phpBB

Code Changes

File: includes/functions.php

  Unmodified   Added   Modified   Removed
Line 137Line 137
}

/**

}

/**

* Set config value. Creates missing config entry.












* Sets a configuration option's value.
*
* Please note that this function does not update the is_dynamic value for
* an already existing config option.
*
* @param string $config_name The configuration option's name
* @param string $config_value New configuration value
* @param bool $is_dynamic Whether this variable should be cached (false) or
* if it changes too frequently (true) to be
* efficiently cached.
*
* @return null

*/
function set_config($config_name, $config_value, $is_dynamic = false)
{

*/
function set_config($config_name, $config_value, $is_dynamic = false)
{

Line 166Line 177
}

/**

}

/**

* Set dynamic config value with arithmetic operation.









* Increments an integer config value directly in the database.
*
* @param string $config_name The configuration option's name
* @param int $increment Amount to increment by
* @param bool $is_dynamic Whether this variable should be cached (false) or
* if it changes too frequently (true) to be
* efficiently cached.
*
* @return null

*/
function set_config_count($config_name, $increment, $is_dynamic = false)
{

*/
function set_config_count($config_name, $increment, $is_dynamic = false)
{

Line 175Line 194
	switch ($db->sql_layer)
{
case 'firebird':

	switch ($db->sql_layer)
{
case 'firebird':

 
			// Precision must be from 1 to 18
$sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
break;


		case 'postgres':

		case 'postgres':

			$sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';


			// Need to cast to text first for PostgreSQL 7.x
$sql_update = 'CAST(CAST(config_value::text as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';

		break;

// MySQL, SQlite, mssql, mssql_odbc, oracle

		break;

// MySQL, SQlite, mssql, mssql_odbc, oracle

Line 236Line 260

if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10)))
{


if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10)))
{

		set_config('rand_seed', $config['rand_seed'], true);

 
		set_config('rand_seed_last_update', time(), true);

		set_config('rand_seed_last_update', time(), true);

 
		set_config('rand_seed', $config['rand_seed'], true);

		$dss_seeded = true;
}

return substr($val, 4, 16);

		$dss_seeded = true;
}

return substr($val, 4, 16);

 
}

/**
* Wrapper for mt_rand() which allows swapping $min and $max parameters.
*
* PHP does not allow us to swap the order of the arguments for mt_rand() anymore.
* (since PHP 5.3.4, see http://bugs.php.net/46587)
*
* @param int $min Lowest value to be returned
* @param int $max Highest value to be returned
*
* @return int Random integer between $min and $max (or $max and $min)
*/
function phpbb_mt_rand($min, $max)
{
return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max);
}

/**
* Wrapper for getdate() which returns the equivalent array for UTC timestamps.
*
* @param int $time Unix timestamp (optional)
*
* @return array Returns an associative array of information related to the timestamp.
* See http://www.php.net/manual/en/function.getdate.php
*/
function phpbb_gmgetdate($time = false)
{
if ($time === false)
{
$time = time();
}

// getdate() interprets timestamps in local time.
// What follows uses the fact that getdate() and
// date('Z') balance each other out.
return getdate($time - date('Z'));

}

/**
* Return formatted string for filesizes
*

}

/**
* Return formatted string for filesizes
*

* @param int	$value			filesize in bytes


* @param mixed	$value			filesize in bytes
* (non-negative number; int, float or string)

* @param bool	$string_only	true if language string should be returned
* @param array $allowed_units only allow these units (data array indexes)
*

* @param bool	$string_only	true if language string should be returned
* @param array $allowed_units only allow these units (data array indexes)
*

Line 259Line 321
	global $user;

$available_units = array(

	global $user;

$available_units = array(

 
		'tb' => array(
'min' => 1099511627776, // pow(2, 40)
'index' => 4,
'si_unit' => 'TB',
'iec_unit' => 'TIB',
),

		'gb' => array(
'min' => 1073741824, // pow(2, 30)
'index' => 3,

		'gb' => array(
'min' => 1073741824, // pow(2, 30)
'index' => 3,

Line 434Line 502
*/
function phpbb_check_hash($password, $hash)
{

*/
function phpbb_check_hash($password, $hash)
{

 
	if (strlen($password) > 4096)
{
// If the password is too huge, we will simply reject it
// and not let the server try to hash it.
return false;
}


