Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
33.66% |
586 / 1741 |
|
30.51% |
18 / 59 |
CRAP | n/a |
0 / 0 |
|
gen_rand_string | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
2 | |||
gen_rand_string_friendly | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
2 | |||
unique_id | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
phpbb_mt_rand | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
2 | |||
phpbb_gmgetdate | |
66.67% |
2 / 3 |
|
0.00% |
0 / 1 |
2.15 | |||
get_formatted_filesize | |
98.00% |
49 / 50 |
|
0.00% |
0 / 1 |
10 | |||
still_on_time | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
42 | |||
phpbb_version_compare | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
2 | |||
phpbb_language_select | |
100.00% |
15 / 15 |
|
100.00% |
1 / 1 |
3 | |||
style_select | |
100.00% |
18 / 18 |
|
100.00% |
1 / 1 |
4 | |||
phpbb_format_timezone_offset | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
20 | |||
phpbb_tz_select_compare | |
0.00% |
0 / 19 |
|
0.00% |
0 / 1 |
132 | |||
phpbb_get_timezone_identifiers | |
0.00% |
0 / 6 |
|
0.00% |
0 / 1 |
12 | |||
phpbb_timezone_select | |
0.00% |
0 / 45 |
|
0.00% |
0 / 1 |
90 | |||
markread | |
44.34% |
94 / 212 |
|
0.00% |
0 / 1 |
556.84 | |||
get_topic_tracking | |
0.00% |
0 / 16 |
|
0.00% |
0 / 1 |
90 | |||
get_complete_topic_tracking | |
0.00% |
0 / 49 |
|
0.00% |
0 / 1 |
506 | |||
get_unread_topics | |
0.00% |
0 / 68 |
|
0.00% |
0 / 1 |
380 | |||
update_forum_tracking_info | |
61.70% |
29 / 47 |
|
0.00% |
0 / 1 |
42.47 | |||
tracking_serialize | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
3 | |||
tracking_unserialize | |
81.82% |
54 / 66 |
|
0.00% |
0 / 1 |
24.91 | |||
append_sid | |
95.45% |
42 / 44 |
|
0.00% |
0 / 1 |
33 | |||
generate_board_url | |
87.50% |
21 / 24 |
|
0.00% |
0 / 1 |
17.56 | |||
redirect | |
78.38% |
29 / 37 |
|
0.00% |
0 / 1 |
25.46 | |||
phpbb_get_install_redirect | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
5 | |||
reapply_sid | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
20 | |||
build_url | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
2 | |||
meta_refresh | |
0.00% |
0 / 12 |
|
0.00% |
0 / 1 |
6 | |||
send_status_line | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
6 | |||
phpbb_request_http_version | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
56 | |||
generate_link_hash | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
6 | |||
check_link_hash | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
add_form_key | |
0.00% |
0 / 14 |
|
0.00% |
0 / 1 |
2 | |||
check_form_key | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
confirm_box | |
0.00% |
0 / 75 |
|
0.00% |
0 / 1 |
650 | |||
login_box | |
0.00% |
0 / 126 |
|
0.00% |
0 / 1 |
2352 | |||
login_forum_box | |
0.00% |
0 / 49 |
|
0.00% |
0 / 1 |
42 | |||
_build_hidden_fields | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
56 | |||
build_hidden_fields | |
0.00% |
0 / 6 |
|
0.00% |
0 / 1 |
20 | |||
get_backtrace | |
0.00% |
0 / 18 |
|
0.00% |
0 / 1 |
110 | |||
get_preg_expression | |
97.30% |
36 / 37 |
|
0.00% |
0 / 1 |
15 | |||
get_censor_preg_expression | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
1 | |||
short_ipv6 | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
8 | |||
phpbb_ip_normalise | |
100.00% |
8 / 8 |
|
100.00% |
1 / 1 |
4 | |||
msg_handler | |
0.00% |
0 / 127 |
|
0.00% |
0 / 1 |
3906 | |||
phpbb_filter_root_path | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
obtain_guest_count | |
76.19% |
16 / 21 |
|
0.00% |
0 / 1 |
3.12 | |||
obtain_users_online | |
100.00% |
31 / 31 |
|
100.00% |
1 / 1 |
6 | |||
obtain_users_online_string | |
100.00% |
59 / 59 |
|
100.00% |
1 / 1 |
13 | |||
phpbb_optionget | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
2 | |||
phpbb_optionset | |
80.00% |
4 / 5 |
|
0.00% |
0 / 1 |
5.20 | |||
phpbb_quoteattr | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
4 | |||
page_header | |
0.00% |
0 / 238 |
|
0.00% |
0 / 1 |
7482 | |||
phpbb_generate_debug_output | |
0.00% |
0 / 23 |
|
0.00% |
0 / 1 |
132 | |||
page_footer | |
0.00% |
0 / 15 |
|
0.00% |
0 / 1 |
20 | |||
garbage_collection | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
20 | |||
exit_handler | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
12 | |||
phpbb_get_board_contact | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
phpbb_get_board_contact_link | |
66.67% |
2 / 3 |
|
0.00% |
0 / 1 |
3.33 |
1 | <?php |
2 | /** |
3 | * |
4 | * This file is part of the phpBB Forum Software package. |
5 | * |
6 | * @copyright (c) phpBB Limited <https://www.phpbb.com> |
7 | * @license GNU General Public License, version 2 (GPL-2.0) |
8 | * |
9 | * For full copyright and license information, please see |
10 | * the docs/CREDITS.txt file. |
11 | * |
12 | */ |
13 | |
14 | /** |
15 | * @ignore |
16 | */ |
17 | if (!defined('IN_PHPBB')) |
18 | { |
19 | exit; |
20 | } |
21 | |
22 | // Common global functions |
23 | /** |
24 | * Generates an alphanumeric random string of given length |
25 | * |
26 | * @param int $num_chars Length of random string, defaults to 8. |
27 | * This number should be less or equal than 64. |
28 | * |
29 | * @return string |
30 | */ |
31 | function gen_rand_string($num_chars = 8) |
32 | { |
33 | $range = array_merge(range('A', 'Z'), range(0, 9)); |
34 | $size = count($range); |
35 | |
36 | $output = ''; |
37 | for ($i = 0; $i < $num_chars; $i++) |
38 | { |
39 | $rand = random_int(0, $size - 1); |
40 | $output .= $range[$rand]; |
41 | } |
42 | |
43 | return $output; |
44 | } |
45 | |
46 | /** |
47 | * Generates a user-friendly alphanumeric random string of given length |
48 | * We remove 0 and O so users cannot confuse those in passwords etc. |
49 | * |
50 | * @param int $num_chars Length of random string, defaults to 8. |
51 | * This number should be less or equal than 64. |
52 | * |
53 | * @return string |
54 | */ |
55 | function gen_rand_string_friendly($num_chars = 8) |
56 | { |
57 | $range = array_merge(range('A', 'N'), range('P', 'Z'), range(1, 9)); |
58 | $size = count($range); |
59 | |
60 | $output = ''; |
61 | for ($i = 0; $i < $num_chars; $i++) |
62 | { |
63 | $rand = random_int(0, $size-1); |
64 | $output .= $range[$rand]; |
65 | } |
66 | |
67 | return $output; |
68 | } |
69 | |
70 | /** |
71 | * Return unique id |
72 | */ |
73 | function unique_id() |
74 | { |
75 | return strtolower(gen_rand_string(16)); |
76 | } |
77 | |
78 | /** |
79 | * Wrapper for mt_rand() which allows swapping $min and $max parameters. |
80 | * |
81 | * PHP does not allow us to swap the order of the arguments for mt_rand() anymore. |
82 | * (since PHP 5.3.4, see http://bugs.php.net/46587) |
83 | * |
84 | * @param int $min Lowest value to be returned |
85 | * @param int $max Highest value to be returned |
86 | * |
87 | * @return int Random integer between $min and $max (or $max and $min) |
88 | */ |
89 | function phpbb_mt_rand($min, $max) |
90 | { |
91 | return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max); |
92 | } |
93 | |
94 | /** |
95 | * Wrapper for getdate() which returns the equivalent array for UTC timestamps. |
96 | * |
97 | * @param int $time Unix timestamp (optional) |
98 | * |
99 | * @return array Returns an associative array of information related to the timestamp. |
100 | * See http://www.php.net/manual/en/function.getdate.php |
101 | */ |
102 | function phpbb_gmgetdate($time = false) |
103 | { |
104 | if ($time === false) |
105 | { |
106 | $time = time(); |
107 | } |
108 | |
109 | // getdate() interprets timestamps in local time. |
110 | // What follows uses the fact that getdate() and |
111 | // date('Z') balance each other out. |
112 | return getdate($time - date('Z')); |
113 | } |
114 | |
115 | /** |
116 | * Return formatted string for filesizes |
117 | * |
118 | * @param mixed $value filesize in bytes |
119 | * (non-negative number; int, float or string) |
120 | * @param bool $string_only true if language string should be returned |
121 | * @param array|null $allowed_units only allow these units (data array indexes) |
122 | * |
123 | * @return array|string data array if $string_only is false |
124 | */ |
125 | function get_formatted_filesize($value, bool $string_only = true, array $allowed_units = null) |
126 | { |
127 | global $user; |
128 | |
129 | $available_units = array( |
130 | 'tb' => array( |
131 | 'min' => 1099511627776, // pow(2, 40) |
132 | 'index' => 4, |
133 | 'si_unit' => 'TB', |
134 | 'iec_unit' => 'TIB', |
135 | ), |
136 | 'gb' => array( |
137 | 'min' => 1073741824, // pow(2, 30) |
138 | 'index' => 3, |
139 | 'si_unit' => 'GB', |
140 | 'iec_unit' => 'GIB', |
141 | ), |
142 | 'mb' => array( |
143 | 'min' => 1048576, // pow(2, 20) |
144 | 'index' => 2, |
145 | 'si_unit' => 'MB', |
146 | 'iec_unit' => 'MIB', |
147 | ), |
148 | 'kb' => array( |
149 | 'min' => 1024, // pow(2, 10) |
150 | 'index' => 1, |
151 | 'si_unit' => 'KB', |
152 | 'iec_unit' => 'KIB', |
153 | ), |
154 | 'b' => array( |
155 | 'min' => 0, |
156 | 'index' => 0, |
157 | 'si_unit' => 'BYTES', // Language index |
158 | 'iec_unit' => 'BYTES', // Language index |
159 | ), |
160 | ); |
161 | |
162 | foreach ($available_units as $si_identifier => $unit_info) |
163 | { |
164 | if (is_array($allowed_units) && $si_identifier != 'b' && !in_array($si_identifier, $allowed_units)) |
165 | { |
166 | continue; |
167 | } |
168 | |
169 | if ($value >= $unit_info['min']) |
170 | { |
171 | $unit_info['si_identifier'] = $si_identifier; |
172 | |
173 | break; |
174 | } |
175 | } |
176 | unset($available_units); |
177 | |
178 | for ($i = 0; $i < $unit_info['index']; $i++) |
179 | { |
180 | $value /= 1024; |
181 | } |
182 | $value = round($value, 2); |
183 | |
184 | // Lookup units in language dictionary |
185 | $unit_info['si_unit'] = (isset($user->lang[$unit_info['si_unit']])) ? $user->lang[$unit_info['si_unit']] : $unit_info['si_unit']; |
186 | $unit_info['iec_unit'] = (isset($user->lang[$unit_info['iec_unit']])) ? $user->lang[$unit_info['iec_unit']] : $unit_info['iec_unit']; |
187 | |
188 | // Default to IEC |
189 | $unit_info['unit'] = $unit_info['iec_unit']; |
190 | |
191 | if (!$string_only) |
192 | { |
193 | $unit_info['value'] = $value; |
194 | |
195 | return $unit_info; |
196 | } |
197 | |
198 | return $value . ' ' . $unit_info['unit']; |
199 | } |
200 | |
201 | /** |
202 | * Determine whether we are approaching the maximum execution time. Should be called once |
203 | * at the beginning of the script in which it's used. |
204 | * @return bool Either true if the maximum execution time is nearly reached, or false |
205 | * if some time is still left. |
206 | */ |
207 | function still_on_time($extra_time = 15) |
208 | { |
209 | static $max_execution_time, $start_time; |
210 | |
211 | $current_time = microtime(true); |
212 | |
213 | if (empty($max_execution_time)) |
214 | { |
215 | $max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time'); |
216 | |
217 | // If zero, then set to something higher to not let the user catch the ten seconds barrier. |
218 | if ($max_execution_time === 0) |
219 | { |
220 | $max_execution_time = 50 + $extra_time; |
221 | } |
222 | |
223 | $max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50); |
224 | |
225 | // For debugging purposes |
226 | // $max_execution_time = 10; |
227 | |
228 | global $starttime; |
229 | $start_time = (empty($starttime)) ? $current_time : $starttime; |
230 | } |
231 | |
232 | return (ceil($current_time - $start_time) < $max_execution_time) ? true : false; |
233 | } |
234 | |
235 | /** |
236 | * Wrapper for version_compare() that allows using uppercase A and B |
237 | * for alpha and beta releases. |
238 | * |
239 | * See http://www.php.net/manual/en/function.version-compare.php |
240 | * |
241 | * @param string $version1 First version number |
242 | * @param string $version2 Second version number |
243 | * @param string|null $operator Comparison operator (optional) |
244 | * |
245 | * @return mixed Boolean (true, false) if comparison operator is specified. |
246 | * Integer (-1, 0, 1) otherwise. |
247 | */ |
248 | function phpbb_version_compare(string $version1, string $version2, string $operator = null) |
249 | { |
250 | $version1 = strtolower($version1); |
251 | $version2 = strtolower($version2); |
252 | |
253 | if (is_null($operator)) |
254 | { |
255 | return version_compare($version1, $version2); |
256 | } |
257 | else |
258 | { |
259 | return version_compare($version1, $version2, $operator); |
260 | } |
261 | } |
262 | |
263 | // functions used for building option fields |
264 | |
265 | /** |
266 | * Pick a language, any language ... |
267 | * |
268 | * @param \phpbb\db\driver\driver_interface $db DBAL driver |
269 | * @param string $default Language ISO code to be selected by default in the dropdown list |
270 | * @param array $langdata Language data in format of array(array('lang_iso' => string, lang_local_name => string), ...) |
271 | */ |
272 | function phpbb_language_select(\phpbb\db\driver\driver_interface $db, string $default = '', array $langdata = []): array |
273 | { |
274 | if (empty($langdata)) |
275 | { |
276 | $sql = 'SELECT lang_iso, lang_local_name |
277 | FROM ' . LANG_TABLE . ' |
278 | ORDER BY lang_english_name'; |
279 | $result = $db->sql_query($sql); |
280 | $langdata = (array) $db->sql_fetchrowset($result); |
281 | $db->sql_freeresult($result); |
282 | } |
283 | |
284 | $lang_options = []; |
285 | foreach ($langdata as $row) |
286 | { |
287 | $lang_options[] = [ |
288 | 'value' => $row['lang_iso'], |
289 | 'label' => $row['lang_local_name'], |
290 | 'selected' => $row['lang_iso'] === $default, |
291 | ]; |
292 | } |
293 | |
294 | return $lang_options; |
295 | } |
296 | |
297 | /** |
298 | * Pick a template/theme combo |
299 | * |
300 | * @param string $default Style ID to be selected by default in the dropdown list |
301 | * @param bool $all Flag indicating if all styles data including inactive ones should be fetched |
302 | * @param array $styledata Style data in format of array(array('style_id' => int, style_name => string), ...) |
303 | * |
304 | * @return string HTML options for style selection dropdown list. |
305 | */ |
306 | function style_select($default = '', $all = false, array $styledata = []) |
307 | { |
308 | global $db; |
309 | |
310 | if (empty($styledata)) |
311 | { |
312 | $sql_where = (!$all) ? 'WHERE style_active = 1 ' : ''; |
313 | $sql = 'SELECT style_id, style_name |
314 | FROM ' . STYLES_TABLE . " |
315 | $sql_where |
316 | ORDER BY style_name"; |
317 | $result = $db->sql_query($sql); |
318 | $styledata = (array) $db->sql_fetchrowset($result); |
319 | $db->sql_freeresult($result); |
320 | } |
321 | |
322 | $style_options = []; |
323 | foreach ($styledata as $row) |
324 | { |
325 | $style_options[] = [ |
326 | 'value' => $row['style_id'], |
327 | 'selected' => $row['style_id'] == $default, |
328 | 'label' => $row['style_name'], |
329 | ]; |
330 | } |
331 | |
332 | return $style_options; |
333 | } |
334 | |
335 | /** |
336 | * Format the timezone offset with hours and minutes |
337 | * |
338 | * @param int $tz_offset Timezone offset in seconds |
339 | * @param bool $show_null Whether null offsets should be shown |
340 | * @return string Normalized offset string: -7200 => -02:00 |
341 | * 16200 => +04:30 |
342 | */ |
343 | function phpbb_format_timezone_offset($tz_offset, $show_null = false) |
344 | { |
345 | $sign = ($tz_offset < 0) ? '-' : '+'; |
346 | $time_offset = abs($tz_offset); |
347 | |
348 | if ($time_offset == 0 && $show_null == false) |
349 | { |
350 | return ''; |
351 | } |
352 | |
353 | $offset_seconds = $time_offset % 3600; |
354 | $offset_minutes = $offset_seconds / 60; |
355 | $offset_hours = ($time_offset - $offset_seconds) / 3600; |
356 | |
357 | $offset_string = sprintf("%s%02d:%02d", $sign, $offset_hours, $offset_minutes); |
358 | return $offset_string; |
359 | } |
360 | |
361 | /** |
362 | * Compares two time zone labels. |
363 | * Arranges them in increasing order by timezone offset. |
364 | * Places UTC before other timezones in the same offset. |
365 | */ |
366 | function phpbb_tz_select_compare($a, $b) |
367 | { |
368 | $a_sign = $a[3]; |
369 | $b_sign = $b[3]; |
370 | if ($a_sign != $b_sign) |
371 | { |
372 | return $a_sign == '-' ? -1 : 1; |
373 | } |
374 | |
375 | $a_offset = substr($a, 4, 5); |
376 | $b_offset = substr($b, 4, 5); |
377 | if ($a_offset == $b_offset) |
378 | { |
379 | $a_name = substr($a, 12); |
380 | $b_name = substr($b, 12); |
381 | if ($a_name == $b_name) |
382 | { |
383 | return 0; |
384 | } |
385 | else if ($a_name == 'UTC') |
386 | { |
387 | return -1; |
388 | } |
389 | else if ($b_name == 'UTC') |
390 | { |
391 | return 1; |
392 | } |
393 | else |
394 | { |
395 | return $a_name < $b_name ? -1 : 1; |
396 | } |
397 | } |
398 | else |
399 | { |
400 | if ($a_sign == '-') |
401 | { |
402 | return $a_offset > $b_offset ? -1 : 1; |
403 | } |
404 | else |
405 | { |
406 | return $a_offset < $b_offset ? -1 : 1; |
407 | } |
408 | } |
409 | } |
410 | |
411 | /** |
412 | * Return list of timezone identifiers |
413 | * We also add the selected timezone if we can create an object with it. |
414 | * DateTimeZone::listIdentifiers seems to not add all identifiers to the list, |
415 | * because some are only kept for backward compatible reasons. If the user has |
416 | * a deprecated value, we add it here, so it can still be kept. Once the user |
417 | * changed his value, there is no way back to deprecated values. |
418 | * |
419 | * @param string $selected_timezone Additional timezone that shall |
420 | * be added to the list of identiers |
421 | * @return array DateTimeZone::listIdentifiers and additional |
422 | * selected_timezone if it is a valid timezone. |
423 | */ |
424 | function phpbb_get_timezone_identifiers($selected_timezone) |
425 | { |
426 | $timezones = DateTimeZone::listIdentifiers(); |
427 | |
428 | if (!in_array($selected_timezone, $timezones)) |
429 | { |
430 | try |
431 | { |
432 | // Add valid timezones that are currently selected but not returned |
433 | // by DateTimeZone::listIdentifiers |
434 | $validate_timezone = new DateTimeZone($selected_timezone); |
435 | $timezones[] = $selected_timezone; |
436 | } |
437 | catch (\Exception $e) |
438 | { |
439 | } |
440 | } |
441 | |
442 | return $timezones; |
443 | } |
444 | |
445 | /** |
446 | * Options to pick a timezone and date/time |
447 | * |
448 | * @param \phpbb\user $user Object of the current user |
449 | * @param string $default A timezone to select |
450 | * @param boolean $truncate Shall we truncate the options text |
451 | * |
452 | * @return string Returns an array containing the options for the time selector. |
453 | */ |
454 | function phpbb_timezone_select($user, $default = '', $truncate = false) |
455 | { |
456 | static $timezones; |
457 | |
458 | $default_offset = ''; |
459 | if (!isset($timezones)) |
460 | { |
461 | $unsorted_timezones = phpbb_get_timezone_identifiers($default); |
462 | |
463 | $timezones = array(); |
464 | foreach ($unsorted_timezones as $timezone) |
465 | { |
466 | $tz = new DateTimeZone($timezone); |
467 | $dt = $user->create_datetime('now', $tz); |
468 | $offset = $dt->getOffset(); |
469 | $current_time = $dt->format($user->lang['DATETIME_FORMAT'], true); |
470 | $offset_string = phpbb_format_timezone_offset($offset, true); |
471 | $timezones['UTC' . $offset_string . ' - ' . $timezone] = array( |
472 | 'tz' => $timezone, |
473 | 'offset' => $offset_string, |
474 | 'current' => $current_time, |
475 | ); |
476 | if ($timezone === $default) |
477 | { |
478 | $default_offset = 'UTC' . $offset_string; |
479 | } |
480 | } |
481 | unset($unsorted_timezones); |
482 | |
