Rev Author Line No. Line
130 kaklik 1 <?php
2 /***************************************************************************
3 * functions.php
4 * -------------------
5 * begin : Saturday, Feb 13, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
8 *
9 * $Id: functions.php,v 1.133.2.47 2006/06/08 21:11:04 grahamje Exp $
10 *
11 *
12 ***************************************************************************/
13  
14 /***************************************************************************
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 *
22 ***************************************************************************/
23  
24 function get_db_stat($mode)
25 {
26 global $db;
27  
28 switch( $mode )
29 {
30 case 'usercount':
31 $sql = "SELECT COUNT(user_id) AS total
32 FROM " . USERS_TABLE . "
33 WHERE user_id <> " . ANONYMOUS;
34 break;
35  
36 case 'newestuser':
37 $sql = "SELECT user_id, username
38 FROM " . USERS_TABLE . "
39 WHERE user_id <> " . ANONYMOUS . "
40 ORDER BY user_id DESC
41 LIMIT 1";
42 break;
43  
44 case 'postcount':
45 case 'topiccount':
46 $sql = "SELECT SUM(forum_topics) AS topic_total, SUM(forum_posts) AS post_total
47 FROM " . FORUMS_TABLE;
48 break;
49 }
50  
51 if ( !($result = $db->sql_query($sql)) )
52 {
53 return false;
54 }
55  
56 $row = $db->sql_fetchrow($result);
57  
58 switch ( $mode )
59 {
60 case 'usercount':
61 return $row['total'];
62 break;
63 case 'newestuser':
64 return $row;
65 break;
66 case 'postcount':
67 return $row['post_total'];
68 break;
69 case 'topiccount':
70 return $row['topic_total'];
71 break;
72 }
73  
74 return false;
75 }
76  
77 // added at phpBB 2.0.11 to properly format the username
78 function phpbb_clean_username($username)
79 {
80 $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
81 $username = phpbb_rtrim($username, "\\");
82 $username = str_replace("'", "\'", $username);
83  
84 return $username;
85 }
86  
87 /**
88 * This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0
89 * Added in phpBB 2.0.18
90 */
91 function phpbb_ltrim($str, $charlist = false)
92 {
93 if ($charlist === false)
94 {
95 return ltrim($str);
96 }
97  
98 $php_version = explode('.', PHP_VERSION);
99  
100 // php version < 4.1.0
101 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
102 {
103 while ($str{0} == $charlist)
104 {
105 $str = substr($str, 1);
106 }
107 }
108 else
109 {
110 $str = ltrim($str, $charlist);
111 }
112  
113 return $str;
114 }
115  
116 // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
117 function phpbb_rtrim($str, $charlist = false)
118 {
119 if ($charlist === false)
120 {
121 return rtrim($str);
122 }
123  
124 $php_version = explode('.', PHP_VERSION);
125  
126 // php version < 4.1.0
127 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
128 {
129 while ($str{strlen($str)-1} == $charlist)
130 {
131 $str = substr($str, 0, strlen($str)-1);
132 }
133 }
134 else
135 {
136 $str = rtrim($str, $charlist);
137 }
138  
139 return $str;
140 }
141  
142 /**
143 * Our own generator of random values
144 * This uses a constantly changing value as the base for generating the values
145 * The board wide setting is updated once per page if this code is called
146 * With thanks to Anthrax101 for the inspiration on this one
147 * Added in phpBB 2.0.20
148 */
149 function dss_rand()
150 {
151 global $db, $board_config, $dss_seeded;
152  
153 $val = $board_config['rand_seed'] . microtime();
154 $val = md5($val);
155 $board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a');
156  
157 if($dss_seeded !== true)
158 {
159 $sql = "UPDATE " . CONFIG_TABLE . " SET