	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if (strlen($hash) == 34)
{

	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if (strlen($hash) == 34)
{

Line 512Line 587
	$output = '*';

// Check for correct hash

	$output = '*';

// Check for correct hash

	if (substr($setting, 0, 3) != '$H$')

	if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$')

	{
return $output;
}

	{
return $output;
}

Line 575Line 650
function phpbb_email_hash($email)
{
return sprintf('%u', crc32(strtolower($email))) . strlen($email);

function phpbb_email_hash($email)
{
return sprintf('%u', crc32(strtolower($email))) . strlen($email);

 
}

/**
* Wrapper for version_compare() that allows using uppercase A and B
* for alpha and beta releases.
*
* See http://www.php.net/manual/en/function.version-compare.php
*
* @param string $version1 First version number
* @param string $version2 Second version number
* @param string $operator Comparison operator (optional)
*
* @return mixed Boolean (true, false) if comparison operator is specified.
* Integer (-1, 0, 1) otherwise.
*/
function phpbb_version_compare($version1, $version2, $operator = null)
{
$version1 = strtolower($version1);
$version2 = strtolower($version2);

if (is_null($operator))
{
return version_compare($version1, $version2);
}
else
{
return version_compare($version1, $version2, $operator);
}

}

/**

}

/**

Line 909Line 1012
*/
function is_absolute($path)
{

*/
function is_absolute($path)
{

	return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false;

	return (isset($path[0]) && $path[0] == '/' || preg_match('#^[a-z]:[/\\\]#i', $path)) ? true : false;

}

/**

}

/**

Line 1104Line 1207

return $realpath;
}


return $realpath;
}

 
}

/**
* Eliminates useless . and .. components from specified path.
*
* @param string $path Path to clean
* @return string Cleaned path
*/
function phpbb_clean_path($path)
{
$exploded = explode('/', $path);
$filtered = array();
foreach ($exploded as $part)
{
if ($part === '.' && !empty($filtered))
{
continue;
}

if ($part === '..' && !empty($filtered) && $filtered[sizeof($filtered) - 1] !== '..')
{
array_pop($filtered);
}
else
{
$filtered[] = $part;
}
}
$path = implode('/', $filtered);
return $path;

}

if (!function_exists('htmlspecialchars_decode'))

}

if (!function_exists('htmlspecialchars_decode'))

Line 1698Line 1831
	if ($config['load_db_lastread'] && $user->data['is_registered'])
{
// Get list of the unread topics

	if ($config['load_db_lastread'] && $user->data['is_registered'])
{
// Get list of the unread topics

		$last_mark = $user->data['user_lastmark'];

		$last_mark = (int) $user->data['user_lastmark'];


$sql_array = array(
'SELECT' => 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time',


$sql_array = array(
'SELECT' => 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time',

Line 1717Line 1850
			),

'WHERE' => "

			),

'WHERE' => "

 
				 t.topic_last_post_time > $last_mark AND

				(
(tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR
(tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR

				(
(tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR
(tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR

				(tt.mark_time IS NULL AND ft.mark_time IS NULL AND t.topic_last_post_time > $last_mark)

				(tt.mark_time IS NULL AND ft.mark_time IS NULL)

				)
$sql_extra
$sql_sort",

				)
$sql_extra
$sql_sort",

Line 1809Line 1943
*/
function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
{

*/
function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
{

	global $db, $tracking_topics, $user, $config;

	global $db, $tracking_topics, $user, $config, $auth;


// Determine the users last forum mark time if not given.
if ($mark_time_forum === false)


// Determine the users last forum mark time if not given.
if ($mark_time_forum === false)

Line 1831Line 1965
			$mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark'];
}
}

			$mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark'];
}
}

 

// Handle update of unapproved topics info.
// Only update for moderators having m_approve permission for the forum.
$sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1';


// Check the forum for any left unread topics.
// If there are none, we mark the forum as read.


// Check the forum for any left unread topics.
// If there are none, we mark the forum as read.

