1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
|
<?php
// ************************************************************************************//
// * WoltLab Burning Board 2
// ************************************************************************************//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ************************************************************************************//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ************************************************************************************//
// * $Date: 2007-03-15 14:58:46 +0100 (Do, 15 Mrz 2007) $
// * $Author: Burntime $
// * $Rev: 1728 $
// ************************************************************************************//
@error_reporting(7);
$phpversion = phpversion();
/** get function libary **/
require('./acp/lib/functions.php');
if (version_compare($phpversion, '4.1.0') == -1) {
$_REQUEST = array_merge($HTTP_COOKIE_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS);
$_COOKIE =& $HTTP_COOKIE_VARS;
$_SERVER =& $HTTP_SERVER_VARS;
$_FILES =& $HTTP_POST_FILES;
$_GET =& $HTTP_GET_VARS;
$_POST =& $HTTP_POST_VARS;
}
// remove slashes in get post cookie data...
if (get_magic_quotes_gpc()) {
if (count($_REQUEST)) $_REQUEST = stripslashes_array($_REQUEST);
if (count($_POST)) $_POST = stripslashes_array($_POST);
if (count($_GET)) $_GET = stripslashes_array($_GET);
if (count($_COOKIE)) $_COOKIE = stripslashes_array($_COOKIE);
if (count($_SERVER)) $_SERVER = stripslashes_array($_SERVER);
}
@set_magic_quotes_runtime(0);
@ini_set('magic_quotes_sybase', '0');
/** connect db **/
require('./acp/lib/config.inc.php');
require('./acp/lib/class_db_mysql.php');
$db = &new db($sqlhost, $sqluser, $sqlpassword, $sqldb, $phpversion);
/** get configuration **/
require('./acp/lib/options.inc.php');
/** load smtp_socket function **/
require('./acp/lib/class_smtp.php');
/** request ids **/
if (isset($_REQUEST['postid'])) $postid = $_REQUEST['postid'];
if (isset($_REQUEST['threadid'])) $threadid = $_REQUEST['threadid'];
if (isset($_REQUEST['pollid'])) $pollid = $_REQUEST['pollid'];
if (isset($_REQUEST['attachmentid'])) $attachmentid = $_REQUEST['attachmentid'];
if (isset($_REQUEST['boardid'])) $boardid = $_REQUEST['boardid'];
/** verify ids **/
if (isset($postid)) {
$postid = intval($postid);
$post = $db->query_first("SELECT * FROM bb".$n."_posts WHERE postid = '$postid'");
if (!$post['postid']) unset($postid);
else $threadid = $post['threadid'];
}
/** start session **/
require('./acp/lib/session.php');
/** verify ids **/
if (isset($threadid)) {
$threadid = intval($threadid);
$select = '';
$join = '';
if ($filename == "thread.php") {
$select .= ", v.id AS isvoted";
$join .= " LEFT JOIN bb".$n."_votes v ON (v.id=t.threadid AND v.votemode=2 AND ".(($wbbuserdata['userid']) ? ("v.userid='".$wbbuserdata['userid']."'") : ("v.ipaddress='".addslashes($REMOTE_ADDR)."'")).")";
if ($wbbuserdata['userid']) {
$select .= ", tv.lastvisit, s.emailnotify, s.countemails";
$join .= " LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')
LEFT JOIN bb".$n."_subscribethreads s ON (s.userid='".$wbbuserdata['userid']."' AND s.threadid=t.threadid)";
}
}
$thread = $db->query_first("SELECT t.*".$select." FROM bb".$n."_threads t".$join." WHERE t.threadid = '$threadid'");
$select = '';
$join = '';
if (!$thread['threadid']) unset($threadid);
else $boardid = $thread['boardid'];
}
if (isset($pollid)) {
$pollid = intval($pollid);
$poll = $db->query_first("SELECT bb".$n."_threads.*, bb".$n."_polls.* FROM bb".$n."_polls LEFT JOIN bb".$n."_threads USING (threadid) WHERE bb".$n."_polls.pollid = '$pollid'");
if (!$poll['pollid']) unset($pollid);
else {
if ($poll['boardid']) {
$boardid = $poll['boardid'];
unset($threadid);
unset($thread);
}
}
}
if (isset($attachmentid)) {
$attachmentid = intval($attachmentid);
$attachment = $db->query_first("SELECT at.*, ".
"t.boardid, p.threadid, p.visible, p.userid, ".
"pm.privatemessageid, pm.inoutbox, pm.senderid, pmr.recipientid, pmr.deletepm ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p ON (p.postid=at.postid) ".
"LEFT JOIN bb".$n."_threads t ON (t.threadid=p.threadid) ".
"LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ".