160 config_value = '" . $board_config['rand_seed'] . "'
161 WHERE config_name = 'rand_seed'";
162  
163 if( !$db->sql_query($sql) )
164 {
165 message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql);
166 }
167  
168 $dss_seeded = true;
169 }
170  
171 return substr($val, 4, 16);
172 }
173 //
174 // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
175 //
176 function get_userdata($user, $force_str = false)
177 {
178 global $db;
179  
180 if (!is_numeric($user) || $force_str)
181 {
182 $user = phpbb_clean_username($user);
183 }
184 else
185 {
186 $user = intval($user);
187 }
188  
189 $sql = "SELECT *
190 FROM " . USERS_TABLE . "
191 WHERE ";
192 $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
193 if ( !($result = $db->sql_query($sql)) )
194 {
195 message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
196 }
197  
198 return ( $row = $db->sql_fetchrow($result) ) ? $row : false;
199 }
200  
201 function make_jumpbox($action, $match_forum_id = 0)
202 {
203 global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID;
204  
205 // $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
206  
207 $sql = "SELECT c.cat_id, c.cat_title, c.cat_order
208 FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
209 WHERE f.cat_id = c.cat_id
210 GROUP BY c.cat_id, c.cat_title, c.cat_order
211 ORDER BY c.cat_order";
212 if ( !($result = $db->sql_query($sql)) )
213 {
214 message_die(GENERAL_ERROR, "Couldn't obtain category list.", "", __LINE__, __FILE__, $sql);
215 }
216  
217 $category_rows = array();
218 while ( $row = $db->sql_fetchrow($result) )
219 {
220 $category_rows[] = $row;
221 }
222  
223 if ( $total_categories = count($category_rows) )
224 {
225 $sql = "SELECT *
226 FROM " . FORUMS_TABLE . "
227 ORDER BY cat_id, forum_order";
228 if ( !($result = $db->sql_query($sql)) )
229 {
230 message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql);
231 }
232  
233 $boxstring = '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>';
234  
235 $forum_rows = array();
236 while ( $row = $db->sql_fetchrow($result) )
237 {
238 $forum_rows[] = $row;
239 }
240  
241 if ( $total_forums = count($forum_rows) )
242 {
243 for($i = 0; $i < $total_categories; $i++)
244 {
245 $boxstring_forums = '';
246 for($j = 0; $j < $total_forums; $j++)
247 {
248 if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG )
249 {
250  
251 // if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $is_auth[$forum_rows[$j]['forum_id']]['auth_view'] )
252 // {
253 $selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : '';
254 $boxstring_forums .= '<option value="' . $forum_rows[$j]['forum_id'] . '"' . $selected . '>' . $forum_rows[$j]['forum_name'] . '</option>';
255  
256 //
257 // Add an array to $nav_links for the Mozilla navigation bar.
258 // 'chapter' and 'forum' can create multiple items, therefore we are using a nested array.
259 //
260 $nav_links['chapter forum'][$forum_rows[$j]['forum_id']] = array (
261 'url' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id']),
262 'title' => $forum_rows[$j]['forum_name']
263 );
264  
265 }
266 }
267  
268 if ( $boxstring_forums != '' )
269 {
270 $boxstring .= '<option value="-1">&nbsp;</option>';
271 $boxstring .= '<option value="-1">' . $category_rows[$i]['cat_title'] . '</option>';
272 $boxstring .= '<option value="-1">----------------</option>';
273 $boxstring .= $boxstring_forums;
274 }
275 }
276 }
277  
278 $boxstring .= '</select>';
279 }
280 else
281 {
282 $boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
283 }
284  
285 // Let the jumpbox work again in sites having additional session id checks.
