Location: PHPKode > projects > Private Message System > pmsys-2.3.0/includes/global.php
<?php

/******************************************************************
* $Id: global.php,v 1.22 2003/12/28 12:10:54 allowee Exp $
*
* Copyright (C) 2001-2003 PMS Dev Team
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA  02111-1307, USA.
*
* The "GNU General Public License" (GPL) is available at
* http://www.gnu.org/copyleft/gpl.html.
******************************************************************/


// Check if the installation file is still present, if yes PMS will not run until its removed
if (file_exists("./admin/install.php")) Die("<b>Error</b>: The file <b>./admin/install.php</b> is still on your server, please delete this file to continue.<br>");

if (phpversion() < '4.1.0') Die ("<b>Error</b>: Your PHP version is too old.<br />Please upgrade PHP<br />See <a href='http://www.php.net/'>PHP.net</a> for more details");

if (isset($_REQUEST['page']) AND eregi("\.\.", $_REQUEST['page'])) {
    Header("Location: index.php");
    die();
}

unset ($debug);
unset ($_REQUEST['debug']);
unset ($_REQUEST['full_path']);
unset ($full_path);
unset ($disp_text);

include_once ('./includes/version.php');
include_once ('./includes/config.php');
//include('./includes/template.php');

if ($siteaddr == 'http://pms/') die("<b>Error</b>: You must run the upgrade and/or installation file located in the admin directory to run this script!<br />If you are in safemode you MUST edit the config.php file, located in the includes directory.");


/******
* Set/Define same common vars
******/

Define('TIME', time());

Define('DATEFORMAT', $dateformat);
// Remote_addr
$ipaddress = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
Define('IPADDRESS', $ipaddress);

// User_agent
$useragent = (isset($_SERVER["HTTP_USER_AGENT"])) ? $_SERVER["HTTP_USER_AGENT"] : 'Unknown User Agent';
Define('USERAGENT', $useragent);

// Host
$host = (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : (isset($_SERVER['HTTP_HOST'])) ? $_SERVER['HTTP_HOST'] : 'Unknown Server Name/Host';
Define('HOST', $host);

// Referer
$referer = (isset($_SERVER["HTTP_REFERER"])) ? $_SERVER["HTTP_REFERER"] : '';
Define('REFERER', $referer);

// Accept_encoding
$accept_encoding = (isset($_SERVER["HTTP_ACCEPT_ENCODING"])) ? $_SERVER["HTTP_ACCEPT_ENCODING"] : '';
Define('ACCEPT_ENCODING', $accept_encoding);

// MySQL Tables
// This is used to prevent overwrting these values, which are used in every query.
Define('LOG_TABLE', $Log_Table);
Define('MESSAGES_TABLE', $Messages_Table);
Define('USERS_TABLE', $Users_Table);

// Cookie_user
$cookie_user = (isset($_COOKIE[$Cookie_Name.'_username'])) ? $_COOKIE[$Cookie_Name.'_username'] : '';
Define('COOKIE_USER', $cookie_user);

// Cookie_pass
$cookie_pass = (isset($_COOKIE[$Cookie_Name.'_password'])) ? $_COOKIE[$Cookie_Name.'_password'] : '';
Define('COOKIE_PASS', $cookie_pass);

unset($ipaddress, $useragent, $host, $referer, $accept_encoding,
      $Log_Table, $Messages_Table, $Users_Table, $cookie_user, $cookie_pass);

/******
* Get the common functions
******/
include_once ('./includes/functions.php');


/******
* Connect to the database
* This is low to reduce the connection time by 1/10000000 second :)
******/
$query_count = 0;
$query_count2 = 0;

include_once ("./includes/mysql.php");

$database = new database();

$database->Host = $Host;
$database->DBName = $DBName;
$database->DBUser = $DBUser;
$database->DBPass = $DBPass;

$database->connect();