483 | uksort($timezones, 'phpbb_tz_select_compare'); |
484 | } |
485 | |
486 | $opt_group = ''; |
487 | $tz_data = []; |
488 | |
489 | foreach ($timezones as $key => $timezone) |
490 | { |
491 | if ($opt_group != $timezone['offset']) |
492 | { |
493 | $tz_data[$timezone['offset']] = [ |
494 | 'label' => $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']), |
495 | 'value' => $key . ' - ' . $timezone['current'], |
496 | 'options' => [], |
497 | 'selected' => !empty($default_offset) && strpos($key, $default_offset) !== false, |
498 | 'data' => ['tz-value' => $key . ' - ' . $timezone['current']], |
499 | ]; |
500 | |
501 | $opt_group = $timezone['offset']; |
502 | } |
503 | |
504 | $label = $timezone['tz']; |
505 | if (isset($user->lang['timezones'][$label])) |
506 | { |
507 | $label = $user->lang['timezones'][$label]; |
508 | } |
509 | $title = $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $label); |
510 | |
511 | if ($truncate) |
512 | { |
513 | $label = truncate_string($label, 50, 255, false, '...'); |
514 | } |
515 | |
516 | $tz_data[$timezone['offset']]['options'][] = [ |
517 | 'TITLE' => $title, |
518 | 'value' => $timezone['tz'], |
519 | 'selected' => $timezone['tz'] === $default, |
520 | 'label' => $label, |
521 | ]; |
522 | } |
523 | |
524 | return $tz_data; |
525 | } |
526 | |
527 | // Functions handling topic/post tracking/marking |
528 | |
529 | /** |
530 | * Marks a topic/forum as read |
531 | * Marks a topic as posted to |
532 | * |
533 | * @param string $mode (all, topics, topic, post) |
534 | * @param int|bool $forum_id Used in all, topics, and topic mode |
535 | * @param int|bool $topic_id Used in topic and post mode |
536 | * @param int $post_time 0 means current time(), otherwise to set a specific mark time |
537 | * @param int $user_id can only be used with $mode == 'post' |
538 | */ |
539 | function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0) |
540 | { |
541 | global $db, $user, $config; |
542 | global $request, $phpbb_container, $phpbb_dispatcher; |
543 | |
544 | $post_time = ($post_time === 0 || $post_time > time()) ? time() : (int) $post_time; |
545 | |
546 | $should_markread = true; |
547 | |
548 | /** |
549 | * This event is used for performing actions directly before marking forums, |
550 | * topics or posts as read. |
551 | * |
552 | * It is also possible to prevent the marking. For that, the $should_markread parameter |
553 | * should be set to FALSE. |
554 | * |
555 | * @event core.markread_before |
556 | * @var string mode Variable containing marking mode value |
557 | * @var mixed forum_id Variable containing forum id, or false |
558 | * @var mixed topic_id Variable containing topic id, or false |
559 | * @var int post_time Variable containing post time |
560 | * @var int user_id Variable containing the user id |
561 | * @var bool should_markread Flag indicating if the markread should be done or not. |
562 | * @since 3.1.4-RC1 |
563 | */ |
564 | $vars = array( |
565 | 'mode', |
566 | 'forum_id', |
567 | 'topic_id', |
568 | 'post_time', |
569 | 'user_id', |
570 | 'should_markread', |
571 | ); |
572 | extract($phpbb_dispatcher->trigger_event('core.markread_before', compact($vars))); |
573 | |
574 | if (!$should_markread) |
575 | { |
576 | return; |
577 | } |
578 | |
579 | if ($mode == 'all') |
580 | { |
581 | if (empty($forum_id)) |
582 | { |
583 | // Mark all forums read (index page) |
584 | /* @var $phpbb_notifications \phpbb\notification\manager */ |
585 | $phpbb_notifications = $phpbb_container->get('notification_manager'); |
586 | |
587 | // Mark all topic notifications read for this user |
588 | $phpbb_notifications->mark_notifications(array( |
589 | 'notification.type.topic', |
590 | 'notification.type.mention', |
591 | 'notification.type.quote', |
592 | 'notification.type.bookmark', |
593 | 'notification.type.post', |
594 | 'notification.type.approve_topic', |
595 | 'notification.type.approve_post', |
596 | 'notification.type.forum', |
597 | ), false, $user->data['user_id'], $post_time); |
598 | |
599 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
600 | { |
601 | // Mark all forums read (index page) |
602 | $tables = array(TOPICS_TRACK_TABLE, FORUMS_TRACK_TABLE); |
603 | foreach ($tables as $table) |
604 | { |
605 | $sql = 'DELETE FROM ' . $table . " |
606 | WHERE user_id = {$user->data['user_id']} |
607 | AND mark_time < $post_time"; |
608 | $db->sql_query($sql); |
609 | } |
610 | |
611 | $sql = 'UPDATE ' . USERS_TABLE . " |
612 | SET user_lastmark = $post_time |
613 | WHERE user_id = {$user->data['user_id']} |
614 | AND user_lastmark < $post_time"; |
615 | $db->sql_query($sql); |
616 | } |
617 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
618 | { |
619 | $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); |
620 | $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); |
621 | |
622 | unset($tracking_topics['tf']); |
623 | unset($tracking_topics['t']); |
624 | unset($tracking_topics['f']); |
625 | $tracking_topics['l'] = base_convert($post_time - $config['board_startdate'], 10, 36); |
626 | |
627 | $user->set_cookie('track', tracking_serialize($tracking_topics), $post_time + 31536000); |
628 | $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking_topics), \phpbb\request\request_interface::COOKIE); |
629 | |
630 | unset($tracking_topics); |
631 | |
632 | if ($user->data['is_registered']) |
633 | { |
634 | $sql = 'UPDATE ' . USERS_TABLE . " |
635 | SET user_lastmark = $post_time |
636 | WHERE user_id = {$user->data['user_id']} |
637 | AND user_lastmark < $post_time"; |
638 | $db->sql_query($sql); |
639 | } |
640 | } |
641 | } |
642 | } |
643 | else if ($mode == 'topics') |
644 | { |
645 | // Mark all topics in forums read |
646 | if (!is_array($forum_id)) |
647 | { |
648 | $forum_id = array($forum_id); |
649 | } |
650 | else |
651 | { |
652 | $forum_id = array_unique($forum_id); |
653 | } |
654 | |
655 | /* @var $phpbb_notifications \phpbb\notification\manager */ |
656 | $phpbb_notifications = $phpbb_container->get('notification_manager'); |
657 | |
658 | $phpbb_notifications->mark_notifications_by_parent(array( |
659 | 'notification.type.topic', |
660 | 'notification.type.approve_topic', |
661 | ), $forum_id, $user->data['user_id'], $post_time); |
662 | |
663 | // Mark all post/quote notifications read for this user in this forum |
664 | $topic_ids = array(); |
665 | $sql = 'SELECT topic_id |
666 | FROM ' . TOPICS_TABLE . ' |
667 | WHERE ' . $db->sql_in_set('forum_id', $forum_id); |
668 | $result = $db->sql_query($sql); |
669 | while ($row = $db->sql_fetchrow($result)) |
670 | { |
671 | $topic_ids[] = $row['topic_id']; |
672 | } |
673 | $db->sql_freeresult($result); |
674 | |
675 | $phpbb_notifications->mark_notifications_by_parent(array( |
676 | 'notification.type.mention', |
677 | 'notification.type.quote', |
678 | 'notification.type.bookmark', |
679 | 'notification.type.post', |
680 | 'notification.type.approve_post', |
681 | 'notification.type.forum', |
682 | ), $topic_ids, $user->data['user_id'], $post_time); |
683 | |
684 | // Add 0 to forums array to mark global announcements correctly |
685 | // $forum_id[] = 0; |
686 | |
687 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
688 | { |
689 | $sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . " |
690 | WHERE user_id = {$user->data['user_id']} |
691 | AND mark_time < $post_time |
692 | AND " . $db->sql_in_set('forum_id', $forum_id); |
693 | $db->sql_query($sql); |
694 | |
695 | $sql = 'SELECT forum_id |
696 | FROM ' . FORUMS_TRACK_TABLE . " |
697 | WHERE user_id = {$user->data['user_id']} |
698 | AND " . $db->sql_in_set('forum_id', $forum_id); |
699 | $result = $db->sql_query($sql); |
700 | |
701 | $sql_update = array(); |
702 | while ($row = $db->sql_fetchrow($result)) |
703 | { |
704 | $sql_update[] = (int) $row['forum_id']; |
705 | } |
706 | $db->sql_freeresult($result); |
707 | |
708 | if (count($sql_update)) |
709 | { |
710 | $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . " |
711 | SET mark_time = $post_time |
712 | WHERE user_id = {$user->data['user_id']} |
713 | AND mark_time < $post_time |
714 | AND " . $db->sql_in_set('forum_id', $sql_update); |
715 | $db->sql_query($sql); |
716 | } |
717 | |
718 | if ($sql_insert = array_diff($forum_id, $sql_update)) |
719 | { |
720 | $sql_ary = array(); |
721 | foreach ($sql_insert as $f_id) |
722 | { |
723 | $sql_ary[] = array( |
724 | 'user_id' => (int) $user->data['user_id'], |
725 | 'forum_id' => (int) $f_id, |
726 | 'mark_time' => $post_time, |
727 | ); |
728 | } |
729 | |
730 | $db->sql_multi_insert(FORUMS_TRACK_TABLE, $sql_ary); |
731 | } |
732 | } |
733 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
734 | { |
735 | $tracking = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); |
736 | $tracking = ($tracking) ? tracking_unserialize($tracking) : array(); |
737 | |
738 | foreach ($forum_id as $f_id) |
739 | { |
740 | $topic_ids36 = (isset($tracking['tf'][$f_id])) ? $tracking['tf'][$f_id] : array(); |
741 | |
742 | if (isset($tracking['tf'][$f_id])) |
743 | { |
744 | unset($tracking['tf'][$f_id]); |
745 | } |
746 | |
747 | foreach ($topic_ids36 as $topic_id36) |
748 | { |
749 | unset($tracking['t'][$topic_id36]); |
750 | } |
751 | |
752 | if (isset($tracking['f'][$f_id])) |
753 | { |
754 | unset($tracking['f'][$f_id]); |
755 | } |
756 | |
757 | $tracking['f'][$f_id] = base_convert($post_time - $config['board_startdate'], 10, 36); |
758 | } |
759 | |
760 | if (isset($tracking['tf']) && empty($tracking['tf'])) |
761 | { |
762 | unset($tracking['tf']); |
763 | } |
764 | |
765 | $user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000); |
766 | $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), \phpbb\request\request_interface::COOKIE); |
767 | |
768 | unset($tracking); |
769 | } |
770 | } |
771 | else if ($mode == 'topic') |
772 | { |
773 | if ($topic_id === false || $forum_id === false) |
774 | { |
775 | return; |
776 | } |
777 | |
778 | /* @var $phpbb_notifications \phpbb\notification\manager */ |
779 | $phpbb_notifications = $phpbb_container->get('notification_manager'); |
780 | |
781 | // Mark post notifications read for this user in this topic |
782 | $phpbb_notifications->mark_notifications(array( |
783 | 'notification.type.topic', |
784 | 'notification.type.approve_topic', |
785 | ), $topic_id, $user->data['user_id'], $post_time); |
786 | |
787 | $phpbb_notifications->mark_notifications_by_parent(array( |
788 | 'notification.type.mention', |
789 | 'notification.type.quote', |
790 | 'notification.type.bookmark', |
791 | 'notification.type.post', |
792 | 'notification.type.approve_post', |
793 | 'notification.type.forum', |
794 | ), $topic_id, $user->data['user_id'], $post_time); |
795 | |
796 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
797 | { |
798 | $sql = 'UPDATE ' . TOPICS_TRACK_TABLE . " |
799 | SET mark_time = $post_time |
800 | WHERE user_id = {$user->data['user_id']} |
801 | AND mark_time < $post_time |
802 | AND topic_id = $topic_id"; |
803 | $db->sql_query($sql); |
804 | |
805 | // insert row |
806 | if (!$db->sql_affectedrows()) |
807 | { |
808 | $db->sql_return_on_error(true); |
809 | |
810 | $sql_ary = array( |
811 | 'user_id' => (int) $user->data['user_id'], |
812 | 'topic_id' => (int) $topic_id, |
813 | 'forum_id' => (int) $forum_id, |
814 | 'mark_time' => $post_time, |
815 | ); |
816 | |
817 | $db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); |
818 | |
819 | $db->sql_return_on_error(false); |
820 | } |
821 | } |
822 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
823 | { |
824 | $tracking = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); |
825 | $tracking = ($tracking) ? tracking_unserialize($tracking) : array(); |
826 | |
827 | $topic_id36 = base_convert($topic_id, 10, 36); |
828 | |
829 | if (!isset($tracking['t'][$topic_id36])) |
830 | { |
831 | $tracking['tf'][$forum_id][$topic_id36] = true; |
832 | } |
833 | |
834 | $tracking['t'][$topic_id36] = base_convert($post_time - (int) $config['board_startdate'], 10, 36); |
835 | |
836 | // If the cookie grows larger than 10000 characters we will remove the smallest value |
837 | // This can result in old topics being unread - but most of the time it should be accurate... |
838 | if (strlen($request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE)) > 10000) |
839 | { |
840 | //echo 'Cookie grown too large' . print_r($tracking, true); |
841 | |
842 | // We get the ten most minimum stored time offsets and its associated topic ids |
843 | $time_keys = array(); |
844 | for ($i = 0; $i < 10 && count($tracking['t']); $i++) |
845 | { |
846 | $min_value = min($tracking['t']); |
847 | $m_tkey = array_search($min_value, $tracking['t']); |
848 | unset($tracking['t'][$m_tkey]); |
849 | |
850 | $time_keys[$m_tkey] = $min_value; |
851 | } |
852 | |
853 | // Now remove the topic ids from the array... |
854 | foreach ($tracking['tf'] as $f_id => $topic_id_ary) |
855 | { |
856 | foreach ($time_keys as $m_tkey => $min_value) |
857 | { |
858 | if (isset($topic_id_ary[$m_tkey])) |
859 | { |
860 | $tracking['f'][$f_id] = $min_value; |
861 | unset($tracking['tf'][$f_id][$m_tkey]); |
862 | } |
863 | } |
864 | } |
865 | |
866 | if ($user->data['is_registered']) |
867 | { |
868 | $user->data['user_lastmark'] = intval(base_convert(max($time_keys) + $config['board_startdate'], 36, 10)); |
869 | |
870 | $sql = 'UPDATE ' . USERS_TABLE . " |
871 | SET user_lastmark = $post_time |
872 | WHERE user_id = {$user->data['user_id']} |
873 | AND mark_time < $post_time"; |
874 | $db->sql_query($sql); |
875 | } |
876 | else |
877 | { |
878 | $tracking['l'] = max($time_keys); |
879 | } |
880 | } |
881 | |
882 | $user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000); |
883 | $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), \phpbb\request\request_interface::COOKIE); |
884 | } |
885 | } |
886 | else if ($mode == 'post') |
887 | { |
888 | if ($topic_id === false) |
889 | { |
890 | return; |
891 | } |
892 | |
893 | $use_user_id = (!$user_id) ? $user->data['user_id'] : $user_id; |
894 | |
895 | if ($config['load_db_track'] && $use_user_id != ANONYMOUS) |
896 | { |
897 | $db->sql_return_on_error(true); |
898 | |
899 | $sql_ary = array( |
900 | 'user_id' => (int) $use_user_id, |
901 | 'topic_id' => (int) $topic_id, |
902 | 'topic_posted' => 1, |
903 | ); |
904 | |
905 | $db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); |
906 | |
907 | $db->sql_return_on_error(false); |
908 | } |
909 | } |
910 | |
911 | /** |
912 | * This event is used for performing actions directly after forums, |
913 | * topics or posts have been marked as read. |
914 | * |
915 | * @event core.markread_after |
916 | * @var string mode Variable containing marking mode value |
917 | * @var mixed forum_id Variable containing forum id, or false |
918 | * @var mixed topic_id Variable containing topic id, or false |
919 | * @var int post_time Variable containing post time |
920 | * @var int user_id Variable containing the user id |
921 | * @since 3.2.6-RC1 |
922 | */ |
923 | $vars = array( |
924 | 'mode', |
925 | 'forum_id', |
926 | 'topic_id', |
927 | 'post_time', |
928 | 'user_id', |
929 | ); |
930 | extract($phpbb_dispatcher->trigger_event('core.markread_after', compact($vars))); |
931 | } |
932 | |
933 | /** |
934 | * Get topic tracking info by using already fetched info |
935 | */ |
936 | function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time) |
937 | { |
938 | global $user; |
939 | |
940 | $last_read = array(); |
941 | |
942 | if (!is_array($topic_ids)) |
943 | { |
944 | $topic_ids = array($topic_ids); |
945 | } |
946 | |
947 | foreach ($topic_ids as $topic_id) |
948 | { |
949 | if (!empty($rowset[$topic_id]['mark_time'])) |
950 | { |
951 | $last_read[$topic_id] = $rowset[$topic_id]['mark_time']; |
952 | } |
953 | } |
954 | |
955 | $topic_ids = array_diff($topic_ids, array_keys($last_read)); |
956 | |
957 | if (count($topic_ids)) |
958 | { |
959 | $mark_time = array(); |
960 | |
961 | if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false) |
962 | { |
963 | $mark_time[$forum_id] = $forum_mark_time[$forum_id]; |
964 | } |
965 | |
966 | $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark']; |
967 | |
968 | foreach ($topic_ids as $topic_id) |
969 | { |
970 | $last_read[$topic_id] = $user_lastmark; |
971 | } |
972 | } |
973 | |
974 | return $last_read; |
975 | } |
976 | |
977 | /** |
978 | * Get topic tracking info from db (for cookie based tracking only this function is used) |
979 | */ |
980 | function get_complete_topic_tracking($forum_id, $topic_ids) |
981 | { |
982 | global $config, $user, $request; |
983 | |
984 | $last_read = array(); |
985 | |
986 | if (!is_array($topic_ids)) |
987 | { |
988 | $topic_ids = array($topic_ids); |
989 | } |
990 | |
991 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
992 | { |
993 | global $db; |
994 | |
995 | $sql = 'SELECT topic_id, mark_time |
996 | FROM ' . TOPICS_TRACK_TABLE . " |
997 | WHERE user_id = {$user->data['user_id']} |
998 | AND " . $db->sql_in_set('topic_id', $topic_ids); |
999 | $result = $db->sql_query($sql); |
1000 | |
1001 | while ($row = $db->sql_fetchrow($result)) |
1002 | { |
1003 | $last_read[$row['topic_id']] = $row['mark_time']; |
1004 | } |
1005 | $db->sql_freeresult($result); |
1006 | |
1007 | $topic_ids = array_diff($topic_ids, array_keys($last_read)); |
1008 | |
1009 | if (count($topic_ids)) |
1010 | { |
1011 | $sql = 'SELECT forum_id, mark_time |
1012 | FROM ' . FORUMS_TRACK_TABLE . " |
1013 | WHERE user_id = {$user->data['user_id']} |
1014 | AND forum_id = $forum_id"; |
1015 | $result = $db->sql_query($sql); |
1016 | |
1017 | $mark_time = array(); |
1018 | while ($row = $db->sql_fetchrow($result)) |
1019 | { |
1020 | $mark_time[$row['forum_id']] = $row['mark_time']; |
1021 | } |
1022 | $db->sql_freeresult($result); |
1023 | |
1024 | $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark']; |
1025 | |
1026 | foreach ($topic_ids as $topic_id) |
1027 | { |
1028 | $last_read[$topic_id] = $user_lastmark; |
1029 | } |
1030 | } |
1031 | } |
1032 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
1033 | { |
1034 | global $tracking_topics; |
1035 | |
1036 | if (!isset($tracking_topics) || !count($tracking_topics)) |
1037 | { |
1038 | $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); |
1039 | $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); |
1040 | } |
1041 | |
1042 | if (!$user->data['is_registered']) |
1043 | { |
1044 | $user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0; |
1045 | } |
1046 | else |
1047 | { |
1048 | $user_lastmark = $user->data['user_lastmark']; |
1049 | } |
1050 | |
1051 | foreach ($topic_ids as $topic_id) |
1052 | { |
1053 | $topic_id36 = base_convert($topic_id, 10, 36); |
1054 | |
1055 | if (isset($tracking_topics['t'][$topic_id36])) |
1056 | { |
1057 | $last_read[$topic_id] = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate']; |
1058 | } |
1059 | } |
1060 | |
1061 | $topic_ids = array_diff($topic_ids, array_keys($last_read)); |
1062 | |
1063 | if (count($topic_ids)) |
1064 | { |
1065 | $mark_time = array(); |
1066 | |
1067 | if (isset($tracking_topics['f'][$forum_id])) |
1068 | { |
1069 | $mark_time[$forum_id] = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']; |
1070 | } |
1071 | |
1072 | $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user_lastmark; |
1073 | |
1074 | foreach ($topic_ids as $topic_id) |
1075 | { |
1076 | $last_read[$topic_id] = $user_lastmark; |
1077 | } |
1078 | } |
1079 | } |
1080 | |
1081 | return $last_read; |
1082 | } |
1083 | |
1084 | /** |
1085 | * Get list of unread topics |
1086 | * |
1087 | * @param int $user_id User ID (or false for current user) |
