sql.php

   1 <?php
   2 /*
   3     This program is free software; you can redistribute it and/or modify
   4     it under the terms of the Revised BSD License.
   5
   6     This program is distributed in the hope that it will be useful,
   7     but WITHOUT ANY WARRANTY; without even the implied warranty of
   8     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   9     Revised BSD License for more details.
  10
  11     Copyright 2004-2010 iDB Support - http://idb.berlios.de/
  12     Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/
  13
  14     $FileInfo: sql.php - Last Update: 09/24/2010 SVN 561 - Author: cooldude2k $
  15 */
  16 /* Some ini setting changes uncomment if you need them.
  17    Display PHP Errors */
  18 $disfunc = @ini_get("disable_functions");
  19 if($disfunc!="ini_set") { $disfunc = explode(",",$disfunc); }
  20 if($disfunc=="ini_set") { $disfunc = array("ini_set"); }
  21 if(!in_array("ini_set", $disfunc)) {
  22 // Uncomment next two lines to show errors
  23 /*@ini_set("display_errors", true);
  24 @ini_set("display_startup_errors", true); */ }
  25 @error_reporting(E_ALL ^ E_NOTICE);
  26 /* Get rid of session id in urls */
  27 if(!in_array("ini_set", $disfunc)) {
  28 @ini_set("session.use_trans_sid", false);
  29 @ini_set("session.use_cookies", true);
  30 @ini_set("session.use_only_cookies", true);
  31 @ini_set("url_rewriter.tags",""); }
  32 @set_time_limit(30); @ignore_user_abort(true);
  33 /* Change session garbage collection settings */
  34 if(!in_array("ini_set", $disfunc)) {
  35 @ini_set("session.gc_probability", 1);
  36 @ini_set("session.gc_divisor", 100);
  37 @ini_set("session.gc_maxlifetime", 1440);
  38 /* Change session hash type here */
  39 @ini_set('session.hash_function', 1);
  40 @ini_set('session.hash_bits_per_character', 6); }
  41 /* Do not change anything below this line unless you know what you are doing */
  42 $File3Name = basename($_SERVER['SCRIPT_NAME']);
  43 if ($File3Name=="sql.php"||$File3Name=="/sql.php") {
  44         header('Location: index.php');
  45         exit(); }
  46 if(file_exists('settings.php')) {
  47         require_once('settings.php');
  48 if(!in_array("ini_set", $disfunc)&&$Settings['qstr']!="/"&&$Settings['qstr']!="&") {
  49 ini_set("arg_separator.output",htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']));
  50 ini_set("arg_separator.input",$Settings['qstr']); } }
  51 if(!isset($Settings['idburl'])) { $Settings['idburl'] = null; }
  52 if(!isset($Settings['fixbasedir'])) { $Settings['fixbasedir'] = null; }
  53 if(!isset($Settings['fixpathinfo'])) { $Settings['fixpathinfo'] = null; }
  54 if(!isset($Settings['fixcookiedir'])) { $Settings['fixcookiedir'] = null; }
  55 if(!isset($Settings['fixredirectdir'])) { $Settings['fixcookiedir'] = null; }
  56 $Settings['bid'] = base64_encode(urlencode($Settings['idburl']));
  57 if(!isset($Settings['showverinfo'])) {
  58         $Settings['showverinfo'] = "on"; }
  59 if($Settings['fixpathinfo']=="off") {
  60         $Settings['fixpathinfo'] = null; }
  61 if($Settings['fixbasedir']=="off") {
  62         $Settings['fixbasedir'] = null; }
  63 if($Settings['fixcookiedir']=="off") {
  64         $Settings['fixcookiedir'] = null; }
  65 if($Settings['fixredirectdir']=="off") {
  66         $Settings['fixredirectdir'] = null; }
  67 $OldSettings['fixpathinfo'] = $Settings['fixpathinfo'];
  68 $OldSettings['fixbasedir'] = $Settings['fixbasedir'];
  69 $OldSettings['fixcookiedir'] = $Settings['fixcookiedir'];
  70 $OldSettings['fixredirectdir'] = $Settings['fixredirectdir'];
  71 if($Settings['idburl']=="localhost") {
