| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: class_core.php 5641 2011-10-26 09:36:44Z Tomm $ 10 */ 11 12 class MyBB { 13 /** 14 * The friendly version number of MyBB we're running. 15 * 16 * @var string 17 */ 18 public $version = "1.6.5"; 19 20 /** 21 * The version code of MyBB we're running. 22 * 23 * @var integer 24 */ 25 public $version_code = 1605; 26 27 /** 28 * The current working directory. 29 * 30 * @var string 31 */ 32 public $cwd = "."; 33 34 /** 35 * Input variables received from the outer world. 36 * 37 * @var array 38 */ 39 public $input = array(); 40 41 /** 42 * Cookie variables received from the outer world. 43 * 44 * @var array 45 */ 46 public $cookies = array(); 47 48 /** 49 * Information about the current user. 50 * 51 * @var array 52 */ 53 public $user = array(); 54 55 /** 56 * Information about the current usergroup. 57 * 58 * @var array 59 */ 60 public $usergroup = array(); 61 62 /** 63 * MyBB settings. 64 * 65 * @var array 66 */ 67 public $settings = array(); 68 69 /** 70 * Whether or not magic quotes are enabled. 71 * 72 * @var unknown_type 73 */ 74 public $magicquotes = 0; 75 76 /** 77 * MyBB configuration. 78 * 79 * @var array 80 */ 81 public $config = array(); 82 83 /** 84 * The request method that called this page. 85 * 86 * @var string. 87 */ 88 public $request_method = ""; 89 90 /** 91 * Variables that need to be clean. 92 * 93 * @var array 94 */ 95 public $clean_variables = array( 96 "int" => array( 97 "tid", "pid", "uid", 98 "eid", "pmid", "fid", 99 "aid", "rid", "sid", 100 "vid", "cid", "bid", 101 "pid", "gid", "mid", 102 "wid", "lid", "iid", 103 "sid"), 104 "a-z" => array( 105 "sortby", "order" 106 ) 107 ); 108 109 /** 110 * Variables that are to be ignored from cleansing process 111 * 112 * @var array 113 */ 114 public $ignore_clean_variables = array(); 115 116 /** 117 * Using built in shutdown functionality provided by register_shutdown_function for < PHP 5? 118 */ 119 public $use_shutdown = false; 120 121 /** 122 * Debug mode? 123 */ 124 public $debug_mode = false; 125 126 /** 127 * Constructor of class. 128 * 129 * @return MyBB 130 */ 131 function __construct() 132 { 133 // Set up MyBB 134 $protected = array("_GET", "_POST", "_SERVER", "_COOKIE", "_FILES", "_ENV", "GLOBALS"); 135 foreach($protected as $var) 136 { 137 if(isset($_REQUEST[$var]) || isset($_FILES[$var])) 138 { 139 die("Hacking attempt"); 140 } 141 } 142 143 if(defined("IGNORE_CLEAN_VARS")) 144 { 145 if(!is_array(IGNORE_CLEAN_VARS)) 146 { 147 $this->ignore_clean_variables = array(IGNORE_CLEAN_VARS); 148 } 149 else 150 { 151 $this->ignore_clean_variables = IGNORE_CLEAN_VARS; 152 } 153 } 154 155 // Determine Magic Quotes Status (< PHP 6.0) 156 if(version_compare(PHP_VERSION, '6.0', '<')) 157 { 158 if(@get_magic_quotes_gpc()) 159 { 160 $this->magicquotes = 1; 161 $this->strip_slashes_array($_POST); 162 $this->strip_slashes_array($_GET); 163 $this->strip_slashes_array($_COOKIE); 164 } 165 @set_magic_quotes_runtime(0); 166 @ini_set("magic_quotes_gpc", 0); 167 @ini_set("magic_quotes_runtime", 0); 168 } 169 170 // Determine input 171 $this->parse_incoming($_GET); 172 $this->parse_incoming($_POST); 173 174 if($_SERVER['REQUEST_METHOD'] == "POST") 175 { 176 $this->request_method = "post"; 177 } 178 else if($_SERVER['REQUEST_METHOD'] == "GET") 179 { 180 $this->request_method = "get"; 181 } 182 183 // If we've got register globals on, then kill them too 184 if(@ini_get("register_globals") == 1) 185 { 186 $this->unset_globals($_POST); 187 $this->unset_globals($_GET); 188 $this->unset_globals($_FILES); 189 $this->unset_globals($_COOKIE); 190 } 191 $this->clean_input(); 192 193 if(@ini_get("safe_mode") == 1) 194 { 195 $this->safemode = true; 196 } 197 198 // Are we running in debug mode? 199 if(isset($this->input['debug']) && $this->input['debug'] == 1) 200 { 201 $this->debug_mode = true; 202 } 203 204 if(isset($this->input['action']) && $this->input['action'] == "mybb_logo") 205 { 206 require_once dirname(__FILE__)."/mybb_group.php"; 207 output_logo(); 208 } 209 210 if(isset($this->input['intcheck']) && $this->input['intcheck'] == 1) 211 { 212 die("MYBB"); 213 } 214 } 215 216 /** 217 * Parses the incoming variables. 218 * 219 * @param array The array of incoming variables. 220 */ 221 function parse_incoming($array) 222 { 223 if(!is_array($array)) 224 { 225 return; 226 } 227 228 foreach($array as $key => $val) 229 { 230 $this->input[$key] = $val; 231 } 232 } 233 234 /** 235 * Parses the incoming cookies 236 * 237 */ 238 function parse_cookies() 239 { 240 if(!is_array($_COOKIE)) 241 { 242 return; 243 } 244 245 $prefix_length = strlen($this->settings['cookieprefix']); 246 247 foreach($_COOKIE as $key => $val) 248 { 249 if($prefix_length && substr($key, 0, $prefix_length) == $this->settings['cookieprefix']) 250 { 251 $key = substr($key, $prefix_length); 252 253 // Fixes conflicts with one board having a prefix and another that doesn't on the same domain 254 // Gives priority to our cookies over others (overwrites them) 255 if($this->cookies[$key]) 256 { 257 unset($this->cookies[$key]); 258 } 259 } 260 261 if(!