1088 | * @param string $sql_extra Extra WHERE SQL statement |
1089 | * @param string $sql_sort ORDER BY SQL sorting statement |
1090 | * @param string $sql_limit Limits the size of unread topics list, 0 for unlimited query |
1091 | * @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start |
1092 | * |
1093 | * @return int[] Topic ids as keys, mark_time of topic as value |
1094 | */ |
1095 | function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) |
1096 | { |
1097 | global $config, $db, $user, $request; |
1098 | global $phpbb_dispatcher; |
1099 | |
1100 | $user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id; |
1101 | |
1102 | // Data array we're going to return |
1103 | $unread_topics = array(); |
1104 | |
1105 | if (empty($sql_sort)) |
1106 | { |
1107 | $sql_sort = 'ORDER BY t.topic_last_post_time DESC, t.topic_last_post_id DESC'; |
1108 | } |
1109 | |
1110 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
1111 | { |
1112 | // Get list of the unread topics |
1113 | $last_mark = (int) $user->data['user_lastmark']; |
1114 | |
1115 | $sql_array = array( |
1116 | 'SELECT' => 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time', |
1117 | |
1118 | 'FROM' => array(TOPICS_TABLE => 't'), |
1119 | |
1120 | 'LEFT_JOIN' => array( |
1121 | array( |
1122 | 'FROM' => array(TOPICS_TRACK_TABLE => 'tt'), |
1123 | 'ON' => "tt.user_id = $user_id AND t.topic_id = tt.topic_id", |
1124 | ), |
1125 | array( |
1126 | 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'), |
1127 | 'ON' => "ft.user_id = $user_id AND t.forum_id = ft.forum_id", |
1128 | ), |
1129 | ), |
1130 | |
1131 | 'WHERE' => " |
1132 | t.topic_last_post_time > $last_mark AND |
1133 | ( |
1134 | (tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR |
1135 | (tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR |
1136 | (tt.mark_time IS NULL AND ft.mark_time IS NULL) |
1137 | ) |
1138 | $sql_extra |
1139 | $sql_sort", |
1140 | ); |
1141 | |
1142 | /** |
1143 | * Change SQL query for fetching unread topics data |
1144 | * |
1145 | * @event core.get_unread_topics_modify_sql |
1146 | * @var array sql_array Fully assembled SQL query with keys SELECT, FROM, LEFT_JOIN, WHERE |
1147 | * @var int last_mark User's last_mark time |
1148 | * @var string sql_extra Extra WHERE SQL statement |
1149 | * @var string sql_sort ORDER BY SQL sorting statement |
1150 | * @since 3.1.4-RC1 |
1151 | */ |
1152 | $vars = array( |
1153 | 'sql_array', |
1154 | 'last_mark', |
1155 | 'sql_extra', |
1156 | 'sql_sort', |
1157 | ); |
1158 | extract($phpbb_dispatcher->trigger_event('core.get_unread_topics_modify_sql', compact($vars))); |
1159 | |
1160 | $sql = $db->sql_build_query('SELECT', $sql_array); |
1161 | $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); |
1162 | |
1163 | while ($row = $db->sql_fetchrow($result)) |
1164 | { |
1165 | $topic_id = (int) $row['topic_id']; |
1166 | $unread_topics[$topic_id] = ($row['topic_mark_time']) ? (int) $row['topic_mark_time'] : (($row['forum_mark_time']) ? (int) $row['forum_mark_time'] : $last_mark); |
1167 | } |
1168 | $db->sql_freeresult($result); |
1169 | } |
1170 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
1171 | { |
1172 | global $tracking_topics; |
1173 | |
1174 | if (empty($tracking_topics)) |
1175 | { |
1176 | $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', false, \phpbb\request\request_interface::COOKIE); |
1177 | $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); |
1178 | } |
1179 | |
1180 | if (!$user->data['is_registered']) |
1181 | { |
1182 | $user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0; |
1183 | } |
1184 | else |
1185 | { |
1186 | $user_lastmark = (int) $user->data['user_lastmark']; |
1187 | } |
1188 | |
1189 | $sql = 'SELECT t.topic_id, t.forum_id, t.topic_last_post_time |
1190 | FROM ' . TOPICS_TABLE . ' t |
1191 | WHERE t.topic_last_post_time > ' . $user_lastmark . " |
1192 | $sql_extra |
1193 | $sql_sort"; |
1194 | $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); |
1195 | |
1196 | while ($row = $db->sql_fetchrow($result)) |
1197 | { |
1198 | $forum_id = (int) $row['forum_id']; |
1199 | $topic_id = (int) $row['topic_id']; |
1200 | $topic_id36 = base_convert($topic_id, 10, 36); |
1201 | |
1202 | if (isset($tracking_topics['t'][$topic_id36])) |
1203 | { |
1204 | $last_read = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate']; |
1205 | |
1206 | if ($row['topic_last_post_time'] > $last_read) |
1207 | { |
1208 | $unread_topics[$topic_id] = $last_read; |
1209 | } |
1210 | } |
1211 | else if (isset($tracking_topics['f'][$forum_id])) |
1212 | { |
1213 | $mark_time = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']; |
1214 | |
1215 | if ($row['topic_last_post_time'] > $mark_time) |
1216 | { |
1217 | $unread_topics[$topic_id] = $mark_time; |
1218 | } |
1219 | } |
1220 | else |
1221 | { |
1222 | $unread_topics[$topic_id] = $user_lastmark; |
1223 | } |
1224 | } |
1225 | $db->sql_freeresult($result); |
1226 | } |
1227 | |
1228 | return $unread_topics; |
1229 | } |
1230 | |
1231 | /** |
1232 | * Check for read forums and update topic tracking info accordingly |
1233 | * |
1234 | * @param int $forum_id the forum id to check |
1235 | * @param int $forum_last_post_time the forums last post time |
1236 | * @param int $f_mark_time the forums last mark time if user is registered and load_db_lastread enabled |
1237 | * @param int $mark_time_forum false if the mark time needs to be obtained, else the last users forum mark time |
1238 | * |
1239 | * @return true if complete forum got marked read, else false. |
1240 | */ |
1241 | function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false) |
1242 | { |
1243 | global $db, $tracking_topics, $user, $config, $request, $phpbb_container; |
1244 | |
1245 | // Determine the users last forum mark time if not given. |
1246 | if ($mark_time_forum === false) |
1247 | { |
1248 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
1249 | { |
1250 | $mark_time_forum = (!empty($f_mark_time)) ? $f_mark_time : $user->data['user_lastmark']; |
1251 | } |
1252 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
1253 | { |
1254 | $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); |
1255 | $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); |
1256 | |
1257 | if (!$user->data['is_registered']) |
1258 | { |
1259 | $user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0; |
1260 | } |
1261 | |
1262 | $mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark']; |
1263 | } |
1264 | } |
1265 | |
1266 | // Handle update of unapproved topics info. |
1267 | // Only update for moderators having m_approve permission for the forum. |
1268 | /* @var $phpbb_content_visibility \phpbb\content_visibility */ |
1269 | $phpbb_content_visibility = $phpbb_container->get('content.visibility'); |
1270 | |
1271 | // Check the forum for any left unread topics. |
1272 | // If there are none, we mark the forum as read. |
1273 | if ($config['load_db_lastread'] && $user->data['is_registered']) |
1274 | { |
1275 | if ($mark_time_forum >= $forum_last_post_time) |
1276 | { |
1277 | // We do not need to mark read, this happened before. Therefore setting this to true |
1278 | $row = true; |
1279 | } |
1280 | else |
1281 | { |
1282 | $sql = 'SELECT t.forum_id |
1283 | FROM ' . TOPICS_TABLE . ' t |
1284 | LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt |
1285 | ON (tt.topic_id = t.topic_id |
1286 | AND tt.user_id = ' . $user->data['user_id'] . ') |
1287 | WHERE t.forum_id = ' . $forum_id . ' |
1288 | AND t.topic_last_post_time > ' . $mark_time_forum . ' |
1289 | AND t.topic_moved_id = 0 |
1290 | AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.') . ' |
1291 | AND (tt.topic_id IS NULL |
1292 | OR tt.mark_time < t.topic_last_post_time)'; |
1293 | $result = $db->sql_query_limit($sql, 1); |
1294 | $row = $db->sql_fetchrow($result); |
1295 | $db->sql_freeresult($result); |
1296 | } |
1297 | } |
1298 | else if ($config['load_anon_lastread'] || $user->data['is_registered']) |
1299 | { |
1300 | // Get information from cookie |
1301 | if (!isset($tracking_topics['tf'][$forum_id])) |
1302 | { |
1303 | // We do not need to mark read, this happened before. Therefore setting this to true |
1304 | $row = true; |
1305 | } |
1306 | else |
1307 | { |
1308 | $sql = 'SELECT t.topic_id |
1309 | FROM ' . TOPICS_TABLE . ' t |
1310 | WHERE t.forum_id = ' . $forum_id . ' |
1311 | AND t.topic_last_post_time > ' . $mark_time_forum . ' |
1312 | AND t.topic_moved_id = 0 |
1313 | AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.'); |
1314 | $result = $db->sql_query($sql); |
1315 | |
1316 | $check_forum = $tracking_topics['tf'][$forum_id]; |
1317 | $unread = false; |
1318 | |
1319 | while ($row = $db->sql_fetchrow($result)) |
1320 | { |
1321 | if (!isset($check_forum[base_convert($row['topic_id'], 10, 36)])) |
1322 | { |
1323 | $unread = true; |
1324 | break; |
1325 | } |
1326 | } |
1327 | $db->sql_freeresult($result); |
1328 | |
1329 | $row = $unread; |
1330 | } |
1331 | } |
1332 | else |
1333 | { |
1334 | $row = true; |
1335 | } |
1336 | |
1337 | if (!$row) |
1338 | { |
1339 | markread('topics', $forum_id); |
1340 | return true; |
1341 | } |
1342 | |
1343 | return false; |
1344 | } |
1345 | |
1346 | /** |
1347 | * Transform an array into a serialized format |
1348 | */ |
1349 | function tracking_serialize($input) |
1350 | { |
1351 | $out = ''; |
1352 | foreach ($input as $key => $value) |
1353 | { |
1354 | if (is_array($value)) |
1355 | { |
1356 | $out .= $key . ':(' . tracking_serialize($value) . ');'; |
1357 | } |
1358 | else |
1359 | { |
1360 | $out .= $key . ':' . $value . ';'; |
1361 | } |
1362 | } |
1363 | return $out; |
1364 | } |
1365 | |
1366 | /** |
1367 | * Transform a serialized array into an actual array |
1368 | */ |
1369 | function tracking_unserialize($string, $max_depth = 3) |
1370 | { |
1371 | $n = strlen($string); |
1372 | if ($n > 10010) |
1373 | { |
1374 | die('Invalid data supplied'); |
1375 | } |
1376 | $data = $stack = array(); |
1377 | $key = ''; |
1378 | $mode = 0; |
1379 | $level = &$data; |
1380 | for ($i = 0; $i < $n; ++$i) |
1381 | { |
1382 | switch ($mode) |
1383 | { |
1384 | case 0: |
1385 | switch ($string[$i]) |
1386 | { |
1387 | case ':': |
1388 | $level[$key] = 0; |
1389 | $mode = 1; |
1390 | break; |
1391 | case ')': |
1392 | unset($level); |
1393 | $level = array_pop($stack); |
1394 | $mode = 3; |
1395 | break; |
1396 | default: |
1397 | $key .= $string[$i]; |
1398 | } |
1399 | break; |
1400 | |
1401 | case 1: |
1402 | switch ($string[$i]) |
1403 | { |
1404 | case '(': |
1405 | if (count($stack) >= $max_depth) |
1406 | { |
1407 | die('Invalid data supplied'); |
1408 | } |
1409 | $stack[] = &$level; |
1410 | $level[$key] = array(); |
1411 | $level = &$level[$key]; |
1412 | $key = ''; |
1413 | $mode = 0; |
1414 | break; |
1415 | default: |
1416 | $level[$key] = $string[$i]; |
1417 | $mode = 2; |
1418 | break; |
1419 | } |
1420 | break; |
1421 | |
1422 | case 2: |
1423 | switch ($string[$i]) |
1424 | { |
1425 | case ')': |
1426 | unset($level); |
1427 | $level = array_pop($stack); |
1428 | $mode = 3; |
1429 | break; |
1430 | case ';': |
1431 | $key = ''; |
1432 | $mode = 0; |
1433 | break; |
1434 | default: |
1435 | $level[$key] .= $string[$i]; |
1436 | break; |
1437 | } |
1438 | break; |
1439 | |
1440 | case 3: |
1441 | switch ($string[$i]) |
1442 | { |
1443 | case ')': |
1444 | unset($level); |
1445 | $level = array_pop($stack); |
1446 | break; |
1447 | case ';': |
1448 | $key = ''; |
1449 | $mode = 0; |
1450 | break; |
1451 | default: |
1452 | die('Invalid data supplied'); |
1453 | break; |
1454 | } |
1455 | break; |
1456 | } |
1457 | } |
1458 | |
1459 | if (count($stack) != 0 || ($mode != 0 && $mode != 3)) |
1460 | { |
1461 | die('Invalid data supplied'); |
1462 | } |
1463 | |
1464 | return $level; |
1465 | } |
1466 | |
1467 | // Server functions (building urls, redirecting...) |
1468 | |
1469 | /** |
1470 | * Append session id to url. |
1471 | * |
1472 | * @param string $url The url the session id needs to be appended to (can have params) |
1473 | * @param mixed $params String or array of additional url parameters |
1474 | * @param bool $is_amp Is url using & (true) or & (false) |
1475 | * @param string $session_id Possibility to use a custom session id instead of the global one; deprecated as of 4.0.0-a1 |
1476 | * @param bool $is_route Is url generated by a route. |
1477 | * |
1478 | * @return string The corrected url. |
1479 | * |
1480 | * Examples: |
1481 | * <code> append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1"); |
1482 | * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1'); |
1483 | * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1', false); |
1484 | * append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2)); |
1485 | * </code> |
1486 | * |
1487 | */ |
1488 | function append_sid($url, $params = false, $is_amp = true, $session_id = false, $is_route = false) |
1489 | { |
1490 | global $_SID, $_EXTRA_URL, $phpbb_path_helper; |
1491 | global $phpbb_dispatcher; |
1492 | |
1493 | if ($params === '' || (is_array($params) && empty($params))) |
1494 | { |
1495 | // Do not append the ? if the param-list is empty anyway. |
1496 | $params = false; |
1497 | } |
1498 | |
1499 | // Update the root path with the correct relative web path |
1500 | if (!$is_route && $phpbb_path_helper instanceof \phpbb\path_helper) |
1501 | { |
1502 | $url = $phpbb_path_helper->update_web_root_path($url); |
1503 | } |
1504 | |
1505 | $append_sid_overwrite = false; |
1506 | |
1507 | /** |
1508 | * This event can either supplement or override the append_sid() function |
1509 | * |
1510 | * To override this function, the event must set $append_sid_overwrite to |
1511 | * the new URL value, which will be returned following the event |
1512 | * |
1513 | * @event core.append_sid |
1514 | * @var string url The url the session id needs |
1515 | * to be appended to (can have |
1516 | * params) |
1517 | * @var mixed params String or array of additional |
1518 | * url parameters |
1519 | * @var bool is_amp Is url using & (true) or |
1520 | * & (false) |
1521 | * @var bool|string session_id Possibility to use a custom |
1522 | * session id (string) instead of |
1523 | * the global one (false) |
1524 | * @var bool|string append_sid_overwrite Overwrite function (string |
1525 | * URL) or not (false) |
1526 | * @var bool is_route Is url generated by a route. |
1527 | * @since 3.1.0-a1 |
1528 | */ |
1529 | $vars = array('url', 'params', 'is_amp', 'session_id', 'append_sid_overwrite', 'is_route'); |
1530 | extract($phpbb_dispatcher->trigger_event('core.append_sid', compact($vars))); |
1531 | |
1532 | if ($append_sid_overwrite) |
1533 | { |
1534 | return $append_sid_overwrite; |
1535 | } |
1536 | |
1537 | $params_is_array = is_array($params); |
1538 | |
1539 | // Get anchor |
1540 | $anchor = ''; |
1541 | if (strpos($url, '#') !== false) |
1542 | { |
1543 | list($url, $anchor) = explode('#', $url, 2); |
1544 | $anchor = '#' . $anchor; |
1545 | } |
1546 | else if (!$params_is_array && strpos($params, '#') !== false) |
1547 | { |
1548 | list($params, $anchor) = explode('#', $params, 2); |
1549 | $anchor = '#' . $anchor; |
1550 | } |
1551 | |
1552 | // Handle really simple cases quickly |
1553 | if ($_SID == '' && $session_id === false && empty($_EXTRA_URL) && !$params_is_array && !$anchor) |
1554 | { |
1555 | if ($params === false) |
1556 | { |
1557 | return $url; |
1558 | } |
1559 | |
1560 | $url_delim = (strpos($url, '?') === false) ? '?' : (($is_amp) ? '&' : '&'); |
1561 | return $url . ($params !== false ? $url_delim. $params : ''); |
1562 | } |
1563 | |
1564 | // Assign sid if session id is not specified |
1565 | if ($session_id === false) |
1566 | { |
1567 | $session_id = $_SID; |
1568 | } |
1569 | |
1570 | $amp_delim = ($is_amp) ? '&' : '&'; |
1571 | $url_delim = (strpos($url, '?') === false) ? '?' : $amp_delim; |
1572 | |
1573 | // Appending custom url parameter? |
1574 | $append_url = (!empty($_EXTRA_URL)) ? implode($amp_delim, $_EXTRA_URL) : ''; |
1575 | |
1576 | // Use the short variant if possible ;) |
1577 | if ($params === false) |
1578 | { |
1579 | // Append session id |
1580 | if (!$session_id) |
1581 | { |
1582 | return $url . (($append_url) ? $url_delim . $append_url : '') . $anchor; |
1583 | } |
1584 | else |
1585 | { |
1586 | return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . 'sid=' . $session_id . $anchor; |
1587 | } |
1588 | } |
1589 | |
1590 | // Build string if parameters are specified as array |
1591 | if (is_array($params)) |
1592 | { |
1593 | $output = array(); |
1594 | |
1595 | foreach ($params as $key => $item) |
1596 | { |
1597 | if ($item === NULL) |
1598 | { |
1599 | continue; |
1600 | } |
1601 | |
1602 | if ($key == '#') |
1603 | { |
1604 | $anchor = '#' . $item; |
1605 | continue; |
1606 | } |
1607 | |
1608 | $output[] = $key . '=' . $item; |
1609 | } |
1610 | |
1611 | $params = implode($amp_delim, $output); |
1612 | } |
1613 | |
1614 | // Append session id and parameters (even if they are empty) |
1615 | // If parameters are empty, the developer can still append his/her parameters without caring about the delimiter |
1616 | return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . $params . ((!$session_id) ? '' : $amp_delim . 'sid=' . $session_id) . $anchor; |
1617 | } |
1618 | |
1619 | /** |
1620 | * Generate board url (example: http://www.example.com/phpBB) |
1621 | * |
1622 | * @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com) |
1623 | * |
1624 | * @return string the generated board url |
1625 | */ |
1626 | function generate_board_url($without_script_path = false) |
1627 | { |
1628 | global $config, $user, $request, $symfony_request; |
1629 | |
1630 | $server_name = $user->host; |
1631 | |
1632 | // Forcing server vars is the only way to specify/override the protocol |
1633 | if ($config['force_server_vars'] || !$server_name) |
1634 | { |
1635 | $server_protocol = ($config['server_protocol']) ? $config['server_protocol'] : (($config['cookie_secure']) ? 'https://' : 'http://'); |
1636 | $server_name = $config['server_name']; |
1637 | $server_port = (int) $config['server_port']; |
1638 | $script_path = $config['script_path']; |
1639 | |
1640 | $url = $server_protocol . $server_name; |
1641 | $cookie_secure = $config['cookie_secure']; |
1642 | } |
1643 | else |
1644 | { |
1645 | $server_port = (int) $symfony_request->getPort(); |
1646 | |
1647 | $forwarded_proto = $request->server('HTTP_X_FORWARDED_PROTO'); |
1648 | |
1649 | if (!empty($forwarded_proto) && $forwarded_proto === 'https') |
1650 | { |
1651 | $server_port = 443; |
1652 | } |
1653 | // Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection |
1654 | $cookie_secure = $request->is_secure() ? 1 : 0; |
1655 | $url = (($cookie_secure) ? 'https://' : 'http://') . $server_name; |
1656 | |
1657 | $script_path = $user->page['root_script_path']; |
1658 | } |
1659 | |
1660 | if ($server_port && (($cookie_secure && $server_port <> 443) || (!$cookie_secure && $server_port <> 80))) |
1661 | { |
1662 | // HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true) |
1663 | if (strpos($server_name, ':') === false) |
1664 | { |
1665 | $url .= ':' . $server_port; |
1666 | } |
1667 | } |
1668 | |
1669 | if (!$without_script_path) |
1670 | { |
1671 | $url .= $script_path; |
1672 | } |
1673 | |
1674 | // Strip / from the end |
1675 | if (substr($url, -1, 1) == '/') |
1676 | { |
1677 | $url = substr($url, 0, -1); |
1678 | } |
1679 | |
1680 | return $url; |
1681 | } |
1682 | |
1683 | /** |
1684 | * Redirects the user to another page then exits the script nicely |
