forums/htdocs/common.php

<?php
/***************************************************************************
 *                                common.php
 *                            -------------------
 *   begin                : Saturday, Feb 23, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: common.php,v 1.9 2009/07/30 06:38:50 desultory Exp $
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
        die("Hacking attempt");
}

//
error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

// The following code (unsetting globals)
// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files

// PHP5 with register_long_arrays off?
if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))
{
        $HTTP_POST_VARS = $_POST;
        $HTTP_GET_VARS = $_GET;
        $HTTP_SERVER_VARS = $_SERVER;
        $HTTP_COOKIE_VARS = $_COOKIE;
        $HTTP_ENV_VARS = $_ENV;
        $HTTP_POST_FILES = $_FILES;

        // _SESSION is the only superglobal which is conditionally set
        if (isset($_SESSION))
        {
                $HTTP_SESSION_VARS = $_SESSION;
        }
}

// Protect against GLOBALS tricks
if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']))
{
        die("Hacking attempt");
}

// Protect against HTTP_SESSION_VARS tricks
if (isset($HTTP_SESSION_VARS) && !is_array($HTTP_SESSION_VARS))
{
        die("Hacking attempt");
}

if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
        // PHP4+ path
        
        // phpbb 2.0.12 >
        $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
        // < phpbb 2.0.12

        // Not only will array_merge give a warning if a parameter
        // is not an array, it will actually fail. So we check if
        // HTTP_SESSION_VARS has been initialised.
        if (!isset($HTTP_SESSION_VARS) || !is_array($HTTP_SESSION_VARS))
        {
                $HTTP_SESSION_VARS = array();
        }

        // Merge all into one extremely huge array; unset
        // this later
        $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);

        unset($input['input']);
        unset($input['not_unset']);

        while (list($var,) = @each($input))
        {
                if (in_array($var, $not_unset))
                {
                        die('Hacking attempt!');
                }
                unset($$var);
        }
        // < phpbb 2.0.12

        unset($input);
}

//
// addslashes to vars if magic_quotes_gpc is off
// this is a security precaution to prevent someone
// trying to break out of a SQL statement.
//
if( !get_magic_quotes_gpc() )
{
        if( is_array($HTTP_GET_VARS) )
        {
                while( list($k, $v) = each($HTTP_GET_VARS) )
                {
                        if( is_array($HTTP_GET_VARS[$k]) )
                        {
                                while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
                                {
                                        $HTTP_GET_VARS[$k][$k2] = addslashes($v2);
                                }
                                @reset($HTTP_GET_VARS[$k]);
                        }
                        else
                        {
                                $HTTP_GET_VARS[$k] = addslashes($v);
                        }
                }
                @reset($HTTP_GET_VARS);
        }

        if( is_array($HTTP_POST_VARS) )
        {
                while( list($k, $v) = each($HTTP_POST_VARS) )
                {
                        if( is_array($HTTP_POST_VARS[$k]) )
                        {
                                while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
                                {
                                        $HTTP_POST_VARS[$k][$k2] = addslashes($v2);
                                }
                                @reset($HTTP_POST_VARS[$k]);
                        }
                        else
                        {
                                $HTTP_POST_VARS[$k] = addslashes($v);
                        }
                }
                @reset($HTTP_POST_VARS);
        }

        if( is_array($HTTP_COOKIE_VARS) )
        {
                while( list($k, $v) = each($HTTP_COOKIE_VARS) )
                {
                        if( is_array($HTTP_COOKIE_VARS[$k]) )
                        {
                                while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
                                {
                                        $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
                                }
                                @reset($HTTP_COOKIE_VARS[$k]);
                        }
                        else
                        {
                                $HTTP_COOKIE_VARS[$k] = addslashes($v);
                        }
                }
                @reset($HTTP_COOKIE_VARS);
        }
}

//
// Define some basic configuration arrays this also prevents
// malicious rewriting of language and otherarray values via
// URI params
//
$board_config = array();
$userdata = array();
$theme = array();
$images = array();
$lang = array();
$nav_links = array();
$dss_seeded = false;
$gen_simple_header = FALSE;

include($phpbb_root_path . 'config.'.$phpEx);

if( !defined("PHPBB_INSTALLED") )
{
        header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx);
        exit;
}

include($phpbb_root_path . 'includes/constants.'.$phpEx);
include($phpbb_root_path . 'includes/template.'.$phpEx);
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
include($phpbb_root_path . 'includes/auth.'.$phpEx);
include($phpbb_root_path . 'includes/functions.'.$phpEx);
include($phpbb_root_path . 'includes/db.'.$phpEx);

// We do not need this any longer, unset for safety purposes
unset($dbpasswd);