  72 header("Content-Type: text/plain; charset=UTF-8");
  73 echo "500 Error: URL is malformed. Try reinstalling iDB."; die(); }
  74 if($Settings['fixbasedir']=="on") {
  75 if($Settings['idburl']!=null&&$Settings['idburl']!="localhost") {
  76 $PathsTest = parse_url($Settings['idburl']);
  77 $Settings['fixbasedir'] = $PathsTest['path']."/";
  78 $Settings['fixbasedir'] = str_replace("//", "/", $Settings['fixbasedir']); } }
  79 if($Settings['fixcookiedir']=="on") {
  80 if($Settings['idburl']!=null&&$Settings['idburl']!="localhost") {
  81 $PathsTest = parse_url($Settings['idburl']);
  82 $Settings['fixcookiedir'] = $PathsTest['path']."/";
  83 $Settings['fixcookiedir'] = str_replace("//", "/", $Settings['fixcookiedir']); } }
  84 if($Settings['fixredirectdir']=="on") {
  85 if($Settings['idburl']!=null&&$Settings['idburl']!="localhost") {
  86 $PathsTest = parse_url($Settings['idburl']);
  87 $Settings['fixredirectdir'] = $PathsTest['path']."/";
  88 $Settings['fixredirectdir'] = str_replace("//", "/", $Settings['fixredirectdir']); } }
  89 if(!isset($Settings['charset'])) {
  90         $Settings['charset'] = "ISO-8859-15"; }
  91 if(isset($Settings['charset'])) {
  92 if($Settings['charset']!="ISO-8859-15"&&$Settings['charset']!="ISO-8859-1"&&
  93         $Settings['charset']!="UTF-8"&&$Settings['charset']!="CP866"&&
  94         $Settings['charset']!="Windows-1251"&&$Settings['charset']!="Windows-1252"&&
  95         $Settings['charset']!="KOI8-R"&&$Settings['charset']!="BIG5"&&
  96         $Settings['charset']!="GB2312"&&$Settings['charset']!="BIG5-HKSCS"&&
  97         $Settings['charset']!="Shift_JIS"&&$Settings['charset']!="EUC-JP") {
  98         $Settings['charset'] = "ISO-8859-15"; } }
  99         $chkcharset = $Settings['charset'];
 100 @ini_set('default_charset', $Settings['charset']);
 101 //session_save_path($SettDir['inc']."temp/");
 102 if(!isset($Settings['sqldb'])) {
 103 if(file_exists("install.php")) { header('Location: install.php'); die(); }
 104 if(!file_exists("install.php")) { header("Content-Type: text/plain; charset=UTF-8");
 105 echo "403 Error: Sorry could not find install.php\nTry uploading files again and if that dose not work try download iDB again."; die(); } }
 106 if(isset($Settings['sqldb'])&&
 107         function_exists("date_default_timezone_set")) {
 108         @date_default_timezone_set("UTC"); }
 109 if(!isset($Settings['sqlhost'])) { $Settings['sqlhost'] = "localhost"; }
 110 if($Settings['fixpathinfo']=="on") {
 111         $_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
 112         putenv("PATH_INFO=".$_SERVER['ORIG_PATH_INFO']); }
 113 // Check to see if variables are set
 114 if(!isset($SettDir['inc'])) { $SettDir['inc'] = "inc/"; }
 115 if(!isset($SettDir['archive'])) { $SettDir['inc'] = "archive/"; }
 116 if(!isset($SettDir['misc'])) { $SettDir['misc'] = "inc/misc/"; }
 117 if(!isset($SettDir['sql'])) { $SettDir['sql'] = "inc/misc/sql/"; }
 118 if(!isset($SettDir['admin'])) { $SettDir['admin'] = "inc/admin/"; }
 119 if(!isset($SettDir['sqldumper'])) { $SettDir['sqldumper'] = "inc/admin/sqldumper/"; }
 120 if(!isset($SettDir['mod'])) { $SettDir['mod'] = "inc/mod/"; }
 121 if(!isset($SettDir['themes'])) { $SettDir['themes'] = "themes/"; }
 122 if(!isset($Settings['use_iniset'])) { $Settings['use_iniset'] = null; }
 123 if(!isset($Settings['clean_ob'])) { $Settings['clean_ob'] = "off"; }
 124 if(!isset($_SERVER['PATH_INFO'])) { $_SERVER['PATH_INFO'] = null; }
 125 if(!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
 126         $_SERVER['HTTP_ACCEPT_ENCODING'] = null; }
 127 if(!isset($_SERVER["HTTP_ACCEPT"])) { $_SERVER["HTTP_ACCEPT"] = null; }