1685 | * This function is intended for urls within the board. It's not meant to redirect to cross-domains. |
1686 | * |
1687 | * @param string $url The url to redirect to |
1688 | * @param bool $return If true, do not redirect but return the sanitized URL. Default is no return. |
1689 | * @param bool $disable_cd_check If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false. |
1690 | * @return string|never |
1691 | */ |
1692 | function redirect($url, $return = false, $disable_cd_check = false) |
1693 | { |
1694 | global $user, $phpbb_path_helper, $phpbb_dispatcher; |
1695 | |
1696 | if (!$user->is_setup()) |
1697 | { |
1698 | $user->add_lang('common'); |
1699 | } |
1700 | |
1701 | // Make sure no &'s are in, this will break the redirect |
1702 | $url = str_replace('&', '&', $url); |
1703 | |
1704 | // Determine which type of redirect we need to handle... |
1705 | $url_parts = @parse_url($url); |
1706 | |
1707 | if ($url_parts === false) |
1708 | { |
1709 | // Malformed url |
1710 | trigger_error('INSECURE_REDIRECT', E_USER_WARNING); |
1711 | } |
1712 | else if (!empty($url_parts['scheme']) && !empty($url_parts['host'])) |
1713 | { |
1714 | // Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work) |
1715 | if (!$disable_cd_check && $url_parts['host'] !== $user->host) |
1716 | { |
1717 | trigger_error('INSECURE_REDIRECT', E_USER_WARNING); |
1718 | } |
1719 | } |
1720 | else if ($url[0] == '/') |
1721 | { |
1722 | // Absolute uri, prepend direct url... |
1723 | $url = generate_board_url(true) . $url; |
1724 | } |
1725 | else |
1726 | { |
1727 | // Relative uri |
1728 | $pathinfo = pathinfo($url); |
1729 | |
1730 | // Is the uri pointing to the current directory? |
1731 | if ($pathinfo['dirname'] == '.') |
1732 | { |
1733 | $url = str_replace('./', '', $url); |
1734 | |
1735 | // Strip / from the beginning |
1736 | if ($url && substr($url, 0, 1) == '/') |
1737 | { |
1738 | $url = substr($url, 1); |
1739 | } |
1740 | } |
1741 | |
1742 | $url = $phpbb_path_helper->remove_web_root_path($url); |
1743 | |
1744 | if ($user->page['page_dir']) |
1745 | { |
1746 | $url = $user->page['page_dir'] . '/' . $url; |
1747 | } |
1748 | |
1749 | $url = generate_board_url() . '/' . $url; |
1750 | } |
1751 | |
1752 | // Clean URL and check if we go outside the forum directory |
1753 | $url = $phpbb_path_helper->clean_url($url); |
1754 | |
1755 | if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0) |
1756 | { |
1757 | trigger_error('INSECURE_REDIRECT', E_USER_WARNING); |
1758 | } |
1759 | |
1760 | // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 |
1761 | if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false) |
1762 | { |
1763 | trigger_error('INSECURE_REDIRECT', E_USER_WARNING); |
1764 | } |
1765 | |
1766 | // Now, also check the protocol and for a valid url the last time... |
1767 | $allowed_protocols = array('http', 'https', 'ftp', 'ftps'); |
1768 | $url_parts = parse_url($url); |
1769 | |
1770 | if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols)) |
1771 | { |
1772 | trigger_error('INSECURE_REDIRECT', E_USER_WARNING); |
1773 | } |
1774 | |
1775 | /** |
1776 | * Execute code and/or overwrite redirect() |
1777 | * |
1778 | * @event core.functions.redirect |
1779 | * @var string url The url |
1780 | * @var bool return If true, do not redirect but return the sanitized URL. |
1781 | * @var bool disable_cd_check If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. |
1782 | * @since 3.1.0-RC3 |
1783 | */ |
1784 | $vars = array('url', 'return', 'disable_cd_check'); |
1785 | extract($phpbb_dispatcher->trigger_event('core.functions.redirect', compact($vars))); |
1786 | |
1787 | if ($return) |
1788 | { |
1789 | return $url; |
1790 | } |
1791 | else |
1792 | { |
1793 | garbage_collection(); |
1794 | } |
1795 | |
1796 | // Behave as per HTTP/1.1 spec for others |
1797 | header('Location: ' . $url); |
1798 | exit; |
1799 | } |
1800 | |
1801 | /** |
1802 | * Returns the install redirect path for phpBB. |
1803 | * |
1804 | * @param string $phpbb_root_path The root path of the phpBB installation. |
1805 | * @param string $phpEx The file extension of php files, e.g., "php". |
1806 | * @return string The install redirect path. |
1807 | */ |
1808 | function phpbb_get_install_redirect(string $phpbb_root_path, string $phpEx): string |
1809 | { |
1810 | $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); |
1811 | if (!$script_name) |
1812 | { |
1813 | $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); |
1814 | } |
1815 | |
1816 | // Add trailing dot to prevent dirname() from returning parent directory if $script_name is a directory |
1817 | $script_name = substr($script_name, -1) === '/' ? $script_name . '.' : $script_name; |
1818 | |
1819 | // $phpbb_root_path accounts for redirects from e.g. /adm |
1820 | $script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/app.' . $phpEx; |
1821 | // Replace any number of consecutive backslashes and/or slashes with a single slash |
1822 | // (could happen on some proxy setups and/or Windows servers) |
1823 | return preg_replace('#[\\\\/]{2,}#', '/', $script_path); |
1824 | } |
1825 | |
1826 | /** |
1827 | * Re-Apply session id after page reloads |
1828 | */ |
1829 | function reapply_sid($url, $is_route = false) |
1830 | { |
1831 | global $phpEx, $phpbb_root_path; |
1832 | |
1833 | if ($url === "index.$phpEx") |
1834 | { |
1835 | return append_sid("index.$phpEx"); |
1836 | } |
1837 | else if ($url === "{$phpbb_root_path}index.$phpEx") |
1838 | { |
1839 | return append_sid("{$phpbb_root_path}index.$phpEx"); |
1840 | } |
1841 | |
1842 | // Remove previously added sid |
1843 | if (strpos($url, 'sid=') !== false) |
1844 | { |
1845 | // All kind of links |
1846 | $url = preg_replace('/(\?)?(&|&)?sid=[a-z0-9]+/', '', $url); |
1847 | // if the sid was the first param, make the old second as first ones |
1848 | $url = preg_replace("/$phpEx(&|&)+?/", "$phpEx?", $url); |
1849 | } |
1850 | |
1851 | return append_sid($url, false, true, false, $is_route); |
1852 | } |
1853 | |
1854 | /** |
1855 | * Returns url from the session/current page with an re-appended SID with optionally stripping vars from the url |
1856 | */ |
1857 | function build_url($strip_vars = false) |
1858 | { |
1859 | global $config, $user, $phpbb_path_helper; |
1860 | |
1861 | $page = $phpbb_path_helper->get_valid_page($user->page['page'], $config['enable_mod_rewrite']); |
1862 | |
1863 | // Append SID |
1864 | $redirect = append_sid($page, false, false); |
1865 | |
1866 | if ($strip_vars !== false) |
1867 | { |
1868 | $redirect = $phpbb_path_helper->strip_url_params($redirect, $strip_vars, false); |
1869 | } |
1870 | else |
1871 | { |
1872 | $redirect = str_replace('&', '&', $redirect); |
1873 | } |
1874 | |
1875 | return $redirect; |
1876 | } |
1877 | |
1878 | /** |
1879 | * Meta refresh assignment |
1880 | * Adds META template variable with meta http tag. |
1881 | * |
1882 | * @param int $time Time in seconds for meta refresh tag |
1883 | * @param string $url URL to redirect to. The url will go through redirect() first before the template variable is assigned |
1884 | * @param bool $disable_cd_check If true, meta_refresh() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false. |
1885 | */ |
1886 | function meta_refresh($time, $url, $disable_cd_check = false) |
1887 | { |
1888 | global $template, $refresh_data, $request; |
1889 | |
1890 | $url = redirect($url, true, $disable_cd_check); |
1891 | if ($request->is_ajax()) |
1892 | { |
1893 | $refresh_data = array( |
1894 | 'time' => $time, |
1895 | 'url' => $url, |
1896 | ); |
1897 | } |
1898 | else |
1899 | { |
1900 | // For XHTML compatibility we change back & to & |
1901 | $url = str_replace('&', '&', $url); |
1902 | |
1903 | $template->assign_vars(array( |
1904 | 'META' => '<meta http-equiv="refresh" content="' . $time . '; url=' . $url . '" />') |
1905 | ); |
1906 | } |
1907 | |
1908 | return $url; |
1909 | } |
1910 | |
1911 | /** |
1912 | * Outputs correct status line header. |
1913 | * |
1914 | * Depending on php sapi one of the two following forms is used: |
1915 | * |
1916 | * Status: 404 Not Found |
1917 | * |
1918 | * HTTP/1.x 404 Not Found |
1919 | * |
1920 | * HTTP version is taken from HTTP_VERSION environment variable, |
1921 | * and defaults to 1.0. |
1922 | * |
1923 | * Sample usage: |
1924 | * |
1925 | * send_status_line(404, 'Not Found'); |
1926 | * |
1927 | * @param int $code HTTP status code |
1928 | * @param string $message Message for the status code |
1929 | * @return void |
1930 | */ |
1931 | function send_status_line($code, $message) |
1932 | { |
1933 | if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') |
1934 | { |
1935 | // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though |
1936 | header("Status: $code $message", true, $code); |
1937 | } |
1938 | else |
1939 | { |
1940 | $version = phpbb_request_http_version(); |
1941 | header("$version $code $message", true, $code); |
1942 | } |
1943 | } |
1944 | |
1945 | /** |
1946 | * Returns the HTTP version used in the current request. |
1947 | * |
1948 | * Handles the case of being called before $request is present, |
1949 | * in which case it falls back to the $_SERVER superglobal. |
1950 | * |
1951 | * @return string HTTP version |
1952 | */ |
1953 | function phpbb_request_http_version() |
1954 | { |
1955 | global $request; |
1956 | |
1957 | $version = ''; |
1958 | if ($request && $request->server('SERVER_PROTOCOL')) |
1959 | { |
1960 | $version = $request->server('SERVER_PROTOCOL'); |
1961 | } |
1962 | else if (isset($_SERVER['SERVER_PROTOCOL'])) |
1963 | { |
1964 | $version = $_SERVER['SERVER_PROTOCOL']; |
1965 | } |
1966 | |
1967 | if (!empty($version) && is_string($version) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $version)) |
1968 | { |
1969 | return $version; |
1970 | } |
1971 | |
1972 | return 'HTTP/1.0'; |
1973 | } |
1974 | |
1975 | //Form validation |
1976 | |
1977 | |
1978 | /** |
1979 | * Add a secret hash for use in links/GET requests |
1980 | * @param string $link_name The name of the link; has to match the name used in check_link_hash, otherwise no restrictions apply |
1981 | * @return string the hash |
1982 | |
1983 | */ |
1984 | function generate_link_hash($link_name) |
1985 | { |
1986 | global $user; |
1987 | |
1988 | if (!isset($user->data["hash_$link_name"])) |
1989 | { |
1990 | $user->data["hash_$link_name"] = substr(sha1($user->data['user_form_salt'] . $link_name), 0, 8); |
1991 | } |
1992 | |
1993 | return $user->data["hash_$link_name"]; |
1994 | } |
1995 | |
1996 | |
1997 | /** |
1998 | * checks a link hash - for GET requests |
1999 | * @param string $token the submitted token |
2000 | * @param string $link_name The name of the link |
2001 | * @return boolean true if all is fine |
2002 | */ |
2003 | function check_link_hash($token, $link_name) |
2004 | { |
2005 | return $token === generate_link_hash($link_name); |
2006 | } |
2007 | |
2008 | /** |
2009 | * Add a secret token to the form (requires the S_FORM_TOKEN template variable) |
2010 | * @param string $form_name The name of the form; has to match the name used in check_form_key, otherwise no restrictions apply |
2011 | * @param string $template_variable_suffix A string that is appended to the name of the template variable to which the form elements are assigned |
2012 | */ |
2013 | function add_form_key($form_name, $template_variable_suffix = '') |
2014 | { |
2015 | global $phpbb_container, $phpbb_dispatcher, $template; |
2016 | |
2017 | /** @var \phpbb\form\form_helper $form_helper */ |
2018 | $form_helper = $phpbb_container->get('form_helper'); |
2019 | |
2020 | $form_tokens = $form_helper->get_form_tokens($form_name, $now, $token_sid, $token); |
2021 | |
2022 | $s_fields = build_hidden_fields($form_tokens); |
2023 | |
2024 | /** |
2025 | * Perform additional actions on creation of the form token |
2026 | * |
2027 | * @event core.add_form_key |
2028 | * @var string form_name The form name |
2029 | * @var int now Current time timestamp |
2030 | * @var string s_fields Generated hidden fields |
2031 | * @var string token Form token |
2032 | * @var string token_sid User session ID |
2033 | * @var string template_variable_suffix The string that is appended to template variable name |
2034 | * |
2035 | * @since 3.1.0-RC3 |
2036 | * @changed 3.1.11-RC1 Added template_variable_suffix |
2037 | */ |
2038 | $vars = array( |
2039 | 'form_name', |
2040 | 'now', |
2041 | 's_fields', |
2042 | 'token', |
2043 | 'token_sid', |
2044 | 'template_variable_suffix', |
2045 | ); |
2046 | extract($phpbb_dispatcher->trigger_event('core.add_form_key', compact($vars))); |
2047 | |
2048 | $template->assign_var('S_FORM_TOKEN' . $template_variable_suffix, $s_fields); |
2049 | } |
2050 | |
2051 | /** |
2052 | * Check the form key. Required for all altering actions not secured by confirm_box |
2053 | * |
2054 | * @param string $form_name The name of the form; has to match the name used |
2055 | * in add_form_key, otherwise no restrictions apply |
2056 | * @param int $timespan The maximum acceptable age for a submitted form |
2057 | * in seconds. Defaults to the config setting. |
2058 | * @return bool True, if the form key was valid, false otherwise |
2059 | */ |
2060 | function check_form_key($form_name, $timespan = false) |
2061 | { |
2062 | global $phpbb_container; |
2063 | |
2064 | /** @var \phpbb\form\form_helper $form_helper */ |
2065 | $form_helper = $phpbb_container->get('form_helper'); |
2066 | |
2067 | return $form_helper->check_form_tokens($form_name, $timespan !== false ? $timespan : null); |
2068 | } |
2069 | |
2070 | // Message/Login boxes |
2071 | |
2072 | /** |
2073 | * Build Confirm box |
2074 | * @param boolean $check True for checking if confirmed (without any additional parameters) and false for displaying the confirm box |
2075 | * @param string|array $title Title/Message used for confirm box. |
2076 | * message text is _CONFIRM appended to title. |
2077 | * If title cannot be found in user->lang a default one is displayed |
2078 | * If title_CONFIRM cannot be found in user->lang the text given is used. |
2079 | * If title is an array, the first array value is used as explained per above, |
2080 | * all other array values are sent as parameters to the language function. |
2081 | * @param string $hidden Hidden variables |
2082 | * @param string $html_body Template used for confirm box |
2083 | * @param string $u_action Custom form action |
2084 | * |
2085 | * @return bool True if confirmation was successful, false if not |
2086 | */ |
2087 | function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '') |
2088 | { |
2089 | global $user, $template, $db, $request; |
2090 | global $config, $language, $phpbb_path_helper, $phpbb_dispatcher; |
2091 | |
2092 | if (isset($_POST['cancel'])) |
2093 | { |
2094 | return false; |
2095 | } |
2096 | |
2097 | $confirm = ($language->lang('YES') === $request->variable('confirm', '', true, \phpbb\request\request_interface::POST)); |
2098 | |
2099 | if ($check && $confirm) |
2100 | { |
2101 | $user_id = $request->variable('confirm_uid', 0); |
2102 | $session_id = $request->variable('sess', ''); |
2103 | $confirm_key = $request->variable('confirm_key', ''); |
2104 | |
2105 | if ($user_id != $user->data['user_id'] || $session_id != $user->session_id || !$confirm_key || !$user->data['user_last_confirm_key'] || $confirm_key != $user->data['user_last_confirm_key']) |
2106 | { |
2107 | return false; |
2108 | } |
2109 | |
2110 | // Reset user_last_confirm_key |
2111 | $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '' |
2112 | WHERE user_id = " . $user->data['user_id']; |
2113 | $db->sql_query($sql); |
2114 | |
2115 | return true; |
2116 | } |
2117 | else if ($check) |
2118 | { |
2119 | return false; |
2120 | } |
2121 | |
2122 | $s_hidden_fields = build_hidden_fields(array( |
2123 | 'confirm_uid' => $user->data['user_id'], |
2124 | 'sess' => $user->session_id, |
2125 | 'sid' => $user->session_id, |
2126 | )); |
2127 | |
2128 | // generate activation key |
2129 | $confirm_key = gen_rand_string(10); |
2130 | |
2131 | // generate language strings |
2132 | if (is_array($title)) |
2133 | { |
2134 | $key = array_shift($title); |
2135 | $count = array_shift($title); |
2136 | $confirm_title = $language->is_set($key) ? $language->lang($key, $count, $title) : $language->lang('CONFIRM'); |
2137 | $confirm_text = $language->is_set($key . '_CONFIRM') ? $language->lang($key . '_CONFIRM', $count, $title) : $key; |
2138 | } |
2139 | else |
2140 | { |
2141 | $confirm_title = $language->is_set($title) ? $language->lang($title) : $language->lang('CONFIRM'); |
2142 | $confirm_text = $language->is_set($title . '_CONFIRM') ? $language->lang($title . '_CONFIRM') : $title; |
2143 | } |
2144 | |
2145 | if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) |
2146 | { |
2147 | adm_page_header($confirm_title); |
2148 | } |
2149 | else |
2150 | { |
2151 | page_header($confirm_title); |
2152 | } |
2153 | |
2154 | $template->set_filenames(array( |
2155 | 'body' => $html_body) |
2156 | ); |
2157 | |
2158 | // If activation key already exist, we better do not re-use the key (something very strange is going on...) |
2159 | if ($request->variable('confirm_key', '')) |
2160 | { |
2161 | // This should not occur, therefore we cancel the operation to safe the user |
2162 | return false; |
2163 | } |
2164 | |
2165 | // re-add sid / transform & to & for user->page (user->page is always using &) |
2166 | $use_page = ($u_action) ? $u_action : str_replace('&', '&', $user->page['page']); |
2167 | $u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite'])); |
2168 | $u_action .= ((strpos($u_action, '?') === false) ? '?' : '&') . 'confirm_key=' . $confirm_key; |
2169 | |
2170 | $template->assign_vars(array( |
2171 | 'MESSAGE_TITLE' => $confirm_title, |
2172 | 'MESSAGE_TEXT' => $confirm_text, |
2173 | |
2174 | 'YES_VALUE' => $language->lang('YES'), |
2175 | 'S_CONFIRM_ACTION' => $u_action, |
2176 | 'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields, |
2177 | 'S_AJAX_REQUEST' => $request->is_ajax(), |
2178 | )); |
2179 | |
2180 | $sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . $db->sql_escape($confirm_key) . "' |
2181 | WHERE user_id = " . $user->data['user_id']; |
2182 | $db->sql_query($sql); |
2183 | |
2184 | if ($request->is_ajax()) |
2185 | { |
2186 | $u_action .= '&confirm_uid=' . $user->data['user_id'] . '&sess=' . $user->session_id . '&sid=' . $user->session_id; |
2187 | $data = array( |
2188 | 'MESSAGE_BODY' => $template->assign_display('body'), |
2189 | 'MESSAGE_TITLE' => $confirm_title, |
2190 | 'MESSAGE_TEXT' => $confirm_text, |
2191 | |
2192 | 'YES_VALUE' => $language->lang('YES'), |
2193 | 'S_CONFIRM_ACTION' => str_replace('&', '&', $u_action), //inefficient, rewrite whole function |
2194 | 'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields |
2195 | ); |
2196 | |
2197 | /** |
2198 | * This event allows an extension to modify the ajax output of confirm box. |
2199 | * |
2200 | * @event core.confirm_box_ajax_before |
2201 | * @var string u_action Action of the form |
2202 | * @var array data Data to be sent |
2203 | * @var string hidden Hidden fields generated by caller |
2204 | * @var string s_hidden_fields Hidden fields generated by this function |
2205 | * @since 3.2.8-RC1 |
2206 | */ |
2207 | $vars = array( |
2208 | 'u_action', |
2209 | 'data', |
2210 | 'hidden', |
2211 | 's_hidden_fields', |
2212 | ); |
2213 | extract($phpbb_dispatcher->trigger_event('core.confirm_box_ajax_before', compact($vars))); |
2214 | |
2215 | $json_response = new \phpbb\json_response; |
2216 | $json_response->send($data); |
2217 | } |
2218 | |