286 // if ( !empty($SID) )
287 // {
288 $boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
289 // }
290  
291 $template->set_filenames(array(
292 'jumpbox' => 'jumpbox.tpl')
293 );
294 $template->assign_vars(array(
295 'L_GO' => $lang['Go'],
296 'L_JUMP_TO' => $lang['Jump_to'],
297 'L_SELECT_FORUM' => $lang['Select_forum'],
298  
299 'S_JUMPBOX_SELECT' => $boxstring,
300 'S_JUMPBOX_ACTION' => append_sid($action))
301 );
302 $template->assign_var_from_handle('JUMPBOX', 'jumpbox');
303  
304 return;
305 }
306  
307 //
308 // Initialise user settings on page load
309 function init_userprefs($userdata)
310 {
311 global $board_config, $theme, $images;
312 global $template, $lang, $phpEx, $phpbb_root_path, $db;
313 global $nav_links;
314  
315 if ( $userdata['user_id'] != ANONYMOUS )
316 {
317 if ( !empty($userdata['user_lang']))
318 {
319 $default_lang = phpbb_ltrim(basename(phpbb_rtrim($userdata['user_lang'])), "'");
320 }
321  
322 if ( !empty($userdata['user_dateformat']) )
323 {
324 $board_config['default_dateformat'] = $userdata['user_dateformat'];
325 }
326  
327 if ( isset($userdata['user_timezone']) )
328 {
329 $board_config['board_timezone'] = $userdata['user_timezone'];
330 }
331 }
332 else
333 {
334 $default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
335 }
336  
337 if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) )
338 {
339 if ( $userdata['user_id'] != ANONYMOUS )
340 {
341 // For logged in users, try the board default language next
342 $default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
343 }
344 else
345 {
346 // For guests it means the default language is not present, try english
347 // This is a long shot since it means serious errors in the setup to reach here,
348 // but english is part of a new install so it's worth us trying
349 $default_lang = 'english';
350 }
351  
352 if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) )
353 {
354 message_die(CRITICAL_ERROR, 'Could not locate valid language pack');
355 }
356 }
357  
358 // If we've had to change the value in any way then let's write it back to the database
359 // before we go any further since it means there is something wrong with it
360 if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_lang'] !== $default_lang )
361 {
362 $sql = 'UPDATE ' . USERS_TABLE . "
363 SET user_lang = '" . $default_lang . "'
364 WHERE user_lang = '" . $userdata['user_lang'] . "'";
365  
366 if ( !($result = $db->sql_query($sql)) )
367 {
368 message_die(CRITICAL_ERROR, 'Could not update user language info');
369 }
370  
371 $userdata['user_lang'] = $default_lang;
372 }
373 elseif ( $userdata['user_id'] === ANONYMOUS && $board_config['default_lang'] !== $default_lang )
374 {
375 $sql = 'UPDATE ' . CONFIG_TABLE . "
376 SET config_value = '" . $default_lang . "'
377 WHERE config_name = 'default_lang'";
378  
379 if ( !($result = $db->sql_query($sql)) )
380 {
381 message_die(CRITICAL_ERROR, 'Could not update user language info');
382 }
383 }
384  
385 $board_config['default_lang'] = $default_lang;
386  
387 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
388  
389 if ( defined('IN_ADMIN') )
390 {
391 if( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx)) )
392 {
393 $board_config['default_lang'] = 'english';
394 }
395  
396 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx);
397 }
398  
399 //
400 // Set up style
401 //
402 if ( !$board_config['override_user_style'] )
403 {
404 if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_style'] > 0 )
405 {
406 if ( $theme = setup_style($userdata['user_style']) )
407 {
408 return;
409 }
410 }
411 }
412  
413 $theme = setup_style($board_config['default_style']);
414  
415 //
416 // Mozilla navigation bar
417 // Default items that should be valid on all pages.
418 // Defined here to correctly assign the Language Variables
419 // and be able to change the variables within code.
420 //
421 $nav_links['top'] = array (
422 'url' => append_sid($phpbb_root_path . 'index.' . $phpEx),
423 'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
424 );
425 $nav_links['search'] = array (
426 'url' => append_sid($phpbb_root_path . 'search.' . $phpEx),
427 'title' => $lang['Search']
428 );
429 $nav_links['help'] = array (
430 'url' => append_sid($phpbb_root_path . 'faq.' . $phpEx),
431 'title' => $lang['FAQ']
432 );
433 $nav_links['author'] = array (
434 'url' => append_sid($phpbb_root_path . 'memberlist.' . $phpEx),
435 'title' => $lang['Memberlist']
436 );
437  
438 return;
439 }
440  
441 function setup_style($style)
442 {
443 global $db, $board_config, $template, $images, $phpbb_root_path;
444  
445 $sql = 'SELECT *
446 FROM ' . THEMES_TABLE . '
447 WHERE themes_id = ' . (int) $style;
448 if ( !($result = $db->sql_query($sql)) )
449 {
450 message_die(CRITICAL_ERROR, 'Could not query database for theme info');
451 }
452  
453 if ( !($row = $db->sql_fetchrow($result)) )
454 {
455 // We are trying to setup a style which does not exist in the database
456 // Try to fallback to the board default (if the user had a custom style)
457 // and then any users using this style to the default if it succeeds
