X-Git-Url: http://git.sourceforge.jp/view?a=blobdiff_plain;f=sql.php;h=3d53885625895a334b7eea4c743592a13f832d1e;hb=b540ad5683890751f76ca317a781ee7de8f9fd51;hp=a6a096a1377ec7aa447b156604b4e18868fe7384;hpb=a21ce5ec27a3d7b891e466fa13aa4f310fca3df6;p=idb%2FiDB.git.git
diff --git a/sql.php b/sql.php
index a6a096a..3d53885 100644
--- a/sql.php
+++ b/sql.php
@@ -8,27 +8,41 @@
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Revised BSD License for more details.
- Copyright 2004-2010 iDB Support - http://idb.berlios.de/
- Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/
+ Copyright 2004-2019 iDB Support - https://idb.osdn.jp/support/category.php?act=view&id=1
+ Copyright 2004-2019 Game Maker 2k - https://idb.osdn.jp/support/category.php?act=view&id=2
- $FileInfo: sql.php - Last Update: 06/07/2010 SVN 520 - Author: cooldude2k $
+ $FileInfo: sql.php - Last Update: 08/02/2019 SVN 905 - Author: cooldude2k $
*/
/* Some ini setting changes uncomment if you need them.
Display PHP Errors */
$disfunc = @ini_get("disable_functions");
+$disfunc = @trim($disfunc);
+$disfunc = @preg_replace("/([\\s+|\\t+|\\n+|\\r+|\\0+|\\x0B+])/i", "", $disfunc);
if($disfunc!="ini_set") { $disfunc = explode(",",$disfunc); }
if($disfunc=="ini_set") { $disfunc = array("ini_set"); }
if(!in_array("ini_set", $disfunc)) {
-// Uncomment next two lines to show errors
-/*@ini_set("display_errors", true);
-@ini_set("display_startup_errors", true); */ }
-@error_reporting(E_ALL ^ E_NOTICE);
+@ini_set("html_errors", false);
+@ini_set("track_errors", false);
+@ini_set("display_errors", false);
+@ini_set("report_memleaks", false);
+@ini_set("display_startup_errors", false);
+//@ini_set("error_log","logs/error.log");
+//@ini_set("log_errors","On");
+@ini_set("docref_ext", "");
+@ini_set("docref_root", "http://php.net/"); }
+if(!defined("E_DEPRECATED")) { define("E_DEPRECATED", 0); }
+@error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
/* Get rid of session id in urls */
if(!in_array("ini_set", $disfunc)) {
+@ini_set("default_mimetype","text/html");
+@ini_set("zlib.output_compression", false);
+@ini_set("zlib.output_compression_level", -1);
@ini_set("session.use_trans_sid", false);
@ini_set("session.use_cookies", true);
@ini_set("session.use_only_cookies", true);
-@ini_set("url_rewriter.tags",""); }
+@ini_set("url_rewriter.tags","");
+@ini_set('zend.ze1_compatibility_mode', 0);
+@ini_set("ignore_user_abort", 1); }
@set_time_limit(30); @ignore_user_abort(true);
/* Change session garbage collection settings */
if(!in_array("ini_set", $disfunc)) {
@@ -36,8 +50,8 @@ if(!in_array("ini_set", $disfunc)) {
@ini_set("session.gc_divisor", 100);
@ini_set("session.gc_maxlifetime", 1440);
/* Change session hash type here */
-@ini_set('session.hash_function', 1);
-@ini_set('session.hash_bits_per_character', 6); }
+@ini_set("session.hash_function", 1);
+@ini_set("session.hash_bits_per_character", 6); }
/* Do not change anything below this line unless you know what you are doing */
$File3Name = basename($_SERVER['SCRIPT_NAME']);
if ($File3Name=="sql.php"||$File3Name=="/sql.php") {
@@ -45,25 +59,84 @@ if ($File3Name=="sql.php"||$File3Name=="/sql.php") {
exit(); }
if(file_exists('settings.php')) {
require_once('settings.php');
+ if(file_exists('extrasettings.php')) {
+ require_once('extrasettings.php'); }
+ if(file_exists('extendsettings.php')) {
+ require_once('extendsettings.php'); }
if(!in_array("ini_set", $disfunc)&&$Settings['qstr']!="/"&&$Settings['qstr']!="&") {
ini_set("arg_separator.output",htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']));
ini_set("arg_separator.input",$Settings['qstr']); } }
