanved
+        // Get users online list ... if required
-nickvergessen
+        $l_online_users = $online_userlist = $l_online_record = $l_online_time = '';
 Kellanved
-Kellanved
+        if ($config['load_online'] && $config['load_online_time'] && $display_online_list)
 Kellanved
-nickvergessen
+                /**
-nickvergessen
+                * Load online data:
-nickvergessen
+                * For obtaining another session column use $item and $item_id in the function-parameter, whereby the column is session_{$item}_id.
-nickvergessen
+                */
-nickvergessen
+                $item_id = max($item_id, 0);
 acydburn
-nickvergessen
+                $online_users = obtain_users_online($item_id, $item);
-nickvergessen
+                $user_online_strings = obtain_users_online_string($online_users, $item_id, $item);
 nickvergessen
-Kellanved
+                $l_online_users = $user_online_strings['l_online_users'];
-Kellanved
+                $online_userlist = $user_online_strings['online_userlist'];
-Kellanved
+                $total_online_users = $online_users['total_online'];
 Kellanved
-psotfx
+                if ($total_online_users > $config['record_online_users'])
 psotfx
-acydburn
+                        set_config('record_online_users', $total_online_users, true);
-acydburn
+                        set_config('record_online_date', time(), true);
 psotfx
 psotfx
-nickvergessen
+                $l_online_record = sprintf($user->lang['RECORD_ONLINE_USERS'], $config['record_online_users'], $user->format_date($config['record_online_date'], false, true));
 psotfx
-psotfx
+                $l_online_time = ($config['load_online_time'] == 1) ? 'VIEW_ONLINE_TIME' : 'VIEW_ONLINE_TIMES';
-psotfx
+                $l_online_time = sprintf($user->lang[$l_online_time], $config['load_online_time']);
 psotfx
 psotfx
-acydburn
+        $l_privmsgs_text = $l_privmsgs_text_unread = '';
-acydburn
+        $s_privmsg_new = false;
 acydburn
-acydburn
+        // Obtain number of new private messages if user is logged in
-acydburn
+        if (!empty($user->data['is_registered']))
 psotfx
-psotfx
+                if ($user->data['user_new_privmsg'])
 psotfx
-psotfx
+                        $l_message_new = ($user->data['user_new_privmsg'] == 1) ? $user->lang['NEW_PM'] : $user->lang['NEW_PMS'];
-psotfx
+                        $l_privmsgs_text = sprintf($l_message_new, $user->data['user_new_privmsg']);
 psotfx
-acydburn
+                        if (!$user->data['user_last_privmsg'] || $user->data['user_last_privmsg'] > $user->data['session_last_visit'])
 psotfx
-psotfx
+                                $sql = 'UPDATE ' . USERS_TABLE . '
-psotfx
+                                        SET user_last_privmsg = ' . $user->data['session_last_visit'] . '
-psotfx
+                                        WHERE user_id = ' . $user->data['user_id'];
-psotfx
+                                $db->sql_query($sql);
 psotfx
-psotfx
+                                $s_privmsg_new = true;
 psotfx
-psotfx
+                        else
 psotfx
-psotfx
+                                $s_privmsg_new = false;
 psotfx
 psotfx
-psotfx
+                else
 psotfx
-psotfx
+                        $l_privmsgs_text = $user->lang['NO_NEW_PM'];
-psotfx
+                        $s_privmsg_new = false;
 psotfx
 psotfx
-acydburn
+                $l_privmsgs_text_unread = '';
 acydburn
-acydburn
+                if ($user->data['user_unread_privmsg'] && $user->data['user_unread_privmsg'] != $user->data['user_new_privmsg'])
 psotfx
-psotfx
+                        $l_message_unread = ($user->data['user_unread_privmsg'] == 1) ? $user->lang['UNREAD_PM'] : $user->lang['UNREAD_PMS'];
-psotfx
+                        $l_privmsgs_text_unread = sprintf($l_message_unread, $user->data['user_unread_privmsg']);
 psotfx
 psotfx
 psotfx
-acydburn
+        $forum_id = request_var('f', 0);
-acydburn
+        $topic_id = request_var('t', 0);
 acydburn
-acydburn
+        $s_feed_news = false;
 acydburn
-acydburn
+        // Get option for news
-acydburn
+        if ($config['feed_enable'])
 acydburn
-acydburn
+                $sql = 'SELECT forum_id
-acydburn
+                        FROM ' . FORUMS_TABLE . '
-acydburn
+                        WHERE ' . $db->sql_bit_and('forum_options', FORUM_OPTION_FEED_NEWS, '<> 0');
-acydburn
+                $result = $db->sql_query_limit($sql, 1, 0, 600);
-acydburn
+                $s_feed_news = (int) $db->sql_fetchfield('forum_id');
-acydburn
+                $db->sql_freeresult($result);
 acydburn
 acydburn
-acydburn
+        // Determine board url - we may need it later
-acydburn
+        $board_url = generate_board_url() . '/';
-acydburn
+        $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path;
 acydburn
-acydburn
+        // Which timezone?