458 if ( $style != $board_config['default_style'])
459 {
460 $sql = 'SELECT *
461 FROM ' . THEMES_TABLE . '
462 WHERE themes_id = ' . (int) $board_config['default_style'];
463 if ( !($result = $db->sql_query($sql)) )
464 {
465 message_die(CRITICAL_ERROR, 'Could not query database for theme info');
466 }
467  
468 if ( $row = $db->sql_fetchrow($result) )
469 {
470 $db->sql_freeresult($result);
471  
472 $sql = 'UPDATE ' . USERS_TABLE . '
473 SET user_style = ' . (int) $board_config['default_style'] . "
474 WHERE user_style = $style";
475 if ( !($result = $db->sql_query($sql)) )
476 {
477 message_die(CRITICAL_ERROR, 'Could not update user theme info');
478 }
479 }
480 else
481 {
482 message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
483 }
484 }
485 else
486 {
487 message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
488 }
489 }
490  
491 $template_path = 'templates/' ;
492 $template_name = $row['template_name'] ;
493  
494 $template = new Template($phpbb_root_path . $template_path . $template_name);
495  
496 if ( $template )
497 {
498 $current_template_path = $template_path . $template_name;
499 @include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg');
500  
501 if ( !defined('TEMPLATE_CONFIG') )
502 {
503 message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__);
504 }
505  
506 $img_lang = ( file_exists(@phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english';
507  
508 while( list($key, $value) = @each($images) )
509 {
510 if ( !is_array($value) )
511 {
512 $images[$key] = str_replace('{LANG}', 'lang_' . $img_lang, $value);
513 }
514 }
515 }
516  
517 return $row;
518 }
519  
520 function encode_ip($dotquad_ip)
521 {
522 $ip_sep = explode('.', $dotquad_ip);
523 return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
524 }
525  
526 function decode_ip($int_ip)
527 {
528 $hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
529 return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
530 }
531  
532 //
533 // Create date/time from format and timezone
534 //
535 function create_date($format, $gmepoch, $tz)
536 {
537 global $board_config, $lang;
538 static $translate;
539  
540 if ( empty($translate) && $board_config['default_lang'] != 'english' )
541 {
542 @reset($lang['datetime']);
543 while ( list($match, $replace) = @each($lang['datetime']) )
544 {
545 $translate[$match] = $replace;
546 }
547 }
548  
549 return ( !empty($translate) ) ? strtr(@gmdate($format, $gmepoch + (3600 * $tz)), $translate) : @gmdate($format, $gmepoch + (3600 * $tz));
550 }
551  
552 //
553 // Pagination routine, generates
554 // page number sequence
555 //
556 function generate_pagination($base_url, $num_items, $per_page, $start_item, $add_prevnext_text = TRUE)
557 {
558 global $lang;
559  
560 $total_pages = ceil($num_items/$per_page);
561  
562 if ( $total_pages == 1 )
563 {
564 return '';
565 }
566  
567 $on_page = floor($start_item / $per_page) + 1;
568  
569 $page_string = '';
570 if ( $total_pages > 10 )
571 {
572 $init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages;
573  
574 for($i = 1; $i < $init_page_max + 1; $i++)
575 {
576 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
577 if ( $i < $init_page_max )
578 {
579 $page_string .= ", ";
580 }
581 }
582  
583 if ( $total_pages > 3 )
584 {
585 if ( $on_page > 1 && $on_page < $total_pages )
586 {
587 $page_string .= ( $on_page > 5 ) ? ' ... ' : ', ';
588  
589 $init_page_min = ( $on_page > 4 ) ? $on_page : 5;
590 $init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4;
591  
592 for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++)
593 {
594 $page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
595 if ( $i < $init_page_max + 1 )
596 {
597 $page_string .= ', ';
598 }
599 }
600  
601 $page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', ';
602 }
603 else
604 {
605 $page_string .= ' ... ';
606 }
607  
608 for($i = $total_pages - 2; $i < $total_pages + 1; $i++)
609 {
610 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
611 if( $i < $total_pages )
612 {
613 $page_string .= ", ";
614 }
615 }
616 }
617 }
618 else
619 {
620 for($i = 1; $i < $total_pages + 1; $i++)
621 {
622 $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . append_sid($base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) ) . '">' . $i . '</a>';
623 if ( $i < $total_pages )
624 {
625 $page_string .= ', ';
626 }
627 }
628 }
629  
630 if ( $add_prevnext_text )
631 {
632 if ( $on_page > 1 )
633 {
634 $page_string = ' <a href="' . append_sid($base_url . "&amp;start=" . ( ( $on_page - 2 ) * $per_page ) ) . '">' . $lang['Previous'] . '</a>&nbsp;&nbsp;' . $page_string;
635 }
636  
637 if ( $on_page < $total_pages )
638 {
639 $page_string .= '&nbsp;&nbsp;<a href="' . append_sid($base_url . "&amp;start=" . ( $on_page * $per_page ) ) . '">' . $lang['Next'] . '</a>';
640 }
641  
642 }
643  
644 $page_string = $lang['Goto_page'] . ' ' . $page_string;
645  
646 return $page_string;
647 }
648  
649 //
650 // This does exactly what preg_quote() does in PHP 4-ish
651 // If you just need the 1-parameter preg_quote call, then don't bother using this.