if(!isset($Settings['idburl'])) { $Settings['idburl'] = null; }
+if(isset($Settings['BoardUUID'])) { $Settings['BoardUUID'] = base64_decode($Settings['BoardUUID']);
+header("Board-Unique-ID: ".$Settings['BoardUUID']); }
+function unparse_url($parsed_url) {
+ $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : '';
+ $host = isset($parsed_url['host']) ? $parsed_url['host'] : '';
+ $port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : '';
+ $user = isset($parsed_url['user']) ? $parsed_url['user'] : '';
+ $pass = isset($parsed_url['pass']) ? ':' . $parsed_url['pass'] : '';
+ $pass = ($user || $pass) ? "$pass@" : '';
+ $path = isset($parsed_url['path']) ? $parsed_url['path'] : '';
+ $query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : '';
+ $fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : '';
+ return $scheme.$user.$pass.$host.$port.$path.$query.$fragment;
+}
+$OrgBoardURL = $Settings['idburl'];
+$PreBestURL = parse_url($Settings['idburl']);
+$PreServURL = parse_url((isset($_SERVER['HTTPS']) ? "https" : "http") . "://".$_SERVER['HTTP_HOST'].substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1));
+if($PreBestURL['host']=="localhost.url"&&str_replace("/", "", $PreBestURL['path'])=="localpath") {
+ $PreBestURL['host'] = "localhost";
+ $PreBestURL['path'] = $PreServURL['path'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+if($PreBestURL['host']=="localhost.url"&&str_replace("/", "", $PreBestURL['path'])!="localpath") {
+ $PreBestURL['host'] = $PreServURL['host'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+if($PreBestURL['host']!="localhost.url"&&str_replace("/", "", $PreBestURL['path'])=="localpath") {
+ $PreBestURL['path'] = $PreServURL['path'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+$OrgWebSiteURL = $Settings['weburl'];
+$PreWestURL = parse_url($Settings['weburl']);
+if($PreWestURL['host']=="localhost.url"&&str_replace("/", "", $PreWestURL['path'])=="localpath") {
+ $PreWestURL['host'] = $PreServURL['host'];
+ $PreWestURL['path'] = $PreServURL['path'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
+if($PreWestURL['host']=="localhost.url"&&str_replace("/", "", $PreWestURL['path'])!="localpath") {
+ $PreWestURL['host'] = $PreServURL['host'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
+if($PreWestURL['host']!="localhost.url"&&str_replace("/", "", $PreWestURL['path'])=="localpath") {
+ $PreWestURL['path'] = $PreServURL['path'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
if(!isset($Settings['fixbasedir'])) { $Settings['fixbasedir'] = null; }
if(!isset($Settings['fixpathinfo'])) { $Settings['fixpathinfo'] = null; }
if(!isset($Settings['fixcookiedir'])) { $Settings['fixcookiedir'] = null; }
if(!isset($Settings['fixredirectdir'])) { $Settings['fixcookiedir'] = null; }
-$Settings['bid'] = base64_encode(urlencode($Settings['idburl']));
+if(!isset($Settings['idb_time_format'])) { $Settings['idb_time_format'] = "g:i A"; }
+if(!isset($Settings['idb_date_format'])) { $Settings['idb_date_format'] = "F j Y"; }
if(!isset($Settings['showverinfo'])) {
$Settings['showverinfo'] = "on"; }
+if(!isset($Settings['sqldb'])) {
+header("Content-Type: text/plain; charset=UTF-8");
+header('Location: install.php?act=Part1'); }
+if(!isset($Settings['fixpathinfo'])) {
+ $Settings['fixpathinfo'] = "off"; }
if($Settings['fixpathinfo']=="off") {
$Settings['fixpathinfo'] = null; }
+if(!isset($Settings['fixbasedir'])) {
+ $Settings['fixbasedir'] = "off"; }
if($Settings['fixbasedir']=="off") {
$Settings['fixbasedir'] = null; }
+if(!isset($Settings['fixcookiedir'])) {
+ $Settings['fixcookiedir'] = "off"; }
