| [ Index ] |
PHP Cross Reference of MyBB 1.4.13 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.4 4 * Copyright © 2008 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybboard.net 7 * License: http://www.mybboard.net/about/license 8 * 9 * $Id: portal.php 4814 2010-03-17 10:36:31Z Huji $ 10 */ 11 12 define("IN_MYBB", 1); 13 define("IN_PORTAL", 1); 14 define('THIS_SCRIPT', 'portal.php'); 15 16 // set the path to your forums directory here (without trailing slash) 17 $forumdir = "./"; 18 19 // end editing 20 21 $change_dir = "./"; 22 23 if(!@chdir($forumdir) && !empty($forumdir)) 24 { 25 if(@is_dir($forumdir)) 26 { 27 $change_dir = $forumdir; 28 } 29 else 30 { 31 die("\$forumdir is invalid!"); 32 } 33 } 34 35 $templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal_pms,portal"; 36 37 require_once $change_dir."/global.php"; 38 require_once MYBB_ROOT."inc/functions_post.php"; 39 require_once MYBB_ROOT."inc/functions_user.php"; 40 require_once MYBB_ROOT."inc/class_parser.php"; 41 $parser = new postParser; 42 43 // Load global language phrases 44 $lang->load("portal"); 45 46 // Fetch the current URL 47 $portal_url = get_current_location(); 48 49 add_breadcrumb($lang->nav_portal, "portal.php"); 50 51 // This allows users to login if the portal is stored offsite or in a different directory 52 if($mybb->input['action'] == "do_login" && $mybb->request_method == "post") 53 { 54 $plugins->run_hooks("portal_do_login_start"); 55 56 // Checks to make sure the user can login; they haven't had too many tries at logging in. 57 // Is a fatal call if user has had too many tries 58 $logins = login_attempt_check(); 59 $login_text = ''; 60 61 if(!username_exists($mybb->input['username'])) 62 { 63 error($lang->error_invalidpworusername.$login_text); 64 } 65 $user = validate_password_from_username($mybb->input['username'], $mybb->input['password']); 66 if(!$user['uid']) 67 { 68 my_setcookie('loginattempts', $logins + 1); 69 $db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'"); 70 if($mybb->settings['failedlogintext'] == 1) 71 { 72 $login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); 73 } 74 error($lang->error_invalidpassword.$login_text); 75 } 76 77 my_setcookie('loginattempts', 1); 78 $db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'"); 79 $newsession = array( 80 "uid" => $user['uid'], 81 ); 82 $db->update_query("sessions", $newsession, "sid='".$session->sid."'"); 83 84 $db->update_query("users", array("loginattempts" => 1), "uid='{$mybb->user['uid']}'"); 85 86 // Temporarily set the cookie remember option for the login cookies 87 $mybb->user['remember'] = $user['remember']; 88 89 my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], null, true); 90 my_setcookie("sid", $session->sid, -1, true); 91 92 if(function_exists("loggedIn")) 93 { 94 loggedIn($user['uid']); 95 } 96 97 $plugins->run_hooks("portal_do_login_end"); 98 99 redirect("portal.php", $lang->redirect_loggedin); 100 } 101 102 $plugins->run_hooks("portal_start"); 103 104 105 // get forums user cannot view 106 $unviewable = get_unviewable_forums(true); 107 if($unviewable) 108 { 109 $unviewwhere = " AND fid NOT IN ($unviewable)"; 110 } 111 // If user is known, welcome them 112 if($mybb->settings['portal_showwelcome'] != 0) 113 { 114 if($mybb->user['uid'] != 0) 115 { 116 // Get number of new posts, threads, announcements 117 $query = $db->simple_select("posts", "COUNT(pid) AS newposts", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere"); 118 $newposts = $db->fetch_field($query, "newposts"); 119 if($newposts) 120 { // if there aren't any new posts, there is no point in wasting two more queries 121 $query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere"); 122 $newthreads = $db->fetch_field($query, "newthreads"); 123 $query = $db->simple_select("threads", "COUNT(tid) AS newann", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$mybb->settings['portal_announcementsfid'].") $unviewwhere"); 124 $newann = $db->fetch_field($query, "newann"); 125 if(!