<?php
/*
* Functions
* @Copyright: Vouksh.info 2005
* @Description: All the primary functions for the site.
*/
ob_start();
include("./inc/config.inc.php");
include(SITE_PATH."inc/mysql".iext);
include("parsetag.php");
$tag = new tagParsing;
include("HTML/BBCodeParser.php");
$mysql = new mysql(DB_MAIN);
include(SITE_PATH."inc/xajax/xajax".iext);
$xajax = new xajax();
include(SITE_PATH.'inc/ajaxfunc'.iext);
$xajax->cleanBufferOff();
//$xajax->debugOn();
$xajax->statusMessagesOn();
$xajax->registerFunction('forumsedit');
$xajax->registerFunction('canceledit');
$xajax->registerFunction('deletepost');
$xajax->registerFunction('quotepost');
$xajax->registerFunction('querynum');
//ob_flush();
$xajax->processRequests();
include(SITE_PATH."inc/content".iext);
// Secure includes
#TODO: More detailed. More secure. maintain useability though!
function secinc($inc_file)
{
global $REMOTE_ADDR, $PHP_SELF;
if(preg_match("#^../#",$inc_file) == TRUE)
{
$xpl = explode("/", $inc_file);
$fname = str_replace(array("..", "..."), ".", implode(".", $xpl));
// $fname = implode(".", $xpl);
$fp = fopen(SITE_PATH."logs/hacking.".$fname.".log", "a");
$d = date("n-j-Y, g:i A");
$t2w = $d." ".$REMOTE_ADDR." String $inc_file\n<br />";
fwrite($fp, $t2w);
fclose($fp);
ob_clean();
mail("hide@address.com", "HACKING ATTEMPT!", $t2w, "FROM: hide@address.com");
trigger_error("<h6 style=\"font-size:36px; font-weight:bolder;\">HACKING ATTEMPT! LOGGING IP AND EMAILING ADMIN!</h6>", E_USER_ERROR);
return false;
} else {
return include(SITE_PATH.$inc_file.iext);
}
}
foreach($_POST as $key => $var)
{
$_POST[$key] = addslashes(stripslashes($var));
}
foreach($_GET as $key => $var)
{
$_GET[$key] = addslashes(stripslashes($var));
}
function cut($str,$len,$rep) {
if (strlen($str) > $len) {
return substr($str,0,$len).$rep;
} else {
return $str;
}
}
function checkread($id, $timestamp)
{
#topicid~lastupdate|topicid~lastupate
global $_COOKIE;
$stuff = getuserinfoid('forumreadtopics', $_COOKIE['mid']);
$list = (!strpos($stuff, $id.'~'.$timestamp)) ? false : $stuff;
if($list)
{
$a = explode("|", $list);
foreach($a as $b)
{
$c = explode("~", $b);
$d[$c[0]] = $c[1];
}
return($d[$id]);
} else {
return false;
}
}
function getread($id)
{
#topicid~lastupdate|topicid~lastupate
global $_COOKIE;
$list = getuserinfoid('forumreadtopics', $_COOKIE['mid']);
$a = explode("|", $list);
foreach($a as $b)
{
$c = explode("~", $b);
$d[$c[0]] = $c[1];
}
$ret = $d[$id];
// print_r($d);
return($ret);
}
if(!function_exists(array_combine))
{
function array_combine($keys, $vals)
{
$keys = array_values( (array) $keys );
$vals = array_values( (array) $vals );
$n = max( count( $keys ), count( $vals ) );
$r = array();
for( $i=0; $i<$n; $i++ ) {
$r[ $keys[ $i ] ] = $vals[ $i ];
}
return $r;
}
}
function createthumb($name,$filename,$new_w,$new_h){
$system=explode('.',strtolower($name));
if (preg_match('/jpg|jpeg/',strtolower($system[1]))){
$src_img=imagecreatefromjpeg($name);
}
if (preg_match('/png/',srttolower($system[1]))){
$src_img=imagecreatefrompng($name);
}
if (preg_match('/gif/',strtolower($system[1]))){
$src_img=imagecreatefromgif($name);
}
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
if ($old_x > $old_y)
{
$thumb_w=$new_w;
$thumb_h=$old_y*($new_h/$old_x);
}