652 //
653 function phpbb_preg_quote($str, $delimiter)
654 {
655 $text = preg_quote($str);
656 $text = str_replace($delimiter, '\\' . $delimiter, $text);
657  
658 return $text;
659 }
660  
661 //
662 // Obtain list of naughty words and build preg style replacement arrays for use by the
663 // calling script, note that the vars are passed as references this just makes it easier
664 // to return both sets of arrays
665 //
666 function obtain_word_list(&$orig_word, &$replacement_word)
667 {
668 global $db;
669  
670 //
671 // Define censored word matches
672 //
673 $sql = "SELECT word, replacement
674 FROM " . WORDS_TABLE;
675 if( !($result = $db->sql_query($sql)) )
676 {
677 message_die(GENERAL_ERROR, 'Could not get censored words from database', '', __LINE__, __FILE__, $sql);
678 }
679  
680 if ( $row = $db->sql_fetchrow($result) )
681 {
682 do
683 {
684 $orig_word[] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i';
685 $replacement_word[] = $row['replacement'];
686 }
687 while ( $row = $db->sql_fetchrow($result) );
688 }
689  
690 return true;
691 }
692  
693 //
694 // This is general replacement for die(), allows templated
695 // output in users (or default) language, etc.
696 //
697 // $msg_code can be one of these constants:
698 //
699 // GENERAL_MESSAGE : Use for any simple text message, eg. results
700 // of an operation, authorisation failures, etc.
701 //
702 // GENERAL ERROR : Use for any error which occurs _AFTER_ the
703 // common.php include and session code, ie. most errors in
704 // pages/functions
705 //
706 // CRITICAL_MESSAGE : Used when basic config data is available but
707 // a session may not exist, eg. banned users
708 //
709 // CRITICAL_ERROR : Used when config data cannot be obtained, eg
710 // no database connection. Should _not_ be used in 99.5% of cases
711 //
712 function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
713 {
714 global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links, $gen_simple_header, $images;
715 global $userdata, $user_ip, $session_length;
716 global $starttime;
717  
718 if(defined('HAS_DIED'))
719 {
720 die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
721 }
722  
723 define('HAS_DIED', 1);
724  
725  
726 $sql_store = $sql;
727  
728 //
729 // Get SQL error if we are debugging. Do this as soon as possible to prevent
730 // subsequent queries from overwriting the status of sql_error()
731 //
732 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
733 {
734 $sql_error = $db->sql_error();
735  
736 $debug_text = '';
737  
738 if ( $sql_error['message'] != '' )
739 {
740 $debug_text .= '<br /><br />SQL Error : ' . $sql_error['code'] . ' ' . $sql_error['message'];
741 }
742  
743 if ( $sql_store != '' )
744 {
745 $debug_text .= "<br /><br />$sql_store";
746 }
747  
748 if ( $err_line != '' && $err_file != '' )
749 {
750 $debug_text .= '<br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
751 }
752 }
753  
754 if( empty($userdata) && ( $msg_code == GENERAL_MESSAGE || $msg_code == GENERAL_ERROR ) )
755 {
756 $userdata = session_pagestart($user_ip, PAGE_INDEX);
757 init_userprefs($userdata);
758 }
759  
760 //
761 // If the header hasn't been output then do it
762 //
763 if ( !defined('HEADER_INC') && $msg_code != CRITICAL_ERROR )
764 {
765 if ( empty($lang) )
766 {
767 if ( !empty($board_config['default_lang']) )
768 {
769 include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx);
770 }
771 else
772 {
773 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx);
774 }
775 }
776  
777 if ( empty($template) || empty($theme) )
778 {
779 $theme = setup_style($board_config['default_style']);
780 }
781  
782 //
783 // Load the Page Header
784 //
785 if ( !defined('IN_ADMIN') )
786 {
787 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
788 }
789 else
790 {
791 include($phpbb_root_path . 'admin/page_header_admin.'.$phpEx);
792 }
793 }
794  
