* @param string $mode The mode defines which log_type is used and from which log the entry is retrieved * @param int $forum_id Mode 'mod' ONLY: forum id of the related item, NOT INCLUDED otherwise * @param int $topic_id Mode 'mod' ONLY: topic id of the related item, NOT INCLUDED otherwise * @param int $reportee_id Mode 'user' ONLY: user id of the reportee, NOT INCLUDED otherwise * @param string $log_operation Name of the operation * @param array $additional_data More arguments can be added, depending on the log_type
| * string $mode The mode defines which log_type is used and from which log the entry is retrieved * int $forum_id Mode 'mod' ONLY: forum id of the related item, NOT INCLUDED otherwise * int $topic_id Mode 'mod' ONLY: topic id of the related item, NOT INCLUDED otherwise * int $reportee_id Mode 'user' ONLY: user id of the reportee, NOT INCLUDED otherwise * string $log_operation Name of the operation * array $additional_data More arguments can be added, depending on the log_type
|
| }
/** * Load the autoloaders added by the extensions. * * @param string $phpbb_root_path Path to the phpbb root directory. */ function phpbb_load_extensions_autoloaders($phpbb_root_path) { $iterator = new \RecursiveIteratorIterator( new \phpbb\recursive_dot_prefix_filter_iterator( new \RecursiveDirectoryIterator( $phpbb_root_path . 'ext/', \FilesystemIterator::SKIP_DOTS | \FilesystemIterator::FOLLOW_SYMLINKS ) ), \RecursiveIteratorIterator::SELF_FIRST ); $iterator->setMaxDepth(2);
foreach ($iterator as $file_info) { if ($file_info->getFilename() === 'vendor' && $iterator->getDepth() === 2) { $filename = $file_info->getRealPath() . '/autoload.php'; if (file_exists($filename)) { require $filename; } } } }
/** * Login using http authenticate. * * @param array $param Parameter array, see $param_defaults array. * * @return null * * @deprecated 3.2.10 (To be removed 4.0.0) */ function phpbb_http_login($param) { global $auth, $user, $request; global $config;
$param_defaults = array( 'auth_message' => '',
'autologin' => false, 'viewonline' => true, 'admin' => false, );
// Overwrite default values with passed values $param = array_merge($param_defaults, $param);
// User is already logged in // We will not overwrite his session if (!empty($user->data['is_registered'])) { return; }
// $_SERVER keys to check $username_keys = array( 'PHP_AUTH_USER', 'Authorization', 'REMOTE_USER', 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION', 'REDIRECT_HTTP_AUTHORIZATION', 'REMOTE_AUTHORIZATION', 'REDIRECT_REMOTE_AUTHORIZATION', 'AUTH_USER', );
$password_keys = array( 'PHP_AUTH_PW', 'REMOTE_PASSWORD', 'AUTH_PASSWORD', );
$username = null; foreach ($username_keys as $k) { if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) { $username = html_entity_decode($request->server($k), ENT_COMPAT); break; } }
$password = null; foreach ($password_keys as $k) { if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) { $password = html_entity_decode($request->server($k), ENT_COMPAT); break; } }
// Decode encoded information (IIS, CGI, FastCGI etc.) if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0) { list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2); }
if (!is_null($username) && !is_null($password)) { set_var($username, $username, 'string', true); set_var($password, $password, 'string', true);
$auth_result = $auth->login($username, $password, $param['autologin'], $param['viewonline'], $param['admin']);
if ($auth_result['status'] == LOGIN_SUCCESS) { return; } else if ($auth_result['status'] == LOGIN_ERROR_ATTEMPTS) { send_status_line(401, 'Unauthorized');
trigger_error('NOT_AUTHORISED'); } }
// Prepend sitename to auth_message $param['auth_message'] = ($param['auth_message'] === '') ? $config['sitename'] : $config['sitename'] . ' - ' . $param['auth_message'];
// We should probably filter out non-ASCII characters - RFC2616 $param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']);
header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"'); send_status_line(401, 'Unauthorized');
trigger_error('NOT_AUTHORISED'); }
/** * Converts query string (GET) parameters in request into hidden fields. * * Useful for forwarding GET parameters when submitting forms with GET method. * * It is possible to omit some of the GET parameters, which is useful if * they are specified in the form being submitted. * * sid is always omitted. * * @param \phpbb\request\request $request Request object * @param array $exclude A list of variable names that should not be forwarded * @return string HTML with hidden fields * * @deprecated 3.2.10 (To be removed 4.0.0) */ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) { $names = $request->variable_names(\phpbb\request\request_interface::GET); $hidden = ''; foreach ($names as $name) { // Sessions are dealt with elsewhere, omit sid always if ($name == 'sid') { continue; }
// Omit any additional parameters requested if (!empty($exclude) && in_array($name, $exclude)) { continue; }
$escaped_name = phpbb_quoteattr($name);
// Note: we might retrieve the variable from POST or cookies // here. To avoid exposing cookies, skip variables that are // overwritten somewhere other than GET entirely. $value = $request->variable($name, '', true); $get_value = $request->variable($name, '', true, \phpbb\request\request_interface::GET); if ($value === $get_value) { $escaped_value = phpbb_quoteattr($value); $hidden .= "<input type='hidden' name=$escaped_name value=$escaped_value />"; } } return $hidden; }
/** * Delete all PM(s) for a given user and delete the ones without references * * @param int $user_id ID of the user whose private messages we want to delete * * @return boolean False if there were no pms found, true otherwise. * * @deprecated 3.2.10 (To be removed 4.0.0) */ function phpbb_delete_user_pms($user_id) { $user_id = (int) $user_id;
if (!$user_id) { return false; }
return phpbb_delete_users_pms(array($user_id));
|