2219 | if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) |
2220 | { |
2221 | adm_page_footer(); |
2222 | } |
2223 | else |
2224 | { |
2225 | page_footer(); |
2226 | } |
2227 | |
2228 | exit; // unreachable, page_footer() above will call exit() |
2229 | } |
2230 | |
2231 | /** |
2232 | * Generate login box or verify password |
2233 | */ |
2234 | function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) |
2235 | { |
2236 | global $user, $template, $auth, $phpEx, $phpbb_root_path, $config; |
2237 | global $request, $phpbb_container, $phpbb_dispatcher, $phpbb_log; |
2238 | |
2239 | $err = ''; |
2240 | $form_name = 'login'; |
2241 | $username = $autologin = false; |
2242 | |
2243 | // Make sure user->setup() has been called |
2244 | if (!$user->is_setup()) |
2245 | { |
2246 | $user->setup(); |
2247 | } |
2248 | |
2249 | /** |
2250 | * This event allows an extension to modify the login process |
2251 | * |
2252 | * @event core.login_box_before |
2253 | * @var string redirect Redirect string |
2254 | * @var string l_explain Explain language string |
2255 | * @var string l_success Success language string |
2256 | * @var bool admin Is admin? |
2257 | * @var bool s_display Display full login form? |
2258 | * @var string err Error string |
2259 | * @since 3.1.9-RC1 |
2260 | */ |
2261 | $vars = array('redirect', 'l_explain', 'l_success', 'admin', 's_display', 'err'); |
2262 | extract($phpbb_dispatcher->trigger_event('core.login_box_before', compact($vars))); |
2263 | |
2264 | // Print out error if user tries to authenticate as an administrator without having the privileges... |
2265 | if ($admin && !$auth->acl_get('a_')) |
2266 | { |
2267 | // Not authd |
2268 | // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions |
2269 | if ($user->data['is_registered']) |
2270 | { |
2271 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ADMIN_AUTH_FAIL'); |
2272 | } |
2273 | send_status_line(403, 'Forbidden'); |
2274 | trigger_error('NO_AUTH_ADMIN'); |
2275 | } |
2276 | |
2277 | if (empty($err) && ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external'))) |
2278 | { |
2279 | // Get credential |
2280 | if ($admin) |
2281 | { |
2282 | $credential = $request->variable('credential', ''); |
2283 | |
2284 | if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32) |
2285 | { |
2286 | if ($user->data['is_registered']) |
2287 | { |
2288 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ADMIN_AUTH_FAIL'); |
2289 | } |
2290 | send_status_line(403, 'Forbidden'); |
2291 | trigger_error('NO_AUTH_ADMIN'); |
2292 | } |
2293 | |
2294 | $password = $request->untrimmed_variable('password_' . $credential, '', true); |
2295 | } |
2296 | else |
2297 | { |
2298 | $password = $request->untrimmed_variable('password', '', true); |
2299 | } |
2300 | |
2301 | $username = $request->variable('username', '', true); |
2302 | $autologin = $request->is_set_post('autologin'); |
2303 | $viewonline = (int) !$request->is_set_post('viewonline'); |
2304 | $admin = ($admin) ? 1 : 0; |
2305 | $viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline; |
2306 | |
2307 | // Check if the supplied username is equal to the one stored within the database if re-authenticating |
2308 | if ($admin && utf8_clean_string($username) != utf8_clean_string($user->data['username'])) |
2309 | { |
2310 | // We log the attempt to use a different username... |
2311 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ADMIN_AUTH_FAIL'); |
2312 | |
2313 | send_status_line(403, 'Forbidden'); |
2314 | trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); |
2315 | } |
2316 | |
2317 | // Check form key |
2318 | if ($password && !defined('IN_CHECK_BAN') && !check_form_key($form_name)) |
2319 | { |
2320 | $result = array( |
2321 | 'status' => false, |
2322 | 'error_msg' => 'FORM_INVALID', |
2323 | ); |
2324 | } |
2325 | else |
2326 | { |
2327 | // If authentication is successful we redirect user to previous page |
2328 | $result = $auth->login($username, $password, $autologin, $viewonline, $admin); |
2329 | } |
2330 | |
2331 | // If admin authentication and login, we will log if it was a success or not... |
2332 | // We also break the operation on the first non-success login - it could be argued that the user already knows |
2333 | if ($admin) |
2334 | { |
2335 | if ($result['status'] == LOGIN_SUCCESS) |
2336 | { |
2337 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ADMIN_AUTH_SUCCESS'); |
2338 | } |
2339 | else |
2340 | { |
2341 | // Only log the failed attempt if a real user tried to. |
2342 | // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions |
2343 | if ($user->data['is_registered']) |
2344 | { |
2345 | $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ADMIN_AUTH_FAIL'); |
2346 | } |
2347 | } |
2348 | } |
2349 | |
2350 | // The result parameter is always an array, holding the relevant information... |
2351 | if ($result['status'] == LOGIN_SUCCESS) |
2352 | { |
2353 | $redirect = $request->variable('redirect', "{$phpbb_root_path}index.$phpEx"); |
2354 | |
2355 | /** |
2356 | * This event allows an extension to modify the redirection when a user successfully logs in |
2357 | * |
2358 | * @event core.login_box_redirect |
2359 | * @var string redirect Redirect string |
2360 | * @var bool admin Is admin? |
2361 | * @var array result Result from auth provider |
2362 | * @since 3.1.0-RC5 |
2363 | * @changed 3.1.9-RC1 Removed undefined return variable |
2364 | * @changed 3.2.4-RC1 Added result |
2365 | */ |
2366 | $vars = array('redirect', 'admin', 'result'); |
2367 | extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars))); |
2368 | |
2369 | // append/replace SID (may change during the session for AOL users) |
2370 | $redirect = reapply_sid($redirect); |
2371 | |
2372 | // Special case... the user is effectively banned, but we allow founders to login |
2373 | if (defined('IN_CHECK_BAN') && $result['user_row']['user_type'] != USER_FOUNDER) |
2374 | { |
2375 | return; |
2376 | } |
2377 | |
2378 | redirect($redirect); |
2379 | } |
2380 | |
2381 | // Something failed, determine what... |
2382 | if ($result['status'] == LOGIN_BREAK) |
2383 | { |
2384 | trigger_error($result['error_msg']); |
2385 | } |
2386 | |
2387 | // Special cases... determine |
2388 | switch ($result['status']) |
2389 | { |
2390 | case LOGIN_ERROR_PASSWORD_CONVERT: |
2391 | $err = sprintf( |
2392 | $user->lang[$result['error_msg']], |
2393 | ($config['email_enable']) ? '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') . '">' : '', |
2394 | ($config['email_enable']) ? '</a>' : '', |
2395 | '<a href="' . phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx) . '">', |
2396 | '</a>' |
2397 | ); |
2398 | break; |
2399 | |
2400 | case LOGIN_ERROR_ATTEMPTS: |
2401 | |
2402 | $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); |
2403 | $captcha->init(CONFIRM_LOGIN); |
2404 | // $captcha->reset(); |
2405 | |
2406 | $template->assign_vars(array( |
2407 | 'CAPTCHA_TEMPLATE' => $captcha->get_template(), |
2408 | )); |
2409 | // no break; |
2410 | |
2411 | // Username, password, etc... |
2412 | default: |
2413 | $err = $user->lang[$result['error_msg']]; |
2414 | |
2415 | // Assign admin contact to some error messages |
2416 | if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') |
2417 | { |
2418 | $err = sprintf($user->lang[$result['error_msg']], '<a href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contactadmin') . '">', '</a>'); |
2419 | } |
2420 | |
2421 | break; |
2422 | } |
2423 | |
2424 | /** |
2425 | * This event allows an extension to process when a user fails a login attempt |
2426 | * |
2427 | * @event core.login_box_failed |
2428 | * @var array result Login result data |
2429 | * @var string username User name used to login |
2430 | * @var string password Password used to login |
2431 | * @var string err Error message |
2432 | * @since 3.1.3-RC1 |
2433 | */ |
2434 | $vars = array('result', 'username', 'password', 'err'); |
2435 | extract($phpbb_dispatcher->trigger_event('core.login_box_failed', compact($vars))); |
2436 | } |
2437 | |
2438 | // Assign credential for username/password pair |
2439 | $credential = ($admin) ? md5(unique_id()) : false; |
2440 | |
2441 | $s_hidden_fields = array( |
2442 | 'sid' => $user->session_id, |
2443 | ); |
2444 | |
2445 | if ($redirect) |
2446 | { |
2447 | $s_hidden_fields['redirect'] = $redirect; |
2448 | } |
2449 | |
2450 | if ($admin) |
2451 | { |
2452 | $s_hidden_fields['credential'] = $credential; |
2453 | } |
2454 | |
2455 | /* @var $provider_collection \phpbb\auth\provider_collection */ |
2456 | $provider_collection = $phpbb_container->get('auth.provider_collection'); |
2457 | $auth_provider = $provider_collection->get_provider(); |
2458 | |
2459 | $auth_provider_data = $auth_provider->get_login_data(); |
2460 | if ($auth_provider_data) |
2461 | { |
2462 | if (isset($auth_provider_data['VARS'])) |
2463 | { |
2464 | $template->assign_vars($auth_provider_data['VARS']); |
2465 | } |
2466 | |
2467 | if (isset($auth_provider_data['BLOCK_VAR_NAME'])) |
2468 | { |
2469 | foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars) |
2470 | { |
2471 | $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars); |
2472 | } |
2473 | } |
2474 | |
2475 | $template->assign_vars(array( |
2476 | 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'], |
2477 | )); |
2478 | } |
2479 | |
2480 | $s_hidden_fields = build_hidden_fields($s_hidden_fields); |
2481 | |
2482 | /** @var \phpbb\controller\helper $controller_helper */ |
2483 | $controller_helper = $phpbb_container->get('controller.helper'); |
2484 | |
2485 | $login_box_template_data = array( |
2486 | 'LOGIN_ERROR' => $err, |
2487 | 'LOGIN_EXPLAIN' => $l_explain, |
2488 | |
2489 | 'U_SEND_PASSWORD' => ($config['email_enable'] && $config['allow_password_reset']) ? $controller_helper->route('phpbb_ucp_forgot_password_controller') : '', |
2490 | 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', |
2491 | 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), |
2492 | 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), |
2493 | 'UA_PRIVACY' => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy')), |
2494 | |
2495 | 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false, |
2496 | 'S_HIDDEN_FIELDS' => $s_hidden_fields, |
2497 | |
2498 | 'S_ADMIN_AUTH' => $admin, |
2499 | 'USERNAME' => ($admin) ? $user->data['username'] : '', |
2500 | |
2501 | 'USERNAME_CREDENTIAL' => 'username', |
2502 | 'PASSWORD_CREDENTIAL' => ($admin) ? 'password_' . $credential : 'password', |
2503 | ); |
2504 | |
2505 | /** |
2506 | * Event to add/modify login box template data |
2507 | * |
2508 | * @event core.login_box_modify_template_data |
2509 | * @var int admin Flag whether user is admin |
2510 | * @var string username User name |
2511 | * @var int autologin Flag whether autologin is enabled |
2512 | * @var string redirect Redirect URL |
2513 | * @var array login_box_template_data Array with the login box template data |
2514 | * @since 3.2.3-RC2 |
2515 | */ |
2516 | $vars = array( |
2517 | 'admin', |
2518 | 'username', |
2519 | 'autologin', |
2520 | 'redirect', |
2521 | 'login_box_template_data', |
2522 | ); |
2523 | extract($phpbb_dispatcher->trigger_event('core.login_box_modify_template_data', compact($vars))); |
2524 | |
2525 | $template->assign_vars($login_box_template_data); |
2526 | |
2527 | page_header($user->lang['LOGIN']); |
2528 | |
2529 | $template->set_filenames(array( |
2530 | 'body' => 'login_body.html') |
2531 | ); |
2532 | make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx")); |
2533 | |
2534 | page_footer(); |
2535 | } |
2536 | |
2537 | /** |
2538 | * Generate forum login box |
2539 | */ |
2540 | function login_forum_box($forum_data) |
2541 | { |
2542 | global $db, $phpbb_container, $request, $template, $user, $phpbb_dispatcher, $phpbb_root_path, $phpEx; |
2543 | |
2544 | $password = $request->variable('password', '', true); |
2545 | |
2546 | $sql = 'SELECT forum_id |
2547 | FROM ' . FORUMS_ACCESS_TABLE . ' |
2548 | WHERE forum_id = ' . $forum_data['forum_id'] . ' |
2549 | AND user_id = ' . $user->data['user_id'] . " |
2550 | AND session_id = '" . $db->sql_escape($user->session_id) . "'"; |
2551 | $result = $db->sql_query($sql); |
2552 | $row = $db->sql_fetchrow($result); |
2553 | $db->sql_freeresult($result); |
2554 | |
2555 | if ($row) |
2556 | { |
2557 | return true; |
2558 | } |
2559 | |
2560 | if ($password) |
2561 | { |
2562 | // Remove expired authorised sessions |
2563 | $sql = 'SELECT f.session_id |
2564 | FROM ' . FORUMS_ACCESS_TABLE . ' f |
2565 | LEFT JOIN ' . SESSIONS_TABLE . ' s ON (f.session_id = s.session_id) |
2566 | WHERE s.session_id IS NULL'; |
2567 | $result = $db->sql_query($sql); |
2568 | |
2569 | if ($row = $db->sql_fetchrow($result)) |
2570 | { |
2571 | $sql_in = array(); |
2572 | do |
2573 | { |
2574 | $sql_in[] = (string) $row['session_id']; |
2575 | } |
2576 | while ($row = $db->sql_fetchrow($result)); |
2577 | |
2578 | // Remove expired sessions |
2579 | $sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . ' |
2580 | WHERE ' . $db->sql_in_set('session_id', $sql_in); |
2581 | $db->sql_query($sql); |
2582 | } |
2583 | $db->sql_freeresult($result); |
2584 | |
2585 | /* @var $passwords_manager \phpbb\passwords\manager */ |
2586 | $passwords_manager = $phpbb_container->get('passwords.manager'); |
2587 | |
2588 | if ($passwords_manager->check($password, $forum_data['forum_password'])) |
2589 | { |
2590 | $sql_ary = array( |
2591 | 'forum_id' => (int) $forum_data['forum_id'], |
2592 | 'user_id' => (int) $user->data['user_id'], |
2593 | 'session_id' => (string) $user->session_id, |
2594 | ); |
2595 | |
2596 | $db->sql_query('INSERT INTO ' . FORUMS_ACCESS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); |
2597 | |
2598 | return true; |
2599 | } |
2600 | |
2601 | $template->assign_var('LOGIN_ERROR', $user->lang['WRONG_PASSWORD']); |
2602 | } |
2603 | |
2604 | /** |
2605 | * Performing additional actions, load additional data on forum login |
2606 | * |
2607 | * @event core.login_forum_box |
2608 | * @var array forum_data Array with forum data |
2609 | * @var string password Password entered |
2610 | * @since 3.1.0-RC3 |
2611 | */ |
2612 | $vars = array('forum_data', 'password'); |
2613 | extract($phpbb_dispatcher->trigger_event('core.login_forum_box', compact($vars))); |
2614 | |
2615 | page_header($user->lang['LOGIN']); |
2616 | |
2617 | $template->assign_vars(array( |
2618 | 'FORUM_NAME' => isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '', |
2619 | 'S_LOGIN_ACTION' => build_url(array('f')), |
2620 | 'S_HIDDEN_FIELDS' => build_hidden_fields(array('f' => $forum_data['forum_id']))) |
2621 | ); |
2622 | |
2623 | $template->set_filenames(array( |
2624 | 'body' => 'login_forum.html') |
2625 | ); |
2626 | |
2627 | make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"), $forum_data['forum_id']); |
2628 | |
2629 | page_footer(); |
2630 | } |
2631 | |
2632 | // Little helpers |
2633 | |
2634 | /** |
2635 | * Little helper for the build_hidden_fields function |
2636 | */ |
2637 | function _build_hidden_fields($key, $value, $specialchar, $stripslashes) |
2638 | { |
2639 | $hidden_fields = ''; |
2640 | |
2641 | if (!is_array($value)) |
2642 | { |
2643 | $value = ($stripslashes) ? stripslashes($value) : $value; |
2644 | $value = ($specialchar) ? htmlspecialchars($value, ENT_COMPAT, 'UTF-8') : $value; |
2645 | |
2646 | $hidden_fields .= '<input type="hidden" name="' . $key . '" value="' . $value . '" />' . "\n"; |
2647 | } |
2648 | else |
2649 | { |
2650 | foreach ($value as $_key => $_value) |
2651 | { |
2652 | $_key = ($stripslashes) ? stripslashes($_key) : $_key; |
2653 | $_key = ($specialchar) ? htmlspecialchars($_key, ENT_COMPAT, 'UTF-8') : $_key; |
2654 | |
2655 | $hidden_fields .= _build_hidden_fields($key . '[' . $_key . ']', $_value, $specialchar, $stripslashes); |
2656 | } |
2657 | } |
2658 | |
2659 | return $hidden_fields; |
2660 | } |
2661 | |
2662 | /** |
2663 | * Build simple hidden fields from array |
2664 | * |
2665 | * @param array $field_ary an array of values to build the hidden field from |
2666 | * @param bool $specialchar if true, keys and values get specialchared |
2667 | * @param bool $stripslashes if true, keys and values get stripslashed |
2668 | * |
2669 | * @return string the hidden fields |
2670 | */ |
2671 | function build_hidden_fields($field_ary, $specialchar = false, $stripslashes = false) |
2672 | { |
2673 | $s_hidden_fields = ''; |
2674 | |
2675 | foreach ($field_ary as $name => $vars) |
2676 | { |
2677 | $name = ($stripslashes) ? stripslashes($name) : $name; |
2678 | $name = ($specialchar) ? htmlspecialchars($name, ENT_COMPAT, 'UTF-8') : $name; |
2679 | |
2680 | $s_hidden_fields .= _build_hidden_fields($name, $vars, $specialchar, $stripslashes); |
2681 | } |
2682 | |
2683 | return $s_hidden_fields; |
2684 | } |
2685 | |
2686 | /** |
2687 | * Return a nicely formatted backtrace. |
2688 | * |
2689 | * Turns the array returned by debug_backtrace() into HTML markup. |
2690 | * Also filters out absolute paths to phpBB root. |
2691 | * |
2692 | * @return string HTML markup |
2693 | */ |
2694 | function get_backtrace() |
2695 | { |
2696 | $output = '<div style="font-family: monospace;">'; |
2697 | $backtrace = debug_backtrace(); |
2698 | |
2699 | // We skip the first one, because it only shows this file/function |
2700 | unset($backtrace[0]); |
2701 | |
2702 | foreach ($backtrace as $trace) |
2703 | { |
2704 | // Strip the current directory from path |
2705 | $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']), ENT_COMPAT); |
2706 | $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line']; |
2707 | |
2708 | // Only show function arguments for include etc. |
2709 | // Other parameters may contain sensible information |
2710 | $argument = ''; |
2711 | if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once'))) |
2712 | { |
2713 | $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]), ENT_COMPAT); |
2714 | } |
2715 | |
2716 | $trace['class'] = (!isset($trace['class'])) ? '' : $trace['class']; |
2717 | $trace['type'] = (!isset($trace['type'])) ? '' : $trace['type']; |
2718 | |
2719 | $output .= '<br />'; |
2720 | $output .= '<b>FILE:</b> ' . $trace['file'] . '<br />'; |
2721 | $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />'; |
2722 | |
2723 | $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function'], ENT_COMPAT); |
2724 | $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />'; |
2725 | } |
2726 | $output .= '</div>'; |
2727 | return $output; |
2728 | } |
2729 | |
2730 | /** |
2731 | * This function returns a regular expression pattern for commonly used expressions |
2732 | * Use with / as delimiter for email mode and # for url modes |
2733 | * mode can be: email|bbcode_htm|url|url_inline|www_url|www_url_inline|relative_url|relative_url_inline|ipv4|ipv6 |
2734 | */ |
2735 | function get_preg_expression($mode) |
2736 | { |
2737 | switch ($mode) |
2738 | { |
2739 | case 'email': |
2740 | // Regex written by James Watts and Francisco Jose Martin Moreno |
2741 | // http://fightingforalostcause.net/misc/2006/compare-email-regex.php |
2742 | return '((?:[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+)@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)'; |
2743 | break; |
2744 | |
2745 | case 'bbcode_htm': |
2746 | return array( |
2747 | '#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#', |
2748 | '#<!\-\- l \-\-><a (?:class="[\w-]+" )?href="(.*?)(?:(&|\?)sid=[0-9a-f]{32})?">.*?</a><!\-\- l \-\->#', |
2749 | '#<!\-\- ([mw]) \-\-><a (?:class="[\w-]+" )?href="http://(.*?)">\2</a><!\-\- \1 \-\->#', |
2750 | '#<!\-\- ([mw]) \-\-><a (?:class="[\w-]+" )?href="(.*?)">.*?</a><!\-\- \1 \-\->#', |
