| Zeile 343 | Zeile 343 |
|---|
{
if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user))
{
|
{
if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user))
{
|
$offset = $mybb->user['timezone'];
| $offset = (float)$mybb->user['timezone'];
|
$dstcorrection = $mybb->user['dst'];
}
elseif(defined("IN_ADMINCP"))
{
|
$dstcorrection = $mybb->user['dst'];
}
elseif(defined("IN_ADMINCP"))
{
|
$offset = $mybbadmin['timezone'];
| $offset = (float)$mybbadmin['timezone'];
|
$dstcorrection = $mybbadmin['dst'];
}
else
{
|
$dstcorrection = $mybbadmin['dst'];
}
else
{
|
$offset = $mybb->settings['timezoneoffset'];
| $offset = (float)$mybb->settings['timezoneoffset'];
|
$dstcorrection = $mybb->settings['dstcorrection'];
}
| $dstcorrection = $mybb->settings['dstcorrection'];
}
|
| Zeile 1870 | Zeile 1870 |
|---|
$cookie .= "; HttpOnly";
}
|
$cookie .= "; HttpOnly";
}
|
$mybb->cookies[$name] = $value;
| if($mybb->settings['cookiesecureflag'])
{
$cookie .= "; Secure";
}
$mybb->cookies[$name] = $value;
|
header($cookie, false);
}
|
header($cookie, false);
}
|
| Zeile 1881 | Zeile 1886 |
|---|
* @param string $name The cookie identifier.
*/
function my_unsetcookie($name)
|
* @param string $name The cookie identifier.
*/
function my_unsetcookie($name)
|
{
global $mybb;
| {
global $mybb;
|
$expires = -3600;
my_setcookie($name, "", $expires);
|
$expires = -3600;
my_setcookie($name, "", $expires);
|
| Zeile 1934 | Zeile 1939 |
|---|
if(isset($cookie[$name]))
{
$newcookie = my_unserialize($cookie[$name]);
|
if(isset($cookie[$name]))
{
$newcookie = my_unserialize($cookie[$name]);
|
}
| }
|
else
{
$newcookie = array();
}
|
else
{
$newcookie = array();
}
|
|
|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
| $newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
|
| Zeile 1947 | Zeile 1952 |
|---|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
}
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
}
|
|
|
/*
* Arbitrary limits for _safe_unserialize()
*/
| /*
* Arbitrary limits for _safe_unserialize()
*/
|
| Zeile 1970 | Zeile 1975 |
|---|
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
{
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
|
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
{
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
|
return false;
}
| return false;
}
|
if(empty($str) || !is_string($str))
{
return false;
| if(empty($str) || !is_string($str))
{
return false;
|
| Zeile 2178 | Zeile 2183 |
|---|
if(is_null($value))
{
return 'N;';
|
if(is_null($value))
{
return 'N;';
|
}
| }
|
if(is_bool($value))
{
|
if(is_bool($value))
{
|
| Zeile 2375 | Zeile 2380 |
|---|
$new_stats = array();
$counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');
|
$new_stats = array();
$counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');
|
foreach($counters as $counter)
{
if(array_key_exists($counter, $changes))
{
if(substr($changes[$counter], 0, 2) == "+-")
{
$changes[$counter] = substr($changes[$counter], 1);
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
| foreach($counters as $counter)
{
if(array_key_exists($counter, $changes))
{
if(substr($changes[$counter], 0, 2) == "+-")
{
$changes[$counter] = substr($changes[$counter], 1);
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
|
{
if((int)$changes[$counter] != 0)
{
| {
if((int)$changes[$counter] != 0)
{
|
| Zeile 2590 | Zeile 2595 |
|---|
}
if(!empty($new_stats))
|
}
if(!empty($new_stats))
|
{
| {
|
update_stats($new_stats);
}
}
|
update_stats($new_stats);
}
}
|
|
|
/**
* Update the last post information for a specific forum
*
* @param int $fid The forum ID
*/
function update_forum_lastpost($fid)
|
/**
* Update the last post information for a specific forum
*
* @param int $fid The forum ID
*/
function update_forum_lastpost($fid)
|
{
global $db;
| {
global $db;
|
// Fetch the last post for this forum
$query = $db->query("
SELECT tid, lastpost, lastposter, lastposteruid, subject
| // Fetch the last post for this forum
$query = $db->query("
SELECT tid, lastpost, lastposter, lastposteruid, subject
|
| Zeile 2654 | Zeile 2659 |
|---|
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
|
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