//
// Obtain and encode users IP
//
// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
// private range IP's appearing instead of the guilty routable IP, tough, don't
// even bother complaining ... go scream and shout at the idiots out there who feel
// "clever" is doing harm rather than good ... karma is a great thing ... :)
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );

// Only trust a proxy on the same host as the server, but do not assume that it is always present.
if( $client_ip == '127.0.0.1' )
{
        $x_forwarded_for = ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : "";

        if( !empty($x_forwarded_for) ) // The client might actually be on the local host.
        {
                
                // Pull the last IP out and use it for client_ip, the last in the list being the one added by the most recent proxy.
                // The most recent proxy being the only one which is actually trusted to give correct information.
                $addrs = explode(', ',$x_forwarded_for);
                $client_ip = array_pop($addrs);
                
                // A better regex might be in order, but this should do for now.
                if(!preg_match('/^[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]$/',$client_ip))
                {
                        message_die(CRITICAL_ERROR, "Bad address from proxy: $client_ip");
                }
        }
}

$user_ip = encode_ip($client_ip);

//
// Setup forum wide options, if this fails
// then we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *
        FROM " . CONFIG_TABLE;
if( !($result = $db->sql_query($sql)) )
{
        message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
}

while ( $row = $db->sql_fetchrow($result) )
{
        $board_config[$row['config_name']] = $row['config_value'];
}

date_default_timezone_set('UTC');

// Auto lang mod start
// If someone spoofs the language setting, then init_userprefs() will use the default language, as the spoofed result can't be found
$language = '';
$supported_languages = array();
$accept_language = strtolower (getenv ('HTTP_ACCEPT_LANGUAGE'));
if (!empty ($accept_language))
{
        reset ($board_config);
        $needle = 'auto_lang_';
        $needle_length = strlen($needle);
        while (list ($key, $value) = each ($board_config))
        {
                if ((strstr($key, $needle)))
                {
                        $supported_languages[substr ($key, $needle_length)] = $value;
                }
        }
        reset ($board_config); // Avoid nasty surprises for other coders

        if (count ($supported_languages) > 0)
        {
                $accepted_languages = explode (',', $accept_language);
                reset ($accepted_languages);
                while (list(, $lng) = each ($accepted_languages))
                {
                        $pos = strpos ($lng, ';');
                        if ($pos > 0) // The ; never occurs on position 0 in this case (unless spoofed)
                        {
                                $lng = substr ($lng, 0, $pos);
                        }
                        $lng = trim ($lng);
                        if (!empty($lng))
                        {
                                if (isset($supported_languages[$lng]))
                                {
                                        $language = $supported_languages[$lng];
                                        break;
                                }
                                else if (strstr($lng,'-')) // A user can have entered '-' at pos 0, so strpos is out for PHP 3 compliance
                                {
                                        // break it up at the '-'
                                        $lng = substr($lng, 0, strpos($lng, '-'));
                                        if (!empty($lng) && isset($supported_languages[$lng]))
                                        {
                                                $language = $supported_languages[$lng];
                                                break;
                                        }
                                }
                        }
                }
        }
}
if (!empty ($language))
{
        $board_config['default_lang'] = $language;
}
// Auto lang mod end


// 2005-12-28 tomk - switch off debug mode if we're on fgo, fixes bug #116888
if ( isset($board_config['server_name']) && $board_config['server_name'] == "forums.gentoo.org" )
{
        define('DEBUG', 0);
}
else
{
        define('DEBUG', 1);
}

if (file_exists('install') || file_exists('contrib'))
{
        message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');
}

//
// Show 'Board is disabled' message if needed.
//
if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") )
{
        message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
}

?>
1	<?php
2	/***************************************************************************
3	* common.php
4	* -------------------
5	* begin : Saturday, Feb 23, 2001
6	* copyright : (C) 2001 The phpBB Group
7	* email : support@phpbb.com
8	*
9	* $Id: common.php,v 1.9 2009/07/30 06:38:50 desultory Exp $
10	*
11	***************************************************************************/
12
13	/***************************************************************************
14	*
15	* This program is free software; you can redistribute it and/or modify
16	* it under the terms of the GNU General Public License as published by
17	* the Free Software Foundation; either version 2 of the License, or
18	* (at your option) any later version.
19	*
20	***************************************************************************/
21
22	if ( !defined('IN_PHPBB') )
23	{
24	die("Hacking attempt");
25	}
26
27	//
28	error_reporting (E_ERROR \| E_WARNING \| E_PARSE); // This will NOT report uninitialized variables
29	set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
30
31	// The following code (unsetting globals)
32	// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files
33
34	// PHP5 with register_long_arrays off?
35	if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') \|\| @ini_get('register_long_arrays') == '0' \|\| strtolower(@ini_get('register_long_arrays')) == 'off'))
36	{
37	$HTTP_POST_VARS = $_POST;
38	$HTTP_GET_VARS = $_GET;
39	$HTTP_SERVER_VARS = $_SERVER;
40	$HTTP_COOKIE_VARS = $_COOKIE;
41	$HTTP_ENV_VARS = $_ENV;
42	$HTTP_POST_FILES = $_FILES;
43
44	// _SESSION is the only superglobal which is conditionally set
45	if (isset($_SESSION))
46	{
47	$HTTP_SESSION_VARS = $_SESSION;
48	}
49	}
50
51	// Protect against GLOBALS tricks
52	if (isset($HTTP_POST_VARS['GLOBALS']) \|\| isset($HTTP_POST_FILES['GLOBALS']) \|\| isset($HTTP_GET_VARS['GLOBALS']) \|\| isset($HTTP_COOKIE_VARS['GLOBALS']))
53	{
54	die("Hacking attempt");
55	}
56
57	// Protect against HTTP_SESSION_VARS tricks
58	if (isset($HTTP_SESSION_VARS) && !is_array($HTTP_SESSION_VARS))
59	{
60	die("Hacking attempt");
61	}
62
63	if (@ini_get('register_globals') == '1' \|\| strtolower(@ini_get('register_globals')) == 'on')
64	{
65	// PHP4+ path
66
67	// phpbb 2.0.12 >
68	$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
69	// < phpbb 2.0.12
70
71	// Not only will array_merge give a warning if a parameter
72	// is not an array, it will actually fail. So we check if
73	// HTTP_SESSION_VARS has been initialised.
74	if (!isset($HTTP_SESSION_VARS) \|\| !is_array($HTTP_SESSION_VARS))
75	{
76	$HTTP_SESSION_VARS = array();
77	}
78
79	// Merge all into one extremely huge array; unset
80	// this later
81	$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
82
83	unset($input['input']);
84	unset($input['not_unset']);
85
86	while (list($var,) = @each($input))
87	{
88	if (in_array($var, $not_unset))
89	{
90	die('Hacking attempt!');
91	}
92	unset($$var);
93	}
94	// < phpbb 2.0.12
95
96	unset($input);
97	}
98
99	//
100	// addslashes to vars if magic_quotes_gpc is off
101	// this is a security precaution to prevent someone
102	// trying to break out of a SQL statement.
103	//
104	if( !get_magic_quotes_gpc() )
105	{
106	if( is_array($HTTP_GET_VARS) )
107	{
108	while( list($k, $v) = each($HTTP_GET_VARS) )
109	{
110	if( is_array($HTTP_GET_VARS[$k]) )
111	{
112	while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
113	{
114	$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
115	}
116	@reset($HTTP_GET_VARS[$k]);
117	}
118	else
119	{
120	$HTTP_GET_VARS[$k] = addslashes($v);
121	}
122	}
123	@reset($HTTP_GET_VARS);
124	}
125
126	if( is_array($HTTP_POST_VARS) )
127	{
128	while( list($k, $v) = each($HTTP_POST_VARS) )
129	{
130	if( is_array($HTTP_POST_VARS[$k]) )
131	{
132	while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
133	{
134	$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
135	}
136	@reset($HTTP_POST_VARS[$k]);
137	}
138	else
139	{
140	$HTTP_POST_VARS[$k] = addslashes($v);
141	}
142	}
143	@reset($HTTP_POST_VARS);
144	}
145
146	if( is_array($HTTP_COOKIE_VARS) )
147	{
148	while( list($k, $v) = each($HTTP_COOKIE_VARS) )
149	{
150	if( is_array($HTTP_COOKIE_VARS[$k]) )
151	{
152	while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
153	{
154	$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
155	}
156	@reset($HTTP_COOKIE_VARS[$k]);
157	}
158	else
159	{
160	$HTTP_COOKIE_VARS[$k] = addslashes($v);
161	}
162	}
163	@reset($HTTP_COOKIE_VARS);
164	}
165	}
166
167	//
168	// Define some basic configuration arrays this also prevents
169	// malicious rewriting of language and otherarray values via
170	// URI params
171	//
172	$board_config = array();
173	$userdata = array();
174	$theme = array();
175	$images = array();
176	$lang = array();
177	$nav_links = array();
178	$dss_seeded = false;
179	$gen_simple_header = FALSE;
180
181	include($phpbb_root_path . 'config.'.$phpEx);
182
183	if( !defined("PHPBB_INSTALLED") )
184	{
185	header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx);
186	exit;
187	}
188
189	include($phpbb_root_path . 'includes/constants.'.$phpEx);
190	include($phpbb_root_path . 'includes/template.'.$phpEx);
191	include($phpbb_root_path . 'includes/sessions.'.$phpEx);
192	include($phpbb_root_path . 'includes/auth.'.$phpEx);
193	include($phpbb_root_path . 'includes/functions.'.$phpEx);
194	include($phpbb_root_path . 'includes/db.'.$phpEx);
195
196	// We do not need this any longer, unset for safety purposes
197	unset($dbpasswd);
198
199	//
200	// Obtain and encode users IP
201	//
202	// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
203	// private range IP's appearing instead of the guilty routable IP, tough, don't
204	// even bother complaining ... go scream and shout at the idiots out there who feel
205	// "clever" is doing harm rather than good ... karma is a great thing ... :)
206	$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
207
208	// Only trust a proxy on the same host as the server, but do not assume that it is always present.
209	if( $client_ip == '127.0.0.1' )
210	{
211	$x_forwarded_for = ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : "";
212
213	if( !empty($x_forwarded_for) ) // The client might actually be on the local host.
214	{
215
216	// Pull the last IP out and use it for client_ip, the last in the list being the one added by the most recent proxy.
217	// The most recent proxy being the only one which is actually trusted to give correct information.
218	$addrs = explode(', ',$x_forwarded_for);
219	$client_ip = array_pop($addrs);
220
221	// A better regex might be in order, but this should do for now.
222	if(!preg_match('/^[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]\.[12]?[0-9]?[0-9]$/',$client_ip))
223	{
224	message_die(CRITICAL_ERROR, "Bad address from proxy: $client_ip");
225	}
226	}
227	}
228
229	$user_ip = encode_ip($client_ip);
230
231	//
232	// Setup forum wide options, if this fails
233	// then we output a CRITICAL_ERROR since
234	// basic forum information is not available
235	//
236	$sql = "SELECT *
237	FROM " . CONFIG_TABLE;
238	if( !($result = $db->sql_query($sql)) )
239	{
240	message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
241	}
242
243	while ( $row = $db->sql_fetchrow($result) )
244	{
245	$board_config[$row['config_name']] = $row['config_value'];
246	}
247
248	date_default_timezone_set('UTC');
249
250	// Auto lang mod start
251	// If someone spoofs the language setting, then init_userprefs() will use the default language, as the spoofed result can't be found
252	$language = '';
253	$supported_languages = array();
254	$accept_language = strtolower (getenv ('HTTP_ACCEPT_LANGUAGE'));
255	if (!empty ($accept_language))
256	{
257	reset ($board_config);
258	$needle = 'auto_lang_';
259	$needle_length = strlen($needle);
260	while (list ($key, $value) = each ($board_config))
261	{
262	if ((strstr($key, $needle)))
263	{
264	$supported_languages[substr ($key, $needle_length)] = $value;
265	}
266	}
267	reset ($board_config); // Avoid nasty surprises for other coders
268
269	if (count ($supported_languages) > 0)
270	{
271	$accepted_languages = explode (',', $accept_language);
272	reset ($accepted_languages);
273	while (list(, $lng) = each ($accepted_languages))
274	{
275	$pos = strpos ($lng, ';');
276	if ($pos > 0) // The ; never occurs on position 0 in this case (unless spoofed)
277	{
278	$lng = substr ($lng, 0, $pos);
279	}
280	$lng = trim ($lng);
281	if (!empty($lng))
282	{
283	if (isset($supported_languages[$lng]))
284	{
285	$language = $supported_languages[$lng];
286	break;
287	}
288	else if (strstr($lng,'-')) // A user can have entered '-' at pos 0, so strpos is out for PHP 3 compliance
289	{
290	// break it up at the '-'
291	$lng = substr($lng, 0, strpos($lng, '-'));
292	if (!empty($lng) && isset($supported_languages[$lng]))
293	{
294	$language = $supported_languages[$lng];
295	break;
296	}
297	}
298	}
299	}
300	}
301	}
302	if (!empty ($language))
303	{
304	$board_config['default_lang'] = $language;
305	}
306	// Auto lang mod end
307
308
309	// 2005-12-28 tomk - switch off debug mode if we're on fgo, fixes bug #116888
310	if ( isset($board_config['server_name']) && $board_config['server_name'] == "forums.gentoo.org" )
311	{
312	define('DEBUG', 0);
313	}
314	else
315	{
316	define('DEBUG', 1);
317	}
318
319	if (file_exists('install') \|\| file_exists('contrib'))
320	{
321	message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');
322	}
323
324	//
325	// Show 'Board is disabled' message if needed.
326	//
327	if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") )
328	{
329	message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
330	}
331
332	?>