 128 if(!isset($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = null; }
 129 if(!isset($_GET['page'])) { $_GET['page'] = null; }
 130 if(!isset($_GET['act'])) { $_GET['act'] = null; }
 131 if(!isset($_POST['act'])) { $_POST['act'] = null; }
 132 if(!isset($_GET['modact'])) { $_GET['modact'] = null; }
 133 if(!isset($_POST['modact'])) { $_POST['modact'] = null; }
 134 if(!isset($_GET['id'])) { $_GET['id'] = null; }
 135 if(!isset($_GET['debug'])) { $_GET['debug'] = "off"; }
 136 if(!isset($_GET['post'])) { $_GET['post'] = null; }
 137 if(!isset($_POST['License'])) { $_POST['License'] = null; }
 138 if(!isset($_SERVER['HTTPS'])) { $_SERVER['HTTPS'] = "off"; }
 139 if(!isset($Settings['SQLThemes'])) { $Settings['SQLThemes'] = "off"; }
 140 if($Settings['SQLThemes']!="on"&&$Settings['SQLThemes']!="off") {
 141         $Settings['SQLThemes'] = "off"; }
 142 require_once($SettDir['misc'].'utf8.php');
 143 require_once($SettDir['inc'].'filename.php');
 144 if(!isset($Settings['use_hashtype'])) {
 145         $Settings['use_hashtype'] = "sha1"; }
 146 if(!function_exists('hash')||!function_exists('hash_algos')) {
 147 if($Settings['use_hashtype']!="md5"&&
 148    $Settings['use_hashtype']!="sha1") {
 149         $Settings['use_hashtype'] = "sha1"; } }
 150 if(function_exists('hash')&&function_exists('hash_algos')) {
 151 if(!in_array($Settings['use_hashtype'],hash_algos())) {
 152         $Settings['use_hashtype'] = "sha1"; }
 153 if($Settings['use_hashtype']!="md2"&&
 154    $Settings['use_hashtype']!="md4"&&
 155    $Settings['use_hashtype']!="md5"&&
 156    $Settings['use_hashtype']!="sha1"&&
 157    $Settings['use_hashtype']!="sha224"&&
 158    $Settings['use_hashtype']!="sha256"&&
 159    $Settings['use_hashtype']!="sha384"&&
 160    $Settings['use_hashtype']!="sha512"&&
 161    $Settings['use_hashtype']!="ripemd128"&&
 162    $Settings['use_hashtype']!="ripemd160"&&
 163    $Settings['use_hashtype']!="ripemd256"&&
 164    $Settings['use_hashtype']!="ripemd320") {
 165         $Settings['use_hashtype'] = "sha1"; } }
 166 // Check to see if variables are set
 167 require_once($SettDir['misc'].'setcheck.php');
 168 $dayconv = array('second' => 1, 'minute' => 60, 'hour' => 3600, 'day' => 86400, 'week' => 604800, 'month' => 2630880, 'year' => 31570560, 'decade' => 315705600);
 169 require_once($SettDir['inc'].'function.php');
 170 $iDBVerName = "iDB|".$VER2[1]."|".$VER1[0].".".$VER1[1].".".$VER1[2]."|".$VER2[2]."|".$SubVerN;
 171 /*
 172 This way checks iDB version by sending the iDBVerName to the iDB Version Checker.
 173 $Settings['vercheck'] = 1;
 174 This way checks iDB version by sending the board url to the iDB Version Checker.
 175 $Settings['vercheck'] = 2;
 176 */
 177 if(!isset($Settings['vercheck'])) {
 178         $Settings['vercheck'] = 2; }
 179 if($Settings['vercheck']!=1&&
 180         $Settings['vercheck']!=2) {
 181         $Settings['vercheck'] = 2; }
 182 if($Settings['vercheck']===2) {
 183 if($_GET['act']=="vercheckxsl") {
 184 if(stristr($_SERVER["HTTP_ACCEPT"],"application/xml") ) {
 185 header("Content-Type: application/xml; charset=".$Settings['charset']); }
 186 else { header("Content-Type: text/xml; charset=".$Settings['charset']); }
 187 xml_doc_start("1.0",$Settings['charset']);
 188 echo "\n"; ?>
 189 <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
 190
 191 <xsl:template match="/">
 192  <html xsl:version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/1999/xhtml">
 193   <body style="font-family:Arial;font-size:12pt;background-color:#EEEEEE">
 194    <xsl:for-each select="versioninfo/version">
 195     <div style="background-color:teal;color:white;padding:4px">