if($Settings['fixcookiedir']=="off") {
$Settings['fixcookiedir'] = null; }
+if(!isset($Settings['fixredirectdir'])) {
+ $Settings['fixredirectdir'] = "off"; }
if($Settings['fixredirectdir']=="off") {
$Settings['fixredirectdir'] = null; }
+$OldSettings['fixpathinfo'] = $Settings['fixpathinfo'];
+$OldSettings['fixbasedir'] = $Settings['fixbasedir'];
+$OldSettings['fixcookiedir'] = $Settings['fixcookiedir'];
+$OldSettings['fixredirectdir'] = $Settings['fixredirectdir'];
if($Settings['idburl']=="localhost") {
header("Content-Type: text/plain; charset=UTF-8");
echo "500 Error: URL is malformed. Try reinstalling iDB."; die(); }
@@ -93,27 +166,44 @@ if($Settings['charset']!="ISO-8859-15"&&$Settings['charset']!="ISO-8859-1"&&
$Settings['charset']!="Shift_JIS"&&$Settings['charset']!="EUC-JP") {
$Settings['charset'] = "ISO-8859-15"; } }
$chkcharset = $Settings['charset'];
-@ini_set('default_charset', $Settings['charset']);
+if(!in_array("ini_set", $disfunc)) {
+@ini_set('default_charset', $Settings['charset']); }
//session_save_path($SettDir['inc']."temp/");
if(!isset($Settings['sqldb'])) {
-if(file_exists("install.php")) { header('Location: install.php'); die(); }
+if(file_exists("install.php")) { header('Location: install.php?act=Part1'); die(); }
if(!file_exists("install.php")) { header("Content-Type: text/plain; charset=UTF-8");
echo "403 Error: Sorry could not find install.php\nTry uploading files again and if that dose not work try download iDB again."; die(); } }
-if(isset($Settings['sqldb'])&&
- function_exists("date_default_timezone_set")) {
- @date_default_timezone_set("UTC"); }
+if(isset($Settings['sqldb'])) {
+ $deftz = new DateTimeZone(date_default_timezone_get());
+ $defcurtime = new DateTime();
+ $defcurtime->setTimezone($deftz);
+ $utctz = new DateTimeZone("UTC");
+ $utccurtime = new DateTime();
+ $utccurtime->setTimestamp($defcurtime->getTimestamp());
+ $utccurtime->setTimezone($utctz);
+ $servtz = new DateTimeZone($Settings['DefaultTimeZone']);
+ $servcurtime = new DateTime();
+ $servcurtime->setTimestamp($defcurtime->getTimestamp());
+ $servcurtime->setTimezone($servtz);
+ $usercurtime = new DateTime();
+ $usercurtime->setTimestamp($defcurtime->getTimestamp()); }
if(!isset($Settings['sqlhost'])) { $Settings['sqlhost'] = "localhost"; }
if($Settings['fixpathinfo']=="on") {
$_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
putenv("PATH_INFO=".$_SERVER['ORIG_PATH_INFO']); }
// Check to see if variables are set
if(!isset($SettDir['inc'])) { $SettDir['inc'] = "inc/"; }
+if(!isset($SettDir['archive'])) { $SettDir['archive'] = "archive/"; }
if(!isset($SettDir['misc'])) { $SettDir['misc'] = "inc/misc/"; }
if(!isset($SettDir['sql'])) { $SettDir['sql'] = "inc/misc/sql/"; }
if(!isset($SettDir['admin'])) { $SettDir['admin'] = "inc/admin/"; }
if(!isset($SettDir['sqldumper'])) { $SettDir['sqldumper'] = "inc/admin/sqldumper/"; }
if(!isset($SettDir['mod'])) { $SettDir['mod'] = "inc/mod/"; }
+if(!isset($SettDir['mplayer'])) { $SettDir['mplayer'] = "inc/mplayer/"; }
if(!isset($SettDir['themes'])) { $SettDir['themes'] = "themes/"; }
+if(!isset($SettDir['maindir'])||!file_exists($SettDir['maindir'])||!is_dir($SettDir['maindir'])) {
+ $SettDir['maindir'] = addslashes(str_replace("\\","/",dirname(__FILE__)."/")); }
+if(isset($SettDir['maindir'])) { @chdir($SettDir['maindir']); }
if(!isset($Settings['use_iniset'])) { $Settings['use_iniset'] = null; }
if(!isset($Settings['clean_ob'])) { $Settings['clean_ob'] = "off"; }
if(!isset($_SERVER['PATH_INFO'])) { $_SERVER['PATH_INFO'] = null; }
@@ -140,10 +230,11 @@ if(!isset($Settings['use_hashtype'])) {
$Settings['use_hashtype'] = "sha1"; }