/////////////////// Logging ///////////////

if ($security_checking == "YES" AND !isset($_REQUEST['security_checking'])) {
 // Security Logging
 $query1 = "SELECT ip FROM ".LOG_TABLE." WHERE ip = '".IPADDRESS."'";
 $query9 = $database->query($query1);
 $sec_log = mysql_num_rows($query9);
  if ($sec_log == 0) { // is there anything??
   $host = @gethostbyaddr(IPADDRESS);
   $country = strrchr($host, ".");
   $insert = "INSERT INTO ".LOG_TABLE." (ip, hostname, country, http_referer, user_agent, timestamp)
              VALUES ('".IPADDRESS."','".$host."','".$country."','".REFERER."','".USERAGENT."',NOW())";
   $database->query_no($insert);
  } elseif ($sec_log == 1) { // there is now :)

   $insert = "UPDATE ".LOG_TABLE." SET timestamp = NOW() WHERE ip = '".IPADDRESS."'";
   $database->query_no($insert);
  } else {
   echo "WTF, you got more then 1 ip at the same time?";
  } // end logging


}

// End Security Logging
///////////////////////
// Begin Username and Password check

if (COOKIE_USER AND COOKIE_PASS) {
 $user_check = "SELECT user, pass, email, timeoffset FROM ".USERS_TABLE."
                WHERE user = '".COOKIE_USER."' AND pass = '".COOKIE_PASS."'";
 $check_res = $database->query($user_check);
 $u_check = mysql_fetch_assoc($check_res);
  if (COOKIE_USER != $u_check['user'] OR COOKIE_PASS != $u_check['pass']) {
   echo "Seems to be that your Cookies and our Database information doesn't match.<br />\n
         You must enable Cookies to use this system!";
   exit();
  }/* elseif (COOKIE_USER == $u_check['user'] OR COOKIE_PASS == $u_check['pass']) {
  // hmm, everything seems to be OK!

} */
}
if (isset($u_check['timeoffset'])) {
 $timeoffset = $u_check['timeoffset'];
 Define('TIMEOFFSET', $timeoffset);

 // Now we can calculate the users time
 $hourdiff = (date('Z', TIME) / 3600 - TIMEOFFSET) * 3600;
}



// Specially for the export function
if (isset($_GET['skip']) AND $_GET['skip'] == 1) {

    if (isset($_REQUEST['page']) && file_exists($full_path."/".$_REQUEST['page'])) {
     include ($full_path."/".$_REQUEST['page']);
    } else {
     echo "No such page";
    }

}

// End Username and Password check
//////////////////////////////////
// User Check


$timeout = TIME - $timeoutseconds;

if (COOKIE_USER AND COOKIE_PASS) {
    $usern = COOKIE_USER;
} else {
    $usern = "Guest";
}


if (isset($_POST["username"])) {
// Is there a Username posted?

// Get username
 $Query87 = "SELECT user FROM ".USERS_TABLE." WHERE user = '".$_POST["username"]."'";
 $Result87 = $database->query($Query87);
 $Row87 = mysql_fetch_assoc($Result87);
 $usernm = $Row87['user'];

} else { // No Username
    if (!isset($_POST['username']) AND COOKIE_USER) {
     $usernm = COOKIE_USER;
    } else {
     $usernm = '';
    }
} // End isset($_POST["username"]


if (isset($usernm)) {
 $Query6 = "UPDATE ".USERS_TABLE." SET nots = 'NO', timestamp = ".TIME."
            WHERE emailnot = 'TRUE' AND user =  '".$usernm."'";
 $database->query_no($Query6);
 $affected = mysql_affected_rows();

} else {
 $affected = 1;
}

if ($affected >= 1) {

$Query63 = "UPDATE ".USERS_TABLE." SET nots = 'YES' WHERE emailnot='TRUE'
            AND nots = 'NO' AND timestamp < ".$timeout;
$database->query_no($Query63);

}

////////////////// End Logging and Checks ///////////////
Return current item: Private Message System