|
{
| {
|
if((int)$changes[$counter] != 0)
{
$update_query[$counter] = $thread[$counter] + $changes[$counter];
| if((int)$changes[$counter] != 0)
{
$update_query[$counter] = $thread[$counter] + $changes[$counter];
|
| Zeile 2692 | Zeile 2697 |
|---|
global $db;
$thread = get_thread($tid);
|
global $db;
$thread = get_thread($tid);
|
|
|
// If this is a moved thread marker, don't update it - we need it to stay as it is
if(strpos($thread['closed'], 'moved|') !== false)
{
| // If this is a moved thread marker, don't update it - we need it to stay as it is
if(strpos($thread['closed'], 'moved|') !== false)
{
|
| Zeile 3048 | Zeile 3053 |
|---|
if(!isset($avatars))
{
$avatars = array();
|
if(!isset($avatars))
{
$avatars = array();
|
| | }
if(my_strpos($avatar, '://') !== false && !$mybb->settings['allowremoteavatars'])
{
// Remote avatar, but remote avatars are disallowed.
$avatar = null;
|
}
if(!$avatar)
| }
if(!$avatar)
|
| Zeile 3063 | Zeile 3074 |
|---|
}
if(!$max_dimensions)
|
}
if(!$max_dimensions)
|
{
| {
|
$max_dimensions = $mybb->settings['maxavatardims'];
}
// An empty key wouldn't work so we need to add a fall back
$key = $dimensions;
if(empty($key))
|
$max_dimensions = $mybb->settings['maxavatardims'];
}
// An empty key wouldn't work so we need to add a fall back
$key = $dimensions;
if(empty($key))
|
{
| {
|
$key = 'default';
}
$key2 = $max_dimensions;
| $key = 'default';
}
$key2 = $max_dimensions;
|
| Zeile 3083 | Zeile 3094 |
|---|
{
return $avatars[$avatar][$key][$key2];
}
|
{
return $avatars[$avatar][$key][$key2];
}
|
|
|
$avatar_width_height = '';
if($dimensions)
| $avatar_width_height = '';
if($dimensions)
|
| Zeile 3103 | Zeile 3114 |
|---|
else
{
$avatar_width_height = "width=\"{$dimensions[0]}\" height=\"{$dimensions[1]}\"";
|
else
{
$avatar_width_height = "width=\"{$dimensions[0]}\" height=\"{$dimensions[1]}\"";
|
}
| }
|
}
}
| }
}
|
| Zeile 3511 | Zeile 3522 |
|---|
else if(!empty($prefixes_cache))
{
return $prefixes_cache;
|
else if(!empty($prefixes_cache))
{
return $prefixes_cache;
|
}
return false;
}
| }
return false;
}
|
/**
* Build the thread prefix selection menu for the current user
|
/**
* Build the thread prefix selection menu for the current user
|
| Zeile 3720 | Zeile 3731 |
|---|
if(isset($encoding))
{
header("Content-Encoding: $encoding");
|
if(isset($encoding))
{
header("Content-Encoding: $encoding");
|
|
|
if(function_exists("gzencode"))
{
$contents = gzencode($contents, $level);
| if(function_exists("gzencode"))
{
$contents = gzencode($contents, $level);
|
| Zeile 3756 | Zeile 3767 |
|---|
{
$fid = (int)$data['fid'];
unset($data['fid']);
|
{
$fid = (int)$data['fid'];
unset($data['fid']);
|
}
| }
|
$tid = 0;
if(isset($data['tid']))
{
| $tid = 0;
if(isset($data['tid']))
{
|
| Zeile 3770 | Zeile 3781 |
|---|
{
$pid = (int)$data['pid'];
unset($data['pid']);
|
{
$pid = (int)$data['pid'];
unset($data['pid']);
|
}
| }
|
// Any remaining extra data - we my_serialize and insert in to its own column
if(is_array($data))
|
// Any remaining extra data - we my_serialize and insert in to its own column
if(is_array($data))
|
| Zeile 3808 | Zeile 3819 |
|---|
$reputation_class = "reputation_negative";
}
elseif($reputation > 0)
|
$reputation_class = "reputation_negative";
}
elseif($reputation > 0)
|
{
| {
|
$reputation_class = "reputation_positive";
|
$reputation_class = "reputation_positive";
|
}
else
| }
else
|
{
$reputation_class = "reputation_neutral";
|
{
$reputation_class = "reputation_neutral";
|
}
| }
|
$reputation = my_number_format($reputation);
if($uid != 0)
|
$reputation = my_number_format($reputation);
if($uid != 0)
|
{
| {
|
eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";");
|
eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";");
|
}
else
{
| }
else
{
|
eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";");
}
| eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";");
}
|
| Zeile 3860 | Zeile 3871 |
|---|
eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";");
return $level;
|
eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";");
return $level;
|
}
/**
| }
/**
|
* Fetch the IP address of the current user.