Line 1843Line 1981
		}
else
{

		}
else
{

			$sql = 'SELECT t.forum_id FROM ' . TOPICS_TABLE . ' t
LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')




			$sql = 'SELECT t.forum_id
FROM ' . TOPICS_TABLE . ' t
LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt
ON (tt.topic_id = t.topic_id
AND tt.user_id = ' . $user->data['user_id'] . ')

				WHERE t.forum_id = ' . $forum_id . '
AND t.topic_last_post_time > ' . $mark_time_forum . '

				WHERE t.forum_id = ' . $forum_id . '
AND t.topic_last_post_time > ' . $mark_time_forum . '

					AND t.topic_moved_id = 0
AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time)
GROUP BY t.forum_id';


					AND t.topic_moved_id = 0 ' .
$sql_update_unapproved . '
AND (tt.topic_id IS NULL
OR tt.mark_time < t.topic_last_post_time)';

			$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

			$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

Line 1867Line 2009
		}
else
{

		}
else
{

			$sql = 'SELECT topic_id
FROM ' . TOPICS_TABLE . '
WHERE forum_id = ' . $forum_id . '
AND topic_last_post_time > ' . $mark_time_forum . '
AND topic_moved_id = 0';


			$sql = 'SELECT t.topic_id
FROM ' . TOPICS_TABLE . ' t
WHERE t.forum_id = ' . $forum_id . '
AND t.topic_last_post_time > ' . $mark_time_forum . '
AND t.topic_moved_id = 0 ' .
$sql_update_unapproved;

			$result = $db->sql_query($sql);

$check_forum = $tracking_topics['tf'][$forum_id];

			$result = $db->sql_query($sql);

$check_forum = $tracking_topics['tf'][$forum_id];

Line 2056Line 2199
		$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
$end_cnt = max(min($total_pages, $on_page + 4), 6);


		$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
$end_cnt = max(min($total_pages, $on_page + 4), 6);


		$page_string .= ($start_cnt > 1) ? ' ... ' : $seperator;

		$page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $seperator;


for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
{


for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
{

Line 2067Line 2210
			}
}


			}
}


		$page_string .= ($end_cnt < $total_pages) ? ' ... ' : $seperator;

		$page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $seperator;

	}
else
{

	}
else
{

Line 2153Line 2296
function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
global $_SID, $_EXTRA_URL, $phpbb_hook;

function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
global $_SID, $_EXTRA_URL, $phpbb_hook;

 

if ($params === '' || (is_array($params) && empty($params)))
{
// Do not append the ? if the param-list is empty anyway.
$params = false;
}


// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.
// They could mimic most of what is within this function


// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.
// They could mimic most of what is within this function

Line 2248Line 2397

/**
* Generate board url (example: http://www.example.com/phpBB)


/**
* Generate board url (example: http://www.example.com/phpBB)

 
*

* @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com)

* @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com)

 
*
* @return string the generated board url

*/
function generate_board_url($without_script_path = false)
{

*/
function generate_board_url($without_script_path = false)
{

Line 2340Line 2492
		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
if (!$disable_cd_check && $url_parts['host'] !== $user->host)
{

		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
if (!$disable_cd_check && $url_parts['host'] !== $user->host)
{

			$url = generate_board_url();

			trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);

		}
}
else if ($url[0] == '/')

		}
}
else if ($url[0] == '/')

Line 2353Line 2505
		// Relative uri
$pathinfo = pathinfo($url);


		// Relative uri
$pathinfo = pathinfo($url);


		if (!$disable_cd_check && !file_exists($pathinfo['dirname']))

		if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/'))

		{
$url = str_replace('../', '', $url);
$pathinfo = pathinfo($url);


		{
$url = str_replace('../', '', $url);
$pathinfo = pathinfo($url);


			if (!file_exists($pathinfo['dirname']))

			if (!file_exists($pathinfo['dirname'] . '/'))

			{
// fallback to "last known user page"
// at least this way we know the user does not leave the phpBB root

			{
// fallback to "last known user page"
// at least this way we know the user does not leave the phpBB root

Line 2425Line 2577
				$url = generate_board_url() . '/' . $url;
}
}

				$url = generate_board_url() . '/' . $url;
}
}

 
	}

// Make sure we don't redirect to external URLs
if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
{
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);

	}

// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2

	}

// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2

Line 2595Line 2753

// For XHTML compatibility we change back & to &amp;
$template->assign_vars(array(


// For XHTML compatibility we change back & to &amp;
$template->assign_vars(array(

		'META' => '<meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />')

		'META' => '<meta http-equiv="refresh" content="' . $time . '; url=' . $url . '" />')