-acydburn
+        $tz = ($user->data['user_id'] != ANONYMOUS) ? strval(doubleval($user->data['user_timezone'])) : strval(doubleval($config['board_timezone']));
 acydburn
-acydburn
+        // Send a proper content-language to the output
-acydburn
+        $user_lang = $user->lang['USER_LANG'];
-acydburn
+        if (strpos($user_lang, '-x-') !== false)
 acydburn
-acydburn
+                $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-'));
 acydburn
 acydburn
-git-gate
+        $s_search_hidden_fields = array();
-git-gate
+        if ($_SID)
 git-gate
-git-gate
+                $s_search_hidden_fields['sid'] = $_SID;
 git-gate
 git-gate
-git-gate
+        if (!empty($_EXTRA_URL))
 git-gate
-git-gate
+                foreach ($_EXTRA_URL as $url_param)
 git-gate
-git-gate
+                        $url_param = explode('=', $url_param, 2);
-git-gate
+                        $s_search_hidden_fields[$url_param[0]] = $url_param[1];
 git-gate
 git-gate
 git-gate
-acydburn
+        // The following assigns all _common_ variables that may be used at any point in a template.
-psotfx
+        $template->assign_vars(array(
-acydburn
+                'SITENAME'                                                => $config['sitename'],
-acydburn
+                'SITE_DESCRIPTION'                                => $config['site_desc'],
-acydburn
+                'PAGE_TITLE'                                        => $page_title,
-acydburn
+                'SCRIPT_NAME'                                        => str_replace('.' . $phpEx, '', $user->page['page_name']),
-acydburn
+                'LAST_VISIT_DATE'                                => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit),
-davidmj
+                'LAST_VISIT_YOU'                                => $s_last_visit,
-acydburn
+                'CURRENT_TIME'                                        => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time(), false, true)),
-acydburn
+                'TOTAL_USERS_ONLINE'                        => $l_online_users,
-acydburn
+                'LOGGED_IN_USER_LIST'                        => $online_userlist,
-acydburn
+                'RECORD_USERS'                                        => $l_online_record,
-acydburn
+                'PRIVATE_MESSAGE_INFO'                        => $l_privmsgs_text,
-acydburn
+                'PRIVATE_MESSAGE_INFO_UNREAD'        => $l_privmsgs_text_unread,
 psotfx
-acydburn
+                'S_USER_NEW_PRIVMSG'                        => $user->data['user_new_privmsg'],
-acydburn
+                'S_USER_UNREAD_PRIVMSG'                        => $user->data['user_unread_privmsg'],
-acydburn
+                'S_USER_NEW'                                        => $user->data['user_new'],
 acydburn
-acydburn
+                'SID'                                => $SID,
-acydburn
+                '_SID'                                => $_SID,
-acydburn
+                'SESSION_ID'                => $user->session_id,
-acydburn
+                'ROOT_PATH'                        => $phpbb_root_path,
-acydburn
+                'BOARD_URL'                        => $board_url,
 acydburn
-acydburn
+                'L_LOGIN_LOGOUT'        => $l_login_logout,
-acydburn
+                'L_INDEX'                        => $user->lang['FORUM_INDEX'],
-psotfx
+                'L_ONLINE_EXPLAIN'        => $l_online_time,
 psotfx
-acydburn
+                'U_PRIVATEMSGS'                        => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=inbox'),
-acydburn
+                'U_RETURN_INBOX'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=inbox'),
-acydburn
+                'U_POPUP_PM'                        => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=popup'),
-acydburn
+                'UA_POPUP_PM'                        => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=popup')),
-acydburn
+                'U_MEMBERLIST'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx"),
-acydburn
+                'U_VIEWONLINE'                        => ($auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) ? append_sid("{$phpbb_root_path}viewonline.$phpEx") : '',
-psotfx
+                'U_LOGIN_LOGOUT'                => $u_login_logout,
-acydburn
+                'U_INDEX'                                => append_sid("{$phpbb_root_path}index.$phpEx"),
-acydburn
+                'U_SEARCH'                                => append_sid("{$phpbb_root_path}search.$phpEx"),
-acydburn
+                'U_REGISTER'                        => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