*
* @return string The IP address.
| * Fetch the IP address of the current user.
*
* @return string The IP address.
|
| Zeile 3870 | Zeile 3881 |
|---|
function get_ip()
{
global $mybb, $plugins;
|
function get_ip()
{
global $mybb, $plugins;
|
|
|
$ip = strtolower($_SERVER['REMOTE_ADDR']);
if($mybb->settings['ip_forwarded_check'])
|
$ip = strtolower($_SERVER['REMOTE_ADDR']);
if($mybb->settings['ip_forwarded_check'])
|
{
| {
|
$addresses = array();
|
$addresses = array();
|
|
|
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
|
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
|
{
| {
|
$addresses = explode(',', strtolower($_SERVER['HTTP_X_FORWARDED_FOR']));
}
elseif(isset($_SERVER['HTTP_X_REAL_IP']))
| $addresses = explode(',', strtolower($_SERVER['HTTP_X_FORWARDED_FOR']));
}
elseif(isset($_SERVER['HTTP_X_REAL_IP']))
|
| Zeile 3887 | Zeile 3898 |
|---|
}
if(is_array($addresses))
|
}
if(is_array($addresses))
|
{
| {
|
foreach($addresses as $val)
{
$val = trim($val);
| foreach($addresses as $val)
{
$val = trim($val);
|
| Zeile 3898 | Zeile 3909 |
|---|
break;
}
}
|
break;
}
}
|
}
}
| }
}
|
if(!$ip)
{
if(isset($_SERVER['HTTP_CLIENT_IP']))
| if(!$ip)
{
if(isset($_SERVER['HTTP_CLIENT_IP']))
|
| Zeile 3925 | Zeile 3936 |
|---|
* @return string The friendly file size
*/
function get_friendly_size($size)
|
* @return string The friendly file size
*/
function get_friendly_size($size)
|
{
| {
|
global $lang;
if(!is_numeric($size))
| global $lang;
if(!is_numeric($size))
|
| Zeile 4232 | Zeile 4243 |
|---|
}
$activesep = '';
|
}
$activesep = '';
|
$navsize = count($navbits);
$navbit = $navbits[$navsize-1];
| $navsize = count($navbits);
$navbit = $navbits[$navsize-1];
|
if($nav)
{
eval("\$activesep = \"".$templates->get("nav_sep_active")."\";");
| if($nav)
{
eval("\$activesep = \"".$templates->get("nav_sep_active")."\";");
|
| Zeile 4259 | Zeile 4270 |
|---|
$navsize = count($navbits);
$navbits[$navsize]['name'] = $name;
$navbits[$navsize]['url'] = $url;
|
$navsize = count($navbits);
$navbits[$navsize]['name'] = $name;
$navbits[$navsize]['url'] = $url;
|
}
| }
|
/**
* Build the forum breadcrumb nagiation (the navigation to a specific forum including all parent forums)
*
| /**
* Build the forum breadcrumb nagiation (the navigation to a specific forum including all parent forums)
*
|
| Zeile 4273 | Zeile 4284 |
|---|
global $pforumcache, $currentitem, $forum_cache, $navbits, $lang, $base_url, $archiveurl;
if(!$pforumcache)
|
global $pforumcache, $currentitem, $forum_cache, $navbits, $lang, $base_url, $archiveurl;
if(!$pforumcache)
|
{
| {
|
if(!is_array($forum_cache))
{
cache_forums();
| if(!is_array($forum_cache))
{
cache_forums();
|
| Zeile 4311 | Zeile 4322 |
|---|
{
$navbits[$navsize]['url'] = $archiveurl."/index.php";
}
|
{
$navbits[$navsize]['url'] = $archiveurl."/index.php";
}
|
}
| }
|
elseif(!empty($multipage))
{
$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']);
| elseif(!empty($multipage))
{
$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']);
|
| Zeile 4334 | Zeile 4345 |
|---|
* Resets the breadcrumb navigation to the first item, and clears the rest
*/
function reset_breadcrumb()
|
* Resets the breadcrumb navigation to the first item, and clears the rest
*/
function reset_breadcrumb()
|
{
global $navbits;
| {
global $navbits;
|
$newnav[0]['name'] = $navbits[0]['name'];
$newnav[0]['url'] = $navbits[0]['url'];
if(!empty($navbits[0]['options']))
| $newnav[0]['name'] = $navbits[0]['name'];
$newnav[0]['url'] = $navbits[0]['url'];
if(!empty($navbits[0]['options']))
|
| Zeile 6766 | Zeile 6777 |