 196      <span style="font-weight:bold"><xsl:value-of select="vname"/></span>
 197     </div>
 198     <div style="margin-left:20px;margin-bottom:1em;font-size:10pt">
 199      <span style="font-style:italic">
 200           Board Name: <a href="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>"><xsl:value-of select="title"/></a></span>
 201     </div>
 202    </xsl:for-each>
 203   </body>
 204  </html>
 205 </xsl:template>
 206
 207 </xsl:stylesheet>
 208 <?php die(); } if($_GET['act']=="versioninfo") {
 209 if(stristr($_SERVER["HTTP_ACCEPT"],"application/xml") ) {
 210 header("Content-Type: application/xml; charset=".$Settings['charset']); }
 211 else { header("Content-Type: text/xml; charset=".$Settings['charset']); }
 212 xml_doc_start("1.0",$Settings['charset']);
 213 echo '<?xml-stylesheet type="text/xsl" href="'.url_maker($exfile['index'],$Settings['file_ext'],"act=vercheckxsl",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']).'"?>'."\n"; ?>
 214
 215 <!DOCTYPE versioninfo [
 216 <!ELEMENT versioninfo (version*)>
 217 <!ELEMENT version (charset,title,name,vname)>
 218 <!ELEMENT charset (#PCDATA)>
 219 <!ELEMENT title (#PCDATA)>
 220 <!ELEMENT name (#PCDATA)>
 221 <!ELEMENT vname (#PCDATA)>
 222 ]>
 223
 224 <versioninfo>
 225
 226 <version>
 227  <charset><?php echo $Settings['charset']; ?></charset>
 228   <title><?php echo $Settings['board_name']; ?></title>
 229   <?php echo "<name>".$iDBVerName."</name>\n"; ?>
 230   <vname>iDB Version Checker</vname>
 231 </version>
 232
 233 </versioninfo>
 234 <?php die(); } } if($Settings['vercheck']===1) {
 235 if($_GET['act']=="versioninfo") { header("Content-Type: text/plain; charset=UTF-8");
 236 header("Location: ".$VerCheckURL."&name=".urlencode($iDBVerName)); die(); } }
 237 if($_GET['act']=="homepage") { header("Content-Type: text/plain; charset=UTF-8");
 238 header("Location: ".$Settings['weburl']); die(); }
 239 if($Settings['enable_pathinfo']=="on") {
 240         mrstring(); /* Change Path info to Get Vars :P */ }
 241 // Check to see if variables are set
 242 $qstrhtml = htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']);
 243 if($Settings['enable_https']=="on"&&$_SERVER['HTTPS']=="on") {
 244 if($Settings['idburl']!=null&&$Settings['idburl']!="localhost") {
 245 $HTTPsTest = parse_url($Settings['idburl']); if($HTTPsTest['scheme']=="http") {
 246 $Settings['idburl'] = preg_replace("/http\:\/\//i", "https://", $Settings['idburl']); } } }
 247 $cookieDomain = null; $cookieSecure = false;
 248 if($Settings['idburl']!=null&&$Settings['idburl']!="localhost") {
 249 $URLsTest = parse_url($Settings['idburl']);
 250 $cookieDomain = $URLsTest['host'];
 251 if($cookieDomain=="localhost") { $cookieDomain = false; }
 252 if($Settings['enable_https']=="on") {
 253  if($URLsTest['scheme']=="https") { $cookieSecure = true; }
 254  if($URLsTest['scheme']!="https") { $cookieSecure = false; } } }
 255 @ini_set("default_charset",$Settings['charset']);
 256 $File1Name = dirname($_SERVER['SCRIPT_NAME'])."/";
 257 $File2Name = $_SERVER['SCRIPT_NAME'];
 258 $File3Name=str_replace($File1Name, null, $File2Name);
 259 if ($File3Name=="sql.php"||$File3Name=="/sql.php") {
 260         require($SettDir['inc'].'forbidden.php');
 261         exit(); }
 262 //error_reporting(E_ERROR);
 263 // Check if gzip is on and if user's browser can accept gzip pages
 264 if($_GET['act']=="MkCaptcha"||$_GET['act']=="Captcha") {
 265         $Settings['use_gzip'] = 'off'; }
 266 if($Settings['use_gzip']=="on") {
 267 if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "gzip")) {
 268         $GZipEncode['Type'] = "gzip"; } else {