795 switch($msg_code)
796 {
797 case GENERAL_MESSAGE:
798 if ( $msg_title == '' )
799 {
800 $msg_title = $lang['Information'];
801 }
802 break;
803  
804 case CRITICAL_MESSAGE:
805 if ( $msg_title == '' )
806 {
807 $msg_title = $lang['Critical_Information'];
808 }
809 break;
810  
811 case GENERAL_ERROR:
812 if ( $msg_text == '' )
813 {
814 $msg_text = $lang['An_error_occured'];
815 }
816  
817 if ( $msg_title == '' )
818 {
819 $msg_title = $lang['General_Error'];
820 }
821 break;
822  
823 case CRITICAL_ERROR:
824 //
825 // Critical errors mean we cannot rely on _ANY_ DB information being
826 // available so we're going to dump out a simple echo'd statement
827 //
828 include($phpbb_root_path . 'language/lang_english/lang_main.'.$phpEx);
829  
830 if ( $msg_text == '' )
831 {
832 $msg_text = $lang['A_critical_error'];
833 }
834  
835 if ( $msg_title == '' )
836 {
837 $msg_title = 'phpBB : <b>' . $lang['Critical_Error'] . '</b>';
838 }
839 break;
840 }
841  
842 //
843 // Add on DEBUG info if we've enabled debug mode and this is an error. This
844 // prevents debug info being output for general messages should DEBUG be
845 // set TRUE by accident (preventing confusion for the end user!)
846 //
847 if ( DEBUG && ( $msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR ) )
848 {
849 if ( $debug_text != '' )
850 {
851 $msg_text = $msg_text . '<br /><br /><b><u>DEBUG MODE</u></b>' . $debug_text;
852 }
853 }
854  
855 if ( $msg_code != CRITICAL_ERROR )
856 {
857 if ( !empty($lang[$msg_text]) )
858 {
859 $msg_text = $lang[$msg_text];
860 }
861  
862 if ( !defined('IN_ADMIN') )
863 {
864 $template->set_filenames(array(
865 'message_body' => 'message_body.tpl')
866 );
867 }
868 else
869 {
870 $template->set_filenames(array(
871 'message_body' => 'admin/admin_message_body.tpl')
872 );
873 }
874  
875 $template->assign_vars(array(
876 'MESSAGE_TITLE' => $msg_title,
877 'MESSAGE_TEXT' => $msg_text)
878 );
879 $template->pparse('message_body');
880  
881 if ( !defined('IN_ADMIN') )
882 {
883 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
884 }
885 else
886 {
887 include($phpbb_root_path . 'admin/page_footer_admin.'.$phpEx);
888 }
889 }
890 else
891 {
892 echo "<html>\n<body>\n" . $msg_title . "\n<br /><br />\n" . $msg_text . "</body>\n</html>";
893 }
894  
895 exit;
896 }
897  
898 //
899 // This function is for compatibility with PHP 4.x's realpath()
900 // function. In later versions of PHP, it needs to be called
901 // to do checks with some functions. Older versions of PHP don't
902 // seem to need this, so we'll just return the original value.
903 // dougk_ff7 <October 5, 2002>
904 function phpbb_realpath($path)
905 {
906 global $phpbb_root_path, $phpEx;
907  
908 return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path);
909 }
910  
911 function redirect($url)
912 {
913 global $db, $board_config;
914  
915 if (!empty($db))
916 {
917 $db->sql_close();
918 }
919  
920 if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
921 {
922 message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
923 }
924  
925 $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
926 $server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name']));
927 $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
928 $script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path']));
929 $script_name = ($script_name == '') ? $script_name : '/' . $script_name;
930 $url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url));
931  
932 // Redirect via an HTML form for PITA webservers
933 if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
934 {
935 header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url);
936 echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>';
937 exit;
938 }
939  
940 // Behave as per HTTP/1.1 spec for others
941 header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url);
942 exit;
943 }
944  
945 ?>