"LEFT JOIN bb".$n."_privatemessagereceipts pmr ON (pmr.privatemessageid=pm.privatemessageid AND pmr.recipientid='$wbbuserdata[userid]') ".
"WHERE at.attachmentid = '$attachmentid'");
if (!$attachment['attachmentid']) {
unset($attachmentid);
unset($attachment);
}
if ($attachment['postid'] && !$attachment['privatemessageid']) { // post attachment
if ($attachment['boardid']) {
$boardid = $attachment['boardid'];
$threadid = $attachment['threadid'];
unset($thread);
}
}
elseif (!$attachment['postid'] && $attachment['privatemessageid']) { // private message attachment
unset($boardid);
unset($threadid);
unset($thread);
}
}
if (isset($boardid)) {
$boardid = intval($boardid);
$board = getBoardAccessData($boardid);
if (!$board['boardid']) unset($boardid);
}
/** update session **/
$db->unbuffered_query("UPDATE bb".$n."_sessions SET lastactivity = '".$session['lastactivity']."', request_uri = '".addslashes($REQUEST_URI)."', boardid='" . ((isset($boardid)) ? ($boardid) : (0)) . "', threadid='".((isset($threadid)) ? ($threadid) : (0))."'" . ((isset($styleid)) ? (", styleid = '$styleid'") : ("")).((isset($langid)) ? (", langid='$langid'") : ("")).((isset($authentificationcode)) ? (", authentificationcode='".addslashes($authentificationcode)."'") : (""))." WHERE sessionhash = '$sid'", 1);
/** get style **/
$style = array();
if (isset($board) && ($board['enforcestyle'] == 1 || ($board['styleid'] != 0 && $wbbuserdata['styleid'] == 0))) {
$style = $db->query_first("SELECT s.styleid, s.templatepackid, s.designpackid, tp.templatestructure FROM bb".$n."_styles s LEFT JOIN bb".$n."_templatepacks tp ON(tp.templatepackid=s.templatepackid) WHERE s.styleid = '".$board['styleid']."'");
$wbbuserdata['designpackid'] = $style['designpackid'];
$wbbuserdata['templatepackid'] = $style['templatepackid'];
$wbbuserdata['styleid'] = $style['styleid'];
$wbbuserdata['templatestructure'] = $style['templatestructure'];
}
$result = $db->unbuffered_query("SELECT * FROM bb".$n."_designelements WHERE designpackid = '$wbbuserdata[designpackid]'");
while ($row = $db->fetch_array($result)) $style[$row['element']] = $row['value'];
/** template class **/
require('./acp/lib/class_headers.php');
require('./acp/lib/class_tpl_file.php');
$tpl = &new tpl(intval($wbbuserdata['templatepackid']));
/** language packs **/
require('./acp/lib/class_language.php');
$lang = &new language($wbbuserdata['languagepackid']);
$lang->load('GLOBAL,OWN'); // global, own langcat
define('ENCODING', $lang->get('LANG_GLOBAL_ENCODING'));
$supportedCharsets = array('UCS-4', 'UCS-4BE', 'UCS-4LE', 'UCS-2', 'UCS-2BE', 'UCS-2LE', 'UTF-32', 'UTF-32BE', 'UTF-32LE', 'UCS-2LE',
'UTF-16', 'UTF-16BE', 'UTF-16LE', 'UTF-8', 'UTF-7', 'ASCII', 'EUC-JP', 'SJIS', 'EUCJP-WIN', 'SJIS-WIN', 'ISO-2022-JP', 'JIS', 'ISO-8859-1',
'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', 'ISO-8859-9', 'ISO-8859-10',
'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'BYTE2BE', 'BYTE2LE', 'BYTE4BE', 'BYTE4LE', 'BASE64', '7bit', '8bit', 'UTF7-IMAP');
if (in_array(wbb_strtoupper(ENCODING), $supportedCharsets) && extension_loaded('mbstring') && version_compare($phpversion, '4.3.0') >= 0) {
define('USE_MBSTRING', true);
}
else {
define('USE_MBSTRING', false);
}
/** imagefolder prefix **/
$style['imagefolder'] = $lang->get("LANG_GLOBAL_IMAGEFOLDER_PREFIX").$style['imagefolder'];
/** OWN langvars **/
$o_master_board_name = $master_board_name;
$master_board_name = getlangvar($master_board_name, $lang);
/** templates & style **/
$phpinclude = wbb_trim($tpl->get("phpinclude"));
if ($phpinclude != '') {
$phpinclude = str_replace('\\"', '"', $phpinclude);
$phpinclude = str_replace('\\\\', '\\', $phpinclude);
eval($phpinclude);
}
$index_stats = '';
/* ############## STATS ############## */
if ($showstats == 1) {
$stats = $db->query_first("SELECT s.*, u.username FROM bb".$n."_stats s LEFT JOIN bb".$n."_users u ON(u.userid=s.lastuserid)");
$stats['username'] = htmlconverter($stats['username']);
$installdays = (time() - $installdate) / 86400;