 269         if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "deflate")) {
 270         $GZipEncode['Type'] = "deflate"; } else {
 271                 $Settings['use_gzip'] = "off"; $GZipEncode['Type'] = "none"; } } }
 272 if($Settings['use_gzip']=="gzip") {
 273 if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "gzip")) { $Settings['use_gzip'] = "on";
 274         $GZipEncode['Type'] = "gzip"; } else { $Settings['use_gzip'] = "off"; } }
 275 if($Settings['use_gzip']=="deflate") {
 276 if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "deflate")) { $Settings['use_gzip'] = "on";
 277         $GZipEncode['Type'] = "deflate"; } else { $Settings['use_gzip'] = "off"; } }
 278 if($Settings['clean_ob']=="on") {
 279 /* Check for other output handlers/buffers are open
 280    and close and get the contents in an array */
 281 $numob = count(ob_list_handlers()); $iob = 0;
 282 while ($iob < $numob) {
 283         $old_ob_var[$iob] = ob_get_clean();
 284         ++$iob; } } ob_start();
 285 if($Settings['use_gzip']=="on") {
 286 if($GZipEncode['Type']!="gzip") { if($GZipEncode['Type']!="deflate") { $GZipEncode['Type'] = "gzip"; } }
 287         if($GZipEncode['Type']=="gzip") {
 288         header("Content-Encoding: gzip"); }
 289         if($GZipEncode['Type']=="deflate") {
 290         header("Content-Encoding: deflate"); } }
 291 /* if(eregi("msie",$browser) && !eregi("opera",$browser)){
 292 header('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"'); } */
 293 // Some http stuff
 294 $SQLStat = sql_connect_db($Settings['sqlhost'],$Settings['sqluser'],$Settings['sqlpass'],$Settings['sqldb']);
 295 $SQLCollate = "latin1_general_ci";
 296 $SQLCharset = "latin1";
 297 if($Settings['charset']=="ISO-8859-1") {
 298         $SQLCollate = "latin1_general_ci";
 299         $SQLCharset = "latin1"; }
 300 if($Settings['charset']=="ISO-8859-15") {
 301         $SQLCollate = "latin1_general_ci";
 302         $SQLCharset = "latin1"; }
 303 if($Settings['charset']=="UTF-8") {
 304         $SQLCollate = "utf8_unicode_ci";
 305         $SQLCharset = "utf8"; }
 306 sql_set_charset($SQLCharset,$SQLStat);
 307 if($SQLStat===false) {
 308 header("Content-Type: text/plain; charset=".$Settings['charset']); sql_free_result($peresult);
 309 ob_clean(); echo "Sorry could not connect to mysql database.\nContact the board admin about error. Error log below.";
 310 echo "\n".sql_errorno($SQLStat);
 311 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
 312 $sqltable = $Settings['sqltable'];
 313 $temp_user_ip = $_SERVER['REMOTE_ADDR'];
 314 if(!isset($_SERVER['HTTP_USER_AGENT'])) {
 315         $_SERVER['HTTP_USER_AGENT'] = ""; }
 316 $temp_user_agent = $_SERVER['HTTP_USER_AGENT'];
 317 $SQLSType = $Settings['sqltype'];
 318 //Session Open Function
 319 function sql_session_open($save_path, $session_name ) {
 320 global $sess_save_path;
 321 $sess_save_path = $save_path;
 322 return true; }
 323 //Session Close Function
 324 function sql_session_close() {
 325 return true; }
 326 //Session Read Function
 327 function sql_session_read($id) {
 328 global $sqltable,$SQLStat,$SQLSType,$temp_user_ip,$temp_user_agent;
 329 $result = sql_query(sql_pre_query("SELECT * FROM \"".$sqltable."sessions\" WHERE \"session_id\" = '%s'", array($id)),$SQLStat);
 330 if (!sql_num_rows($result)) {
 331 sql_query(sql_pre_query("DELETE FROM \"".$sqltable."sessions\" WHERE \"session_id\"<>'%s' AND ip_address='%s'", array($id,$temp_user_ip)),$SQLStat);
 332 $time = GMTimeStamp();
 333 sql_query(sql_pre_query("INSERT INTO \"".$sqltable."sessions\" (\"session_id\", \"session_data\", \"user_agent\", \"ip_address\", \"expires\") VALUES\n".