|---|
function fetch_remote_file($url, $post_data=array(), $max_redirects=20)
{
global $mybb, $config;
|
function fetch_remote_file($url, $post_data=array(), $max_redirects=20)
{
global $mybb, $config;
|
| |
if(!my_validate_url($url, true))
{
return false;
}
|
$url_components = @parse_url($url);
|
$url_components = @parse_url($url);
|
| |
if(!isset($url_components['scheme']))
{
$url_components['scheme'] = 'https';
}
if(!isset($url_components['port']))
{
$url_components['port'] = $url_components['scheme'] == 'https' ? 443 : 80;
}
|
if(
!$url_components ||
empty($url_components['host']) ||
(!empty($url_components['scheme']) && !in_array($url_components['scheme'], array('http', 'https'))) ||
|
if(
!$url_components ||
empty($url_components['host']) ||
(!empty($url_components['scheme']) && !in_array($url_components['scheme'], array('http', 'https'))) ||
|
(!empty($url_components['port']) && !in_array($url_components['port'], array(80, 8080, 443))) ||
| (!in_array($url_components['port'], array(80, 8080, 443))) ||
|
(!empty($config['disallowed_remote_hosts']) && in_array($url_components['host'], $config['disallowed_remote_hosts']))
)
|
(!empty($config['disallowed_remote_hosts']) && in_array($url_components['host'], $config['disallowed_remote_hosts']))
)
|
{
| {
|
return false;
}
|
return false;
}
|
| |
$addresses = get_ip_by_hostname($url_components['host']);
$destination_address = $addresses[0];
|
if(!empty($config['disallowed_remote_addresses']))
|
if(!empty($config['disallowed_remote_addresses']))
|
{
$addresses = gethostbynamel($url_components['host']);
if($addresses)
| {
foreach($config['disallowed_remote_addresses'] as $disallowed_address)
|
{
|
{
|
foreach($config['disallowed_remote_addresses'] as $disallowed_address)
| $ip_range = fetch_ip_range($disallowed_address);
$packed_address = my_inet_pton($destination_address);
if(is_array($ip_range))
|
{
|
{
|
$ip_range = fetch_ip_range($disallowed_address);
foreach($addresses as $address)
| if(strcmp($ip_range[0], $packed_address) <= 0 && strcmp($ip_range[1], $packed_address) >= 0)
|
{
|
{
|
$packed_address = my_inet_pton($address);
if(is_array($ip_range))
{
if(strcmp($ip_range[0], $packed_address) <= 0 && strcmp($ip_range[1], $packed_address) >= 0)
{
return false;
}
}
elseif($address == $disallowed_address)
{
return false;
}
| return false;
|
}
|
}
|
| | }
elseif($destination_address == $disallowed_address)
{
return false;
|
}
}
}
| }
}
}
|
| Zeile 6812 | Zeile 6834 |
|---|
if(!empty($post_data))
{
foreach($post_data as $key => $val)
|
if(!empty($post_data))
{
foreach($post_data as $key => $val)
|
{
| {
|
$post_body .= '&'.urlencode($key).'='.urlencode($val);
}
$post_body = ltrim($post_body, '&');
}
|
$post_body .= '&'.urlencode($key).'='.urlencode($val);
}
$post_body = ltrim($post_body, '&');
}
|
|
|
if(function_exists("curl_init"))
|
if(function_exists("curl_init"))
|
{
$can_followlocation = @ini_get('open_basedir') === '' && !$mybb->safemode;
$request_header = $max_redirects != 0 && !$can_followlocation;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, $request_header);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
| {
$fetch_header = $max_redirects > 0;
|
|
|
if($max_redirects != 0 && $can_followlocation)
| $ch = curl_init();
$curlopt = array(
CURLOPT_URL => $url,
CURLOPT_HEADER => $fetch_header,
CURLOPT_TIMEOUT => 10,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_FOLLOWLOCATION => 0,
);
if($ca_bundle_path = get_ca_bundle_path())
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 1;
$curlopt[CURLOPT_CAINFO] = $ca_bundle_path;