if(!function_exists('hash')||!function_exists('hash_algos')) {
if($Settings['use_hashtype']!="md5"&&
- $Settings['use_hashtype']!="sha1") {
+ $Settings['use_hashtype']!="sha1"&&
+ $Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; } }
-if(function_exists('hash')&&function_exists('hash_algos')) {
-if(!in_array($Settings['use_hashtype'],hash_algos())) {
+if((function_exists('hash')&&function_exists('hash_algos'))||function_exists('password_hash')) {
+if(!in_array($Settings['use_hashtype'],hash_algos())&&$Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; }
if($Settings['use_hashtype']!="md2"&&
$Settings['use_hashtype']!="md4"&&
@@ -151,84 +242,24 @@ if($Settings['use_hashtype']!="md2"&&
$Settings['use_hashtype']!="sha1"&&
$Settings['use_hashtype']!="sha224"&&
$Settings['use_hashtype']!="sha256"&&
- $Settings['use_hashtype']!="sha386"&&
+ $Settings['use_hashtype']!="sha384"&&
$Settings['use_hashtype']!="sha512"&&
+ $Settings['use_hashtype']!="sha3-224"&&
+ $Settings['use_hashtype']!="sha3-256"&&
+ $Settings['use_hashtype']!="sha3-384"&&
+ $Settings['use_hashtype']!="sha3-512"&&
$Settings['use_hashtype']!="ripemd128"&&
$Settings['use_hashtype']!="ripemd160"&&
$Settings['use_hashtype']!="ripemd256"&&
- $Settings['use_hashtype']!="ripemd320") {
+ $Settings['use_hashtype']!="ripemd320"&&
+ $Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; } }
// Check to see if variables are set
require_once($SettDir['misc'].'setcheck.php');
-$dayconv = array('second' => 1, 'minute' => 60, 'hour' => 3600, 'day' => 86400, 'week' => 604800, 'month' => 2630880, 'year' => 31570560, 'decade' => 315705600);
+$dayconv = array("year" => 29030400, "month" => 2419200, "week" => 604800, "day" => 86400, "hour" => 3600, "minute" => 60, "second" => 1);
require_once($SettDir['inc'].'function.php');
-$iDBVerName = "iDB|".$VER2[1]."|".$VER1[0].".".$VER1[1].".".$VER1[2]."|".$VER2[2]."|".$SubVerN;
-/*
-This way checks iDB version by sending the iDBVerName to the iDB Version Checker.
-$Settings['vercheck'] = 1;
-This way checks iDB version by sending the board url to the iDB Version Checker.
-$Settings['vercheck'] = 2;
-*/
-if(!isset($Settings['vercheck'])) {
- $Settings['vercheck'] = 2; }
-if($Settings['vercheck']!=1&&
- $Settings['vercheck']!=2) {
- $Settings['vercheck'] = 2; }
-if($Settings['vercheck']===2) {
-if($_GET['act']=="vercheckxsl") {
-if(stristr($_SERVER["HTTP_ACCEPT"],"application/xml") ) {
-header("Content-Type: application/xml; charset=".$Settings['charset']); }
-else { header("Content-Type: text/xml; charset=".$Settings['charset']); }
-xml_doc_start("1.0",$Settings['charset']);
-echo "\n"; ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-'."\n"; ?>
-
-
-
-
-
-
-
-]>
-
-
-
-
-
-
- ".$iDBVerName."\n"; ?>
- iDB Version Checker
-
-
-
-'%s' AND ip_address='%s'", array($id,$temp_user_ip)),$SQLStat);
-$time = GMTimeStamp();
-sql_query(sql_pre_query("INSERT INTO \"".$sqltable."sessions\" (\"session_id\", \"session_data\", \"user_agent\", \"ip_address\", \"expires\") VALUES\n".
-"('%s', '', '%s', '%s', %i)", array($id,$temp_user_agent,$temp_user_ip,$time)),$SQLStat);
+sql_query(sql_pre_query("DELETE FROM \"".$sqltable."sessions\" WHERE \"session_id\"<>'%s' AND \"ip_address\"='%s' AND \"user_agent\"='%s'", array($id,$temp_user_ip,$temp_user_agent)),$SQLStat);
+$utctz = new DateTimeZone("UTC");
+$utccurtime = new DateTime();
+$utccurtime->setTimezone($utctz);
+$time = $utccurtime->getTimestamp();
+sql_query(sql_pre_query("INSERT INTO \"".$sqltable."sessions\" (\"session_id\", \"session_data\", \"serialized_data\", \"user_agent\", \"ip_address\", \"expires\") VALUES\n".