 334 "('%s', '', '%s', '%s', %i)", array($id,$temp_user_agent,$temp_user_ip,$time)),$SQLStat);
 335 return '';
 336 } else {
 337 $time = GMTimeStamp();
 338 $predata = sql_num_rows($result);
 339 $data = "";
 340 if($predata > 0) {
 341 $row = sql_fetch_assoc($result);
 342 $data = $row['session_data']; }
 343 /*sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,$time,$id)),$SQLStat);*/
 344 return $data; } }
 345 //Session Write Function
 346 function sql_session_write($id,$data) {
 347 global $sqltable,$SQLStat,$SQLSType,$temp_user_ip,$temp_user_agent;
 348 $time = GMTimeStamp();
 349 $rs = sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"user_agent\"='%s',\"ip_address\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,$temp_user_agent,$temp_user_ip,$time,$id)),$SQLStat);
 350 return true; }
 351 //Session Destroy Function
 352 function sql_session_destroy($id) {
 353 global $sqltable,$SQLStat;
 354 sql_query(sql_pre_query("DELETE FROM \"".$sqltable."sessions\" WHERE \"session_id\" = '$id'", array($id)),$SQLStat);
 355 return true; }
 356 //Session Garbage Collection Function
 357 function sql_session_gc($maxlifetime) {
 358 global $sqltable,$SQLStat;
 359 $time = GMTimeStamp() - $maxlifetime;
 360 //sql_query(sql_pre_query('DELETE FROM \"'.$sqltable.'sessions\" WHERE \"expires\" < UNIX_TIMESTAMP();', array(null)),$SQLStat);
 361 sql_query(sql_pre_query("DELETE FROM \"".$sqltable."sessions\" WHERE \"expires\" < %i", array($time)),$SQLStat);
 362 return true; }
 363 session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
 364 if($cookieDomain==null) {
 365 session_set_cookie_params(0, $cbasedir); }
 366 if($cookieDomain!=null) {
 367 if($cookieSecure===true) {
 368 session_set_cookie_params(0, $cbasedir, $cookieDomain, 1); }
 369 if($cookieSecure===false) {
 370 session_set_cookie_params(0, $cbasedir, $cookieDomain); } }
 371 session_cache_limiter("private, no-cache, must-revalidate");
 372 header("Cache-Control: private, no-cache, must-revalidate");
 373 header("Pragma: private, no-cache, must-revalidate");
 374 header("Date: ".gmdate("D, d M Y H:i:s")." GMT");
 375 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
 376 header("Expires: ".gmdate("D, d M Y H:i:s")." GMT");
 377 if(!isset($_COOKIE[$Settings['sqltable']."sess"])) {
 378 $exptime = GMTimeStamp() - ini_get("session.gc_maxlifetime");
 379 sql_query(sql_pre_query("DELETE FROM \"".$Settings['sqltable']."sessions\" WHERE \"expires\" < %i OR ip_address='%s'", array($exptime,$temp_user_ip)),$SQLStat); }
 380 session_name($Settings['sqltable']."sess");
 381 session_start();
 382 //header("Set-Cookie: PHPSESSID=" . session_id() . "; path=".$cbasedir);
 383 output_reset_rewrite_vars();
 384 if($_GET['act']=="bsdl"||$_GET['act']=="BSDL"||$_GET['act']=="license"||
 385         $_GET['act']=="LICENSE"||$_GET['act']=="License") { $_GET['act']="bsd"; }
 386 if($_GET['act']=="bsd") {
 387 header("Content-Type: text/plain; charset=".$Settings['charset']);
 388 require("LICENSE"); gzip_page($Settings['use_gzip'],$GZipEncode['Type']); die(); }
 389 if($_GET['act']=="README"||$_GET['act']=="ReadME") { $_GET['act']="readme"; }
 390 if($_GET['act']=="readme"||$_GET['act']=="ReadMe") {
 391 header("Content-Type: text/plain; charset=".$Settings['charset']);
 392 require("README"); gzip_page($Settings['use_gzip'],$GZipEncode['Type']); die(); }
 393 if($_GET['act']=="js"||$_GET['act']=="javascript") {
 394 header("Content-Script-Type: text/javascript");
 395 if(stristr($_SERVER["HTTP_ACCEPT"],"application/x-javascript") ) {
 396 header("Content-Type: application/x-javascript; charset=".$Settings['charset']); } else {
 397 if(stristr($_SERVER["HTTP_ACCEPT"],"application/javascript") ) {
 398 header("Content-Type: application/javascript; charset=".$Settings['charset']); } else {
 399 header("Content-Type: text/javascript; charset=".$Settings['charset']); } }
 400 require($SettDir['inc'].'javascript.php');
 401 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); die(); }
 402 if($Settings['use_captcha']=="on") {
 403 if($_GET['act']=="MkCaptcha"||$_GET['act']=="Captcha") {
 404         if($Settings['captcha_clean']=="on") { ob_clean(); }