if ($old_x < $old_y)
{
$thumb_w=$old_x*($new_w/$old_y);
$thumb_h=$new_h;
}
if ($old_x == $old_y)
{
$thumb_w=$new_w;
$thumb_h=$new_h;
}
if (preg_match("/png/",$system[1]))
{
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imageantialias($dst_img,true);
imagealphablending($dst_img, false);
imagesavealpha($dst_img,true);
$transparent = imagecolorallocatealpha($dst_img, 255, 255, 255, 0);
for($x=0;$x<$thumb_w;$x++) {
for($y=0;$y<$thumb_h;$y++) {
imagesetpixel( $dst_img, $x, $y, $transparent );
}
}
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagepng($dst_img,$filename);
} elseif(preg_match("/gif/",$system[1]))
{
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagegif($dst_img, $filename);
} else {
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagejpeg($dst_img,$filename);
}
imagedestroy($dst_img);
imagedestroy($src_img);
}
function xhtml_highlight($str, $echo=true) {
$pre = str_replace(array(array('<br />', '<br>'), '\"'), array("", '"'), stripslashes($str));
$hlt = highlight_string(stripslashes($pre), true);
$fon = str_replace(array('<font ', '</font>'), array('<span ', '</span>'), $hlt);
$ret = preg_replace('#color="(.*?)"#', 'style="color: \\1"', $fon);
if(!$echo)
{
return $ret;
} else {
echo $ret;
}
}
function getattachimage($getid)
{
global $mysql;
$sel = $mysql->query("SELECT * FROM site_forums_attachments WHERE id='".$getid."'");
while($a = mysql_fetch_assoc($sel))
{
if($a['type'] == 'download')
{
$ret = "images/404.gif";
} else {
$ret = 'uploads/'.$a['filename'];
}
}
$ret2 = '<a href="'.$ret.'"><img src="'.$ret.'" alt="user posted image" /></a>';
return($ret2);
}
function highlight_code($code)
{
$ret = '<div class="code"><strong>CODE:</strong><br /><hr />';
$ret .= xhtml_highlight(addslashes($code), false);
$ret .='</div>';
echo $ret;
}
function parse($string)
{
$hlcode = preg_replace("/\[(php|code)\](.*?)\[\/(php|code)\]/smie", "highlight_code(\"\\2\")", $string);
$config = parse_ini_file(SITE_PATH.'inc/HTML/BBCodeParser.ini', true);
$options = &PEAR::getStaticProperty('HTML_BBCodeParser', '_options');
$options = $config['HTML_BBCodeParser'];
$parser = new HTML_BBCodeParser();
$parser->setText($hlcode);
$parser->parse();
$sm_search = array(":)", ":(", ":D", ":biggrin:", ":p", ":P", ";p", ";P", ":meh:", ":o", ":O", ";)", "X_X", ":dead:");
$sm_replace = array("<img src=\"images/smileys/happy.gif\" alt=\"\" />","<img src=\"images/smileys/sad.gif\" alt=\"\" />","<img src=\"images/smileys/grin.gif\" alt=\"\" />", "<img src=\"images/smileys/big-grin.gif\" alt=\"\" />", "<img src=\"images/smileys/tounge.gif\" alt=\"\" />", "<img src=\"images/smileys/tounge.gif\" alt=\"\" />", "<img src=\"images/smileys/wink-tounge.gif\" alt=\"\" />", "<img src=\"images/smileys/wink-tounge.gif\" alt=\"\" />", "<img src=\"images/smileys/meh.gif\" alt=\"\" />", "<img src=\"images/smileys/gasp.gif\" alt=\"\" />", "<img src=\"images/smileys/gasp.gif\" alt=\"\" />", "<img src=\"images/smileys/wink.gif\" alt=\"\" />", "<img src=\"images/smileys/dead.gif\" alt=\"\" />", "<img src=\"images/smileys/dead.gif\" alt=\"\" />");
$smiley = str_replace($sm_search, $sm_replace, $parser->getParsed());
$attach = preg_replace("|\[attachment=(\d)\]|e", "getattachimage('\\1');", $smiley);