}
else
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 0;
}
$curl_version_info = curl_version();
$curl_version = $curl_version_info['version'];
if(version_compare(PHP_VERSION, '7.0.7', '>=') && version_compare($curl_version, '7.49', '>='))
{
// CURLOPT_CONNECT_TO
$curlopt[10243] = array(
$url_components['host'].':'.$url_components['port'].':'.$destination_address
);
}
elseif(version_compare(PHP_VERSION, '5.5', '>=') && version_compare($curl_version, '7.21.3', '>='))
|
{
|
{
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, $max_redirects);
| // CURLOPT_RESOLVE
$curlopt[10203] = array(
$url_components['host'].':'.$url_components['port'].':'.$destination_address
);
|
}
if(!empty($post_body))
|
}
if(!empty($post_body))
|
{
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body);
}
| {
$curlopt[CURLOPT_POST] = 1;
$curlopt[CURLOPT_POSTFIELDS] = $post_body;
}
curl_setopt_array($ch, $curlopt);
|
$response = curl_exec($ch);
|
$response = curl_exec($ch);
|
if($request_header)
| if($fetch_header)
|
{
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$header = substr($response, 0, $header_size);
| {
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$header = substr($response, 0, $header_size);
|
| Zeile 6859 | Zeile 6906 |
|---|
{
$data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects);
}
|
{
$data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects);
}
|
}
else
| }
else
|
{
$data = $body;
|
{
$data = $body;
|
}
}
else
{
$data = $response;
}
| }
}
else
{
$data = $response;
}
|
curl_close($ch);
return $data;
}
else if(function_exists("fsockopen"))
{
|
curl_close($ch);
return $data;
}
else if(function_exists("fsockopen"))
{
|
if(!isset($url_components['port']))
{
$url_components['port'] = 80;
}
| |
if(!isset($url_components['path']))
{
$url_components['path'] = "/";
| if(!isset($url_components['path']))
{
$url_components['path'] = "/";
|
| Zeile 6899 | Zeile 6942 |
|---|
}
}
|
}
}
|
$fp = @fsockopen($scheme.$url_components['host'], $url_components['port'], $error_no, $error, 10);
| if(function_exists('stream_context_create'))
{
if($url_components['scheme'] == 'https' && $ca_bundle_path = get_ca_bundle_path())
{
$context = stream_context_create(array(
'ssl' => array(
'verify_peer' => true,
'verify_peer_name' => true,
'peer_name' => $url_components['host'],
'cafile' => $ca_bundle_path,
),
));
}
else
{
$context = stream_context_create(array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
));
}
$fp = @stream_socket_client($scheme.$destination_address.':'.(int)$url_components['port'], $error_no, $error, 10, STREAM_CLIENT_CONNECT, $context);
}
else
{
$fp = @fsockopen($scheme.$url_components['host'], (int)$url_components['port'], $error_no, $error, 10);
}
|
@stream_set_timeout($fp, 10);
if(!$fp)
{
| @stream_set_timeout($fp, 10);
if(!$fp)
{
|
| Zeile 6951 | Zeile 7023 |
|---|
$status_line = current(explode("\n\n", $header, 1));
$body = $data[1];
|
$status_line = current(explode("\n\n", $header, 1));
$body = $data[1];
|
if($max_redirects != 0 && (strstr($status_line, ' 301 ') || strstr($status_line, ' 302 ')))
| if($max_redirects > 0 && (strstr($status_line, ' 301 ') || strstr($status_line, ' 302 ')))
|
{
preg_match('/Location:(.*?)(?:\n|$)/', $header, $matches);
| {
preg_match('/Location:(.*?)(?:\n|$)/', $header, $matches);
|
| Zeile 6967 | Zeile 7039 |
|---|
return $data;
}
|
return $data;
}
|
else if(empty($post_data))
{
return @implode("", @file($url));
}
else
{
return false;
}
}
/**
| else
{
return false;
}
}
/**
* Resolves a hostname into a set of IP addresses.