$newthreads) 126 { 127 $newthreads = 0; 128 } 129 if(!$newann) 130 { 131 $newann = 0; 132 } 133 } 134 else 135 { 136 $newposts = 0; 137 $newthreads = 0; 138 $newann = 0; 139 } 140 141 // Make the text 142 if($newann == 1) 143 { 144 $lang->new_announcements = $lang->new_announcement; 145 } 146 else 147 { 148 $lang->new_announcements = $lang->sprintf($lang->new_announcements, $newann); 149 } 150 if($newthreads == 1) 151 { 152 $lang->new_threads = $lang->new_thread; 153 } 154 else 155 { 156 $lang->new_threads = $lang->sprintf($lang->new_threads, $newthreads); 157 } 158 if($newposts == 1) 159 { 160 $lang->new_posts = $lang->new_post; 161 } 162 else 163 { 164 $lang->new_posts = $lang->sprintf($lang->new_posts, $newposts); 165 } 166 eval("\$welcometext = \"".$templates->get("portal_welcome_membertext")."\";"); 167 168 } 169 else 170 { 171 $lang->guest_welcome_registration = $lang->sprintf($lang->guest_welcome_registration, $mybb->settings['bburl'] . '/member.php?action=register'); 172 $mybb->user['username'] = $lang->guest; 173 eval("\$welcometext = \"".$templates->get("portal_welcome_guesttext")."\";"); 174 } 175 $lang->welcome = $lang->sprintf($lang->welcome, $mybb->user['username']); 176 eval("\$welcome = \"".$templates->get("portal_welcome")."\";"); 177 if($mybb->user['uid'] == 0) 178 { 179 $mybb->user['username'] = ""; 180 } 181 } 182 // Private messages box 183 if($mybb->settings['portal_showpms'] != 0) 184 { 185 if($mybb->user['uid'] != 0 && $mybb->user['receivepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->settings['enablepms'] != 0) 186 { 187 switch($db->type) 188 { 189 case "sqlite2": 190 case "sqlite3": 191 case "pgsql": 192 $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'"); 193 $messages['pms_total'] = $db->fetch_field($query, "pms_total"); 194 195 $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND CASE WHEN status = '0' AND folder = '0' THEN TRUE ELSE FALSE END"); 196 $messages['pms_unread'] = $db->fetch_field($query, "pms_unread"); 197 break; 198 default: 199 $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total, SUM(IF(status='0' AND folder='1','1','0')) AS pms_unread", "uid='".$mybb->user['uid']."'"); 200 $messages = $db->fetch_array($query); 201 } 202 203 // the SUM() thing returns "" instead of 0 204 if($messages['pms_unread'] == "") 205 { 206 $messages['pms_unread'] = 0; 207 } 208 $lang->pms_received_new = $lang->sprintf($lang->pms_received_new, $mybb->user['username'], $messages['pms_unread']); 209 eval("\$pms = \"".$templates->get("portal_pms")."\";"); 210 } 211 } 212 // Get Forum Statistics 213 if($mybb->settings['portal_showstats'] != 0) 214 { 215 $stats = $cache->read("stats"); 216 $stats['numthreads'] = my_number_format($stats['numthreads']); 217 $stats['numposts'] = my_number_format($stats['numposts']); 218 $stats['numusers'] = my_number_format($stats['numusers']); 219 if(!$stats['lastusername']) 220 { 221 $newestmember = "<strong>" . $lang->no_one . "</strong>"; 222 } 223 else 224 { 225 $newestmember = build_profile_link($stats['lastusername'], $stats['lastuid']); 226 } 227 eval("\$stats = \"".$templates->get("portal_stats")."\";"); 228 } 229 230 // Search box 231 if($mybb->settings['portal_showsearch'] != 0) 232 { 233 eval("\$search = \"".$templates->get("portal_search")."\";"); 234 } 235 236 // Get the online users 237 if($mybb->settings['portal_showwol'] != 0) 238 { 239 $timesearch = TIME_NOW - $mybb->settings['wolcutoff']; 240 $comma = ''; 241 $guestcount = 0; 242 $membercount = 0; 243 $onlinemembers = ''; 244 $query = $db->query(" 245 SELECT s.sid, s.ip, s.uid, s.time, s.location, u.username, u.invisible, u.usergroup, u.displaygroup 246 FROM ".TABLE_PREFIX."sessions s 247 LEFT JOIN ".TABLE_PREFIX."users u ON (s.uid=u.uid) 248 WHERE s.time>'$timesearch' 249 ORDER BY u.username ASC, s.time DESC 250 "); 251 while($user = $db->fetch_array($query)) 252 { 253 254 // Create a key to test if this user is a search bot. 255 $botkey = my_strtolower(str_replace("bot=", '', $user['sid'])); 256 257 if($user['uid'] == "0") 258 { 259 ++$guestcount; 260 } 261 elseif(my_strpos($user['sid'], "bot=") !