+++ /dev/null
-<?php
-/***************************************************************************
- * common.php
- * -------------------
- * begin : Saturday, Feb 23, 2001
- * copyright : (C) 2001 The phpBB Group
- * email : support@phpbb.com
- *
- * $Id: common.php,v 1.74.2.14 2004/11/18 17:49:34 acydburn Exp $
- *
- ***************************************************************************/
-
-/***************************************************************************
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- ***************************************************************************/
-
-if ( !defined('IN_PHPBB') )
-{
- die("Hacking attempt");
-}
-
-//
-error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
-set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
-
-// The following code (unsetting globals) was contributed by Matt Kavanagh
-
-// PHP5 with register_long_arrays off?
-if (!isset($HTTP_POST_VARS) && isset($_POST))
-{
- $HTTP_POST_VARS = $_POST;
- $HTTP_GET_VARS = $_GET;
- $HTTP_SERVER_VARS = $_SERVER;
- $HTTP_COOKIE_VARS = $_COOKIE;
- $HTTP_ENV_VARS = $_ENV;
- $HTTP_POST_FILES = $_FILES;
-
- // _SESSION is the only superglobal which is conditionally set
- if (isset($_SESSION))
- {
- $HTTP_SESSION_VARS = $_SESSION;
- }
-}
-
-if (@phpversion() < '4.0.0')
-{
- // PHP3 path; in PHP3, globals are _always_ registered
-
- // We 'flip' the array of variables to test like this so that
- // we can validate later with isset($test[$var]) (no in_array())
- $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
-
- // Loop through each input array
- @reset($test);
- while (list($input,) = @each($test))
- {
- while (list($var,) = @each($$input))
- {
- // Validate the variable to be unset
- if (!isset($test[$var]) && $var != 'test' && $var != 'input')
- {
- unset($$var);
- }
- }
- }
-}
-else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
-{
- // PHP4+ path
-
- // Not only will array_merge give a warning if a parameter
- // is not an array, it will actually fail. So we check if
- // HTTP_SESSION_VARS has been initialised.
- if (!isset($HTTP_SESSION_VARS))
- {
- $HTTP_SESSION_VARS = array();
- }
-
- // Merge all into one extremely huge array; unset
- // this later
- $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
-
- unset($input['input']);
-
- while (list($var,) = @each($input))
- {
- unset($$var);
- }
-
- unset($input);
-}
-
-//
-// addslashes to vars if magic_quotes_gpc is off
-// this is a security precaution to prevent someone
-// trying to break out of a SQL statement.
-//
-if( !get_magic_quotes_gpc() )
-{
- if( is_array($HTTP_GET_VARS) )
- {
- while( list($k, $v) = each($HTTP_GET_VARS) )
- {
- if( is_array($HTTP_GET_VARS[$k]) )
- {
- while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
- {
- $HTTP_GET_VARS[$k][$k2] = addslashes($v2);
- }
- @reset($HTTP_GET_VARS[$k]);
- }
- else
- {
- $HTTP_GET_VARS[$k] = addslashes($v);
- }
- }
- @reset($HTTP_GET_VARS);
- }
-
- if( is_array($HTTP_POST_VARS) )
- {
- while( list($k, $v) = each($HTTP_POST_VARS) )
- {
- if( is_array($HTTP_POST_VARS[$k]) )
- {
- while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
- {
- $HTTP_POST_VARS[$k][$k2] = addslashes($v2);
- }
- @reset($HTTP_POST_VARS[$k]);
- }
- else
- {
- $HTTP_POST_VARS[$k] = addslashes($v);
- }
- }
- @reset($HTTP_POST_VARS);
- }
-
- if( is_array($HTTP_COOKIE_VARS) )
- {
- while( list($k, $v) = each($HTTP_COOKIE_VARS) )
- {
- if( is_array($HTTP_COOKIE_VARS[$k]) )
- {
- while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
- {
- $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
- }
- @reset($HTTP_COOKIE_VARS[$k]);
- }
- else
- {
- $HTTP_COOKIE_VARS[$k] = addslashes($v);
- }
- }
- @reset($HTTP_COOKIE_VARS);
- }
-}
-
-//
-// Define some basic configuration arrays this also prevents
-// malicious rewriting of language and otherarray values via
-// URI params
-//
-$board_config = array();
-$userdata = array();
-$theme = array();
-$images = array();
-$lang = array();
-$nav_links = array();
-$gen_simple_header = FALSE;
-
-include($phpbb_root_path . 'config.'.$phpEx);
-
-if( !defined("PHPBB_INSTALLED") )
-{
- header("Location: install/install.$phpEx");
- exit;
-}
-
-include($phpbb_root_path . 'includes/constants.'.$phpEx);
-include($phpbb_root_path . 'includes/template.'.$phpEx);
-include($phpbb_root_path . 'includes/sessions.'.$phpEx);
-include($phpbb_root_path . 'includes/auth.'.$phpEx);
-include($phpbb_root_path . 'includes/functions.'.$phpEx);
-include($phpbb_root_path . 'includes/db.'.$phpEx);
-
-//
-// Obtain and encode users IP
-//
-// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
-// private range IP's appearing instead of the guilty routable IP, tough, don't
-// even bother complaining ... go scream and shout at the idiots out there who feel
-// "clever" is doing harm rather than good ... karma is a great thing ... :)
-//
-$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
-$user_ip = encode_ip($client_ip);
-
-//
-// Setup forum wide options, if this fails
-// then we output a CRITICAL_ERROR since
-// basic forum information is not available
-//
-$sql = "SELECT *
- FROM " . CONFIG_TABLE;
-if( !($result = $db->sql_query($sql)) )
-{
- message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
-}
-
-while ( $row = $db->sql_fetchrow($result) )
-{
- $board_config[$row['config_name']] = $row['config_value'];
-}
-
-if (file_exists('install') || file_exists('contrib'))
-{
- message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted');
-}
-
-//
-// Show 'Board is disabled' message if needed.
-//
-if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") )
-{
- message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
-}
-
-?>
\ No newline at end of file