-acydburn
+                'U_PROFILE'                                => append_sid("{$phpbb_root_path}ucp.$phpEx"),
-acydburn
+                'U_MODCP'                                => append_sid("{$phpbb_root_path}mcp.$phpEx", false, true, $user->session_id),
-acydburn
+                'U_FAQ'                                        => append_sid("{$phpbb_root_path}faq.$phpEx"),
-acydburn
+                'U_SEARCH_SELF'                        => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=egosearch'),
-acydburn
+                'U_SEARCH_NEW'                        => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=newposts'),
-acydburn
+                'U_SEARCH_UNANSWERED'        => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=unanswered'),
-rxu
+                'U_SEARCH_UNREAD'                => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=unreadposts'),
-acydburn
+                'U_SEARCH_ACTIVE_TOPICS'=> append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=active_topics'),
-acydburn
+                'U_DELETE_COOKIES'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=delete_cookies'),
-acydburn
+                'U_TEAM'                                => ($user->data['user_id'] != ANONYMOUS && !$auth->acl_get('u_viewprofile')) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=leaders'),
-acydburn
+                'U_TERMS_USE'                        => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'),
-acydburn
+                'U_PRIVACY'                                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'),
-acydburn
+                'U_RESTORE_PERMISSIONS'        => ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=restore_perm') : '',
-acydburn
+                'U_FEED'                                => generate_board_url() . "/feed.$phpEx",
 psotfx
-acydburn
+                'S_USER_LOGGED_IN'                => ($user->data['user_id'] != ANONYMOUS) ? true : false,
-acydburn
+                'S_AUTOLOGIN_ENABLED'        => ($config['allow_autologin']) ? true : false,
-acydburn
+                'S_BOARD_DISABLED'                => ($config['board_disable']) ? true : false,
-acydburn
+                'S_REGISTERED_USER'                => (!empty($user->data['is_registered'])) ? true : false,
-acydburn
+                'S_IS_BOT'                                => (!empty($user->data['is_bot'])) ? true : false,
-acydburn
+                'S_USER_PM_POPUP'                => $user->optionget('popuppm'),
-vic_delfant
+                'S_USER_LANG'                        => $user_lang,
-acydburn
+                'S_USER_BROWSER'                => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'],
-acydburn
+                'S_USERNAME'                        => $user->data['username'],
-acydburn
+                'S_CONTENT_DIRECTION'        => $user->lang['DIRECTION'],
-shs
+                'S_CONTENT_FLOW_BEGIN'        => ($user->lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
-shs
+                'S_CONTENT_FLOW_END'        => ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
-naderman
+                'S_CONTENT_ENCODING'        => 'UTF-8',
-acydburn
+                'S_TIMEZONE'                        => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
-acydburn
+                'S_DISPLAY_ONLINE_LIST'        => ($l_online_time) ? 1 : 0,
-grahamje
+                'S_DISPLAY_SEARCH'                => (!$config['load_search']) ? 0 : (isset($auth) ? ($auth->acl_get('u_search') && $auth->acl_getf_global('f_search')) : 1),
-acydburn
+                'S_DISPLAY_PM'                        => ($config['allow_privmsg'] && !empty($user->data['is_registered']) && ($auth->acl_get('u_readpm') || $auth->acl_get('u_sendpm'))) ? true : false,
-psotfx
+                'S_DISPLAY_MEMBERLIST'        => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,
-acydburn
+                'S_NEW_PM'                                => ($s_privmsg_new) ? 1 : 0,
-acydburn
+                'S_REGISTER_ENABLED'        => ($config['require_activation'] != USER_ACTIVATION_DISABLE) ? true : false,
-acydburn
+                'S_FORUM_ID'                        => $forum_id,
-acydburn
+                'S_TOPIC_ID'                        => $topic_id,
 psotfx
-Kellanved
+                'S_LOGIN_ACTION'                => ((!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id)),
-git-gate
+                'S_LOGIN_REDIRECT'                => build_hidden_fields(array('redirect' => build_url())),
 acydburn
-acydburn