*
* @param string $hostname The hostname to be resolved
* @return array|bool The resulting IP addresses. False on failure
*/
function get_ip_by_hostname($hostname)
{
$addresses = @gethostbynamel($hostname);
if(!$addresses)
{
$result_set = @dns_get_record($hostname, DNS_A | DNS_AAAA);
if($result_set)
{
$addresses = array_column($result_set, 'ip');
}
else
{
return false;
}
}
return $addresses;
}
/**
* Returns the location of the CA bundle defined in the PHP configuration.
*
* @return string|bool The location of the CA bundle, false if not set
*/
function get_ca_bundle_path()
{
if($path = ini_get('openssl.cafile'))
{
return $path;
}
if($path = ini_get('curl.cainfo'))
{
return $path;
}
return false;
}
/**
|
* Checks if a particular user is a super administrator.
*
* @param int $uid The user ID to check against the list of super admins
| * Checks if a particular user is a super administrator.
*
* @param int $uid The user ID to check against the list of super admins
|
| Zeile 6986 | Zeile 7100 |
|---|
function is_super_admin($uid)
{
static $super_admins;
|
function is_super_admin($uid)
{
static $super_admins;
|
|
|
if(!isset($super_admins))
{
global $mybb;
| if(!isset($super_admins))
{
global $mybb;
|
| Zeile 6994 | Zeile 7108 |
|---|
}
if(my_strpos(",{$super_admins},", ",{$uid},") === false)
|
}
if(my_strpos(",{$super_admins},", ",{$uid},") === false)
|
{
| {
|
return false;
}
else
| return false;
}
else
|
| Zeile 7019 | Zeile 7133 |
|---|
if(empty($groups))
{
return array();
|
if(empty($groups))
{
return array();
|
}
| }
|
if($user == false)
{
$user = $mybb->user;
| if($user == false)
{
$user = $mybb->user;
|
| Zeile 7037 | Zeile 7151 |
|---|
if(!is_array($groups))
{
if((int)$groups == -1)
|
if(!is_array($groups))
{
if((int)$groups == -1)
|
{
| {
|
return $memberships;
}
else
| return $memberships;
}
else
|
| Zeile 7242 | Zeile 7356 |
|---|
{
require_once MYBB_ROOT.'inc/datahandlers/warnings.php';
$warningshandler = new WarningsHandler('update');
|
{
require_once MYBB_ROOT.'inc/datahandlers/warnings.php';
$warningshandler = new WarningsHandler('update');
|
}
| }
|
return $warningshandler->expire_warnings();
}
|
return $warningshandler->expire_warnings();
}
|
| Zeile 7255 | Zeile 7369 |
|---|
* @return bool
*/
function my_chmod($file, $mode)
|
* @return bool
*/
function my_chmod($file, $mode)
|
{
| {
|
// Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string
if(substr($mode, 0, 1) != '0' || strlen($mode) !== 4)
{
| // Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string
if(substr($mode, 0, 1) != '0' || strlen($mode) !== 4)
{
|
| Zeile 7268 | Zeile 7382 |
|---|
$result = chmod($file, octdec($mode));
umask($old_umask);
return $result;
|
$result = chmod($file, octdec($mode));
umask($old_umask);
return $result;
|
}
| }
|
/**
* Custom rmdir function to loop through an entire directory and delete all files/folders within
|
/**
* Custom rmdir function to loop through an entire directory and delete all files/folders within
|
| Zeile 7307 | Zeile 7421 |
|---|
}
return @rmdir($path);
|
}
return @rmdir($path);
|
}
| }
|
return @unlink($path);
}
|
return @unlink($path);
}
|
| Zeile 7345 | Zeile 7459 |
|---|
if(!$ip_long)
{
$ip_long = sprintf("%u", ip2long($ip));
|
if(!$ip_long)
{
$ip_long = sprintf("%u", ip2long($ip));
|
|
|
if(!$ip_long)
{
return 0;
| if(!$ip_long)
{