$this->cookies[$key]) 262 { 263 $this->cookies[$key] = $val; 264 } 265 } 266 } 267 268 /** 269 * Strips slashes out of a given array. 270 * 271 * @param array The array to strip. 272 */ 273 function strip_slashes_array(&$array) 274 { 275 foreach($array as $key => $val) 276 { 277 if(is_array($array[$key])) 278 { 279 $this->strip_slashes_array($array[$key]); 280 } 281 else 282 { 283 $array[$key] = stripslashes($array[$key]); 284 } 285 } 286 } 287 288 /** 289 * Unsets globals from a specific array. 290 * 291 * @param array The array to unset from. 292 */ 293 function unset_globals($array) 294 { 295 if(!is_array($array)) 296 { 297 return; 298 } 299 300 foreach(array_keys($array) as $key) 301 { 302 unset($GLOBALS[$key]); 303 unset($GLOBALS[$key]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4 304 } 305 } 306 307 /** 308 * Cleans predefined input variables. 309 * 310 */ 311 function clean_input() 312 { 313 foreach($this->clean_variables as $type => $variables) 314 { 315 foreach($variables as $var) 316 { 317 // If this variable is in the ignored array, skip and move to next. 318 if(in_array($var, $this->ignore_clean_variables)) 319 { 320 continue; 321 } 322 323 if(isset($this->input[$var])) 324 { 325 if($type == "int" && $this->input[$var] != "lastposter") 326 { 327 $this->input[$var] = intval($this->input[$var]); 328 } 329 else if($type == "a-z") 330 { 331 $this->input[$var] = preg_replace("#[^a-z\.\-_]#i", "", $this->input[$var]); 332 } 333 } 334 } 335 } 336 } 337 338 /** 339 * Triggers a generic error. 340 * 341 * @param string The error code. 342 */ 343 function trigger_generic_error($code) 344 { 345 global $error_handler; 346 347 switch($code) 348 { 349 case "cache_no_write": 350 $message = "The data cache directory (cache/) needs to exist and be writable by the web server. Change its permissions so that it is writable (777 on Unix based servers)."; 351 $error_code = MYBB_CACHE_NO_WRITE; 352 break; 353 case "install_directory": 354 $message = "The install directory (install/) still exists on your server and is not locked. To access MyBB please either remove this directory or create an empty file in it called 'lock'."; 355 $error_code = MYBB_INSTALL_DIR_EXISTS; 356 break; 357 case "board_not_installed": 358 $message = "Your board has not yet been installed and configured. Please do so before attempting to browse it."; 359 $error_code = MYBB_NOT_INSTALLED; 360 break; 361 case "board_not_upgraded": 362 $message = "Your board has not yet been upgraded. Please do so before attempting to browse it."; 363 $error_code = MYBB_NOT_UPGRADED; 364 break; 365 case "sql_load_error": 366 $message = "MyBB was unable to load the SQL extension. Please contact the MyBB Group for support. <a href=\"http://mybb.com\">MyBB Website</a>"; 367 $error_code = MYBB_SQL_LOAD_ERROR; 368 break; 369 case "eaccelerator_load_error": 370 $message = "eAccelerator needs to be configured with PHP to use the eAccelerator cache support."; 371 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 372 break; 373 case "memcache_load_error": 374 $message = "Your server does not have memcache support enabled."; 375 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 376 break; 377 case "xcache_load_error": 378 $message = "Xcache needs to be configured with PHP to use the Xcache cache support."; 379 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 380 break; 381 default: 382 $message = "MyBB has experienced an internal error. Please contact the MyBB Group for support. <a href=\"http://mybb.com\">MyBB Website</a>"; 383 $error_code = MYBB_GENERAL; 384 } 385 $error_handler->trigger($message, $error_code); 386 } 387 388 function __destruct() 389 { 390 // Run shutdown function 391 if(function_exists("run_shutdown")) 392 { 393 run_shutdown(); 394 } 395 } 396 } 397 398 /** 399 * Do this here because the core is used on every MyBB page 400 */ 401 402 $grouppermignore = array("gid", "type", "title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 403 $groupzerogreater = array("pmquota", "maxpmrecipients", "maxreputationsday", "attachquota", "maxemails", "maxwarningsday"); 404 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 405 406 // These are fields in the usergroups table that are also forum permission specific. 407 $fpermfields = array( 408 'canview', 409 'canviewthreads', 410 'candlattachments', 411 'canpostthreads', 412 'canpostreplys', 413 'canpostattachments', 414 'canratethreads', 415 'caneditposts', 416 'candeleteposts', 417 'candeletethreads', 418 'caneditattachments', 419 'canpostpolls', 420 'canvotepolls', 421 'cansearch' 422 ); 423 424 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |