API tools faq
paste
Guest User

Untitled

a guest
Jul 20th, 2017
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.75 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // rss_funtions.php
  3. // Part of RSS Feed MOD
  4. // Edit: 2005-11-23
  5. // Copyright (c) 2004-2005, Egor Naklonyaeff
  6.  
  7. function FormatLanguage($lng)
  8. {
  9. // You can add you ISO 639 coutry code here or remove unused codes
  10. $iso639=array("albanian"=>"sq","arabic"=>"ar","azerbaijani"=>"az",
  11. "bulgarian"=>"bg","chinese"=>"zh","chinese_simplified"=>"zh",
  12. "chinese_traditional"=>"zh","croatian"=>"hr","czech"=>"cs",
  13. "danish"=>"da","dutch"=>"nl","english"=>"en",
  14. "esperanto"=>"eo","estonian"=>"et","finnish"=>"fi",
  15. "french"=>"fr","japanese"=>"ja","galego"=>"gl",
  16. "german"=>"de","greek"=>"el","hungarian"=>"hu",
  17. "hebrew"=>"he","icelandic"=>"is","indonesian"=>"id",
  18. "italian"=>"it","korean"=>"ko","kurdish"=>"ku",
  19. "macedonian"=>"mk","moldavian"=>"mo","mongolian"=>"mn",
  20. "norwegian"=>"no","polish"=>"pl","portuguese"=>"pt",
  21. "romanian"=>"ro","russian"=>"ru","russian_tu"=>"ru",
  22. "serbian"=>"sr","slovak"=>"sk","slovenian"=>"sl",
  23. "spanish"=>"es","swedish"=>"sv","thai"=>"th",
  24. "turkish"=>"tr","uigur"=>"ug","ukrainian"=>"uk",
  25. "vietnamese"=>"vi","welsh"=>"cy");
  26. $user_lang=(isset($iso639[$lng]))? $iso639[$lng]:'';
  27. return(($user_lang!='')?"\n<language>$user_lang</language>":'');
  28. }
  29. function RSSTimeFormat($utime,$uoffset=0)
  30. {
  31. global $HTTP_GET_VARS,$user_id,$useragent;
  32. if(CACHE_TO_FILE && ($user_id==ANONYMOUS) && empty($HTTP_GET_VARS))$uoffset=0;
  33. if((isset($HTTP_GET_VARS['time']) && $HTTP_GET_VARS['time']=='local')|| (strpos($useragent,'Abilon')!==false)|| (strpos($useragent,'ActiveRefresh')!==false))
  34. {
  35. $uoffset=intval($uoffset);
  36. }
  37. else $uoffset=0;
  38. $result=gmdate("D, d M Y H:i:s", $utime + (3600 * $uoffset));
  39. $uoffset=intval($uoffset*100);
  40. $result.=' '.(($uoffset>0)?'+':'').(($uoffset==0)? 'GMT': sprintf((($uoffset<0)?"%05d":"%04d"),$uoffset));
  41. return $result;
  42. }
  43. function GetHTTPPasswd()
  44. {
  45. header('WWW-Authenticate: Basic realm="For registred users only"');
  46. ExitWithHeader('401 Unauthorized','For registred users only');
  47. }
  48. function ExitWithHeader($output,$message='')
  49. {
  50. global $db, $HTTP_SERVER_VARS;
  51. $db->sql_close();
  52. if(function_exists("getallheaders")) header("HTTP/1.1 $output");
  53. else header('Status: '.$output);
  54. $code=intval(substr($output,0,3));
  55. if(($code==200)||($code==304))
  56. {
  57. if(isset($HTTP_SERVER_VARS['HTTP_IF_MODIFIED_SINCE'])) header("Last-Modified: ".$HTTP_SERVER_VARS['HTTP_IF_MODIFIED_SINCE']);
  58. if(isset($HTTP_SERVER_VARS['HTTP_IF_NONE_MATCH'])) header("Etag: ".$HTTP_SERVER_VARS['HTTP_IF_NONE_MATCH']);
  59. }
  60. if(!empty($message)) {
  61. header ('Content-Type: text/plain');
  62. echo $message;
  63. }
  64. exit;
  65. }
  66. function rss_session_begin($user_id, $user_ip, $page_id)
  67. {
  68. global $db, $board_config,$HTTP_SERVER_VARS;
  69. $page_id = (int) $page_id;
  70. $user_id= (int) $user_id;
  71. $password=md5($HTTP_SERVER_VARS['PHP_AUTH_PW']);
  72. $last_visit = 0;
  73. $current_time = time();
  74. $expiry_time = $current_time - $board_config['session_length'];
  75. $sql = "SELECT *
  76. FROM " . USERS_TABLE . "
  77. WHERE user_id = $user_id";
  78. if ( !($result = $db->sql_query($sql)) )
  79. {
  80. ExitWithHeader('500 Internal Server Error','Could not obtain lastvisit data from user table');
  81. }
  82. $userdata = $db->sql_fetchrow($result);
  83. if(($user_id!=ANONYMOUS) && (!$userdata || ($password != $userdata['user_password'])))
  84. {
  85. ExitWithHeader('500 Internal Server Error','Error while create session');
  86. }
  87. $login=( $user_id != ANONYMOUS )?1:0;
  88.  