	);

return $url;

	);

return $url;

Line 2619Line 2777
*
* @param int $code HTTP status code
* @param string $message Message for the status code

*
* @param int $code HTTP status code
* @param string $message Message for the status code

* @return void

* @return null

*/
function send_status_line($code, $message)
{

*/
function send_status_line($code, $message)
{

Line 2630Line 2788
	}
else
{

	}
else
{

		if (isset($_SERVER['HTTP_VERSION']))

		if (!empty($_SERVER['SERVER_PROTOCOL']) && is_string($_SERVER['SERVER_PROTOCOL']) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $_SERVER['SERVER_PROTOCOL']))

		{

		{

			$version = $_SERVER['HTTP_VERSION'];

			$version = $_SERVER['SERVER_PROTOCOL'];

		}
else
{

		}
else
{

Line 2722Line 2880
		$diff = time() - $creation_time;

// If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)...

		$diff = time() - $creation_time;

// If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)...

		if ($diff && ($diff <= $timespan || $timespan === -1))

		if (defined('DEBUG_TEST') || $diff && ($diff <= $timespan || $timespan === -1))

		{
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);

		{
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);

Line 3127Line 3285
	page_header($user->lang['LOGIN'], false);

$template->assign_vars(array(

	page_header($user->lang['LOGIN'], false);

$template->assign_vars(array(

 
		'FORUM_NAME'			=> isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '',

		'S_LOGIN_ACTION'		=> build_url(array('f')),
'S_HIDDEN_FIELDS' => build_hidden_fields(array('f' => $forum_data['forum_id'])))
);

		'S_LOGIN_ACTION'		=> build_url(array('f')),
'S_HIDDEN_FIELDS' => build_hidden_fields(array('f' => $forum_data['forum_id'])))
);

Line 3214Line 3373
		}

// Determine first occurrence, since in values the equal sign is allowed

		}

// Determine first occurrence, since in values the equal sign is allowed

		$key = strtolower(trim(substr($line, 0, $delim_pos)));

		$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));

		$value = trim(substr($line, $delim_pos + 1));

if (in_array($value, array('off', 'false', '0')))

		$value = trim(substr($line, $delim_pos + 1));

if (in_array($value, array('off', 'false', '0')))

Line 3231Line 3390
		}
else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
{

		}
else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
{

			$value = substr($value, 1, sizeof($value)-2);





			$value = htmlspecialchars(substr($value, 1, sizeof($value)-2));
}
else
{
$value = htmlspecialchars($value);

		}

$parsed_items[$key] = $value;

		}

$parsed_items[$key] = $value;

 
	}

if (isset($parsed_items['inherit_from']) && isset($parsed_items['name']) && $parsed_items['inherit_from'] == $parsed_items['name'])
{
unset($parsed_items['inherit_from']);

	}

return $parsed_items;

	}

return $parsed_items;

Line 3307Line 3475
}

/**

}

/**

* Return a nicely formatted backtrace (parts from the php manual by diz at ysagoon dot com)






* Return a nicely formatted backtrace.
*
* Turns the array returned by debug_backtrace() into HTML markup.
* Also filters out absolute paths to phpBB root.
*
* @return string HTML markup

*/
function get_backtrace()
{

*/
function get_backtrace()
{

	global $phpbb_root_path;


 
	$output = '<div style="font-family: monospace;">';
$backtrace = debug_backtrace();

	$output = '<div style="font-family: monospace;">';
$backtrace = debug_backtrace();

	$path = phpbb_realpath($phpbb_root_path);

 




	foreach ($backtrace as $number => $trace)
{

 
		// We skip the first one, because it only shows this file/function

		// We skip the first one, because it only shows this file/function

		if ($number == 0)



	unset($backtrace[0]);

foreach ($backtrace as $trace)

		{

		{

			continue;
}


 
		// Strip the current directory from path

		// Strip the current directory from path

		if (empty($trace['file']))
{
$trace['file'] = '';
}
else
{
$trace['file'] = str_replace(array($path, '\\'), array('', '/'), $trace['file']);
$trace['file'] = substr($trace['file'], 1);
}
$args = array();

		$trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));
$trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];













		// If include/require/include_once is not called, do not show arguments - they may contain sensible information
if (!in_array($trace['function'], array('include', 'require', 'include_once')))