return(str_replace("<br />", "<br />\n", nl2br($attach)));
}
function resizeava($name,$filename,$new_w="80",$new_h="80"){
$system=explode('.',$name);
if (preg_match('/jpg|jpeg/',$system[1])){
$src_img=imagecreatefromjpeg($name);
}
if (preg_match('/png/',$system[1])){
$src_img=imagecreatefrompng($name);
}
if (preg_match('/gif/',$system[1])){
$src_img=imagecreatefromgif($name);
}
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
if ($old_x > $old_y)
{
$thumb_w=$new_w;
$thumb_h=$old_y*($new_h/$old_x);
}
if ($old_x < $old_y)
{
$thumb_w=$old_x*($new_w/$old_y);
$thumb_h=$new_h;
}
if ($old_x == $old_y)
{
$thumb_w=$new_w;
$thumb_h=$new_h;
}
if (preg_match("/png/",$system[1]))
{
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imageantialias($dst_img,true);
imagealphablending($dst_img, false);
imagesavealpha($dst_img,true);
$transparent = imagecolorallocatealpha($dst_img, 255, 255, 255, 0);
for($x=0;$x<$thumb_w;$x++) {
for($y=0;$y<$thumb_h;$y++) {
imagesetpixel( $dst_img, $x, $y, $transparent );
}
}
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagepng($dst_img,$filename);
} elseif(preg_match("/gif/",$system[1]))
{
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagegif($dst_img, $filename);
} else {
$dst_img = imagecreatetruecolor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
imagejpeg($dst_img,$filename);
}
imagedestroy($dst_img);
imagedestroy($src_img);
}
function pleasewait($what)
{
global $HTTP_REFERER;
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Please Wait</title>
<meta http-equiv="refresh" content="5; URL='.$_SERVER['HTTP_REFERER'].'" />
<link href="'.SITE_URL.'style.css" type="text/css" rel="stylesheet" /><body>
<div style="width: 300px; background: #CCC; border: 1px solid #333; vertical-align: middle; margin-top: 300px; text-align: center; left: 50%; margin-left: 35%; font-size: 14px; font-weight: bold;">';
switch($what)
{
case "profile":
echo "Please wait while we update your profile.";
break;
case "login":
echo "Please wait while we log you in.";
break;
case "logout":
echo "Please wait while we log you out.";
break;
case "settings":
echo 'Please wait while we update your settings';
break;
}
echo '<br /><img src="'.SITE_URL.'images/waiting.gif" style="width: 200px; height: 8px; border: none;" />';
echo '<br />The page should refresh in 5 seconds. <br />If not, click <a href="'.$_SERVER['HTTP_REFERER'].'">here</a></div></body>';
}
function getuserinfo($what, $user=NULL)
{
global $mysql;
if(is_null($user))
{
$name = $_COOKIE['user'];
} else {
$name = $user;
}
// $mysql = new mysql(DB_MAIN);
$sel = $mysql->select(PRE."members", "username='".$name."'", "id", "DESC", "1");
$a = mysql_fetch_assoc($sel);
$ret = $a[$what];
return $ret;
}
function getuserinfoid($what, $user)
{
//$mysql = new mysql(DB_MAIN);
global $mysql;
$sel = $mysql->select(PRE."members", "id='".$user."'", "id", "DESC", "1");
$a = mysql_fetch_assoc($sel);
$ret = $a[$what];
return $ret;
}
function showgroup($user)
{
//$mysql = new mysql(DB_MAIN);
global $mysql;
$mem = $mysql->select(PRE."members", "id='".$user."'", "id");
$m = mysql_fetch_assoc($mem);
$grp = $mysql->select(PRE."groups", "id='".$m['groups']."'", "id");
$g = mysql_fetch_assoc($grp);
return($g['name']);
}
function listcats($sec)
{
//$mysql = new mysql(DB_MAIN);