+                'S_ENABLE_FEEDS'                        => ($config['feed_enable']) ? true : false,
-bantu
+                'S_ENABLE_FEEDS_OVERALL'        => ($config['feed_overall']) ? true : false,
-acydburn
+                'S_ENABLE_FEEDS_FORUMS'                => ($config['feed_overall_forums']) ? true : false,
-bantu
+                'S_ENABLE_FEEDS_TOPICS'                => ($config['feed_topics_new']) ? true : false,
-bantu
+                'S_ENABLE_FEEDS_TOPICS_ACTIVE'        => ($config['feed_topics_active']) ? true : false,
-acydburn
+                'S_ENABLE_FEEDS_NEWS'                => ($s_feed_news) ? true : false,
 acydburn
-git-gate
+                'S_LOAD_UNREADS'                        => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,
 git-gate
-git-gate
+                'S_SEARCH_HIDDEN_FIELDS'        => build_hidden_fields($s_search_hidden_fields),
 git-gate
-git-gate
+                'T_THEME_PATH'                        => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme',
-git-gate
+                'T_TEMPLATE_PATH'                => "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
-git-gate
+                'T_SUPER_TEMPLATE_PATH'        => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . rawurlencode($user->theme['template_inherit_path']) . '/template' : "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
-git-gate
+                'T_IMAGESET_PATH'                => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset',
-git-gate
+                'T_IMAGESET_LANG_PATH'        => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset/' . $user->lang_name,
-acydburn
+                'T_IMAGES_PATH'                        => "{$web_path}images/",
-acydburn
+                'T_SMILIES_PATH'                => "{$web_path}{$config['smilies_path']}/",
-acydburn
+                'T_AVATAR_PATH'                        => "{$web_path}{$config['avatar_path']}/",
-acydburn
+                'T_AVATAR_GALLERY_PATH'        => "{$web_path}{$config['avatar_gallery_path']}/",
-acydburn
+                'T_ICONS_PATH'                        => "{$web_path}{$config['icons_path']}/",
-acydburn
+                'T_RANKS_PATH'                        => "{$web_path}{$config['ranks_path']}/",
-acydburn
+                'T_UPLOAD_PATH'                        => "{$web_path}{$config['upload_path']}/",
-git-gate
+                'T_STYLESHEET_LINK'                => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->lang_name),
-acydburn
+                'T_STYLESHEET_NAME'                => $user->theme['theme_name'],
 davidmj
-git-gate
+                'T_THEME_NAME'                        => rawurlencode($user->theme['theme_path']),
-git-gate
+                'T_TEMPLATE_NAME'                => rawurlencode($user->theme['template_path']),
-git-gate
+                'T_SUPER_TEMPLATE_NAME'        => rawurlencode((isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path']),
-git-gate
+                'T_IMAGESET_NAME'                => rawurlencode($user->theme['imageset_path']),
-acydburn
+                'T_IMAGESET_LANG_NAME'        => $user->data['user_lang'],
-acydburn
+                'T_IMAGES'                                => 'images',
-acydburn
+                'T_SMILIES'                                => $config['smilies_path'],
-acydburn
+                'T_AVATAR'                                => $config['avatar_path'],
-acydburn
+                'T_AVATAR_GALLERY'                => $config['avatar_gallery_path'],
-acydburn
+                'T_ICONS'                                => $config['icons_path'],
-acydburn
+                'T_RANKS'                                => $config['ranks_path'],
-acydburn
+                'T_UPLOAD'                                => $config['upload_path'],
 acydburn
-acydburn
+                'SITE_LOGO_IMG'                        => $user->img('site_logo'),
 psotfx
-acydburn
+                'A_COOKIE_SETTINGS'                => addslashes('; path=' . $config['cookie_path'] . ((!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain']) . ((!$config['cookie_secure']) ? '' : '; secure')),
-acydburn
+        ));
 acydburn
-acydburn
+        // application/xhtml+xml not used because of IE
-acydburn
+        header('Content-type: text/html; charset=UTF-8');
 acydburn
-acydburn
+        header('Cache-Control: private, no-cache="set-cookie"');
-psotfx
+        header('Expires: 0');
-psotfx
+        header('Pragma: no-cache');
 psotfx
-git-gate
+        if (!empty($user->data['is_bot']))
 git-gate
-git-gate
+                // Let reverse proxies know we detected a bot.