  89. //
  90. // Initial ban check against user id, IP and email address
  91. //
  92. preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts);
  93.  
  94. $sql = "SELECT ban_ip, ban_userid, ban_email
  95. FROM " . BANLIST_TABLE . "
  96. WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff')
  97. OR ban_userid = $user_id";
  98. if ( $user_id != ANONYMOUS )
  99. {
  100. $sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "'
  101. OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'";
  102. }
  103. if ( !($result = $db->sql_query($sql)) )
  104. {
  105. ExitWithHeader("500 Internal Server Error","Could not obtain ban information");
  106. }
  107.  
  108. if ( $ban_info = $db->sql_fetchrow($result) )
  109. {
  110. if ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] )
  111. {
  112. ExitWithHeader("403 Forbidden","You been banned");
  113. }
  114. }
  115.  
  116. list($sec, $usec) = explode(' ', microtime());
  117. mt_srand((float) $sec + ((float) $usec * 100000));
  118. $session_id = md5(uniqid(mt_rand(), true));
  119. $sql = "INSERT INTO " . SESSIONS_TABLE . "
  120. (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
  121. VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, 0)";
  122. if ( !$db->sql_query($sql) )
  123. {
  124. ExitWithHeader("500 Internal Server Error","Error creating new session");
  125. }
  126. $last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
  127. $sql = "UPDATE " . USERS_TABLE . " SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit ";
  128. if(LV_MOD_INSTALLED) $sql.= ",user_lastlogon=$current_time, user_totallogon=user_totallogon+1";
  129. $sql .=" WHERE user_id = $user_id";
  130. if ( !$db->sql_query($sql) )
  131. {
  132. ExitWithHeader("500 Internal Server Error",'Error updating last visit time');
  133. }
  134.  
  135. $userdata['user_lastvisit'] = $last_visit;
  136. $userdata['session_id'] = $session_id;
  137. $userdata['session_ip'] = $user_ip;
  138. $userdata['session_user_id'] = $user_id;
  139. $userdata['session_logged_in'] = $login;
  140. $userdata['session_page'] = $page_id;
  141. $userdata['session_start'] = $current_time;
  142. $userdata['session_time'] = $current_time;
  143. $userdata['session_admin'] = 0;
  144. $userdata['session_key']='';
  145. $SID = 'sid=' . $session_id;
  146. define('TEMP_SESSION',true);
  147. return $userdata;
  148. }
  149. function rss_session_end()
  150. {
  151. global $db, $userdata;
  152. $session_id=$userdata['session_id'];
  153. $user_id=$userdata['user_id'];
  154. $sql = 'DELETE FROM ' . SESSIONS_TABLE . "
  155. WHERE session_id = '$session_id'
  156. AND session_user_id = $user_id";
  157. if ( !$db->sql_query($sql) )
  158. {
  159. ExitWithHeader("500 Internal Server Error","Error delete session");
  160. }
  161. }
  162. function rss_get_user()
  163. {
  164. global $db, $HTTP_SERVER_VARS, $HTTP_GET_VARS;
  165. if((!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || !isset($HTTP_SERVER_VARS['PHP_AUTH_PW']))
  166. && isset($HTTP_SERVER_VARS['REMOTE_USER']) && preg_match('/Basic\s+(.*)$/i', $HTTP_SERVER_VARS['REMOTE_USER'], $matches)) {
  167. list($name, $password) = explode(':', base64_decode($matches[1]), 2);
  168. $HTTP_SERVER_VARS['PHP_AUTH_USER'] = strip_tags($name);
  169. $HTTP_SERVER_VARS['PHP_AUTH_PW'] = strip_tags($password);
  170. }
  171. if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
  172. $username=phpbb_clean_username($HTTP_SERVER_VARS['PHP_AUTH_USER']);
  173. $password=md5($HTTP_SERVER_VARS['PHP_AUTH_PW']);
  174. if(isset($HTTP_GET_VARS['uid'])){
  175. $uid=intval($HTTP_GET_VARS['uid']);
  176. $sql = "SELECT * FROM " . USERS_TABLE . " WHERE user_id = $uid";
  177. }
  178. else
  179. $sql = "SELECT user_id, username, user_password, user_active, user_level
  180. FROM " . USERS_TABLE . "
  181. WHERE username = '" . str_replace("\\'", "''", $username) . "'";
  182.  
  183. if ( !($result = $db->sql_query($sql)) )
  184. {
  185. message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
  186. }
  187. if( $row = $db->sql_fetchrow($result) )
  188. {
  189. if( $password == $row['user_password'] && $row['user_active'] )
  190. {
  191. // Yes!!! It's good user
  192. return $row['user_id'];
  193. }
  194. else GetHTTPPasswd();
  195. }
  196. }
  197. else GetHTTPPasswd();
  198. return ANONYMOUS;
  199. }
  200. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!