summary refs log tree commit diff stats
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rwxr-xr-xincludes/comments.php8
-rwxr-xr-xincludes/footer.php41
-rwxr-xr-xincludes/functions.php29
-rwxr-xr-xincludes/header.php5
-rwxr-xr-xincludes/session.php70
5 files changed, 91 insertions, 62 deletions
diff --git a/includes/comments.php b/includes/comments.php index 15e9fc8..d405279 100755 --- a/includes/comments.php +++ b/includes/comments.php
@@ -30,7 +30,7 @@ $curID = 0;
30 30
31$template = new FITemplate('comments'); 31$template = new FITemplate('comments');
32$template->add('PAGEID',$page_id); 32$template->add('PAGEID',$page_id);
33$template->add('USERNAME',(isLoggedIn() ? sess_get('uname') : 'Anonymous')); 33$template->add('USERNAME',(isLoggedIn() ? getSessionUsername() : 'Anonymous'));
34 34
35if (!isLoggedIn()) 35if (!isLoggedIn())
36{ 36{
@@ -43,7 +43,7 @@ $getcomments2 = mysql_query($getcomments) or die($getcomments);
43$i=0; 43$i=0;
44while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) 44while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
45{ 45{
46 $getuser = "SELECT * FROM users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; 46 $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\"";
47 $getuser2 = mysql_query($getuser); 47 $getuser2 = mysql_query($getuser);
48 $getuser3 = mysql_fetch_array($getuser2); 48 $getuser3 = mysql_fetch_array($getuser2);
49 49
@@ -51,7 +51,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
51 { 51 {
52 $username = $getuser3['username']; 52 $username = $getuser3['username'];
53 $email = $getuser3['user_email']; 53 $email = $getuser3['user_email'];
54 $website = $getuser3['website']; 54 $website = $getuser3['user_website'];
55 } else { 55 } else {
56 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; 56 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\"";
57 $getanon2 = mysql_query($getanon); 57 $getanon2 = mysql_query($getanon);
@@ -68,7 +68,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
68 if (isset($username)) 68 if (isset($username))
69 { 69 {
70 $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)), 70 $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)),
71 'USERNAME' => (($website != '') ? '<A HREF="http://' . $website . '">' . $username . '</A>' : $username), 71 'USERNAME' => (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username),
72 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])), 72 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])),
73 'ID' => $getcomments3[$i]['id'], 73 'ID' => $getcomments3[$i]['id'],
74 'TEXT' => parseText($getcomments3[$i]['comment']))); 74 'TEXT' => parseText($getcomments3[$i]['comment'])));
diff --git a/includes/footer.php b/includes/footer.php index dadb6f5..0a93ae9 100755 --- a/includes/footer.php +++ b/includes/footer.php
@@ -93,14 +93,14 @@ if (!isset($noRightbar))
93 $i=0; 93 $i=0;
94 while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) 94 while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
95 { 95 {
96 $getuser = "SELECT * FROM users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; 96 $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\"";
97 $getuser2 = mysql_query($getuser); 97 $getuser2 = mysql_query($getuser);
98 $getuser3 = mysql_fetch_array($getuser2); 98 $getuser3 = mysql_fetch_array($getuser2);
99 99
100 if ($getuser3['username'] == $getcomments3[$i]['username']) 100 if ($getuser3['username'] == $getcomments3[$i]['username'])
101 { 101 {
102 $username = $getuser3['username']; 102 $username = $getuser3['username'];
103 $website = $getuser3['website']; 103 $website = $getuser3['user_website'];
104 } else { 104 } else {
105 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; 105 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\"";
106 $getanon2 = mysql_query($getanon); 106 $getanon2 = mysql_query($getanon);
@@ -125,7 +125,7 @@ if (!isset($noRightbar))
125 'CODED' => $getpost3['slug'], 125 'CODED' => $getpost3['slug'],
126 'ENDING' => '/', 126 'ENDING' => '/',
127 'TITLE' => stripslashes($getpost3['title']), 127 'TITLE' => stripslashes($getpost3['title']),
128 'AUTHOR' => (($website != '') ? '<A HREF="http://' . $website . '">' . $username . '</A>' : $username))); 128 'AUTHOR' => (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username)));
129 $i++; 129 $i++;
130 } else if (strpos($getcomments3[$i]['page_id'], 'quote') !== FALSE) 130 } else if (strpos($getcomments3[$i]['page_id'], 'quote') !== FALSE)