		// Only show function arguments for include etc.
// Other parameters may contain sensible information
$argument = '';
if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once')))

		{

		{

			unset($trace['args']);
}
else
{
// Path...
if (!empty($trace['args'][0]))
{
$argument = htmlspecialchars($trace['args'][0]);
$argument = str_replace(array($path, '\\'), array('', '/'), $argument);
$argument = substr($argument, 1);
$args[] = "'{$argument}'";
}

			$argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));












		}

$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
$trace['type'] = (!isset($trace['type'])) ? '' : $trace['type'];

$output .= '<br />';

		}

$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
$trace['type'] = (!isset($trace['type'])) ? '' : $trace['type'];

$output .= '<br />';

		$output .= '<b>FILE:</b> ' . htmlspecialchars($trace['file']) . '<br />';

		$output .= '<b>FILE:</b> ' . $trace['file'] . '<br />';

		$output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';


		$output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';


		$output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']) . '(' . ((sizeof($args)) ? implode(', ', $args) : '') . ')<br />';


		$output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);
$output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />';

	}
$output .= '</div>';
return $output;

	}
$output .= '</div>';
return $output;

Line 3379Line 3530
		case 'email':
// Regex written by James Watts and Francisco Jose Martin Moreno
// http://fightingforalostcause.net/misc/2006/compare-email-regex.php

		case 'email':
// Regex written by James Watts and Francisco Jose Martin Moreno
// http://fightingforalostcause.net/misc/2006/compare-email-regex.php

			return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';

			return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&amp;)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';

		break;

case 'bbcode_htm':

		break;

case 'bbcode_htm':

Line 3422Line 3573
		case 'relative_url_inline':
$inline = ($mode == 'relative_url') ? ')' : '';
return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";

		case 'relative_url_inline':
$inline = ($mode == 'relative_url') ? ')' : '';
return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";

 
		break;

case 'table_prefix':
return '#^[a-zA-Z][a-zA-Z0-9_]*$#';

		break;
}

return '';

		break;
}

return '';

 
}

/**
* Generate regexp for naughty words censoring
* Depends on whether installed PHP version supports unicode properties
*
* @param string $word word template to be replaced
* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode
*
* @return string $preg_expr regex to use with word censor
*/
function get_censor_preg_expression($word, $use_unicode = true)
{
static $unicode_support = null;

// Check whether PHP version supports unicode properties
if (is_null($unicode_support))
{
$unicode_support = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false;
}

// Unescape the asterisk to simplify further conversions
$word = str_replace('\*', '*', preg_quote($word, '#'));

if ($use_unicode && $unicode_support)
{
// Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes
$word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word);

// Generate the final substitution
$preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu';
}
else
{
// Replace the asterisk inside the pattern, at the start and at the end of it with regexes
$word = preg_replace(array('#(?<=\S)\*+(?=\S)#iu', '#^\*+#', '#\*+$#'), array('(\x20*?\S*?)', '\S*?', '\S*?'), $word);

// Generate the final substitution
$preg_expr = '#(?<!\S)(' . $word . ')(?!\S)#iu';
}

return $preg_expr;

}

/**

}

/**

Line 3613Line 3810
					{
return true;
}

					{
return true;
}

 
				break;


default:


default:

				case 'A':

 
				case 'AAAA':

				case 'AAAA':

 
					// AAAA records returned by nslookup on Windows XP/2003 have this format.
// Later Windows versions use the A record format below for AAAA records.
if (stripos($line, "$host AAAA IPv6 address") === 0)
{
return true;
}
// No break

case 'A':

					if (!empty($host_matches))
{
// Second line

					if (!empty($host_matches))
{
// Second line

Line 3685Line 3891

if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
{


if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
{

				// flush the content, else we get a white page if output buffering is on
if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on')
{
@ob_flush();
}

// Another quick fix for those having gzip compression enabled, but do not flush if the coder wants to catch "something". ;)
if (!empty($config['gzip_compress']))
{
if (@extension_loaded('zlib') && !headers_sent() && !ob_get_level())
{
@ob_flush();
}
}

// remove complete path to installation, with the risk of changing backslashes meant to be there
$errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile);
$msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text);
echo '<b>[phpBB Debug] PHP Notice</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";