== false && $session->bots[$botkey]) 262 { 263 // The user is a search bot. 264 $onlinemembers .= $comma.format_name($session->bots[$botkey], $session->botgroup); 265 $comma = ", "; 266 ++$botcount; 267 } 268 else 269 { 270 if($doneusers[$user['uid']] < $user['time'] || !$doneusers[$user['uid']]) 271 { 272 ++$membercount; 273 274 $doneusers[$user['uid']] = $user['time']; 275 276 // If the user is logged in anonymously, update the count for that. 277 if($user['invisible'] == 1) 278 { 279 ++$anoncount; 280 } 281 282 if($user['invisible'] == 1) 283 { 284 $invisiblemark = "*"; 285 } 286 else 287 { 288 $invisiblemark = ''; 289 } 290 291 if(($user['invisible'] == 1 && ($mybb->usergroup['canviewwolinvis'] == 1 || $user['uid'] == $mybb->user['uid'])) || $user['invisible'] != 1) 292 { 293 $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 294 $user['profilelink'] = get_profile_link($user['uid']); 295 eval("\$onlinemembers .= \"".$templates->get("portal_whosonline_memberbit", 1, 0)."\";"); 296 $comma = ", "; 297 } 298 } 299 } 300 } 301 302 $onlinecount = $membercount + $guestcount + $botcount; 303 304 // If we can see invisible users add them to the count 305 if($mybb->usergroup['canviewwolinvis'] == 1) 306 { 307 $onlinecount += $anoncount; 308 } 309 310 // If we can't see invisible users but the user is an invisible user incriment the count by one 311 if($mybb->usergroup['canviewwolinvis'] != 1 && $mybb->user['invisible'] == 1) 312 { 313 ++$onlinecount; 314 } 315 316 // Most users online 317 $mostonline = $cache->read("mostonline"); 318 if($onlinecount > $mostonline['numusers']) 319 { 320 $time = TIME_NOW; 321 $mostonline['numusers'] = $onlinecount; 322 $mostonline['time'] = $time; 323 $cache->update("mostonline", $mostonline); 324 } 325 $recordcount = $mostonline['numusers']; 326 $recorddate = my_date($mybb->settings['dateformat'], $mostonline['time']); 327 $recordtime = my_date($mybb->settings['timeformat'], $mostonline['time']); 328 329 if($onlinecount == 1) 330 { 331 $lang->online_users = $lang->online_user; 332 } 333 else 334 { 335 $lang->online_users = $lang->sprintf($lang->online_users, $onlinecount); 336 } 337 $lang->online_counts = $lang->sprintf($lang->online_counts, $membercount, $guestcount); 338 eval("\$whosonline = \"".$templates->get("portal_whosonline")."\";"); 339 } 340 341 // Latest forum discussions 342 if($mybb->settings['portal_showdiscussions'] != 0 && $mybb->settings['portal_showdiscussionsnum']) 343 { 344 $altbg = alt_trow(); 345 $threadlist = ''; 346 $query = $db->query(" 347 SELECT t.*, u.username 348 FROM ".TABLE_PREFIX."threads t 349 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 350 WHERE 1=1 $unviewwhere AND t.visible='1' AND t.closed NOT LIKE 'moved|%' 351 ORDER BY t.lastpost DESC 352 LIMIT 0, ".$mybb->settings['portal_showdiscussionsnum'] 353 ); 354 while($thread = $db->fetch_array($query)) 355 { 356 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 357 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 358 // Don't link to guest's profiles (they have no profile). 359 if($thread['lastposteruid'] == 0) 360 { 361 $lastposterlink = $thread['lastposter']; 362 } 363 else 364 { 365 $lastposterlink = build_profile_link($thread['lastposter'], $thread['lastposteruid']); 366 } 367 if(my_strlen($thread['subject']) > 25) 368 { 369 $thread['subject'] = my_substr($thread['subject'], 0, 25) . "..."; 370 } 371 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 372 $thread['threadlink'] = get_thread_link($thread['tid']); 373 eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";"); 374 $altbg = alt_trow(); 375 } 376 if($threadlist) 377 { 378 // Show the table only if there are threads 379 eval("\$latestthreads = \"".