<?php
/***************************************************************************
* common.php
* -------------------
* begin : Saturday, Feb 23, 2001
* copyright : (C) 2001 The phpBB Group
* email : [email protected]
*
* $Id: common.php,v 1.74 2002/03/18 23:45:24 psotfx Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
/***************************************************************************
*
* Razrabotka: phpBB
* Modifikaciya pod WAP: chel
* http://chel.a22.biz/wapforum
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
}
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
// addslashes to vars if magic_quotes_gpc is off
// this is a security precaution to prevent someone
// trying to break out of a SQL statement.
//
if( !get_magic_quotes_gpc() )
{
if( is_array($HTTP_GET_VARS) )
{
while( list($k, $v) = each($HTTP_GET_VARS) )
{
if( is_array($HTTP_GET_VARS[$k]) )
{
while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
{
$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_GET_VARS[$k]);
}
else
{
$HTTP_GET_VARS[$k] = addslashes($v);
}
}
@reset($HTTP_GET_VARS);
}
if( is_array($HTTP_POST_VARS) )
{
while( list($k, $v) = each($HTTP_POST_VARS) )
{
if( is_array($HTTP_POST_VARS[$k]) )
{
while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
{
$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_POST_VARS[$k]);
}
else
{
$HTTP_POST_VARS[$k] = addslashes($v);
}
}
@reset($HTTP_POST_VARS);
}
if( is_array($HTTP_COOKIE_VARS) )
{
while( list($k, $v) = each($HTTP_COOKIE_VARS) )
{
if( is_array($HTTP_COOKIE_VARS[$k]) )
{
while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
{
$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_COOKIE_VARS[$k]);
}
else
{
$HTTP_COOKIE_VARS[$k] = addslashes($v);
}
}
@reset($HTTP_COOKIE_VARS);
}
}
// Is is a WAP-browser? Detect by checking what the user agent accepts
// Must check which version php is in order to get the http accept from the right place!
$minver = explode(".", "4.1.0");
$curver = explode(".", phpversion());
if ( ( $curver[0] < $minver[0] )
|| ( ( $curver[0] == $minver[0]) && ($curver[1] < $minver[1] ) )
|| ( ( $curver[0] == $minver[0]) && ($curver[1] == $minver[1]) && ($curver[2][0] < $minver[2][0] ) ) )
$http_accept_str = $HTTP_SERVER_VARS['HTTP_ACCEPT'] ;
else
$http_accept_str = $_SERVER['HTTP_ACCEPT'] ;
if ( stristr( $http_accept_str , 'wml') )
// WML capable device
$wml_device = true ;
else
// Not WML capable device, assume HTML then
$wml_device = true ;
// Add WAP-MIME-header if a WAP-device
if ( $wml_device )
header( "Content-type:text/vnd.wap.wml;charset=utf-8" ) ;
//
// Define some basic configuration arrays this also prevents
// malicious rewriting of language and otherarray values via
// URI params
//
$board_config = Array();
$userdata = Array();
$theme = Array();
$images = Array();
$lang = Array();
$gen_simple_header = FALSE;
// Use config file from the parent directory
// @include( $phpbb_root_path . 'config.'.$phpEx);
@include( '../' . $phpbb_root_path . 'config.'.$phpEx);
if( !defined("PHPBB_INSTALLED") )
{
header("Location: install.$phpEx");
}
include($phpbb_root_path . 'includes/constants.'.$phpEx);
include($phpbb_root_path . 'includes/template.'.$phpEx);
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
include($phpbb_root_path . 'includes/auth.'.$phpEx);
include($phpbb_root_path . 'includes/functions.'.$phpEx);
include($phpbb_root_path . 'includes/db.'.$phpEx);
//
// Mozilla navigation bar
// Default items that should be valid on all pages.
// Defined here and not in page_header.php so they can be redefined in the code
//
$nav_links['top'] = array (
'url' => append_sid($phpbb_root_dir."index.".$phpEx),
'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
);
$nav_links['search'] = array (
'url' => append_sid($phpbb_root_dir."search.".$phpEx),
'title' => $lang['Search']
);
$nav_links['help'] = array (
'url' => append_sid($phpbb_root_dir."faq.".$phpEx),
'title' => $lang['FAQ']
);
$nav_links['author'] = array (
'url' => append_sid($phpbb_root_dir."memberlist.".$phpEx),
'title' => $lang['Memberlist']
);
//
// Obtain and encode users IP
//
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
{
$private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
$client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
else
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
}
$user_ip = encode_ip($client_ip);
//
// Setup forum wide options, if this fails
// then we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
if(!$result = $db->sql_query($sql))
{
message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
}
else
{
while($row = $db->sql_fetchrow($result))
{
$board_config[$row['config_name']] = $row['config_value'];
}
}
// If a WAP-device, then limit number of topics and posts per page
if ( $wml_device )
{
$board_config['topics_per_page'] = 10 ;
$board_config['posts_per_page'] = 10 ;
}
// TEST TEST
// $board_config['cookie_domain'] = '' ;
// TEST TEST
//
// Show 'Board is disabled' message if needed.
//
if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") )
{
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
}
?>