+"('%s', '%s', '%s', '%s', '%s', %i)", array($id,$temp_session_data,$alt_temp_session_data,$temp_user_agent,$temp_user_ip,$time)),$SQLStat);
return '';
} else {
-$time = GMTimeStamp();
+$utctz = new DateTimeZone("UTC");
+$utccurtime = new DateTime();
+$utccurtime->setTimezone($utctz);
+$time = $utccurtime->getTimestamp();
$predata = sql_num_rows($result);
$data = "";
if($predata > 0) {
$row = sql_fetch_assoc($result);
$data = $row['session_data']; }
-sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,$time,$id)),$SQLStat);
+/*sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,$time,$id)),$SQLStat);*/
return $data; } }
//Session Write Function
function sql_session_write($id,$data) {
global $sqltable,$SQLStat,$SQLSType,$temp_user_ip,$temp_user_agent;
-$time = GMTimeStamp();
-$rs = sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"user_agent\"='%s',\"ip_address\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,$temp_user_agent,$temp_user_ip,$time,$id)),$SQLStat);
+$utctz = new DateTimeZone("UTC");
+$utccurtime = new DateTime();
+$utccurtime->setTimezone($utctz);
+$time = $utccurtime->getTimestamp();
+$rs = sql_query(sql_pre_query("UPDATE \"".$sqltable."sessions\" SET \"session_data\"='%s',\"serialized_data\"='%s',\"user_agent\"='%s',\"ip_address\"='%s',\"expires\"=%i WHERE \"session_id\"='%s'", array($data,serialize($_SESSION),$temp_user_agent,$temp_user_ip,$time,$id)),$SQLStat);
return true; }
//Session Destroy Function
function sql_session_destroy($id) {
@@ -349,10 +464,14 @@ return true; }
//Session Garbage Collection Function
function sql_session_gc($maxlifetime) {
global $sqltable,$SQLStat;
-$time = GMTimeStamp() - $maxlifetime;
+$utctz = new DateTimeZone("UTC");
+$utccurtime = new DateTime();
+$utccurtime->setTimezone($utctz);
+$time = $utccurtime->getTimestamp() - $maxlifetime;
//sql_query(sql_pre_query('DELETE FROM \"'.$sqltable.'sessions\" WHERE \"expires\" < UNIX_TIMESTAMP();', array(null)),$SQLStat);
sql_query(sql_pre_query("DELETE FROM \"".$sqltable."sessions\" WHERE \"expires\" < %i", array($time)),$SQLStat);
return true; }
+if (session_id()) { session_destroy(); }
session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
if($cookieDomain==null) {
session_set_cookie_params(0, $cbasedir); }
@@ -361,19 +480,168 @@ if($cookieSecure===true) {
session_set_cookie_params(0, $cbasedir, $cookieDomain, 1); }
if($cookieSecure===false) {
session_set_cookie_params(0, $cbasedir, $cookieDomain); } }
-session_cache_limiter("private, no-cache, must-revalidate");
-header("Cache-Control: private, no-cache, must-revalidate");
-header("Pragma: private, no-cache, must-revalidate");
+session_cache_limiter("private, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0");
+header("Cache-Control: private, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0");
+header("Pragma: private, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0");
+header("P3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"");
header("Date: ".gmdate("D, d M Y H:i:s")." GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Expires: ".gmdate("D, d M Y H:i:s")." GMT");
if(!isset($_COOKIE[$Settings['sqltable']."sess"])) {
-$exptime = GMTimeStamp() - ini_get("session.gc_maxlifetime");
-sql_query(sql_pre_query("DELETE FROM \"".$Settings['sqltable']."sessions\" WHERE \"expires\" < %i OR ip_address='%s'", array($exptime,$temp_user_ip)),$SQLStat); }
+$exptime = $utccurtime->getTimestamp() - ini_get("session.gc_maxlifetime");
+sql_query(sql_pre_query("DELETE FROM \"".$Settings['sqltable']."sessions\" WHERE \"expires\" < %i OR \"ip_address\"='%s' AND \"user_agent\"='%s'", array($exptime,$temp_user_ip,$temp_user_agent)),$SQLStat); }
+if(!isset($_SESSION['CheckCookie'])) {