 405         require($SettDir['inc']."captcha.php");
 406         $aFonts = array('inc/fonts/VeraBd.ttf', 'inc/fonts/VeraBI.ttf', 'inc/fonts/VeraIt.ttf', 'inc/fonts/Vera.ttf');
 407         $oPhpCaptcha = new PhpCaptcha($aFonts, 200, 60);
 408         $RNumSize = rand(7,17); $i=0; $RandNum = null;
 409         while ($i <= $RNumSize) {
 410         $RandNum=$RandNum.dechex(rand(1,15)); ++$i; }
 411         $RandNum=strtoupper($RandNum);
 412         $oPhpCaptcha->SetOwnerText("Fake Code: ".$RandNum);
 413         $oPhpCaptcha->UseColour(true);
 414         $oPhpCaptcha->Create(); session_write_close(); die(); } }
 415 if(!isset($_SESSION['CheckCookie'])) {
 416 if(isset($_COOKIE['SessPass'])&&isset($_COOKIE['MemberName'])) {
 417 require($SettDir['inc'].'prelogin.php'); } }
 418 require($SettDir['inc'].'groupsetup.php');
 419 if($Settings['board_offline']=="on"&&$GroupInfo['CanViewOffLine']!="yes") {
 420 header("Content-Type: text/plain; charset=".$Settings['charset']); sql_free_result($peresult);
 421 ob_clean(); if(!isset($Settings['offline_text'])) {
 422 echo "Sorry the board is off line.\nIf you are a admin you can login by the admin cp."; }
 423 if(isset($Settings['offline_text'])) { echo $Settings['offline_text']; }
 424 //echo "\n".sql_errorno($SQLStat);
 425 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
 426 //Time Zone Set
 427 if(!isset($_SESSION['UserTimeZone'])) {
 428         if(isset($Settings['DefaultTimeZone'])) {
 429         $_SESSION['UserTimeZone'] = $Settings['DefaultTimeZone'];
 430         if(!isset($Settings['DefaultTimeZone'])) {
 431         $_SESSION['UserTimeZone'] = SeverOffSet().":00"; } } }
 432 $checktime = explode(":",$_SESSION['UserTimeZone']);
 433 if(count($checktime)!=2) {
 434         if(!isset($checktime[0])) { $checktime[0] = "0"; }
 435         if(!isset($checktime[1])) { $checktime[1] = "00"; }
 436         $_SESSION['UserTimeZone'] = $checktime[0].":".$checktime[1]; }
 437 if(!is_numeric($checktime[0])) { $checktime[0] = "0"; }
 438 if(!is_numeric($checktime[1])) { $checktime[1] = "00"; }
 439 if($checktime[1]<0) { $checktime[1] = "00"; $_SESSION['UserTimeZone'] = $checktime[0].":".$checktime[1]; }
 440 $checktimea = array("offset" => $_SESSION['UserTimeZone'], "hour" => $checktime[0], "minute" => $checktime[1]);
 441 if(!isset($_SESSION['UserDST'])) { $_SESSION['UserDST'] = null; }
 442 if($_SESSION['UserDST']==null) {
 443 if($Settings['DefaultDST']=="off") {
 444         $_SESSION['UserDST'] = "off"; }
 445 if($Settings['DefaultDST']=="on") {
 446         $_SESSION['UserDST'] = "on"; } }
 447 // Guest Stuff
 448 if(isset($_SESSION['MemberName'])||
 449    isset($_COOKIE['MemberName'])) {
 450         $_SESSION['GuestName'] = null;
 451         $_COOKIE['GuestName'] = null; }
 452 if(!isset($_SESSION['MemberName'])&&!isset($_COOKIE['MemberName'])) {
 453 if(!isset($_SESSION['GuestName'])&&isset($_COOKIE['GuestName'])) {
 454         $_SESSION['GuestName'] = $_COOKIE['GuestName']; } }
 455 if(!isset($_SESSION['LastPostTime'])) { $_SESSION['LastPostTime'] = "0"; }
 456 // Skin Stuff
 457 if(!isset($_SESSION['Theme'])) { $_SESSION['Theme'] = null; }
 458 if(!isset($_GET['theme'])) { $_GET['theme'] = null; }
 459 if(!isset($_POST['theme'])) { $_POST['theme'] = null; }
 460 if(!isset($_GET['skin'])) { $_GET['skin'] = null; }
 461 if(!isset($_POST['skin'])) { $_POST['skin'] = null; }
 462 if(!isset($_GET['style'])) { $_GET['style'] = null; }
 463 if(!isset($_POST['style'])) { $_POST['style'] = null; }
 464 if(!isset($_GET['css'])) { $_GET['css'] = null; }
 465 if(!isset($_POST['css'])) { $_POST['css'] = null; }
 466 if($_GET['theme']==null) {
 467         if($_POST['theme']!=null) {
 468                 $_GET['theme'] = $_POST['theme']; }
 469         if($_POST['skin']!=null) {
 470                 $_GET['theme'] = $_POST['skin']; }
 471         if($_POST['style']!=null) {
 472                 $_GET['theme'] = $_POST['style']; }
 473         if($_POST['css']!=null) {
 474                 $_GET['theme'] = $_POST['css']; }
 475         if($_GET['skin']!=null) {
 476                 $_GET['theme'] = $_GET['skin']; }