				$errfile = phpbb_filter_root_path($errfile);
$msg_text = phpbb_filter_root_path($msg_text);
$error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice';
echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";

















// we are writing an image - the user won't see the debug, so let's place it in the log
if (defined('IMAGE_OUTPUT') || defined('IN_CRON'))


// we are writing an image - the user won't see the debug, so let's place it in the log
if (defined('IMAGE_OUTPUT') || defined('IN_CRON'))

Line 3742Line 3933
				{
$l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
}

				{
$l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
}

 
			}

$log_text = $msg_text;
$backtrace = get_backtrace();
if ($backtrace)
{
$log_text .= '<br /><br />BACKTRACE<br />' . $backtrace;
}

if (defined('IN_INSTALL') || defined('DEBUG_EXTRA') || isset($auth) && $auth->acl_get('a_'))
{
$msg_text = $log_text;

			}

if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db))
{
// let's avoid loops
$db->sql_return_on_error(true);

			}

if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db))
{
// let's avoid loops
$db->sql_return_on_error(true);

				add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $msg_text);

				add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text);

				$db->sql_return_on_error(false);
}


				$db->sql_return_on_error(false);
}


Line 3792Line 3995
			echo '	</div>';
echo ' </div>';
echo ' <div id="page-footer">';

			echo '	</div>';
echo ' </div>';
echo ' <div id="page-footer">';

			echo '		Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>';

			echo '		Powered by <a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';

			echo '	</div>';
echo '</div>';
echo '</body>';

			echo '	</div>';
echo '</div>';
echo '</body>';

Line 3877Line 4080
	// If we notice an error not handled here we pass this back to PHP by returning false
// This may not work for all php versions
return false;

	// If we notice an error not handled here we pass this back to PHP by returning false
// This may not work for all php versions
return false;

 
}

/**
* Removes absolute path to phpBB root directory from error messages
* and converts backslashes to forward slashes.
*
* @param string $errfile Absolute file path
* (e.g. /var/www/phpbb3/phpBB/includes/functions.php)
* Please note that if $errfile is outside of the phpBB root,
* the root path will not be found and can not be filtered.
* @return string Relative file path
* (e.g. /includes/functions.php)
*/
function phpbb_filter_root_path($errfile)
{
static $root_path;

if (empty($root_path))
{
$root_path = phpbb_realpath(dirname(__FILE__) . '/../');
}

return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);

}

/**

}

/**

Line 4143Line 4369
*
* @param array $param Parameter array, see $param_defaults array.
*

*
* @param array $param Parameter array, see $param_defaults array.
*

* @return void

* @return null

*/
function phpbb_http_login($param)
{

*/
function phpbb_http_login($param)
{

Line 4246Line 4472
*/
function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
{

*/
function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
{

	global $db, $config, $template, $SID, $_SID, $user, $auth, $phpEx, $phpbb_root_path;

	global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;


if (defined('HEADER_INC'))
{


if (defined('HEADER_INC'))
{

Line 4258Line 4484
	// gzip_compression
if ($config['gzip_compress'])
{

	// gzip_compression
if ($config['gzip_compress'])
{

		if (@extension_loaded('zlib') && !headers_sent())















		// to avoid partially compressed output resulting in blank pages in
// the browser or error messages, compression is disabled in a few cases:
//
// 1) if headers have already been sent, this indicates plaintext output
// has been started so further content must not be compressed
// 2) the length of the current output buffer is non-zero. This means
// there is already some uncompressed content in this output buffer
// so further output must not be compressed
// 3) if more than one level of output buffering is used because we
// cannot test all output buffer level content lengths. One level
// could be caused by php.ini output_buffering. Anything
// beyond that is manual, so the code wrapping phpBB in output buffering
// can easily compress the output itself.
//
if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0)

		{
ob_start('ob_gzhandler');
}

		{
ob_start('ob_gzhandler');
}

Line 4377Line 4617
	if (strpos($user_lang, '-x-') !== false)
{
$user_lang = substr($user_lang, 0, strpos($user_lang, '-x-'));

	if (strpos($user_lang, '-x-') !== false)
{
$user_lang = substr($user_lang, 0, strpos($user_lang, '-x-'));

 
	}

$s_search_hidden_fields = array();
if ($_SID)
{
$s_search_hidden_fields['sid'] = $_SID;
}

if (!empty($_EXTRA_URL))
{
foreach ($_EXTRA_URL as $url_param)
{
$url_param = explode('=', $url_param, 2);
$s_search_hidden_fields[$url_param[0]] = $url_param[1];
}

	}

// The following assigns all _common_ variables that may be used at any point in a template.