+if(isset($_COOKIE['SessPass'])&&isset($_COOKIE['MemberName'])) {
+session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
session_name($Settings['sqltable']."sess");
-session_start();
-//header("Set-Cookie: PHPSESSID=" . session_id() . "; path=".$cbasedir);
+if (version_compare(phpversion(), '7.0', '<')) { session_start(); } else {
+session_start([
+ 'use_trans_sid' => false,
+ 'use_cookies' => true,
+ 'use_only_cookies' => true,
+ 'gc_probability' => 1,
+ 'gc_divisor' => 100,
+ 'gc_maxlifetime' => 1440,
+ 'hash_function' => 1,
+ 'hash_bits_per_character' => 6,
+ 'name' => $Settings['sqltable']."sess",
+]); }
+if(!isset($_SESSION['UserFormID'])) { $_SESSION['UserFormID'] = null; }
+$iDBSessCloseDB = false;
+$_SESSION['ShowActHidden'] = "no";
output_reset_rewrite_vars();
+require($SettDir['inc'].'prelogin.php');
+session_write_close(); } }
+session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
+session_name($Settings['sqltable']."sess");
+if (version_compare(phpversion(), '7.0', '<')) { session_start(); } else {
+session_start([
+ 'use_trans_sid' => false,
+ 'use_cookies' => true,
+ 'use_only_cookies' => true,
+ 'gc_probability' => 1,
+ 'gc_divisor' => 100,
+ 'gc_maxlifetime' => 1440,
+ 'hash_function' => 1,
+ 'hash_bits_per_character' => 6,
+ 'name' => $Settings['sqltable']."sess",
+]); }
+if(!isset($_SESSION['UserFormID'])) { $_SESSION['UserFormID'] = null; }
+$iDBSessCloseDB = true;
+output_reset_rewrite_vars();
+//@register_shutdown_function("session_write_close");
+//header("Set-Cookie: PHPSESSID=" . session_id() . "; path=".$cbasedir);
+if(!in_array("ini_set", $disfunc)) {
+// Set user agent if we can use ini_set and have to do any http requests. :P
+$iverstring = "FR 0.0.0 ".$VER2[2]." 0";
+if($Settings['hideverinfohttp']=="off") {
+ $iverstring = $VER2[1]." ".$VER1[0].".".$VER1[1].".".$VER1[2]." ".$VER2[2]." ".$SubVerN; }
+if($Settings['hideverinfohttp']=="on") {
+ $iverstring = "FR 0.0.0 ".$VER2[2]." 0"; }
+$qstrtest = htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']);
+$qseptest = htmlentities($Settings['qsep'], ENT_QUOTES, $Settings['charset']);
+$isiteurl = $Settings['idburl'].url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']);
+@ini_set("user_agent", "Mozilla/5.0 (compatible; ".$UserAgentName."/".$iverstring."; +".$isiteurl.")");
+if (function_exists("stream_context_create")) {
+$iopts = array(
+ 'http' => array(
+ 'method' => "GET",
+ 'header' => "Accept-Language: *\r\n".
+ "User-Agent: Mozilla/5.0 (compatible; ".$UserAgentName."/".$iverstring."; +".$isiteurl.")\r\n".
+ "Accept: */*\r\n".
+ "Connection: keep-alive\r\n".
+ "Referer: ".$isiteurl."\r\n".
+ "From: ".$isiteurl."\r\n".
+ "Via: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "Forwarded: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "X-Real-IP: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "X-Forwarded-For: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "X-Forwarded-Host: ".$URLsTest['host']."\r\n".
+ "X-Forwarded-Proto: ".$URLsTest['scheme']."\r\n".
+ "Board-Unique-ID: ".$Settings['BoardUUID']."\r\n".
+ "Client-IP: ".$_SERVER['REMOTE_ADDR']."\r\n"
+ )
+);
+$icontext = stream_context_create($iopts);
+function file_get_contents_alt($filename,$use_include_path=null,$offset=-1,$maxlen=null) {
+global $icontext;
+if($maxlen!==null) {
+return file_get_contents($filename,$use_include_path,$icontext,$offset,$maxlen); }
+if($maxlen===null) {
+return file_get_contents($filename,$use_include_path,$icontext,$offset); } } } }
+$iDBVerName = $VerCheckName."|".$VER2[1]."|".$VER1[0].".".$VER1[1].".".$VER1[2]."|".$VER2[2]."|".$SubVerN;
+/*
+This way checks iDB version by sending the iDBVerName to the iDB Version Checker.