if ($installdays < 1) $postperday = $stats['postcount'];
else $postperday = $stats['postcount'] / $installdays;
$postperday = number_format($postperday, 2, $lang->get("LANG_GLOBAL_DEC_POINT"), $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($stats['usercount'] >= 1000) $stats['usercount'] = number_format($stats['usercount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($stats['threadcount'] >= 1000) $stats['threadcount'] = number_format($stats['threadcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($stats['postcount'] >= 1000) $stats['postcount'] = number_format($stats['postcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
}
/** default templates **/
$header_pms = '';
$header_acp = '';
$lang->load('START');
eval("\$css = \"".$tpl->get("css")."\";");
eval("\$headinclude = \"".$tpl->get("headinclude")."\";");
$lang->items['LANG_GLOBAL_COPYRIGHT'] = $lang->get("LANG_GLOBAL_COPYRIGHT", array('$boardversion' => $boardversion));
eval("\$footer = \"".$tpl->get("footer")."\";");
if ($wbbuserdata['userid']) $usercbar_username = htmlconverter($wbbuserdata['username']);
else $usercbar_username = '';
eval("\$usercbar = \"".$tpl->get("usercbar")."\";");
eval("\$header = \"".$tpl->get("header")."\";");
if ($wbbuserdata['can_view_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "register.php" && $filename != "forgotpw.php") access_error();
verify_ip($REMOTE_ADDR);
if ($offline == 1 && $wbbuserdata['can_view_off_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "forgotpw.php" && $filename != "register.php") {
$offlinemessage = nl2br(htmlconverter($offlinemessage));
eval("\$tpl->output(\"".$tpl->get("offline")."\");");
exit();
}
if ($wbbuserdata['pmpopup'] == 2) {
if ($filename != "pms.php" && (!isset($_POST) || count($_POST) == 0) && $filename != "attachment.php" && $filename != "attachmentedit.php" && $filename != "logout.php" && $filename != "markread.php" && $filename != "misc.php" && $filename != "modcp.php" && $filename != "polledit.php" && $filename != "register.php" && $filename != "search.php" && ($filename != "thread.php" || !isset($_REQUEST['goto'])) && $filename != "threadrating.php" && $filename != "usercp.php") {
eval("\$headinclude .= \"".$tpl->get("pmpopup_open")."\";");
}
}
if (isset($boardid)) {
/** OWN langvars **/
$board['o_title'] = $board['title'];
$board['title'] = getlangvar($board['title'], $lang);
if (!checkpermissions("can_enter_board")) access_error();
if ($board['password'] && ($filename != "usercp.php" || $_REQUEST['action'] != 'removesubscription')) {
$lang->load('BOARD');
if (isset($_COOKIE[$cookieprefix.'boardpasswords'])) $boardpasswords = decode_cookie($_COOKIE[$cookieprefix.'boardpasswords']);
else $boardpasswords = array();
if (isset($_POST['boardpassword'])) {
if ($_POST['boardpassword'] == $board['password']) {
$boardpasswords[$boardid] = md5($board['password']);
if ($wbbuserdata['usecookies'] == 1) encode_cookie('boardpasswords', time() + 3600 * 24 * 365, false);
else encode_cookie('boardpasswords', 0, false);
redirect($lang->items['LANG_BOARD_PASSWORD_REDIRECT'], "board.php?boardid=$boardid".$SID_ARG_2ND);
}
else {
eval("error(\"".$lang->get("LANG_BOARD_ERROR_FALSEPASSWORD")."\");");
}
}
elseif (!isset($boardpasswords[$boardid]) || $boardpasswords[$boardid] != md5($board['password'])) {
eval("\$tpl->output(\"".$tpl->get("board_password")."\");");
exit();
}
}
}
if (isset($threadid) && isset($thread['visible']) && $thread['visible'] == 0 && !checkmodpermissions()) {
error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail)));
}
if (isset($postid) && isset($post['visible']) && $post['visible'] == 0 && !checkmodpermissions()) {
error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail)));
}
if (isset($_POST['change_editor']) && $_POST['change_editor']) {
$wbbuserdata['usewysiwyg'] = intval($_POST['change_editor']);
}
else if (isset($_POST['usewysiwyg']) && $_POST['usewysiwyg']) {
$wbbuserdata['usewysiwyg'] = intval($_POST['usewysiwyg']);
}
?> |
, aber es funktioniert immer noch nicht. Anleitung wurde befolgt.