return 0;
|
| Zeile 7629 | Zeile 7743 |
|---|
global $mybb, $checksums, $bad_verify_files;
// We don't need to check these types of files
|
global $mybb, $checksums, $bad_verify_files;
// We don't need to check these types of files
|
$ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "logo.gif", "logo.png");
| $ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "htaccess-nginx.txt", "logo.gif", "logo.png");
|
$ignore_ext = array("attach");
if(substr($path, -1, 1) == "/")
| $ignore_ext = array("attach");
if(substr($path, -1, 1) == "/")
|
| Zeile 7651 | Zeile 7765 |
|---|
while(($file = @readdir($dh)) !== false)
{
if(in_array($file, $ignore) || in_array(get_extension($file), $ignore_ext))
|
while(($file = @readdir($dh)) !== false)
{
if(in_array($file, $ignore) || in_array(get_extension($file), $ignore_ext))
|
{
continue;
}
| {
continue;
}
|
// Recurse through the directory tree
if(is_dir($path."/".$file))
{
verify_files($path."/".$file, ($count+1));
continue;
}
|
// Recurse through the directory tree
if(is_dir($path."/".$file))
{
verify_files($path."/".$file, ($count+1));
continue;
}
|
|
|
// We only need the last part of the path (from the MyBB directory to the file. i.e. inc/functions.php)
$file_path = ".".str_replace(substr(MYBB_ROOT, 0, -1), "", $path)."/".$file;
// Does this file even exist in our official list? Perhaps it's a plugin
if(array_key_exists($file_path, $checksums))
|
// We only need the last part of the path (from the MyBB directory to the file. i.e. inc/functions.php)
$file_path = ".".str_replace(substr(MYBB_ROOT, 0, -1), "", $path)."/".$file;
// Does this file even exist in our official list? Perhaps it's a plugin
if(array_key_exists($file_path, $checksums))
|
{
| {
|
$filename = $path."/".$file;
$handle = fopen($filename, "rb");
$contents = '';
| $filename = $path."/".$file;
$handle = fopen($filename, "rb");
$contents = '';
|
| Zeile 7755 | Zeile 7869 |
|---|
{
$output = @fread($handle, $bytes);
@fclose($handle);
|
{
$output = @fread($handle, $bytes);
@fclose($handle);
|
}
}
else
| }
}
else
|
{
return $output;
}
| {
return $output;
}
|
| Zeile 7767 | Zeile 7881 |
|---|
if(function_exists('mcrypt_create_iv'))
{
if (DIRECTORY_SEPARATOR == '/')
|
if(function_exists('mcrypt_create_iv'))
{
if (DIRECTORY_SEPARATOR == '/')
|
{
| {
|
$source = MCRYPT_DEV_URANDOM;
|
$source = MCRYPT_DEV_URANDOM;
|
}
| }
|
else
{
$source = MCRYPT_RAND;
}
$output = @mcrypt_create_iv($bytes, $source);
|
else
{
$source = MCRYPT_RAND;
}
$output = @mcrypt_create_iv($bytes, $source);
|
}
}
else
{
| }
}
else
{
|
return $output;
}
| return $output;
}
|
| Zeile 7792 | Zeile 7906 |
|---|
{
$output = openssl_random_pseudo_bytes($bytes, $crypto_strong);
if ($crypto_strong == false)
|
{
$output = openssl_random_pseudo_bytes($bytes, $crypto_strong);
if ($crypto_strong == false)
|
{
| {
|
$output = null;
|
$output = null;
|
}
}
}
}
else
{
return $output;
}
if(strlen($output) < $bytes)
{
| }
}
}
}
else
{
return $output;
}
if(strlen($output) < $bytes)
{
|
if(class_exists('COM'))
{
try
| if(class_exists('COM'))
{
try
|
| Zeile 7816 | Zeile 7930 |
|---|
}
} catch (Exception $e) {
}
|
}
} catch (Exception $e) {
}
|
}
}
| }
}
|
else
{
return $output;
}
|
else
{
return $output;
}
|
|
|
if(strlen($output) < $bytes)
{
// Close to what PHP basically uses internally to seed, but not quite.