+$Settings['vercheck'] = 1;
+This way checks iDB version by sending the board url to the iDB Version Checker.
+$Settings['vercheck'] = 2;
+*/
+if(!isset($Settings['vercheck'])) {
+ $Settings['vercheck'] = 2; }
+if($Settings['vercheck']!=1&&
+ $Settings['vercheck']!=2) {
+ $Settings['vercheck'] = 2; }
+if($Settings['vercheck']===2) {
+if($_GET['act']=="vercheckxsl") {
+if(stristr($_SERVER["HTTP_ACCEPT"],"application/xml") ) {
+header("Content-Type: application/xml; charset=".$Settings['charset']); }
+else { header("Content-Type: text/xml; charset=".$Settings['charset']); }
+xml_doc_start("1.0",$Settings['charset']);
+echo "\n"; ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+'."\n"; ?>
+
+
+
+
+
+
+
+]>
+
+
+
+
+
+
+ ".$iDBVerName."\n"; ?>
+ Version Checker
+
+
+
+SetOwnerText("Fake Code: ".$RandNum);
$oPhpCaptcha->UseColour(true);
$oPhpCaptcha->Create(); session_write_close(); die(); } }
-if(!isset($_SESSION['CheckCookie'])) {
-if(isset($_COOKIE['SessPass'])&&isset($_COOKIE['MemberName'])) {
-require($SettDir['inc'].'prelogin.php'); } }
require($SettDir['inc'].'groupsetup.php');
if($Settings['board_offline']=="on"&&$GroupInfo['CanViewOffLine']!="yes") {
header("Content-Type: text/plain; charset=".$Settings['charset']); sql_free_result($peresult);
ob_clean(); if(!isset($Settings['offline_text'])) {
echo "Sorry the board is off line.\nIf you are a admin you can login by the admin cp."; }
-if(isset($Settings['offline_text'])) { echo $Settings['offline_text']; }
+if(isset($Settings['offline_text'])) { echo $Settings['offline_text']; } $urlstatus = 503;
//echo "\n".sql_errorno($SQLStat);
gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
+//Time Format Set
+if(!isset($_SESSION['iDBDateFormat'])) {
+ if(isset($Settings['idb_date_format'])) {
+ $_SESSION['iDBDateFormat'] = $Settings['idb_date_format'];
+ if(!isset($Settings['idb_date_format'])) {
+ $_SESSION['iDBDateFormat'] = "g:i A"; } } }
+if(!isset($_SESSION['iDBTimeFormat'])) {
+ if(isset($Settings['idb_time_format'])) {
+ $_SESSION['iDBTimeFormat'] = $Settings['idb_time_format'];
+ if(!isset($Settings['idb_time_format'])) {
+ $_SESSION['iDBTimeFormat'] = "F j Y"; } } }
//Time Zone Set
if(!isset($_SESSION['UserTimeZone'])) {
if(isset($Settings['DefaultTimeZone'])) {
$_SESSION['UserTimeZone'] = $Settings['DefaultTimeZone'];
if(!isset($Settings['DefaultTimeZone'])) {
- $_SESSION['UserTimeZone'] = SeverOffSet().":00"; } } }
-$checktime = explode(":",$_SESSION['UserTimeZone']);
-if(count($checktime)!=2) {
- if(!isset($checktime[0])) { $checktime[0] = "0"; }
- if(!isset($checktime[1])) { $checktime[1] = "00"; }
- $_SESSION['UserTimeZone'] = $checktime[0].":".$checktime[1]; }
-if(!is_numeric($checktime[0])) { $checktime[0] = "0"; }
-if(!is_numeric($checktime[1])) { $checktime[1] = "00"; }
-if($checktime[1]<0) { $checktime[1] = "00"; $_SESSION['UserTimeZone'] = $checktime[0].":".$checktime[1]; }
-$checktimea = array("offset" => $_SESSION['UserTimeZone'], "hour" => $checktime[0], "minute" => $checktime[1]);
-if(!isset($_SESSION['UserDST'])) { $_SESSION['UserDST'] = null; }
-if($_SESSION['UserDST']==null) {
-if($Settings['DefaultDST']=="off") {
- $_SESSION['UserDST'] = "off"; }
-if($Settings['DefaultDST']=="on") {
- $_SESSION['UserDST'] = "on"; } }
+ $_SESSION['UserTimeZone'] = date_default_timezone_get(); } } }
+$usertz = new DateTimeZone($_SESSION['UserTimeZone']);