-git-gate
+                header('X-PHPBB-IS-BOT: yes');
 git-gate
 git-gate
-psotfx
+        return;
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Generate page footer
-acydburn
+*/
-grahamje
+function page_footer($run_cron = true)
 psotfx
-davidmj
+        global $db, $config, $template, $user, $auth, $cache, $starttime, $phpbb_root_path, $phpEx;
 psotfx
-psotfx
+        // Output page creation time
-psotfx
+        if (defined('DEBUG'))
 psotfx
-psotfx
+                $mtime = explode(' ', microtime());
-psotfx
+                $totaltime = $mtime[0] + $mtime[1] - $starttime;
 psotfx
-acydburn
+                if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report'))
 psotfx
-ludovic_arnaud
+                        $db->sql_report('display');
 psotfx
 psotfx
-rxu
+                $debug_output = sprintf('Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . (($config['gzip_compress'] && @extension_loaded('zlib')) ? 'On' : 'Off') . (($user->load) ? ' | Load : ' . $user->load : ''), $totaltime);
 psotfx
-acydburn
+                if ($auth->acl_get('a_') && defined('DEBUG_EXTRA'))
 psotfx
-acydburn
+                        if (function_exists('memory_get_usage'))
 acydburn
-acydburn
+                                if ($memory_usage = memory_get_usage())
 acydburn
-acydburn
+                                        global $base_memory_usage;
-acydburn
+                                        $memory_usage -= $base_memory_usage;
-acydburn
+                                        $memory_usage = get_formatted_filesize($memory_usage);
 psotfx
-psotfx
+                                        $debug_output .= ' | Memory Usage: ' . $memory_usage;
 acydburn
 acydburn
 acydburn
-acydburn
+                        $debug_output .= ' | <a href="' . build_url() . '&amp;explain=1">Explain</a>';
 psotfx
 psotfx
 psotfx
-psotfx
+        $template->assign_vars(array(
-acydburn
+                'DEBUG_OUTPUT'                        => (defined('DEBUG')) ? $debug_output : '',
-acydburn
+                'TRANSLATION_INFO'                => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
 psotfx
-acydburn
+                'U_ACP' => ($auth->acl_get('a_') && !empty($user->data['is_registered'])) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '')
-psotfx
+        );
 psotfx
-acydburn
+        // Call cron-type script
-acydburn
+        $call_cron = false;
-git-gate
+        if (!defined('IN_CRON') && $run_cron && !$config['board_disable'] && !$user->data['is_bot'])
 acydburn
-acydburn
+                $call_cron = true;
-bantu
+                $time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time();
 acydburn
-acydburn
+                // Any old lock present?
-acydburn
+                if (!empty($config['cron_lock']))
 acydburn
-acydburn
+                        $cron_time = explode(' ', $config['cron_lock']);
 acydburn
-acydburn
+                        // If 1 hour lock is present we do not call cron.php
-bantu
+                        if ($cron_time[0] + 3600 >= $time_now)
 acydburn
-acydburn
+                                $call_cron = false;
 acydburn
 acydburn
 acydburn
 acydburn
-acydburn
+        // Call cron job?