2751 | '#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#', |
2752 | '#<!\-\- .*? \-\->#s', |
2753 | '#<.*?>#s', |
2754 | ); |
2755 | break; |
2756 | |
2757 | // Whoa these look impressive! |
2758 | // The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses |
2759 | // can be found in the develop directory |
2760 | |
2761 | // @deprecated |
2762 | case 'ipv4': |
2763 | return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#'; |
2764 | break; |
2765 | |
2766 | // @deprecated |
2767 | case 'ipv6': |
2768 | return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i'; |
2769 | break; |
2770 | |
2771 | case 'url': |
2772 | // generated with regex_idn.php file in the develop folder |
2773 | return "[a-z][a-z\d+\-.]*(?<!javascript):/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2774 | break; |
2775 | |
2776 | case 'url_http': |
2777 | // generated with regex_idn.php file in the develop folder |
2778 | return "http[s]?:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2779 | break; |
2780 | |
2781 | case 'url_inline': |
2782 | // generated with regex_idn.php file in the develop folder |
2783 | return "[a-z][a-z\d+]*(?<!javascript):/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2784 | break; |
2785 | |
2786 | case 'www_url': |
2787 | // generated with regex_idn.php file in the develop folder |
2788 | return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2789 | break; |
2790 | |
2791 | case 'www_url_inline': |
2792 | // generated with regex_idn.php file in the develop folder |
2793 | return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2794 | break; |
2795 | |
2796 | case 'relative_url': |
2797 | // generated with regex_idn.php file in the develop folder |
2798 | return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2799 | break; |
2800 | |
2801 | case 'relative_url_inline': |
2802 | // generated with regex_idn.php file in the develop folder |
2803 | return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; |
2804 | break; |
2805 | |
2806 | case 'table_prefix': |
2807 | return '#^[a-zA-Z][a-zA-Z0-9_]*$#'; |
2808 | break; |
2809 | |
2810 | // Matches the predecing dot |
2811 | case 'path_remove_dot_trailing_slash': |
2812 | return '#^(?:(\.)?)+(?:(.+)?)+(?:([\\/\\\])$)#'; |
2813 | break; |
2814 | |
2815 | case 'semantic_version': |
2816 | // Regular expression to match semantic versions by http://rgxdb.com/ |
2817 | return '/(?<=^[Vv]|^)(?:(?<major>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<minor>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<patch>(?:0|[1-9](?:(?:0|[1-9])+)*))(?:-(?<prerelease>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*)))*))?(?:[+](?<build>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+)))*))?)$/'; |
2818 | break; |
2819 | } |
2820 | |
2821 | return ''; |
2822 | } |
2823 | |
2824 | /** |
2825 | * Generate regexp for naughty words censoring |
2826 | * Depends on whether installed PHP version supports unicode properties |
2827 | * |
2828 | * @param string $word word template to be replaced |
2829 | * |
2830 | * @return string $preg_expr regex to use with word censor |
2831 | */ |
2832 | function get_censor_preg_expression($word) |
2833 | { |
2834 | // Unescape the asterisk to simplify further conversions |
2835 | $word = str_replace('\*', '*', preg_quote($word, '#')); |
2836 | |
2837 | // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes |
2838 | $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word); |
2839 | |
2840 | // Generate the final substitution |
2841 | $preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu'; |
2842 | |
2843 | return $preg_expr; |
2844 | } |
2845 | |
2846 | /** |
2847 | * Returns the first block of the specified IPv6 address and as many additional |
2848 | * ones as specified in the length parameter. |
2849 | * If length is zero, then an empty string is returned. |
2850 | * If length is greater than 3 the complete IP will be returned |
2851 | */ |
2852 | function short_ipv6($ip, $length) |
2853 | { |
2854 | if ($length < 1) |
2855 | { |
2856 | return ''; |
2857 | } |
2858 | |
2859 | // Handle IPv4 embedded IPv6 addresses |
2860 | if (preg_match('/(?:\d{1,3}\.){3}\d{1,3}$/i', $ip)) |
2861 | { |
2862 | $binary_ip = inet_pton($ip); |
2863 | $ip_v6 = $binary_ip ? inet_ntop($binary_ip) : $ip; |
2864 | $ip = $ip_v6 ?: $ip; |
2865 | } |
2866 | |
2867 | // extend IPv6 addresses |
2868 | $blocks = substr_count($ip, ':') + 1; |
2869 | if ($blocks < 9) |
2870 | { |
2871 | $ip = str_replace('::', ':' . str_repeat('0000:', 9 - $blocks), $ip); |
2872 | } |
2873 | if ($ip[0] == ':') |
2874 | { |
2875 | $ip = '0000' . $ip; |
2876 | } |
2877 | if ($length < 4) |
2878 | { |
2879 | $ip = implode(':', array_slice(explode(':', $ip), 0, 1 + $length)); |
2880 | } |
2881 | |
2882 | return $ip; |
2883 | } |
2884 | |
2885 | /** |
2886 | * Normalises an internet protocol address, |
2887 | * also checks whether the specified address is valid. |
2888 | * |
2889 | * IPv4 addresses are returned 'as is'. |
2890 | * |
2891 | * IPv6 addresses are normalised according to |
2892 | * A Recommendation for IPv6 Address Text Representation |
2893 | * http://tools.ietf.org/html/draft-ietf-6man-text-addr-representation-07 |
2894 | * |
2895 | * @param string $address IP address |
2896 | * |
2897 | * @return string|false false if specified address is not valid, |
2898 | * string otherwise |
2899 | */ |
2900 | function phpbb_ip_normalise(string $address) |
2901 | { |
2902 | $ip_normalised = false; |
2903 | |
2904 | if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) |
2905 | { |
2906 | $ip_normalised = $address; |
2907 | } |
2908 | else if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) |
2909 | { |
2910 | $ip_normalised = inet_ntop(inet_pton($address)); |
2911 | |
2912 | // If is ipv4 |
2913 | if (stripos($ip_normalised, '::ffff:') === 0) |
2914 | { |
2915 | $ip_normalised = substr($ip_normalised, 7); |
2916 | } |
2917 | } |
2918 | |
2919 | return $ip_normalised; |
2920 | } |
2921 | |
2922 | // Handler, header and footer |
2923 | |
2924 | /** |
2925 | * Error and message handler, call with trigger_error if read |
2926 | * @return bool true to bypass internal error handler, false otherwise |
2927 | */ |
2928 | function msg_handler($errno, $msg_text, $errfile, $errline): bool |
2929 | { |
2930 | global $cache, $db, $auth, $template, $config, $user, $request; |
2931 | global $phpbb_root_path, $msg_title, $msg_long_text, $phpbb_log; |
2932 | global $phpbb_container; |
2933 | |
2934 | // https://www.php.net/manual/en/language.operators.errorcontrol.php |
2935 | // error_reporting() return a different error code inside the error handler after php 8.0 |
2936 | $suppresed = E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR | E_PARSE; |
2937 | if (PHP_VERSION_ID < 80000) |
2938 | { |
2939 | $suppresed = 0; |
2940 | } |
2941 | |
2942 | // Do not display notices if we suppress them via @ |
2943 | if (error_reporting() == $suppresed && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) |
2944 | { |
2945 | return true; |
2946 | } |
2947 | |
2948 | // Message handler is stripping text. In case we need it, we are possible to define long text... |
2949 | if (isset($msg_long_text) && $msg_long_text && !$msg_text) |
2950 | { |
2951 | $msg_text = $msg_long_text; |
2952 | } |
2953 | |
2954 | switch ($errno) |
2955 | { |
2956 | case E_NOTICE: |
2957 | case E_WARNING: |
2958 | |
2959 | // Check the error reporting level and return if the error level does not match |
2960 | // If DEBUG is defined the default level is E_ALL |
2961 | if (($errno & ($phpbb_container != null && $phpbb_container->getParameter('debug.show_errors') ? E_ALL : error_reporting())) == 0) |
2962 | { |
2963 | return true; |
2964 | } |
2965 | |
2966 | if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) |
2967 | { |
2968 | $errfile = phpbb_filter_root_path($errfile); |
2969 | $msg_text = phpbb_filter_root_path($msg_text); |
2970 | $error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice'; |
2971 | echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n"; |
2972 | |
2973 | // we are writing an image - the user won't see the debug, so let's place it in the log |
2974 | if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) |
2975 | { |
2976 | $phpbb_log->add('critical', $user->data['user_id'], $user->ip, 'LOG_IMAGE_GENERATION_ERROR', false, array($errfile, $errline, $msg_text)); |
2977 | } |
2978 | // echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n"; |
2979 | } |
2980 | |
2981 | return true; |
2982 | |
2983 | break; |
2984 | |
2985 | case E_USER_ERROR: |
2986 | |
2987 | if (!empty($user) && $user->is_setup()) |
2988 | { |
2989 | $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text; |
2990 | $msg_title = (!isset($msg_title)) ? $user->lang['GENERAL_ERROR'] : ((!empty($user->lang[$msg_title])) ? $user->lang[$msg_title] : $msg_title); |
2991 | |
2992 | $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>'); |
2993 | $l_notify = ''; |
2994 | |
2995 | if (!empty($config['board_contact'])) |
2996 | { |
2997 | $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>'; |
2998 | } |
2999 | } |
3000 | else |
3001 | { |
3002 | $msg_title = 'General Error'; |
3003 | $l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>'; |
3004 | $l_notify = ''; |
3005 | |
3006 | if (!empty($config['board_contact'])) |
3007 | { |
3008 | $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>'; |
3009 | } |
3010 | } |
3011 | |
3012 | $log_text = $msg_text; |
3013 | $backtrace = get_backtrace(); |
3014 | if ($backtrace) |
3015 | { |
3016 | $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace; |
3017 | } |
3018 | |
3019 | if (defined('IN_INSTALL') || ($phpbb_container != null && $phpbb_container->getParameter('debug.show_errors')) || isset($auth) && $auth->acl_get('a_')) |
3020 | { |
3021 | $msg_text = $log_text; |
3022 | |
3023 | // If this is defined there already was some output |
3024 | // So let's not break it |
3025 | if (defined('IN_DB_UPDATE')) |
3026 | { |
3027 | echo '<div class="errorbox">' . $msg_text . '</div>'; |
3028 | |
3029 | $db->sql_return_on_error(true); |
3030 | phpbb_end_update($cache, $config); |
3031 | } |
3032 | } |
3033 | |
3034 | if ((defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) |
3035 | { |
3036 | // let's avoid loops |
3037 | $db->sql_return_on_error(true); |
3038 | $phpbb_log->add('critical', $user->data['user_id'], $user->ip, 'LOG_GENERAL_ERROR', false, array($msg_title, $log_text)); |
3039 | $db->sql_return_on_error(false); |
3040 | } |
3041 | |
3042 | // Do not send 200 OK, but service unavailable on errors |
3043 | send_status_line(503, 'Service Unavailable'); |
3044 | |
3045 | garbage_collection(); |
3046 | |
3047 | // Try to not call the adm page data... |
3048 | |
3049 | echo '<!DOCTYPE html>'; |
3050 | echo '<html dir="ltr">'; |
3051 | echo '<head>'; |
3052 | echo '<meta charset="utf-8">'; |
3053 | echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">'; |
3054 | echo '<title>' . $msg_title . '</title>'; |
3055 | echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n"; |
3056 | echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } '; |
3057 | echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } '; |
3058 | echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } '; |
3059 | echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px #A9B8C2; } '; |
3060 | echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } '; |
3061 | echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } '; |
3062 | echo "\n" . '/* ]]> */' . "\n"; |
3063 | echo '</style>'; |
3064 | echo '</head>'; |
3065 | echo '<body id="errorpage">'; |
3066 | echo '<div id="wrap">'; |
3067 | echo ' <div id="page-header">'; |
3068 | echo ' ' . $l_return_index; |
3069 | echo ' </div>'; |
3070 | echo ' <div id="acp">'; |
3071 | echo ' <div class="panel">'; |
3072 | echo ' <div id="content">'; |
3073 | echo ' <h1>' . $msg_title . '</h1>'; |
3074 | |
3075 | echo ' <div>' . $msg_text . '</div>'; |
3076 | |
3077 | echo $l_notify; |
3078 | |
3079 | echo ' </div>'; |
3080 | echo ' </div>'; |
3081 | echo ' </div>'; |
3082 | echo ' <div id="page-footer">'; |
3083 | echo ' Powered by <a href="https://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Limited'; |
3084 | echo ' </div>'; |
3085 | echo '</div>'; |
3086 | echo '</body>'; |
3087 | echo '</html>'; |
3088 | |
3089 | exit_handler(); |
3090 | |
3091 | // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here. |
3092 | exit; |
3093 | break; |
3094 | |
3095 | case E_USER_WARNING: |
3096 | case E_USER_NOTICE: |
3097 | |
3098 | define('IN_ERROR_HANDLER', true); |
3099 | |
3100 | if (empty($user->data)) |
3101 | { |
3102 | $user->session_begin(); |
3103 | } |
3104 | |
3105 | // We re-init the auth array to get correct results on login/logout |
3106 | $auth->acl($user->data); |
3107 | |
3108 | if (!$user->is_setup()) |
3109 | { |
3110 | $user->setup(); |
3111 | } |
3112 | |
3113 | if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') |
3114 | { |
3115 | send_status_line(404, 'Not Found'); |
3116 | } |
3117 | |
3118 | $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text; |
3119 | $msg_title = (!isset($msg_title)) ? $user->lang['INFORMATION'] : ((!empty($user->lang[$msg_title])) ? $user->lang[$msg_title] : $msg_title); |
3120 | |
3121 | if (!defined('HEADER_INC')) |
3122 | { |
3123 | if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) |
3124 | { |
3125 | adm_page_header($msg_title); |
3126 | } |
3127 | else |
3128 | { |
3129 | page_header($msg_title); |
3130 | } |
3131 | } |
3132 | |
3133 | $template->set_filenames(array( |
3134 | 'body' => 'message_body.html') |
3135 | ); |
3136 | |
3137 | $template->assign_vars(array( |
3138 | 'MESSAGE_TITLE' => $msg_title, |
3139 | 'MESSAGE_TEXT' => $msg_text, |
3140 | 'S_USER_WARNING' => ($errno == E_USER_WARNING) ? true : false, |
3141 | 'S_USER_NOTICE' => ($errno == E_USER_NOTICE) ? true : false) |
3142 | ); |
3143 | |
3144 | if ($request->is_ajax()) |
3145 | { |
3146 | global $refresh_data; |
3147 | |
3148 | $json_response = new \phpbb\json_response; |
3149 | $json_response->send(array( |
3150 | 'MESSAGE_TITLE' => $msg_title, |
3151 | 'MESSAGE_TEXT' => $msg_text, |
3152 | 'S_USER_WARNING' => ($errno == E_USER_WARNING) ? true : false, |
3153 | 'S_USER_NOTICE' => ($errno == E_USER_NOTICE) ? true : false, |
3154 | 'REFRESH_DATA' => (!empty($refresh_data)) ? $refresh_data : null |
3155 | )); |
3156 | } |
3157 | |
3158 | // We do not want the cron script to be called on error messages |
3159 | define('IN_CRON', true); |
3160 | |
3161 | if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) |
3162 | { |
3163 | adm_page_footer(); |
3164 | } |
3165 | else |
3166 | { |
3167 | page_footer(); |
3168 | } |
3169 | |
3170 | exit_handler(); |
3171 | break; |
3172 | |
3173 | // PHP4 compatibility |
3174 | case E_DEPRECATED: |
3175 | return true; |
3176 | break; |
3177 | } |
3178 | |
3179 | // If we notice an error not handled here we pass this back to PHP by returning false |
3180 | // This may not work for all php versions |
3181 | return false; |
3182 | } |
3183 | |
3184 | /** |
3185 | * Removes absolute path to phpBB root directory from error messages |
3186 | * and converts backslashes to forward slashes. |
3187 | * |
3188 | * @param string $errfile Absolute file path |
3189 | * (e.g. /var/www/phpbb3/phpBB/includes/functions.php) |
3190 | * Please note that if $errfile is outside of the phpBB root, |
3191 | * the root path will not be found and can not be filtered. |
3192 | * @return string Relative file path |
3193 | * (e.g. /includes/functions.php) |
3194 | */ |
3195 | function phpbb_filter_root_path($errfile) |
3196 | { |
3197 | static $root_path; |
3198 | |
3199 | if (empty($root_path)) |
3200 | { |
3201 | $root_path = \phpbb\filesystem\helper::realpath(__DIR__ . '/../'); |
3202 | } |
3203 | |
3204 | return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile); |
3205 | } |
3206 | |
3207 | /** |
3208 | * Queries the session table to get information about online guests |
3209 | * @param int $item_id Limits the search to the item with this id |
3210 | * @param string $item The name of the item which is stored in the session table as session_{$item}_id |
3211 | * @return int The number of active distinct guest sessions |
3212 | */ |
3213 | function obtain_guest_count($item_id = 0, $item = 'forum') |
3214 | { |
3215 | global $db, $config; |
3216 | |
3217 | if ($item_id) |
3218 | { |
3219 | $reading_sql = ' AND s.session_' . $item . '_id = ' . (int) $item_id; |
3220 | } |
3221 | else |
3222 | { |
3223 | $reading_sql = ''; |
3224 | } |
3225 | $time = (time() - (intval($config['load_online_time']) * 60)); |
3226 | |
3227 | // Get number of online guests |
3228 | |
3229 | if ($db->get_sql_layer() === 'sqlite3') |
3230 | { |
3231 | $sql = 'SELECT COUNT(session_ip) as num_guests |
3232 | FROM ( |
3233 | SELECT DISTINCT s.session_ip |
3234 | FROM ' . SESSIONS_TABLE . ' s |
3235 | WHERE s.session_user_id = ' . ANONYMOUS . ' |
3236 | AND s.session_time >= ' . ($time - ((int) ($time % 60))) . |
3237 | $reading_sql . |
3238 | ')'; |
3239 | } |
3240 | else |
3241 | { |
3242 | $sql = 'SELECT COUNT(DISTINCT s.session_ip) as num_guests |
3243 | FROM ' . SESSIONS_TABLE . ' s |
3244 | WHERE s.session_user_id = ' . ANONYMOUS . ' |
3245 | AND s.session_time >= ' . ($time - ((int) ($time % 60))) . |
3246 | $reading_sql; |
3247 | } |
3248 | $result = $db->sql_query($sql); |
3249 | $guests_online = (int) $db->sql_fetchfield('num_guests'); |
3250 | $db->sql_freeresult($result); |
3251 | |
3252 | return $guests_online; |
3253 | } |
3254 | |
3255 | /** |
3256 | * Queries the session table to get information about online users |
3257 | * @param int $item_id Limits the search to the item with this id |
3258 | * @param string $item The name of the item which is stored in the session table as session_{$item}_id |
3259 | * @return array An array containing the ids of online, hidden and visible users, as well as statistical info |
3260 | */ |
3261 | function obtain_users_online($item_id = 0, $item = 'forum') |
3262 | { |
3263 | global $db, $config; |
3264 | |
3265 | $reading_sql = ''; |
3266 | if ($item_id !== 0) |
3267 | { |
3268 | $reading_sql = ' AND s.session_' . $item . '_id = ' . (int) $item_id; |
3269 | } |
3270 | |
3271 | $online_users = array( |
3272 | 'online_users' => array(), |
3273 | 'hidden_users' => array(), |
3274 | 'total_online' => 0, |
3275 | 'visible_online' => 0, |
3276 | 'hidden_online' => 0, |
3277 | 'guests_online' => 0, |
3278 | ); |
3279 | |
3280 | if ($config['load_online_guests']) |
3281 | { |
3282 | $online_users['guests_online'] = obtain_guest_count($item_id, $item); |
3283 | } |
3284 | |
3285 | // a little discrete magic to cache this for 30 seconds |
3286 | $time = (time() - (intval($config['load_online_time']) * 60)); |
3287 | |
3288 | $sql = 'SELECT s.session_user_id, s.session_ip, s.session_viewonline |
3289 | FROM ' . SESSIONS_TABLE . ' s |
3290 | WHERE s.session_time >= ' . ($time - ((int) ($time % 30))) . |
3291 | $reading_sql . |
3292 | ' AND s.session_user_id <> ' . ANONYMOUS; |
3293 | $result = $db->sql_query($sql); |
3294 | |
3295 | while ($row = $db->sql_fetchrow($result)) |
3296 | { |
3297 | // Skip multiple sessions for one user |
3298 | if (!isset($online_users['online_users'][$row['session_user_id']])) |
3299 | { |
3300 | $online_users['online_users'][$row['session_user_id']] = (int) $row['session_user_id']; |
3301 | if ($row['session_viewonline']) |
3302 | { |
3303 | $online_users['visible_online']++; |
3304 | } |
3305 | else |
3306 | { |