	}

// The following assigns all _common_ variables that may be used at any point in a template.

Line 4468Line 4723

'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,



'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,


		'T_THEME_PATH'			=> "{$web_path}styles/" . $user->theme['theme_path'] . '/theme',
'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template',
'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template',
'T_IMAGESET_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset',
'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->data['user_lang'],



		'S_SEARCH_HIDDEN_FIELDS'	=> build_hidden_fields($s_search_hidden_fields),

'T_THEME_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme',
'T_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . rawurlencode($user->theme['template_inherit_path']) . '/template' : "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
'T_IMAGESET_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset',
'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset/' . $user->lang_name,

		'T_IMAGES_PATH'			=> "{$web_path}images/",
'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/",
'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/",

		'T_IMAGES_PATH'			=> "{$web_path}images/",
'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/",
'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/",

Line 4480Line 4737
		'T_ICONS_PATH'			=> "{$web_path}{$config['icons_path']}/",
'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/",
'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/",

		'T_ICONS_PATH'			=> "{$web_path}{$config['icons_path']}/",
'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/",
'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/",

		'T_STYLESHEET_LINK'		=> (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->data['user_lang']),

		'T_STYLESHEET_LINK'		=> (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&amp;lang=' . $user->lang_name),

		'T_STYLESHEET_NAME'		=> $user->theme['theme_name'],


		'T_STYLESHEET_NAME'		=> $user->theme['theme_name'],


		'T_THEME_NAME'			=> $user->theme['theme_path'],
'T_TEMPLATE_NAME' => $user->theme['template_path'],
'T_SUPER_TEMPLATE_NAME' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path'],
'T_IMAGESET_NAME' => $user->theme['imageset_path'],

		'T_THEME_NAME'			=> rawurlencode($user->theme['theme_path']),
'T_TEMPLATE_NAME' => rawurlencode($user->theme['template_path']),
'T_SUPER_TEMPLATE_NAME' => rawurlencode((isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path']),
'T_IMAGESET_NAME' => rawurlencode($user->theme['imageset_path']),

		'T_IMAGESET_LANG_NAME'	=> $user->data['user_lang'],
'T_IMAGES' => 'images',
'T_SMILIES' => $config['smilies_path'],

		'T_IMAGESET_LANG_NAME'	=> $user->data['user_lang'],
'T_IMAGES' => 'images',
'T_SMILIES' => $config['smilies_path'],

Line 4507Line 4764
	header('Cache-Control: private, no-cache="set-cookie"');
header('Expires: 0');
header('Pragma: no-cache');

	header('Cache-Control: private, no-cache="set-cookie"');
header('Expires: 0');
header('Pragma: no-cache');

 

if (!empty($user->data['is_bot']))
{
// Let reverse proxies know we detected a bot.
header('X-PHPBB-IS-BOT: yes');
}


return;
}


return;
}

Line 4552Line 4815
	$template->assign_vars(array(
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',

	$template->assign_vars(array(
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',

 
		'CREDIT_LINE'			=> $user->lang('POWERED_BY', '<a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),


'U_ACP' => ($auth->acl_get('a_') && !empty($user->data['is_registered'])) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '')
);

// Call cron-type script
$call_cron = false;


'U_ACP' => ($auth->acl_get('a_') && !empty($user->data['is_registered'])) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '')
);

// Call cron-type script
$call_cron = false;

	if (!defined('IN_CRON') && $run_cron && !$config['board_disable'])

	if (!defined('IN_CRON') && $run_cron && !$config['board_disable'] && !$user->data['is_bot'])

	{
$call_cron = true;
$time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time();

	{
$call_cron = true;
$time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time();

Line 4662Line 4926
	}

// As a pre-caution... some setups display a blank page if the flush() is not there.

	}

// As a pre-caution... some setups display a blank page if the flush() is not there.

	(empty($config['gzip_compress'])) ? @flush() : @ob_flush();

	(ob_get_level() > 0) ? @ob_flush() : @flush();


exit;
}


exit;
}