131 { 131 {
@@ -136,11 +136,12 @@ if (!isset($noRightbar))
136 'CODED' => $num, 136 'CODED' => $num,
137 'ENDING' => '.php', 137 'ENDING' => '.php',
138 'TITLE' => 'Quote #' . $num, 138 'TITLE' => 'Quote #' . $num,
139 'AUTHOR' => (($website != '') ? '<A HREF="http://' . $website . '">' . $username . '</A>' : $username))); 139 'AUTHOR' => (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username)));
140 $i++; 140 $i++;
141 } 141 }
142 } 142 }
143 143
144 $users = array();
144 $getusers = "SELECT DISTINCT username FROM comments"; 145 $getusers = "SELECT DISTINCT username FROM comments";
145 $getusers2 = mysql_query($getusers); 146 $getusers2 = mysql_query($getusers);
146 $i=0; 147 $i=0;
@@ -150,14 +151,14 @@ if (!isset($noRightbar))
150 $getcount2 = mysql_query($getcount); 151 $getcount2 = mysql_query($getcount);
151 $getcount3 = mysql_fetch_array($getcount2); 152 $getcount3 = mysql_fetch_array($getcount2);
152 153
153 $getuser = "SELECT * FROM users WHERE username = \"" . $getusers3[$i]['username'] . "\""; 154 $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\"";
154 $getuser2 = mysql_query($getuser); 155 $getuser2 = mysql_query($getuser);
155 $getuser3 = mysql_fetch_array($getuser2); 156 $getuser3 = mysql_fetch_array($getuser2);
156 157
157 if ($getuser3['username'] == $getusers3[$i]['username']) 158 if ($getuser3['username'] == $getusers3[$i]['username'])
158 { 159 {
159 $username = $getuser3['username']; 160 $username = $getuser3['username'];
160 $website = $getuser3['website']; 161 $website = $getuser3['user_website'];
161 } else { 162 } else {
162 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getusers3[$i]['username'] . "\""; 163 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getusers3[$i]['username'] . "\"";
163 $getanon2 = mysql_query($getanon); 164 $getanon2 = mysql_query($getanon);
@@ -170,23 +171,39 @@ if (!isset($noRightbar))
170 } 171 }
171 } 172 }
172 173
173 $name = (($website != '') ? '<A HREF="http://' . $website . '">' . $username . '</A>' : $username); 174 $name = (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username);
174 $users[$name] = $getcount3[0]; 175 $users[] = array('name' => $name, 'count' => $getcount3['COUNT(*)']);
175 176
176 $i++; 177 $i++;
177 } 178 }
178 179
179 arsort($users); 180 function count_sort($a, $b)
181 {
182 $a = $a['count'];
183 $b = $b['count'];
184
185 if ($a > $b)
186 {
187 return -1;
188 } else if ($a < $b)
189 {
190 return 1;
191 } else {
192 return 0;
193 }
194 }
195
196 usort($users, 'count_sort');
180 $i=0; 197 $i=0;
181 foreach ($users as $name => $count) 198 foreach ($users as $value)
182 { 199 {
183 if ($i == 5) 200 if ($i == 5)
184 { 201 {
185 break; 202 break;
186 } 203 }
187 204
188 $template->adds_block('TOP', array( 'USERNAME' => $name, 205 $template->adds_block('TOP', array( 'USERNAME' => $value['name'],
189 'COUNT' => $count)); 206 'COUNT' => $value['count']));
190 $i++; 207 $i++;
191 } 208 }
192 209
diff --git a/includes/functions.php b/includes/functions.php index 7c06077..16de184 100755 --- a/includes/functions.php +++ b/includes/functions.php
@@ -22,24 +22,6 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
22 22
23require('headerproc.php'); 23require('headerproc.php');
24 24
25function isLoggedIn()
26{
27 return sess_exists('uname');
28}
29
30function getUserlevel()
31{
32 if (isLoggedIn())
33 {
34 $getuser = "SELECT * FROM users WHERE username = \"" . sess_get('uname') . "\"";
35 $getuser2 = mysql_query($getuser);
36 $getuser3 = mysql_fetch_array($getuser2);
37 return $getuser3['user_group'];
38 } else {
39 return 4;
40 }
41}
42
43function countRows($table, $extra = '') 25function countRows($table, $extra = '')
44{ 26{
45 $cntrows = "SELECT * FROM " . $table . " " . $extra; 27 $cntrows = "SELECT * FROM " . $table . " " . $extra;
@@ -62,7 +44,8 @@ function generateError($error)
62 44
63function echoLogData() 45function echoLogData()
64{ 46{
65 if (!isLoggedIn()) { 47 if (!isLoggedIn())
48 {
66 return('in'); 49 return('in');
67 } else { 50 } else {
68 return('out'); 51 return('out');
@@ -212,14 +195,6 @@ function updatePop($id, $area, $plus=1)
212 } 195 }
213} 196}
214 197
215function verifyUser($username, $password)
216{
217 $getuser = 'SELECT * FROM users WHERE username = "' . $username . '" AND user_password = "' . md5($password) . '"';
218 $getuser2 = mysql_query($getuser);
219 $getuser3 = mysql_fetch_array($getuser2);