3307 | $online_users['hidden_users'][$row['session_user_id']] = (int) $row['session_user_id']; |
3308 | $online_users['hidden_online']++; |
3309 | } |
3310 | } |
3311 | } |
3312 | $online_users['total_online'] = $online_users['guests_online'] + $online_users['visible_online'] + $online_users['hidden_online']; |
3313 | $db->sql_freeresult($result); |
3314 | |
3315 | return $online_users; |
3316 | } |
3317 | |
3318 | /** |
3319 | * Uses the result of obtain_users_online to generate a localized, readable representation. |
3320 | * @param mixed $online_users result of obtain_users_online - array with user_id lists for total, hidden and visible users, and statistics |
3321 | * @param int $item_id Indicate that the data is limited to one item and not global |
3322 | * @param string $item The name of the item which is stored in the session table as session_{$item}_id |
3323 | * @return array An array containing the string for output to the template |
3324 | */ |
3325 | function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum') |
3326 | { |
3327 | global $config, $db, $user, $auth, $phpbb_dispatcher; |
3328 | |
3329 | $user_online_link = $rowset = array(); |
3330 | // Need caps version of $item for language-strings |
3331 | $item_caps = strtoupper($item); |
3332 | |
3333 | if (count($online_users['online_users'])) |
3334 | { |
3335 | $sql_ary = array( |
3336 | 'SELECT' => 'u.username, u.username_clean, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour', |
3337 | 'FROM' => array( |
3338 | USERS_TABLE => 'u', |
3339 | ), |
3340 | 'WHERE' => $db->sql_in_set('u.user_id', $online_users['online_users']), |
3341 | 'ORDER_BY' => 'u.username_clean ASC', |
3342 | ); |
3343 | |
3344 | /** |
3345 | * Modify SQL query to obtain online users data |
3346 | * |
3347 | * @event core.obtain_users_online_string_sql |
3348 | * @var array online_users Array with online users data |
3349 | * from obtain_users_online() |
3350 | * @var int item_id Restrict online users to item id |
3351 | * @var string item Restrict online users to a certain |
3352 | * session item, e.g. forum for |
3353 | * session_forum_id |
3354 | * @var array sql_ary SQL query array to obtain users online data |
3355 | * @since 3.1.4-RC1 |
3356 | * @changed 3.1.7-RC1 Change sql query into array and adjust var accordingly. Allows extension authors the ability to adjust the sql_ary. |
3357 | */ |
3358 | $vars = array('online_users', 'item_id', 'item', 'sql_ary'); |
3359 | extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars))); |
3360 | |
3361 | $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); |
3362 | $rowset = $db->sql_fetchrowset($result); |
3363 | $db->sql_freeresult($result); |
3364 | |
3365 | foreach ($rowset as $row) |
3366 | { |
3367 | // User is logged in and therefore not a guest |
3368 | if ($row['user_id'] != ANONYMOUS) |
3369 | { |
3370 | if (isset($online_users['hidden_users'][$row['user_id']])) |
3371 | { |
3372 | $row['username'] = '<em>' . $row['username'] . '</em>'; |
3373 | } |
3374 | |
3375 | if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline') || $row['user_id'] === $user->data['user_id']) |
3376 | { |
3377 | $user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); |
3378 | } |
3379 | } |
3380 | } |
3381 | } |
3382 | |
3383 | /** |
3384 | * Modify online userlist data |
3385 | * |
3386 | * @event core.obtain_users_online_string_before_modify |
3387 | * @var array online_users Array with online users data |
3388 | * from obtain_users_online() |
3389 | * @var int item_id Restrict online users to item id |
3390 | * @var string item Restrict online users to a certain |
3391 | * session item, e.g. forum for |
3392 | * session_forum_id |
3393 | * @var array rowset Array with online users data |
3394 | * @var array user_online_link Array with online users items (usernames) |
3395 | * @since 3.1.10-RC1 |
3396 | */ |
3397 | $vars = array( |
3398 | 'online_users', |
3399 | 'item_id', |
3400 | 'item', |
3401 | 'rowset', |
3402 | 'user_online_link', |
3403 | ); |
3404 | extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_before_modify', compact($vars))); |
3405 | |
3406 | $online_userlist = implode(', ', $user_online_link); |
3407 | |
3408 | if (!$online_userlist) |
3409 | { |
3410 | $online_userlist = $user->lang['NO_ONLINE_USERS']; |
3411 | } |
3412 | |
3413 | if ($item_id === 0) |
3414 | { |
3415 | $online_userlist = $user->lang['REGISTERED_USERS'] . ' ' . $online_userlist; |
3416 | } |
3417 | else if ($config['load_online_guests']) |
3418 | { |
3419 | $online_userlist = $user->lang('BROWSING_' . $item_caps . '_GUESTS', $online_users['guests_online'], $online_userlist); |
3420 | } |
3421 | else |
3422 | { |
3423 | $online_userlist = sprintf($user->lang['BROWSING_' . $item_caps], $online_userlist); |
3424 | } |
3425 | // Build online listing |
3426 | $visible_online = $user->lang('REG_USERS_TOTAL', (int) $online_users['visible_online']); |
3427 | $hidden_online = $user->lang('HIDDEN_USERS_TOTAL', (int) $online_users['hidden_online']); |
3428 | |
3429 | if ($config['load_online_guests']) |
3430 | { |
3431 | $guests_online = $user->lang('GUEST_USERS_TOTAL', (int) $online_users['guests_online']); |
3432 | $l_online_users = $user->lang('ONLINE_USERS_TOTAL_GUESTS', (int) $online_users['total_online'], $visible_online, $hidden_online, $guests_online); |
3433 | } |
3434 | else |
3435 | { |
3436 | $l_online_users = $user->lang('ONLINE_USERS_TOTAL', (int) $online_users['total_online'], $visible_online, $hidden_online); |
3437 | } |
3438 | |
3439 | /** |
3440 | * Modify online userlist data |
3441 | * |
3442 | * @event core.obtain_users_online_string_modify |
3443 | * @var array online_users Array with online users data |
3444 | * from obtain_users_online() |
3445 | * @var int item_id Restrict online users to item id |
3446 | * @var string item Restrict online users to a certain |
3447 | * session item, e.g. forum for |
3448 | * session_forum_id |
3449 | * @var array rowset Array with online users data |
3450 | * @var array user_online_link Array with online users items (usernames) |
3451 | * @var string online_userlist String containing users online list |
3452 | * @var string l_online_users String with total online users count info |
3453 | * @since 3.1.4-RC1 |
3454 | */ |
3455 | $vars = array( |
3456 | 'online_users', |
3457 | 'item_id', |
3458 | 'item', |
3459 | 'rowset', |
3460 | 'user_online_link', |
3461 | 'online_userlist', |
3462 | 'l_online_users', |
3463 | ); |
3464 | extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_modify', compact($vars))); |
3465 | |
3466 | return array( |
3467 | 'online_userlist' => $online_userlist, |
3468 | 'l_online_users' => $l_online_users, |
3469 | ); |
3470 | } |
3471 | |
3472 | /** |
3473 | * Get option bitfield from custom data |
3474 | * |
3475 | * @param int $bit The bit/value to get |
3476 | * @param int $data Current bitfield to check |
3477 | * @return bool Returns true if value of constant is set in bitfield, else false |
3478 | */ |
3479 | function phpbb_optionget($bit, $data) |
3480 | { |
3481 | return ($data & 1 << (int) $bit) ? true : false; |
3482 | } |
3483 | |
3484 | /** |
3485 | * Set option bitfield |
3486 | * |
3487 | * @param int $bit The bit/value to set/unset |
3488 | * @param bool $set True if option should be set, false if option should be unset. |
3489 | * @param int $data Current bitfield to change |
3490 | * |
3491 | * @return int The new bitfield |
3492 | */ |
3493 | function phpbb_optionset($bit, $set, $data) |
3494 | { |
3495 | if ($set && !($data & 1 << $bit)) |
3496 | { |
3497 | $data += 1 << $bit; |
3498 | } |
3499 | else if (!$set && ($data & 1 << $bit)) |
3500 | { |
3501 | $data -= 1 << $bit; |
3502 | } |
3503 | |
3504 | return $data; |
3505 | } |
3506 | |
3507 | |
3508 | /** |
3509 | * Escapes and quotes a string for use as an HTML/XML attribute value. |
3510 | * |
3511 | * This is a port of Python xml.sax.saxutils quoteattr. |
3512 | * |
3513 | * The function will attempt to choose a quote character in such a way as to |
3514 | * avoid escaping quotes in the string. If this is not possible the string will |
3515 | * be wrapped in double quotes and double quotes will be escaped. |
3516 | * |
3517 | * @param string $data The string to be escaped |
3518 | * @param array $entities Associative array of additional entities to be escaped |
3519 | * @return string Escaped and quoted string |
3520 | */ |
3521 | function phpbb_quoteattr($data, $entities = null) |
3522 | { |
3523 | $data = str_replace('&', '&', $data); |
3524 | $data = str_replace('>', '>', $data); |
3525 | $data = str_replace('<', '<', $data); |
3526 | |
3527 | $data = str_replace("\n", ' ', $data); |
3528 | $data = str_replace("\r", ' ', $data); |
3529 | $data = str_replace("\t", '	', $data); |
3530 | |
3531 | if (!empty($entities)) |
3532 | { |
3533 | $data = str_replace(array_keys($entities), array_values($entities), $data); |
3534 | } |
3535 | |
3536 | if (strpos($data, '"') !== false) |
3537 | { |
3538 | if (strpos($data, "'") !== false) |
3539 | { |
3540 | $data = '"' . str_replace('"', '"', $data) . '"'; |
3541 | } |
3542 | else |
3543 | { |
3544 | $data = "'" . $data . "'"; |
3545 | } |
3546 | } |
3547 | else |
3548 | { |
3549 | $data = '"' . $data . '"'; |
3550 | } |
3551 | |
3552 | return $data; |
3553 | } |
3554 | |
3555 | /** |
3556 | * Generate page header |
3557 | */ |
3558 | function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum', $send_headers = true) |
3559 | { |
3560 | global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; |
3561 | global $phpbb_dispatcher, $request, $phpbb_container, $phpbb_admin_path; |
3562 | |
3563 | if (defined('HEADER_INC')) |
3564 | { |
3565 | return; |
3566 | } |
3567 | |
3568 | define('HEADER_INC', true); |
3569 | |
3570 | // A listener can set this variable to `true` when it overrides this function |
3571 | $page_header_override = false; |
3572 | |
3573 | /** |
3574 | * Execute code and/or overwrite page_header() |
3575 | * |
3576 | * @event core.page_header |
3577 | * @var string page_title Page title |
3578 | * @var bool display_online_list Do we display online users list |
3579 | * @var string item Restrict online users to a certain |
3580 | * session item, e.g. forum for |
3581 | * session_forum_id |
3582 | * @var int item_id Restrict online users to item id |
3583 | * @var bool page_header_override Shall we return instead of running |
3584 | * the rest of page_header() |
3585 | * @since 3.1.0-a1 |
3586 | */ |
3587 | $vars = array('page_title', 'display_online_list', 'item_id', 'item', 'page_header_override'); |
3588 | extract($phpbb_dispatcher->trigger_event('core.page_header', compact($vars))); |
3589 | |
3590 | if ($page_header_override) |
3591 | { |
3592 | return; |
3593 | } |
3594 | |
3595 | // gzip_compression |
3596 | if ($config['gzip_compress']) |
3597 | { |
3598 | // to avoid partially compressed output resulting in blank pages in |
3599 | // the browser or error messages, compression is disabled in a few cases: |
3600 | // |
3601 | // 1) if headers have already been sent, this indicates plaintext output |
3602 | // has been started so further content must not be compressed |
3603 | // 2) the length of the current output buffer is non-zero. This means |
3604 | // there is already some uncompressed content in this output buffer |
3605 | // so further output must not be compressed |
3606 | // 3) if more than one level of output buffering is used because we |
3607 | // cannot test all output buffer level content lengths. One level |
3608 | // could be caused by php.ini output_buffering. Anything |
3609 | // beyond that is manual, so the code wrapping phpBB in output buffering |
3610 | // can easily compress the output itself. |
3611 | // |
3612 | if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0) |
3613 | { |
3614 | ob_start('ob_gzhandler'); |
3615 | } |
3616 | } |
3617 | |
3618 | $user->update_session_infos(); |
3619 | |
3620 | // Generate logged in/logged out status |
3621 | if ($user->data['user_id'] != ANONYMOUS) |
3622 | { |
3623 | $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout&hash=' . generate_link_hash('ucp_logout')); |
3624 | $l_login_logout = $user->lang['LOGOUT']; |
3625 | } |
3626 | else |
3627 | { |
3628 | $redirect = $request->variable('redirect', rawurlencode($user->page['page'])); |
3629 | $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login&redirect=' . $redirect); |
3630 | $l_login_logout = $user->lang['LOGIN']; |
3631 | } |
3632 | |
3633 | // Last visit date/time |
3634 | $s_last_visit = ($user->data['user_id'] != ANONYMOUS) ? $user->format_date($user->data['session_last_visit']) : ''; |
3635 | |
3636 | // Get users online list ... if required |
3637 | $l_online_users = $online_userlist = $l_online_record = $l_online_time = ''; |
3638 | |
3639 | if ($config['load_online'] && $config['load_online_time'] && $display_online_list) |
3640 | { |
3641 | /** |
3642 | * Load online data: |
3643 | * For obtaining another session column use $item and $item_id in the function-parameter, whereby the column is session_{$item}_id. |
3644 | */ |
3645 | $item_id = max($item_id, 0); |
3646 | |
3647 | $online_users = obtain_users_online($item_id, $item); |
3648 | $user_online_strings = obtain_users_online_string($online_users, $item_id, $item); |
3649 | |
3650 | $l_online_users = $user_online_strings['l_online_users']; |
3651 | $online_userlist = $user_online_strings['online_userlist']; |
3652 | $total_online_users = $online_users['total_online']; |
3653 | |
3654 | if ($total_online_users > $config['record_online_users']) |
3655 | { |
3656 | $config->set('record_online_users', $total_online_users, false); |
3657 | $config->set('record_online_date', time(), false); |
3658 | } |
3659 | |
3660 | $l_online_record = $user->lang('RECORD_ONLINE_USERS', (int) $config['record_online_users'], $user->format_date($config['record_online_date'], false, true)); |
3661 | |
3662 | $l_online_time = $user->lang('VIEW_ONLINE_TIMES', (int) $config['load_online_time']); |
3663 | } |
3664 | |
3665 | $s_privmsg_new = false; |
3666 | |
3667 | // Check for new private messages if user is logged in |
3668 | if (!empty($user->data['is_registered'])) |
3669 | { |
3670 | if ($user->data['user_new_privmsg']) |
3671 | { |
3672 | if (!$user->data['user_last_privmsg'] || $user->data['user_last_privmsg'] > $user->data['session_last_visit']) |
3673 | { |
3674 | $sql = 'UPDATE ' . USERS_TABLE . ' |
3675 | SET user_last_privmsg = ' . $user->data['session_last_visit'] . ' |
3676 | WHERE user_id = ' . $user->data['user_id']; |
3677 | $db->sql_query($sql); |
3678 | |
3679 | $s_privmsg_new = true; |
3680 | } |
3681 | else |
3682 | { |
3683 | $s_privmsg_new = false; |
3684 | } |
3685 | } |
3686 | else |
3687 | { |
3688 | $s_privmsg_new = false; |
3689 | } |
3690 | } |
3691 | |
3692 | // Negative forum and topic IDs are not allowed |
3693 | $forum_id = max(0, $request->variable('f', 0)); |
3694 | $topic_id = max(0, $request->variable('t', 0)); |
3695 | |
3696 | $s_feed_news = false; |
3697 | |
3698 | // Get option for news |
3699 | if ($config['feed_enable']) |
3700 | { |
3701 | $sql = 'SELECT forum_id |
3702 | FROM ' . FORUMS_TABLE . ' |
3703 | WHERE ' . $db->sql_bit_and('forum_options', FORUM_OPTION_FEED_NEWS, '<> 0'); |
3704 | $result = $db->sql_query_limit($sql, 1, 0, 600); |
3705 | $s_feed_news = (int) $db->sql_fetchfield('forum_id'); |
3706 | $db->sql_freeresult($result); |
3707 | } |
3708 | |
3709 | // This path is sent with the base template paths in the assign_vars() |
3710 | // call below. We need to correct it in case we are accessing from a |
3711 | // controller because the web paths will be incorrect otherwise. |
3712 | /* @var $phpbb_path_helper \phpbb\path_helper */ |
3713 | $phpbb_path_helper = $phpbb_container->get('path_helper'); |
3714 | $web_path = $phpbb_path_helper->get_web_root_path(); |
3715 | |
3716 | // Send a proper content-language to the output |
3717 | $user_lang = $user->lang('USER_LANG'); |
3718 | if (strpos($user_lang, '-x-') !== false) |
3719 | { |
3720 | $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); |
3721 | } |
3722 | |
3723 | $s_search_hidden_fields = array(); |
3724 | if ($_SID) |
3725 | { |
3726 | $s_search_hidden_fields['sid'] = $_SID; |
3727 | } |
3728 | |
3729 | if (!empty($_EXTRA_URL)) |
3730 | { |
3731 | foreach ($_EXTRA_URL as $url_param) |
3732 | { |
3733 | $url_param = explode('=', $url_param, 2); |
3734 | $s_search_hidden_fields[$url_param[0]] = $url_param[1]; |
3735 | } |
3736 | } |
3737 | |
3738 | $dt = $user->create_datetime(); |
3739 | $timezone_offset = $user->lang(array('timezones', 'UTC_OFFSET'), phpbb_format_timezone_offset($dt->getOffset())); |
3740 | $timezone_name = $user->timezone->getName(); |
3741 | if (isset($user->lang['timezones'][$timezone_name])) |
3742 | { |
3743 | $timezone_name = $user->lang['timezones'][$timezone_name]; |
3744 | } |
3745 | |
3746 | /** @var \phpbb\controller\helper $controller_helper */ |
3747 | $controller_helper = $phpbb_container->get('controller.helper'); |
3748 | |
3749 | // Output the notifications |
3750 | $notifications = false; |
3751 | if ($config['load_notifications'] && $config['allow_board_notifications'] && $user->data['user_id'] != ANONYMOUS && $user->data['user_type'] != USER_IGNORE) |
3752 | { |
3753 | /* @var $phpbb_notifications \phpbb\notification\manager */ |
3754 | $phpbb_notifications = $phpbb_container->get('notification_manager'); |
3755 | |
3756 | $notifications = $phpbb_notifications->load_notifications('notification.method.board', array( |
3757 | 'all_unread' => true, |
3758 | 'limit' => 5, |
3759 | )); |
3760 | |
3761 | foreach ($notifications['notifications'] as $notification) |
3762 | { |
3763 | $template->assign_block_vars('notifications', $notification->prepare_for_display()); |
3764 | } |
3765 | |
3766 | // Assign web push template vars globally (if not done already by ucp_notifications) for the dropdown subscribe button |
3767 | if ($config['webpush_enable'] && $config['webpush_dropdown_subscribe'] |
3768 | && $template->retrieve_var('NOTIFICATIONS_WEBPUSH_ENABLE') === null) |
3769 | { |
3770 | $methods = $phpbb_notifications->get_subscription_methods(); |
3771 | $webpush = $methods['notification.method.webpush'] ?? null; |
3772 | |
3773 | if ($webpush) |
3774 | { |
3775 | $form_helper = $phpbb_container->get('form_helper'); |
3776 | $template->assign_vars($webpush['method']->get_ucp_template_data($controller_helper, $form_helper)); |
3777 | } |
3778 | } |
3779 | } |
3780 | |
3781 | $notification_mark_hash = generate_link_hash('mark_all_notifications_read'); |
3782 | |
3783 | $phpbb_version_parts = explode('.', PHPBB_VERSION, 3); |
3784 | $phpbb_major = $phpbb_version_parts[0] . '.' . $phpbb_version_parts[1]; |
3785 | |
3786 | $s_login_redirect = build_hidden_fields(array('redirect' => $phpbb_path_helper->remove_web_root_path(build_url()))); |
3787 | |
3788 | // Add form token for login box, in case page is presenting a login form. |
3789 | add_form_key('login', '_LOGIN'); |
3790 | |
3791 | /** @var \phpbb\avatar\helper $avatar_helper */ |
3792 | $avatar_helper = $phpbb_container->get('avatar.helper'); |
3793 | |
3794 | $avatar = $avatar_helper->get_user_avatar($user->data); |
3795 | $template->assign_vars($avatar_helper->get_template_vars($avatar, 'CURRENT_USER_')); |
3796 | |
3797 | // The following assigns all _common_ variables that may be used at any point in a template. |
3798 | $template->assign_vars(array( |
3799 | 'SITENAME' => $config['sitename'], |
3800 | 'SITE_DESCRIPTION' => $config['site_desc'], |
3801 | 'PAGE_TITLE' => $page_title, |