 477         if($_GET['style']!=null) {
 478                 $_GET['theme'] = $_GET['style']; }
 479         if($_GET['css']!=null) {
 480                 $_GET['theme'] = $_GET['css']; } }
 481 if($Settings['SQLThemes']=="off") {
 482 if($_GET['theme']!=null) {
 483 $_GET['theme'] = chack_themes($_GET['theme']);
 484 if($_GET['theme']=="../"||$_GET['theme']=="./") {
 485 $_GET['theme']="iDB"; $_SESSION['Theme']="iDB"; }
 486 if (file_exists($SettDir['themes'].$_GET['theme']."/settings.php")) {
 487 if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
 488 $NewDay=GMTimeStamp();
 489 $qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_GET['theme'],$NewDay,$_SESSION['UserID']));
 490 sql_query($qnewskin,$SQLStat); }
 491 /* The file Theme Exists */ }
 492 else { $_GET['theme'] = $Settings['DefaultTheme'];
 493 $_SESSION['Theme'] = $Settings['DefaultTheme'];
 494 /* The file Theme Dose Not Exists */ } }
 495 if($_GET['theme']==null) {
 496 if($_SESSION['Theme']!=null) {
 497 $OldTheme = $_SESSION['Theme'];
 498 $_SESSION['Theme'] = chack_themes($_SESSION['Theme']);
 499 if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
 500 if($OldTheme!=$_SESSION['Theme']) {
 501 $NewDay=GMTimeStamp();
 502 $qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_SESSION['Theme'],$NewDay,$_SESSION['UserID']));
 503 sql_query($qnewskin,$SQLStat); } }
 504 $_GET['theme']=$_SESSION['Theme']; }
 505 if($_SESSION['Theme']==null) {
 506 $_SESSION['Theme']=$Settings['DefaultTheme'];
 507 $_GET['theme']=$Settings['DefaultTheme']; } }
 508 $PreSkin['skindir1'] = $_SESSION['Theme'];
 509 $PreSkin['skindir2'] = $SettDir['themes'].$_SESSION['Theme'];
 510 require($SettDir['themes'].$_GET['theme']."/settings.php"); }
 511 if($Settings['SQLThemes']=="on") {
 512 if($_GET['theme']==null&&$_SESSION['Theme']==null) {
 513         $_GET['theme'] = $Settings['DefaultTheme'];
 514         $_SESSION['Theme'] = $Settings['DefaultTheme']; }
 515 if($_GET['theme']!=null) {
 516 $themequery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."themes\" WHERE \"Name\"='%s'", array($_GET['theme'])); }
 517 if($_GET['theme']==null) {
 518 if($_SESSION['Theme']!=null) {
 519 $themequery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."themes\" WHERE \"Name\"='%s'", array($_SESSION['Theme'])); } }
 520 $themeresult=sql_query($themequery,$SQLStat);
 521 $themenum=sql_num_rows($themeresult);
 522 if($themenum<=0) {
 523 $_GET['theme'] = $Settings['DefaultTheme'];
 524 $_SESSION['Theme'] = $Settings['DefaultTheme'];
 525 if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
 526 $NewDay=GMTimeStamp();
 527 $qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_SESSION['Theme'],$NewDay,$_SESSION['UserID']));
 528 sql_query($qnewskin,$SQLStat); }
 529 $themequery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."themes\" WHERE \"Name\"='%s'", array($_GET['theme']));
 530 $themeresult=sql_query($themequery,$SQLStat);
 531 $themenum=sql_num_rows($themeresult); }
 532 else {
 533 if($_GET['theme']==null) {
 534 if($_SESSION['Theme']!=null) {
 535 $_GET['theme'] = $_SESSION['Theme']; } }
 536 if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
 537 $NewDay=GMTimeStamp();
 538 $qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_GET['theme'],$NewDay,$_SESSION['UserID']));
 539 sql_query($qnewskin,$SQLStat); } }
 540 require($SettDir['inc'].'sqlthemes.php');
 541 sql_free_result($themeresult); }
 542 $_SESSION['Theme'] = $_GET['theme'];
 543 if(!isset($ThemeSet['TableStyle'])) {
 544         $ThemeSet['TableStyle'] = "table"; }
 545 if(isset($ThemeSet['TableStyle'])) {
 546 if($ThemeSet['TableStyle']!="div"&&
 547         $ThemeSet['TableStyle']!="table") {
 548         $ThemeSet['TableStyle'] = "table"; } }
 549 if(!isset($_SESSION['DBName'])) { $_SESSION['DBName'] = null; }
 550 if($_SESSION['DBName']==null) {
 551         $_SESSION['DBName'] = $Settings['sqldb']; }
 552 if($_SESSION['DBName']!=null) {
 553         if($_SESSION['DBName']!=$Settings['sqldb']) {
 554 redirect("location",$rbasedir.url_maker($exfile['member'],$Settings['file_ext'],"act=logout",$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'],false)); } }
 555 ?>