220 return (($_POST['username'] != '') && ($getuser3['username'] == $_POST['username']));
221}
222
223function getTags($id, $type = 'published') 198function getTags($id, $type = 'published')
224{ 199{
225 $gettags = "SELECT * FROM tags WHERE post_id = " . $id . " AND post_type = \"" . $type . "\""; 200 $gettags = "SELECT * FROM tags WHERE post_id = " . $id . " AND post_type = \"" . $type . "\"";
diff --git a/includes/header.php b/includes/header.php index c2cbbc2..4460d0a 100755 --- a/includes/header.php +++ b/includes/header.php
@@ -38,8 +38,6 @@ $headerTemp->add('HEADTAGS',isset($headtags) ? $headtags : '');
38$headerTemp->add('EXTRATITLE',isset($title) ? ($title . ' - ') : ''); 38$headerTemp->add('EXTRATITLE',isset($title) ? ($title . ' - ') : '');
39$headerTemp->add('PAGEID',(isset($pageID)) ? $pageID : 'none'); 39$headerTemp->add('PAGEID',(isset($pageID)) ? $pageID : 'none');
40$headerTemp->add(strtoupper($pageCategory) . 'ACTIVE', ' CLASS="active"'); 40$headerTemp->add(strtoupper($pageCategory) . 'ACTIVE', ' CLASS="active"');
41$headerTemp->add('REDIRPAGE',rawurlencode($_SERVER['REQUEST_URI']));
42$headerTemp->add('LOGDATA',echoLogData());
43 41
44if (isset($_POST['message'])) 42if (isset($_POST['message']))
45{ 43{
@@ -48,6 +46,9 @@ if (isset($_POST['message']))
48 46
49if (($pageCategory != 'fourm') && ($pageCategory != 'wiki')) 47if (($pageCategory != 'fourm') && ($pageCategory != 'wiki'))
50{ 48{
49 $headerTemp->add('REDIRPAGE',rawurlencode($_SERVER['REQUEST_URI']));
50 $headerTemp->add('LOGDATA',echoLogData());
51 $headerTemp->add('SID',getSessionID());
51 $headerTemp->adds_block('MEMBERS',array('exi' => 1)); 52 $headerTemp->adds_block('MEMBERS',array('exi' => 1));
52} 53}
53 54
diff --git a/includes/session.php b/includes/session.php index ff47e12..a4a7604 100755 --- a/includes/session.php +++ b/includes/session.php
@@ -24,38 +24,74 @@ require('headerproc.php');
24 24
25session_start(); 25session_start();
26 26
27function sess_exists($name) 27function getSessionID()
28{ 28{
29 return(isset($_SESSION[$name])); 29 $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\"";
30} 30 $getconfig2 = mysql_query($getconfig);
31 $getconfig3 = mysql_fetch_array($getconfig2);
31 32
32function sess_set($name,$value) 33 if (isset($_COOKIE[$getconfig3['config_value'] . '_sid']))
33{ 34 {
34 $_SESSION[$name] = $value; 35 return $_COOKIE[$getconfig3['config_value'] . '_sid'];
36 }
37
38 return false;
35} 39}
36 40
37function sess_get($name) 41function getSessionUsername()
38{ 42{
39 return $_SESSION[$name]; 43 $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\"";
40} 44 $getconfig2 = mysql_query($getconfig);
45 $getconfig3 = mysql_fetch_array($getconfig2);
46
47 if (isset($_COOKIE[$getconfig3['config_value'] . '_sid']))
48 {
49 $getsession = "SELECT * FROM phpbb_sessions AS s, phpbb_users AS u WHERE s.session_id LIKE \"" . mysql_real_escape_string($_COOKIE[$getconfig3['config_value'] . '_sid']) . "\" AND u.user_id = s.session_user_id";
50 $getsession2 = mysql_query($getsession) or die($getsession);
51 $getsession3 = mysql_fetch_array($getsession2);
41 52
53 return $getsession3['username'];
54 }
55
56 return false;
57}
42 58
43function sess_getifset($name) 59function isLoggedIn()
44{ 60{
45 if (sess_exists($name)) 61 $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\"";
62 $getconfig2 = mysql_query($getconfig);
63 $getconfig3 = mysql_fetch_array($getconfig2);
64
65 if (isset($_COOKIE[$getconfig3['config_value'] . '_sid']))
46 { 66 {
47 return sess_get($name); 67 $getsession = "SELECT * FROM phpbb_sessions WHERE session_id LIKE \"" . mysql_real_escape_string($_COOKIE[$getconfig3['config_value'] . '_sid']) . "\"";
48 } else { 68 $getsession2 = mysql_query($getsession);
49 return false; 69 $getsession3 = mysql_fetch_array($getsession2);
70
71 if ($getsession3['session_user_id'] != '1')
72 {
73 return true;
74 }
50 } 75 }
76
77 return false;
51} 78}
52 79
53function sess_delete($name) 80function isAdmin()
54{ 81{
55 if (sess_exists($name)) 82 if (isLoggedIn())
56 { 83 {
57 unset($_SESSION[$name]); 84 $getgroup = "SELECT COUNT(*) FROM phpbb_user_group, phpbb_users WHERE phpbb_user_group.user_id = phpbb_users.user_id AND phpbb_users.username = \"" . getSessionUsername() . "\" AND phpbb_user_group.group_id = 2";
85 $getgroup2 = mysql_query($getgroup);
86 $getgroup3 = mysql_fetch_array($getgroup2);
87
88 if ($getgroup3['COUNT(*)'] == '1')
89 {
90 return true;
91 }
58 } 92 }
93
94 return false;
59} 95}
60 96
61?> 97?>