3802 | 'SCRIPT_NAME' => str_replace('.' . $phpEx, '', $user->page['page_name']), |
3803 | 'LAST_VISIT_DATE' => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit), |
3804 | 'LAST_VISIT_YOU' => $s_last_visit, |
3805 | 'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time(), false, true)), |
3806 | 'TOTAL_USERS_ONLINE' => $l_online_users, |
3807 | 'LOGGED_IN_USER_LIST' => $online_userlist, |
3808 | 'RECORD_USERS' => $l_online_record, |
3809 | |
3810 | 'NO_AVATAR_SOURCE' => $avatar_helper->get_no_avatar_source(), |
3811 | 'PRIVATE_MESSAGE_COUNT' => (!empty($user->data['user_unread_privmsg'])) ? $user->data['user_unread_privmsg'] : 0, |
3812 | 'CURRENT_USERNAME_SIMPLE' => get_username_string('no_profile', $user->data['user_id'], $user->data['username'], $user->data['user_colour']), |
3813 | 'CURRENT_USERNAME_FULL' => get_username_string('full', $user->data['user_id'], $user->data['username'], $user->data['user_colour']), |
3814 | 'CURRENT_USER_GROUP_COLOR' => $user->data['user_colour'], |
3815 | 'UNREAD_NOTIFICATIONS_COUNT' => ($notifications !== false) ? $notifications['unread_count'] : '', |
3816 | 'NOTIFICATIONS_COUNT' => ($notifications !== false) ? $notifications['unread_count'] : '', |
3817 | 'U_VIEW_ALL_NOTIFICATIONS' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_notifications'), |
3818 | 'U_MARK_ALL_NOTIFICATIONS' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_notifications&mode=notification_list&mark=all&token=' . $notification_mark_hash), |
3819 | 'U_NOTIFICATION_SETTINGS' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_notifications&mode=notification_options'), |
3820 | 'S_NOTIFICATIONS_DISPLAY' => $config['load_notifications'] && $config['allow_board_notifications'], |
3821 | |
3822 | 'S_USER_NEW_PRIVMSG' => $user->data['user_new_privmsg'], |
3823 | 'S_USER_UNREAD_PRIVMSG' => $user->data['user_unread_privmsg'], |
3824 | 'S_USER_NEW' => $user->data['user_new'], |
3825 | |
3826 | 'SID' => $SID, |
3827 | '_SID' => $_SID, |
3828 | 'SESSION_ID' => $user->session_id, |
3829 | 'ROOT_PATH' => $web_path, |
3830 | 'BOARD_URL' => generate_board_url() . '/', |
3831 | 'PHPBB_VERSION' => PHPBB_VERSION, |
3832 | 'PHPBB_MAJOR' => $phpbb_major, |
3833 | |
3834 | 'L_LOGIN_LOGOUT' => $l_login_logout, |
3835 | 'L_INDEX' => ($config['board_index_text'] !== '') ? $config['board_index_text'] : $user->lang['FORUM_INDEX'], |
3836 | 'L_SITE_HOME' => ($config['site_home_text'] !== '') ? $config['site_home_text'] : $user->lang['HOME'], |
3837 | 'L_ONLINE_EXPLAIN' => $l_online_time, |
3838 | 'L_RECAPTCHA_LANG' => $user->lang('RECAPTCHA_LANG'), |
3839 | |
3840 | 'U_PRIVATEMSGS' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), |
3841 | 'U_RETURN_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), |
3842 | 'U_MEMBERLIST' => append_sid("{$phpbb_root_path}memberlist.$phpEx"), |
3843 | 'U_VIEWONLINE' => ($auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) ? append_sid("{$phpbb_root_path}viewonline.$phpEx") : '', |
3844 | 'U_LOGIN_LOGOUT' => $u_login_logout, |
3845 | 'U_INDEX' => append_sid("{$phpbb_root_path}index.$phpEx"), |
3846 | 'U_SEARCH' => append_sid("{$phpbb_root_path}search.$phpEx"), |
3847 | 'U_SITE_HOME' => $config['site_home_url'], |
3848 | 'U_REGISTER' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), |
3849 | 'U_PROFILE' => append_sid("{$phpbb_root_path}ucp.$phpEx"), |
3850 | 'U_USER_PROFILE' => get_username_string('profile', $user->data['user_id'], $user->data['username'], $user->data['user_colour']), |
3851 | 'U_MODCP' => append_sid("{$phpbb_root_path}mcp.$phpEx"), |
3852 | 'U_FAQ' => $controller_helper->route('phpbb_help_faq_controller'), |
3853 | 'U_SEARCH_SELF' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=egosearch'), |
3854 | 'U_SEARCH_NEW' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=newposts'), |
3855 | 'U_SEARCH_UNANSWERED' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=unanswered'), |
3856 | 'U_SEARCH_UNREAD' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=unreadposts'), |
3857 | 'U_SEARCH_ACTIVE_TOPICS'=> append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=active_topics'), |
3858 | 'U_DELETE_COOKIES' => $controller_helper->route('phpbb_ucp_delete_cookies_controller'), |
3859 | 'U_CONTACT_US' => ($config['contact_admin_form_enable'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contactadmin') : '', |
3860 | 'U_TEAM' => (!$auth->acl_get('u_viewprofile')) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=team'), |
3861 | 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), |
3862 | 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), |
3863 | 'UA_PRIVACY' => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy')), |
3864 | 'U_RESTORE_PERMISSIONS' => ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=restore_perm') : '', |
3865 | 'U_FEED' => $controller_helper->route('phpbb_feed_index'), |
3866 | 'U_MANIFEST' => $controller_helper->route('phpbb_manifest_controller'), |
3867 | |
3868 | 'S_ALLOW_MENTIONS' => ($config['allow_mentions'] && $auth->acl_get('u_mention') && (empty($forum_id) || $auth->acl_get('f_mention', $forum_id))) ? true : false, |
3869 | 'S_MENTION_NAMES_LIMIT' => $config['mention_names_limit'], |
3870 | 'U_MENTION_URL' => $controller_helper->route('phpbb_mention_controller'), |
3871 | |
3872 | 'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false, |
3873 | 'S_AUTOLOGIN_ENABLED' => ($config['allow_autologin']) ? true : false, |
3874 | 'S_BOARD_DISABLED' => ($config['board_disable']) ? true : false, |
3875 | 'S_REGISTERED_USER' => (!empty($user->data['is_registered'])) ? true : false, |
3876 | 'S_IS_BOT' => (!empty($user->data['is_bot'])) ? true : false, |
3877 | 'S_USER_LANG' => $user_lang, |
3878 | 'S_USER_BROWSER' => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'], |
3879 | 'S_USERNAME' => $user->data['username'], |
3880 | 'S_CONTENT_DIRECTION' => $user->lang('DIRECTION'), |
3881 | 'S_CONTENT_FLOW_BEGIN' => ($user->lang('DIRECTION') == 'ltr') ? 'left' : 'right', |
3882 | 'S_CONTENT_FLOW_END' => ($user->lang('DIRECTION') == 'ltr') ? 'right' : 'left', |
3883 | 'S_CONTENT_ENCODING' => 'UTF-8', |
3884 | 'S_TIMEZONE' => sprintf($user->lang['ALL_TIMES'], $timezone_offset, $timezone_name), |
3885 | 'S_DISPLAY_ONLINE_LIST' => ($l_online_time) ? 1 : 0, |
3886 | 'S_DISPLAY_SEARCH' => (!$config['load_search']) ? 0 : (isset($auth) ? ($auth->acl_get('u_search') && $auth->acl_getf_global('f_search')) : 1), |
3887 | 'S_DISPLAY_PM' => ($config['allow_privmsg'] && !empty($user->data['is_registered']) && ($auth->acl_get('u_readpm') || $auth->acl_get('u_sendpm'))) ? true : false, |
3888 | 'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0, |
3889 | 'S_NEW_PM' => ($s_privmsg_new) ? 1 : 0, |
3890 | 'S_REGISTER_ENABLED' => ($config['require_activation'] != USER_ACTIVATION_DISABLE) ? true : false, |
3891 | 'S_FORUM_ID' => $forum_id, |
3892 | 'S_TOPIC_ID' => $topic_id, |
3893 | 'S_USER_ID' => $user->data['user_id'], |
3894 | |
3895 | 'S_LOGIN_ACTION' => ((!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("{$phpbb_admin_path}index.$phpEx", false, true, $user->session_id)), |
3896 | 'S_LOGIN_REDIRECT' => $s_login_redirect, |
3897 | |
3898 | 'S_ENABLE_FEEDS' => ($config['feed_enable']) ? true : false, |
3899 | 'S_ENABLE_FEEDS_OVERALL' => ($config['feed_overall']) ? true : false, |
3900 | 'S_ENABLE_FEEDS_FORUMS' => ($config['feed_overall_forums']) ? true : false, |
3901 | 'S_ENABLE_FEEDS_TOPICS' => ($config['feed_topics_new']) ? true : false, |
3902 | 'S_ENABLE_FEEDS_TOPICS_ACTIVE' => ($config['feed_topics_active']) ? true : false, |
3903 | 'S_ENABLE_FEEDS_NEWS' => ($s_feed_news) ? true : false, |
3904 | |
3905 | 'S_LOAD_UNREADS' => (bool) $config['load_unreads_search'] && ($config['load_anon_lastread'] || !empty($user->data['is_registered'])), |
3906 | |
3907 | 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), |
3908 | |
3909 | 'T_ASSETS_VERSION' => $config['assets_version'], |
3910 | 'T_ASSETS_PATH' => "{$web_path}assets", |
3911 | 'T_THEME_PATH' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme', |
3912 | 'T_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/template', |
3913 | 'T_SUPER_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/template', |
3914 | 'T_IMAGES_PATH' => "{$web_path}images/", |
3915 | 'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/", |
3916 | 'T_AVATAR_GALLERY_PATH' => "{$web_path}{$config['avatar_gallery_path']}/", |
3917 | 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", |
3918 | 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", |
3919 | 'T_STYLESHEET_LINK' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/stylesheet.css?assets_version=' . $config['assets_version'], |
3920 | 'T_STYLESHEET_LANG_LINK'=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/' . $user->lang_name . '/stylesheet.css?assets_version=' . $config['assets_version'], |
3921 | |
3922 | 'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'], |
3923 | |
3924 | 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery-3.7.1.min.js?assets_version=" . $config['assets_version'], |
3925 | 'S_ALLOW_CDN' => !empty($config['allow_cdn']), |
3926 | 'S_COOKIE_NOTICE' => !empty($config['cookie_notice']), |
3927 | |
3928 | 'T_THEME_NAME' => rawurlencode($user->style['style_path']), |
3929 | 'T_THEME_LANG_NAME' => $user->lang_name, |
3930 | 'T_TEMPLATE_NAME' => $user->style['style_path'], |
3931 | 'T_SUPER_TEMPLATE_NAME' => rawurlencode((isset($user->style['style_parent_tree']) && $user->style['style_parent_tree']) ? $user->style['style_parent_tree'] : $user->style['style_path']), |
3932 | 'T_IMAGES' => 'images', |
3933 | 'T_SMILIES' => $config['smilies_path'], |
3934 | 'T_AVATAR_GALLERY' => $config['avatar_gallery_path'], |
3935 | 'T_ICONS' => $config['icons_path'], |
3936 | 'T_RANKS' => $config['ranks_path'], |
3937 | |
3938 | 'SITE_LOGO_IMG' => $user->img('site_logo'), |
3939 | )); |
3940 | |
3941 | $http_headers = array(); |
3942 | |
3943 | if ($send_headers) |
3944 | { |
3945 | // An array of http headers that phpBB will set. The following event may override these. |
3946 | $http_headers += array( |
3947 | // application/xhtml+xml not used because of IE |
3948 | 'Content-type' => 'text/html; charset=UTF-8', |
3949 | 'Cache-Control' => 'private, no-cache="set-cookie"', |
3950 | 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', |
3951 | 'Referrer-Policy' => 'strict-origin-when-cross-origin', |
3952 | ); |
3953 | if (!empty($user->data['is_bot'])) |
3954 | { |
3955 | // Let reverse proxies know we detected a bot. |
3956 | $http_headers['X-PHPBB-IS-BOT'] = 'yes'; |
3957 | } |
3958 | } |
3959 | |
3960 | /** |
3961 | * Execute code and/or overwrite _common_ template variables after they have been assigned. |
3962 | * |
3963 | * @event core.page_header_after |
3964 | * @var string page_title Page title |
3965 | * @var bool display_online_list Do we display online users list |
3966 | * @var string item Restrict online users to a certain |
3967 | * session item, e.g. forum for |
3968 | * session_forum_id |
3969 | * @var int item_id Restrict online users to item id |
3970 | * @var array http_headers HTTP headers that should be set by phpbb |
3971 | * |
3972 | * @since 3.1.0-b3 |
3973 | */ |
3974 | $vars = array('page_title', 'display_online_list', 'item_id', 'item', 'http_headers'); |
3975 | extract($phpbb_dispatcher->trigger_event('core.page_header_after', compact($vars))); |
3976 | |
3977 | foreach ($http_headers as $hname => $hval) |
3978 | { |
3979 | header((string) $hname . ': ' . (string) $hval); |
3980 | } |
3981 | |
3982 | return; |
3983 | } |
3984 | |
3985 | /** |
3986 | * Generate the debug output string |
3987 | * |
3988 | * @param \phpbb\db\driver\driver_interface $db Database connection |
3989 | * @param \phpbb\config\config $config Config object |
3990 | * @param \phpbb\auth\auth $auth Auth object |
3991 | * @param \phpbb\user $user User object |
3992 | * @param \phpbb\event\dispatcher_interface $phpbb_dispatcher Event dispatcher |
3993 | * @return string |
3994 | */ |
3995 | function phpbb_generate_debug_output(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\auth\auth $auth, \phpbb\user $user, \phpbb\event\dispatcher_interface $phpbb_dispatcher) |
3996 | { |
3997 | global $phpbb_container; |
3998 | |
3999 | $debug_info = array(); |
4000 | |
4001 | // Output page creation time |
4002 | if ($phpbb_container->getParameter('debug.load_time')) |
4003 | { |
4004 | if (isset($GLOBALS['starttime'])) |
4005 | { |
4006 | $totaltime = microtime(true) - $GLOBALS['starttime']; |
4007 | $debug_info[] = sprintf('<span title="SQL time: %.3fs / PHP time: %.3fs">Time: %.3fs</span>', $db->get_sql_time(), ($totaltime - $db->get_sql_time()), $totaltime); |
4008 | } |
4009 | } |
4010 | |
4011 | if ($phpbb_container->getParameter('debug.memory')) |
4012 | { |
4013 | $memory_usage = memory_get_peak_usage(); |
4014 | if ($memory_usage) |
4015 | { |
4016 | $memory_usage = get_formatted_filesize($memory_usage); |
4017 | |
4018 | $debug_info[] = 'Peak Memory Usage: ' . $memory_usage; |
4019 | } |
4020 | |
4021 | $debug_info[] = 'GZIP: ' . (($config['gzip_compress'] && @extension_loaded('zlib')) ? 'On' : 'Off'); |
4022 | |
4023 | if ($user->load) |
4024 | { |
4025 | $debug_info[] = 'Load: ' . $user->load; |
4026 | } |
4027 | } |
4028 | |
4029 | if ($phpbb_container->getParameter('debug.sql_explain')) |
4030 | { |
4031 | $debug_info[] = sprintf('<span title="Cached: %d">Queries: %d</span>', $db->sql_num_queries(true), $db->sql_num_queries()); |
4032 | |
4033 | if ($auth->acl_get('a_')) |
4034 | { |
4035 | $page_url = build_url(); |
4036 | $page_url .= ((!str_contains($page_url, '?')) ? '?' : '&') . 'explain=1'; |
4037 | $debug_info[] = '<a href="' . $page_url . '">SQL Explain</a>'; |
4038 | } |
4039 | } |
4040 | |
4041 | /** |
4042 | * Modify debug output information |
4043 | * |
4044 | * @event core.phpbb_generate_debug_output |
4045 | * @var array debug_info Array of strings with debug information |
4046 | * |
4047 | * @since 3.1.0-RC3 |
4048 | */ |
4049 | $vars = array('debug_info'); |
4050 | extract($phpbb_dispatcher->trigger_event('core.phpbb_generate_debug_output', compact($vars))); |
4051 | |
4052 | return implode(' | ', $debug_info); |
4053 | } |
4054 | |
4055 | /** |
4056 | * Generate page footer |
4057 | * |
4058 | * @param bool $run_cron Whether or not to run the cron |
4059 | * @param bool $display_template Whether or not to display the template |
4060 | * @param bool $exit_handler Whether or not to run the exit_handler() |
4061 | */ |
4062 | function page_footer($run_cron = true, $display_template = true, $exit_handler = true) |
4063 | { |
4064 | global $phpbb_dispatcher, $phpbb_container, $template; |
4065 | |
4066 | // A listener can set this variable to `true` when it overrides this function |
4067 | $page_footer_override = false; |
4068 | |
4069 | /** |
4070 | * Execute code and/or overwrite page_footer() |
4071 | * |
4072 | * @event core.page_footer |
4073 | * @var bool run_cron Shall we run cron tasks |
4074 | * @var bool page_footer_override Shall we return instead of running |
4075 | * the rest of page_footer() |
4076 | * @since 3.1.0-a1 |
4077 | */ |
4078 | $vars = array('run_cron', 'page_footer_override'); |
4079 | extract($phpbb_dispatcher->trigger_event('core.page_footer', compact($vars))); |
4080 | |
4081 | if ($page_footer_override) |
4082 | { |
4083 | return; |
4084 | } |
4085 | |
4086 | /** @var \phpbb\controller\helper $controller_helper */ |
4087 | $controller_helper = $phpbb_container->get('controller.helper'); |
4088 | |
4089 | $controller_helper->display_footer($run_cron); |
4090 | |
4091 | /** |
4092 | * Execute code and/or modify output before displaying the template. |
4093 | * |
4094 | * @event core.page_footer_after |
4095 | * @var bool display_template Whether or not to display the template |
4096 | * @var bool exit_handler Whether or not to run the exit_handler() |
4097 | * |
4098 | * @since 3.1.0-RC5 |
4099 | */ |
4100 | $vars = array('display_template', 'exit_handler'); |
4101 | extract($phpbb_dispatcher->trigger_event('core.page_footer_after', compact($vars))); |
4102 | |
4103 | if ($display_template) |
4104 | { |
4105 | $template->display('body'); |
4106 | } |
4107 | |
4108 | garbage_collection(); |
4109 | |
4110 | if ($exit_handler) |
4111 | { |
4112 | exit_handler(); |
4113 | } |
4114 | } |
4115 | |
4116 | /** |
4117 | * Closing the cache object and the database |
4118 | * Cool function name, eh? We might want to add operations to it later |
4119 | */ |
4120 | function garbage_collection() |
4121 | { |
4122 | global $cache, $db; |
4123 | global $phpbb_dispatcher; |
4124 | |
4125 | if (!empty($phpbb_dispatcher)) |
4126 | { |
4127 | /** |
4128 | * Unload some objects, to free some memory, before we finish our task |
4129 | * |
4130 | * @event core.garbage_collection |
4131 | * @since 3.1.0-a1 |
4132 | */ |
4133 | $phpbb_dispatcher->trigger_event('core.garbage_collection'); |
4134 | } |
4135 | |
4136 | // Unload cache, must be done before the DB connection if closed |
4137 | if (!empty($cache)) |
4138 | { |
4139 | $cache->unload(); |
4140 | } |
4141 | |
4142 | // Close our DB connection. |
4143 | if (!empty($db)) |
4144 | { |
4145 | $db->sql_close(); |
4146 | } |
4147 | } |
4148 | |
4149 | /** |
4150 | * Handler for exit calls in phpBB. |
4151 | * |
4152 | * Note: This function is called after the template has been outputted. |
4153 | * |
4154 | * @return void |
4155 | */ |
4156 | function exit_handler() |
4157 | { |
4158 | global $phpbb_dispatcher; |
4159 | |
4160 | $exit_handler_override = false; |
4161 | |
4162 | /** |
4163 | * This event can either supplement or override the exit_handler() function |
4164 | * |
4165 | * To override this function, the event must set $exit_handler_override to |
4166 | * true to force it to exit directly after calling this event. |
4167 | * |
4168 | * @event core.exit_handler |
4169 | * @var bool exit_handler_override Flag to signify exit is handled elsewhere |
4170 | * @since 4.0.0-a1 |
4171 | */ |
4172 | $vars = ['exit_handler_override']; |
4173 | extract($phpbb_dispatcher->trigger_event('core.exit_handler', compact($vars))); |
4174 | |
4175 | if ($exit_handler_override) |
4176 | { |
4177 | return; |
4178 | } |
4179 | |
4180 | // As a pre-caution... some setups display a blank page if the flush() is not there. |
4181 | (ob_get_level() > 0) ? @ob_flush() : @flush(); |
4182 | |
4183 | exit; |
4184 | } |
4185 | |
4186 | /** |
4187 | * Get the board contact details (e.g. for emails) |
4188 | * |
4189 | * @param \phpbb\config\config $config |
4190 | * @param string $phpEx |
4191 | * @return string |
4192 | */ |
4193 | function phpbb_get_board_contact(\phpbb\config\config $config, $phpEx) |
4194 | { |
4195 | if ($config['contact_admin_form_enable']) |
4196 | { |
4197 | return generate_board_url() . '/memberlist.' . $phpEx . '?mode=contactadmin'; |
4198 | } |
4199 | else |
4200 | { |
4201 | return $config['board_contact']; |
4202 | } |
4203 | } |
4204 | |
4205 | /** |
4206 | * Get a clickable board contact details link |
4207 | * |
4208 | * @param \phpbb\config\config $config |
4209 | * @param string $phpbb_root_path |
4210 | * @param string $phpEx |
4211 | * @return string |
4212 | */ |
4213 | function phpbb_get_board_contact_link(\phpbb\config\config $config, $phpbb_root_path, $phpEx) |
4214 | { |
4215 | if ($config['contact_admin_form_enable'] && $config['email_enable']) |
4216 | { |
4217 | return append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contactadmin'); |
4218 | } |
4219 | else |
4220 | { |
4221 | return 'mailto:' . htmlspecialchars($config['board_contact'], ENT_COMPAT); |
4222 | } |
4223 | } |