$unique_state = microtime().@getmypid();
|
if(strlen($output) < $bytes)
{
// Close to what PHP basically uses internally to seed, but not quite.
$unique_state = microtime().@getmypid();
|
$rounds = ceil($bytes / 16);
|
$rounds = ceil($bytes / 16);
|
for($i = 0; $i < $rounds; $i++)
{
$unique_state = md5(microtime().$unique_state);
$output .= md5($unique_state);
}
|
for($i = 0; $i < $rounds; $i++)
{
$unique_state = md5(microtime().$unique_state);
$output .= md5($unique_state);
}
|
$output = substr($output, 0, ($bytes * 2));
| $output = substr($output, 0, ($bytes * 2));
|
$output = pack('H*', $output);
|
$output = pack('H*', $output);
|
return $output;
}
|
return $output;
}
|
else
|
else
|
{
| {
|
return $output;
}
}
|
return $output;
}
}
|
|
|
/**
* Returns a securely generated seed integer
*
* @return int An integer equivalent of a secure hexadecimal seed
*/
function secure_seed_rng()
|
/**
* Returns a securely generated seed integer
*
* @return int An integer equivalent of a secure hexadecimal seed
*/
function secure_seed_rng()
|
{
$bytes = PHP_INT_SIZE;
do
{
$output = secure_binary_seed_rng($bytes);
| {
$bytes = PHP_INT_SIZE;
do
{
$output = secure_binary_seed_rng($bytes);
|
// convert binary data to a decimal number
if ($bytes == 4)
|
// convert binary data to a decimal number
if ($bytes == 4)
|
| Zeile 8372 | Zeile 8486 |
|---|
if(!$ip_address)
{
$ip_address = get_ip();
|
if(!$ip_address)
{
$ip_address = get_ip();
|
}
$ip_address = my_inet_pton($ip_address);
| }
$ip_address = my_inet_pton($ip_address);
|
$insert_array = array(
'username' => $db->escape_string($username),
|
$insert_array = array(
'username' => $db->escape_string($username),
|
| Zeile 8385 | Zeile 8499 |
|---|
);
return (bool)$db->insert_query('spamlog', $insert_array);
|
);
return (bool)$db->insert_query('spamlog', $insert_array);
|
}
/**
| }
/**
|
* Copy a file to the CDN.
*
* @param string $file_path The path to the file to upload to the CDN.
| * Copy a file to the CDN.
*
* @param string $file_path The path to the file to upload to the CDN.
|
| Zeile 8413 | Zeile 8527 |
|---|
$file_name = basename($real_file_path);
if(file_exists($file_path))
|
$file_name = basename($real_file_path);
if(file_exists($file_path))
|
{
| {
|
if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
{
$cdn_path = rtrim($mybb->settings['cdnpath'], '/\\');
| if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
{
$cdn_path = rtrim($mybb->settings['cdnpath'], '/\\');
|
| Zeile 8477 | Zeile 8591 |
|---|
}
return false;
|
}
return false;
|
| | }
/**
* Strip html tags from string, also removes <script> and <style> contents.
*
* @param string $string String to stripe
* @param string $allowable_tags Allowed html tags
*
* @return string Striped string
*/
function my_strip_tags($string, $allowable_tags = '')
{
$pattern = array(
'@(<)style[^(>)]*?(>).*?(<)/style(>)@siu',
'@(<)script[^(>)]*?.*?(<)/script(>)@siu',
'@<style[^>]*?>.*?</style>@siu',
'@<script[^>]*?.*?</script>@siu',
);
$string = preg_replace($pattern, '', $string);
return strip_tags($string, $allowable_tags);
|
}
| }
|