global $mysql;
$sel = $mysql->select(PRE."config", "section='".$sec."'", "id", NULL, NULL);
while($a = mysql_fetch_assoc($sel))
{
$arr1 = explode("~", $a['setting']);
$arr2 = explode("~", $a['setting2']);
$ret = array_combine($arr1, $arr2);
}
return($ret);
}
function htmlspecialchars_decode($str, $quote_style = ENT_COMPAT) {
return strtr($str, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style)));
}
function checkuser()
{
//$mysql = new mysql(DB_MAIN);
global $mysql;
$sel = $mysql->select(PRE."members", "id='".$_COOKIE['mid']."' AND username='".$_COOKIE['user']."'", "id");
if(mysql_num_rows($sel) == "0")
{
$ret = false;
} else {
$ret = true;
}
return($ret);
}
function timeoffset($time)
{
$ofs = (!checkuser()) ? '0' : getuserinfoid('gmt', $_COOKIE['mid']);
return($time+($ofs*60*60));
}
if(!getuserinfo("datestyle"))
{
define("DATE", "n-d-Y");
} else {
define("DATE", getuserinfo("datestyle"));
}
function checkban()
{
global $_SERVER, $mysql;
//$mysql = new mysql(DB_MAIN);
$sel = $mysql->select(PRE."bans", "ip='".$_SERVER['REMOTE_ADDR']."'", "id");
$sel2 = $mysql->select(PRE."ban_refs", "ref='".$_SERVER['HTTP_REFERER']."'", "id");
if(mysql_num_rows($sel) > "0")
{
header("Location: http://".$_SERVER['REMOTE_ADDR'].":".$_SERVER['REMOTE_PORT']."/");
}
if(mysql_num_rows($sel2) > "0")
{
header("Location: http://".$_SERVER['REMOTE_ADDR'].":".$_SERVER['REMOTE_PORT']."/");
}
}
function microtime_float()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
function mark()
{
global $_COOKIE;
if($_COOKIE['mid'] == '1')
{
$ctime = array();
$ctime[0] = microtime_float();
//$ctime[1] = date('j:s', $ctime[0]);
echo '<!-- '.$ctime[0].' -->';
}
return true;
}
function getnamebyid($id, $section, $subsec=NULL)
{
global $mysql;
$sel = $mysql->select(PRE.strtolower($section), "id='".$id."'", "id");
$a = mysql_fetch_assoc($sel);
switch(strtolower($section))
{
case 'forums':
switch(strtolower($subsec))
{
case 'thread':
$ret = $a['subject'];
break;
case 'forum':
$ret = $a['name'];
break;
case 'edit':
$ret = $a['name'];
break;
}
break;
}
return($ret);
}
function after ($this, $inthat)
{
if (!is_bool(strpos($inthat, $this)))
return substr($inthat, strpos($inthat,$this)+strlen($this));
}
function before ($this, $inthat)
{
return substr($inthat, 0, strpos($inthat, $this));
}
function between ($this, $that, $inthat)
{
return before($that, after($this, $inthat));
}
$user = $_COOKIE['mid'];
if(isset($_COOKIE['mid']) )
{
// $mysql = new mysql(DB_MAIN);
$sel = $mysql->select(PRE."members", "id='".$_COOKIE['mid']."'", "id", "DESC", "1");
while($a = mysql_fetch_array($sel))
{
if($_COOKIE['mid'] !== $a['id'] || $_COOKIE['user'] !== $a['username'] || $_COOKIE['pass'] !== dohash(MY_SECRET.$a['password']))
{
// ob_clean();
setcookie("mid", "", time()-(60*60*24*7));
setcookie("user", "", time()-(60*60*24*7));
setcookie("pass", "", time()-(60*60*24*7));
header("Location: ".SITE_URL."?merror=badcookies");
}
}
unset($a, $sel);
}
if(!isset($_COOKIE['mid'], $_COOKIE['user'], $_COOKIE['pass']) && strtolower($_GET['section']) == "members" && strtolower($_GET['subsec']) !== "memberlist" && strtolower($_GET['subsec']) !== "register" && strtolower($_GET['subsec']) !== "profile")
{
header("Location: ".SITE_URL."?merror=needlogin");
}
?>