+$usercurtime->setTimestamp($defcurtime->getTimestamp());
+$usercurtime->setTimezone($usertz);
// Guest Stuff
if(isset($_SESSION['MemberName'])||
isset($_COOKIE['MemberName'])) {
@@ -475,10 +740,10 @@ if($Settings['SQLThemes']=="off") {
if($_GET['theme']!=null) {
$_GET['theme'] = chack_themes($_GET['theme']);
if($_GET['theme']=="../"||$_GET['theme']=="./") {
-$_GET['theme']="iDB"; $_SESSION['Theme']="iDB"; }
+$_GET['theme']=$Settings['DefaultTheme']; $_SESSION['Theme']=$Settings['DefaultTheme']; }
if (file_exists($SettDir['themes'].$_GET['theme']."/settings.php")) {
if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
-$NewDay=GMTimeStamp();
+$NewDay=$utccurtime->getTimestamp();
$qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_GET['theme'],$NewDay,$_SESSION['UserID']));
sql_query($qnewskin,$SQLStat); }
/* The file Theme Exists */ }
@@ -491,7 +756,7 @@ $OldTheme = $_SESSION['Theme'];
$_SESSION['Theme'] = chack_themes($_SESSION['Theme']);
if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
if($OldTheme!=$_SESSION['Theme']) {
-$NewDay=GMTimeStamp();
+$NewDay=$utccurtime->getTimestamp();
$qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_SESSION['Theme'],$NewDay,$_SESSION['UserID']));
sql_query($qnewskin,$SQLStat); } }
$_GET['theme']=$_SESSION['Theme']; }
@@ -516,7 +781,7 @@ if($themenum<=0) {
$_GET['theme'] = $Settings['DefaultTheme'];
$_SESSION['Theme'] = $Settings['DefaultTheme'];
if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
-$NewDay=GMTimeStamp();
+$NewDay=$utccurtime->getTimestamp();
$qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_SESSION['Theme'],$NewDay,$_SESSION['UserID']));
sql_query($qnewskin,$SQLStat); }
$themequery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."themes\" WHERE \"Name\"='%s'", array($_GET['theme']));
@@ -527,12 +792,26 @@ if($_GET['theme']==null) {
if($_SESSION['Theme']!=null) {
$_GET['theme'] = $_SESSION['Theme']; } }
if($_SESSION['UserGroup']!=$Settings['GuestGroup']) {
-$NewDay=GMTimeStamp();
+$NewDay=$utccurtime->getTimestamp();
$qnewskin = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"UseTheme\"='%s',\"LastActive\"='%s' WHERE \"id\"=%i", array($_GET['theme'],$NewDay,$_SESSION['UserID']));
sql_query($qnewskin,$SQLStat); } }
require($SettDir['inc'].'sqlthemes.php');
sql_free_result($themeresult); }
$_SESSION['Theme'] = $_GET['theme'];
+function get_theme_values($matches) {
+ global $ThemeSet;
+ $return_text = null;
+ if(isset($ThemeSet[$matches[1]])) { $return_text = $ThemeSet[$matches[1]]; }
+ if(!isset($ThemeSet[$matches[1]])) { $return_text = null; }
+ return $return_text; }
+foreach($ThemeSet AS $key => $value) {
+ $ThemeSet[$key] = preg_replace("/%%/s", "{percent}p", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace_callback("/%\{([^\}]*)\}T/s", "get_theme_values", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace_callback("/%\{([^\}]*)\}e/s", "get_env_values", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace_callback("/%\{([^\}]*)\}i/s", "get_server_values", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace_callback("/%\{([^\}]*)\}s/s", "get_setting_values", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace_callback("/%\{([^\}]*)\}t/s", "get_time", $ThemeSet[$key]);
+ $ThemeSet[$key] = preg_replace("/\{percent\}p/s", "%", $ThemeSet[$key]); }
if(!isset($ThemeSet['TableStyle'])) {
$ThemeSet['TableStyle'] = "table"; }
if(isset($ThemeSet['TableStyle'])) {