$templates->get("portal_latestthreads")."\";"); 380 } 381 } 382 383 // Get latest news announcements 384 // First validate announcement fids: 385 $announcementsfids = explode(',', $mybb->settings['portal_announcementsfid']); 386 if(is_array($announcementsfids)) 387 { 388 foreach($announcementsfids as $fid) 389 { 390 $fid_array[] = intval($fid); 391 } 392 $announcementsfids = implode(',', $fid_array); 393 } 394 // And get them! 395 $query = $db->simple_select("forums", "*", "fid IN (".$announcementsfids.")"); 396 while($forumrow = $db->fetch_array($query)) 397 { 398 $forum[$forumrow['fid']] = $forumrow; 399 } 400 401 $pids = ''; 402 $tids = ''; 403 $comma = ''; 404 $query = $db->query(" 405 SELECT p.pid, p.message, p.tid, p.smilieoff 406 FROM ".TABLE_PREFIX."posts p 407 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 408 WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid 409 ORDER BY t.dateline DESC 410 LIMIT 0, ".$mybb->settings['portal_numannouncements'] 411 ); 412 while($getid = $db->fetch_array($query)) 413 { 414 $pids .= ",'{$getid['pid']}'"; 415 $tids .= ",'{$getid['tid']}'"; 416 $posts[$getid['tid']] = $getid; 417 } 418 $pids = "pid IN(0{$pids})"; 419 // Now lets fetch all of the attachments for these posts 420 $query = $db->simple_select("attachments", "*", $pids); 421 while($attachment = $db->fetch_array($query)) 422 { 423 $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; 424 } 425 426 if(is_array($forum)) 427 { 428 foreach($forum as $fid => $forumrow) 429 { 430 $forumpermissions[$fid] = forum_permissions($fid); 431 } 432 } 433 434 $icon_cache = $cache->read("posticons"); 435 436 $announcements = ''; 437 $query = $db->query(" 438 SELECT t.*, t.username AS threadusername, u.username, u.avatar, u.avatardimensions 439 FROM ".TABLE_PREFIX."threads t 440 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 441 WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%' 442 ORDER BY t.dateline DESC 443 LIMIT 0, ".$mybb->settings['portal_numannouncements'] 444 ); 445 while($announcement = $db->fetch_array($query)) 446 { 447 $announcement['message'] = $posts[$announcement['tid']]['message']; 448 $announcement['pid'] = $posts[$announcement['tid']]['pid']; 449 $announcement['smilieoff'] = $posts[$announcement['tid']]['smilieoff']; 450 $announcement['threadlink'] = get_thread_link($announcement['tid']); 451 452 if($announcement['uid'] == 0) 453 { 454 $profilelink = htmlspecialchars_uni($announcement['threadusername']); 455 } 456 else 457 { 458 $profilelink = build_profile_link($announcement['username'], $announcement['uid']); 459 } 460 461 if(!$announcement['username']) 462 { 463 $announcement['username'] = $announcement['threadusername']; 464 } 465 $announcement['subject'] = htmlspecialchars_uni($parser->parse_badwords($announcement['subject'])); 466 if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']]) 467 { 468 $icon = $icon_cache[$announcement['icon']]; 469 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 470 } 471 else 472 { 473 $icon = " "; 474 } 475 if($announcement['avatar'] != '') 476 { 477 $avatar_dimensions = explode("|", $announcement['avatardimensions']); 478 if($avatar_dimensions[0] && $avatar_dimensions[1]) 479 { 480 $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; 481 } 482 if (!stristr($announcement['avatar'], 'http://')) 483 { 484 $announcement['avatar'] = $mybb->settings['bburl'] . '/' . $announcement['avatar']; 485 } 486 $avatar = "<td class=\"trow1\" width=\"1\" align=\"center\" valign=\"top\"><img src=\"{$announcement['avatar']}\" alt=\"\" {$avatar_width_height} /></td>"; 487 } 488 else 489 { 490 $avatar = ''; 491 } 492 $anndate = my_date($mybb->settings['dateformat'], $announcement['dateline']); 493 $anntime = my_date($mybb->settings['timeformat'], $announcement['dateline']); 494 495 if($announcement['replies']) 496 { 497 eval("\$numcomments = \"".