-acydburn
+        if ($call_cron)
 acydburn
-acydburn
+                $cron_type = '';
 acydburn
-bantu
+                if ($time_now - $config['queue_interval'] > $config['last_queue_run'] && !defined('IN_ADMIN') && file_exists($phpbb_root_path . 'cache/queue.' . $phpEx))
 acydburn
-acydburn
+                        // Process email queue
-acydburn
+                        $cron_type = 'queue';
 acydburn
-bantu
+                else if (method_exists($cache, 'tidy') && $time_now - $config['cache_gc'] > $config['cache_last_gc'])
 acydburn
-acydburn
+                        // Tidy the cache
-acydburn
+                        $cron_type = 'tidy_cache';
 acydburn
-bantu
+                else if ($config['warnings_expire_days'] && ($time_now - $config['warnings_gc'] > $config['warnings_last_gc']))
 grahamje
-grahamje
+                        $cron_type = 'tidy_warnings';
 grahamje
-bantu
+                else if ($time_now - $config['database_gc'] > $config['database_last_gc'])
 acydburn
-acydburn
+                        // Tidy the database
-acydburn
+                        $cron_type = 'tidy_database';
 acydburn
-bantu
+                else if ($time_now - $config['search_gc'] > $config['search_last_gc'])
 naderman
-acydburn
+                        // Tidy the search
-naderman
+                        $cron_type = 'tidy_search';
 naderman
-bantu
+                else if ($time_now - $config['session_gc'] > $config['session_last_gc'])
 acydburn
-acydburn
+                        $cron_type = 'tidy_sessions';
 acydburn
 acydburn
-acydburn
+                if ($cron_type)
 acydburn
-acydburn
+                        $template->assign_var('RUN_CRON_TASK', '<img src="' . append_sid($phpbb_root_path . 'cron.' . $phpEx, 'cron_type=' . $cron_type) . '" width="1" height="1" alt="cron" />');
 acydburn
 acydburn
 acydburn
-psotfx
+        $template->display('body');
 psotfx
-acydburn
+        garbage_collection();
-acydburn
+        exit_handler();
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Closing the cache object and the database
-acydburn
+* Cool function name, eh? We might want to add operations to it later
-acydburn
+*/
-acydburn
+function garbage_collection()
 acydburn
-acydburn
+        global $cache, $db;
 acydburn
-ludovic_arnaud
+        // Unload cache, must be done before the DB connection if closed
-psotfx
+        if (!empty($cache))
 psotfx
-psotfx
+                $cache->unload();
 psotfx
 ludovic_arnaud
-ludovic_arnaud
+        // Close our DB connection.
-acydburn
+        if (!empty($db))
 acydburn
-acydburn
+                $db->sql_close();
 acydburn
 psotfx
 psotfx
-acydburn
+/**
-acydburn
+* Handler for exit calls in phpBB.
-acydburn
+* This function supports hooks.
 acydburn
-acydburn
+* Note: This function is called after the template has been outputted.
-acydburn
+*/
-acydburn
+function exit_handler()
 acydburn
-acydburn
+        global $phpbb_hook, $config;
 acydburn
-acydburn
+        if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__))
 acydburn
-acydburn
+                if ($phpbb_hook->hook_return(__FUNCTION__))
 acydburn
-acydburn
+                        return $phpbb_hook->hook_return_result(__FUNCTION__);
 acydburn
 acydburn
 acydburn
-acydburn
+        // As a pre-caution... some setups display a blank page if the flush() is not there.
-git-gate
+        (ob_get_level() > 0) ? @ob_flush() : @flush();
 acydburn
-acydburn
+        exit;
 acydburn
 acydburn
-acydburn
+/**
-acydburn
+* Handler for init calls in phpBB. This function is called in user::setup();
-acydburn
+* This function supports hooks.
-acydburn
+*/
-acydburn
+function phpbb_user_session_handler()
 acydburn
-acydburn
+        global $phpbb_hook;
 acydburn
-acydburn
+        if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__))
 acydburn
-acydburn
+                if ($phpbb_hook->hook_return(__FUNCTION__))
 acydburn
-acydburn
+                        return $phpbb_hook->hook_return_result(__FUNCTION__);
 acydburn
 acydburn
 acydburn
-acydburn
+        return;
 acydburn
 acydburn
-acydburn
+?>

Code Forge

root / branches / phpBB-3_0_0 / phpBB / includes / functions.php