$templates->get("portal_announcement_numcomments")."\";"); 498 } 499 else 500 { 501 eval("\$numcomments = \"".$templates->get("portal_announcement_numcomments_no")."\";"); 502 $lastcomment = ''; 503 } 504 505 $plugins->run_hooks("portal_announcement"); 506 507 $parser_options = array( 508 "allow_html" => $forum[$announcement['fid']]['allowhtml'], 509 "allow_mycode" => $forum[$announcement['fid']]['allowmycode'], 510 "allow_smilies" => $forum[$announcement['fid']]['allowsmilies'], 511 "allow_imgcode" => $forum[$announcement['fid']]['allowimgcode'], 512 "filter_badwords" => 1 513 ); 514 if($announcement['smilieoff'] == 1) 515 { 516 $parser_options['allow_smilies'] = 0; 517 } 518 519 $message = $parser->parse_message($announcement['message'], $parser_options); 520 521 if(is_array($attachcache[$announcement['pid']])) 522 { // This post has 1 or more attachments 523 $validationcount = 0; 524 $id = $announcement['pid']; 525 foreach($attachcache[$id] as $aid => $attachment) 526 { 527 if($attachment['visible']) 528 { // There is an attachment thats visible! 529 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 530 $attachment['filesize'] = get_friendly_size($attachment['filesize']); 531 $ext = get_extension($attachment['filename']); 532 if($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") 533 { 534 $isimage = true; 535 } 536 else 537 { 538 $isimage = false; 539 } 540 $attachment['icon'] = get_attachment_icon($ext); 541 // Support for [attachment=id] code 542 if(stripos($message, "[attachment=".$attachment['aid']."]") !== false) 543 { 544 if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != '') 545 { // We have a thumbnail to show (and its not the "SMALL" enough image 546 eval("\$attbit = \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";"); 547 } 548 elseif($attachment['thumbnail'] == "SMALL" && $forumpermissions[$announcement['fid']]['candlattachments'] == 1) 549 { 550 // Image is small enough to show - no thumbnail 551 eval("\$attbit = \"".$templates->get("postbit_attachments_images_image")."\";"); 552 } 553 else 554 { 555 // Show standard link to attachment 556 eval("\$attbit = \"".$templates->get("postbit_attachments_attachment")."\";"); 557 } 558 $message = preg_replace("#\[attachment=".$attachment['aid']."]#si", $attbit, $message); 559 } 560 else 561 { 562 if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != '') 563 { // We have a thumbnail to show 564 eval("\$post['thumblist'] .= \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";"); 565 if($tcount == 5) 566 { 567 $thumblist .= "<br />"; 568 $tcount = 0; 569 } 570 ++$tcount; 571 } 572 elseif($attachment['thumbnail'] == "SMALL" && $forumpermissions[$announcement['fid']]['candlattachments'] == 1) 573 { 574 // Image is small enough to show - no thumbnail 575 eval("\$post['imagelist'] .= \"".$templates->get("postbit_attachments_images_image")."\";"); 576 } 577 else 578 { 579 eval("\$post['attachmentlist'] .= \"".$templates->get("postbit_attachments_attachment")."\";"); 580 } 581 } 582 } 583 else 584 { 585 $validationcount++; 586 } 587 } 588 if($post['thumblist']) 589 { 590 eval("\$post['attachedthumbs'] = \"".$templates->get("postbit_attachments_thumbnails")."\";"); 591 } 592 if($post['imagelist']) 593 { 594 eval("\$post['attachedimages'] = \"".$templates->get("postbit_attachments_images")."\";"); 595 } 596 if($post['attachmentlist'] || $post['thumblist'] || $post['imagelist']) 597 { 598 eval("\$post['attachments'] = \"".$templates->get("postbit_attachments")."\";"); 599 } 600 } 601 602 eval("\$announcements .= \"".$templates->get("portal_announcement")."\";"); 603 unset($post); 604 } 605 eval("\$portal = \"".$templates->get("portal")."\";"); 606 607 $plugins->run_hooks("portal_end"); 608 609 output_page($portal); 610 611 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Apr 19 19:52:21 2010 | Cross-referenced by PHPXref 0.7 |